From 0011afae26ce8f51b964ddc47d8d4b4f80830a4c Mon Sep 17 00:00:00 2001 From: wrider Date: Sun, 27 Oct 2019 17:07:48 -0400 Subject: [PATCH] Moving dev back to LF Gerrit Change-Id: Id51d8e256c2872a45878a8c47f5ad5d23b82c50a Signed-off-by: wrider --- README.md | 79 +- .../RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE | 39 - RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE | 212 ++++-- RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE | 35 +- RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE | 53 +- bin/deploy-ric-infra | 7 + bin/prepull-images | 5 + ric-aux/80-Auxiliary-Functions/bin/install | 14 +- ric-aux/80-Auxiliary-Functions/bin/installOnap | 147 ---- ric-aux/80-Auxiliary-Functions/bin/uninstall | 2 +- .../helm/{mrsub => }/.helmignore | 0 .../aaf/charts/aaf-cass/templates/deployment.yaml | 6 +- .../aaf/charts/aaf-cm/templates/deployment.yaml | 6 +- .../aaf/charts/aaf-fs/templates/deployment.yaml | 6 +- .../aaf/charts/aaf-gui/templates/deployment.yaml | 6 +- .../aaf/charts/aaf-hello/templates/deployment.yaml | 6 +- .../charts/aaf-locate/templates/deployment.yaml | 6 +- .../aaf/charts/aaf-oauth/templates/deployment.yaml | 6 +- .../charts/aaf-service/templates/deployment.yaml | 6 +- .../charts/aaf-sms-quorumclient/templates/pv.yaml | 15 + .../templates/statefulset.yaml | 6 +- .../charts/aaf-sms-quorumclient/values.yaml | 1 + .../aaf-sms/charts/aaf-sms-vault/templates/pv.yaml | 15 + .../aaf-sms-vault/templates/statefulset.yaml | 8 +- .../aaf-sms/charts/aaf-sms-vault/values.yaml | 1 + .../aaf/charts/aaf-sms/templates/deployment.yaml | 15 +- .../helm/aaf/charts/aaf-sms/templates/job.yaml | 9 +- .../helm/aaf/charts/aaf-sms/templates/pv.yaml | 18 +- .../helm/aaf/charts/aaf-sms/templates/pvc.yaml | 3 - .../helm/aaf/charts/aaf-sms/values.yaml | 1 + .../aaf-sshsm-abrmd/templates/statefulset.yaml | 6 +- .../charts/aaf-sshsm-distcenter/templates/pv.yaml | 17 +- .../charts/aaf-sshsm-distcenter/values.yaml | 1 + .../helm/aaf/charts/aaf-sshsm/templates/pv.yaml | 30 + .../helm/aaf/charts/aaf-sshsm/values.yaml | 2 +- .../helm/aaf/templates/aaf-config-pv.yaml | 8 + .../helm/aaf/templates/aaf-status-pv.yaml | 8 + .../helm/dashboard/Chart.yaml | 2 +- .../helm/dashboard/templates/_gen-cert.tpl | 28 + .../helm/dashboard/templates/_genurl.tpl | 1 + .../helm/dashboard/templates/appconfig.yaml | 10 + .../helm/dashboard/templates/deployment.yaml | 11 +- .../helm/dashboard/templates/ingress.yaml | 28 +- .../helm/dashboard/templates/secret.yaml | 32 + .../helm/dashboard/values.yaml | 28 +- .../helm/mc-stack}/.helmignore | 1 - .../helm/mc-stack}/Chart.yaml | 8 +- .../helm/mc-stack/charts/elasticsearch/.helmignore | 2 + .../helm/mc-stack/charts/elasticsearch/Chart.yaml | 27 + .../helm/mc-stack/charts/elasticsearch/Makefile | 7 +- .../helm/mc-stack/charts/elasticsearch/README.md | 265 +++++++ .../charts/elasticsearch/examples/6.x/Makefile | 15 + .../elasticsearch/examples/6.x/test/goss.yaml | 17 + .../charts/elasticsearch/examples/6.x/values.yaml | 4 + .../charts/elasticsearch/examples/default/Makefile | 16 + .../examples/default/rolling_upgrade.sh | 19 + .../elasticsearch/examples/default/test/goss.yaml | 39 + .../elasticsearch/examples/docker-for-mac/Makefile | 12 + .../examples/docker-for-mac/values.yaml | 23 + .../elasticsearch/examples/migration/Makefile | 10 + .../elasticsearch/examples/migration/README.md | 86 +++ .../elasticsearch/examples/migration/client.yml | 23 + .../elasticsearch/examples/migration/data.yml | 17 + .../elasticsearch/examples/migration/master.yml | 26 + .../elasticsearch/examples/minikube/Makefile | 12 + .../elasticsearch/examples/minikube/values.yaml | 23 + .../charts/elasticsearch/examples/multi/Makefile | 16 + .../charts/elasticsearch/examples/multi/data.yml | 9 + .../charts/elasticsearch/examples/multi/master.yml | 9 + .../elasticsearch/examples/multi/test/goss.yaml | 9 + .../charts/elasticsearch/examples/oss/Makefile | 12 + .../elasticsearch/examples/oss/test/goss.yaml | 17 + .../charts/elasticsearch/examples/oss/values.yaml | 4 + .../elasticsearch/examples/security/Makefile | 31 + .../elasticsearch/examples/security/security.yml | 38 + .../elasticsearch/examples/security/test/goss.yaml | 45 ++ .../charts/elasticsearch/examples/upgrade/Makefile | 25 + .../elasticsearch/examples/upgrade/test/goss.yaml | 17 + .../charts/elasticsearch/templates/_helpers.tpl | 65 ++ .../charts/elasticsearch/templates/configmap.yaml | 32 + .../charts/elasticsearch/templates/ingress.yaml | 50 +- .../templates/poddisruptionbudget.yaml | 28 + .../charts/elasticsearch/templates/service.yaml | 68 ++ .../elasticsearch/templates/statefulset.yaml | 310 ++++++++ .../templates/test/test-elasticsearch-health.yaml | 34 + .../helm/mc-stack/charts/elasticsearch/values.yaml | 228 ++++++ .../helm/mc-stack/charts/kibana/.helmignore | 2 + .../helm/mc-stack/charts/kibana/Chart.yaml | 27 + .../helm/mc-stack/charts/kibana/Makefile | 7 +- .../helm/mc-stack/charts/kibana/README.md | 134 ++++ .../mc-stack/charts/kibana/examples/6.x/Makefile | 12 + .../charts/kibana/examples/6.x/test/goss.yaml | 10 + .../mc-stack/charts/kibana/examples/6.x/values.yml | 4 + .../charts/kibana/examples/default/Makefile | 13 + .../charts/kibana/examples/default/test/goss.yaml | 14 + .../mc-stack/charts/kibana/examples/oss/Makefile | 12 + .../charts/kibana/examples/oss/test/goss.yaml | 4 + .../mc-stack/charts/kibana/examples/oss/values.yml | 4 + .../charts/kibana/examples/security/Makefile | 17 + .../charts/kibana/examples/security/security.yml | 38 + .../charts/kibana/examples/security/test/goss.yaml | 27 + .../mc-stack/charts/kibana/templates/_helpers.tpl | 32 + .../charts/kibana/templates/configmap.yaml | 31 + .../charts/kibana/templates/deployment.yaml | 139 ++++ .../mc-stack/charts/kibana/templates/ingress.yaml | 47 +- .../mc-stack/charts/kibana/templates/service.yaml | 27 +- .../helm/mc-stack/charts/kibana/values.yaml | 152 ++++ .../charts/logstash}/.helmignore | 42 +- .../helm/mc-stack/charts/logstash/Chart.yaml | 33 + .../helm/mc-stack/charts/logstash/OWNERS | 6 + .../helm/mc-stack/charts/logstash/README.md | 126 ++++ .../mc-stack/charts/logstash/templates/NOTES.txt | 21 + .../charts/logstash/templates/_helpers.tpl | 8 +- .../charts/logstash/templates/files-config.yaml | 35 + .../charts/logstash/templates/ingress.yaml | 54 ++ .../charts/logstash/templates/patterns-config.yaml | 30 + .../charts/logstash/templates/pipeline-config.yaml | 40 ++ .../logstash/templates/poddisruptionbudget.yaml | 31 + .../charts/logstash/templates/service.yaml | 59 ++ .../charts/logstash/templates/statefulset.yaml | 189 +++++ .../helm/mc-stack/charts/logstash/values.yaml | 798 +++++++++++++++++++++ .../helm/mc-stack/requirements.yaml | 26 + .../helm/mc-stack/values.yaml | 31 + .../message-router-kafka/templates/service.yaml | 2 +- .../templates/statefulset.yaml | 10 +- .../templates/poddisruptionbudget.yaml | 2 +- .../templates/statefulset.yaml | 12 +- .../helm/message-router/templates/statefulset.yaml | 6 +- .../helm/message-router/values.yaml | 21 + .../80-Auxiliary-Functions/helm/onap/Chart.yaml | 23 - .../helm/onap/requirements.yaml | 21 - .../helm/onap/resources/environments/dev.yaml | 144 ---- .../resources/environments/disable-allcharts.yaml | 85 --- .../onap/resources/environments/minimal-onap.yaml | 178 ----- .../onap/resources/environments/public-cloud.yaml | 162 ----- .../helm/onap/resources/overrides/environment.yaml | 225 ------ .../overrides/onap-all-ingress-nginx.yaml | 80 --- .../helm/onap/resources/overrides/onap-all.yaml | 78 -- .../helm/onap/resources/overrides/onap-vfw.yaml | 55 -- .../helm/onap/resources/overrides/openstack.yaml | 62 -- .../helm/onap/templates/_helper.tpl | 33 - .../helm/onap/templates/clusterrolebinding.yaml | 32 - .../helm/onap/templates/secrets.yaml | 27 - .../helm/onap/templates/storageclass.yaml | 34 - .../80-Auxiliary-Functions/helm/onap/values.yaml | 23 - .../properties/ONAPPORTAL/system.properties | 4 +- .../charts/portal-app/templates/deployment.yaml | 10 +- .../helm/portal/charts/portal-app/values.yaml | 1 + .../portal-cassandra/templates/deployment.yaml | 6 +- .../charts/portal-cassandra/templates/pv.yaml | 15 + .../portal/charts/portal-cassandra/values.yaml | 2 + .../resources/config/mariadb/oom_updates.sql | 16 +- .../portal-mariadb/templates/deployment.yaml | 8 +- .../helm/portal/charts/portal-mariadb/values.yaml | 14 +- .../helm/portal/charts/portal-sdk/Chart.yaml | 4 - .../properties/ONAPPORTALSDK/fusion.properties | 49 -- .../properties/ONAPPORTALSDK/logback.xml | 222 ------ .../properties/ONAPPORTALSDK/music.properties | 35 - .../properties/ONAPPORTALSDK/portal.properties | 60 -- .../properties/ONAPPORTALSDK/system.properties | 83 --- .../portal/charts/portal-sdk/templates/NOTES.txt | 33 - .../charts/portal-sdk/templates/configmap.yaml | 27 - .../charts/portal-sdk/templates/deployment.yaml | 131 ---- .../charts/portal-sdk/templates/service.yaml | 41 -- .../helm/portal/charts/portal-sdk/values.yaml | 116 --- .../helm/portal/charts/portal-widget/.helmignore | 21 - .../helm/portal/charts/portal-widget/Chart.yaml | 4 - .../properties/ONAPWIDGETMS/application.properties | 33 - .../properties/ONAPWIDGETMS/application.yml | 17 - .../charts/portal-widget/templates/NOTES.txt | 33 - .../charts/portal-widget/templates/configmap.yaml | 27 - .../charts/portal-widget/templates/deployment.yaml | 98 --- .../charts/portal-widget/templates/service.yaml | 41 -- .../helm/portal/charts/portal-widget/values.yaml | 89 --- .../portal-zookeeper/templates/deployment.yaml | 6 +- .../80-Auxiliary-Functions/helm/portal/values.yaml | 2 + ric-aux/80-Auxiliary-Functions/helm/ves/Chart.yaml | 2 +- .../helm/ves/resources/collector.properties | 77 ++ .../helm/ves/templates/configmap.yaml | 12 +- .../helm/ves/templates/ingress-ves.yaml | 2 +- .../helm/ves/templates/ves-deployment.yaml | 14 +- .../helm/ves/templates/ves-service.yaml | 82 +-- .../80-Auxiliary-Functions/helm/ves/values.yaml | 2 +- ric-aux/README.md | 30 +- .../Common-Template/helm/ric-common/Chart.yaml | 2 +- .../helm/ric-common/templates/_configmapname.tpl | 9 +- .../helm/ric-common/templates/_containername.tpl | 9 +- .../helm/ric-common/templates/_deploymentname.tpl | 9 +- .../helm/ric-common/templates/_e2term.tpl | 83 +++ .../helm/ric-common/templates/_esreader.tpl | 67 ++ .../ric-common/templates/_ingresscontroller.tpl | 15 + .../helm/ric-common/templates/_ingressname.tpl | 10 + .../helm/ric-common/templates/_kongpath.tpl | 2 +- .../helm/ric-common/templates/_logstash.tpl | 57 ++ .../helm/ric-common/templates/_message-router.tpl | 58 ++ .../helm/ric-common/templates/_mrsub.tpl | 57 +- .../helm/ric-common/templates/_name.tpl | 38 +- .../helm/ric-common/templates/_ports.tpl | 31 +- .../ric-common/templates/_serviceaccountname.tpl | 5 +- .../helm/ric-common/templates/_servicename.tpl | 22 +- ric-infra/00-Kubernetes/bin/gen-cloud-init.sh | 36 +- ric-infra/00-Kubernetes/etc/infra.rc | 7 +- .../00-Kubernetes/heat/scripts/k8s_vm_install.sh | 149 ++-- .../helm/chartmuseum/templates/deployment.yaml | 2 +- .../helm/chartmuseum/templates/ingress.yaml | 2 +- ric-infra/20-Monitoring/helm/elfkp/values.yaml | 30 +- ric-infra/30-Kong/bin/install | 4 - ric-infra/30-Kong/helm/kong/Chart.yaml | 16 + ric-infra/30-Kong/helm/kong/charts/kong/Chart.yaml | 22 +- ric-infra/30-Kong/helm/kong/charts/kong/README.md | 185 ++--- .../kong/charts/kong/charts/cassandra/Chart.yaml | 1 + .../kong/charts/kong/charts/postgresql/Chart.yaml | 1 + .../postgresql/templates/statefulset-slaves.yaml | 2 +- .../charts/postgresql/templates/statefulset.yaml | 2 +- ...-no-kic-internal-declarative-config-values.yaml | 39 + .../kong/charts/kong/ci/dbless-no-kic-values.yaml | 21 + .../helm/kong/charts/kong/ci/dbless-values.yaml | 29 + .../30-Kong/helm/kong/charts/kong/ci/dbless.yaml | 7 - .../helm/kong/charts/kong/ci/default-values.yaml | 64 +- .../kong/charts/kong/ci/loadbalancer-values.yaml | 6 + .../helm/kong/charts/kong/requirements.yaml | 16 + .../helm/kong/charts/kong/templates/_helpers.tpl | 5 + .../templates/config-custom-server-blocks.yaml | 29 + .../kong/charts/kong/templates/config-dbless.yaml | 16 + .../kong/templates/controller-cluster-role.yaml | 12 +- .../kong/templates/controller-deployment.yaml | 4 +- .../kong/charts/kong/templates/controller-pdb.yaml | 20 + .../kong/charts/kong/templates/deployment.yaml | 53 +- .../kong/charts/kong/templates/ingress-admin.yaml | 4 +- .../charts/kong/templates/ingress-manager.yaml | 2 +- .../charts/kong/templates/ingress-portal-api.yaml | 2 +- .../kong/charts/kong/templates/ingress-portal.yaml | 2 +- .../kong/charts/kong/templates/ingress-proxy.yaml | 2 +- .../kong/templates/migrations-post-upgrade.yaml | 2 +- .../kong/templates/migrations-pre-upgrade.yaml | 2 +- .../kong/charts/kong/templates/migrations.yaml | 2 +- .../helm/kong/charts/kong/templates/pdb.yaml | 20 + .../kong/charts/kong/templates/servicemonitor.yaml | 29 + .../30-Kong/helm/kong/charts/kong/values.yaml | 64 +- ric-infra/30-Kong/helm/kong/requirements.yaml | 3 +- ric-infra/30-Kong/helm/kong/values.yaml | 16 + .../xapp-tiller/templates/deployment-tiller.yaml | 6 +- ric-infra/README.md | 54 +- ric-platform/50-RIC-Platform/bin/install | 2 +- ric-platform/50-RIC-Platform/bin/uninstall | 2 +- .../a1mediator/templates/ingress-a1mediator.yaml | 2 +- .../helm/appmgr/templates/ingress-appmgr.yaml | 2 +- .../helm/appmgr/templates/serviceaccount.yaml | 2 +- .../helm/dbaas/templates/deployment.yaml | 55 -- .../helm/e2mgr/templates/configmap.yaml | 75 +- .../helm/e2mgr/templates/deployment.yaml | 6 + .../50-RIC-Platform/helm/e2mgr/templates/env.yaml | 1 + .../helm/e2mgr/templates/ingress-e2mgr.yaml | 2 +- .../helm/e2term/resources/cleaner.sh | 25 + .../helm/e2term/resources/configfile.properties | 18 + .../helm/e2term/resources/pizpub.crontab | 18 + .../helm/e2term/templates/configmap-pizpub.yaml | 24 + .../helm/e2term/templates/configmap.yaml | 24 +- .../helm/e2term/templates/deployment.yaml | 47 ++ .../helm/e2term/templates/e2term-pv.yaml | 31 + .../helm/e2term/templates/e2term-pvc.yaml | 28 + .../50-RIC-Platform/helm/e2term/templates/env.yaml | 4 +- .../50-RIC-Platform/helm/e2term/values.yaml | 20 +- .../50-RIC-Platform/helm/jaegeradapter/.helmignore | 37 + .../50-RIC-Platform/helm/jaegeradapter/Chart.yaml | 19 + .../{dbaas => jaegeradapter}/requirements.yaml | 4 +- .../jaegeradapter/templates/agent-service.yaml | 43 ++ .../jaegeradapter/templates/collector-service.yaml | 43 ++ .../helm/jaegeradapter/templates/deployment.yaml | 84 +++ .../helm/jaegeradapter/templates/env.yaml | 11 + .../jaegeradapter/templates/query-service.yaml | 35 + .../50-RIC-Platform/helm/jaegeradapter/values.yaml | 38 + .../helm/rtmgr/templates/config.yaml | 6 +- .../helm/rtmgr/templates/deployment.yaml | 2 + .../helm/submgr/templates/configmap.yaml | 35 + .../helm/submgr/templates/deployment.yaml | 12 + .../50-RIC-Platform/helm/submgr/templates/env.yaml | 4 +- .../50-RIC-Platform/helm/submgr/values.yaml | 2 +- .../helm/vespamgr/templates/deployment.yaml | 14 +- .../helm/vespamgr/templates/secret.yaml | 5 +- .../50-RIC-Platform/helm/vespamgr/values.yaml | 2 +- ric-platform/README.md | 27 +- ric-xapps/90-xApps/bin/install | 170 ----- .../90-xApps/helm/xapp-std/templates/_helpers.tpl | 77 -- .../helm/xapp-std/templates/appconfig.yaml | 32 - .../helm/xapp-std/templates/deployment.yaml | 73 -- ric-xapps/90-xApps/helm/xapp-std/values.yaml | 74 -- ric-xapps/README.md | 9 - 288 files changed, 6676 insertions(+), 3744 deletions(-) delete mode 100755 RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE delete mode 100755 ric-aux/80-Auxiliary-Functions/bin/installOnap rename ric-aux/80-Auxiliary-Functions/helm/{mrsub => }/.helmignore (100%) create mode 100644 ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_gen-cert.tpl rename ric-xapps/90-xApps/helm/xapp-std/templates/appenv.yaml => ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/ingress.yaml (72%) create mode 100644 ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/secret.yaml rename {ric-xapps/90-xApps/helm/xapp-std => ric-aux/80-Auxiliary-Functions/helm/mc-stack}/.helmignore (97%) mode change 100644 => 100755 rename {ric-xapps/90-xApps/helm/xapp-std => ric-aux/80-Auxiliary-Functions/helm/mc-stack}/Chart.yaml (89%) mode change 100644 => 100755 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Chart.yaml rename ric-xapps/90-xApps/etc/xapp.conf => ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Makefile (87%) mode change 100644 => 100755 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/README.md create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/rolling_upgrade.sh create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/README.md create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/client.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/data.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/master.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/data.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/master.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/_helpers.tpl create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/configmap.yaml rename ric-platform/50-RIC-Platform/helm/dbaas/templates/service.yaml => ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/ingress.yaml (59%) mode change 100644 => 100755 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/poddisruptionbudget.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/statefulset.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Chart.yaml rename ric-platform/50-RIC-Platform/helm/dbaas/Chart.yaml => ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Makefile (84%) mode change 100644 => 100755 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/README.md create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/values.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/values.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/Makefile create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/security.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/test/goss.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/_helpers.tpl create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/deployment.yaml rename ric-xapps/90-xApps/helm/xapp-std/templates/service-rmr.yaml => ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/ingress.yaml (63%) mode change 100644 => 100755 rename ric-xapps/90-xApps/helm/xapp-std/templates/service-http.yaml => ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/service.yaml (70%) mode change 100644 => 100755 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/values.yaml rename ric-aux/80-Auxiliary-Functions/helm/{portal/charts/portal-sdk => mc-stack/charts/logstash}/.helmignore (94%) create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/OWNERS create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/README.md create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/NOTES.txt rename ric-platform/50-RIC-Platform/helm/dbaas/templates/_helper.tpl => ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/_helpers.tpl (92%) mode change 100644 => 100755 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/files-config.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/ingress.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/patterns-config.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/pipeline-config.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/poddisruptionbudget.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/statefulset.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/requirements.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/mc-stack/values.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml delete mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml delete mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/ves/resources/collector.properties create mode 100644 ric-common/Common-Template/helm/ric-common/templates/_e2term.tpl create mode 100644 ric-common/Common-Template/helm/ric-common/templates/_esreader.tpl create mode 100644 ric-common/Common-Template/helm/ric-common/templates/_logstash.tpl create mode 100644 ric-common/Common-Template/helm/ric-common/templates/_message-router.tpl rename ric-platform/50-RIC-Platform/helm/dbaas/values.yaml => ric-common/Common-Template/helm/ric-common/templates/_mrsub.tpl (51%) create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-internal-declarative-config-values.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-values.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-values.yaml delete mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/templates/config-custom-server-blocks.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/templates/config-dbless.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-pdb.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/templates/pdb.yaml create mode 100755 ric-infra/30-Kong/helm/kong/charts/kong/templates/servicemonitor.yaml delete mode 100644 ric-platform/50-RIC-Platform/helm/dbaas/templates/deployment.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/e2term/resources/cleaner.sh create mode 100644 ric-platform/50-RIC-Platform/helm/e2term/resources/configfile.properties create mode 100644 ric-platform/50-RIC-Platform/helm/e2term/resources/pizpub.crontab create mode 100644 ric-platform/50-RIC-Platform/helm/e2term/templates/configmap-pizpub.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pv.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pvc.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/.helmignore create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/Chart.yaml rename ric-platform/50-RIC-Platform/helm/{dbaas => jaegeradapter}/requirements.yaml (92%) create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/agent-service.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/collector-service.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/deployment.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/env.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/query-service.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/jaegeradapter/values.yaml create mode 100644 ric-platform/50-RIC-Platform/helm/submgr/templates/configmap.yaml delete mode 100755 ric-xapps/90-xApps/bin/install delete mode 100644 ric-xapps/90-xApps/helm/xapp-std/templates/_helpers.tpl delete mode 100644 ric-xapps/90-xApps/helm/xapp-std/templates/appconfig.yaml delete mode 100644 ric-xapps/90-xApps/helm/xapp-std/templates/deployment.yaml delete mode 100644 ric-xapps/90-xApps/helm/xapp-std/values.yaml delete mode 100644 ric-xapps/README.md diff --git a/README.md b/README.md index 6b84be25..02860d78 100644 --- a/README.md +++ b/README.md @@ -7,7 +7,7 @@ This repo contains RAN Intelligent Controller (RIC) deployments related files. The RIC deployment scripts are designed to deploy RIC components using helm charts. A deployment recipe yaml file that contains parameter key:value pairs can be provided as a parameter for any deployment script in this repository. The -deployment recipe is acting as the helm override value.yaml file. If no deployment recipe is provided, defaul parameters +deployment recipe is acting as the helm override values.yaml file. If no deployment recipe is provided, default parameters are used. The default parameters are set up to deploy a RIC instance using Linux Foundation repositories in a self-contained environment. @@ -15,19 +15,21 @@ self-contained environment. ### Directory Structure . ├── bin +├── ci ├── etc ├── LICENSES.txt License information ├── README.md This file ├── RECIPE_EXAMPLE Directory that contains deploy recipe examples -├── ric-aux Deployment scripts, charts and configuration files for RIC auxiliry functions +├── ric-aux Deployment scripts, charts and configuration files for RIC auxilary functions +├── ric-common Deployment scripts, charts and configuration files for RIC common template ├── ric-infra Deployment scripts, charts and configuration files for infrastructure support ├── ric-platform Deployment scripts, charts and configuration files for RIC platform components └── ric-xapps xApp related scripts, charts and configuration files ### Directory Naming Convention -The root directories are orgainzed according to the deployment plans. Each directory contains subdirectories for -different deployable components. The prefix of these subdirectories represents the deployment order. The smaller the +The root directories are organized according to the deployment plans. Each directory contains subdirectories for +different deployable components. The prefixes of these subdirectories represent the deployment order. The smaller the prefix number the eariler the corresponding component will be deployed. Consider the following example, ├── ric-aux │   ├── 80-Auxiliary-Functions @@ -37,23 +39,76 @@ prefix number the eariler the corresponding component will be deployed. Conside │   ├── 00-Kubernetes │   ├── 10-Nexus │   ├── 20-Monitoring +│   ├── 30-Kong │   ├── 40-Credential +│   ├── 45-Tiller │   └── README.md ├── ric-platform │   ├── 50-RIC-Platform │   ├── 55-Ext-Services │   └── README.md +├── ric-aux +│   ├── 80-Auxiliary-Functions +│   ├── 85-Ext-Services +│   └── README.md └── ric-xapps ├── 90-xApps └── README.md -when deploys the ric-platform, the credential is deployed before RIC-Platform. -In each of the component directory, ./etc contains the configuration file, ./bin contains the binary and script files, -./helm contains the helm charts, and ./docker contains docker related files for building the docker images. Please refer -to the README.md files in individual directory for more details. +when deploying the ric-platform, the credential is deployed before RIC-Platform. + +In each of the component directories, ./bin contains the binary and script files and ./helm contains the helm charts, + +Some components contain an ./etc directory with configuration files and some contain a ./docker directory with docker related files for building the docker images. + +Please refer to the README.md files in individual directory for more details. + +Within ric-infra, ric-platform and ric-aux, each of the components above can be deployed and undeployed separately. +There are also scripts for deploying the ric-infra, ric-platform or ric-aux in its entirety. + +The ./bin directory contains these scripts + +The following sections discuss one-script deployment for each + +### To deploy RIC Infrastructure + +Edit ./RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +You can choose whether to enable Kubernetes deployment, Helm Chart museum and ELFKP stack +You can specify the Helm release prefix and namespaces used +You must specify username and password for Docker repo +Then run the following to deploy: +```sh +$ . ./deploy-ric-infra -f ../RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +``` +Run the following to undeploy: +```sh +$ . ./undeploy-ric-infra +``` + +### To deploy RIC Platform + +Edit ./RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE +You can specify the Helm release prefix and namespaces used +Set the values of extsvcaux/ricip and extsvcaux/auxip to be the external IP addresses of VM hosting RIC cluster and VM hosting AUX cluster, respectively. +These values should be set in both the override file and the local values.yaml file +```sh +$ . ./deploy-ric-platform -f ../RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE +``` +Run the following to undeploy: +```sh +$ . ./undeploy-ric-platform +``` -### To deploy RIC -TBD will update when we have the root installer. +### To deploy RIC Auxiliary functions -### Configure the RIC deployment -TBD will update when we have the root installer. +Edit ./RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE +You can specify the Helm release prefix and namespaces used +Set the values of extsvcaux/ricip and extsvcaux/auxip to be the external IP addresses of VM hosting RIC cluster and VM hosting AUX cluster, respectively. +These values should be set in both the override file and the local values.yaml file +```sh +$ . ./deploy-ric-aux -f ../RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE +``` +Run the following to undeploy: +```sh +$ . ./undeploy-ric-aux +``` diff --git a/RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE b/RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE deleted file mode 100755 index 5b0505f2..00000000 --- a/RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE +++ /dev/null @@ -1,39 +0,0 @@ - -global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - nodePortPrefixExt: 304 - - # ONAP Repository - # Uncomment the following to enable the use of a single docker - # repository but ONLY if your repository mirrors all ONAP - # docker images. This includes all images from dockerhub and - # any other repository that hosts images for ONAP components. - #repository: nexus3.onap.org:10001 - repositoryCred: - user: docker - password: docker - - # readiness check - temporary repo until images migrated to nexus3 - readinessRepository: oomk8s - # logging agent - temporary repo until images migrated to nexus3 - loggingRepository: docker.elastic.co - - # image pull policy - pullPolicy: Always - - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - enableDefaultStorageclass: false - parameters: {} - storageclassProvisioner: kubernetes.io/no-provisioner - volumeReclaimPolicy: Retain - - # override default resource limit flavor for all charts - flavor: unlimited - - # flag to enable debugging - application support required - debugEnabled: false diff --git a/RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE b/RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE index 72e3f3d2..e83c4210 100644 --- a/RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE +++ b/RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE @@ -27,6 +27,9 @@ global: aux: ricaux # Docker registry from which RIC platform components pull the images repository: nexus3.o-ran-sc.org:10004 + onapRepository: nexus3.onap.org:10001 + ubuntuInitRepository: registry.hub.docker.com + busyBoxRepository: docker.io # Name of the K8S docker credential that is onboarded by 20-credential repositoryCred: docker-reg-cred @@ -51,67 +54,182 @@ global: ingressurl: ric: ric-entry aux: aux-entry + dashboard: dashboard.ric.org + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + nodePortPrefixExt: 304 + + # Change this to define portal port used for webpage forwarding + portalFEPort: "8443" + + # ONAP Repository + # Uncomment the following to enable the use of a single docker + # repository but ONLY if your repository mirrors all ONAP + # docker images. This includes all images from dockerhub and + # any other repository that hosts images for ONAP components. + repository: nexus3.onap.org:10001 + repositoryCred: + user: docker + password: docker + + # readiness check - temporary repo until images migrated to nexus3 + readinessRepository: oomk8s + # logging agent - temporary repo until images migrated to nexus3 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + + # image pull policy + pullPolicy: Always + + + portalHostName: "portal.ric.org" + cookieDomain: "ric.org" + # default mount path root directory referenced + # by persistent volumes and log files + persistence: + mountPath: /dockerdata-nfs + enableDefaultStorageclass: false + parameters: {} + storageclassProvisioner: kubernetes.io/no-provisioner + volumeReclaimPolicy: Retain + + # override default resource limit flavor for all charts + flavor: unlimited + + # flag to enable debugging - application support required + debugEnabled: false + + aaf: + image: onap/aaf/aaf_core:2.1.15 + config: + image: onap/aaf/aaf_config:2.1.15 + cass: + image: onap/aaf/aaf_cass:2.1.15 + - tillers: - ricxapp: - name: ricxapp - nameSpace: ricxapp - deployNameSpace: ricinfra - image: - tillerTLSSecrets: - repository: nexus3.o-ran-sc.org:10004 - name: it-dep-secret - tag: 0.0.2 - tiller: - repository: gcr.io - name: kubernetes-helm/tiller - tag: v2.12.3 - secret: - create: true - tillerSecretName: secret-tiller-ricxapp - helmSecretName: secret-helm-client-ricxapp - tls: - authenticate: true - verify: true - serviceAccount: - name: tiller - role: - - apiGroups: [""] - resources: ["pods", "configmaps", "services"] - verbs: ["get", "list", "create", "delete"] - - apiGroups: ["extensions", "apps"] - resources: ["deployments"] - verbs: ["get", "list", "create", "delete"] - port: 44134 #------------------------------------------------------------------------- # Auxiliary Functions #------------------------------------------------------------------------- +aaf-sms: + image: onap/aaf/sms:4.0.1 + aaf-sms-quorumclient: + image: onap/aaf/smsquorumclient:4.0.0 + aaf-sms-vault: + image: + consul: library/consul:1.0.6 + vault: library/vault:0.10.0 + +aaf-sshsm: + aaf-sshsm-abrmd: + image: onap/aaf/abrmd:4.0.0 + aaf-sshsm-distcenter: + image: onap/aaf/distcenter:4.0.0 + aaf-sshsm-testca: + image: onap/aaf/testcaservice:4.0.0 + +portal-cassandra: + image: onap/music/cassandra_music:3.0.0 +portal-mariadb: + config: + ricdashboardHostName: "dashboard.ric.org" + ricdashboardPort: "32443" + ricdashboardProtocol: "https" + image: onap/portal-db:2.5.0 +portal-app: + image: onap/portal-app:2.5.0 + +persistence: + enabled: true + dashboard: # Override the name using the following option # nameOverride: image: name: ric-dashboard - tag: 1.2.0 - properties: - # application.properties - portalapi: - username: username - password: password - metrics: + tag: 1.2.4 + caasingress: + aux: + url: + prefix: "https://:16443" + plt: url: - ac: http://ric-aux-kibana-server:5601/goto/fedcba9876543210?embed=true - mc: http://ric-aux-kibana-server:5601/goto/b35690798f2a32d065f5107aecd84308?embed=true - # key.properties - cipher.enc.key: AGLDdG4D04BKm2IxIWEr8o== - # portal.properties - # external URL for user browser - ecomp_redirect_url: https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm - # internal URL for backend - ecomp_rest_url: http://portal-app.onap:8989/ONAPPORTAL/auxapi + prefix: "https://:16443" + cipher: + enc: + key: AGLDdG4D04BKm2IxIWEr8o== + portalapi: + # application.properties + security: true + username: Default + password: password + ecomp_redirect_url: https://portal.ric.org:8443/ONAPPORTAL/login.htm + ecomp_rest_url: http://portal-app:8989/ONAPPORTAL/auxapi ueb_app_key: uebkey + metrics: + url: + ac: http://mcdashboard.ric.org:5601/goto/1234567890abcdef?embed=true + mc: http://mcdashboard.ric.org:5601/goto/b35690798f2a32d065f5107aecd84308?embed=true datapath: /opt/data/dashboard-data + + +ves: + onapRepository: "nexus3.onap.org:10001" + + image: + name: org.onap.dcaegen2.collectors.ves.vescollector + tag: 1.4.5 + +mrsub: + image: + name: mrsubp + tag: 0.0.1 + pullPolicy: IfNotPresent + logStashHost: "r1-mc-stack-logstash.ricaux" + logStashPort: 5044 + messageRouterHost: "ricaux-message-router.ricaux" + messageRouterPort: 3904 + + +# image settings for dmaap +onapRepository: nexus3.onap.org:10001 +image: onap/dmaap/dmaap-mr:1.1.13 +ubuntuInitRepository: docker.io +ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 +busyBoxRepository: docker.io +busyBoxImage: busybox:1.30 + +# image settings for dmaap subchart kafka +message-router-kafka: + ubuntuInitRepository: docker.io + ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + busyBoxRepository: docker.io + busyBoxImage: busybox:1.30 + onapRepository: nexus3.onap.org:10001 + image: onap/dmaap/kafka111:1.0.0 +# image settings for dmaap subchart zookeeper +message-router-zookeeper: + ubuntuInitRepository: docker.io + ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + busyBoxRepository: docker.io + busyBoxImage: busybox:1.30 + onapRepository: nexus3.onap.org:10001 + image: onap/dmaap/zookeeper:5.0.0 + +# MC Dashboard components +elasticsearch: + enabled: true + +kibana: + enabled: true + +logstash: + enabled: true +# end of MC Dashboard components + + extsvcaux: ricip: # The ip address of the ric cluster ingress controller diff --git a/RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE b/RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE index 8a06aed0..7c145cbc 100644 --- a/RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +++ b/RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE @@ -52,7 +52,7 @@ global: ingressurl: ric: ric-entry aux: aux-entry - + dashboard: dashboard-entry tillers: ricxapp: @@ -122,6 +122,39 @@ chartmuseum: storagesize: 2Gi datapath: /opt/data/chartmuseum-data + +esreader: + dataVolSize: 100Mi + storageClassName: local-storage + #storageClassName: ric-storage-class + + pizpub: + enabled: false + nsPrefix: ric + imageVersion: 0.0.4911 + imageName: pizpub + publishURL: https://feeds-drtr.web.att.com/publish/3641 + user: m14983@ric.att.com + password: pizPub01! + feedId: 3641 + dataRootDir: /data + scanDirectory: outgoing + processedDirectory: sent + + elfkp: enable: false +kong: + proxy: + http: + containerPort: 32080 + tls: + containerPort: 32443 + image: + repository: kong + tag: 1.3 + ingressController: + image: + repository: kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller + tag: 0.6.0 diff --git a/RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE b/RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE index 8b035999..d4d3502f 100644 --- a/RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE +++ b/RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE @@ -50,6 +50,7 @@ global: ingressurl: ric: ric-entry aux: aux-entry + dashboard: dashboard-entry tillers: ricxapp: @@ -93,7 +94,7 @@ a1mediator: # repositoryOverride: image: name: ric-plt-a1 - tag: 0.10.1 + tag: 0.10.3 rmr_timeout_config: rcv_retry_interval_ms: 500 rcv_retry_times: 20 @@ -107,7 +108,7 @@ appmgr: name: it-dep-init tag: 0.0.1 name: ric-plt-appmgr - tag: 0.1.5 + tag: 0.1.9 @@ -127,10 +128,10 @@ e2mgr: # repositoryOverride: image: name: ric-plt-e2mgr - tag: 1.0.0 + tag: 2.0.7 env: RIC_ID: "bbbccc-abcd0e/20" - privilegedmode: true + privilegedmode: false # E2 Termination @@ -139,11 +140,29 @@ e2term: # repositoryOverride: image: name: ric-plt-e2 - tag: 1.0.0 + tag: 2.0.7 env: print: "1" - privilegedmode: true - hostnetworkmode: true + privilegedmode: false + hostnetworkmode: false + + dataVolSize: 100Mi + storageClassName: local-storage + #storageClassName: ric-storage-class + + pizpub: + enabled: true + nsPrefix: ric + imageVersion: 0.0.4911 + imageName: pizpub + publishURL: https://feeds-drtr.web.att.com/publish/3641 + user: m14983@ric.att.com + password: pizPub01! + feedId: 3641 + dataRootDir: /data + scanDirectory: outgoing + processedDirectory: sent + # Routing Manager rtmgr: @@ -151,7 +170,7 @@ rtmgr: # repositoryOverride: image: name: ric-plt-rtmgr - tag: 0.3.2 + tag: 0.3.3 loglevel: DEBUG # Subscription Manager @@ -160,7 +179,7 @@ submgr: # repositoryOverride: image: name: ric-plt-submgr - tag: 0.5.0 + tag: 0.10.0 # VESPA Manager vespamgr: @@ -168,9 +187,23 @@ vespamgr: # repositoryOverride: image: name: ric-plt-vespamgr - tag: 0.0.1 + tag: 0.0.5 prometheusurl: "http://rec-prometheus-server.default" +# RAN Resource Monitor +rsm: + image: + name: ric-plt-rsm + tag: 2.0.6 + +# Jaeger Adapter +jaegeradapter: + repositoryOverride: docker.io + image: + name: jaegertracing/all-in-one + tag: 1.12 + pullPolicy: IfNotPresent + # the service for redirecting to AUX cluster extsvcplt: diff --git a/bin/deploy-ric-infra b/bin/deploy-ric-infra index a5cb94be..14b3ac42 100755 --- a/bin/deploy-ric-infra +++ b/bin/deploy-ric-infra @@ -54,10 +54,12 @@ ROOT_DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" CHARTMUSEUM_BLOCK=$(cat $OVERRIDEYAML | awk '/^chartmuseum:/{getline; while ($0 ~ /^ +.*|^ *$/) {print $0; if (getline == 0) {break}}}') ELFKP_BLOCK=$(cat $OVERRIDEYAML | awk '/^elfkp:/{getline; while ($0 ~ /^ +.*|^ *$/) {print $0; if (getline == 0) {break}}}') K8S_BLOCK=$(cat $OVERRIDEYAML | awk '/^k8s:/{getline; while ($0 ~ /^ +.*|^ *$/) {print $0; if (getline == 0) {break}}}') +ESREADER_BLOCK=$(cat $OVERRIDEYAML | awk '/^esreader:/{getline; while ($0 ~ /^ +.*|^ *$/) {print $0; if (getline == 0) {break}}}') USE_LOCAL_HELM_REPO=$(echo "$CHARTMUSEUM_BLOCK" | grep "enable" | awk '{print $2}') DEPLOY_K8S=$(echo "$K8S_BLOCK" | grep "enable" | awk '{print $2}') DEPLOY_K8S_MONITORING=$(echo "$ELFKP_BLOCK" | grep "enable" | awk '{print $2}') +DEPLOY_ESREADER=$(echo "$ESREADER_BLOCK" | grep "enable" | awk 'NR==1 {print $2}') for component in $ROOT_DIR/../ric-infra/*/; do @@ -79,6 +81,11 @@ for component in $ROOT_DIR/../ric-infra/*/; do . $component/bin/install -f $OVERRIDEYAML fi ;; + 25-ESReader) + if [ "$DEPLOY_ESREADER" == "true" ];then + . $component/bin/install -f $OVERRIDEYAML + fi + ;; 30-Kong) . $component/bin/install -f $OVERRIDEYAML sleep 5 diff --git a/bin/prepull-images b/bin/prepull-images index 0cd1cf9c..119d76d7 100755 --- a/bin/prepull-images +++ b/bin/prepull-images @@ -59,6 +59,11 @@ mkdir -p $IMAGE_DIRECTORY_PATH while IFS= read -r image do + if [[ $image == "#"* ]]; then + # supporting comment lines + continue + fi + IMAGENAME=$(echo $image | awk '{ n=split($0, a, "/"); print a[n] }') echo "Pulling image $image" diff --git a/ric-aux/80-Auxiliary-Functions/bin/install b/ric-aux/80-Auxiliary-Functions/bin/install index 916e067a..b10b044b 100755 --- a/ric-aux/80-Auxiliary-Functions/bin/install +++ b/ric-aux/80-Auxiliary-Functions/bin/install @@ -50,11 +50,10 @@ GLOBAL_BLOCK=$(cat $OVERRIDEYAML | awk '/^global:/{getline; while ($0 ~ /^ +.*|^ NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^ namespace:/{getline; while ($0 ~ /^ .*|^ *$/) {print $0; if (getline == 0) {break}}}') NAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *aux:/{print $2}') RELEASE_PREFIX=$(echo "$GLOBAL_BLOCK" | awk '/^ *releasePrefix:/{print $2}') -COMPONENTS=${LIST_OF_COMPONENTS:-"dashboard ves message-router mrsub"} +COMPONENTS=${LIST_OF_COMPONENTS:-"dashboard ves message-router mrsub mc-stack portal aaf"} - -NODENAME=$(kubectl get node | awk '{print $1}') +NODENAME=$(kubectl get node | awk 'NR>1{print $1}') LABELFOUND=false for f in $NODENAME; do LABEL=$(kubectl describe node $f | grep local-storage) @@ -114,14 +113,19 @@ helm package -d /tmp $DIR/../../../ric-common/Common-Template/helm/ric-common for component in $COMPONENTS; do case "$component" in - dashboard | ves | message-router | mrsub) + dashboard | ves | message-router | mrsub | mc-stack | portal) mkdir -p $DIR/../helm/$component/charts/ cp /tmp/ric-common-$COMMON_CHART_VERSION.tgz $DIR/../helm/$component/charts/ helm install -f $OVERRIDEYAML --namespace "${NAMESPACE}" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component ;; + aaf) + mkdir -p $DIR/../helm/$component/charts/ + cp /tmp/ric-common-$COMMON_CHART_VERSION.tgz $DIR/../helm/$component/charts/ + helm install -f $OVERRIDEYAML --namespace "onap" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component + ;; *) helm install --namespace "${NAMESPACE}" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component esac -done \ No newline at end of file +done diff --git a/ric-aux/80-Auxiliary-Functions/bin/installOnap b/ric-aux/80-Auxiliary-Functions/bin/installOnap deleted file mode 100755 index 796268f0..00000000 --- a/ric-aux/80-Auxiliary-Functions/bin/installOnap +++ /dev/null @@ -1,147 +0,0 @@ -#!/bin/bash -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ - - -OVERRIDEYAML=$1 - - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" - - -source $DIR/../etc/aux.conf - -if [ -z "$RICAUX_RELEASE_NAME" ];then - RELEASE_NAME=$helm_release_name -else - RELEASE_NAME=$RICAUX_RELEASE_NAME -fi - -# Namespace configuration -if [ -z "$RICPLT_NAMESPACE" ];then - PLT_NAMESPACE=$plt_namespace -else - PLT_NAMESPACE=$RICPLT_NAMESPACE -fi -if [ -z "$RICXAPP_NAMESPACE" ];then - XAPP_NAMESPACE=$xapp_namespace -else - XAPP_NAMESPACE=$RICXAPP_NAMESPACE -fi -if [ -z "$RICAUX_NAMESPACE" ];then - AUX_NAMESPACE=$aux_namespace -else - AUX_NAMESPACE=$RICAUX_NAMESPACE -fi -if [ -z "$RICINFRA_NAMESPACE" ];then - INFRA_NAMESPACE=$infra_namespace -else - INFRA_NAMESPACE=$RICINFRA_NAMESPACE -fi - -if [ -z "$RIC_COMMON_OVERRIDE" ];then - COMMON_OVERRIDE="--set global.namespace.platform=$PLT_NAMESPACE --set global.namespace.xapp=$XAPP_NAMESPACE --set global.namespace.aux=$AUX_NAMESPACE --set global.namespace.infra=$INFRA_NAMESPACE" -else - COMMON_OVERRIDE=$RIC_COMMON_OVERRIDE -fi - - - -NODENAME=$(kubectl get node | awk '{print $1}') -LABELFOUND=false -for f in $NODENAME; do - LABEL=$(kubectl describe node $f | grep local-storage) - if [ ! -z "$LABEL" ]; then - LABELFOUND=true - fi -done - -if [ ! -z $OVERRIDEYAML ]; then - FOUND_STORAGECLASS=$(grep storageclass $OVERRIDEYAML) -fi - - - -if ! $LABELFOUND && [ -z "$FOUND_STORAGECLASS" ]; then - echo "***********************************************************************************************" - echo "* ERROR!!!!!!!!!!!!! *" - echo "***********************************************************************************************" - echo "* Nodes label \"local-storage=enable\" is not found in any of the cluster node. *" - echo "* Please pick a node and label it using the following command. *" - echo "* kubectl label --overwrite nodes local-storage=enable *" - echo "***********************************************************************************************" - - exit 1 -fi - - - - -if [ -z "$FOUND_STORAGECLASS" ] && $LABELFOUND; then - - DATAPATH=$(cat $DIR/../helm/dashboard/values.yaml | grep datapath | awk '{ print $2}' ) - - - if [ ! -z $OVERRIDEYAML ]; then - DATAPATHOVERRIDE=$(cat $OVERRIDEYAML | grep datapath | awk '{ print $2}' ) - fi - - if [ ! -z "$DATAPATHOVERRIDE" ]; then - DATAPATH=$DATAPATHOVERRIDE - fi - - - echo "***********************************************************************************************" - echo "* WARNING!!!!!!!!!!!!! *" - echo "***********************************************************************************************" - echo "* Chartmuseume will use local storage. Please make sure that directory *" - echo "* $DATAPATH *" - echo "* exists on the selected cluster node, and contains the proper files. *" - echo "***********************************************************************************************" - - -fi - - - - - - - -RICAUX_COMPONENTS="onap portal aaf" - -echo "Deploying RIC AUX components [$RICAUX_COMPONENTS]" -echo "Helm Release Name: $RELEASE_NAME" - - -COMMON_CHART_VERSION=$(cat $DIR/../../../ric-common/Common-Template/helm/ric-common/Chart.yaml | grep version | awk '{print $2}') - - -helm package -d /tmp $DIR/../../../ric-common/Common-Template/helm/ric-common/ - - -for component in $RICAUX_COMPONENTS; do - echo "Preparing chart for comonent $component" - - mkdir -p $DIR/../helm/$component/charts/ - cp /tmp/ric-common-$COMMON_CHART_VERSION.tgz $DIR/../helm/$component/charts/ - if [ -z $OVERRIDEYAML ]; then - helm install --namespace $AUX_NAMESPACE --name "${RELEASE_NAME}-$component" $COMMON_OVERRIDE $DIR/../helm/$component - else - helm install -f $OVERRIDEYAML --namespace $AUX_NAMESPACE --name "${RELEASE_NAME}-$component" $COMMON_OVERRIDE $DIR/../helm/$component - fi -done diff --git a/ric-aux/80-Auxiliary-Functions/bin/uninstall b/ric-aux/80-Auxiliary-Functions/bin/uninstall index 2f266912..6cb3b3ed 100755 --- a/ric-aux/80-Auxiliary-Functions/bin/uninstall +++ b/ric-aux/80-Auxiliary-Functions/bin/uninstall @@ -17,7 +17,7 @@ ################################################################################ -COMPONENTS="dashboard message-router ves mrsub" +COMPONENTS="dashboard message-router ves mrsub mc-stack portal aaf" echo "Undeploying RIC aux components [$COMPONENTS]" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mrsub/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/.helmignore similarity index 100% rename from ric-aux/80-Auxiliary-Functions/helm/mrsub/.helmignore rename to ric-aux/80-Auxiliary-Functions/helm/.helmignore diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml index 5bbb1d73..bf30ccab 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} @@ -24,6 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.global.aaf.cass.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml index 19d76255..1a0a102a 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -24,6 +24,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.cm.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml index cd72fddb..b413e726 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -24,6 +24,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.fs.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml index 4a433ccc..6d6b4998 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -24,6 +24,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.gui.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml index c5fcf68a..f0e8b3fa 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml @@ -11,7 +11,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -23,6 +23,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.hello.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml index 69d16121..e866ac68 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -24,6 +24,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.locate.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml index b371c865..7b75a7ce 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -24,6 +24,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.oauth.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml index 1c097182..f7768697 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -24,6 +24,10 @@ metadata: namespace: {{ include "common.namespace" . }} spec: replicas: {{ .Values.global.aaf.service.replicas }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml index da094981..b0a5d020 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml @@ -34,4 +34,19 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} {{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml index 16f8092d..d09f6cea 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -24,6 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} serviceName: template: metadata: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml index 4dc13a56..9cf8c053 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -50,6 +50,7 @@ persistence: size: 10Mi mountPath: /dockerdata-nfs mountSubPath: sms/quorum/data + storageClass: "manual" ingress: enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml index da094981..b0a5d020 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml @@ -34,4 +34,19 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} {{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml index ab0ad17b..584a7ec6 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -24,6 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} serviceName: template: metadata: @@ -79,4 +83,4 @@ spec: hostPath: path: /etc/localtime imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml index 360bf420..681daab0 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -79,6 +79,7 @@ persistence: size: 2Gi mountPath: /dockerdata-nfs mountSubPath: sms/consul/data + storageClass: "manual" service: type: ClusterIP diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml index ca35fdc5..e8d59292 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} @@ -24,6 +24,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: @@ -34,13 +38,8 @@ spec: - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - "aaf-sms-vault" - - --container-name - - "aaf-sms-vault-backend" + command: ["/bin/sh", "-c"] + args: ["sed -i s/client.AppsV1beta1Api/client.AppsV1Api/g /root/ready.py && /root/ready.py --container-name aaf-sms-vault --container-name aaf-sms-vault-backend"] env: - name: NAMESPACE valueFrom: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml index a5446ab2..488cd966 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml @@ -36,13 +36,8 @@ spec: - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} name: {{ include "common.name" . }}-readiness - command: - - /root/ready.py - args: - - --container-name - - "aaf-sms" - - --container-name - - "aaf-sms-quorumclient" + command: ["/bin/sh", "-c"] + args: ["sed -i s/client.AppsV1beta1Api/client.AppsV1Api/g /root/ready.py && sed -i s/client.ExtensionsV1beta1Api/client.AppsV1Api/g /root/ready.py && /root/ready.py --container-name aaf-sms --container-name aaf-sms-quorumclient"] env: - name: NAMESPACE valueFrom: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml index 37ed28ee..e80e0e7d 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml @@ -34,4 +34,20 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} -{{- end -}} \ No newline at end of file + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} + +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml index e6aacd1b..fabaf575 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml @@ -30,9 +30,6 @@ metadata: {{ toYaml .Values.persistence.annotations | indent 4 }} {{- end }} spec: - selector: - matchLabels: - name: {{ include "common.fullname" . }} accessModes: - {{ .Values.persistence.accessMode }} resources: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml index de005ed3..794eed62 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml @@ -78,6 +78,7 @@ persistence: volumeReclaimPolicy: Retain accessMode: ReadWriteOnce size: 1Gi + storageClass: "manual" mountPath: /dockerdata-nfs mountSubPath: sms/auth diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml index 4a1dd5c6..8f14ebfc 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml @@ -16,7 +16,7 @@ {{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -28,6 +28,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} serviceName: template: metadata: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml index fa5fd16c..2be9e590 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml @@ -36,6 +36,21 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml index c881c3a7..d7a3fc21 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -66,6 +66,7 @@ persistence: size: 10Mi mountPath: /dockerdata-nfs mountSubPath: sshsm/distcenter/data + storageClass: "manual" ingress: enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml index b4d283f1..fa3857f5 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml @@ -34,6 +34,21 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dataMountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} --- kind: PersistentVolume apiVersion: v1 @@ -54,4 +69,19 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} {{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml index 5909a707..0d23170d 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml @@ -115,7 +115,7 @@ persistence: mountPath: /dockerdata-nfs dataMountSubPath: sshsm/data dbusMountSubPath: sshsm/dbus - + storageClass: "manual" # Configure resource requests and limits resources: small: diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml index 9a1e8020..14ce4f8d 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml @@ -38,6 +38,14 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} hostPath: path: {{ .Values.persistence.config.mountPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable {{- if .Values.persistence.config.storageClass }} {{- if (eq "-" .Values.persistence.config.storageClass) }} storageClassName: "" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml index b8d12c5c..4b28bb95 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml @@ -38,6 +38,14 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} hostPath: path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: aaf-storage + operator: In + values: + - enable {{- if .Values.persistence.status.storageClass }} {{- if (eq "-" .Values.persistence.status.storageClass) }} storageClassName: "" diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/dashboard/Chart.yaml index 002c3139..110927a1 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/dashboard/Chart.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/Chart.yaml @@ -19,5 +19,5 @@ apiVersion: v1 appVersion: "1.0" description: Helm Chart for RIC Dashboard name: dashboard -version: 1.2.0 +version: 1.2.2 icon: https://gerrit.o-ran-sc.org/r/gitweb?p=portal/ric-dashboard.git;a=blob;f=webapp-frontend/src/assets/at_t.png;h=3cced1d5ce4668fbf3b33064aaaa6920bc8130b6;hb=HEAD diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_gen-cert.tpl b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_gen-cert.tpl new file mode 100644 index 00000000..2cf25ac0 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_gen-cert.tpl @@ -0,0 +1,28 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################i + +{{/* +Generate certificates for the docker registry +*/}} + +{{- define "dashboard.gen-cert" -}} +{{- $altNames := list ( include "common.ingressurl.dashboard" . ) -}} +{{- $ca := genCA "docker-registry-ca" 365 -}} +{{- $cert := genSignedCert ( include "common.ingressurl.dashboard" . ) nil $altNames 365 $ca -}} +tls.crt: {{ $cert.Cert | b64enc }} +tls.key: {{ $cert.Key | b64enc }} +{{- end -}} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_genurl.tpl b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_genurl.tpl index 3cd463e1..5684f21f 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_genurl.tpl +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/_genurl.tpl @@ -55,3 +55,4 @@ Generate the URLS of the endpoints. {{- printf "http://%s/appmgr" $ingress -}} {{- end -}} {{- end -}} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/appconfig.yaml b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/appconfig.yaml index 39114673..424294ed 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/appconfig.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/appconfig.yaml @@ -36,8 +36,14 @@ data: anrxapp.url.suffix = {{ .Values.dashboard.anrxapp.url.suffix }} appmgr.url.prefix = {{ include "dashboard.prefix.appmgr" . }} appmgr.url.suffix = {{ .Values.dashboard.appmgr.url.suffix }} + caasingress.insecure = {{ .Values.dashboard.caasingress.insecure }} + caasingress.aux.url.prefix = {{ .Values.dashboard.caasingress.aux.url.prefix }} + caasingress.aux.url.suffix = {{ .Values.dashboard.caasingress.aux.url.suffix }} + caasingress.plt.url.prefix = {{ .Values.dashboard.caasingress.plt.url.prefix }} + caasingress.plt.url.suffix = {{ .Values.dashboard.caasingress.plt.url.suffix }} e2mgr.url.prefix = {{ include "dashboard.prefix.e2mgr" . }} e2mgr.url.suffix = {{ .Values.dashboard.e2mgr.url.suffix }} + portalapi.security = {{ .Values.dashboard.portalapi.security }} portalapi.appname = {{ .Values.dashboard.portalapi.appname }} portalapi.username = {{ .Values.dashboard.portalapi.username }} portalapi.password = {{ .Values.dashboard.portalapi.password }} @@ -55,3 +61,7 @@ data: ecomp_redirect_url = {{ .Values.dashboard.portalapi.ecomp_redirect_url }} ecomp_rest_url = {{ .Values.dashboard.portalapi.ecomp_rest_url }} ueb_app_key = {{ .Values.dashboard.portalapi.ueb_app_key }} + + # Temp solution before Portal 2.6 + users.json: | + [{"orgId":null,"managerId":null,"firstName":"First","middleInitial":null,"lastName":"Last","phone":null,"email":null,"hrid":null,"orgUserId":null,"orgCode":null,"orgManagerUserId":null,"jobTitle":null,"loginId":"demo","active":true,"roles":[{"id":1,"name":"System_Administrator","roleFunctions":null}]}] diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/deployment.yaml index 6c77a197..3ba46443 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/deployment.yaml @@ -40,6 +40,9 @@ spec: hostname: {{ include "common.name.dashboard" . }} imagePullSecrets: - name: {{ include "common.repositoryCred" . }} + {{- with .Values.dashboard.nodeselector }} + nodeSelector: {{ toYaml . | trim | nindent 8 -}} + {{- end }} containers: - name: {{ include "common.containername.dashboard" . }} image: {{ include "common.repository" . }}/{{ .Values.dashboard.image.name }}:{{ .Values.dashboard.image.tag }} @@ -61,8 +64,12 @@ spec: mountPath: /maven/portal.properties subPath: portal.properties readOnly: true - - name: dashboard-users - mountPath: /dashboard-data +# Temp solution until portal 2.6 + - name: appconfig + mountPath: /dashboard-data/users.json + subPath: users.json +# - name: dashboard-users +# mountPath: /dashboard-data livenessProbe: httpGet: path: /api/admin/health diff --git a/ric-xapps/90-xApps/helm/xapp-std/templates/appenv.yaml b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/ingress.yaml similarity index 72% rename from ric-xapps/90-xApps/helm/xapp-std/templates/appenv.yaml rename to ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/ingress.yaml index 0d55f4e9..d6070364 100644 --- a/ric-xapps/90-xApps/helm/xapp-std/templates/appenv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/ingress.yaml @@ -14,16 +14,20 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ################################################################################ -apiVersion: v1 -kind: ConfigMap +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress metadata: - name: {{ include "ricxapp.configmapname" . }}-appenv -data: - {{- if .Values.ricxapp.appenv }} - {{- toYaml .Values.ricxapp.appenv | nindent 2 }} - {{- end }} - DBAAS_SERVICE_HOST: "{{ .Values.ricplt.dbaasService }}" - DBAAS_SERVICE_PORT: "6379" - DBAAS_PORT_6379_TCP_ADDR: "{{ .Values.ricplt.dbaasService }}" - DBAAS_PORT_6379_TCP_PORT: "6379" - RMR_RTG_SVC: "{{ .Values.ricxapp.service.rmr.route.port }}" + name: {{ include "common.ingressname.dashboard" . }} +spec: + tls: + - hosts: + - {{ include "common.ingressurl.dashboard" . }} + secretName: secret-{{ include "common.name.dashboard" . }} + rules: + - host: {{ include "common.ingressurl.dashboard" . }} + http: + paths: + - backend: + serviceName: {{ include "common.servicename.dashboard.http" . }} + servicePort: http + path: "/" diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/secret.yaml b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/secret.yaml new file mode 100644 index 00000000..a985effe --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/templates/secret.yaml @@ -0,0 +1,32 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: v1 +kind: Secret +type: kubernetes.io/tls +metadata: + name: secret-{{ include "common.name.dashboard" . }} + annotations: + "helm.sh/hook": "pre-install" + "helm.sh/hook-delete-policy": "before-hook-creation" +data: +{{- if .Values.dashboard.tlscert }} +{{ toYaml .Values.dashboard.tlscert | indent 2 -}} +{{- else }} +{{ ( include "dashboard.gen-cert" . ) | indent 2 }} +{{- end }} + + diff --git a/ric-aux/80-Auxiliary-Functions/helm/dashboard/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/dashboard/values.yaml index ec1aaeb5..a5708c02 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/dashboard/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/dashboard/values.yaml @@ -24,7 +24,7 @@ repositoryCred: docker-reg-cred dashboard: image: name: ric-dashboard - tag: 1.2.0 + tag: 1.2.2 replicaCount: 1 # Service ports are now defined in @@ -42,8 +42,8 @@ dashboard: userfile: /dashboard-data/users.json # on the server datapath: /opt/data/dashboard-data - - # The URL prefixes use K8S/Kong service names + + # Many URL prefixes use K8S/Kong service names a1med: url: # The default a1mediator prefix is http://ricplt-entry/a1mediator @@ -62,6 +62,21 @@ dashboard: # You can override the value using the following option # prefix: suffix: /ric/v1 + caasingress: + # Ignore SSL problems to CaaS-Ingress by enabling this + insecure: true + aux: + url: + # The default AUX CaaS-Ingress prefix is TBD + # You can override the value using the following option + # prefix: + suffix: /api + plt: + url: + # The default PLT CaaS-Ingress prefix is TBD + # You can override the value using the following option + # prefix: + suffix: /api e2mgr: url: # The default e2mgr prefix is http://ricplt-entry/e2mgr @@ -72,11 +87,12 @@ dashboard: enc: key: portalapi: + security: false appname: RIC-Dashboard - username: - password: + username: Default + password: password ecomp_redirect_url: https://portal.api.simpledemo.onap.org:30225/ONAPPORTAL/login.htm - ecomp_rest_url: http://portal-app.onap:8989/ONAPPORTAL/auxapi + ecomp_rest_url: http://portal-app:8989/ONAPPORTAL/auxapi ueb_app_key: uebkey metrics: url: diff --git a/ric-xapps/90-xApps/helm/xapp-std/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/.helmignore old mode 100644 new mode 100755 similarity index 97% rename from ric-xapps/90-xApps/helm/xapp-std/.helmignore rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/.helmignore index 50af0317..f0c13194 --- a/ric-xapps/90-xApps/helm/xapp-std/.helmignore +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/.helmignore @@ -19,4 +19,3 @@ .project .idea/ *.tmproj -.vscode/ diff --git a/ric-xapps/90-xApps/helm/xapp-std/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/Chart.yaml old mode 100644 new mode 100755 similarity index 89% rename from ric-xapps/90-xApps/helm/xapp-std/Chart.yaml rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/Chart.yaml index ebf44d4b..4d83a033 --- a/ric-xapps/90-xApps/helm/xapp-std/Chart.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/Chart.yaml @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -14,8 +13,9 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ################################################################################ + apiVersion: v1 -appVersion: "1.0" -description: Standard xApp Helm Chart -name: xapp-std +appVersion: "1" +description: A Helm chart for MC Dashboard +name: mc-stack version: 0.0.1 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/.helmignore new file mode 100755 index 00000000..e12c0b4b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/.helmignore @@ -0,0 +1,2 @@ +tests/ +.pytest_cache/ diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Chart.yaml new file mode 100755 index 00000000..dac611a3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Chart.yaml @@ -0,0 +1,27 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +apiVersion: v1 +appVersion: 7.3.0 +description: Official Elastic helm chart for Elasticsearch +home: https://github.com/elastic/helm-charts +icon: https://helm.elastic.co/icons/elasticsearch.png +maintainers: +- email: helm-charts@elastic.co + name: Elastic +name: elasticsearch +sources: +- https://github.com/elastic/elasticsearch +version: 7.3.0 \ No newline at end of file diff --git a/ric-xapps/90-xApps/etc/xapp.conf b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Makefile old mode 100644 new mode 100755 similarity index 87% rename from ric-xapps/90-xApps/etc/xapp.conf rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Makefile index 5bd82f94..3e7ed429 --- a/ric-xapps/90-xApps/etc/xapp.conf +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/Makefile @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -15,8 +14,4 @@ # limitations under the License. # ################################################################################ -default_helm_repo=https://$(hostname):32080/helm - -default_docker_registry=docker-entry - - +include ../helpers/common.mk diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/README.md b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/README.md new file mode 100755 index 00000000..924800a4 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/README.md @@ -0,0 +1,265 @@ +# Elasticsearch Helm Chart + +This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. + +This helm chart is a lightweight way to configure and run our official [Elasticsearch docker image](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html) + +## Requirements + +* [Helm](https://helm.sh/) >= 2.8.0 +* Kubernetes >= 1.8 +* Minimum cluster requirements include the following to run this chart with default settings. All of these settings are configurable. + * Three Kubernetes nodes to respect the default "hard" affinity settings + * 1GB of RAM for the JVM heap + +## Usage notes and getting started + +* This repo includes a number of [example](./examples) configurations which can be used as a reference. They are also used in the automated testing of this chart +* Automated testing of this chart is currently only run against GKE (Google Kubernetes Engine). If you are using a different Kubernetes provider you will likely need to adjust the `storageClassName` in the `volumeClaimTemplate` +* The default storage class for GKE is `standard` which by default will give you `pd-ssd` type persistent volumes. This is network attached storage and will not perform as well as local storage. If you are using Kubernetes version 1.10 or greater you can use [Local PersistentVolumes](https://cloud.google.com/kubernetes-engine/docs/how-to/persistent-volumes/local-ssd) for increased performance +* The chart deploys a statefulset and by default will do an automated rolling update of your cluster. It does this by waiting for the cluster health to become green after each instance is updated. If you prefer to update manually you can set [`updateStrategy: OnDelete`](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#on-delete) +* It is important to verify that the JVM heap size in `esJavaOpts` and to set the CPU/Memory `resources` to something suitable for your cluster +* To simplify chart and maintenance each set of node groups is deployed as a separate helm release. Take a look at the [multi](./examples/multi) example to get an idea for how this works. Without doing this it isn't possible to resize persistent volumes in a statefulset. By setting it up this way it makes it possible to add more nodes with a new storage size then drain the old ones. It also solves the problem of allowing the user to determine which node groups to update first when doing upgrades or changes. +* We have designed this chart to be very un-opinionated about how to configure Elasticsearch. It exposes ways to set environment variables and mount secrets inside of the container. Doing this makes it much easier for this chart to support multiple versions with minimal changes. + +## Migration from helm/charts stable + +If you currently have a cluster deployed with the [helm/charts stable](https://github.com/helm/charts/tree/master/stable/elasticsearch) chart you can follow the [migration guide](/elasticsearch/examples/migration/README.md) + +## Installing + +* Add the elastic helm charts repo + ``` + helm repo add elastic https://helm.elastic.co + ``` +* Install it + ``` + helm install --name elasticsearch elastic/elasticsearch + ``` + +## Compatibility + +This chart is tested with the latest supported versions. The currently tested versions are: + +| 6.x | 7.x | +| ----- | ----- | +| 6.8.1 | 7.3.0 | + +Examples of installing older major versions can be found in the [examples](./examples) directory. + +While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.3.0` of Elasticsearch it would look like this: + +``` +helm install --name elasticsearch elastic/elasticsearch --set imageTag=7.3.0 +``` + +## Configuration + +| Parameter | Description | Default | +| ----------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | +| `clusterName` | This will be used as the Elasticsearch [cluster.name](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster.name.html) and should be unique per cluster in the namespace | `elasticsearch` | +| `nodeGroup` | This is the name that will be used for each group of nodes in the cluster. The name will be `clusterName-nodeGroup-X` | `master` | +| `masterService` | Optional. The service name used to connect to the masters. You only need to set this if your master `nodeGroup` is set to something other than `master`. See [Clustering and Node Discovery](#clustering-and-node-discovery) for more information. | `` | +| `roles` | A hash map with the [specific roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) for the node group | `master: true`
`data: true`
`ingest: true` | +| `replicas` | Kubernetes replica count for the statefulset (i.e. how many pods) | `3` | +| `minimumMasterNodes` | The value for [discovery.zen.minimum_master_nodes](https://www.elastic.co/guide/en/elasticsearch/reference/6.7/discovery-settings.html#minimum_master_nodes). Should be set to `(master_eligible_nodes / 2) + 1`. Ignored in Elasticsearch versions >= 7. | `2` | +| `esMajorVersion` | Used to set major version specific configuration. If you are using a custom image and not running the default Elasticsearch version you will need to set this to the version you are running (e.g. `esMajorVersion: 6`) | `""` | +| `esConfig` | Allows you to add any config files in `/usr/share/elasticsearch/config/` such as `elasticsearch.yml` and `log4j2.properties`. See [values.yaml](./values.yaml) for an example of the formatting. | `{}` | +| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | +| `extraVolumes` | Additional volumes to be passed to the `tpl` function | | +| `extraVolumeMounts` | Additional volumeMounts to be passed to the `tpl` function | | +| `extraInitContainers` | Additional init containers to be passed to the `tpl` function | | +| `secretMounts` | Allows you easily mount a secret as a file inside the statefulset. Useful for mounting certificates and other secrets. See [values.yaml](./values.yaml) for an example | `[]` | +| `image` | The Elasticsearch docker image | `docker.elastic.co/elasticsearch/elasticsearch` | +| `imageTag` | The Elasticsearch docker image tag | `7.3.0` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | +| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Elasticsearch pods | `{}` | +| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Elasticsearch pods | `{}` | +| `esJavaOpts` | [Java options](https://www.elastic.co/guide/en/elasticsearch/reference/current/jvm-options.html) for Elasticsearch. This is where you should configure the [jvm heap size](https://www.elastic.co/guide/en/elasticsearch/reference/current/heap-size.html) | `-Xmx1g -Xms1g` | +| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 100m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | +| `initResources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the initContainer in the statefulset | {} | +| `sidecarResources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the sidecar containers in the statefulset | {} | +| `networkHost` | Value for the [network.host Elasticsearch setting](https://www.elastic.co/guide/en/elasticsearch/reference/current/network.host.html) | `0.0.0.0` | +| `volumeClaimTemplate` | Configuration for the [volumeClaimTemplate for statefulsets](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#stable-storage). You will want to adjust the storage (default `30Gi`) and the `storageClassName` if you are using a different storage class | `accessModes: [ "ReadWriteOnce" ]`
`resources.requests.storage: 30Gi` | +| `persistence.annotations` | Additional persistence annotations for the `volumeClaimTemplate` | `{}` | +| `persistence.enabled` | Enables a persistent volume for Elasticsearch data. Can be disabled for nodes that only have [roles](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-node.html) which don't require persistent data. | `true` | +| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `` | +| `antiAffinityTopologyKey` | The [anti-affinity topology key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). By default this will prevent multiple Elasticsearch nodes from running on the same Kubernetes node | `kubernetes.io/hostname` | +| `antiAffinity` | Setting this to hard enforces the [anti-affinity rules](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). If it is set to soft it will be done "best effort". Other values will be ignored. | `hard` | +| `nodeAffinity` | Value for the [node affinity settings](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature) | `{}` | +| `podManagementPolicy` | By default Kubernetes [deploys statefulsets serially](https://kubernetes.io/docs/concepts/workloads/controllers/statefulset/#pod-management-policies). This deploys them in parallel so that they can discover eachother | `Parallel` | +| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `xpack.security.http.ssl.enabled` set | `http` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. If you change this you will also need to set [http.port](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-http.html#_settings) in `extraEnvs` | `9200` | +| `transportPort` | The transport port that Kubernetes will use for the service. If you change this you will also need to set [transport port configuration](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-transport.html#_transport_settings) in `extraEnvs` | `9300` | +| `service.type` | Type of elasticsearch service. [Service Types](https://kubernetes.io/docs/concepts/services-networking/service/#publishing-services-service-types) | `ClusterIP` | +| `service.nodePort` | Custom [nodePort](https://kubernetes.io/docs/concepts/services-networking/service/#nodeport) port that can be set if you are using `service.type: nodePort`. | `` | +| `service.annotations` | Annotations that Kubernetes will use for the service. This will configure load balancer if `service.type` is `LoadBalancer` [Annotations](https://kubernetes.io/docs/concepts/services-networking/service/#ssl-support-on-aws) | `{}` | +| `updateStrategy` | The [updateStrategy](https://kubernetes.io/docs/tutorials/stateful-application/basic-stateful-set/#updating-statefulsets) for the statefulset. By default Kubernetes will wait for the cluster to be green after upgrading each pod. Setting this to `OnDelete` will allow you to manually delete each pod during upgrades | `RollingUpdate` | +| `maxUnavailable` | The [maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget) value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod in the node group | `1` | +| `fsGroup (DEPRECATED)` | The Group ID (GID) for [securityContext.fsGroup](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) so that the Elasticsearch user can read from the persistent volume | `` | +| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` | +| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | +| `terminationGracePeriod` | The [terminationGracePeriod](https://kubernetes.io/docs/concepts/workloads/pods/pod/#termination-of-pods) in seconds used when trying to stop the pod | `120` | +| `sysctlInitContainer.enabled` | Allows you to disable the sysctlInitContainer if you are setting vm.max_map_count with another method | `true` | +| `sysctlVmMaxMapCount` | Sets the [sysctl vm.max_map_count](https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html#vm-max-map-count) needed for Elasticsearch | `262144` | +| `readinessProbe` | Configuration fields for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `clusterHealthCheckParams` | The [Elasticsearch cluster health status params](https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params) that will be used by readinessProbe command | `wait_for_status=green&timeout=1s` | +| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | +| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Elasticsearch cluster | `{}` | +| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | +| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Elasticsearch service. See [`values.yaml`](./values.yaml) for an example | `enabled: false` | +| `schedulerName` | Name of the [alternate scheduler](https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/#specify-schedulers-for-pods) | `nil` | +| `masterTerminationFix` | A workaround needed for Elasticsearch < 7.2 to prevent master status being lost during restarts [#63](https://github.com/elastic/helm-charts/issues/63) | `false` | +| `lifecycle` | Allows you to add lifecycle configuration. See [values.yaml](./values.yaml) for an example of the formatting. | `{}` | + +## Try it out + +In [examples/](./examples) you will find some example configurations. These examples are used for the automated testing of this helm chart + +### Default + +To deploy a cluster with all default values and run the integration tests + +``` +cd examples/default +make +``` + +### Multi + +A cluster with dedicated node types + +``` +cd examples/multi +make +``` + +### Security + +A cluster with node to node security and https enabled. This example uses autogenerated certificates and password, for a production deployment you want to generate SSL certificates following the [official docs](https://www.elastic.co/guide/en/elasticsearch/reference/current/configuring-tls.html#node-certificates). + +* Generate the certificates and install Elasticsearch + ``` + cd examples/security + make + + # Run a curl command to interact with the cluster + kubectl exec -ti security-master-0 -- sh -c 'curl -u $ELASTIC_USERNAME:$ELASTIC_PASSWORD -k https://localhost:9200/_cluster/health?pretty' + ``` + +### FAQ + +#### How to install plugins? + +The [recommended](https://www.elastic.co/guide/en/elasticsearch/reference/current/docker.html#_c_customized_image) way to install plugins into our docker images is to create a custom docker image. + +The Dockerfile would look something like: + +``` +ARG elasticsearch_version +FROM docker.elastic.co/elasticsearch/elasticsearch:${elasticsearch_version} + +RUN bin/elasticsearch-plugin install --batch repository-gcs +``` + +And then updating the `image` in values to point to your custom image. + +There are a couple reasons we recommend this. + +1. Tying the availability of Elasticsearch to the download service to install plugins is not a great idea or something that we recommend. Especially in Kubernetes where it is normal and expected for a container to be moved to another host at random times. +2. Mutating the state of a running docker image (by installing plugins) goes against best practices of containers and immutable infrastructure. + +#### How to use the keystore? + +1. Create a Kubernetes secret containing the [keystore](https://www.elastic.co/guide/en/elasticsearch/reference/current/secure-settings.html) + ``` + $ kubectl create secret generic elasticsearch-keystore --from-file=./elasticsearch.keystore + ``` +2. Mount it into the container via `secretMounts` + ``` + secretMounts: + - name: elasticsearch-keystore + secretName: elasticsearch-keystore + path: /usr/share/elasticsearch/config/elasticsearch.keystore + subPath: elasticsearch.keystore + ``` + +#### How to enable snapshotting? + +1. Install your [snapshot plugin](https://www.elastic.co/guide/en/elasticsearch/plugins/current/repository.html) into a custom docker image following the [how to install plugins guide](/elasticsearch/README.md#how-to-install-plugins) +2. Add any required secrets or credentials into an Elasticsearch keystore following the [how to use the keystore guide](/elasticsearch/README.md#how-to-use-the-keystore) +3. Configure the [snapshot repository](https://www.elastic.co/guide/en/elasticsearch/reference/current/modules-snapshots.html) as you normally would. +4. To automate snapshots you can use a tool like [curator](https://www.elastic.co/guide/en/elasticsearch/client/curator/current/snapshot.html). In the future there are plans to have Elasticsearch manage automated snapshots with [Snapshot Lifecycle Management](https://github.com/elastic/elasticsearch/issues/38461). + +### Local development environments + +This chart is designed to run on production scale Kubernetes clusters with multiple nodes, lots of memory and persistent storage. For that reason it can be a bit tricky to run them against local Kubernetes environments such as minikube. Below are some examples of how to get this working locally. + +#### Minikube + +This chart also works successfully on [minikube](https://kubernetes.io/docs/setup/minikube/) in addition to typical hosted Kubernetes environments. +An example `values.yaml` file for minikube is provided under `examples/`. + +In order to properly support the required persistent volume claims for the Elasticsearch `StatefulSet`, the `default-storageclass` and `storage-provisioner` minikube addons must be enabled. + +``` +minikube addons enable default-storageclass +minikube addons enable storage-provisioner +cd examples/minikube +make +``` + +Note that if `helm` or `kubectl` timeouts occur, you may consider creating a minikube VM with more CPU cores or memory allocated. + +#### Docker for Mac - Kubernetes + +It is also possible to run this chart with the built in Kubernetes cluster that comes with [docker-for-mac](https://docs.docker.com/docker-for-mac/kubernetes/). + +``` +cd examples/docker-for-mac +make +``` + +## Clustering and Node Discovery + +This chart facilitates Elasticsearch node discovery and services by creating two `Service` definitions in Kubernetes, one with the name `$clusterName-$nodeGroup` and another named `$clusterName-$nodeGroup-headless`. +Only `Ready` pods are a part of the `$clusterName-$nodeGroup` service, while all pods (`Ready` or not) are a part of `$clusterName-$nodeGroup-headless`. + +If your group of master nodes has the default `nodeGroup: master` then you can just add new groups of nodes with a different `nodeGroup` and they will automatically discover the correct master. If your master nodes have a different `nodeGroup` name then you will need to set `masterService` to `$clusterName-$masterNodeGroup`. + +The chart value for `masterService` is used to populate `discovery.zen.ping.unicast.hosts`, which Elasticsearch nodes will use to contact master nodes and form a cluster. +Therefore, to add a group of nodes to an existing cluster, setting `masterService` to the desired `Service` name of the related cluster is sufficient. + +For an example of deploying both a group master nodes and data nodes using multiple releases of this chart, see the accompanying values files in `examples/multi`. + +## Testing + +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](../requirements.txt) in the parent directory. + +``` +pip install -r ../requirements.txt +make pytest +``` + +You can also use `helm template` to look at the YAML being generated + +``` +make template +``` + +It is possible to run all of the tests and linting inside of a docker container + +``` +make test +``` + +## Integration Testing + +Integration tests are run using [goss](https://github.com/aelsabbahy/goss/blob/master/docs/manual.md) which is a serverspec like tool written in golang. See [goss.yaml](examples/default/test/goss.yaml) for an example of what the tests look like. + +To run the goss tests against the default example: + +``` +cd examples/default +make goss +``` diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/Makefile new file mode 100755 index 00000000..2c3811c7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/Makefile @@ -0,0 +1,15 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-es-six + +install: + helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ ; \ + +restart: + helm upgrade --set terminationGracePeriod=121 --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ ; \ + +test: install goss + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/test/goss.yaml new file mode 100755 index 00000000..cf6ea420 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/test/goss.yaml @@ -0,0 +1,17 @@ +http: + http://localhost:9200/_cluster/health: + status: 200 + timeout: 2000 + body: + - 'green' + - '"number_of_nodes":3' + - '"number_of_data_nodes":3' + + http://localhost:9200: + status: 200 + timeout: 2000 + body: + - '"number" : "6.8.1"' + - '"cluster_name" : "six"' + - '"name" : "six-master-0"' + - 'You Know, for Search' diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/values.yaml new file mode 100755 index 00000000..52033548 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/6.x/values.yaml @@ -0,0 +1,4 @@ +--- + +clusterName: "six" +imageTag: "6.8.1" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/Makefile new file mode 100755 index 00000000..bb309b5f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/Makefile @@ -0,0 +1,16 @@ +default: test + +include ../../../helpers/examples.mk + +RELEASE := helm-es-default + +install: + helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ ; \ + +restart: + helm upgrade --set terminationGracePeriod=121 --wait --timeout=600 --install $(RELEASE) ../../ ; \ + +test: install goss + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/rolling_upgrade.sh b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/rolling_upgrade.sh new file mode 100755 index 00000000..c5a2a887 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/rolling_upgrade.sh @@ -0,0 +1,19 @@ +#!/usr/bin/env bash -x + +kubectl proxy || true & + +make & +PROC_ID=$! + +while kill -0 "$PROC_ID" >/dev/null 2>&1; do + echo "PROCESS IS RUNNING" + if curl --fail 'http://localhost:8001/api/v1/proxy/namespaces/default/services/elasticsearch-master:9200/_search' ; then + echo "cluster is healthy" + else + echo "cluster not healthy!" + exit 1 + fi + sleep 1 +done +echo "PROCESS TERMINATED" +exit 0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/test/goss.yaml new file mode 100755 index 00000000..d2c59dd7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/default/test/goss.yaml @@ -0,0 +1,39 @@ +kernel-param: + vm.max_map_count: + value: '262144' + +http: + http://elasticsearch-master:9200/_cluster/health: + status: 200 + timeout: 2000 + body: + - 'green' + - '"number_of_nodes":3' + - '"number_of_data_nodes":3' + + http://localhost:9200: + status: 200 + timeout: 2000 + body: + - '"number" : "7.3.0"' + - '"cluster_name" : "elasticsearch"' + - '"name" : "elasticsearch-master-0"' + - 'You Know, for Search' + +file: + /usr/share/elasticsearch/data: + exists: true + mode: "2775" + owner: root + group: elasticsearch + filetype: directory + +mount: + /usr/share/elasticsearch/data: + exists: true + +user: + elasticsearch: + exists: true + uid: 1000 + gid: 1000 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/Makefile new file mode 100755 index 00000000..398545e6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/Makefile @@ -0,0 +1,12 @@ +default: test + +RELEASE := helm-es-docker-for-mac + +install: + helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ + +test: install + helm test $(RELEASE) + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/values.yaml new file mode 100755 index 00000000..f7deba66 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/docker-for-mac/values.yaml @@ -0,0 +1,23 @@ +--- +# Permit co-located instances for solitary minikube virtual machines. +antiAffinity: "soft" + +# Shrink default JVM heap. +esJavaOpts: "-Xmx128m -Xms128m" + +# Allocate smaller chunks of memory per pod. +resources: + requests: + cpu: "100m" + memory: "512M" + limits: + cpu: "1000m" + memory: "512M" + +# Request smaller persistent volumes. +volumeClaimTemplate: + accessModes: [ "ReadWriteOnce" ] + storageClassName: "hostpath" + resources: + requests: + storage: 100M diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/Makefile new file mode 100755 index 00000000..3b1dac10 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/Makefile @@ -0,0 +1,10 @@ +PREFIX := helm-es-migration + +data: + helm upgrade --wait --timeout=600 --install --values ./data.yml $(PREFIX)-data ../../ + +master: + helm upgrade --wait --timeout=600 --install --values ./master.yml $(PREFIX)-master ../../ + +client: + helm upgrade --wait --timeout=600 --install --values ./client.yml $(PREFIX)-client ../../ diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/README.md b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/README.md new file mode 100755 index 00000000..e5f4b1a7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/README.md @@ -0,0 +1,86 @@ +# Migration Guide from helm/charts + +There are two viable options for migrating from the community Elasticsearch helm chart from the [helm/charts](https://github.com/helm/charts/tree/master/stable/elasticsearch) repo. + +1. Restoring from Snapshot to a fresh cluster +2. Live migration by joining a new cluster to the existing cluster. + +## Restoring from Snapshot + +This is the recommended and preferred option. The downside is that it will involve a period of write downtime during the migration. If you have a way to temporarily stop writes to your cluster then this is the way to go. This is also a lot simpler as it just involves launching a fresh cluster and restoring a snapshot following the [restoring to a different cluster guide](https://www.elastic.co/guide/en/elasticsearch/reference/6.6/modules-snapshots.html#_restoring_to_a_different_cluster). + +## Live migration + +If restoring from a snapshot is not possible due to the write downtime then a live migration is also possible. It is very important to first test this in a testing environment to make sure you are comfortable with the process and fully understand what is happening. + +This process will involve joining a new set of master, data and client nodes to an existing cluster that has been deployed using the [helm/charts](https://github.com/helm/charts/tree/master/stable/elasticsearch) community chart. Nodes will then be replaced one by one in a controlled fashion to decommission the old cluster. + +This example will be using the default values for the existing helm/charts release and for the elastic helm-charts release. If you have changed any of the default values then you will need to first make sure that your values are configured in a compatible way before starting the migration. + +The process will involve a re-sync and a rolling restart of all of your data nodes. Therefore it is important to disable shard allocation and perform a synced flush like you normally would during any other rolling upgrade. See the [rolling upgrades guide](https://www.elastic.co/guide/en/elasticsearch/reference/6.6/rolling-upgrades.html) for more information. + +* The default image for this chart is `docker.elastic.co/elasticsearch/elasticsearch` which contains the default distribution of Elasticsearch with a [basic license](https://www.elastic.co/subscriptions). Make sure to update the `image` and `imageTag` values to the correct Docker image and Elasticsearch version that you currently have deployed. +* Convert your current helm/charts configuration into something that is compatible with this chart. +* Take a fresh snapshot of your cluster. If something goes wrong you want to be able to restore your data no matter what. +* Check that your clusters health is green. If not abort and make sure your cluster is healthy before continuing. + ``` + curl localhost:9200/_cluster/health + ``` +* Deploy new data nodes which will join the existing cluster. Take a look at the configuration in [data.yml](./data.yml) + ``` + make data + ``` +* Check that the new nodes have joined the cluster (run this and any other curl commands from within one of your pods). + ``` + curl localhost:9200/_cat/nodes + ``` +* Check that your cluster is still green. If so we can now start to scale down the existing data nodes. Assuming you have the default amount of data nodes (2) we now want to scale it down to 1. + ``` + kubectl scale statefulsets my-release-elasticsearch-data --replicas=1 + ``` +* Wait for your cluster to become green again + ``` + watch 'curl -s localhost:9200/_cluster/health' + ``` +* Once the cluster is green we can scale down again. + ``` + kubectl scale statefulsets my-release-elasticsearch-data --replicas=0 + ``` +* Wait for the cluster to be green again. +* OK. We now have all data nodes running in the new cluster. Time to replace the masters by firstly scaling down the masters from 3 to 2. Between each step make sure to wait for the cluster to become green again, and check with `curl localhost:9200/_cat/nodes` that you see the correct amount of master nodes. During this process we will always make sure to keep at least 2 master nodes as to not lose quorum. + ``` + kubectl scale statefulsets my-release-elasticsearch-master --replicas=2 + ``` +* Now deploy a single new master so that we have 3 masters again. See [master.yml](./master.yml) for the configuration. + ``` + make master + ``` +* Scale down old masters to 1 + ``` + kubectl scale statefulsets my-release-elasticsearch-master --replicas=1 + ``` +* Edit the masters in [masters.yml](./masters.yml) to 2 and redeploy + ``` + make master + ``` +* Scale down the old masters to 0 + ``` + kubectl scale statefulsets my-release-elasticsearch-master --replicas=0 + ``` +* Edit the [masters.yml](./masters.yml) to have 3 replicas and remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the masters. This will make sure all 3 masters are running in the new cluster and are pointing at each other for discovery. + ``` + make master + ``` +* Remove the `discovery.zen.ping.unicast.hosts` entry from `extraEnvs` then redeploy the data nodes to make sure they are pointing at the new masters. + ``` + make data + ``` +* Deploy the client nodes + ``` + make client + ``` +* Update any processes that are talking to the existing client nodes and point them to the new client nodes. Once this is done you can scale down the old client nodes + ``` + kubectl scale deployment my-release-elasticsearch-client --replicas=0 + ``` +* The migration should now be complete. After verifying that everything is working correctly you can cleanup leftover resources from your old cluster. diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/client.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/client.yml new file mode 100755 index 00000000..30ee700e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/client.yml @@ -0,0 +1,23 @@ +--- + +replicas: 2 + +clusterName: "elasticsearch" +nodeGroup: "client" + +esMajorVersion: 6 + +roles: + master: "false" + ingest: "false" + data: "false" + +volumeClaimTemplate: + accessModes: [ "ReadWriteOnce" ] + storageClassName: "standard" + resources: + requests: + storage: 1Gi # Currently needed till pvcs are made optional + +persistence: + enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/data.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/data.yml new file mode 100755 index 00000000..eedcbb06 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/data.yml @@ -0,0 +1,17 @@ +--- + +replicas: 2 + +esMajorVersion: 6 + +extraEnvs: + - name: discovery.zen.ping.unicast.hosts + value: "my-release-elasticsearch-discovery" + +clusterName: "elasticsearch" +nodeGroup: "data" + +roles: + master: "false" + ingest: "false" + data: "true" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/master.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/master.yml new file mode 100755 index 00000000..3e3a2f17 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/migration/master.yml @@ -0,0 +1,26 @@ +--- + +# Temporarily set to 3 so we can scale up/down the old a new cluster +# one at a time whilst always keeping 3 masters running +replicas: 1 + +esMajorVersion: 6 + +extraEnvs: + - name: discovery.zen.ping.unicast.hosts + value: "my-release-elasticsearch-discovery" + +clusterName: "elasticsearch" +nodeGroup: "master" + +roles: + master: "true" + ingest: "false" + data: "false" + +volumeClaimTemplate: + accessModes: [ "ReadWriteOnce" ] + storageClassName: "standard" + resources: + requests: + storage: 4Gi diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/Makefile new file mode 100755 index 00000000..97109ce8 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/Makefile @@ -0,0 +1,12 @@ +default: test + +RELEASE := helm-es-minikube + +install: + helm upgrade --wait --timeout=900 --install --values values.yaml $(RELEASE) ../../ + +test: install + helm test $(RELEASE) + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/values.yaml new file mode 100755 index 00000000..ccceb3a2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/minikube/values.yaml @@ -0,0 +1,23 @@ +--- +# Permit co-located instances for solitary minikube virtual machines. +antiAffinity: "soft" + +# Shrink default JVM heap. +esJavaOpts: "-Xmx128m -Xms128m" + +# Allocate smaller chunks of memory per pod. +resources: + requests: + cpu: "100m" + memory: "512M" + limits: + cpu: "1000m" + memory: "512M" + +# Request smaller persistent volumes. +volumeClaimTemplate: + accessModes: [ "ReadWriteOnce" ] + storageClassName: "standard" + resources: + requests: + storage: 100M diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/Makefile new file mode 100755 index 00000000..836ec2e0 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/Makefile @@ -0,0 +1,16 @@ +default: test + +include ../../../helpers/examples.mk + +PREFIX := helm-es-multi +RELEASE := helm-es-multi-master + +install: + helm upgrade --wait --timeout=600 --install --values ./master.yml $(PREFIX)-master ../../ + helm upgrade --wait --timeout=600 --install --values ./data.yml $(PREFIX)-data ../../ + +test: install goss + +purge: + helm del --purge $(PREFIX)-master + helm del --purge $(PREFIX)-data diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/data.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/data.yml new file mode 100755 index 00000000..ecc68933 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/data.yml @@ -0,0 +1,9 @@ +--- + +clusterName: "multi" +nodeGroup: "data" + +roles: + master: "false" + ingest: "true" + data: "true" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/master.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/master.yml new file mode 100755 index 00000000..2ca4cca8 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/master.yml @@ -0,0 +1,9 @@ +--- + +clusterName: "multi" +nodeGroup: "master" + +roles: + master: "true" + ingest: "false" + data: "false" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/test/goss.yaml new file mode 100755 index 00000000..18cb2506 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/multi/test/goss.yaml @@ -0,0 +1,9 @@ +http: + http://localhost:9200/_cluster/health: + status: 200 + timeout: 2000 + body: + - 'green' + - '"cluster_name":"multi"' + - '"number_of_nodes":6' + - '"number_of_data_nodes":3' diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/Makefile new file mode 100755 index 00000000..869e9158 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/Makefile @@ -0,0 +1,12 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-es-oss + +install: + helm upgrade --wait --timeout=600 --install $(RELEASE) --values ./values.yaml ../../ ; \ + +test: install goss + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/test/goss.yaml new file mode 100755 index 00000000..769a6687 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/test/goss.yaml @@ -0,0 +1,17 @@ +http: + http://localhost:9200/_cluster/health: + status: 200 + timeout: 2000 + body: + - 'green' + - '"number_of_nodes":3' + - '"number_of_data_nodes":3' + + http://localhost:9200: + status: 200 + timeout: 2000 + body: + - '"number" : "7.3.0"' + - '"cluster_name" : "oss"' + - '"name" : "oss-master-0"' + - 'You Know, for Search' diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/values.yaml new file mode 100755 index 00000000..adcb7df3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/oss/values.yaml @@ -0,0 +1,4 @@ +--- + +clusterName: "oss" +image: "docker.elastic.co/elasticsearch/elasticsearch-oss" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/Makefile new file mode 100755 index 00000000..827bdc56 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/Makefile @@ -0,0 +1,31 @@ +default: test + +include ../../../helpers/examples.mk + +RELEASE := helm-es-security + +install: + helm upgrade --wait --timeout=600 --install --values ./security.yml $(RELEASE) ../../ ; \ + +purge: + kubectl delete secrets elastic-credentials elastic-certificates elastic-certificate-pem || true + helm del --purge $(RELEASE) + +test: secrets install goss + +secrets: + docker rm -f elastic-helm-charts-certs || true + rm -f elastic-certificates.p12 elastic-certificate.pem elastic-stack-ca.p12 || true + password=$$([ ! -z "$$ELASTIC_PASSWORD" ] && echo $$ELASTIC_PASSWORD || echo $$(docker run --rm docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) /bin/sh -c "< /dev/urandom tr -cd '[:alnum:]' | head -c20")) && \ + docker run --name elastic-helm-charts-certs -i -w /app \ + docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) \ + /bin/sh -c " \ + elasticsearch-certutil ca --out /app/elastic-stack-ca.p12 --pass '' && \ + elasticsearch-certutil cert --name security-master --ca /app/elastic-stack-ca.p12 --pass '' --ca-pass '' --out /app/elastic-certificates.p12" && \ + docker cp elastic-helm-charts-certs:/app/elastic-certificates.p12 ./ && \ + docker rm -f elastic-helm-charts-certs && \ + openssl pkcs12 -nodes -passin pass:'' -in elastic-certificates.p12 -out elastic-certificate.pem && \ + kubectl create secret generic elastic-certificates --from-file=elastic-certificates.p12 && \ + kubectl create secret generic elastic-certificate-pem --from-file=elastic-certificate.pem && \ + kubectl create secret generic elastic-credentials --from-literal=password=$$password --from-literal=username=elastic && \ + rm -f elastic-certificates.p12 elastic-certificate.pem elastic-stack-ca.p12 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml new file mode 100755 index 00000000..04d932ca --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/security.yml @@ -0,0 +1,38 @@ +--- +clusterName: "security" +nodeGroup: "master" + +roles: + master: "true" + ingest: "true" + data: "true" + +protocol: https + +esConfig: + elasticsearch.yml: | + xpack.security.enabled: true + xpack.security.transport.ssl.enabled: true + xpack.security.transport.ssl.verification_mode: certificate + xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 + xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 + xpack.security.http.ssl.enabled: true + xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 + xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12 + +extraEnvs: + - name: ELASTIC_PASSWORD + valueFrom: + secretKeyRef: + name: elastic-credentials + key: password + - name: ELASTIC_USERNAME + valueFrom: + secretKeyRef: + name: elastic-credentials + key: username + +secretMounts: + - name: elastic-certificates + secretName: elastic-certificates + path: /usr/share/elasticsearch/config/certs diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/test/goss.yaml new file mode 100755 index 00000000..c6d4b987 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/security/test/goss.yaml @@ -0,0 +1,45 @@ +http: + https://security-master:9200/_cluster/health: + status: 200 + timeout: 2000 + allow-insecure: true + username: '{{ .Env.ELASTIC_USERNAME }}' + password: '{{ .Env.ELASTIC_PASSWORD }}' + body: + - 'green' + - '"number_of_nodes":3' + - '"number_of_data_nodes":3' + + https://localhost:9200/: + status: 200 + timeout: 2000 + allow-insecure: true + username: '{{ .Env.ELASTIC_USERNAME }}' + password: '{{ .Env.ELASTIC_PASSWORD }}' + body: + - '"cluster_name" : "security"' + - '"name" : "security-master-0"' + - 'You Know, for Search' + + https://localhost:9200/_xpack/license: + status: 200 + timeout: 2000 + allow-insecure: true + username: '{{ .Env.ELASTIC_USERNAME }}' + password: '{{ .Env.ELASTIC_PASSWORD }}' + body: + - 'active' + - 'basic' + +file: + /usr/share/elasticsearch/config/elasticsearch.yml: + exists: true + contains: + - 'xpack.security.enabled: true' + - 'xpack.security.transport.ssl.enabled: true' + - 'xpack.security.transport.ssl.verification_mode: certificate' + - 'xpack.security.transport.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' + - 'xpack.security.transport.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' + - 'xpack.security.http.ssl.enabled: true' + - 'xpack.security.http.ssl.truststore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' + - 'xpack.security.http.ssl.keystore.path: /usr/share/elasticsearch/config/certs/elastic-certificates.p12' diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/Makefile new file mode 100755 index 00000000..9e1e6fd5 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/Makefile @@ -0,0 +1,25 @@ +default: test + +include ../../../helpers/examples.mk + +RELEASE := helm-es-upgrade + +# Right now the version is hardcoded because helm install will ignore +# anything with an alpha tag when trying to install the latest release +# This hardcoding can be removed once we drop the alpha tag +# The "--set terminationGracePeriod=121" always makes sure that a rolling +# upgrade is forced for this test +install: + helm repo add elastic https://helm.elastic.co && \ + helm upgrade --wait --timeout=600 --install $(RELEASE) elastic/elasticsearch --version 7.0.0-alpha1 --set clusterName=upgrade ; \ + kubectl rollout status sts/upgrade-master --timeout=600s + helm upgrade --wait --timeout=600 --set terminationGracePeriod=121 --install $(RELEASE) ../../ --set clusterName=upgrade ; \ + kubectl rollout status sts/upgrade-master --timeout=600s + +init: + helm init --client-only + +test: init install goss + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/test/goss.yaml new file mode 100755 index 00000000..ac71ba34 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/examples/upgrade/test/goss.yaml @@ -0,0 +1,17 @@ +http: + http://localhost:9200/_cluster/health: + status: 200 + timeout: 2000 + body: + - 'green' + - '"number_of_nodes":3' + - '"number_of_data_nodes":3' + + http://localhost:9200: + status: 200 + timeout: 2000 + body: + - '"number" : "7.3.0"' + - '"cluster_name" : "upgrade"' + - '"name" : "upgrade-master-0"' + - 'You Know, for Search' diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/_helpers.tpl b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/_helpers.tpl new file mode 100755 index 00000000..10369265 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/_helpers.tpl @@ -0,0 +1,65 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Chart.Name .Values.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "uname" -}} +{{ .Values.clusterName }}-{{ .Values.nodeGroup }} +{{- end -}} + +{{- define "masterService" -}} +{{- if empty .Values.masterService -}} +{{ .Values.clusterName }}-master +{{- else -}} +{{ .Values.masterService }} +{{- end -}} +{{- end -}} + +{{- define "endpoints" -}} +{{- $replicas := .replicas | int }} +{{- $uname := printf "%s-%s" .clusterName .nodeGroup }} + {{- range $i, $e := untilStep 0 $replicas 1 -}} +{{ $uname }}-{{ $i }}, + {{- end -}} +{{- end -}} + +{{- define "esMajorVersion" -}} +{{- if .Values.esMajorVersion -}} +{{ .Values.esMajorVersion }} +{{- else -}} +{{- $version := int (index (.Values.imageTag | splitList ".") 0) -}} + {{- if and (contains "docker.elastic.co/elasticsearch/elasticsearch" .Values.image) (not (eq $version 0)) -}} +{{ $version }} + {{- else -}} +7 + {{- end -}} +{{- end -}} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/configmap.yaml new file mode 100755 index 00000000..e459048d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/configmap.yaml @@ -0,0 +1,32 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +{{- if .Values.esConfig }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "uname" . }}-config + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: "{{ template "uname" . }}" +data: +{{- range $path, $config := .Values.esConfig }} + {{ $path }}: | +{{ $config | indent 4 -}} +{{- end -}} +{{- end -}} diff --git a/ric-platform/50-RIC-Platform/helm/dbaas/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/ingress.yaml old mode 100644 new mode 100755 similarity index 59% rename from ric-platform/50-RIC-Platform/helm/dbaas/templates/service.yaml rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/ingress.yaml index af290b79..47d0b726 --- a/ric-platform/50-RIC-Platform/helm/dbaas/templates/service.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/ingress.yaml @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -15,22 +14,41 @@ # limitations under the License. # ################################################################################ -apiVersion: v1 -kind: Service +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "uname" . -}} +{{- $servicePort := .Values.httpPort -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress metadata: - name: {{ include "common.servicename.dbaas.tcp" . }} - namespace: {{ include "common.namespace.platform" . }} + name: {{ $fullName }} labels: - app: {{ include "common.namespace.platform" . }}-{{ include "common.name.dbaas" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + app: {{ .Chart.Name }} release: {{ .Release.Name }} - heritage: {{ .Release.Service }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: - selector: - app: {{ include "common.namespace.platform" . }}-{{ include "common.name.dbaas" . }} - release: {{ .Release.Name }} - ports: - - port: {{ include "common.serviceport.dbaas.tcp" . }} - targetPort: "sql" - protocol: "TCP" - name: "sql" +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/poddisruptionbudget.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/poddisruptionbudget.yaml new file mode 100755 index 00000000..33e5f1c8 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/poddisruptionbudget.yaml @@ -0,0 +1,28 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +--- +{{- if .Values.maxUnavailable }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: "{{ template "uname" . }}-pdb" +spec: + maxUnavailable: {{ .Values.maxUnavailable }} + selector: + matchLabels: + app: "{{ template "uname" . }}" +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/service.yaml new file mode 100755 index 00000000..9c9e527a --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/service.yaml @@ -0,0 +1,68 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +--- +kind: Service +apiVersion: v1 +metadata: + name: {{ template "uname" . }} + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: "{{ template "uname" . }}" + annotations: +{{ toYaml .Values.service.annotations | indent 4 }} +spec: + type: {{ .Values.service.type }} + selector: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: "{{ template "uname" . }}" + ports: + - name: http + protocol: TCP + port: {{ .Values.httpPort }} +{{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} +{{- end }} + - name: transport + protocol: TCP + port: {{ .Values.transportPort }} +--- +kind: Service +apiVersion: v1 +metadata: + name: {{ template "uname" . }}-headless + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: "{{ template "uname" . }}" + annotations: + service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" +spec: + clusterIP: None # This is needed for statefulset hostnames like elasticsearch-0 to resolve + # Create endpoints also if the related pod isn't ready + publishNotReadyAddresses: true + selector: + app: "{{ template "uname" . }}" + ports: + - name: http + port: {{ .Values.httpPort }} + - name: transport + port: {{ .Values.transportPort }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/statefulset.yaml new file mode 100755 index 00000000..6a7790ae --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/statefulset.yaml @@ -0,0 +1,310 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +--- +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ template "uname" . }} + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: "{{ template "uname" . }}" + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + annotations: + esMajorVersion: "{{ include "esMajorVersion" . }}" +spec: + serviceName: {{ template "uname" . }}-headless + selector: + matchLabels: + app: "{{ template "uname" . }}" + replicas: {{ default .Values.replicas }} + podManagementPolicy: {{ .Values.podManagementPolicy }} + updateStrategy: + type: {{ .Values.updateStrategy }} + {{- if .Values.persistence.enabled }} + volumeClaimTemplates: + - metadata: + name: {{ template "uname" . }} + {{- with .Values.persistence.annotations }} + annotations: +{{ toYaml . | indent 8 }} + {{- end }} + spec: +{{ toYaml .Values.volumeClaimTemplate | indent 6 }} + {{- end }} + template: + metadata: + name: "{{ template "uname" . }}" + labels: + heritage: {{ .Release.Service | quote }} + release: {{ .Release.Name | quote }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + app: "{{ template "uname" . }}" + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{/* This forces a restart if the configmap has changed */}} + {{- if .Values.esConfig }} + configchecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} + {{- end }} + spec: + {{- if .Values.schedulerName }} + schedulerName: "{{ .Values.schedulerName }}" + {{- end }} + securityContext: +{{ toYaml .Values.podSecurityContext | indent 8 }} + {{- if .Values.fsGroup }} + fsGroup: {{ .Values.fsGroup }} # Deprecated value, please use .Values.podSecurityContext.fsGroup + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 6 }} + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if or (eq .Values.antiAffinity "hard") (eq .Values.antiAffinity "soft") .Values.nodeAffinity }} + {{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} + {{- end }} + affinity: + {{- end }} + {{- if eq .Values.antiAffinity "hard" }} + podAntiAffinity: + requiredDuringSchedulingIgnoredDuringExecution: + - labelSelector: + matchExpressions: + - key: app + operator: In + values: + - "{{ template "uname" .}}" + topologyKey: {{ .Values.antiAffinityTopologyKey }} + {{- else if eq .Values.antiAffinity "soft" }} + podAntiAffinity: + preferredDuringSchedulingIgnoredDuringExecution: + - weight: 1 + podAffinityTerm: + topologyKey: {{ .Values.antiAffinityTopologyKey }} + labelSelector: + matchExpressions: + - key: app + operator: In + values: + - "{{ template "uname" . }}" + {{- end }} + {{- with .Values.nodeAffinity }} + nodeAffinity: +{{ toYaml . | indent 10 }} + {{- end }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriod }} + volumes: + {{- range .Values.secretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + {{- if .Values.esConfig }} + - name: esconfig + configMap: + name: {{ template "uname" . }}-config + {{- end }} + {{- if .Values.extraVolumes }} +{{ tpl .Values.extraVolumes . | indent 6 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + initContainers: + {{- if .Values.sysctlInitContainer.enabled }} + - name: configure-sysctl + securityContext: + runAsUser: 0 + privileged: true + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + command: ["sysctl", "-w", "vm.max_map_count={{ .Values.sysctlVmMaxMapCount}}"] + resources: +{{ toYaml .Values.initResources | indent 10 }} + {{- end }} + {{- if .Values.extraInitContainers }} +{{ tpl .Values.extraInitContainers . | indent 6 }} + {{- end }} + containers: + - name: "{{ template "name" . }}" + securityContext: +{{ toYaml .Values.securityContext | indent 10 }} + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 10 }} + exec: + command: + - sh + - -c + - | + #!/usr/bin/env bash -e + # If the node is starting up wait for the cluster to be ready (request params: '{{ .Values.clusterHealthCheckParams }}' ) + # Once it has started only check that the node itself is responding + START_FILE=/tmp/.es_start_file + + http () { + local path="${1}" + if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then + BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" + else + BASIC_AUTH='' + fi + curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://127.0.0.1:{{ .Values.httpPort }}${path} + } + + if [ -f "${START_FILE}" ]; then + echo 'Elasticsearch is already running, lets check the node is healthy' + http "/" + else + echo 'Waiting for elasticsearch cluster to become cluster to be ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' + if http "/_cluster/health?{{ .Values.clusterHealthCheckParams }}" ; then + touch ${START_FILE} + exit 0 + else + echo 'Cluster is not yet ready (request params: "{{ .Values.clusterHealthCheckParams }}" )' + exit 1 + fi + fi + ports: + - name: http + containerPort: {{ .Values.httpPort }} + - name: transport + containerPort: {{ .Values.transportPort }} + resources: +{{ toYaml .Values.resources | indent 10 }} + env: + - name: node.name + valueFrom: + fieldRef: + fieldPath: metadata.name + {{- if eq .Values.roles.master "true" }} + {{- if ge (int (include "esMajorVersion" .)) 7 }} + - name: cluster.initial_master_nodes + value: "{{ template "endpoints" .Values }}" + {{- else }} + - name: discovery.zen.minimum_master_nodes + value: "{{ .Values.minimumMasterNodes }}" + {{- end }} + {{- end }} + {{- if lt (int (include "esMajorVersion" .)) 7 }} + - name: discovery.zen.ping.unicast.hosts + value: "{{ template "masterService" . }}-headless" + {{- else }} + - name: discovery.seed_hosts + value: "{{ template "masterService" . }}-headless" + {{- end }} + - name: cluster.name + value: "{{ .Values.clusterName }}" + - name: network.host + value: "{{ .Values.networkHost }}" + - name: ES_JAVA_OPTS + value: "{{ .Values.esJavaOpts }}" + {{- range $role, $enabled := .Values.roles }} + - name: node.{{ $role }} + value: "{{ $enabled }}" + {{- end }} +{{- if .Values.extraEnvs }} +{{ toYaml .Values.extraEnvs | indent 10 }} +{{- end }} + volumeMounts: + {{- if .Values.persistence.enabled }} + - name: "{{ template "uname" . }}" + mountPath: /usr/share/elasticsearch/data + {{- end }} + {{- range .Values.secretMounts }} + - name: {{ .name }} + mountPath: {{ .path }} + {{- if .subPath }} + subPath: {{ .subPath }} + {{- end }} + {{- end }} + {{- range $path, $config := .Values.esConfig }} + - name: esconfig + mountPath: /usr/share/elasticsearch/config/{{ $path }} + subPath: {{ $path }} + {{- end -}} + {{- if .Values.extraVolumeMounts }} +{{ tpl .Values.extraVolumeMounts . | indent 10 }} + {{- end }} + {{- if .Values.masterTerminationFix }} + {{- if eq .Values.roles.master "true" }} + # This sidecar will prevent slow master re-election + # https://github.com/elastic/helm-charts/issues/63 + - name: elasticsearch-master-graceful-termination-handler + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + command: + - "sh" + - -c + - | + #!/usr/bin/env bash + set -eo pipefail + + http () { + local path="${1}" + if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then + BASIC_AUTH="-u ${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" + else + BASIC_AUTH='' + fi + curl -XGET -s -k --fail ${BASIC_AUTH} {{ .Values.protocol }}://{{ template "masterService" . }}:{{ .Values.httpPort }}${path} + } + + cleanup () { + while true ; do + local master="$(http "/_cat/master?h=node" || echo "")" + if [[ $master == "{{ template "masterService" . }}"* && $master != "${NODE_NAME}" ]]; then + echo "This node is not master." + break + fi + echo "This node is still master, waiting gracefully for it to step down" + sleep 1 + done + + exit 0 + } + + trap cleanup SIGTERM + + sleep infinity & + wait $! + resources: +{{ toYaml .Values.sidecarResources | indent 10 }} + env: + - name: NODE_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + {{- if .Values.extraEnvs }} +{{ toYaml .Values.extraEnvs | indent 10 }} + {{- end }} + {{- end }} + {{- end }} +{{- if .Values.lifecycle }} + lifecycle: +{{ toYaml .Values.lifecycle | indent 10 }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml new file mode 100755 index 00000000..c861e047 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/templates/test/test-elasticsearch-health.yaml @@ -0,0 +1,34 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +--- +apiVersion: v1 +kind: Pod +metadata: + name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" + annotations: + "helm.sh/hook": test-success +spec: + containers: + - name: "{{ .Release.Name }}-{{ randAlpha 5 | lower }}-test" + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + command: + - "sh" + - "-c" + - | + #!/usr/bin/env bash -e + curl -XGET --fail '{{ template "uname" . }}:{{ .Values.httpPort }}/_cluster/health?{{ .Values.clusterHealthCheckParams }}' + restartPolicy: Never diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/values.yaml new file mode 100755 index 00000000..a1276593 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/elasticsearch/values.yaml @@ -0,0 +1,228 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +--- +clusterName: "elasticsearch" +nodeGroup: "master" + +# The service that non master groups will try to connect to when joining the cluster +# This should be set to clusterName + "-" + nodeGroup for your master group +masterService: "" + +# Elasticsearch roles that will be applied to this nodeGroup +# These will be set as environment variables. E.g. node.master=true +roles: + master: "true" + ingest: "true" + data: "true" + +replicas: 1 +minimumMasterNodes: 1 + +esMajorVersion: "" + +# Allows you to add any config files in /usr/share/elasticsearch/config/ +# such as elasticsearch.yml and log4j2.properties +esConfig: {} +# elasticsearch.yml: | +# key: +# nestedkey: value +# log4j2.properties: | +# key = value + +# Extra environment variables to append to this nodeGroup +# This will be appended to the current 'env:' key. You can use any of the kubernetes env +# syntax here +extraEnvs: [] +# - name: MY_ENVIRONMENT_VAR +# value: the_value_goes_here + +# A list of secrets and their paths to mount inside the pod +# This is useful for mounting certificates for security and for mounting +# the X-Pack license +secretMounts: [] +# - name: elastic-certificates +# secretName: elastic-certificates +# path: /usr/share/elasticsearch/config/certs + +image: "docker.elastic.co/elasticsearch/elasticsearch" +imageTag: "7.3.0" +imagePullPolicy: "IfNotPresent" + +podAnnotations: {} + # iam.amazonaws.com/role: es-cluster + +# additionals labels +labels: {} + +esJavaOpts: "-Xmx1g -Xms1g" + +resources: + requests: + cpu: "100m" + memory: "2Gi" + limits: + cpu: "1000m" + memory: "2Gi" + +initResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" + +sidecarResources: {} + # limits: + # cpu: "25m" + # # memory: "128Mi" + # requests: + # cpu: "25m" + # memory: "128Mi" + +networkHost: "0.0.0.0" + +volumeClaimTemplate: + accessModes: [ "ReadWriteOnce" ] + resources: + requests: + storage: 30Gi + +persistence: + enabled: false + annotations: {} + +extraVolumes: [] + # - name: extras + # emptyDir: {} + +extraVolumeMounts: [] + # - name: extras + # mountPath: /usr/share/extras + # readOnly: true + +extraInitContainers: [] + # - name: do-something + # image: busybox + # command: ['do', 'something'] + +# This is the PriorityClass settings as defined in +# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +priorityClassName: "" + +# By default this will make sure two pods don't end up on the same node +# Changing this to a region would allow you to spread pods across regions +antiAffinityTopologyKey: "kubernetes.io/hostname" + +# Hard means that by default pods will only be scheduled if there are enough nodes for them +# and that they will never end up on the same node. Setting this to soft will do this "best effort" +antiAffinity: "hard" + +# This is the node affinity settings as defined in +# https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#node-affinity-beta-feature +nodeAffinity: {} + +# The default is to deploy all pods serially. By setting this to parallel all pods are started at +# the same time when bootstrapping the cluster +podManagementPolicy: "Parallel" + +protocol: http +httpPort: 9200 +transportPort: 9300 + +service: + type: ClusterIP + nodePort: + annotations: {} + +updateStrategy: RollingUpdate + +# This is the max unavailable setting for the pod disruption budget +# The default value of 1 will make sure that kubernetes won't allow more than 1 +# of your pods to be unavailable during maintenance +maxUnavailable: 1 + +podSecurityContext: + fsGroup: 1000 + +# The following value is deprecated, +# please use the above podSecurityContext.fsGroup instead +fsGroup: "" + +securityContext: + capabilities: + drop: + - ALL + # readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + +# How long to wait for elasticsearch to stop gracefully +terminationGracePeriod: 120 + +sysctlVmMaxMapCount: 262144 + +readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + +# https://www.elastic.co/guide/en/elasticsearch/reference/current/cluster-health.html#request-params wait_for_status +clusterHealthCheckParams: "wait_for_status=green&timeout=1s" + +## Use an alternate scheduler. +## ref: https://kubernetes.io/docs/tasks/administer-cluster/configure-multiple-schedulers/ +## +schedulerName: "" + +imagePullSecrets: [] +nodeSelector: {} +tolerations: [] + +# Enabling this will publically expose your Elasticsearch instance. +# Only enable this if you have security enabled on your cluster +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +nameOverride: "" +fullnameOverride: "" + +# https://github.com/elastic/helm-charts/issues/63 +masterTerminationFix: false + +lifecycle: {} + # preStop: + # exec: + # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] + # postStart: + # exec: + # command: ["/bin/sh", "-c", "echo Hello from the postStart handler > /usr/share/message"] + +sysctlInitContainer: + enabled: true diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/.helmignore new file mode 100755 index 00000000..e12c0b4b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/.helmignore @@ -0,0 +1,2 @@ +tests/ +.pytest_cache/ diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Chart.yaml new file mode 100755 index 00000000..acb6181e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Chart.yaml @@ -0,0 +1,27 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +apiVersion: v1 +appVersion: 7.3.0 +description: Official Elastic helm chart for Kibana +home: https://github.com/elastic/helm-charts +icon: https://helm.elastic.co/icons/kibana.png +maintainers: +- email: helm-charts@elastic.co + name: Elastic +name: kibana +sources: +- https://github.com/elastic/kibana +version: 7.3.0 \ No newline at end of file diff --git a/ric-platform/50-RIC-Platform/helm/dbaas/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Makefile old mode 100644 new mode 100755 similarity index 84% rename from ric-platform/50-RIC-Platform/helm/dbaas/Chart.yaml rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Makefile index 861406df..3e7ed429 --- a/ric-platform/50-RIC-Platform/helm/dbaas/Chart.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/Makefile @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -15,8 +14,4 @@ # limitations under the License. # ################################################################################ -apiVersion: v1 -appVersion: "1.0" -description: DBaaS realized with standalone, non-persistent, non-redundant Redis -name: dbaas -version: 1.1.0 +include ../helpers/common.mk diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/README.md b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/README.md new file mode 100755 index 00000000..4362afc4 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/README.md @@ -0,0 +1,134 @@ +# Kibana Helm Chart + +This functionality is in beta and is subject to change. The design and code is less mature than official GA features and is being provided as-is with no warranties. Beta features are not subject to the support SLA of official GA features. + +This helm chart is a lightweight way to configure and run our official [Kibana docker image](https://www.elastic.co/guide/en/kibana/current/docker.html) + +## Requirements + +* Kubernetes >= 1.8 +* [Helm](https://helm.sh/) >= 2.8.0 + +## Installing + +* Add the elastic helm charts repo + ``` + helm repo add elastic https://helm.elastic.co + ``` +* Install it + ``` + helm install --name kibana elastic/kibana + ``` + +## Compatibility + +This chart is tested with the latest supported versions. The currently tested versions are: + +| 6.x | 7.x | +| ----- | ----- | +| 6.8.1 | 7.3.0 | + +Examples of installing older major versions can be found in the [examples](./examples) directory. + +While only the latest releases are tested, it is possible to easily install old or new releases by overriding the `imageTag`. To install version `7.3.0` of Kibana it would look like this: + +``` +helm install --name kibana elastic/kibana --set imageTag=7.3.0 +``` + +## Configuration + +| Parameter | Description | Default | +| ------------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------- | +| `elasticsearchHosts` | The URLs used to connect to Elasticsearch. | `http://elasticsearch-master:9200` | +| `elasticsearchURL` | The URL used to connect to Elasticsearch. Deprecated, needs to be used for Kibana versions < 6.6 | | +| `replicas` | Kubernetes replica count for the deployment (i.e. how many pods) | `1` | +| `extraEnvs` | Extra [environment variables](https://kubernetes.io/docs/tasks/inject-data-application/define-environment-variable-container/#using-environment-variables-inside-of-your-config) which will be appended to the `env:` definition for the container | `[]` | +| `secretMounts` | Allows you easily mount a secret as a file inside the deployment. Useful for mounting certificates and other secrets. See [values.yaml](./values.yaml) for an example | `[]` | +| `image` | The Kibana docker image | `docker.elastic.co/kibana/kibana` | +| `imageTag` | The Kibana docker image tag | `7.3.0` | +| `imagePullPolicy` | The Kubernetes [imagePullPolicy](https://kubernetes.io/docs/concepts/containers/images/#updating-images) value | `IfNotPresent` | +| `podAnnotations` | Configurable [annotations](https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/) applied to all Kibana pods | `{}` | +| `resources` | Allows you to set the [resources](https://kubernetes.io/docs/concepts/configuration/manage-compute-resources-container/) for the statefulset | `requests.cpu: 100m`
`requests.memory: 2Gi`
`limits.cpu: 1000m`
`limits.memory: 2Gi` | +| `protocol` | The protocol that will be used for the readinessProbe. Change this to `https` if you have `server.ssl.enabled: true` set | `http` | +| `serverHost` | The [`server.host`](https://www.elastic.co/guide/en/kibana/current/settings.html) Kibana setting. This is set explicitly so that the default always matches what comes with the docker image. | `0.0.0.0` | +| `healthCheckPath` | The path used for the readinessProbe to check that Kibana is ready. If you are setting `server.basePath` you will also need to update this to `/${basePath}/app/kibana` | `/app/kibana` | +| `kibanaConfig` | Allows you to add any config files in `/usr/share/kibana/config/` such as `kibana.yml`. See [values.yaml](./values.yaml) for an example of the formatting. | `{}` | +| `podSecurityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-pod) for the pod | `fsGroup: 1000` | +| `securityContext` | Allows you to set the [securityContext](https://kubernetes.io/docs/tasks/configure-pod-container/security-context/#set-the-security-context-for-a-container) for the container | `capabilities.drop:[ALL]`
`runAsNonRoot: true`
`runAsUser: 1000` | +| `serviceAccount` | Allows you to overwrite the "default" [serviceAccount](https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) for the pod | `[]` | +| `priorityClassName` | The [name of the PriorityClass](https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass). No default is supplied as the PriorityClass must be created first. | `` | +| `antiAffinityTopologyKey` | The [anti-affinity topology key](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). By default this will prevent multiple Kibana instances from running on the same Kubernetes node | `kubernetes.io/hostname` | +| `antiAffinity` | Setting this to hard enforces the [anti-affinity rules](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity). If it is set to soft it will be done "best effort" | `hard` | +| `httpPort` | The http port that Kubernetes will use for the healthchecks and the service. | `5601` | +| `maxUnavailable` | The [maxUnavailable](https://kubernetes.io/docs/tasks/run-application/configure-pdb/#specifying-a-poddisruptionbudget) value for the pod disruption budget. By default this will prevent Kubernetes from having more than 1 unhealthy pod | `1` | +| `updateStrategy` | Allows you to change the default update [strategy](https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#updating-a-deployment) for the deployment. A [standard upgrade](https://www.elastic.co/guide/en/kibana/current/upgrade-standard.html) of Kibana requires a full stop and start which is why the default strategy is set to `Recreate` | `Recreate` | +| `readinessProbe` | Configuration for the [readinessProbe](https://kubernetes.io/docs/tasks/configure-pod-container/configure-liveness-readiness-probes/) | `failureThreshold: 3`
`initialDelaySeconds: 10`
`periodSeconds: 10`
`successThreshold: 3`
`timeoutSeconds: 5` | +| `imagePullSecrets` | Configuration for [imagePullSecrets](https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/#create-a-pod-that-uses-your-secret) so that you can use a private registry for your image | `[]` | +| `nodeSelector` | Configurable [nodeSelector](https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#nodeselector) so that you can target specific nodes for your Kibana instances | `{}` | +| `tolerations` | Configurable [tolerations](https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/) | `[]` | +| `ingress` | Configurable [ingress](https://kubernetes.io/docs/concepts/services-networking/ingress/) to expose the Kibana service. See [`values.yaml`](./values.yaml) for an example | `enabled: false` | +| `service` | Configurable [service](https://kubernetes.io/docs/concepts/services-networking/service/) to expose the Kibana service. See [`values.yaml`](./values.yaml) for an example | `type: ClusterIP`
`port: 5601`
`nodePort:`
`annotations: {}` | +| `labels` | Configurable [label](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/) applied to all Kibana pods | `{}` | + +## Examples + +In [examples/](./examples) you will find some example configurations. These examples are used for the automated testing of this helm chart + +### Default + +* Deploy the [default Elasticsearch helm chart](../elasticsearch/README.md#default) +* Deploy Kibana with the default values + ``` + cd examples/default + make + ``` +* You can now setup a port forward and access Kibana at http://localhost:5601 + ``` + kubectl port-forward deployment/helm-kibana-default-kibana 5601 + ``` + +### Security + +* Deploy a [security enabled Elasticsearch cluster](../elasticsearch/README.md#security) +* Deploy Kibana with the security example + ``` + cd examples/security + make + ``` +* Setup a port forward and access Kibana at https://localhost:5601 + ``` + # Setup the port forward + kubectl port-forward deployment/helm-kibana-security-kibana 5601 + + # Run this in a seperate terminal + # Get the auto generated password + password=$(kubectl get secret elastic-credentials -o jsonpath='{.data.password}' | base64 --decode) + echo $password + + # Test Kibana is working with curl or access it with your browser at https://localhost:5601 + # The example certificate is self signed so you may see a warning about the certificate + curl -I -k -u elastic:$password https://localhost:5601/app/kibana + ``` + +## Testing + +This chart uses [pytest](https://docs.pytest.org/en/latest/) to test the templating logic. The dependencies for testing can be installed from the [`requirements.txt`](../requirements.txt) in the parent directory. + +``` +pip install -r ../requirements.txt +make test +``` + + +You can also use `helm template` to look at the YAML being generated + +``` +make template +``` + +It is possible to run all of the tests and linting inside of a docker container + +``` +make test +``` diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/Makefile new file mode 100755 index 00000000..6d9ca5ff --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/Makefile @@ -0,0 +1,12 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-kibana-six + +install: + helm upgrade --wait --timeout=600 --install --values ./values.yml $(RELEASE) ../../ ; \ + +purge: + helm del --purge $(RELEASE) + +test: install goss diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/test/goss.yaml new file mode 100755 index 00000000..b2a3e5ac --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/test/goss.yaml @@ -0,0 +1,10 @@ +http: + http://localhost:5601/api/status: + status: 200 + timeout: 2000 + body: + - '"number":"6.8.1"' + + http://localhost:5601/app/kibana: + status: 200 + timeout: 2000 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/values.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/values.yml new file mode 100755 index 00000000..0f05a541 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/6.x/values.yml @@ -0,0 +1,4 @@ +--- + +imageTag: 6.8.1 +elasticsearchHosts: "http://six-master:9200" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/Makefile new file mode 100755 index 00000000..ec4ea613 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/Makefile @@ -0,0 +1,13 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-kibana-default + +install: + echo "Goss container: $(GOSS_CONTAINER)" + helm upgrade --wait --timeout=600 --install $(RELEASE) ../../ ; \ + +test: install goss + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/test/goss.yaml new file mode 100755 index 00000000..3691f18c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/default/test/goss.yaml @@ -0,0 +1,14 @@ +http: + http://localhost:5601/api/status: + status: 200 + timeout: 2000 + body: + - '"number":"7.3.0"' + + http://localhost:5601/app/kibana: + status: 200 + timeout: 2000 + + http://helm-kibana-default-kibana:5601/app/kibana: + status: 200 + timeout: 2000 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/Makefile new file mode 100755 index 00000000..55232cd7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/Makefile @@ -0,0 +1,12 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-kibana-oss + +install: + helm upgrade --wait --timeout=600 --install --values ./values.yml $(RELEASE) ../../ ; \ + +test: install goss + +purge: + helm del --purge $(RELEASE) diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/test/goss.yaml new file mode 100755 index 00000000..35aee7dd --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/test/goss.yaml @@ -0,0 +1,4 @@ +http: + http://localhost:5601/app/kibana: + status: 200 + timeout: 2000 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/values.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/values.yml new file mode 100755 index 00000000..eb0203c7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/oss/values.yml @@ -0,0 +1,4 @@ +--- + +image: "docker.elastic.co/kibana/kibana-oss" +elasticsearchHosts: "http://oss-master:9200" diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/Makefile b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/Makefile new file mode 100755 index 00000000..a9af5149 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/Makefile @@ -0,0 +1,17 @@ +default: test +include ../../../helpers/examples.mk + +RELEASE := helm-kibana-security + +install: + helm upgrade --wait --timeout=600 --install --values ./security.yml $(RELEASE) ../../ ; \ + +test: secrets install goss + +purge: + kubectl delete secret kibana || true + helm del --purge $(RELEASE) + +secrets: + encryptionkey=$$(echo $$(docker run --rm docker.elastic.co/elasticsearch/elasticsearch:$(STACK_VERSION) /bin/sh -c "< /dev/urandom tr -dc _A-Z-a-z-0-9 | head -c50")) && \ + kubectl create secret generic kibana --from-literal=encryptionkey=$$encryptionkey diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/security.yml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/security.yml new file mode 100755 index 00000000..dfc9d5d1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/security.yml @@ -0,0 +1,38 @@ +--- + +elasticsearchHosts: "https://security-master:9200" + +extraEnvs: + - name: 'ELASTICSEARCH_USERNAME' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: username + - name: 'ELASTICSEARCH_PASSWORD' + valueFrom: + secretKeyRef: + name: elastic-credentials + key: password + - name: 'KIBANA_ENCRYPTION_KEY' + valueFrom: + secretKeyRef: + name: kibana + key: encryptionkey + +kibanaConfig: + kibana.yml: | + server.ssl: + enabled: true + key: /usr/share/kibana/config/certs/elastic-certificate.pem + certificate: /usr/share/kibana/config/certs/elastic-certificate.pem + xpack.security.encryptionKey: ${KIBANA_ENCRYPTION_KEY} + elasticsearch.ssl: + certificateAuthorities: /usr/share/kibana/config/certs/elastic-certificate.pem + verificationMode: certificate + +protocol: https + +secretMounts: + - name: elastic-certificate-pem + secretName: elastic-certificate-pem + path: /usr/share/kibana/config/certs diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/test/goss.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/test/goss.yaml new file mode 100755 index 00000000..39e9a485 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/examples/security/test/goss.yaml @@ -0,0 +1,27 @@ +http: + https://localhost:5601/app/kibana: + status: 200 + timeout: 2000 + allow-insecure: true + username: '{{ .Env.ELASTICSEARCH_USERNAME }}' + password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + + https://helm-kibana-security-kibana:5601/app/kibana: + status: 200 + timeout: 2000 + allow-insecure: true + username: '{{ .Env.ELASTICSEARCH_USERNAME }}' + password: '{{ .Env.ELASTICSEARCH_PASSWORD }}' + +file: + /usr/share/kibana/config/kibana.yml: + exists: true + contains: + - 'server.ssl:' + - ' enabled: true' + - ' key: /usr/share/kibana/config/certs/elastic-certificate.pem' + - ' certificate: /usr/share/kibana/config/certs/elastic-certificate.pem' + - 'xpack.security.encryptionKey:' + - 'elasticsearch.ssl:' + - ' certificateAuthorities: /usr/share/kibana/config/certs/elastic-certificate.pem' + - ' verificationMode: certificate' diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/_helpers.tpl b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/_helpers.tpl new file mode 100755 index 00000000..2438f4d3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/_helpers.tpl @@ -0,0 +1,32 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +{{/* vim: set filetype=mustache: */}} +{{/* +Expand the name of the chart. +*/}} +{{- define "name" -}} +{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +*/}} +{{- define "fullname" -}} +{{- $name := default .Release.Name .Values.nameOverride -}} +{{- printf "%s-%s" $name .Chart.Name | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/configmap.yaml new file mode 100755 index 00000000..9865ddd2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/configmap.yaml @@ -0,0 +1,31 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +{{- if .Values.kibanaConfig }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "fullname" . }}-config + labels: + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} +data: +{{- range $path, $config := .Values.kibanaConfig }} + {{ $path }}: | +{{ $config | indent 4 -}} +{{- end -}} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/deployment.yaml new file mode 100755 index 00000000..8260f14e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/deployment.yaml @@ -0,0 +1,139 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ template "fullname" . }} + labels: + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} + {{- range $key, $value := .Values.labels }} + {{ $key }}: {{ $value | quote }} + {{- end }} +spec: + replicas: {{ .Values.replicas }} + strategy: +{{ toYaml .Values.updateStrategy | indent 4 }} + selector: + matchLabels: + app: kibana + release: {{ .Release.Name | quote }} + template: + metadata: + labels: + app: kibana + release: {{ .Release.Name | quote }} + annotations: + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{/* This forces a restart if the configmap has changed */}} + {{- if .Values.kibanaConfig }} + configchecksum: {{ include (print .Template.BasePath "/configmap.yaml") . | sha256sum | trunc 63 }} + {{- end }} + spec: +{{- if .Values.priorityClassName }} + priorityClassName: {{ .Values.priorityClassName }} +{{- end }} + securityContext: +{{ toYaml .Values.podSecurityContext | indent 8 }} + {{- if .Values.serviceAccount }} + serviceAccount: {{ .Values.serviceAccount }} + {{- end }} + volumes: + {{- range .Values.secretMounts }} + - name: {{ .name }} + secret: + secretName: {{ .secretName }} + {{- end }} + {{- if .Values.kibanaConfig }} + - name: kibanaconfig + configMap: + name: {{ template "fullname" . }}-config + {{- end }} + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + {{- if .Values.imagePullSecrets }} + imagePullSecrets: +{{ toYaml .Values.imagePullSecrets | indent 8 }} + {{- end }} + containers: + - name: kibana + securityContext: +{{ toYaml .Values.securityContext | indent 10 }} + image: "{{ .Values.image }}:{{ .Values.imageTag }}" + imagePullPolicy: "{{ .Values.imagePullPolicy }}" + env: + {{- if .Values.elasticsearchURL }} + - name: ELASTICSEARCH_URL + value: "{{ .Values.elasticsearchURL }}" + {{- else if .Values.elasticsearchHosts }} + - name: ELASTICSEARCH_HOSTS + value: "{{ .Values.elasticsearchHosts }}" + {{- end }} + - name: SERVER_HOST + value: "{{ .Values.serverHost }}" +{{- if .Values.extraEnvs }} +{{ toYaml .Values.extraEnvs | indent 10 }} +{{- end }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 10 }} + exec: + command: + - sh + - -c + - | + #!/usr/bin/env bash -e + http () { + local path="${1}" + set -- -XGET -s --fail + + if [ -n "${ELASTIC_USERNAME}" ] && [ -n "${ELASTIC_PASSWORD}" ]; then + set -- "$@" -u "${ELASTIC_USERNAME}:${ELASTIC_PASSWORD}" + fi + + curl -k "$@" "{{ .Values.protocol }}://localhost:{{ .Values.httpPort }}${path}" + } + + http "{{ .Values.healthCheckPath }}" + ports: + - containerPort: {{ .Values.httpPort }} + resources: +{{ toYaml .Values.resources | indent 10 }} + volumeMounts: + {{- range .Values.secretMounts }} + - name: {{ .name }} + mountPath: {{ .path }} + {{- if .subPath }} + subPath: {{ .subPath }} + {{- end }} + {{- end }} + {{- range $path, $config := .Values.kibanaConfig }} + - name: kibanaconfig + mountPath: /usr/share/kibana/config/{{ $path }} + subPath: {{ $path }} + {{- end -}} diff --git a/ric-xapps/90-xApps/helm/xapp-std/templates/service-rmr.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/ingress.yaml old mode 100644 new mode 100755 similarity index 63% rename from ric-xapps/90-xApps/helm/xapp-std/templates/service-rmr.yaml rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/ingress.yaml index 14a75722..ea88416c --- a/ric-xapps/90-xApps/helm/xapp-std/templates/service-rmr.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/ingress.yaml @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -15,27 +14,35 @@ # limitations under the License. # ################################################################################ -apiVersion: v1 -kind: Service +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "fullname" . -}} +{{- $servicePort := .Values.service.port -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: networking.k8s.io/v1beta1 +kind: Ingress metadata: - name: {{ include "ricxapp.servicename.rmr" . }} - namespace: {{ include "ricxapp.namespace" . }} + name: {{ $fullName }} labels: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + app: {{ .Chart.Name }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: - type: ClusterIP - ports: - - port: {{ .Values.ricxapp.service.rmr.data.port }} - targetPort: rmrdata - protocol: TCP - name: rmrdata - - port: {{ .Values.ricxapp.service.rmr.route.port }} - targetPort: rmrroute - protocol: TCP - name: rmrroute - selector: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - release: {{ .Release.Name }} +{{- if .Values.ingress.tls }} + tls: +{{ toYaml .Values.ingress.tls | indent 4 }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: {{ $servicePort }} + {{- end }} +{{- end }} diff --git a/ric-xapps/90-xApps/helm/xapp-std/templates/service-http.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/service.yaml old mode 100644 new mode 100755 similarity index 70% rename from ric-xapps/90-xApps/helm/xapp-std/templates/service-http.yaml rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/service.yaml index 7f994224..915ac91e --- a/ric-xapps/90-xApps/helm/xapp-std/templates/service-http.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/templates/service.yaml @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -15,23 +14,29 @@ # limitations under the License. # ################################################################################ +--- apiVersion: v1 kind: Service metadata: - name: {{ include "ricxapp.servicename.http" . }} - namespace: {{ include "ricxapp.namespace" . }} + name: {{ template "fullname" . }} labels: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} heritage: {{ .Release.Service }} +{{- with .Values.service.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} spec: - type: ClusterIP + type: {{ .Values.service.type }} ports: - - port: {{ .Values.ricxapp.service.http.port }} - targetPort: http + - port: {{ .Values.service.port }} +{{- if .Values.service.nodePort }} + nodePort: {{ .Values.service.nodePort }} +{{- end }} protocol: TCP name: http + targetPort: {{ .Values.httpPort }} selector: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - release: {{ .Release.Name }} + app: {{ .Chart.Name }} + release: {{ .Release.Name | quote }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/values.yaml new file mode 100755 index 00000000..c065e80a --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/kibana/values.yaml @@ -0,0 +1,152 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +--- + +elasticsearchURL: "" # "http://elasticsearch-master:9200" +elasticsearchHosts: "http://elasticsearch-master:9200" + +replicas: 1 + +# Extra environment variables to append to this nodeGroup +# This will be appended to the current 'env:' key. You can use any of the kubernetes env +# syntax here +extraEnvs: +# - name: XPACK_SECURITY_ENABLED +# value: "false" +# - name: MY_ENVIRONMENT_VAR +# # value: the_value_goes_here + + +# A list of secrets and their paths to mount inside the pod +# This is useful for mounting certificates for security and for mounting +# the X-Pack license +secretMounts: [] +# - name: kibana-keystore +# secretName: kibana-keystore +# path: /usr/share/kibana/data/kibana.keystore +# subPath: kibana.keystore # optional + +image: "docker.elastic.co/kibana/kibana-oss" +imageTag: "7.3.0" +imagePullPolicy: "IfNotPresent" + +# additionals labels +labels: {} + +podAnnotations: {} + # iam.amazonaws.com/role: es-cluster + +resources: + requests: + cpu: "100m" + memory: "500m" + limits: + cpu: "1000m" + memory: "1Gi" + +protocol: http + +serverHost: "0.0.0.0" + +healthCheckPath: "/app/kibana" + +# Allows you to add any config files in /usr/share/kibana/config/ +# such as kibana.yml +kibanaConfig: {} +# kibana.yml: | +# # key: +# # nestedkey: value + +#kibanaConfig: +# kibana.yml: | +# xpack.security.enabled: false + +# If Pod Security Policy in use it may be required to specify security context as well as service account + +podSecurityContext: + fsGroup: 1000 + +securityContext: + capabilities: + drop: + - ALL + # readOnlyRootFilesystem: true + runAsNonRoot: true + runAsUser: 1000 + +serviceAccount: "" + +# This is the PriorityClass settings as defined in +# https://kubernetes.io/docs/concepts/configuration/pod-priority-preemption/#priorityclass +priorityClassName: "" + +# By default this will make sure two pods don't end up on the same node +# Changing this to a region would allow you to spread pods across regions +antiAffinityTopologyKey: "kubernetes.io/hostname" + +# Hard means that by default pods will only be scheduled if there are enough nodes for them +# and that they will never end up on the same node. Setting this to soft will do this "best effort" +antiAffinity: "hard" + +httpPort: 5601 + +# This is the max unavailable setting for the pod disruption budget +# The default value of 1 will make sure that kubernetes won't allow more than 1 +# of your pods to be unavailable during maintenance +maxUnavailable: 1 + +updateStrategy: + type: "Recreate" + +service: + type: ClusterIP + port: 5601 + nodePort: + annotations: {} + # cloud.google.com/load-balancer-type: "Internal" + # service.beta.kubernetes.io/aws-load-balancer-internal: 0.0.0.0/0 + # service.beta.kubernetes.io/azure-load-balancer-internal: "true" + # service.beta.kubernetes.io/openstack-internal-load-balancer: "true" + # service.beta.kubernetes.io/cce-load-balancer-internal-vpc: "true" + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - chart-example.local + tls: [] + # - secretName: chart-example-tls + # hosts: + # - chart-example.local + +readinessProbe: + failureThreshold: 3 + initialDelaySeconds: 10 + periodSeconds: 10 + successThreshold: 3 + timeoutSeconds: 5 + +imagePullSecrets: [] +nodeSelector: {} +tolerations: [] +affinity: {} + +nameOverride: "" +fullnameOverride: "" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/.helmignore similarity index 94% rename from ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/.helmignore index daebc7da..f0c13194 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/.helmignore @@ -1,21 +1,21 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/Chart.yaml new file mode 100755 index 00000000..bb64176e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/Chart.yaml @@ -0,0 +1,33 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: v1 +appVersion: 6.7.0 +description: Logstash is an open source, server-side data processing pipeline +home: https://www.elastic.co/products/logstash +icon: https://www.elastic.co/assets/blt86e4472872eed314/logo-elastic-logstash-lt.svg +maintainers: +- email: pete.brown@powerhrg.com + name: rendhalver +- email: jrodgers@powerhrg.com + name: jar361 +- email: christian.roggia@gmail.com + name: christian-roggia +name: logstash +sources: +- https://www.docker.elastic.co +- https://www.elastic.co/guide/en/logstash/current/index.html +version: 1.13.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/OWNERS b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/OWNERS new file mode 100755 index 00000000..ee2cba86 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/OWNERS @@ -0,0 +1,6 @@ +approvers: +- christian-roggia +- rendhalver +reviewers: +- christian-roggia +- rendhalver diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/README.md b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/README.md new file mode 100755 index 00000000..5ae3670f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/README.md @@ -0,0 +1,126 @@ +# Logstash + +[Logstash](https://www.elastic.co/products/logstash) is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite “stash.” + +## TL;DR; + +```console +$ helm install stable/logstash +``` + +## Installing the Chart + +To install the chart with the release name `my-release`: + +```console +$ helm install --name my-release stable/logstash +``` + +## Uninstalling the Chart + +To uninstall/delete the `my-release` deployment: + +```console +$ helm delete my-release +``` + +The command removes nearly all the Kubernetes components associated with the +chart and deletes the release. + +## Best Practices + +### Release and tune this chart once per Logstash pipeline + +To achieve multiple pipelines with this chart, current best practice is to +maintain one pipeline per chart release. In this way configuration is +simplified and pipelines are more isolated from one another. + +### Default Pipeline: Beats Input -> Elasticsearch Output + +Current best practice for ELK logging is to ship logs from hosts using Filebeat +to logstash where persistent queues are enabled. Filebeat supports structured +(e.g. JSON) and unstructured (e.g. log lines) log shipment. + +### Load Beats-generated index template into Elasticsearch + +To best utilize the combination of Beats, Logstash and Elasticsearch, +load Beats-generated index templates into Elasticsearch as described [here]( +https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-template.html). + +On a remote-to-Kubernetes Linux instance you might run the following command to +load that instance's Beats-generated index template into Elasticsearch +(Elasticsearch hostname will vary). + +``` +filebeat setup --template -E output.logstash.enabled=false \ + -E 'output.elasticsearch.hosts=["elasticsearch.cluster.local:9200"]' +``` + +### Links + +Please review the following links that expound on current best practices. + +- https://www.elastic.co/blog/structured-logging-filebeat +- https://www.elastic.co/guide/en/beats/filebeat/current/filebeat-template.html +- https://www.elastic.co/guide/en/logstash/current/deploying-and-scaling.html +- https://www.elastic.co/guide/en/logstash/current/persistent-queues.html + +## Configuration + +The following table lists the configurable parameters of the chart and its default values. + +| Parameter | Description | Default | +| --------------------------- | -------------------------------------------------- | ------------------------------------------------ | +| `replicaCount` | Number of replicas | `1` | +| `podDisruptionBudget` | Pod disruption budget | `maxUnavailable: 1` | +| `updateStrategy` | Update strategy | `type: RollingUpdate` | +| `image.repository` | Container image name | `docker.elastic.co/logstash/logstash-oss` | +| `image.tag` | Container image tag | `6.7.0` | +| `image.pullPolicy` | Container image pull policy | `IfNotPresent` | +| `service.type` | Service type (ClusterIP, NodePort or LoadBalancer) | `ClusterIP` | +| `service.annotations` | Service annotations | `{}` | +| `service.ports` | Ports exposed by service | beats | +| `service.loadBalancerIP` | The load balancer IP for the service | unset | +| `service.loadBalancerSourceRanges` | CIDR ranges to allow access to load balancer | unset | +| `service.clusterIP` | The cluster IP for the service | unset | +| `service.nodePort` | The nodePort for the service | unset | +| `service.externalTrafficPolicy` | Set externalTrafficPolicy | unset | +| `ports` | Ports exposed by logstash container | beats | +| `ingress.enabled` | Enables Ingress | `false` | +| `ingress.annotations` | Ingress annotations | `{}` | +| `ingress.path` | Ingress path | `/` | +| `ingress.hosts` | Ingress accepted hostnames | `["logstash.cluster.local"]` | +| `ingress.tls` | Ingress TLS configuration | `[]` | +| `logstashJavaOpts` | Java options for logstash like heap size | `"-Xmx1g -Xms1g"` | +| `resources` | Pod resource requests & limits | `{}` | +| `priorityClassName` | priorityClassName | `nil` | +| `nodeSelector` | Node selector | `{}` | +| `tolerations` | Tolerations | `[]` | +| `affinity` | Affinity or Anti-Affinity | `{}` | +| `podAnnotations` | Pod annotations | `{}` | +| `podLabels` | Pod labels | `{}` | +| `extraEnv` | Extra pod environment variables | `[]` | +| `extraInitContainers` | Add additional initContainers | `[]` | +| `podManagementPolicy` | podManagementPolicy of the StatefulSet | `OrderedReady` | +| `livenessProbe` | Liveness probe settings for logstash container | (see `values.yaml`) | +| `readinessProbe` | Readiness probe settings for logstash container | (see `values.yaml`) | +| `persistence.enabled` | Enable persistence | `true` | +| `persistence.storageClass` | Storage class for PVCs | unset | +| `persistence.accessMode` | Access mode for PVCs | `ReadWriteOnce` | +| `persistence.size` | Size for PVCs | `2Gi` | +| `volumeMounts` | Volume mounts to configure for logstash container | (see `values.yaml`) | +| `volumes` | Volumes to configure for logstash container | [] | +| `terminationGracePeriodSeconds` | Duration the pod needs to terminate gracefully | `30` +| `exporter.logstash` | Prometheus logstash-exporter settings | (see `values.yaml`) | +| `exporter.logstash.enabled` | Enables Prometheus logstash-exporter | `false` | +| `elasticsearch.host` | ElasticSearch hostname | `elasticsearch-client.default.svc.cluster.local` | +| `elasticsearch.port` | ElasticSearch port | `9200` | +| `config` | Logstash configuration key-values | (see `values.yaml`) | +| `patterns` | Logstash patterns configuration | `nil` | +| `files` | Logstash custom files configuration | `nil` | +| `binaryFiles` | Logstash custom binary files | `nil` | +| `inputs` | Logstash inputs configuration | beats | +| `filters` | Logstash filters configuration | `nil` | +| `outputs` | Logstash outputs configuration | elasticsearch | +| `securityContext.fsGroup` | Group ID for the container | `1000` | +| `securityContext.runAsUser` | User ID for the container | `1000` | diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/NOTES.txt new file mode 100755 index 00000000..6fc69888 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/NOTES.txt @@ -0,0 +1,21 @@ +{{- if .Values.service.ports.http }} +Get the Logstash HTTP Input URL by running these commands: + {{- if .Values.ingress.enabled }} + {{- range .Values.ingress.hosts }} + http{{ if $.Values.ingress.tls }}s{{ end }}://{{ . }}{{ $.Values.ingress.path }} + {{- end }} + {{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "logstash.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT + {{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ template "logstash.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "logstash.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.ports.http.port }} + {{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app={{ template "logstash.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.ports.http.port }} + {{- end }} +{{- end }} diff --git a/ric-platform/50-RIC-Platform/helm/dbaas/templates/_helper.tpl b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/_helpers.tpl old mode 100644 new mode 100755 similarity index 92% rename from ric-platform/50-RIC-Platform/helm/dbaas/templates/_helper.tpl rename to ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/_helpers.tpl index 24c443dc..8957c90e --- a/ric-platform/50-RIC-Platform/helm/dbaas/templates/_helper.tpl +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/_helpers.tpl @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -19,7 +18,7 @@ {{/* Expand the name of the chart. */}} -{{- define "dbaas.name" -}} +{{- define "logstash.name" -}} {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -28,7 +27,7 @@ Create a default fully qualified app name. We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). If release name contains chart name it will be used as a full name. */}} -{{- define "dbaas.fullname" -}} +{{- define "logstash.fullname" -}} {{- if .Values.fullnameOverride -}} {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} {{- else -}} @@ -44,7 +43,6 @@ If release name contains chart name it will be used as a full name. {{/* Create chart name and version as used by the chart label. */}} -{{- define "dbaas.chart" -}} +{{- define "logstash.chart" -}} {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} {{- end -}} - diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/files-config.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/files-config.yaml new file mode 100755 index 00000000..89fbbee3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/files-config.yaml @@ -0,0 +1,35 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "logstash.fullname" . }}-files + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{- range $key, $value := .Values.files }} + {{ $key }}: |- +{{ $value | indent 4 }} +{{- end }} +binaryData: + {{- range $key, $value := .Values.binaryFiles }} + {{ $key }}: |- +{{ $value | indent 4 }} + {{- end }} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/ingress.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/ingress.yaml new file mode 100755 index 00000000..61e95c79 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/ingress.yaml @@ -0,0 +1,54 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +{{- if .Values.ingress.enabled -}} +{{- $fullName := include "logstash.fullname" . -}} +{{- $ingressPath := .Values.ingress.path -}} +apiVersion: extensions/v1beta1 +kind: Ingress +metadata: + name: {{ $fullName }} + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +{{- with .Values.ingress.annotations }} + annotations: +{{ toYaml . | indent 4 }} +{{- end }} +spec: +{{- if .Values.ingress.tls }} + tls: + {{- range .Values.ingress.tls }} + - hosts: + {{- range .hosts }} + - {{ . }} + {{- end }} + secretName: {{ .secretName }} + {{- end }} +{{- end }} + rules: + {{- range .Values.ingress.hosts }} + - host: {{ . }} + http: + paths: + - path: {{ $ingressPath }} + backend: + serviceName: {{ $fullName }} + servicePort: http + {{- end }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/patterns-config.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/patterns-config.yaml new file mode 100755 index 00000000..9c1f21a0 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/patterns-config.yaml @@ -0,0 +1,30 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "logstash.fullname" . }}-patterns + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{- range $key, $value := .Values.patterns }} + {{ $key }}: |- +{{ $value | indent 4 }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/pipeline-config.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/pipeline-config.yaml new file mode 100755 index 00000000..9b71853f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/pipeline-config.yaml @@ -0,0 +1,40 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "logstash.fullname" . }}-pipeline + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{- range $key, $value := .Values.inputs }} + input_{{ $key }}: |- +{{ $value | indent 4 }} +{{- end }} + +{{- range $key, $value := .Values.filters }} + filter_{{ $key }}: |- +{{ $value | indent 4 }} +{{- end }} + +{{- range $key, $value := .Values.outputs }} + output_{{ $key }}: |- +{{ $value | indent 4 }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/poddisruptionbudget.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/poddisruptionbudget.yaml new file mode 100755 index 00000000..4272d9fc --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/poddisruptionbudget.yaml @@ -0,0 +1,31 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: {{ template "logstash.fullname" . }} + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + selector: + matchLabels: + app: {{ template "logstash.name" . }} + release: {{ .Release.Name }} +{{ toYaml .Values.podDisruptionBudget | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/service.yaml new file mode 100755 index 00000000..edfb706d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/service.yaml @@ -0,0 +1,59 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +apiVersion: v1 +kind: Service +metadata: + name: {{ template "logstash.fullname" . }} + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: +{{- with .Values.service.annotations }} +{{ toYaml . | indent 4 }} +{{- end }} +spec: + type: {{ .Values.service.type }} +{{- if .Values.service.externalTrafficPolicy }} + externalTrafficPolicy: {{ .Values.service.externalTrafficPolicy }} +{{- end }} + ports: + {{- range $key, $value := .Values.service.ports }} + - name: {{ $key }} +{{ toYaml $value | indent 6 }} + {{- end }} + selector: + app: {{ template "logstash.name" . }} + release: {{ .Release.Name }} +{{- if eq .Values.service.type "LoadBalancer" }} +{{- if .Values.service.loadBalancerIP }} + loadBalancerIP: {{ .Values.service.loadBalancerIP }} +{{- end }} +{{- if .Values.service.loadBalancerSourceRanges }} + loadBalancerSourceRanges: +{{- range $cidr := .Values.service.loadBalancerSourceRanges }} + - {{ $cidr }} +{{- end }} +{{- end }} +{{- end }} +{{- if .Values.service.clusterIP }} + clusterIP: {{ .Values.service.clusterIP }} +{{- end }} +{{ if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }} + nodePort: {{ .Values.service.nodePort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/statefulset.yaml new file mode 100755 index 00000000..5f0c48d8 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/templates/statefulset.yaml @@ -0,0 +1,189 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: {{ template "logstash.fullname" . }} + labels: + app: {{ template "logstash.name" . }} + chart: {{ template "logstash.chart" . }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ template "logstash.fullname" . }} + replicas: {{ .Values.replicaCount }} + podManagementPolicy: {{ .Values.podManagementPolicy }} + selector: + matchLabels: + app: {{ template "logstash.name" . }} + release: {{ .Release.Name }} + template: + metadata: + labels: + app: {{ template "logstash.name" . }} + release: {{ .Release.Name }} + {{- if .Values.podLabels }} + ## Custom pod labels + {{- range $key, $value := .Values.podLabels }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + annotations: + checksum/patterns: {{ include (print $.Template.BasePath "/patterns-config.yaml") . | sha256sum }} + checksum/templates: {{ include (print $.Template.BasePath "/files-config.yaml") . | sha256sum }} + checksum/pipeline: {{ include (print $.Template.BasePath "/pipeline-config.yaml") . | sha256sum }} + {{- if .Values.podAnnotations }} + ## Custom pod annotations + {{- range $key, $value := .Values.podAnnotations }} + {{ $key }}: {{ $value | quote }} + {{- end }} + {{- end }} + spec: + {{- if .Values.priorityClassName }} + priorityClassName: "{{ .Values.priorityClassName }}" + {{- end }} + securityContext: + runAsUser: {{ .Values.securityContext.runAsUser }} + fsGroup: {{ .Values.securityContext.fsGroup }} + {{- if .Values.image.pullSecrets }} + imagePullSecrets: +{{ toYaml .Values.image.pullSecrets | indent 8 }} + {{- end }} + initContainers: +{{- if .Values.extraInitContainers }} +{{ toYaml .Values.extraInitContainers | indent 8 }} +{{- end }} + containers: + + ## logstash + - name: {{ .Chart.Name }} + image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" + imagePullPolicy: {{ .Values.image.pullPolicy }} + ports: + - name: monitor + containerPort: {{ .Values.exporter.logstash.target.port }} + protocol: TCP +{{ toYaml .Values.ports | indent 12 }} + livenessProbe: +{{ toYaml .Values.livenessProbe | indent 12 }} + readinessProbe: +{{ toYaml .Values.readinessProbe | indent 12 }} + env: + ## Logstash monitoring API host and port env vars + - name: HTTP_HOST + value: "0.0.0.0" + - name: HTTP_PORT + value: {{ .Values.exporter.logstash.target.port | quote }} + ## Elasticsearch output + - name: ELASTICSEARCH_HOST + value: {{ .Values.elasticsearch.host | quote }} + - name: ELASTICSEARCH_PORT + value: {{ .Values.elasticsearch.port | quote }} + # Logstash Java Options + - name: LS_JAVA_OPTS + value: {{ .Values.logstashJavaOpts }} + ## Additional env vars + {{- range $key, $value := .Values.config }} + - name: {{ $key | upper | replace "." "_" }} + value: {{ $value | quote }} + {{- end }} + {{- if .Values.extraEnv }} +{{ .Values.extraEnv | toYaml | indent 12 }} + {{- end }} + resources: +{{ toYaml .Values.resources | indent 12 }} + volumeMounts: +{{ toYaml .Values.volumeMounts | indent 12 }} + +{{- if .Values.exporter.logstash.enabled }} + ## logstash-exporter + - name: {{ .Chart.Name }}-exporter + image: "{{ .Values.exporter.logstash.image.repository }}:{{ .Values.exporter.logstash.image.tag }}" + imagePullPolicy: {{ .Values.exporter.logstash.image.pullPolicy }} + command: ["/bin/sh", "-c"] + ## Delay start of logstash-exporter to give logstash more time to come online. + args: + - >- + sleep 60; + exec /logstash_exporter + --logstash.endpoint=http://localhost:{{ .Values.exporter.logstash.target.port }} + --web.listen-address=:{{ .Values.exporter.logstash.port }} + ports: + - name: ls-exporter + containerPort: {{ .Values.exporter.logstash.port }} + protocol: TCP + livenessProbe: +{{ toYaml .Values.exporter.logstash.livenessProbe | indent 12 }} + readinessProbe: +{{ toYaml .Values.exporter.logstash.readinessProbe | indent 12 }} + {{- with .Values.exporter.logstash.config }} + env: + {{- range $key, $value := . }} + - name: {{ $key | upper | replace "." "_" }} + value: {{ $value | quote }} + {{- end }} + {{- end }} + resources: +{{ toYaml .Values.exporter.logstash.resources | indent 12 }} +{{- end }} + + {{- with .Values.nodeSelector }} + nodeSelector: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.affinity }} + affinity: +{{ toYaml . | indent 8 }} + {{- end }} + {{- with .Values.tolerations }} + tolerations: +{{ toYaml . | indent 8 }} + {{- end }} + terminationGracePeriodSeconds: {{ .Values.terminationGracePeriodSeconds }} + volumes: + - name: patterns + configMap: + name: {{ template "logstash.fullname" . }}-patterns + - name: files + configMap: + name: {{ template "logstash.fullname" . }}-files + - name: pipeline + configMap: + name: {{ template "logstash.fullname" . }}-pipeline + {{- with .Values.volumes }} +{{ toYaml . | indent 8 }} + {{- end }} +{{- if not .Values.persistence.enabled }} + - name: data + emptyDir: {} +{{- else }} + volumeClaimTemplates: + - metadata: + name: data + spec: + accessModes: + - {{ .Values.persistence.accessMode | quote }} + resources: + requests: + storage: {{ .Values.persistence.size | quote }} + {{- if .Values.persistence.storageClass }} + {{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" + {{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" + {{- end }} + {{- end }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/values.yaml new file mode 100644 index 00000000..7d16f5ad --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/charts/logstash/values.yaml @@ -0,0 +1,798 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +replicaCount: 1 + +podDisruptionBudget: + maxUnavailable: 1 + +updateStrategy: + type: RollingUpdate + +terminationGracePeriodSeconds: 30 + +image: + repository: docker.elastic.co/logstash/logstash-oss + tag: 7.3.0 + pullPolicy: IfNotPresent + ## Add secrets manually via kubectl on kubernetes cluster and reference here + # pullSecrets: + # - name: "myKubernetesSecret" + +service: + type: ClusterIP + # clusterIP: None + # nodePort: + # Set this to local, to preserve client source ip. Default stripes out the source ip + # externalTrafficPolicy: Local + annotations: {} + ## AWS example for use with LoadBalancer service type. + # external-dns.alpha.kubernetes.io/hostname: logstash.cluster.local + # service.beta.kubernetes.io/aws-load-balancer-cross-zone-load-balancing-enabled: "true" + # service.beta.kubernetes.io/aws-load-balancer-internal: "true" + ports: + # syslog-udp: + # port: 1514 + # targetPort: syslog-udp + # protocol: UDP + # syslog-tcp: + # port: 1514 + # targetPort: syslog-tcp + # protocol: TCP + beats: + port: 5044 + targetPort: 8080 + protocol: TCP + # http: + # port: 8080 + # targetPort: http + # protocol: TCP + # loadBalancerIP: 10.0.0.1 + # loadBalancerSourceRanges: + # - 192.168.0.1 +ports: + # - name: syslog-udp + # containerPort: 1514 + # protocol: UDP + # - name: syslog-tcp + # containerPort: 1514 + # protocol: TCP + - name: beats + containerPort: 5044 + protocol: TCP + # - name: http + # containerPort: 8080 + # protocol: TCP + +ingress: + enabled: false + annotations: {} + # kubernetes.io/ingress.class: nginx + # kubernetes.io/tls-acme: "true" + path: / + hosts: + - logstash.cluster.local + tls: [] + # - secretName: logstash-tls + # hosts: + # - logstash.cluster.local + +# set java options like heap size +logstashJavaOpts: "-Xmx1g -Xms1g" + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +priorityClassName: "" + +nodeSelector: {} + +tolerations: [] + +securityContext: + fsGroup: 1000 + runAsUser: 1000 + +affinity: {} + # podAntiAffinity: + # requiredDuringSchedulingIgnoredDuringExecution: + # - topologyKey: "kubernetes.io/hostname" + # labelSelector: + # matchLabels: + # release: logstash + +podAnnotations: {} + # iam.amazonaws.com/role: "logstash-role" + # prometheus.io/scrape: "true" + # prometheus.io/path: "/metrics" + # prometheus.io/port: "9198" + +podLabels: {} + # team: "developers" + # service: "logstash" + +extraEnv: [] + +extraInitContainers: [] + # - name: echo + # image: busybox + # imagePullPolicy: Always + # args: + # - echo + # - hello + +podManagementPolicy: OrderedReady + # can be OrderReady or Parallel +#livenessProbe: + #httpGet: + #path: / + #port: monitor + #initialDelaySeconds: 20 + # periodSeconds: 30 + # timeoutSeconds: 30 + # failureThreshold: 6 + # successThreshold: 1 + +#readinessProbe: + #httpGet: + #path: / + #port: monitor + #initialDelaySeconds: 20 + # periodSeconds: 30 + # timeoutSeconds: 30 + # failureThreshold: 6 + # successThreshold: 1 + +persistence: + enabled: false + ## logstash data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteOnce + size: 2Gi + +volumeMounts: + - name: data + mountPath: /usr/share/logstash/data + - name: patterns + mountPath: /usr/share/logstash/patterns + - name: files + mountPath: /usr/share/logstash/files + - name: pipeline + mountPath: /usr/share/logstash/pipeline + +volumes: [] + # - name: tls + # secret: + # secretName: logstash-tls + # - name: pipeline + # configMap: + # name: logstash-pipeline + # - name: certs + # hostPath: + # path: /tmp + +exporter: + logstash: + enabled: false + image: + repository: bonniernews/logstash_exporter + tag: v0.1.2 + pullPolicy: IfNotPresent + env: {} + resources: {} + path: /metrics + port: 9198 + target: + port: 9600 + path: /metrics + livenessProbe: + httpGet: + path: /metrics + port: ls-exporter + periodSeconds: 15 + timeoutSeconds: 60 + failureThreshold: 8 + successThreshold: 1 + readinessProbe: + httpGet: + path: /metrics + port: ls-exporter + periodSeconds: 15 + timeoutSeconds: 60 + failureThreshold: 8 + successThreshold: 1 + +elasticsearch: + host: elasticsearch-data.kube-system.svc.rec.io + port: 9200 + +## ref: https://github.com/elastic/logstash-docker/blob/master/build/logstash/env2yaml/env2yaml.go +config: + config.reload.automatic: "true" + path.config: /usr/share/logstash/pipeline + path.data: /usr/share/logstash/data + + ## ref: https://www.elastic.co/guide/en/logstash/current/persistent-queues.html + queue.checkpoint.writes: 1 + queue.drain: "true" + queue.max_bytes: 1gb # disk capacity must be greater than the value of `queue.max_bytes` + queue.type: persisted + +## Patterns for filters. +## Each YAML heredoc will become a separate pattern file. +patterns: + # main: |- + # TESTING {"foo":.*}$ + +## Custom files that can be referenced by plugins. +## Each YAML heredoc will become located in the logstash home directory under +## the files subdirectory. +files: + # logstash-template.json: |- + # { + # "order": 0, + # "version": 1, + # "index_patterns": [ + # "logstash-*" + # ], + # "settings": { + # "index": { + # "refresh_interval": "5s" + # } + # }, + # "mappings": { + # "doc": { + # "_meta": { + # "version": "1.0.0" + # }, + # "enabled": false + # } + # }, + # "aliases": {} + # } + +## Custom binary files encoded as base64 string that can be referenced by plugins +## Each base64 encoded string is decoded & mounted as a file under logstash home directory under +## the files subdirectory. +binaryFiles: {} + +## NOTE: To achieve multiple pipelines with this chart, current best practice +## is to maintain one pipeline per chart release. In this way configuration is +## simplified and pipelines are more isolated from one another. + +inputs: + main: |- + input { + # udp { + # port => 1514 + # type => syslog + # } + # tcp { + # port => 1514 + # type => syslog + # } + #beats { + # port => 5044 + #} + http { + port => 8080 + } + # http { + # port => 8080 + # } + # kafka { + # ## ref: https://www.elastic.co/guide/en/logstash/current/plugins-inputs-kafka.html + # bootstrap_servers => "kafka-input:9092" + # codec => json { charset => "UTF-8" } + # consumer_threads => 1 + # topics => ["source"] + # type => "example" + # } + } + + +filters: + main: |- + filter { + if "GS-LITE MC" in [message] { + if "mc_connected_cnt" in [message] { + csv { + columns => ["reportingEntityName","eventType","count_connected_ue","TS"] + separator => "," + convert => { + "count_connected_ue" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "mc_unique_ue_cnt" in [message] { + csv { + columns => ["reportingEntityName","eventType","count_unique_ue","TS"] + separator => "," + convert => { + "count_unique_ue" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "reconfig_status_reject_cause" in [message] { + csv { + columns => ["reportingEntityName","eventType","total_reconfig_reject","count_radio_network","count_transport","count_protocol","count_misc","GNB_ID","TS"] + separator => "," + convert => { + "total_reconfig_reject" => "integer" + "count_radio_network" => "integer" + "count_transport" => "integer" + "count_protocol" => "integer" + "count_misc" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "release_req_success_stats" in [message] { + csv { + columns => ["reportingEntityName","eventType","min_success_time","max_success_time","avg_success_time","pctl_05_success_time","pctl_95_success_time","GNB_ID","stddev_success_time","TS"] + separator => "," + convert => { + "min_success_time" => "float" + "max_success_time" => "float" + "avg_success_time" => "float" + "pctl_05_success_time" => "float" + "pctl_95_success_time" => "float" + "stddev_success_time" => "float" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "mod_status_refuse_cause" in [message] { + csv { + columns => ["reportingEntityName","eventType","total_reconfig_refuse","count_radio_network","count_transport","count_protocol","count_misc","GNB_ID","TS"] + separator => "," + convert => { + "total_reconfig_refuse" => "integer" + "count_radio_network" => "integer" + "count_transport" => "integer" + "count_protocol" => "integer" + "count_misc" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "release_cause" in [message] { + csv { + columns => ["reportingEntityName","eventType","total_reconfig_refuse","count_radio_network","count_transport","count_protocol","count_misc","GNB_ID","TS"] + separator => "," + convert => { + "total_reconfig_refuse" => "integer" + "count_radio_network" => "integer" + "count_transport" => "integer" + "count_protocol" => "integer" + "count_misc" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "addreq_pdf_nr_gnb" in [message] { + csv { + columns => ["reportingEntityName","eventType","rsrp_medium","rsrp_bad","cnt","rsrp_vbad","GNB_ID","rsrp_good","rsrp_vgood","TS"] + separator => "," + convert => { + "rsrp_medium" => "integer" + "rsrp_bad" => "integer" + "cnt" => "integer" + "rsrp_vbad" => "integer" + "rsrp_good" => "integer" + "rsrp_vgood" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "addreq_success_stats" in [message] { + csv { + columns => ["reportingEntityName","eventType","stddev_success_time","max_success_time","avg_success_time","pctl_95_success_time","pctl_05_success_time","GNB_ID","min_success_time","TS"] + separator => "," + convert => { + "stddev_success_time" => "float" + "max_success_time" => "float" + "avg_success_time" => "float" + "pctl_95_success_time" => "float" + "pctl_05_success_time" => "float" + "min_success_time" => "float" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "mc_connects_cnt" in [message] { + csv { + columns => ["reportingEntityName","eventType","count_ue_connects","TS"] + separator => "," + convert => { + "count_ue_connects" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "erab_stats" in [message] { + csv { + columns => ["reportingEntityName","eventType","qCI_other","total_erabs","qCI_9","qCI_8","qCI_7","qCI_6","qCI_5","qCI_4","qCI_3","qCI_2","qCI_1","TS"] + separator => "," + convert => { + "qCI_other" => "integer" + "total_erabs" => "integer" + "qCI_9" => "integer" + "qCI_8" => "integer" + "qCI_7" => "integer" + "qCI_6" => "integer" + "qCI_5" => "integer" + "qCI_4" => "integer" + "qCI_3" => "integer" + "qCI_2" => "integer" + "qCI_1" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "mc_disconnects_cnt" in [message] { + csv { + columns => ["reportingEntityName","eventType","count_ue_disconnects","TS"] + separator => "," + convert => { + "count_ue_disconnects" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "reconfig_status_success_rate" in [message] { + csv { + columns => ["reportingEntityName","eventType","successful_reconfiguration_requests","GNB_ID","success_rate","total_reconfiguration_requests","TS"] + separator => "," + convert => { + "successful_reconfiguration_requests" => "integer" + "success_rate" => "integer" + "total_reconfiguration_requests" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "addreq_pdf_nr_cell" in [message] { + csv { + columns => ["reportingEntityName","eventType","rsrp_medium","rsrp_bad","cnt","rsrp_vbad","CELL_ID","rsrp_good","rsrp_vgood","TS"] + separator => "," + convert => { + "rsrp_medium" => "integer" + "rsrp_bad" => "integer" + "cnt" => "integer" + "rsrp_vbad" => "integer" + "CELL_ID" => "integer" + "rsrp_good" => "integer" + "rsrp_vgood" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "rrcx_pdf_serv_cell" in [message] { + csv { + columns => ["reportingEntityName","eventType","rsrp_medium","rsrp_bad","cnt","rsrp_vbad","CELL_ID","rsrp_good","rsrp_vgood","TS"] + separator => "," + convert => { + "rsrp_medium" => "integer" + "rsrp_bad" => "integer" + "cnt" => "integer" + "rsrp_vbad" => "integer" + "CELL_ID" => "integer" + "rsrp_good" => "integer" + "rsrp_vgood" => "integer" + "TS" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "rrcx_stats_serv_gnb" in [message] { + csv { + columns => ["reportingEntityName","eventType","median_rsrp","cnt","max_rsrp","stddev_rsrp","GNB_ID","pctl_95_rsrp","pctl_05_rsrp","TS","min_rsrp"] + separator => "," + convert => { + "median_rsrp" => "integer" + "cnt" => "integer" + "max_rsrp" => "integer" + "stddev_rsrp" => "float" + "pctl_95_rsrp" => "integer" + "pctl_05_rsrp" => "integer" + "TS" => "integer" + "min_rsrp" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "addreq_stats_nr_cell" in [message] { + csv { + columns => ["reportingEntityName","eventType","median_rsrp","cnt","max_rsrp","stddev_rsrp","CELL_ID","pctl_95_rsrp","pctl_05_rsrp","TS","min_rsrp"] + separator => "," + convert => { + "median_rsrp" => "integer" + "cnt" => "integer" + "max_rsrp" => "integer" + "stddev_rsrp" => "float" + "CELL_ID" => "integer" + "pctl_95_rsrp" => "integer" + "pctl_05_rsrp" => "integer" + "TS" => "integer" + "min_rsrp" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "addreq_stats_nr_gnb" in [message] { + csv { + columns => ["reportingEntityName","eventType","median_rsrp","cnt","max_rsrp","stddev_rsrp","GNB_ID","pctl_95_rsrp","pctl_05_rsrp","TS","min_rsrp"] + separator => "," + convert => { + "median_rsrp" => "integer" + "cnt" => "integer" + "max_rsrp" => "integer" + "stddev_rsrp" => "float" + "pctl_95_rsrp" => "integer" + "pctl_05_rsrp" => "integer" + "TS" => "integer" + "min_rsrp" => "integer" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + else if "mc_connection_stats" in [message] { + csv { + columns => ["reportingEntityName","eventType","avg_connected_time","pctl_05_connected_time","pctl_95_connected_time","min_connected_time","stddev_connected_time", "max_connected_time", "TS"] + separator => "," + convert => { + "avg_connected_time" => "float" + "pctl_05_connected_time" => "float" + "pctl_95_connected_time" => "float" + "min_connected_time" => "float" + "stddev_connected_time" => "float" + "max_connected_time" => "float" + "TS" => "float" + } + } + date { + match => [ "TS", "UNIX" ] + target => "TS" + } + } + } + else if "AC xAPP" in [message] { + csv { + columns => ["reportingEntityName","SgNB_Request_Rate","SgNB_Accept_Rate"] + separator => "," + convert => { + "SgNB_Request_Rate" => "integer" + "SgNB_Accept_Rate" => "integer" + } + } + } + else { + csv { + columns => ["reportingEntityName","Unknown1","Unknown2"] + separator => "," + } + } + } + + +outputs: + main: |- + output { + if "GS-LITE MC" in [reportingEntityName] { + if "mc_connected_cnt" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-connected-cnt" + } + } + else if "erab_stats" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-erab-stats" + } + } + else if "reconfig_status_reject_cause" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-reconfig-status-reject-cause" + } + } + else if "release_req_success_stats" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-release-req-success-stats" + } + } + else if "mod_status_refuse_cause" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-mod-status-refuse-cause" + } + } + else if "release_cause" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-release-cause" + } + } + else if "mc_unique_ue_cnt" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-unique-ue-cnt" + } + } + else if "mc_connection_stats" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-conn-stats" + } + } + else if "addreq_pdf_nr_gnb" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-addreq-pdf-nr-gnb" + } + } + else if "rrcx_stats_serv_gnb" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-rrcx-stats-serv-gnb" + } + } + else if "rrcx_pdf_serv_cell" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-rrcx-pdf-serv-cell" + } + } + else if "reconfig_status_success_rate" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-reconfig-status-success-rate" + } + } + else if "mc_disconnects_cnt" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-disconnects-cnt" + } + } + else if "mc_connects_cnt" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-connects-cnt" + } + } + else if "addreq_success_stats" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-addreq-success-stats" + } + } + else if "addreq_stats_nr_gnb" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-addreq-stats-nr-gnb" + } + } + else if "addreq_stats_nr_cell" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-addreq-stats-nr-cell" + } + } + else if "addreq_pdf_nr_cell" in [eventType] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-mc-addreq-pdf-nr-cell" + } + } + } + else if "AC xAPP" in [reportingEntityName] { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-ac" + } + } + else { + elasticsearch { + hosts => "elasticsearch-data.kube-system.svc.rec.io" + index => "events-ves-other" + } + } + } diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/requirements.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/requirements.yaml new file mode 100755 index 00000000..a9442bbc --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/requirements.yaml @@ -0,0 +1,26 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +dependencies: +- name: elasticsearch + version: ^7.3.0 + condition: elasticsearch.enabled +- name: kibana + version: ^7.3.0 + condition: kibana.enabled +- name: logstash + version: ^1.6.0 + condition: logstash.enabled diff --git a/ric-aux/80-Auxiliary-Functions/helm/mc-stack/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/values.yaml new file mode 100755 index 00000000..55574cd1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/mc-stack/values.yaml @@ -0,0 +1,31 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# Default values for elk. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +elasticsearch: + enabled: true + +kibana: + enabled: true + env: + ELASTICSEARCH_HOSTS: http://{{ .Release.Name }}-elasticsearch-client:9200 + +logstash: + enabled: true + # elasticsearch: + # host: elastic-stack-elasticsearch-client diff --git a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/service.yaml index 8200eda6..2842708a 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/service.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/service.yaml @@ -34,6 +34,6 @@ spec: ports: - port: {{ $root.Values.service.externalPort }} targetPort: {{ $root.Values.service.externalPort }} - nodePort: {{ $root.Values.service.baseNodePort | add $i }} + nodePort: {{ add 30940 $i }} name: {{ $root.Values.service.name }}-{{ $i }} {{ end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/statefulset.yaml index 0e38ed5a..547177c2 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/statefulset.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-kafka/templates/statefulset.yaml @@ -16,7 +16,7 @@ ################################################################################ -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -29,6 +29,10 @@ metadata: spec: serviceName: {{ .Values.service.name }} replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} podManagementPolicy: Parallel template: metadata: @@ -131,6 +135,8 @@ spec: value: "{{ .Values.replicaCount }}" - name: KAFKA_NUM_PARTITIONS value: "{{ .Values.defaultpartitions }}" + - name: KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS + value: "60000" volumeMounts: - mountPath: /etc/localtime name: localtime @@ -176,4 +182,4 @@ spec: heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "docker-reg-cred" \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml index 5a370cdc..5c2db8c1 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/poddisruptionbudget.yaml @@ -25,4 +25,4 @@ spec: selector: matchLabels: app: {{ include "common.name" . }} - maxUnavailable: {{ include "zk.maxUnavailable" . }} + maxUnavailable: 1 diff --git a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/statefulset.yaml index 61f0a35e..99a71c2d 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/statefulset.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/message-router/charts/message-router-zookeeper/templates/statefulset.yaml @@ -16,7 +16,7 @@ ################################################################################ -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -29,10 +29,14 @@ metadata: spec: serviceName: {{ .Values.service.name }} replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} updateStrategy: type: RollingUpdate rollingUpdate: - maxUnavailable: {{ .Values.maxUnavailable }} + maxUnavailable: {{ .Values.rollingUpdate.maxUnavailable }} podManagementPolicy: Parallel template: metadata: @@ -61,7 +65,7 @@ spec: - sh - -exec - > - chown -R 1000:1000 /tmp/zookeeper/apikeys; + mkdir -p /tmp/zookeeper/apikeys/version-2 && chown -R 1000:1000 /tmp/zookeeper/apikeys; image: "{{ .Values.busyBoxRepository }}/{{ .Values.busyBoxImage }}" imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} volumeMounts: @@ -145,6 +149,6 @@ spec: heritage: "{{ .Release.Service }}" {{ end }} imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" + - name: "docker-reg-cred" diff --git a/ric-aux/80-Auxiliary-Functions/helm/message-router/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/message-router/templates/statefulset.yaml index 33f422a9..bc97515b 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/message-router/templates/statefulset.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/message-router/templates/statefulset.yaml @@ -17,7 +17,7 @@ -apiVersion: apps/v1beta1 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ include "common.fullname" . }} @@ -29,6 +29,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/message-router/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/message-router/values.yaml index 5ffcdaa4..c6bc99ac 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/message-router/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/message-router/values.yaml @@ -98,3 +98,24 @@ resources: cpu: 200m memory: 2Gi unlimited: {} + +# subchart configurations +message-router-kafka: + ubuntuInitRepository: docker.io + ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + busyBoxRepository: docker.io + busyBoxImage: busybox:1.30 + onapRepository: nexus3.onap.org:10001 + image: onap/dmaap/kafka111:1.0.0 + replicaCount: 3 + service: + baseNodePort: 30490 + +message-router-zookeeper: + ubuntuInitRepository: docker.io + ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + busyBoxRepository: docker.io + busyBoxImage: busybox:1.30 + onapRepository: nexus3.onap.org:10001 + image: onap/dmaap/zookeeper:5.0.0 + replicaCount: 3 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml deleted file mode 100644 index fa2ed656..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -name: onap -version: 5.0.0 -appVersion: El Alto -description: Open Network Automation Platform (ONAP) -home: https://www.onap.org/ -sources: -- https://gerrit.onap.org/r/#/admin/projects/ -icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml deleted file mode 100755 index 6c65cd4b..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml +++ /dev/null @@ -1,21 +0,0 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# Referencing a named repo called 'local'. -# Can add this repo by running commands like: -# > helm serve -# > helm repo add local http://127.0.0.1:8879 -dependencies: - - name: ric-common - version: ~2.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml deleted file mode 100644 index fa8619ed..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml +++ /dev/null @@ -1,144 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration overrides. -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -################################################################# -global: - # Change to an unused port prefix range to prevent port conflicts - # with other instances running within the same k8s cluster - nodePortPrefix: 302 - nodePortPrefixExt: 304 - - # ONAP Repository - # Uncomment the following to enable the use of a single docker - # repository but ONLY if your repository mirrors all ONAP - # docker images. This includes all images from dockerhub and - # any other repository that hosts images for ONAP components. - #repository: nexus3.onap.org:10001 - - # readiness check - temporary repo until images migrated to nexus3 - readinessRepository: oomk8s - # logging agent - temporary repo until images migrated to nexus3 - loggingRepository: docker.elastic.co - - # image pull policy - pullPolicy: IfNotPresent - - # override default mount path root directory - # referenced by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - - # flag to enable debugging - application support required - debugEnabled: true - -################################################################# -# Enable/disable and configure helm charts (ie. applications) -# to customize the ONAP deployment. -################################################################# -aaf: - enabled: false -aai: - enabled: false - aai-cassandra: - replicaCount: 1 -appc: - enabled: false -cassandra: - enabled: false - replicaCount: 1 -clamp: - enabled: false -cli: - enabled: false -consul: - enabled: false -contrib: - enabled: false -dcaegen2: - enabled: false -dmaap: - enabled: false -esr: - enabled: false -log: - enabled: false - log-logstash: - replicaCount: 1 -sniro-emulator: - enabled: false -oof: - enabled: false -mariadb-galera: - enabled: false -msb: - enabled: false -multicloud: - enabled: false -nbi: - enabled: false -policy: - enabled: false -pomba: - enabled: false -portal: - enabled: false -robot: - enabled: true -sdc: - enabled: false -sdnc: - enabled: false - - replicaCount: 1 - - mysql: - replicaCount: 1 -so: - enabled: false - - replicaCount: 1 - - liveness: - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - - # so server configuration - config: - # message router configuration - dmaapTopic: "AUTO" - # openstack configuration - openStackUserName: "vnf_user" - openStackRegion: "RegionOne" - openStackKeyStoneUrl: "http://1.2.3.4:5000" - openStackServiceTenantName: "service" - openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password -uui: - enabled: false -vfc: - enabled: false -vid: - enabled: false -vnfsdk: - enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml deleted file mode 100644 index 27588fa4..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml +++ /dev/null @@ -1,85 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -# This override file is useful to test one or more subcharts. -# It overrides the default ONAP parent chart behaviour to deploy -# all of ONAP. -# -# Example use to enable a single subchart (from this directory): -# -# helm install local/onap -n onap --namespace onap -f disable-allcharts.yaml --set so.enabled=true - -################################################################# -# Enable/disable and configure helm charts (ie. applications) -# to customize the ONAP deployment. -################################################################# -aaf: - enabled: false -aai: - enabled: false -appc: - enabled: false -cassandra: - enabled: false -clamp: - enabled: false -cli: - enabled: false -consul: - enabled: false -contrib: - enabled: false -dcaegen2: - enabled: false -dmaap: - enabled: false -esr: - enabled: false -log: - enabled: false -sniro-emulator: - enabled: false -mariadb-galera: - enabled: false -msb: - enabled: false -multicloud: - enabled: false -nbi: - enabled: false -oof: - enabled: false -policy: - enabled: false -pomba: - enabled: false -portal: - enabled: false -robot: - enabled: false -sdc: - enabled: false -sdnc: - enabled: false -so: - enabled: false -uui: - enabled: false -vfc: - enabled: false -vid: - enabled: false -vnfsdk: - enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml deleted file mode 100644 index 989174c1..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml +++ /dev/null @@ -1,178 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, Orange -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -# This override file is used to deploy a minmal configuration to -# to onboard and deploy a VNF. -# It includes the following components: -# A&AI, DMAAP, Portal, Robot, SDC, SDNC, SO, VID -# -# Minimal resources are also reviewed for the various containers -# A&AI: no override => to be fixed -# DMAAP: no override -# Portal: new values -# Robot: new values -# SO: no override -# SDC: new values -# SDNC: no override -# VID: no override -# -# Replica are set to 1 (A&AI Cassandra) -# -# In addition, some parameters are set to limit the memory footprint -# -# It overrides the default ONAP parent chart behaviour to deploy -# all of ONAP. -# -# helm deploy minimal local/onap --namespace onap -f minimal-onap.yaml - -################################################################# -# Minimal ONAP deployment to onboard and deploy a VNF -################################################################# -aai: - enabled: true - global: - cassandra: - replicas: 1 - aai-cassandra: - replicaCount: 1 -aaf: - enabled: false -appc: - enabled: false -cassandra: - enabled: false - replicaCount: 1 -clamp: - enabled: false -cli: - enabled: false -consul: - enabled: false -contrib: - enabled: false -dcaegen2: - enabled: false -dmaap: - enabled: true -esr: - enabled: false -log: - enabled: false -mariadb-galera: - enabled: true -msb: - enabled: false -multicloud: - enabled: false -nbi: - enabled: false -oof: - enabled: false -policy: - enabled: false -pomba: - enabled: false -portal: - enabled: true - portal-cassandra: - config: - cassandraJvmOpts: "-Xmx512m -Xms256m" - resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 100m - memory: 1Gi - portal-app: - resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 100m - memory: 1Gi - resources: - portal-mariaddb: - resources: - small: - limits: - cpu: 800m - memory: 1Gi - requests: - cpu: 100m - memory: 500Mi - portal-widget: - resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 100m - memory: 500Mi -robot: - enabled: true - config: - openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD" - resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 10m - memory: 100Mi -sdc: - enabled: true - sdc-be: - config: - javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=4000,server=y,suspend=n -Xmx512m -Xms256m" - sdc-fe: - resources: - small: - limits: - cpu: 1 - memory: 2Gi - requests: - cpu: 10m - memory: 500Mi - sdc-cs: - config: - maxHeapSize: "512M" - heapNewSize: "256M" -sdnc: - enabled: true -sniro-emulator: - enabled: false -so: - enabled: true - config: - # openstack configuration - openStackUserName: "$OPENSTACK_USER_NAME" - openStackRegion: "$OPENSTACK_REGION" - openStackKeyStoneUrl: "$OPENSTACK_KEYSTONE_URL" - openStackServiceTenantName: "$OPENSTACK_TENANT_NAME" - openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD" -uui: - enabled: false -vid: - enabled: true -vfc: - enabled: false -vnfsdk: - enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml deleted file mode 100644 index 2d4360c5..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml +++ /dev/null @@ -1,162 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration overrides. -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -# -# -# This is specifically for the environments which take time to -# deploy ONAP. This increase in timeouts prevents restarting of -# the pods thereby the components will be deployed without error. -################################################################# -aaf: - aaf-cs: - liveness: - initialDelaySeconds: 240 - readiness: - initialDelaySeconds: 240 - aaf-gui: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - aaf-oauth: - liveness: - initialDelaySeconds: 300 - readiness: - initialDelaySeconds: 300 - aaf-service: - liveness: - initialDelaySeconds: 300 - readiness: - initialDelaySeconds: 300 -aai: - aai-champ: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -cassandra: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -clamp: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 -dcaegen2: - dcae-cloudify-manager: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -dmaap: - dmaap-bus-controller: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - message-router: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - dmaap-dr-prov: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - dmaap-dr-node: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - -portal: - portal-app: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 -sdc: - sdc-be: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - sdc-cs: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - sdc-es: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 120 - sdc-onboarding-be: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -sdnc: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 - - dmaap-listener: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - sdnc-ansible-server: - readiness: - initialDelaySeconds: 120 - sdnc-portal: - readiness: - initialDelaySeconds: 120 - ueb-listener: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 - -so: - liveness: - initialDelaySeconds: 120 - so-mariadb: - liveness: - initialDelaySeconds: 900 - readiness: - initialDelaySeconds: 900 - -uui: - uui-server: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -mariadb-galera: - mariadb-galera-server: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml deleted file mode 100644 index 75ce8e52..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml +++ /dev/null @@ -1,225 +0,0 @@ -# Copyright © 2017,2019 Amdocs, AT&T , Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# -# These overrides will affect all helm charts (ie. applications) -# that are listed below and are 'enabled'. -# -# -# This is specifically for the environments which take time to -# deploy ONAP. This increase in timeouts prevents false restarting of -# the pods during startup configuration. -# -# These timers have been tuned by the ONAP integration team. They -# have been tested and validated in the ONAP integration lab (Intel/Windriver lab). -# They are however indicative and may be adapted to your environment as they -# depend on the performance of the infrastructure you are installing ONAP on. -# -# Please note that these timers must remain reasonable, in other words, if -# your infrastructure is not performant enough, extending the timers to very -# large value may not fix all installation issues on over subscribed hardware. -# -################################################################# -aaf: - aaf-cs: - liveness: - initialDelaySeconds: 240 - readiness: - initialDelaySeconds: 240 - aaf-gui: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - aaf-oauth: - liveness: - initialDelaySeconds: 300 - readiness: - initialDelaySeconds: 300 - aaf-service: - liveness: - initialDelaySeconds: 300 - readiness: - initialDelaySeconds: 300 -aai: - liveness: - initialDelaySeconds: 120 - aai-champ: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - aai-data-router: - liveness: - initialDelaySeconds: 120 - aai-sparky-be: - liveness: - initialDelaySeconds: 120 - aai-spike: - liveness: - initialDelaySeconds: 120 - aai-cassandra: - liveness: - periodSeconds: 120 - readiness: - periodSeconds: 60 -appc: - mariadb-galera: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 -cassandra: - liveness: - initialDelaySeconds: 120 - periodSeconds: 120 - readiness: - initialDelaySeconds: 120 - periodSeconds: 60 -clamp: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 -dcaegen2: - dcae-cloudify-manager: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -dmaap: - dmaap-bus-controller: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - message-router: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - dmaap-dr-prov: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - mariadb: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 - dmaap-dr-node: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -mariadb-galera: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 - mariadb-galera-server: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -modeling: - mariadb-galera: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 -oof: - oof-has: - music: - music-cassandra: - liveness: - periodSeconds: 120 - readiness: - periodSeconds: 60 -portal: - portal-app: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 - portal-cassandra: - liveness: - periodSeconds: 120 - readiness: - periodSeconds: 60 -sdc: - sdc-be: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - sdc-cs: - liveness: - initialDelaySeconds: 120 - periodSeconds: 120 - readiness: - initialDelaySeconds: 120 - periodSeconds: 60 - sdc-es: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 120 - sdc-onboarding-be: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -sdnc: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 - dmaap-listener: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 - mariadb-galera: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 - sdnc-ansible-server: - readiness: - initialDelaySeconds: 120 - sdnc-portal: - readiness: - initialDelaySeconds: 120 - ueb-listener: - liveness: - initialDelaySeconds: 60 - readiness: - initialDelaySeconds: 60 -so: - liveness: - initialDelaySeconds: 120 - mariadb: - liveness: - initialDelaySeconds: 900 - readiness: - initialDelaySeconds: 900 -uui: - uui-server: - liveness: - initialDelaySeconds: 120 - readiness: - initialDelaySeconds: 120 -vfc: - mariadb-galera: - liveness: - initialDelaySeconds: 180 - periodSeconds: 60 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml deleted file mode 100644 index ee272695..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml +++ /dev/null @@ -1,80 +0,0 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################### -# This override file enables helm charts for all ONAP applications. -################################################################### -cassandra: - enabled: true -mariadb-galera: - enabled: true - -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true -clamp: - enabled: true -cli: - enabled: true -consul: - enabled: true -contrib: - enabled: true -dcaegen2: - enabled: true -dmaap: - enabled: true -esr: - enabled: true -log: - enabled: true -sniro-emulator: - enabled: true -oof: - enabled: true -msb: - enabled: true -multicloud: - enabled: true -nbi: - enabled: true -policy: - enabled: true -pomba: - enabled: true -portal: - enabled: true -robot: - enabled: true -sdc: - enabled: true -sdnc: - enabled: true -so: - enabled: true -uui: - enabled: true -vfc: - enabled: true -vid: - enabled: true - ingress: - enabled: true -vnfsdk: - enabled: true -nginx-ingress: - enabled: true diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml deleted file mode 100644 index 04fbc97f..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml +++ /dev/null @@ -1,78 +0,0 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################### -# This override file enables helm charts for all ONAP applications. -################################################################### -cassandra: - enabled: true -mariadb-galera: - enabled: true - -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true -clamp: - enabled: true -cli: - enabled: true -consul: - enabled: true -contrib: - enabled: true -dcaegen2: - enabled: true -dmaap: - enabled: true -esr: - enabled: true -log: - enabled: true -sniro-emulator: - enabled: true -oof: - enabled: true -msb: - enabled: true -multicloud: - enabled: true -nbi: - enabled: true -policy: - enabled: true -pomba: - enabled: true -portal: - enabled: true -robot: - enabled: true -sdc: - enabled: true -sdnc: - enabled: true -so: - enabled: true -uui: - enabled: true -vfc: - enabled: true -vid: - enabled: true -vnfsdk: - enabled: true -modeling: - enabled: true diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml deleted file mode 100644 index 323961fb..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml +++ /dev/null @@ -1,55 +0,0 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################### -# This override file enables ONAP Application helm charts for the -# vFW use case. -################################################################### -cassandra: - enabled: true -mariadb-galera: - enabled: true - -aaf: - enabled: true -aai: - enabled: true -appc: - enabled: true -clamp: - enabled: true -consul: - enabled: true -dcaegen2: - enabled: true -dmaap: - enabled: true -log: - enabled: true -oof: - enabled: true -msb: - enabled: true -policy: - enabled: true -portal: - enabled: true -robot: - enabled: true -sdc: - enabled: true -sdnc: - enabled: true -so: - enabled: true \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml deleted file mode 100644 index a8294d24..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml +++ /dev/null @@ -1,62 +0,0 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# This override file configures openstack parameters for ONAP -################################################################# -appc: - config: - enableClustering: false - openStackType: "OpenStackProvider" - openStackName: "OpenStack" - openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" - openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" - openStackDomain: "Default" - openStackUserName: "OPENSTACK_USERNAME_HERE" - openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" -robot: - appcUsername: "appc@appc.onap.org" - appcPassword: "demo123456!" - openStackKeyStoneUrl: "http://10.12.25.2:5000" - openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" - openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" - openStackUserName: "OPENSTACK_USERNAME_HERE" - ubuntu14Image: "ubuntu-14-04-cloud-amd64" - ubuntu16Image: "ubuntu-16-04-cloud-amd64" - openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313" - openStackPrivateSubnetId: "2a0e8888-f93e-4615-8d28-fc3d4d087fc3" - openStackPrivateNetCidr: "10.0.0.0/16" - openStackSecurityGroup: "3a7a1e7e-6d15-4264-835d-fab1ae81e8b0" - openStackOamNetworkCidrPrefix: "10.0" - dcaeCollectorIp: "10.12.6.88" - vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" - demoArtifactsVersion: "1.4.0-SNAPSHOT" - demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" - scriptVersion: "1.4.0-SNAPSHOT" - rancherIpAddress: "10.12.5.127" - config: - # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment - openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" -so: - # so server configuration - so-catalog-db-adapter: - config: - openStackUserName: "OPENSTACK_USERNAME_HERE" - openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" - openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" -nbi: - config: - # openstack configuration - openStackRegion: "Yolo" - openStackVNFTenantId: "1234" \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl deleted file mode 100755 index 1c9fad67..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl +++ /dev/null @@ -1,33 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - - -{{/* - Resolve the image repository secret token. - The value for .Values.global.repositoryCred is used: - repositoryCred: - user: user - password: password - mail: email (optional) -*/}} -{{- define "common.repository.secret" -}} - {{- $repo := include "common.repository" . }} - {{- $repo := default "nexus3.onap.org:10001" $repo }} - {{- $cred := .Values.global.repositoryCred }} - {{- $mail := default "@" $cred.mail }} - {{- $auth := printf "%s:%s" $cred.user $cred.password | b64enc }} - {{- printf "{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}" $repo $cred.user $cred.password $mail $auth | b64enc -}} -{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml deleted file mode 100644 index fbe9a5b0..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml +++ /dev/null @@ -1,32 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: rbac.authorization.k8s.io/v1beta1 -kind: ClusterRoleBinding -metadata: - name: {{ include "common.namespace" . }}-binding - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: cluster-admin -subjects: - - kind: ServiceAccount - name: default - namespace: {{ include "common.namespace" . }} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml deleted file mode 100644 index 145b55f3..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Secret -metadata: - name: {{ include "common.namespace" . }}-docker-registry-key - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: - .dockercfg: {{ include "common.repository.secret" . }} -type: kubernetes.io/dockercfg diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml deleted file mode 100644 index 5418da78..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml +++ /dev/null @@ -1,34 +0,0 @@ -{{/* -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ if .Values.global.persistence.enableDefaultStorageclass }} -kind: StorageClass -apiVersion: storage.k8s.io/v1 -metadata: - name: "{{ include "common.namespace" . }}-default-storageclass" - namespace: {{ include "common.namespace" . }} - annotations: - storageclass.kubernetes.io/is-default-class: "true" - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -provisioner: {{ .Values.global.persistence.storageclassProvisioner }} -reclaimPolicy: {{ .Values.global.persistence.volumeReclaimPolicy }} -parameters: -{{ toYaml .Values.global.persistence.parameters | indent 2 }} -{{ end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml deleted file mode 100755 index bf4c096e..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml +++ /dev/null @@ -1,23 +0,0 @@ -# Copyright © 2019 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -global: - # default mount path root directory referenced - # by persistent volumes and log files - persistence: - mountPath: /dockerdata-nfs - enableDefaultStorageclass: false - parameters: {} - storageclassProvisioner: kubernetes.io/no-provisioner - volumeReclaimPolicy: Retain diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties index 8d21859b..e5c18465 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties @@ -114,11 +114,11 @@ external_system_notification_url= https://jira.onap.org/browse/ # External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now) ext_central_access_user_name = aaf_admin@people.osaaf.org ext_central_access_password = VTCIC7wfMI0Zy61wkqKQC0bF0EK2YmL2JLl1fQU2YC4= -ext_central_access_url = https://aaf-service:8100/authz/ +ext_central_access_url = https://aaf-service.onap:8100/authz/ ext_central_access_user_domain = @people.osaaf.org # External Central Auth system access remote_centralized_system_access = true #cookie domain -cookie_domain = onap.org +cookie_domain = {{.Values.global.cookieDomain}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml index 1fa62bf9..29f0a803 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml @@ -12,7 +12,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} @@ -24,8 +24,16 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: + {{- if .Values.annotations }} + annotations: + {{- .Values.annotations | nindent 8 -}} + {{ end }} labels: app: {{ include "common.name" . }} release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml index 3b94df2c..82f622dc 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml @@ -29,6 +29,7 @@ global: portalFEPort: "30225" # application's front end hostname. Must be resolvable on the client side environment portalHostName: "portal.api.simpledemo.onap.org" + cookieDomain: "onap.org" keystoreFile: "keystoreONAPPortal.p12" truststoreFile: "truststoreONAPall.jks" keypass: ",@{9!OOv%HO@#c+0Z}axu!xV" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml index 20407940..3c9122a5 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} @@ -25,6 +25,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml index 252ca765..c7030d0a 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml @@ -35,4 +35,19 @@ spec: persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} hostPath: path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} + nodeAffinity: + required: + nodeSelectorTerms: + - matchExpressions: + - key: portal-storage + operator: In + values: + - enable +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} {{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml index c46ca423..4551d4d4 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml @@ -73,6 +73,8 @@ persistence: size: 2Gi mountPath: /dockerdata-nfs mountSubPath: portal/cassandra/data + storageClass: "manual" + service: type: ClusterIP diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql index 59b85f7c..286453d6 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql @@ -45,8 +45,7 @@ update fn_app set app_url = 'http://{{.Values.config.msbHostName}}:{{.Values.con /* Create RIC Dashboard app */ INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES -(12, 'RIC-Dashboard', '', NULL, NULL, 'http://{{.Values.config.ricdashboardHostName}}:{{.Values.config.ricdashboardPort}}', '','http://portal.api.simpledemo.onap.org:8990/ONAPPORTALSDK/api/v2', '', '', NULL, 'password', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL); - +(12, 'RIC-Dashboard', '', NULL, NULL, '{{.Values.config.ricdashboardProtocol}}://{{.Values.config.ricdashboardHostName}}:{{.Values.config.ricdashboardPort}}', '','http://service-ricaux-dashboard-http:8080/api/v3', '', '', NULL, 'password', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL); /* @@ -89,22 +88,9 @@ Replace spaces with underscores for role names to match AAF role names UPDATE fn_role SET role_name= REPLACE(role_name, ' ', '_') WHERE active_yn= 'Y'; -/* -Onboard LF Acumos App -*/ -INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES -(11, 'LF Acumos Marketplace', 'images/cache/portal_907838932_26954.png', NULL, NULL, 'https://marketplace.acumos.org/#/home', NULL, NULL, '', '', NULL, '', 'Y', 'Y', NULL, '', '', '', '', 2,'N',NULL); - - --- add Acumos thumbnail -UPDATE`fn_app`SET`thumbnail`=0x89504E470D0A1A0A0000000D494844520000010D0000004408060000009B326018000000017352474200AECE1CE90000000467414D410000B18F0BFC6105000000097048597300000EC400000EC401952B0E1B000051D749444154785EED7D07605555D6F54AEFBDF742120221F41E7A930E0A2A36D451B18E7DFC6C63EF3ACE388EBD6043054511A448EFBD844012D27BEFBD27FF5EFBBD28202558E67766B2E0E625EFB673CB5E67ED7DF639C7A443803F289A9BDB50515E8F152BE2B07A6D124C4C4DE0E06085871F9A0467672B242695A0ADDD048BBF3884E69676B8B8D962D8207F0C1FE887A8084F24A69600268087AB9D2CB63031913FBAD18D6EFC2AFC7F278DC2FC2AC41F2F4479692D2CADCD919F5B0D5F7F27F48EF6C5FAB509D8B93B0BA56575B077B4468B10C3002185E8DEDE58BE2A1E0E7696080E71C5965DE9B07790F56D406D630B5AE592AEBA241A3985B5D8B43713013E8E1814ED8388101739A329C2839CD13FD2D350806E74A31B1784FF6FA471707726962CDE8F92E21A2585BBFE321EC34787E2F18757A3674F2F9C482E415646194C2DCC6061618EC6D636F8783BE1A69B87E3B3250771F0483EEEBF672C3E5A72081DA6663033073ACC4CE507D0C2A5AD1D174F8BC489CC0A1C8C2B8095ADA5F085095ADADB10E2EB84293121F074B3C194E1C1C61275A31BDDE80AFEADA4D12A522023A504AFBFB811B107F2E02C465B5BDB8C19F3FBE1BE4726EB36CDB2CDE5733ED46D69E8266626686BEB40B390C05F1F9D821DBB32F0FDDA440C1D120467576BECDA93250AC502EDE27A989ACBB67239266666FA49A2B9624E1F1C4E2844625AB91CCF02AD72ACB0205704F9D8E3D3D589880872C193B78E44DF080F3D7F37BAD18D7343AAE6DF1759A92538B8331DFF7A76039EB9F73B3C74F357488E2F4280B8080162BC93A6F746700F77E3D6404E6639AAAB1B6069694E6140E180CAAA465CBB70308A44956CDB960A7B714B7CBCEC91935D095321156E632A3FDB4918F20779D054AECC4294C7722198FE3D3D1112E084E6A656D9B203365666B2AD097C3DEC515AD18067DFDF8BC389C5D87630475C20F171BAD18D6E9C15664F088CBFFF66686D6EC3C615C7F1CE4B9B4425B4E3BD57B6E2C89E0CE48991F78CF6C6806181E83F34182EEE7628CCADC4FEDD194200E5B016C5B0757332FAF4F545427C21CCC5E8EBEA5B3054B69F32B5279E7AEA079889AB626F6F891E611E481443178610C63085528709DD13611A3287280F33F9BEADBD0369D9559838320825E50DA8AC6D52F78401D29CC26A580939719BB6D60EFCE3B343D8775C084D088984D28D6E74E3E7F85D94464D5503CA4BAA111EE585CDDFC5C3D1C91A73AE1E827B9F9A0EDF405714E455E3DB2507B0EEDB38A48B12A14BB272D951EC1215B172591CEA6B9A71DB9DA34519B4C04388E5A2A99178F491756AE02489800017716B1A505BD748DB97A55D7F76B4B70B6F1874877E25DB9A8B5C696C6EC5EAADE9983C32183616E2CAC8AACADA46833221C7D0B591ED6C6DCC91955F855B9EDA886D877265AB6E74A31BA7E3778D6964A79562C95BBBE0EBE78CF8B83C242714C1CCDC1466A220CCADCDD121864AA36D1745D0DED20107676BF419E087E5CB6231624C18EEB8670C7C7D9CF0FE7B7BF1CD3747E1EC6A8792D25ADC7DCF587CF6C5117525CCCDCD657F03515068B4CBF13AC465818919AF4E8F4D57A54A148BAD9D05AE9E1D8DE89EEE2815D5F1F83BBB61696E8656F15AE64EEC818D7BB3515A590F37671B0CE8E981876E18063B1B0BC3C574A31BDD50FCA64AA3AEA6D1F89B01813DDC917EA2108BFFB90D19C9C5B013B7C2D6C61216E286988A410B65A82230E96817B7C314B9D915080C71839D9D158E1ECA868DAD052CACCC30615218EAEB5A9095550E7F21A0CCCC72545634A83A686B6B13C26947B3587E93B8450DCDED528E6654563608C1D4A1A0A81AC5A58D701542F2F3B4C7F4B1A1880EF7C0787179E68C0FD37D064779E2C68BFBE09EAB07E0A2114118D4CB03E5D54D4817D7A91BDDE8C6A9F8554AA3BDAD1DA50535D8BF351947F765236A4000D62F3F8A1B1F9D2CC6EF8A7D5B528420CC912A0AE3D8A11C5494D5A343C8C2C2C2523EDBD101337527DACD4415886BD1D8D486E8817EDAA272FC7821264C8D40AFDEBED8B02E11B32FE98BB008778486BAE39147D6E0E0915CB8B8DA6A1CC4D28A8B1C43140609C743C8C1DBD3019E1E767075B245634B2BF28A6B909255851BE747CB3A43BCE2D977F748194CB070566F04FA38EA77052535C8C8AB4589B85835428225423E61FECE18290AC84DDCAC6E74E37F1DBF9834F2324A11BB3303C7850C18836453C7F6EFE331686C0F210A4B34D43521490C7FD2DC3E6896DA9F6E4987FC4B4F2A467A6AA9A80E2B3172C377A6421A8C2FB4B677C02FD0052E1EF6D8B92D0DD3E74623E158018E1D2FC082AB07E3EE7BC7EAB95B455D3CF6F8063838580A5998CB37A259E4FC248DBAFA6694890A2912822A1157A356DC121373463D4C34DFE396AB07C2C949CE2D0AE799F7F68942E9C0B0BEDE78EECE51F866630A36EDCF4190B783B6CA3434B6C2CFCB1EF72F1CACE7ED4637BAF10B5B4FF2C43D483A9287A37BB3509A5F8D82AC0AA4C717C1D1CD0EA3A6F4C2F6B509E839C01F1525B5C84B2F478F282FA42516A140DC8F7E4383316058104E08193436B4AA719A98507188D10B5A5BDBE01BE08ADCCC32F41F1C80C2C26A3489F13258397D666FDD265548870961B1B105881342C9C8AC405A7A2952A55C39B955281375C0E42E4BB6B4385AC1C6CA12E6421C57CE89C2CE43F958B53515FE5E0EC82DAA858D28A176718F2AC5A5F97455BC0665738A6A905520D75552872BA74522C4CF49CF7B5814934F77AB4A37FEC771C1A4919F5186D59F1DC4CAC507909F5E863A632B04839AA3A7F5C291BD99A8AD6A847FB02B6A6B9A502D069C23063D767A14F2B24BB16753AAB8297598B770089CDCAC5155DE246E40931CD9A038D844EBE5EB888A8A460487B9232DA5144D0D2D98785124BEFD260E8D8D2D78E7ED3DEABE4C9A180E5F712B68E8241636B1527958989B69BC8344441DD5D8D48A9821816810923A9258289E503B22A47CCDADEDC828A8C2A59323B0799F2826E12D531353398E09A2C40D9A363A04EF7E7D0CF58D4DC82DAE45627A051EFEE72E38DA5B2032C4CD7043FECD484F4F47515109CA2BCA51525A8ABABA7A383B1B48AD1BDD381D35627F6952515695D6A1BCA0064599557016F5CCC688AE808E48E29E6C146654222FA904D6F69617E69E241ECEC1130B3F1735D00E7B91F8CC99606442BC0538B9DAA0F7D020ECDD9484E6A6360C1917266AA11C456294B4DC167103E6888B117F24178971F9AA307A0D0C44786F4F0D5A1E3D948B8AF23A315C33F41DE48FCAAA06F48EF6C1DAD509983AB30FF2F32AB17D7B3A1A8520DE7C6B3EEEB9F73B58D95868BE464888AB2809536489CA484A2B81B98519CC2CCDE59CEDA86F6E4564B827860DF4C7D2D5F13057774688A4A51DF75E3F148FBDB113B72D18802FD69D1032E980BBB30D068B32AAAD6FC57E51316CAE8D94E3975736C2CED60243FAF860E59654FCF5E6E188E9EFA7C7FA77A1AABA1AB7DF719794A54AAED70C2D52B6007F3FBCFBF6BF8C5B74A31BA762C9939BF1F1131BE1225E80982A8ACA2BB1F8E87D081197BC2B6066F69F7ABC8AAAE27A5434D5E2910F1674BDF5A4A2B806FFBCFF3B357647210833062F850C5833D78981470F0B46767231DA9A8546C4F8E84EB0C6679E9585F61F31C3FA15C7101EE58D9E7D7D5401A4C4E763CDD77128CAADC678511293448D58DB98225D8E13262A836C16DDD7175555F538723817F6F656183E2C5093BF7AF7F28295A5190A0A2AB1735726E2C4DD610BC96C513BE13DDC515FD3027F512C7D7A0A610CF0C39ACD295A16930EBA432668686A41AAB84B93C4553A72A244FE6EC55021A9182197A32965D829E446E5C126597B21272F775BA464552253C86BEAA810DCF7CA367CBE26D17073FE4D484FCF40756DAD90A2B9DE7F0B21C6CAEA2AE4648B4AEA4637CE80836B93606B632DCA9BFDB3E49D811992F6753D07898A9DEADD5AD4B5B5ECCD0AB9CBA4B14C6AE48AA23A58DB592963197E98A059DC054F7F6771356C912A866B2E86CC55861805C39C063010DA2A35E3C6157188EAEF8F3031FA56A9ED2D8484524F1461D5D223C813A39C3AA72FAEB969246EBD672C6EBC7524C27B7A61DBA614588B8190A7AEB86AB09245CCA8505538E6723318AFA8AA6EC4814379DA2BD65A2EF2963F0DC67BAFCEC11BCFCF10C337415E41B5121E6326CCEFA04B532F6ECF8BF78DC590686F5C3A25920D381AEF2816F7C9C64A6E2F133CE41A790D24391B6B33511F4568927D678DED81E73ED8872FD69CD0EBFB7720AFA040DD370B7323695858A05648242D33D3B84537BA712AF2922A602D0A99F6672A2E899D8D0DF67C7B21EFAC89DA0DED598EA079555D228DF48442EC58190F4B1BB28C9108E4477B7B1B3AE40833AF1A88AFDED90D3B472B35311EB8435E6EF57CD4E2E4D4F2BB419D9862F597471035C01F3DA37C34186A618C43241ECFC3CA2F631112E6AAB5285B3B7CFD1C515FDB2C46DE8AFEB24F546F2F9E1DE3C6F5808BB315DAC405A172A08B66656586868666ACDB90AC01CE4E8C1911848B64FB61E24E0CECE38D3E111E1810E98587160DD7F5D7CEEA8D84F412EC1275C1E0A9A5B02955462778CD3C07FFD94859576E4D839790E4D491C178FE83FD2828A9356EF9FB8171A3B4D474BDA72C0BC1CF367906054226DDE8C6E9488BCD47637DB3D8DD4F66CEE127B2C49E7F0DBA441A6B3E3E8086DA4635640365C84B2BFF5B5B3A10D9CF1FC70FE648ED4F16922FD53581760E63A733F15594343AC42DE0BE06C633C1C695C7111CEE8E883EBE68A8695426B31515D3D6DA8A7D3B33F4BC3C46B528883113C25059D1881917472361733ABE7C6E2B02029C1112EA8626512F3421AA045E0CF7099675B572B30A8A6BD1246EC8079FC7E2D0D13CA46694A1B8B4566E648B2A0DF639518821E617D769CCC2688FA7C2F825B7A65C73B4B5C4C7AB12B4235C94B851EF7F7B4CD7FF9E686C6840764E8E14C55066067309733373A4A6A58B826267BC5F86D2B2721C8F4F405CDC71A4A4A619BF3D376A6AEB909B9B2F845588A2A2626D81EA0A2A2A2A919F5F8002594A4B4B8DDF1A617C1C67425171313233B3905F58A0EE6F5751585884CCAC6C3DE7AF459DA8BAE494541C8D3BA69F3535BFAEB2A895FD4F2425EBBD4FCFC8D0BCA7DF12E9B185686E6E517BEB7C5F482035E50D28C9ADD2BF7F09BA14089DEEFD28BC825C55DEB00F28E3027CC2ACFD46CDE885C3DB33505FDF045331AE0E133331E416F4ECE7AB599EF187F345013065DCF0A2B38584BBD34D6017F68BE6F5D5CE6C69C92586B13398013AAD0F32334A515C5CA3B189B03E5E181113825917F7C513B33E959B51808F33EE475C6201EEB97B259C5D6DF5980CC07AFB3A62D28470AC589D48FEC29851C158B12E093636426062F0ADCC3597B25709A98C1E1288BBAE1BA22FE15FFEBE0D85A5F5E2FF9D9A36CE817FFAF52439B5235148874A8460F9A9662E9D128135DB33B1E485E9FAFDEF85FCC2423CF0E0C342A2B55A067D09E47EF3A5F0F1F6C2DF5F7E11F60E17D61CBC69F3567CBBE23B949697CBF3AB5715C3B47C6727470C1F3E14575F7105ECECEC8C5B9F8AE5DFACC0DBEF7F0027074778C9F99F7FFA49383A3A18D79E1D7FFBFB6BD8BE63973C810EF4EAD51B2F3EFBA4710DB0E09AEBE4FEDBA0AAAA0A77DE7E0B468F1A854F967C8E6DDB7748F91A9418593E2B2B4B840405E3F65B6F86A7E7CF8734A8936B79F783C5883B7A4C5CD07AC37EF2AED9D8DA62C4D0A1B8FCF2F9728D5D6F714A494DC5871F7E82ACDC6C51B28D72CF9BA542B494725821223C0CB7DF7233BCBCBA3EA8D3B1F8447CF8F147282E2CD6B2F259D2D5B4B1B6469F3E5172BC9BE020F7F5D7E2ADBB5663CD5BFBE1E06A2395B229DAE59DA50D971556E3E9D50B31647A4FE39667477B5B076E897A0DD5ECEC595287073E9D7F6EA5D12086F5C683AB60EF6CA3014FC801CC483152DBD5D736A1F7E0409497D6A1A2A446D7EB2A13210659DF202E859DAD35CF4A7A817C6DD88635921C877EB954F5F8F6A3FD881A148879D70CC6F5778CC6B44BFA234708E3C4B17CD456376B3F921D9B92111AE18E385119C7B6666A6C65F9ABBBD02FDA0F11F27D436D0B5AEA5BD1A7B73762860663F98A63A8AD6B4249592DECACE56188E2618F59AA040B59AC84CCE86A4489D2197BF5122CF93E01D7CE8ED2DEAD4CE8D20B3905244983DAE8045B2FAAEB5AB0646D12E64D0A47A5361BFF7E28CC93DAB9A0486B0A7B0707C4C4C4FC68E4256565C8931AB8ABC8CECDC51D77DD8FBF3CF81032B2B2D0D8D8A8C7B1104320A83C967CB10CD366CEC5DE7DFBF4BBD3D1D6D62A06D480C6A646DDBFD3653A1F9A5B9AE51E1BF669967D4F46BEB859C5A228D84AF4C3C64D983BEF727CF0E1C7A248CA757B1A575353132A2BABB067FF7E4C9F7B095E7BFD0D253C82EB972DFF0613264FC3AA55DFCB7594EAF6BA9F187A9990E3E7CB9661C6EC8BF1DDCAD57AFFCE052A89E75F7A190BAFBF09878FC66AF336AFD35A8C9B9FBCFE3DFBF663EEA597E39DF73F947B72EE6115CA45653DFEE4B3B8F6FA3F21E944326AEAEAF438DA7F4ACA585D5383F51B3763F28C3958FAF572E35EBF0C3C5EC2CE6CD8DA5BA2BAAC01F31F18A53DB9F96ED3ED4FDCFDCB83E767250DD6BE2FDFFE35B689013AB8D8A9AA2028723AE4E4D622D1C3A27D70786BAA30B8A53E00C37BC3D609533437081B4B4DCCDD648D128D6E4349201BF2A218CD6564F6E0F6345C77C718CC5D301033E645235E5C89BABA66D4892196145523BABF1FA2A27CF1BDB02607E4616067C757F168916D66CC8C4265553D2688E17A78D861D5DA04348BE133586A21ECCA1A8DA9EB94CFDA7222A4C1E65F17276B0D74BA3AD9606F5C81E68AF41577C35D58992ECF8FC4219FBC2EC3B59D0AC63758CE6FB6A42221B5144542A0BF1732A59663262CEF2163436347C7E82789902F7757E5774949291EFEEB13E2D2A4A0478F1EF2C25AA8D151FE17899AA9A8A8D04BF7F4F080938B339E7AF605AC5DFB8361E79340C94BD7882F3C09B9ABE0B6BA8F2CA7E70A58496DCB1A9C2A80AE9289AC670DCE6746A2A91405C2C06F9BBC3BF6A280820202F0FDDA75F8EB134FE9FEFF7AE36DBCFFFE62F8F9F9C2D5D555BFA3A1733FD6E87C193DDCDDE12ECBEB6FBD850F167FACDB9C0D4F3EFBBCAA315F5F1FD8DBDB0B41CAFB5852823CA36BC5BF1D85C0BDBDBCF09518F94B7FFB8771CF9F83E57FE6F917B06BCF6EBDEF241E920CCB5626A4CF67C867EB2AF7DCC7CB1B1F8852FAE8E34F8D7B5F38CAF36B64A916F56E8EA6D666F41E1988B0413E1AE360AA42AA7800BF14674DEE7A6CC12738BE37138ECEB654F5F222D1E06485B046A348E27173FB885B928646A9E5D90C43FFA3C354B7926DE4B593173A24D203A9C70B35B6C17C0E53715D94DDE580A6F2A9BD5CE54F4BB988590B06E879EDEDAD11D4C31DC347F5C0D09860F4EAE38BEB6F1B898AAC2ABC7AC7D770F370D2F3652617C23BD415D32FEF2F72DD547CC20AEC3B98A301513359CF7270F42E929BB5FC5D5ED5242445E33741ADB852F32E8AC4BA9DE92AD7AA453579BAD9A1ACAA01BD42DD902B6E115B584C29E984A4BC3D6C95344BCAEB7FF6A233685A2EFB6517D6A0A2BA51D3CE1DD8C2F41BE3BD0F3E16D96EE84047497CF5950BB062E52A91CAAD526337C1C5D909C3447A9F0F575F7B83D468D56A04AC29298BC78C1E2D527F11E6CE9E8D5E3D7B222B3B5B6B452B3160BA905BB76F47FF7E7DD5383A91909888FD070EC34A5E7E1AF094C993D46D381F76EFD9A33106C2C3C35DF7EB045D114AFECEDA97464E92701302183A7408264F1C0FFFA000A914C4784BCB94F429E9A950D6AD5F8FB8E3C7F5BA181C6E1077C64B5C9751A34662C2D831F0F1F4929ABD560D94C4642DE7D9272AC1598C3452AEF974BC4A376AD72EB9AFCEF22EB4A84B327CC810DC74D30D5878CD9518346080BA3D1999D9FA4ED8885B159F9080D696560C1CD0DF78949FF0F853CFE2C8915838CBF1E8BEB7C812E8EF8FF9975C82C99326C0C7C70BE5E5157ADFA90458C69DBB760B89B8213232C27894AEE3C09A64ECFE3651EE9189DC232B2C78740C9A4419EFFB3E09B68E56EA098CB9AC0F6CD89DE31C904780EFDFDC87A686568D05C65CD2FBCC4A63E5077B706C4F269CC490280CC8017439A8325A9ADBE017ECA646999F5AA63108AD8D4D459AB5B33A66CD2E062B37CFD2D2C2A8500CF91C1DF2309581A4A6903DE49FB8398DCDB0B631C7210EC493558E171F5E8D6D1B92B07CC9413CF9C04A1CDE9F096F4F47ACF8FB6E5881B2507615B8B838E0D34737CB31A05DEF776C4F959ACA4C5F24BD5259CC854CB2B32B85D9DD34206A2A17C3264B27B9515413F57213581C5B7161761CCA41CF6057EC3E928FE9A3427558C056B600C975B3A4C6D39E11DCFF84943D59CE157BA2CCF8ED6F8BD8B8A35A3B35CB0B1C121CA4DF458485C97535C2567CF5838762F5BB73E1F32FBE446945191CC4B0688CBD7AF5C45BFF7A0D0FDC77B71A419FA8DE98356B063E7AFF5D5C77F55572EC668D05D0C0FEFEFABF37818CB5708B18EAEC9933F0F187EFE1A1BFDC87CB2F9D8F3B6FB9056FFFEB9F78F2AF8FC8B336536366DC8535353F196B6240F1E6458BB058AEE39E3BFF8CCB64BFBBEFFE3316BFF70E16CA7551E5B2F2721445B3F893CF548D9C8CC38763B165C74E5511748B78DCA79F7C0C4F3CF608468F1C81F0D0508C17227AF2B147657958899704C2ED7FD8B0116969E9C62319B07BEF3EECD8B1038E8E8E5A5E1AF1C30FDE8FB7DFF827165C360F53A74CC6AD52DE8F3E7817375EBF50EF3B89D343D4DE3FFEF5CBEE7B6A6C3E5A44713339CB23C409F62EB6088CF65295C177B9AEBC1129877E99DAF8196964261661E5FB7BE12CB52B0FAE8BFC508540F690DFC3C52D39BE3F1B162C00BF5362309000C17DF467A7C1A9111BBEE3EFBC2134C60631DAB09E5E183ABA075E796C2D567C7608DB37266947B7F0080F5C76CD50F1170DAC3DED96A1B2B761842DC2D2DA0C1585B558FBEE014D275F70C540D48BABC0726A49F8299BB68A9131C78365D77F42062E4EB6A8956D35182BFC45366EA86F456E41B52671ED921B3E634CA8BA68243D5E3F8F792E38D858E2B0DCBBDDE25A192FF637035D8616216183F2694770908134FAF58BD60021C939F53CAD1ED5D5D5D82852DB450C852F2E7B1A3FFDC4E3521B9F3980B7E0F24B317BC674A9F92AB416E5F11910FC77A15E8C75EA9429B8E3B65BF4BA4FC730511E7F11B2A30A2009D070F91E9697970B09DE8B8B67CF306E792AAEBAE2725CB56081920CF761D075CBB6EDC6B506ACDFB4194D727E3E75BA7F2C0349F54C60396EF8D3427DB7E82E928C491227E34371833A039B54770FFDDF5F306AE448FDFB74CC9F7709AEBEEA0A7D5EBC6E12E3CA95DF1BD7761D25A2CCD95193EEBC5F989BAA73EF1017B87839C87B2DA421AA9895FE2FC1CF9EC6966F8EA2B2B816E63434351543FC81710AB624048A31338DBC30B35C5B4714F45BC44E9434E4C119BE6BD702F36FD11946E313C333AE673F10BF00174D375FF7F551B4092BDAD859C0D6CE5A7BC86E589388267123464F88C0076FED127FCC1753FE3408B5150DBA3FCF66EF6C8DE57FDB857629CF94291122A17D3536A18511B074626BAA2AACD9314DCAC37F9C07A5B8ACE1470223B998C90D8E4D2A45FF087764E456A348D6C70CF4937D0DC1ADCECB3A1B781C2A8E8DFBB2B16C7D8AF1DBDF06FB0F1E9617DC102C6300B957642FFD3EB26784948BD7C001884C909A7E76E2484E4ED5788685100C9B3D6FBDF90695F6E7C22D37DF68787EB2588A81B1D5E3DF01D6DA2E4E8E5824AEC0B9307CD8505C24C4525D5D23F700A815831C346800468B4B722E5C76E9251ADBE0794888DB4E228D969666ECD9BB57BF671075A8B82431230CF93C67C3B42917A17764A46E4F1C893DAACF8AA8A8AC404E7E9E1CCF5ACB396EDC580C1057EF5CB85208DBD3C35355A5B5EC177BEC9851B1770D65F9D5C84928D1CA84EF65483F43CAB8930801375F074365292E555EF26F401AC53995D8BD3A01760E56CA467C59D4E4E95AC817EDE287450D0F46DCAE74B918CA1C59ABEE0037960388FCEFBCB48E16832B63705FD8A2C24D643B395693280CBF00678C98148E355F1E5212222B32BB9379086672A1ACE5A7CCEA836C21A74FDED98D155FC7E2EA47C7C3C9D356FD4682637514A557206177365C84087A84BAA15F5F1F7978CCDD907F72523605B734B7C3D5C95A1E244B67026747A9618469D9BB5624882CE2CA48F92AAA1B50585287617D3DB1F560166CAD2C101DE681EA9A6634C98D56123C07D8FFC55AAE978AE3B704E3077413784F2CAD2DD5FF2502038244C2BA6A6D6B67678B6DDBCF6ED46C31696D6F55A5E2E4ECA43182AE60CCA81891EF75EA021D3B9E60FCF6F705DD8551725EBEF4E743CC88611A07E1B36D1675306FEE6CE39A7363FEFCB9DA4A43E24C3C9164FC562A98C616E4E6E4684C81EFFFC8E1C38C6BCE8DBE7DFB295170BFC2C242D4D51B82E2F1F189F23E1B62798C7D4C1A3F5EBF3F1FA65E344594739D3E77E69A5455767D402806414BB2AB74747E33331304F531BC2F768ED608161785E66A25B6937A300F7555A7B6607505A79046E2A16CD456366820B1D33C9406C48829FDFB8F0D436E7209AAA5B6A7B8A0612AC882FC9555B63C3CB23E13A7DAA586B79207CF422A64A7C6BA4678FA3961A4B8141BBE3D267FB3ED9DC3FD71F42ED9460ED1D0206E4BA427060E0BC28A2F63E5C19A61C907FBE01AEC8411737AA159540A37ACAF6AC2A069E1881CE10F6F0F7B79099A7464AF1E216E22C1DB34D8CA547533291753CB99A52AF7105E6EF6C6B472C335D018D98E6D29E5D87D341F23FBFA098199E2EB8DC9880872C64DF3FB625A4C885E42A9DC9FCA9A46540AE9742E0C80F2B35C1E4095289DEADA66DDF6B7006B85DCDC3C7D199BA416EC21FE742748141E6E547E2D2AB5D3334EF5A54F4683B1F5802D0FCE22959953D315D8D9DBA3B2AA5ADDA092B262E3B7BF2F5AE47AFC7C7C8C7F9D1B0E0EF64268361A0321B1D9D9762D57C5D7DB5B2B1FD6C4AD6DAD3FAA847A1A3B5F0C45071C1CBB962FC15C1955D282063916DD498284AB55AFDC7B4B2B4B25ECAE80DB65E7E46AAB566E5EBEC656BA8A8C6345FADEF09C76A2C67D420D2D490CFA07F47297EFDBD55D29CCA84055E9A9F19CAEE014D2387120076D2DA22CA486A6FD134A00626C6CC2ECD93F0087B7A569932779829B74928AFE4572503211C2905A9929DE6C52D56C41594D77C3D5C31113664561FD37C7502B8646C6E30BCC6DD984C7E1726A2A1BB170D1485494D661FBA6243839D92991FC202ECBC2C727C88368D45A9F893637BD320DFB572763EDBBFB70D32DC3F1AD10D184096172BA0E1D538342889DD148029CBA31C0D711F945D55A460E2DCA1B687CD61ADBE0A03D8744294C1D1D8A8AAA0684FA3962402F4FCC1A1B8AC76E1E81CBA7F4C49FE646E3964BFBE3D605FD71BB2C775C3E00B75D219FF2FB7D0B0763D2B04075E57E0B544A0D939797A7A4C09A67D8905307040A09095183A1FF5B595125EE598D71CD69A00AD440B53C1F7DEAC68B3E0F2E131FFBEF2FBF80179E7B1AF7DF738FF1DBDF0F343C4A71ED72D005E8BB6ABC14EE4BF2EF0AD8818BEF00F7E1313A732CA8167E245429C78F15E379C0B3D21E0883ED18FEB21322D3E3C8319988D7D0D0B566F9A183066AC21E03B0F7DF7B175C5C9C8D6BCE8F9443B91AFBA38DDA89C20E8AFA296EE51DEAA2F796EF404B633B724E9418D7741DA7DCE18C8442F179E526C9C90C2F9618BFBC68EC68367EDE006CFEFAB0484133BDA97A33C528F9A9FE96BC94FCCAB4DD38C0AFB0378D941314313FA2A9A1195E3ECE9830A70F562E39887AA9ADA942E404421386F8079B4E1BEADA30626C0F0C15A37DFD858D1ADF3097F7C7CAD214CB3EDE0F73776B4CBB7E08F28A4B31E78E91F00A71C66B37ADC0A78F6D85B3BD15AEBD76089E7F710B6EBF6504EC6C2CF502B3322BE1EFEF84DADA464C1EDD039B77640A9919A2C86C5161F9DAE5A5E1C3B61355B3FB709E267A3197C3C5591EBA11EEAED6281195B5431ECA27E2C6BDF6E921FC4B94D0BBDFC4E1BDAFE2F0CED771787F791C5EFA683F46DFB014B9856731E00B405A7ABA1099210988FD6F4EF7D7478E1CAEE3A3B28992E9DC59523B9D11BC58230CAF73D7C0969A91E2D30F1D3CE8BCBEF8FF179C7631AC2CBA02D6C23F816F89F1067512C685A2B3963D0D43878B1BA8F6C23398E09D7717D3AA0C2BCF011F1F6FCC9C310D93274C5017D1DADAC6B8E6FC48DE97AFEA9D15B157D0A9CAA6FFC41EB07660ACC3545CB166C46D3CBB3A3D1B4E218D9A8A7AED1B42A864978BA50FECEEE388C6FA46D494378A9F644898D25B4072E00DE08DD687209FFC2F44D32E4CD72612894A8299A5B6F6D61833B31776AC494093B83A1C8D9C7E0B9B67D97B8E8F9B29E6249149337BA3A2BC16FB76A58B3CB4963398889C3247B1B814EBBF4BC0C26726C0C5CA5EB3DC7EF8E020EA2AC43510F5B0E38B384C9FDD0B9EEE36F8528C79EA9408D8D858A0B4B4162E0EC2B801CE48CF2A975A9BE794F24A99D98AC3739BC9C568DC465D1513EC8DCDC7A8FE7E282EAFC396FDD9D8139B87A7DEDEAB4DC4D1E1EE9837310C574FEF8D20512E0DE2073343D456AE89FD57DC8468189C5DB7FBD7F73E4DCFCC56A5C71AD0CFD7578E7F6A5A3765B185B156A6FB525C7AE13547377E3F589A5B62A8A843B642D9DBDB69B0FAF1279E4195B87CBF07182FCC4B2D85A58DB9DA59FF2961C6350670D6421B3B4B7D9F989290117FE1F1B71F49E318FB7F70701C3118150DF283E4502F7E7ACF8101C817FF877E9A2637899D71ADEE2E864716FD31206A0447CBAA979ABD4E5C0D5B29E4DCEB0663EDD2232893DA9783F7980AB1F03CCA32240F35D876788B22183BB5173EFCC70E752998F04D22A1BAB1950B7EFBD5ED70F575C23F0FDD0A3731D88F1FD9A8AD288E2EB678EF8175F076B3C784F111484E29C521510C93C7856917782670B9CA368C653053B4336783B114CDD9901BDCC84C5271919CED2DE1EFE380C76F1B816F37A6E858A22BB7A7A14CAEE5586A197E103258B72B03C9B9E5983F290C8F2E1A0E2F371B1D098C933BD12D627F1B8ED3F16B9199912EB7A75D9B49434282B46FC6C9707674D20C48CA6B76F6CB48EBEE26FF47C3BD77DEAEA3ABD58A7BC96CD783878F60D16D7760F3D66DC62D7E3B146555C87B5AAD71C9BAB6460C9BF9F3C4B5DE314168A869520249FB0599A14A1A1C1323764B0AE6DC3412EE62904DA20C18372053B9FB39C1C5D316F1FB45D25B5BA87A205DD0255135220BA55EBB100AFD282693B00DD83FC405F3E478D73F380193E6F5C35AA9F91B6A9A6121F29F2D2406CA919F240C2106D6FD9C64E9D607262235B110077667E81406EA73CA5A06312D2C99CCD3847FBDBA4DFC342FBC7AFD724346AAA5B996ADAAB4012BFEB60B77DF351A33847838C87071492DA6882AE817ED8D0517472345589803F070D8401DB9DCCD4E7BAA4E1BDF03B3274660EA9810CC1A178E948C723C2BCAA257A8AB8E48EEED6AAF2D23D65206A6423736B7214988F4F9F70FE05D714BA68E0CC575B3A330634C0FF879D8C9353139ECDC7D11CE07F695C8C894FB6E69A81998CCD5D93FA413EE1E1CA13D5454468B3E07E652B0A9AE1B7F1C383939E31FAFBC02773737CDBF60C09681D7871E7D1CB7FDF96E6CDBB14353D27F0B6CFF2A1EB626563ACBA1B7872B3C835C8C6B7EC2F8ABFBA1BAA9415B368BCA2A50947D6153752869EC5A158F0DAA02AAD137A607265F31087D4784E0CFAFCCC5D34BAFC5C7CF6D109FCA122DA21E480C6D523B33D049D7857641DF89C1155B276BB8793B20A8A71716DE3701BD06FA638818A0871051694115CCA590745D0C1E5E2759C83F2111CAF946510403460663A39487C4C5E09E12926CC920255B66786E9F00839F66EF62A8753BFD53DE845DDF26A043882BBCA79BEC63AA599DE3C78661DAE49E18C39EB25323316E6408A68CEB81417DBC1115E1A199A4F12925D8272EC88A0DC958FCCD511D7478EBC11C8C18E0077B212492048FC773D17DE1EF9CF1CD5B08A249CAF4CED7B1F876530AF28A6A30B09717668E09C56C39C7D603BFBC6310D38AF30B0AF53E30101A1814605C732AD8078339272497DCDC5C7476E0EAC61F0741F2EC9E79F2714446466A65400406F823332B0B2FBCF8373CFED433DA09EFD722767D0A6C1CACD44DE931E0CC2D503DFAF9E8085E740C6C618D436B928D6BBA06531AFE916DA93A18F0814D4958FEC6766C5F1187BFBC7D29864B6DEDE6ED88EB1E9A8251337B63D2E5FD31FD9AC1987DE308CCBB3D0657DC331E57DD370E57DF3B1E178B441F3F371AFD4785C027D8552CD9780601ED9DC4221667F446D86221EA41B7216130FFC00C834787A24654CA66210D8EDD41462365304F84CA8663657096B57997F65797E28697A68A41B175C770322B31EE9423F9D8B5E204E6CCED8394B412AC597B420C4EB95131697C1876EFCBC61E21841DFBB2B079473A62138A5020245121F780238939DA5BA9A2609EC6BA1D9998333E140919A5F017426C6939E9C204BC060B7353383958A34E48EF6872093E5D2DC425DFD7335FBFE997AB8DA2E222D4371A92D94808BE3EBEFAFBE90813A541523113D78A636ED49E9616DD8D3F06820203F0F2F3CFE09A2BAF906754ABFD4CA83A98C075FC783C9E78F2193CF4C863F2DC7FB95B5B985E29B6648E5679EF7A0CF8A9AFD0C9B077B5416098A776ECB411577CEFAA9FF254BA025376712F2F96DA5164F54221873B5EB9180327448832F829505353598F0431B24352936E5A1E8B95EFEFC1672F6FC63B7FFD1E6F3FB2066F3DFA3D168B1AF9F2F5ED58FDD1416C5F790C6F3EB606B13BD3B1EA9383CA1F0347F740A3B827DAB4C51A5B3844DD0E59C7C2F71D168CC131A178FDC91FB4C544C7E0602C83D4411746544643631BFEFC9771422C0DB8FDFA2FD061698A2B1E9B809A52C3602854004C8679FFFEB5B0B630C7FD778FC30DD70FC3B7DFC5232BBB02B97955F87C692C6EB87A304244B63166C24E6DA41473EDB569D0403C17E3289C802921AD0C6EAEB64A003D7C1DB5A5E24C20A9B1BF8A839D05AE9D19A54DC45BF7E768B098B3D177AAA10BC1A1234785C4D853B8035EEE1E67CD5D0809098615631DBC4FB26D6CEC61E39A6EFCD1C044B43F5DB7102BBF5A863933A76B9C83791DAC141C1C1CE499C7E28AABAFC5D7DF7E6BDCA3EB483A90AB7147BE031636E6E815136C5CF373840AA1508D305C50927981EE495D7513FC42DC44DA5B60F3D24358F2D206EC5C791C2F2D5AAA999F6545D5F8FCD5ADA82AAB456579BD32189B73EC1DADE1222A84B9EC74495CDC1DE0EC6E0B7B7151189D8D1A1288951FEDC7472F6D4296487F374F7B8C12D78064A18381C8C9D54151FB6CC7F4F9FD34B6B26D5D229C5D6CB58F080D98A0BDB536B76B7F940917F5C292C5FB112B3768B3A888E9370D82AB9FA3BA4E848DA395104411F6AF4A44CC9860EC946BF8E18713D8BD374B5B4E366F4FC357E27E70D4F1A913C230415C155F2F3BED7BD2748A2A10BA1235C4806E49590382FD9C747473954AA741B311C5250A0B70C68C3161A811D2B3B1B1E421B06A5B1A0E8992F97194B00BC0891349DA94DA2244E5EEE90157D79FFBA704BF0FF0F3D52659F6F2DCBE73AF714D37FEA8B0B5B7C39D77DC867FBCF222A64C9CA041F9BADA3A1DC888CB3BEF7D88F73E586CDCBA6BC8385A8016A9586963D6527985449F7DC4F188C1FEE0F0066C8D600C3233AEEB43009A16A4976205E711D99381FADA16F1D54596DB5AA238BF123F2C398C6FDEDC8509F3FAE928E3E652B36B2F52A9D1D5748C06CF58039B2E69DCFC9B391001611EC816A9CE74F3CA925A241DCD07C79E9872991C4B24BEE6BF930C5ADAE1EC668721A274BE786B37EC8470D80CABAC42188D8DA9E131E37BE8EF5F7E7C4088C5068BDFDE0D07773B4CB8B29F0E61C6425125B8393AE3B3C736C3D9DE1AC1E22A31C18C6AA1A8B01691E11E62D4CD58BF350D1BB7A6A2A2A20183FBF9E1C605FDD4FD282EA9D332F1CEB37C74AD9233CB94102A850C1CE56118D2D10DA0A1322374CAF0204C1C1E28F7A70385A50D3ADEE8D1A462047A39A24E941453E32F046C2D292D2B53D260AB88CF394686622DC5E658068959932526FE7B4749EFC62F07BBE5DF7BD79FF1F4937F4540803F8AC535A1EBCEE106BE5CF6B528E365C62DCF8FA28C4AD99759C4EDDAC7C4DEEDECB91D3D870B6998339E086DA02848AF30AE393F4CD9D468C3E1C96D3962B1D81D9BFCE540AC299D4439FC20EEC584CB07E877ED5299B79BB2B615A391B39930218A2422166E224C492A61EE7EAF210128C828456D65A3924CA618CF00914ABBD726E2D8DE6C5C7CE3102513C628CA8BAB71FF0BB3502424B5ED87C41FBBEE1A5A650C6569935ADCDDDD1E975E33043B36A760E2E4484C9DD95B9487A7D4C6459871CB5078048A1210E324380072F689526CF9E408EEBB6F9C1CC29038969C528C90401725167BB95E2A8BA30985F86A550296AF49C298C101B87FD17084FA3B69AC84528F6549CAAC90BF4D10E0E928FB59A94B43E2600CC3C1D61A2FDC3D0AE181AE3896528A2FD625238E5339C87AE66E84C8B102BDEDD575BA10A4A6A7A3B4A44449835DA5274E9E685C73660CECD74F5B6BF8C23112CFDE9EDDF8CF41BFE868BCFBD6BF70E7ED37EBF3A68BE1E4E488D7DF780B79F9EC397D6ED063483B92AFF6D82236D86F620FED437636F845B88B7DDBFF58D1A7C7757DE43753361FAA0F6F30553A0CCA09CCA560B771CE7770684312A245C63333D4A49D244183E6468CC08A93A1BBCABE721CFAF011D17E38B63F5B0393661626282BA84695D4E8034787E284D4C0DBBE4BC084397DE1E5EB8C88BE7E88ECE78B4DDFC5EBCC6B8651A0581E39243FE43CEC421F332E14B93995080876C34D778FC6D5370CC3ED42081C04C725D809E3456D340A01B25C6C6DE0540AABDF3B085771A3E6CC8E467E7E2D32B32A101AE26A28BB94952D3296B29D9D101573393E581A8BAF57272042B699383C5849C4C3C55AC8A34DF335C60FF597ED9AB58F4B656D232EBB28024FDF3142DC8F627C2E84C8D6160645D9A396E5E6F1796CED9A7F81E0C8E324015E8B95B5158EC6C6E29B15DFE1ABE5CB65F9E6A7E5EBE558F9FDF7481192E1B817DC9E2FC1B1F87F4FE7B26EFCB6983F6F9E0E88545D53AB158093A323967DF58D71EDD951535E8FC2CC4A7539F8EEB3C3DA9A77F6E3DB5777FD6C59F18F5DD8F6459C0805434F769A5BE6B1628D2D7605A694EE6CC6645E01FF913668549A192AFF5970BA199E81CEFA1D5B334C384AB06CA3C627309A3838E3975F30272A6A5077A1B3431893BBB67D770C03C6F68083938D065E37AF8843589437FEFCF4547DC9BFFBE4006CAD2DF5B86421CDCC947F3CBA9DB8043BB7A4E1A15B97E1D13BBFC1BD8B96E1BE9B97E1DE5B64B9F56B2CFBEC10AE7C688C468D7F6C491125C131128F6E4AC14D8B862127AF123672FCA3C70A10DDDB5BBBBCB3FC1A8A95FF9672B399365E55DB84EFB7A462F7E15C1416D761D4403FDC7EE5202109A6B39BE1D93B47A177A80B5EBD7F9CB82C4EF8DBC787B0666786AE77B4B352A2E03D6339388A57567E159284AC2E14F1274E68649D65A454FDECF3A5F8F0A34FF0F1A79FCBB2E4A7E5B3CFF1EEFB8BB166ED3A1DA487E7668A704ECED99B7A0DF7B56BE0F81094CC1C8794A35E75827EF34FE8FAF10C3D8BFFC030BED3178E9FEEC12F3D4227664C9B8A9E11E1A238E49D13A599939BA7CFE15C28CDAD464D5983D4E326B0167B8BDD9C8EC5FFB71E4B9EDAF2B3E5B327B6E08BA7B7EA40C10C3990688A33CBD54BE80A4CFB8882182FEE0787FFD2F13B694672E3A812B42399D47625F2E2536A734224E10CD9C4D8642ABFAB3010A3E7AD62EFD369570FD6002883A1541DDC486B4BA971F74B6D3D6C4298BEB4D515F5483E96877031E0379F5A8FFABA4698B269942FBD1C8BC76F2741C93FC6591A1B9BD022EE446B738B2A1E76086BD79EACED58F9751C6A65DBB9778D447589B12545F6E7B066FFBC7535AC85EC82839CB5DFCC8103391832C01FEDA21E38D298216E21D7A9D740F210E5214CCD818953B2CA7532A42FD724E05F0F4D4044B00BA2C33DB0F8E969784FCEF9D06BBB74B268E67970391924A5882017A4E5566A30F54271F8D0E11FC7BBD0B89180B930675B884E12E7D81709423AECFDFA230C8F563FB4AF5017F1F77FBE81F1932FC28CD997E0C65B6F377E2BC791676AA8643ACBD7B56372F01B92DAAF35ACDF0B1C6782D765FCEBA4DFCF0DDE03DE0B425EA71FC151DBA3070DC5C0A131183966220A8BBA1670E4A8E91CB087A4C18E881C55FD5C483B9CA7E3E0680F7516597EB0572B33B8CFB4A87D69A7B60E4D6FC84FAD40614AD75C5A534EA9D8536A53CE92C64E657A93E4803459551642240C0C166494212CDA57FB91E8CD64A1C4C6F57D919BC40998A3470623E14096DE3C164A098672C558B0A29C72588A02E0A44AECBA3E536A709E6FD7BA24383A1A460AE3B979D19DF79D464DF2E09804ACC5C98A3AC51C2F5C162A25E698ACFDEE38163C3C46FBA8D09D20AC44A1E4A596E1E0EA645C76697FA9B90DA33B151454C1DBC7116D1D0CC692FC486C72CD525E9687F79C44C5291939C749B9B8565FAEFD6956AAACBC2A1C4F2B83A7AB8DBA477AADA7A15594928F9B1D0A4AEBE1E57EE66900CE869CBC3C343637C9359A89E1B78203F0B05584CAC3D6EE0C8B7CCFF51CA087DB731C8ABCBC7C1DF4A5133A7E279FAB2C8CD2333FA72B607ABF7F4000BCBD3C11141068FC167075711165D962385E5D9D066EBB8292B252AD80FEA8B0B3B5F98904E5B1F25E7505159595FADE12EC02CF1EDB849B9B1B02FDFC34B9CBCBDB531B00BA829A9A6A2566123C9FA799E9B95DDC13FB7235B99121022EECDD7AB6854998EC326FEB64C81CA51D5557D6212FFDB47968CE02531BF1F9930FE5E222510864A956AD15A50611A3616D4EB140D97F58247BDFD1A172435928F9928662346E1A1E47F10A087347F2913C0D721AEF1FDF3A250F1EA7A1AE1935158D70F77680A7AF232E12435EFAF61EA989D9E1CB50FBE8D080DC4DFE19F238A42C727C133929D790C4F82DB7D36EEDB295958D39562C3B8A7629C3FCFB63502F464E704B5B7B2B2C7D7EBBFC06EDE9CA099D2BAB9B0C83F2880B61A89D0DE7309CCB703D1A9F91752437C635DC9D6DB1F5500E12D2CBB0725B1AAE9ADE4B5D1236959D0E9EAB455E0E1F4F079455D623A6DF9993B2CE866371C775AC07AA3C1AE5FDF7DE83575E7C0E2F3DFF0C5E7AEE0C8B7CFFEACB2FE0964537FDE80B9F3E423913C3CC85184944CC484C4AE95A16E0AE3D7BB5BF0BC7D3080BFB692C8FE0C040796686347F9E335194CDF9C0E9127440602A23C363FEC3C1C2C20A9E9E46E3960779E4E851E39A73233E21514D82DDDF3DDCDD748E152258C8822A966A9BC316242777EDBEEF3F74489526DF2F573717D8D99FBBE239B42E453B85D6D73463C49C9E7879C78D787ADDC2332ECF70F9E15A3CB7E13AB8F9396843839585250EAFEBDA708E1AD31832B9273E7F79132EBD638CD6B0CDF5AD70F5B64779A1B01D6B76B9199C6D7DFBB7719830BF9F14CC3031924E0B205293FD51DCBD9D34A6515956A76A8037DCC0D7F276F0006280249F435B5310DADB1757DC3E4AB7FDE1AB233ACC5F3BEFB8323C771283E501480CF2A9E792DF4822BACE786E1D514CD650113088FAE9E27DB8445C144F7145D83243D83A5822F9601E762D3D8E5973FBA81B51284AC3CBD35E4981C76302998EF921903368994972754DCD70177299240AAAB4BC16474F94E0AB0DC9F8E0DBE33AD6C68D17B3AB78C78F430276822D2775A2DA4843574EEB85C1515D9BA1BB13CCEA646DC7C5D1C911D17DFAC0C7DB1B01FEFE675D38D667AFC8087848CD462264EDCF7E2B9D888C0C878BA883565122EC3CF5F2DFFE6E5C73762CF972A98E5942894C793C6ECC58E31AC0D3CB4B0726E67C2224EF4F3EFB5CC7DB3C17962FFF56D50F0DE88F0A2AB211C386E9FD638C68CBB66D421C71C6B567C6E123B13878E8883677F399F5EDD3D730AF8F20383858542087D86B5512F8F093CFF4FB7361EBB6EDC8C9310CBCD4228A93CDB20C729F0B59E5C53A921DFB8BF51D1FAA9D39D94272B6C537CC4D47F38F1CEEAF95B99DA88E1DCBE28D473B37F4E9C5CCEE83E1D322717C6F16864CE9A9BD533DFC9CB52F8A8EAA25352F3B6BA51E2BD06EF29438ECD36130E676D9BE19BD0607203BA9C4207B69D86230AA066886ACB5655B1A24E550716E39C6CF89C6AA4F0FEAC44794AB6C62E5365AC3CB86DC9FBF185E2F2A1EFE4697C8401C9AF7A0E7D1CDE026AEC277CBE26029AA20E6E2DEDAFCCA6311ECCCB6EADDFDF076B1434C4C30F272AB35B8AA2D353C8CA194FCC5B08FFCA72209957B103328003FECC84474B82736EFCD86AB8395CE4EBF715F0E9232CB7199DC2F3B5B73ED1E4FF0A5610AFAD5337A6340A40716CE8ED2EFBB8A26794972F3F38CAE491B0244DA1A5A94CE0F66147A7B7B8942E460BB1D48CFCC32AEA13BE18A0913C669976C1A0695C3934F3F7B4A70B313725BB16ACD1A2CFB6A39DCDD5C512B12BD57644FF489328C4D4AB09BF784F163B4C2E0580F59D93978F99557751CD2D34137E69F6FBEA5031B53FEFFD13169FC58706A0682D7F7AF37DE4262D29953AD3945E3ABAFBDAEC4C967EF24CF60A2DC979371D51597EA044F2495E2A2623CF5CCF3670D6C1E3A74186FBCF39EDE5F1E8FCF72F6AC99C6B567C6A1F529B083B855627BECDF151875E6F4F133217C903F9A1B9B6126EF6C517DD73243F56D64C0E4FAC7A78B4F648EF0817E08EDE32335B4853695AA918A66679E013B9115E757232852E41B7D211AB9487C4E6F10DAC70B2744BE33804AA353A3979F6A8CD4FC84F049B3B822A3C5A0483A3BD7246AEE3B41C3D7FD68C4F283718AD2C21A21AE2A9415F1B31A25F2C9EF4AE5B3443F6BF5772EE525F528CAAFC23B6FEEC482BF8ED3B66A553902BA4BC9FBF270684D126EBB7524B2732B35DF42E76311E3523747889165E6B93938F1005107FD7B7963F9FA2444043AA3A8B45ED58521B80B384AB90F1C2FC49E6385B8E2A2489D74A95ECE49CE614D7AF3BCBEF076BFB069120906BDF272F3953438C176787898F62BE90A6CC42003FCFDF4771DA13C2DED94CE6BD72DBC5A0CDC4A0983C3E9D3F5B8FFA147F0F5B72B703C3E5E0D63EFFE0378FCA9A7F0C69BEFE8C3A06A69696952D7E774CC9E3153550E87C82361ED97DAF69E071EC4A79F7FAE83F3EE93637DB362251E78F8117CBB6215382CDF1F59657482031B0DECDF4FE3191C60989D0639C114A73B88157785F795E9DE1F7CF4311E7BF269255E2A810A515A13268CD75EC72763EEEC590811C541F562B8EF7BF0E0238F61FD864DEA4272F024BA776FBFF73E9E78F6397068463E738EC171F97C4E2179EE2107F7AF4A82BDB85574339C3DEC11D4BBEB534486F6F796774D14BBBCB876B042E2DEF377B0FC31BAC2D60E670F3B1CDF9D89DB5E9C85C29C4A94FE7D3B9C7D1CC0742B1AA08D9D15920E6461D0A4089C607F0A21010ED9B7F0FF26E1CBBF6F3510006B7F1ABE18A1928DC18AF41C4CD5EED9DF1F638434BE7E772F8AC54D7072B553A3A5356A70553E2BCBEA3145DC20E66F68CC408EA5E6AF0C64000FCB2011D54E87B8C83C678B7824765206067AC65CDE073BBE4A80935C135D2C96FFAB9777E3852DD763EEDC286CD8948298618158B5EE84A6BE931B9BDBDAB483D99431A1DA0D7FE58624396E07FACB43D8B23F476A7C294A1B0D89E733D1795FD3B22B7440E22BA6F7C2AA2DA93A695249533D9E7E771F5EB96FAC3C90930ADD05B069939319A9DF2FF017A5D155D0B50C0D09C6D6ED3BF4A54B4FCB503F9A815282B4F8CA0BCFE3C147FFAA64C2F12FCB4ACBF0DEFB1FEAF36259194761F77BC31C22ADA8961AF1BA85D760C8A0817A8C93C111B6FFF6D2F39877D9023508D68E35D5D558F2F952AD25F97C34A02C04E6E6EAA25DF6CDF89D5C1B9FD71F1574B9FFFAC843B8EA9AEB9408D8E4CD7773E9B2AFF0E5D265EAAE711C535E1B49850BA7B21C36648890EBCF4750E7F11E79E87E3CF0D05F75A63706ADE982BEFCEA6B4AA40C74733065B531516D266295548423860DC5CD37FDC97894B32337A9545C130B6DB0F00CB1D5F86257D163901FAC39F1BA54FED61652117E9F845EC3CFDC9BBA13A71CFD4F8F4F4573430B5EFFCB4A78FA3A63E845BDE013E40A8EE8C52EF17CA94A447D70EED4E09E5EDA8E1C18E6AE69E295A575F2B21903A07293A828749C42F993B33355091188A7838B6FE4E8CE2658FAC64E4D19570B145E2068884C170FEAE18E9BEE1B8F11E3C231606810068E08C26059060DE7673006CA2753CA675ED2176326C93603033072540F8C1DD703FDFAF9A9AB70FB5B73B4F5847116C256DC8A235B5370786D326EBE79848E72CE4994B4CBBD180C035896F2325C3CAD9794B705AB44F2F1A58F08729732B523471416F98B1DE9D83242854270C0E2CAAA267CFC5D3CC60D0D44BF084F6DBD49CFA9405ED1858FCE94949CA44A802F2967E3EA9CE3A4AB080A0C82995C07F7E7485E1C9CF664F4E9D31BAFFFE35584F508155553A1D7C8DACFD1D15E89C2C9C949FD71CE2BCA87F7D003F76BAFCCB381FD24967EFE29060E1820954283BE139DC7E1EC641CF897E0E0C4ECC2EFE9E1AE711212C8E92D092C73E7A227EF0AE4F1F1BD3979E90A0CDB1A9A1ECF94ADCB9C9CCF3EF950E31B3A676D63A31A3B1515631D8E0E8E62F076DAE18CD73C67F64CEDC17A36848785E395979E5352E7B8AF8493B383D894A912B5AD9D0D1CE4BE3536362801733472CE4B73BE314F8B332B509455295E82A9A64D746552E793C1F003E743610308BB7F7465CCD09F4DCB386862381C9C6DF08F3BBF86BDB32D82C5151934210279A925282FAE5557860F2A6C801FE2F76469A6684176B9CE2A4D52A1BB4217A2471F6FF41B1D8AFD9B9231784218068D0B130272C1BC453158F6F62E1CDB9BA9FDFE69B0ACE6492F7C88ECE13AF38A81E83B2C08775CF2117E5811872DDF27602397EF8ECB673C36AC3A8ECD3F9C407A4A99B82CB53828C77AEDF94D58BFE604D6CAFA43077230636EB4DED0E403F986D4747939A84AD20E17E0F2FB462129B51469E9A5F2825B2135BD0C2EE25E5C3CB3378E9D28466C62B1BC14E27F0A11DE75C3507CB93A0135F52DB85AD65F33BBB7908B09F61D37B44C903BF89ED637B6E28410D188BEDEE2AAD8E9C03DECE41626AECD8560DD0F1B919C9CA24AC1D9C901D75C75E505497A1AC096AD3BB409942ACD4B8C748048ED934163E6140116E616C8CDCB4392B825242AB68270F46B1B2B6B796927E1969B6ED0C980CE07D6B49CFC2730D05F95526A4AAA48EE2254881F5F2D06E2EDEDA3D348DEBAE8464D3ACBCACE52A3F4F5F5C6A489138C4701FEF1FA9BE2F636699F9B98E1237406F5F38123757FFEE5328DA5D0B59B3C792202859CCE07B66230598E6AAA54D4D69FAE5DA83187934125312A66A4AABD4271218E27C4A3DA38323B9545AD10EB6859BF48D4C0FC8BE71AF73A3BD84C1D337284E6D1C4279CD0B14FD8558144C1C1798AA51C51BD7A61D10D7FC282CBE7FF184C3D17328F1763C34747947C2A6A6B70E3F353E1117061EF5C567C1112F7E4AA1B4F5BE488FFD6C6B001F9FBF469194D84D5CF48E9B1DBD2F0F7BB966BFF11F6629D76ED10ED0D7760638ACE123FE1D2FED8B3F604068D0FC3AEB589689603D2FE59F871F3A371D363D35057D3888DCB8E222DBE0015A5F578E0F58BB5167FE8AA4F74EA0253710118EE603095E383729E14B61DBFB5F2267CF9F61E2C7D6F9761A01D3930678FD7CA87AA5DC8852D142DB2C8AF888CF2C5485119BB7666205B082025A5046F2CBE12FE2EB67868CA6234D5B66A6A2D512DE57870C9A570EAE781D7FFB90BFF77FF387CF5ED71F8FAD863F5C65454D43408C958EAA85FE346896F6AD681551BD3A4E6B4C6BA0F2F37C478044FBCB90719F99CEF94B107B906294B93288C1AD96FECA00084073AC1CED60A13879EFF053E19372CBA0545620094F7C3870FC5630F3D685CD375DC7EE73D2A7FD93B3632A227FEF1B7178D6BCE8C86FA46A4A4A7A901F9FAF8C0DB537C62C365FE22B0E6A4EA68E96885A39D83925EA702E8541252BF6B4571322132E8C7BFB9DEE0C29CBF10DC873912DC962D602ECE2E6A94E7836116F932254E96F7E4796ACF06AA8DDCFC7C550A6CAD62D099FBFF52F058B1B171AA5438E136E780E5B4141782556FECC5470F6F04C7E26516F6E2CCFBE0EED7B569173A11B72D1D778D7B073E5E2E6A6B8F7D770522871B72729896704BD46B2A0A9841FAC0A7F34F754F4E46FFB13DF0F69EBBB1E899E9DA99EDBD27D662DB37C7102E0A234A5440A330CF9839D1422AF57072B5C1D46B8660D153D3F0ECD26B953008469EE3F766A9B1370A8130857C87D4DA745538A319BF37280C060B20C4528B990B06A97FC5161AAA1AB22D0740E55817ECD7C10995D89AC098839DF87136E2129D905AFF9DD7B68BEF698911A26EA832D67E2F4410E18E81E2BE90213BC1710656BF770091216EF8DBCBD31112EC8207EE198D5DFBB2919EC597C84C034A541A21FE8E58BF3503D1911E1831D00FA5E2A6119C28DADCC204413E8EF0F37480AF879D2C0E08F37746FF9E9EC82BAE4190AF1396AE4D425965D7679267F43B39254D836A7C910644471BD75C18428383757F4EE0CC0C440654CF051B5B6BF4955A9DC13F2671FD1AC22068F0F6E296B8383AFFCCF855F19144847C4F5750868184E4F9CA33EF0A6110DC8706C719D3BC3C3CBB441804EF8DAF2820EED715C220E89670C0A3C103076A00F8D71006E1EFEB8B99D3A762DEC5737494F90B250C2223AE5087C264BF91F021BEDA747AA17074B38713BB2C48E5D7D2D4725E17E59CBA973D5D99F4F5D4B2EBF1D28A1B31EBC661FAA07B0F0DC645570DC2FCDB6370F1AD3178EEABEB71ED4313B50B7D70AF9F1E80A38B9DF84966F861E9617171C2A550EDD8FC350796F9A9E661B32C0BC1D803DD8839A268BEFE600F7233C475B0B712792BFE3D7D8076D624861A9D39186CC9A9AD6D1235D3A4DFB393D8813D9938202495256EC7A25B47E9F1E7FFDF281D4A908C4930269172300F8736A4C0CEE6A71B3C636A4FCC99162935A3A5D4D0ED080970D159E22F9F1585406F27A46654E0FE97B6E0B3550978EBCB58AC1676DE7E384F3BA9ED389287DD4773B12B2E1FFB8F152036A90471C9A5F2029B8ADBD2B50C4022252D55DC0AC358911C6BB577EFDEFAFB85222666B8DC9B7A35BEA2C2229414772DD3AF1BFF59A8AF6E425E5299E645913442FB79E37CB3C09F092E5E7608EAE5A1EF1C6D2B33FEDC93629D93343AE1EC6E873E234230FBA691B8ED85999875C3308408397034E390DE3EB0170571368C9D172D4AC416972C1A81551F1F405672B148294B250B064059E3B4494DC85C8F85F71A92872A8A6A1110EA2A6ECA0D98BB70B02A0506CD982549C5C13960FB0E0EC00431F28BE6F4C1745966CDED8B05B2ED1C21AE71137B225B4887F00B77C7E8CB7A8B7433D4F89C82817D58963D6798BFB3BAB6116BD625E1D57FEE444E5E35268FEFA1C1D01993C2E0266A67BD90C3CE83D9AA2EB265FDD6FDD93A0607550E7BB072FE562E36425A9CA18D04E6CF56A89452F878DAC2435CA4AE62CBB6ADDAA24137C1D3D3FD825A4E4EC6B061C3447E372AC153B227249E3F5BB31BFF7928C9AD448E9006BB68507987F6BFB0CCE34EB0853128DA5BFB74B11B46C69142B1B9B3770BE81269FC1A440D0EC45D2FCFD63E221F3EB74147F832382572724E712656C65EB67E212E9879C560BCFDEC7A24C6E662F69583E1244AE5BABBC6E2D29B8663F61503B140486BFAFCFE8888F2D666BCA2FC6A51156548901A7EFB96547CF3E511BCFFE60E7C2A4AE5D9277EC0F2A547B41975C123E361290A824C4AD0F5D9BF2B055922ED92D2CA5052560B1B295F5656053E5A7204ABD69F406D5D0BD66E4943430365BE19D88A65239F1C48884153114BAA9C7E822172CF5884AFA73D0AC4D5AAAC6ED6D695AE62F79E7D7A5F2AABAA743E13ED2FF20B400DC77E22F4BD793C1EB71BFF7D284CAB40B6284956AA8CED0544BA19D75C3882A23C34219236727C5B262A0A8CC96752B973C8090ED5590F4E37D9F6F3D693DF1A4C180B0CF7C0AAC5FB10BB3313B6F686082DC9828954FCC75EA093850CFA8F0846FCFE1CF885BA232CCA47833BE525B5F8E2AD5DD8BF231DC70E6423510822536AF182BC4A9496D4E9D48DB5E2A270B83F364F31026C6B6FA9C65227EE4B4E76A52A92C2D47224EDCF85B5A8232D57BB39D28F16E0DA07C7A1548EC1418539DD818383B5BA27CC300D0A70425246A5AA9B0E792A2C76A3105C9F080FA4E6541A5C7FFAE77A44DEDF0E6D8E1D35C05FE74519D1D71723BBC8FE6D6DAD484E4D838F97B712C6C8E1C3D1BB57A471ED85A34194065B0342434234159D6DFEDDF8EF425662319A4A9B7552E7F0813E187559F42F724F08CEED5A5DDA28C4E3AE794E232FE90D07171B55AAD90986A131BCBC5D307466CFB3B79EFC96600EC7D3377C89A2DC0A5508AA6F8430A83728E739C8CE927DF760DBEA04BCF9F85A38893B34EB1A511AE2D65455D463D907FBB4B9D4D482E6C95610A9E1A5AA67C169E034544B210BED15C86F59E38B298F9ED0035B36A6E0ED8FAE40656A251E9EF6B1F67F610B0F150107567D76ED4258063961F386147CF1F55138898A68956344F5F602F3483834E0816385B0B7B7469B1CB55DC863E2C820EC3C92A70462222E49A75C63E7B6405F7B784AB9B71DCAC3E72F4C47B04FD726FCE56360993A633DA707092F143C5EE7A3E527038CDDF8EFC28F3D95B5F2950F63CBDE2F058F6750CBF2BEC87BDD093D0FDF4B798FD838F1EBDECC2E62C3B223C8482CD20B6312155501A3B42DCDED282FAAC1C5370CD3C140367E15ABBE59CCE49E58BFFC285EBC6F05F66E4EC5A8493DC5CFE70D22D1C885D1A0C41E1807F1F275C4CC79FDF5780C9872E6341A092F8C199BCC5578E78DDDE8393200E31744A34AD409E516C7FE681417E4A3BF6E42A89F13A2FA78C2C3C3FEC7D1C639F6C6A61D19888AF094DADF5EDBD3CDE4A88C379495D523C0DB41632C1A9B11F0A3555899FD55E2D3CA71FDECA82E1306C18745C32659FC5AC22078BCCE637513C67F27D480B90859FC5AC220782C1EE764C2203ACFC14FFD5B7FFE8EA8A96CC09EB509DA2C6BEB680D3B59989D692B6E000730F60974C1823B4661EBCAE3B0B435C7DC1B86EBD080A585B5F0F67541765A29EC1DADE0EA61A7FE166F0D0DB4AABC1E4E2EB678F0B999B86AD17078783A68162A099142C44248884DB7BC4066BBB1DFC8C5F7C6207CB02F027A792030CA1311F23BB35D930FE461C4902084063133AECD7002F9EF2EF26CC50F27306A70A02A9D36F9C76629E663B0795789DEB0A91295159B6B65F71E4242375CFCCB9A4BBBD18D3F3A7E77F784929B4921741FD4BA3A21C6CD7C0B0ECBC7AEB90B635E5337E5E9C557E2E8DE4C6C59755C13B8B80BE310532F1D80CFDFDA21BF5B81B3BF47447BE3FE6767C237C030ACFFD60D27F0FCC3E2DAE808CCA67076B3D51696B5ABE2316E5284C6396EBF734CA785EB3E945D9462ECF64F6CDF9581C79ED90807676B0C88F6436A56B9E6668C1E1E846A295BACA8252689798BF288E8E18EF5BB3285F82C741EDB7A59EFED618BD9637BE09249E1BF685CD06E74E33F01BF7B20943299C119B69E309ED0B950E6337FE3C4913C6C13C33EBA3B13B73C3E056F3FB55E8D7AFCAC28241CCE57E5C04E710D421481E19EA8AE6EC00DF78EC3ED8F4CD164B14E048B11B3D973F7D634915880978F231C9DAC909F5785BEFDFCF0DD8A63484F2FC3F163F9D8BD371B3BC4E05DDD6DB176433212840CBE5F93A0EE0C07182E29AD87AFAF834E1ACDF94C720B6B103324007945B53A7646496523268F0CC6A1F822ED6CC48C42073B2BDC77ED604C1F15AA64D88D6EFCB7E277278DB38135B6A3932DAA2B840C22DC5122C6DD50D7826431EAC2EC0A9D2680533CC6EEC9D06DD971EEF2452330EB8A811830FCCC3347F51672A03F76787F964EB844C5502C6E4E5884078EC515A020B74A08A204A9C9C538129BAF81CED8238699F2BF5F73029C152D44CE939E5E0E5F219DDAFA66B0031D83ADB50DAD1831D81FC7924A8448DA1133D01F87138AC0FE369CCB756A4C302E9D72619D85BAD18DFF44FC5B5A4FBA024E0F59905589F88359A8969A9CB3D68F9C14090F76CDB7B280A30BBB10772DA0979D518655DFC4A9CAA0C2E1644699A2323A5B6E74DC53B96C27671B8C1063DF2BCA63842887152BE371E55503F0E55771888EF64171591D0AC5B5E25CB0354228532786EBDF7B8FE663DCC8203470DE9494523409A9DCB37030E6895BD28D6EFCB7E30F431ABF0798F895975B89679F58077B7191D84D8AF1070D6C88BAE04CF0D3A6478AEA2880BBB82A2666667070B0425E418DBA50B50DCDC82FAED5EEC36DE22771E0A0CBE74663A5B834754D2DB8E692BE78E38B23B011B7E6A367A722F0025A4BBAD18DFF54FC573BDF41A16EDA52C33142080EA843BED01616015B44E2138A316448000E1ECE852B9359841882039D35B5DD446E0F9B54C9AB1C5E902D27FB8FE422667080E668B03F0B6769EB27EE55376174E37F05FFF511BBFE03FCD1B3B70FAAAA0C23940B0B0871086BC887B9A50952928AB5F9D4CFD719078438CCCCCDD0BB1747A366A28B6104746D02975F2C2C4C90262E948D85B99084233272AA7454F3FBAF3BFF9813DDE8C67F0BFE27C2FCCFFE6D16BC4509D45437EB781E1C48954DC166F28FB922DFAD3A8EB9B3A390935581FCC22A9DCB64D8C0001D7884DD63D4ADE9304C914802D9B8271DE3449D5454D5E38DC726C3CFFBC2C62FE84637FE93F15F1DD338194585D5D8BB2B13E9E9A548882FD2690C6AEB5B60EF60ADAEC6C409E1422C0E183A2C10FEBE4E282CAEC57D0FAF41AD900CBBECB3058789951DF283718E6103FDF1C89F4769E7B46E74E37F09FF33A4D1095E6E4D75132ACAEB70F46801F6EFCF425A6639FCFC9DF1E273D3D53D216A6A9B448124205BC885638032C9ABACAA11CD6D1D183AC00F57CF8B4678B0AB6EDB8D6EFCEF00F87F9ED91B4B4AFAE0D90000000049454E44AE426082 WHERE `app_id`='11' and `app_name` = 'LF Acumos Marketplace'; - - - Insert into fn_user_role (USER_ID,ROLE_ID,PRIORITY,APP_ID) values (1,999,null,12); -INSERT IGNORE INTO `fn_pers_user_app_sel` (`id`,`user_id`,`app_id`,`status_cd`) VALUES (11,1,11,'S'); INSERT IGNORE INTO `fn_pers_user_app_sel` (`id`,`user_id`,`app_id`,`status_cd`) VALUES (12,1,12,'S'); commit; diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml index f826c9c2..5003cb6f 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} @@ -25,6 +25,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: @@ -79,8 +83,8 @@ spec: {{ toYaml .Values.affinity | indent 10 }} {{- end }} volumes: - {{- if .Values.persistence.enabled }} - name: mariadb-data + {{- if .Values.persistence.enabled }} persistentVolumeClaim: claimName: {{ include "common.fullname" . }} {{- else }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml index eb14aed1..e9ef89a4 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml @@ -72,9 +72,11 @@ config: soMonitoringPort: "30224" # application's front end hostname. Must be resolvable on the client side environment soMonitoringHostName: "so-monitoring" - ricdashboardPort: 30080 - ricdashboardHostName: 192.168.130.61 - + + # Ingress URL assigned to RIC dashboard. This has to agree with the ingress URL defined in the common template + ricdashboardPort: "32443" + ricdashboardProtocol: "https" + ricdashboardHostName: "dashboard-entry" # default number of instances replicaCount: 1 @@ -92,12 +94,12 @@ liveness: enabled: true readiness: - initialDelaySeconds: 450 + initialDelaySeconds: 30 periodSeconds: 10 ## Persist data to a persitent volume persistence: - enabled: true + enabled: false ## A manually managed Persistent Volume and Claim ## Requires persistence.enabled: true @@ -117,6 +119,8 @@ persistence: size: 2Gi mountPath: /dockerdata-nfs mountSubPath: portal/mariadb/data + storageClass: "manual" + service: type: ClusterIP diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml deleted file mode 100755 index 96a8aac6..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -description: Portal software development kit -name: portal-sdk -version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties deleted file mode 100755 index 5c24429c..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# login settings -login_method_backdoor = backdoor -login_method_attribute_name = login_method - -# These properties will be removed after SingleSignOnController is cleaned -authentication_mechanism = BOTH -login_method_csp = csp -login_method_web_junction = web_junction - -#login message -login.error.hrid.empty = Login failed, please contact system administrator. -login.error.hrid.not-found = User not found, please contact system administrator. -login.error.user.inactive = Account is disabled, please contact system administrator. - -# User Session settings -user_attribute_name = user -roles_attribute_name = roles -role_function_list = role_function_list -role_functions_attribute_name = role_functions - -# Import-user LDAP settings -post_initial_context_factory = com.sun.jndi.ldap.LdapCtxFactory -post_provider_url = ldap://ldap.mycompany.com:389 -post_security_principal = ou=people,o=mycompany,c=us -post_max_result_size = 499 - -# menu settings -menu_query_name = menuData -application_menu_set_name = APP -application_menu_attribute_name = applicationMenuData -business_direct_menu_set_name = BD -business_direct_menu_attribute_name = businessDirectMenuData - -# Role settings -sys_admin_role_id = 1 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml deleted file mode 100755 index 85e1eed6..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml +++ /dev/null @@ -1,222 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${defaultLoggerPattern} - - - - - - - - ${logDirectory}/${generalLogName}.log - - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip - - 30 - 3GB - - - ${applicationLoggerPattern} - - - - - 256 - - true - - - - - - - - - - - - - ${logDirectory}/${auditLogName}.log - - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip - - 30 - 3GB - - - ${auditLoggerPattern} - - - - 256 - - - - ${logDirectory}/${metricsLogName}.log - - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip - - 30 - 3GB - - - ${metricsLoggerPattern} - - - - 256 - - - - ${logDirectory}/${errorLogName}.log - - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.log.zip - - 30 - 3GB - - - ${errorLoggerPattern} - - - - 256 - - - - ${debugLogDirectory}/${debugLogName}.log - - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip - - 30 - 3GB - - - ${defaultLoggerPattern} - - - - 256 - - - - - - - - - - - - - - - - - - - - - diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties deleted file mode 100755 index 8881cc2f..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties +++ /dev/null @@ -1,35 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -music.version = v2 -music.keyspace = keyspaces -music.session.keyspace = portalsdk -music.tables = tables -music.session.attr.tables = spring_session_attributes -music.session.meta.tables = spring_session -music.consistency.info = type -music.consistency.info.value = eventual -music.cache = false -music.session.max.inactive.interval.seconds = 1800 -music.serialize.compress = true - -#By default it's eventual -music.atomic.get = false -music.atomic.put = true - -cassandra.host={{.Values.cassandra.service.name}} -zookeeper.host={{.Values.zookeeper.service.name}} -cassandra.user={{.Values.cassandra.config.cassandraUsername}} -cassandra.password={{.Values.cassandra.config.cassandraPassword}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties deleted file mode 100755 index 2ccace54..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties +++ /dev/null @@ -1,60 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -# Properties read by ECOMP Framework library, ecompFW.jar - -########################################################################## -# The following properties should NOT be changed by partner applications. -########################################################################## - -portal.api.prefix = /api -max.idle.time = 5 -user.attribute.name = user_attribute - -#Use REST API instead of UEB to fetch the functional menu data -use_rest_for_functional_menu=true - -########################################################################## -# The following properties MUST be changed by partner applications. -########################################################################## - -# Name of java class that implements the OnBoardingApiService interface. -# epsdk 1.3 uses org.onap prefix -portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl - -# CSP Global Log On for single sign on -ecomp_redirect_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm - -# URL of the ECOMP Portal REST API - -ecomp_rest_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/auxapi - -# Applications do not need to run a UEB listener in 1610. -ueb_listeners_enable = false - -# UEB Configuration -ueb_url_list = message-router -# ECOMP Portal listens on this UEB topic -ecomp_portal_inbox_name = ECOMP-PORTAL-INBOX -# Replace these 3 default values with the ones for your specific App, -# as shown on the on-boarding page on the ECOMP Portal web application. -ueb_app_key = jQd4a9zVNi4ePyBp -ueb_app_secret = P0HpqEBhKJvxjRYdw2sCTUll -ueb_app_mailbox_name = ECOMP-PORTAL-OUTBOX-APP1 -# Consumer group name for UEB topic. -# Use the special tag '{UUID}' to generate a unique one for each sdk-app server. -ueb_app_consumer_group_name = {UUID} - -decryption_key = AGLDdG4D04BKm2IxIWEr8o== diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties deleted file mode 100755 index 3bbb1a7f..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - - -# Properties read by ECOMP Core library, ecompSDK-core.jar - -########################################################################## -# The following properties should NOT be changed by partner applications. -########################################################################## - -application_user_id = 30000 -post_default_role_id = 16 -clustered = true - -#Enable Fusion Mobile capabilities for the application -mobile_enable = false - -# Cache config file is needed on the classpath -cache_config_file_path = /WEB-INF/classes/cache.ccf -cache_switch = 199 -cache_load_on_startup = false - -user_name = fullName -decryption_key = AGLDdG4D04BKm2IxIWEr8o== - -########################################################################## -# The following properties MAY require changes by partner applications. -########################################################################## - -db.driver = org.mariadb.jdbc.Driver -db.connectionURL = jdbc:mariadb://portal-db:3306/ecomp_sdk -db.userName = root -db.password = Aa123456 -db.min_pool_size = 5 -db.max_pool_size = 10 -hb.dialect = org.hibernate.dialect.MySQLDialect -# SQL statements are logged to stdout -hb.show_sql = true -hb.idle_connection_test_period = 3600 - -app_display_name = Demo App -files_path = /tmp - -#element map files -element_map_file_path = /tmp -element_map_icon_path = app/fusionapp/icons/ - -#Cron Schedules -log_cron = 0 0/1 * * * ?; -mylogins_feed_cron = 0 0/60 * * * ?; -#sessiontimeout_feed_cron = 0 * * * * ? * -my_login_feed_output_dir = /tmp/MyLogins - -# Link shown in Help menu -contact_us_link = https://todo_contact_us_link.com - -# An Unique 128-bit value defined to identify a specific version -# of an application deployed on a specific virtual machine. -# This value must be generated and updated by the application -# which is using the ECOMP SDK at the time of its deployment. -# Online Unique UUID generator - https://www.uuidgenerator.net/ -instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d - -# R Cloud feature - configure this property to enable notebook feature - for more details on RCloud please visit https://rcloud.social/index.html -guard_notebook_url= - -#authenticate user server -#TODO: what is this URL supposed to be pointing to? Nothing in portal opens 8383 -authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers - -#cookie domain -cookie_domain = onap.org diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt deleted file mode 100755 index 496dd8d1..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml deleted file mode 100755 index bce68965..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onapportalsdk - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml deleted file mode 100755 index f59a16a6..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - initContainers: - - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /root/ready.py - args: - - --container-name - - "portal-db" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /start-apache-tomcat.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: properties-onapportalsdk - mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/fusion/conf/fusion.properties" - subPath: fusion.properties - - name: properties-onapportalsdk - mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/conf/system.properties" - subPath: system.properties - - name: properties-onapportalsdk - mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/portal.properties" - subPath: portal.properties - - name: properties-onapportalsdk - mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/music.properties" - subPath: music.properties - - name: properties-onapportalsdk - mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/logback.xml" - subPath: logback.xml - - name: portal-tomcat-logs - mountPath: "{{ .Values.global.env.tomcatDir }}/logs" - - name: var-log-onap - mountPath: /var/log/onap - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - - name: filebeat-onap - image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - name: portal-data-filebeat - mountPath: /usr/share/filebeat/data - - name: var-log-onap - mountPath: /var/log/onap - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: properties-onapportalsdk - configMap: - name: {{ include "common.fullname" . }}-onapportalsdk - defaultMode: 0755 - - name: filebeat-conf - configMap: - name: portal-filebeat - - name: var-log-onap - emptyDir: {} - - name: portal-data-filebeat - emptyDir: {} - - name: portal-tomcat-logs - emptyDir: {} - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml deleted file mode 100755 index 0629ea07..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.internalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml deleted file mode 100755 index 221c0709..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml +++ /dev/null @@ -1,116 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - env: - tomcatDir: "/opt/apache-tomcat-8.0.37" - # portal frontend port - portalPort: "8989" - portalFEPort: "30225" - # application's front end hostname. Must be resolvable on the client side environment - portalHostName: "portal.api.simpledemo.onap.org" - keystoreFile: "keystoreONAPPortal.p12" - truststoreFile: "truststoreONAPall.jks" - keypass: ",@{9!OOv%HO@#c+0Z}axu!xV" - trustpass: "changeit" - - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/portal-sdk:2.5.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: NodePort - name: portal-sdk - portName: portal-sdk - internalPort: 8080 - externalPort: 8080 - nodePort: 12 - -mariadb: - service: - name: portal-db -widget: - service: - name: portal-widget -cassandra: - service: - name: portal-cassandra - config: - cassandraUsername: root - cassandraPassword: Aa123456 -zookeeper: - service: - name: portal-zookeeper -messageRouter: - service: - name: message-router - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 4 - memory: 10Gi - requests: - cpu: 2 - memory: 5Gi - large: - limits: - cpu: 8 - memory: 20Gi - requests: - cpu: 4 - memory: 10Gi - unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore deleted file mode 100755 index daebc7da..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml deleted file mode 100755 index 3c20f58f..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml +++ /dev/null @@ -1,4 +0,0 @@ -apiVersion: v1 -description: Portal widgets micro service application -name: portal-widget -version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties deleted file mode 100755 index a53dd2e2..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties +++ /dev/null @@ -1,33 +0,0 @@ -## General App Properties -server.contextPath=/widget -server.port=8082 -spring.http.multipart.max-file-size=128MB -spring.http.multipart.max-request-size=128MB -microservice.widget.location=/tmp - -## App DB Properties -spring.datasource.url=jdbc:mysql://portal-db:3306/portal -spring.datasource.username=root -spring.datasource.password=Aa123456 -spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect -spring.database.driver.classname=org.mariadb.jdbc.Driver -spring.jpa.show-sql=false -spring.jpa.properties.hibernate.format_sql=false - -## Basic Authentication Properties -security.user.name=widget_user -security.user.password=ENC(IjywcRnI9+nuVEh9+OFFiRWAjBT1n718) - -initialization.default.widgets=true -initialization.widgetData.url=http://portal-app:{{.Values.global.portalPort}}/ONAPPORTAL/commonWidgets - -## Account Basic Authentication Properties -account.user.name=portal -account.user.password=6APqvG4AU2rfLgCvMdySwQ== - -## Certificate Properties -#server.ssl.key-store=classpath:widget-keystore.p12 -#server.ssl.key-store-password=ENC(DiIYnAMab4u7rEW2yKhF9zBL00uU55q8) -#server.ssl.keyStoreType=PKCS12 -#server.ssl.keyAlias=widget-microservice - diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml deleted file mode 100755 index 087c93f5..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml +++ /dev/null @@ -1,17 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -jasypt: - encryptor: - password: EncryptionKey diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt deleted file mode 100755 index 496dd8d1..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright © 2018 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml deleted file mode 100755 index 6779c286..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml +++ /dev/null @@ -1,27 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-onapwidgetms - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPWIDGETMS/*").AsConfig . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml deleted file mode 100755 index fdf9915f..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml +++ /dev/null @@ -1,98 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.replicaCount }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} - spec: - initContainers: - - name: {{ include "common.name" . }}-readiness - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /root/ready.py - args: - - --container-name - - "portal-db" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - containers: - - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /start-wms.sh - ports: - - containerPort: {{ .Values.service.internalPort }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end -}} - readinessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - name: properties-onapwidgetms - mountPath: "/application.properties" - subPath: application.properties - - name: properties-onapwidgetms - mountPath: "/application.yml" - subPath: application.yml - resources: -{{ include "common.resources" . | indent 12 }} - {{- if .Values.nodeSelector }} - nodeSelector: -{{ toYaml .Values.nodeSelector | indent 10 }} - {{- end -}} - {{- if .Values.affinity }} - affinity: -{{ toYaml .Values.affinity | indent 10 }} - {{- end }} - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: properties-onapwidgetms - configMap: - name: {{ include "common.fullname" . }}-onapwidgetms - defaultMode: 0755 - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml deleted file mode 100755 index be573d34..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml +++ /dev/null @@ -1,41 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml deleted file mode 100755 index 62e095db..00000000 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml +++ /dev/null @@ -1,89 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - ubuntuInit: ubuntu-init:1.0.0 - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/portal-wms:2.5.0 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -mariadb: - service: - name: portal-db - -service: - type: ClusterIP - name: portal-widget - portName: portal-widget - externalPort: 8082 - internalPort: 8082 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 4Gi - requests: - cpu: 500m - memory: 2Gi - large: - limits: - cpu: 2 - memory: 8Gi - requests: - cpu: 1 - memory: 4Gi - unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml index 73056bea..a97b49d0 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml @@ -13,7 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.fullname" . }} @@ -25,6 +25,10 @@ metadata: heritage: {{ .Release.Service }} spec: replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} template: metadata: labels: diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml index f8eccf7b..70848d3d 100755 --- a/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml @@ -14,6 +14,7 @@ # limitations under the License. global: + nodePortPrefix: 302 env: tomcatDir: "/opt/apache-tomcat-8.0.37" # portal frontend port @@ -21,6 +22,7 @@ global: portalFEPort: "30225" # application's front end hostname. Must be resolvable on the client side environment portalHostName: "portal.api.simpledemo.onap.org" + cookieDomain: "onap.org" keystoreFile: "keystoreONAPPortal.p12" truststoreFile: "truststoreONAPall.jks" keypass: ",@{9!OOv%HO@#c+0Z}axu!xV" diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/ves/Chart.yaml index 76584532..67e8a692 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/ves/Chart.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/Chart.yaml @@ -19,4 +19,4 @@ apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes name: ves -version: 1.1.0 +version: 1.1.1 diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/resources/collector.properties b/ric-aux/80-Auxiliary-Functions/helm/ves/resources/collector.properties new file mode 100644 index 00000000..3d656598 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/resources/collector.properties @@ -0,0 +1,77 @@ +############################################################################### +## +## Collector Server config +## +## - Default values are shown as commented settings. +## - Will injected as configmap to /opt/app/VESCollector/etc/collector.properties +## +############################################################################### +## +## HTTP(S) service +## +## Normally: +## +## - 8080 is http service +## - https is disabled by default +## +## - At this time, the server always binds to 0.0.0.0 +## +## +collector.service.port=8080 + +## Authentication is only supported via secure port +## When enabled - require valid keystore defined +collector.service.secure.port=8443 + +# auth.method flags: +# +# noAuth - default option - no security (http) +# certOnly - auth by certificate (https) +# basicAuth - auth by basic auth username and password (https) +# certBasicAuth - auth by certificate and basic auth username / password (https) +auth.method=noAuth + +## Combination of userid,hashPassword encoded pwd list to be supported +## userid and pwd comma separated; pipe delimitation between each pair +## Password is generated by crypt-password library using BCrypt algorithm stored in dcaegen2/sdk package +## or https://nexus.onap.org/#nexus-search;quick~crypt-password +header.authlist=sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6 + +## The keystore must be setup per installation when secure port is configured +collector.keystore.file.location=etc/keystore +collector.keystore.passwordfile=etc/passwordfile + +collector.cert.subject.matcher=etc/certSubjectMatcher.properties + +## The truststore must be setup per installation when mutual tls support is configured +collector.truststore.file.location=etc/truststore +collector.truststore.passwordfile=etc/trustpasswordfile + +## Processing +## +## If there's a problem that prevents the collector from processing alarms, +## it's normally better to apply back pressure to the caller than to try to +## buffer beyond a reasonable size limit. With a limit, the server won't crash +## due to being out of memory, and the caller will get a 5xx reply saying the +## server is in trouble. +collector.inputQueue.maxPending=8096 + +## Schema Validation checkflag +## default no validation checkflag (-1) +## If enabled (1) - schemafile location must be specified +collector.schema.checkflag=1 +collector.schema.file={\"v1\":\"./etc/CommonEventFormat_27.2.json\",\"v2\":\"./etc/CommonEventFormat_27.2.json\",\"v3\":\"./etc/CommonEventFormat_27.2.json\",\"v4\":\"./etc/CommonEventFormat_27.2.json\",\"v5\":\"./etc/CommonEventFormat_28.4.1.json\",\"v7\":\"./etc/CommonEventFormat_30.0.1.json\"} + +## List all streamid per domain to be supported. The streamid should match to channel name on dmaapfile +collector.dmaap.streamid=fault=ves-fault|syslog=ves-syslog|heartbeat=ves-heartbeat|measurementsForVfScaling=ves-measurement|mobileFlow=ves-mobileflow|other=ves-other|stateChange=ves-statechange|thresholdCrossingAlert=ves-thresholdCrossingAlert|voiceQuality=ves-voicequality|sipSignaling=ves-sipsignaling|notification=ves-notification|pnfRegistration=ves-pnfRegistration|measurement=ves-measurement +collector.dmaapfile=./etc/DmaapConfig.json + +## Event transformation Flag - when set expects configurable transformation +## defined under ./etc/eventTransform.json +## Enabled by default; to disable set to 0 +event.transform.flag=0 + +# Describes at what frequency (measured in minutes) should application try to fetch config from CBS +collector.dynamic.config.update.frequency=5 + + diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/configmap.yaml index e770ac8e..3f1f8b16 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/configmap.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/configmap.yaml @@ -14,14 +14,13 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ################################################################################ - --- apiVersion: v1 kind: ConfigMap metadata: name: {{ include "common.configmapname.ves" . }} data: - DMaapConfig.json: | + DmaapConfig.json: | { "channels": [ { @@ -33,4 +32,11 @@ data: "cambria.hosts": "ricaux-message-router:3904" } ] - } \ No newline at end of file + } +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.configmapname.ves" . }}-properties +data: + {{- (.Files.Glob "resources/*").AsConfig | nindent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ingress-ves.yaml b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ingress-ves.yaml index 4d56175b..94b845e4 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ingress-ves.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ingress-ves.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ include "common.ingressname.ves" . }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-deployment.yaml index 287642eb..3ddcd614 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-deployment.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-deployment.yaml @@ -18,7 +18,7 @@ kind: Deployment -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 metadata: name: {{ include "common.deploymentname.ves" . }} generation: 1 @@ -45,9 +45,12 @@ spec: volumes: - name: component-log emptyDir: {} - - name: dmaap-config-file + - name: ves-config-mount configMap: name: {{ include "common.configmapname.ves" . }} + - name: ves-config-mount-properties + configMap: + name: {{ include "common.configmapname.ves" . }}-properties imagePullSecrets: - name: onap-docker-registry-key containers: @@ -62,9 +65,12 @@ spec: volumeMounts: - name: component-log mountPath: "/opt/app/VESCollector/logs/ecomp" - - name: dmaap-config-file + - name: ves-config-mount mountPath: "/opt/app/VESCollector/etc/DmaapConfig.json" - subPath: DMaapConfig.json + subPath: DmaapConfig.json + - name: ves-config-mount-properties + mountPath: "/opt/app/VESCollector/etc/collector.properties" + subPath: collector.properties readinessProbe: httpGet: path: "/healthcheck" diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-service.yaml b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-service.yaml index 34769ea0..1701e53e 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-service.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/templates/ves-service.yaml @@ -1,41 +1,41 @@ -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ - - -kind: Service -apiVersion: v1 -metadata: - name: {{ include "common.servicename.ves.http" . }} - labels: - app: {{ include "common.namespace.aux" . }}-{{ include "common.name.ves" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - ports: - - name: http - protocol: TCP - port: {{ include "common.serviceport.ves.http" . }} - targetPort: {{ include "common.serviceport.ves.http" . }} - - name: https - protocol: TCP - port: {{ include "common.serviceport.ves.https" . }} - targetPort: {{ include "common.serviceport.ves.https" . }} - selector: - app: {{ include "common.namespace.aux" . }}-{{ include "common.name.ves" . }} - release: {{ .Release.Name }} - type: ClusterIP +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# Copyright (c) 2019 Nokia. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + + +kind: Service +apiVersion: v1 +metadata: + name: {{ include "common.servicename.ves.http" . }} + labels: + app: {{ include "common.namespace.aux" . }}-{{ include "common.name.ves" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - name: http + protocol: TCP + port: {{ include "common.serviceport.ves.http" . }} + targetPort: {{ include "common.serviceport.ves.http" . }} + - name: https + protocol: TCP + port: {{ include "common.serviceport.ves.https" . }} + targetPort: {{ include "common.serviceport.ves.https" . }} + selector: + app: {{ include "common.namespace.aux" . }}-{{ include "common.name.ves" . }} + release: {{ .Release.Name }} + type: ClusterIP diff --git a/ric-aux/80-Auxiliary-Functions/helm/ves/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/ves/values.yaml index 41c24bab..389d9c76 100644 --- a/ric-aux/80-Auxiliary-Functions/helm/ves/values.yaml +++ b/ric-aux/80-Auxiliary-Functions/helm/ves/values.yaml @@ -28,4 +28,4 @@ ves: name: onap/org.onap.dcaegen2.collectors.ves.vescollector tag: 1.4.4 - replicaCount: 1 \ No newline at end of file + replicaCount: 1 diff --git a/ric-aux/README.md b/ric-aux/README.md index c9ab4763..d567dc64 100644 --- a/ric-aux/README.md +++ b/ric-aux/README.md @@ -1,17 +1,15 @@ # RIC Auxiliary Functions Helm charts, configuration files, and automation scripts that deploy the auxiliary functions for RIC. The auxiliary -functions are defined as the features and services that interact with the RIC but they do not collocated with the RIC +functions are defined as the features and services that interact with the RIC but are not collocated with the RIC cluster. These functions includes but not limited to non-realtime management components (e.g., dashboard, DMaaP, VEScollector) that interact with RIC using A1/O1 interfaces. - ### Directory Structure . ├── 80-Auxiliary-Functions Contains components that interact with RIC through A1/O1 │   ├── bin Contains deployment and uninstall scripts -│   ├── etc Contains deployment configuration files │   └── helm Contains helm charts ├── 85-External Services Deployment scripts and chart for external service used by RIC to reach services outside of cluster └── README.md This file @@ -19,10 +17,9 @@ VEScollector) that interact with RIC using A1/O1 interfaces. ### To deploy the Auxiliary Functions ```sh -$ # Modify the configuration files in ./80-Auxiliary-Functions/etc/ -$ . ./80-Auxiliary-Functions/bin/install -$ # If you have an override value.yaml file, please use -$ #. ./80-Auxiliary-Functions/bin/install YOUR_OVERRIDE_FILE +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE +$ #. ./80-Auxiliary-Functions/bin/install -f YOUR_OVERRIDE_FILE ``` @@ -33,11 +30,8 @@ $ . ./80-Auxiliary-Functions/bin/uninstall ### Deployment Options -You can configure the Helm release name, Kubernetes namespace using configuration files located in ./80-Auxiliary-Functions/etc/ - -In the one-click deployment solution, the above setting will be overrided by environment variables shown below. -*RICAUX_RELEASE_NAME -*RICAUX_NAMESPACE +You can configure the Helm release name, Kubernetes namespaces using the override file with +parameters global.releasePrefix and global.namespace ### To deploy the External services @@ -45,15 +39,15 @@ The IP address described below should be the interface IP address of the VM host If the platform cluster is multi-node, any of the nodes can be specified here. ```sh -$ # Set the value of ext/ip in values.yaml to be the external IP address. If you will use an override file and it has ext/ip set, -$ # make sure it is set correctly. -$ . ./85-Ext-Services/bin/install -$ # If you have an override value.yaml file, please use -$ #. ./85-Ext-Services/bin/install YOUR_OVERRIDE_FILE +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_AUX_RECIPE_EXAMPLE +$ # Set the values of extsvcaux/ricip and extsvcaux/auxip to be the external IP addresses of VM hosting RIC cluster and VM hosting AUX cluster, respectively. +$ # These values should be set ih the override file. +$ . ./85-Ext-Services/bin/install -f YOUR_OVERRIDE_FILE ``` -### To undeploy the Auxiliary Functions +### To undeploy the External services ```sh $ . ./85-Ext-Services/bin/uninstall ``` \ No newline at end of file diff --git a/ric-common/Common-Template/helm/ric-common/Chart.yaml b/ric-common/Common-Template/helm/ric-common/Chart.yaml index 3612f046..72d1d565 100644 --- a/ric-common/Common-Template/helm/ric-common/Chart.yaml +++ b/ric-common/Common-Template/helm/ric-common/Chart.yaml @@ -18,4 +18,4 @@ apiVersion: v1 description: Common templates for inclusion in other charts name: ric-common -version: 2.0.5 +version: 2.0.8 diff --git a/ric-common/Common-Template/helm/ric-common/templates/_configmapname.tpl b/ric-common/Common-Template/helm/ric-common/templates/_configmapname.tpl index 4b0a562c..d829c030 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_configmapname.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_configmapname.tpl @@ -36,8 +36,8 @@ {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.configmapname.e2term" -}} - {{- $name := ( include "common.fullname.e2term" . ) -}} +{{- define "common.configmapname.rsm" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -61,6 +61,11 @@ {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- define "common.configmapname.jaegeradapter" -}} + {{- $name := ( include "common.fullname.jaegeradapter" . ) -}} + {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{- define "common.configmapname.nexus" -}} {{- $name := ( include "common.fullname.nexus" . ) -}} {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_containername.tpl b/ric-common/Common-Template/helm/ric-common/templates/_containername.tpl index 913ed16b..e4cb3745 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_containername.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_containername.tpl @@ -35,8 +35,8 @@ {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.containername.e2term" -}} - {{- $name := ( include "common.fullname.e2term" . ) -}} +{{- define "common.containername.rsm" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -60,6 +60,11 @@ {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- define "common.containername.jaegeradapter" -}} + {{- $name := ( include "common.fullname.jaegeradapter" . ) -}} + {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{- define "common.containername.nexus" -}} {{- $name := ( include "common.fullname.nexus" . ) -}} {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_deploymentname.tpl b/ric-common/Common-Template/helm/ric-common/templates/_deploymentname.tpl index e946ed34..a2704eae 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_deploymentname.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_deploymentname.tpl @@ -35,8 +35,8 @@ {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.deploymentname.e2term" -}} - {{- $name := ( include "common.fullname.e2term" . ) -}} +{{- define "common.deploymentname.rsm" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -60,6 +60,11 @@ {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- define "common.deploymentname.jaegeradapter" -}} + {{- $name := ( include "common.fullname.jaegeradapter" . ) -}} + {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{- define "common.deploymentname.nexus" -}} {{- $name := ( include "common.fullname.nexus" . ) -}} {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_e2term.tpl b/ric-common/Common-Template/helm/ric-common/templates/_e2term.tpl new file mode 100644 index 00000000..6ed31953 --- /dev/null +++ b/ric-common/Common-Template/helm/ric-common/templates/_e2term.tpl @@ -0,0 +1,83 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# template for component name +{{- define "common.name.e2term" -}} + {{- if .Values.e2term -}} + {{- if .Values.e2term.nameOverride -}} + {{- printf "%s" .Values.e2term.nameOverride -}} + {{- else -}} + {{- printf "e2term" -}} + {{- end -}} + {{- else -}} + {{- printf "e2term" -}} + {{- end -}} +{{- end -}} + +{{- define "common.fullname.e2term" -}} + {{- $name := ( include "common.name.e2term" . ) -}} + {{- $namespace := ( include "common.namespace.platform" . ) -}} + {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.deploymentname.e2term" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.configmapname.e2term" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.containername.e2term" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.pvname.e2term" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "pv-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.pvcname.e2term" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "pvc-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.servicename.e2term.rmr" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "service-%s-rmr" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.servicename.e2term.http" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "service-%s-http" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + + +{{- define "common.serviceport.e2term.rmr.data" -}}38000{{- end -}} +{{- define "common.serviceport.e2term.rmr.route" -}}4561{{- end -}} +{{- define "common.serviceport.e2term.http" -}}8080{{- end -}} +{{- define "common.serviceport.e2term.sctp" -}}5577{{- end -}} + + +{{- define "common.serviceaccountname.e2term" -}} + {{- $name := ( include "common.fullname.e2term" . ) -}} + {{- printf "svcacct-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_esreader.tpl b/ric-common/Common-Template/helm/ric-common/templates/_esreader.tpl new file mode 100644 index 00000000..17c0bea4 --- /dev/null +++ b/ric-common/Common-Template/helm/ric-common/templates/_esreader.tpl @@ -0,0 +1,67 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# template for component name +{{- define "common.name.esreader" -}} + {{- if .Values.esreader -}} + {{- if .Values.esreader.nameOverride -}} + {{- printf "%s" .Values.esreader.nameOverride -}} + {{- else -}} + {{- printf "esreader" -}} + {{- end -}} + {{- else -}} + {{- printf "esreader" -}} + {{- end -}} +{{- end -}} + +{{- define "common.fullname.esreader" -}} + {{- $name := ( include "common.name.esreader" . ) -}} + {{- $namespace := ( include "common.namespace.infra" . ) -}} + {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + + +{{- define "common.deploymentname.esreader" -}} + {{- $name := ( include "common.fullname.esreader" . ) -}} + {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.configmapname.esreader" -}} + {{- $name := ( include "common.fullname.esreader" . ) -}} + {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.containername.esreader" -}} + {{- $name := ( include "common.fullname.esreader" . ) -}} + {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.serviceport.esreader.http" -}}8080{{- end -}} + +{{- define "common.pvname.esreader" -}} + {{- $name := ( include "common.fullname.esreader" . ) -}} + {{- printf "pv-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + +{{- define "common.pvcname.esreader" -}} + {{- $name := ( include "common.fullname.esreader" . ) -}} + {{- printf "pvc-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + diff --git a/ric-common/Common-Template/helm/ric-common/templates/_ingresscontroller.tpl b/ric-common/Common-Template/helm/ric-common/templates/_ingresscontroller.tpl index 6bc1a696..2d75ee72 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_ingresscontroller.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_ingresscontroller.tpl @@ -53,6 +53,21 @@ {{- end -}} {{- end -}} +{{- define "common.ingressurl.dashboard" -}} + {{- if .Values.global -}} + {{- if .Values.global.ingressurl -}} + {{- if .Values.global.ingressurl.dashboard -}} + {{- printf "%s" .Values.global.ingressurl.dashboard -}} + {{- else -}} + {{- printf "dashboard-entry" -}} + {{- end -}} + {{- else -}} + {{- printf "dashboard-entry" -}} + {{- end -}} + {{- else -}} + {{- printf "dashboard-entry" -}} + {{- end -}} +{{- end -}} ####################### Ingress Controller Ports ########################################### diff --git a/ric-common/Common-Template/helm/ric-common/templates/_ingressname.tpl b/ric-common/Common-Template/helm/ric-common/templates/_ingressname.tpl index ec5951fd..66cb7414 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_ingressname.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_ingressname.tpl @@ -27,6 +27,11 @@ {{- printf "ingress-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- define "common.ingressname.rsm" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} + {{- printf "ingress-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{- define "common.ingressname.e2term" -}} {{- $name := ( include "common.fullname.e2term" . ) -}} {{- printf "ingress-%s" $name | trunc 63 | trimSuffix "-" -}} @@ -61,3 +66,8 @@ {{- $name := ( include "common.fullname.ves" . ) -}} {{- printf "ingress-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} + +{{- define "common.ingressname.dashboard" -}} + {{- $name := ( include "common.fullname.dashboard" . ) -}} + {{- printf "ingress-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_kongpath.tpl b/ric-common/Common-Template/helm/ric-common/templates/_kongpath.tpl index 736ffaa9..636f649e 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_kongpath.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_kongpath.tpl @@ -18,9 +18,9 @@ {{/* This file defines the URL paths that kong proxies for different servicess. */}} - {{- define "common.kongpath.aux.vescollector" -}}/vescollector{{- end -}} {{- define "common.kongpath.aux.helm" -}}/helm{{- end -}} {{- define "common.kongpath.ric.appmgr" -}}/appmgr{{- end -}} {{- define "common.kongpath.ric.a1mediator" -}}/a1mediator{{- end -}} {{- define "common.kongpath.ric.e2mgr" -}}/e2mgr{{- end -}} +{{- define "common.kongpath.ric.rsm" -}}/rsm{{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_logstash.tpl b/ric-common/Common-Template/helm/ric-common/templates/_logstash.tpl new file mode 100644 index 00000000..5b80f5e1 --- /dev/null +++ b/ric-common/Common-Template/helm/ric-common/templates/_logstash.tpl @@ -0,0 +1,57 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# template for component name +{{- define "common.name.logstash" -}} + {{- if .Values.logstash -}} + {{- if .Values.logstash.nameOverride -}} + {{- printf "%s" .Values.logstash.nameOverride -}} + {{- else -}} + {{- printf "logstash" -}} + {{- end -}} + {{- else -}} + {{- printf "logstash" -}} + {{- end -}} +{{- end -}} + +{{- define "common.fullname.logstash" -}} + {{- $name := ( include "common.name.logstash" . ) -}} + {{- $namespace := ( include "common.namespace.aux" . ) -}} + {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + + +{{- define "common.deploymentname.logstash" -}} + {{- $name := ( include "common.fullname.logstash" . ) -}} + {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.configmapname.logstash" -}} + {{- $name := ( include "common.fullname.logstash" . ) -}} + {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.containername.logstash" -}} + {{- $name := ( include "common.fullname.logstash" . ) -}} + {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.serviceport.logstash.http" -}}8080{{- end -}} +{{- define "common.servicename.logstash.http" -}}logstash{{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_message-router.tpl b/ric-common/Common-Template/helm/ric-common/templates/_message-router.tpl new file mode 100644 index 00000000..6fad8ea9 --- /dev/null +++ b/ric-common/Common-Template/helm/ric-common/templates/_message-router.tpl @@ -0,0 +1,58 @@ +################################################################################ +# Copyright (c) 2019 ATT Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# template for component name +{{- define "common.name.messagerouter" -}} + {{- if .Values.messagerouter -}} + {{- if .Values.messagerouter.nameOverride -}} + {{- printf "%s" .Values.messagerouter.nameOverride -}} + {{- else -}} + {{- printf "messagerouter" -}} + {{- end -}} + {{- else -}} + {{- printf "messagerouter" -}} + {{- end -}} +{{- end -}} + +{{- define "common.fullname.messagerouter" -}} + {{- $name := ( include "common.name.messagerouter" . ) -}} + {{- $namespace := ( include "common.namespace.aux" . ) -}} + {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + + +{{- define "common.deploymentname.messagerouter" -}} + {{- $name := ( include "common.fullname.messagerouter" . ) -}} + {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.configmapname.messagerouter" -}} + {{- $name := ( include "common.fullname.messagerouter" . ) -}} + {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + + +{{- define "common.containername.messagerouter" -}} + {{- $name := ( include "common.fullname.messagerouter" . ) -}} + {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.serviceport.messagerouter.http" -}}3904{{- end -}} +{{- define "common.servicename.messagerouter.http" -}}ricaux-messagerouter{{- end -}} diff --git a/ric-platform/50-RIC-Platform/helm/dbaas/values.yaml b/ric-common/Common-Template/helm/ric-common/templates/_mrsub.tpl similarity index 51% rename from ric-platform/50-RIC-Platform/helm/dbaas/values.yaml rename to ric-common/Common-Template/helm/ric-common/templates/_mrsub.tpl index 2f1de685..9a38261d 100644 --- a/ric-platform/50-RIC-Platform/helm/dbaas/values.yaml +++ b/ric-common/Common-Template/helm/ric-common/templates/_mrsub.tpl @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -15,19 +14,43 @@ # limitations under the License. # ################################################################################ -repository: "nexus3.o-ran-sc.org:10004" -imagePullPolicy: IfNotPresent -repositoryCred: docker-reg-cred - -dbaas: - backend: - terminationGracePeriodSeconds: 0 - replicas: 1 - image: - name: ric-plt-dbaas - tag: 0.1.0 - - # Service ports are now defined in - # ric-common/Common-Template/helm/ric-common/templates/_ports.tpl file. - # If need to change a service port, make the code change necessary, then - # update the _ports.tpl file with the new port number. \ No newline at end of file +# template for component name +{{- define "common.name.mrsub" -}} + {{- if .Values.mrsub -}} + {{- if .Values.mrsub.nameOverride -}} + {{- printf "%s" .Values.mrsub.nameOverride -}} + {{- else -}} + {{- printf "mrsub" -}} + {{- end -}} + {{- else -}} + {{- printf "mrsub" -}} + {{- end -}} +{{- end -}} + +{{- define "common.fullname.mrsub" -}} + {{- $name := ( include "common.name.mrsub" . ) -}} + {{- $namespace := ( include "common.namespace.aux" . ) -}} + {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + + +{{- define "common.deploymentname.mrsub" -}} + {{- $name := ( include "common.fullname.mrsub" . ) -}} + {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.configmapname.mrsub" -}} + {{- $name := ( include "common.fullname.mrsub" . ) -}} + {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.containername.mrsub" -}} + {{- $name := ( include "common.fullname.mrsub" . ) -}} + {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + + +{{- define "common.serviceport.mrsub.http" -}}8080{{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_name.tpl b/ric-common/Common-Template/helm/ric-common/templates/_name.tpl index 6402565e..d2f17e96 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_name.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_name.tpl @@ -87,21 +87,22 @@ {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.name.e2term" -}} - {{- if .Values.e2term -}} - {{- if .Values.e2term.nameOverride -}} - {{- printf "%s" .Values.e2term.nameOverride -}} + +{{- define "common.name.rsm" -}} + {{- if .Values.rsm -}} + {{- if .Values.rsm.nameOverride -}} + {{- printf "%s" .Values.rsm.nameOverride -}} {{- else -}} - {{- printf "e2term" -}} + {{- printf "rsm" -}} {{- end -}} {{- else -}} - {{- printf "e2term" -}} + {{- printf "rsm" -}} {{- end -}} {{- end -}} -{{- define "common.fullname.e2term" -}} - {{- $name := ( include "common.name.e2term" . ) -}} +{{- define "common.fullname.rsm" -}} + {{- $name := ( include "common.name.rsm" . ) -}} {{- $namespace := ( include "common.namespace.platform" . ) -}} {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -112,8 +113,6 @@ - - {{- define "common.name.rtmgr" -}} {{- if .Values.rtmgr -}} {{- if .Values.rtmgr.nameOverride -}} @@ -202,6 +201,25 @@ {{- end -}} +{{- define "common.name.jaegeradapter" -}} + {{- if .Values.jaegeradapter -}} + {{- if .Values.jaegeradapter.nameOverride -}} + {{- printf "%s" .Values.jaegeradapter.nameOverride -}} + {{- else -}} + {{- printf "jaegeradapter" -}} + {{- end -}} + {{- else -}} + {{- printf "jaegeradapter" -}} + {{- end -}} +{{- end -}} + + +{{- define "common.fullname.jaegeradapter" -}} + {{- $name := ( include "common.name.jaegeradapter" . ) -}} + {{- $namespace := ( include "common.namespace.platform" . ) -}} + {{- printf "%s-%s" $namespace $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{- define "common.name.nexus" -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_ports.tpl b/ric-common/Common-Template/helm/ric-common/templates/_ports.tpl index 0b9b6a55..22d345a4 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_ports.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_ports.tpl @@ -27,16 +27,14 @@ port numbers consistent with the ports that the container code implements. */}} -{{- define "common.serviceport.e2term.rmr.data" -}}38000{{- end -}} -{{- define "common.serviceport.e2term.rmr.route" -}}4561{{- end -}} -{{- define "common.serviceport.e2term.http" -}}8080{{- end -}} -{{- define "common.serviceport.e2term.sctp" -}}5577{{- end -}} - - {{- define "common.serviceport.e2mgr.rmr.data" -}}3801{{- end -}} {{- define "common.serviceport.e2mgr.rmr.route" -}}4561{{- end -}} {{- define "common.serviceport.e2mgr.http" -}}3800{{- end -}} +{{- define "common.serviceport.rsm.rmr.data" -}}4801{{- end -}} +{{- define "common.serviceport.rsm.rmr.route" -}}4561{{- end -}} +{{- define "common.serviceport.rsm.http" -}}4800{{- end -}} + {{- define "common.serviceport.a1mediator.rmr.data" -}}4562{{- end -}} {{- define "common.serviceport.a1mediator.rmr.route" -}}4561{{- end -}} {{- define "common.serviceport.a1mediator.http" -}}10000{{- end -}} @@ -55,6 +53,27 @@ {{- define "common.serviceport.vespamgr.http" -}}8080{{- end -}} +{{- define "common.serviceport.jaegeradapter.zipkincompact" -}}5775{{- end -}} +{{- define "common.serviceport.jaegeradapter.jaegercompact" -}}6831{{- end -}} +{{- define "common.serviceport.jaegeradapter.jaegerbinary" -}}6832{{- end -}} +{{- define "common.serviceport.jaegeradapter.httpquery" -}}16686{{- end -}} +{{- define "common.serviceport.jaegeradapter.httpconfig" -}}5778{{- end -}} +{{- define "common.serviceport.jaegeradapter.zipkinhttp" -}}9411{{- end -}} +{{- define "common.serviceport.jaegeradapter.jaegerhttp" -}}14268{{- end -}} +{{- define "common.serviceport.jaegeradapter.jaegerhttpt" -}}14267{{- end -}} + +{{- define "common.portname.jaegeradapter.zipkincompact" -}}"zipkincompact"{{- end -}} +{{- define "common.portname.jaegeradapter.jaegercompact" -}}"jaegercompact"{{- end -}} +{{- define "common.portname.jaegeradapter.jaegerbinary" -}}"jaegerbinary"{{- end -}} +{{- define "common.portname.jaegeradapter.zipkinhttp" -}}"zipkinhttp"{{- end -}} +{{- define "common.portname.jaegeradapter.jaegerhttp" -}}"jaegerhttp"{{- end -}} +{{- define "common.portname.jaegeradapter.jaegerhttpt" -}}"jaegerhttpt"{{- end -}} +{{- define "common.portname.jaegeradapter.httpquery" -}}"httpquery"{{- end -}} +{{- define "common.portname.jaegeradapter.httpconfig" -}}"httpconfig"{{- end -}} + + + + {{- define "common.serviceport.nexus.http" -}}8080{{- end -}} {{- define "common.serviceport.chartmuseum.http" -}}8080{{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_serviceaccountname.tpl b/ric-common/Common-Template/helm/ric-common/templates/_serviceaccountname.tpl index 8e9c3f36..ba84006d 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_serviceaccountname.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_serviceaccountname.tpl @@ -35,8 +35,9 @@ {{- printf "svcacct-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.serviceaccountname.e2term" -}} - {{- $name := ( include "common.fullname.e2term" . ) -}} + +{{- define "common.serviceaccountname.rsm" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} {{- printf "svcacct-%s" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} diff --git a/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl b/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl index cd9b7340..5e896063 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl @@ -40,8 +40,8 @@ {{- printf "service-%s-rmr" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.servicename.e2term.rmr" -}} - {{- $name := ( include "common.fullname.e2term" . ) -}} +{{- define "common.servicename.rsm.rmr" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} {{- printf "service-%s-rmr" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -73,8 +73,8 @@ {{- printf "service-%s-http" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} -{{- define "common.servicename.e2term.http" -}} - {{- $name := ( include "common.fullname.e2term" . ) -}} +{{- define "common.servicename.rsm.http" -}} + {{- $name := ( include "common.fullname.rsm" . ) -}} {{- printf "service-%s-http" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} @@ -118,6 +118,18 @@ {{- printf "service-%s-http" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- define "common.servicename.jaegeradapter.query" -}} + {{- $name := ( include "common.fullname.jaegeradapter" . ) -}} + {{- printf "service-%s-query" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "common.servicename.jaegeradapter.collector" -}} + {{- $name := ( include "common.fullname.jaegeradapter" . ) -}} + {{- printf "service-%s-collector" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} +{{- define "common.servicename.jaegeradapter.agent" -}} + {{- $name := ( include "common.fullname.jaegeradapter" . ) -}} + {{- printf "service-%s-agent" $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} ###################### TCP Service ################################## @@ -155,4 +167,4 @@ {{- define "common.servicename" -}} {{- $name := default .Chart.Name .Values.nameOverride -}} {{- default $name .Values.service.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/ric-infra/00-Kubernetes/bin/gen-cloud-init.sh b/ric-infra/00-Kubernetes/bin/gen-cloud-init.sh index 61603ba8..0d9899af 100755 --- a/ric-infra/00-Kubernetes/bin/gen-cloud-init.sh +++ b/ric-infra/00-Kubernetes/bin/gen-cloud-init.sh @@ -80,6 +80,9 @@ fi if [ -z "$__RUNRICENV_DOCKER_CERT__" ]; then export __RUNRICENV_DOCKER_CERT__=$dockercert fi +if [ -z "$__RUNRICENV_DOCKER_CERT_LEN__" ]; then + export __RUNRICENV_DOCKER_CERT_LEN__=$(echo $dockercert | wc -c) +fi if [ -z "$__RUNRICENV_HELMREPO_HOST__" ]; then export __RUNRICENV_HELMREPO_HOST__=$helmrepo fi @@ -98,6 +101,9 @@ fi if [ -z "$__RUNRICENV_HELMREPO_CERT__" ]; then export __RUNRICENV_HELMREPO_CERT__=$helmcert fi +if [ -z "$__RUNRICENV_HELMREPO_CERT_LEN__" ]; then + export __RUNRICENV_HELMREPO_CERT_LEN__=$(echo $helmcert | wc -c) +fi filename=$(basename -- "$TMPL") @@ -112,30 +118,32 @@ envsubst '${__RUNRICENV_GERRIT_HOST__} ${__RUNRICENV_DOCKER_USER__} ${__RUNRICENV_DOCKER_PASS__} ${__RUNRICENV_DOCKER_CERT__} + ${__RUNRICENV_DOCKER_CERT__} + ${__RUNRICENV_DOCKER_CERT_LEN__} ${__RUNRICENV_HELMREPO_HOST__} ${__RUNRICENV_HELMREPO_PORT__} ${__RUNRICENV_HELMREPO_IP__} ${__RUNRICENV_HELMREPO_CERT__} + ${__RUNRICENV_HELMREPO_CERT_LEN__} ${__RUNRICENV_HELMREPO_USER__} ${__RUNRICENV_HELMREPO_PASS__}' < "$TMPL" > "$filename" # fill values that are supplied by Heat stack deployment process as much as we can -sed -e "s/__docker_version__/${INFRA_DOCKER_VERSION}/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__k8s_version__/${INFRA_K8S_VERSION}/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__k8s_cni_version__/${INFRA_CNI_VERSION}/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__helm_version__/${INFRA_HELM_VERSION}/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__k8s_mst_private_ip_addr__/\$(hostname -I)/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__host_private_ip_addr__/\$(hostname -I)/g" "$filename" > tmp && mv tmp "$filename" -#sed -e "s/__k8s_mst_floating_ip_addr__/\$(ec2metadata --public-ipv4)/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__k8s_mst_floating_ip_addr__/\$(curl ifconfig.co)/g" "$filename" > tmp && mv tmp "$filename" -sed -e "s/__stack_name__/\$(hostname)/g" "$filename" > tmp && mv tmp "$filename" +sed -i "" -e "s/__docker_version__/${INFRA_DOCKER_VERSION}/g" "$filename" +sed -i "" -e "s/__k8s_version__/${INFRA_K8S_VERSION}/g" "$filename" +sed -i "" -e "s/__k8s_cni_version__/${INFRA_CNI_VERSION}/g" "$filename" +sed -i "" -e "s/__helm_version__/${INFRA_HELM_VERSION}/g" "$filename" +sed -i "" -e "s/__k8s_mst_private_ip_addr__/\$(hostname -I)/g" "$filename" +sed -i "" -e "s/__host_private_ip_addr__/\$(hostname -I)/g" "$filename" +#sed -i "" -e "s/__k8s_mst_floating_ip_addr__/\$(ec2metadata --public-ipv4)/g" "$filename" +sed -i "" -e "s/__k8s_mst_floating_ip_addr__/\$(curl ifconfig.co)/g" "$filename" +sed -i "" -e "s/__stack_name__/\$(hostname)/g" "$filename" #echo "__mtu__" > /opt/config/mtu.txt #echo "__cinder_volume_id__" > /opt/config/cinder_volume_id.txt +# because cloud init user data has a 16kB limit, remove all comment lines to save space. +sed -i "" -e '/^[ \t]*#/d' "$filename" chmod +x "$filename" -if [ -z "$1" ]; then - mv "$filename" k8s-1node-cloud-init.sh - # reboot VM to load the new kernel. - echo 'if [ "$(uname -r)" != "4.15.0-45-lowlatency" ]; then reboot; fi' >> k8s-1node-cloud-init.sh -fi + +mv "$filename" ./k8s-1node-cloud-init.sh diff --git a/ric-infra/00-Kubernetes/etc/infra.rc b/ric-infra/00-Kubernetes/etc/infra.rc index 81c20e7e..1b3da348 100644 --- a/ric-infra/00-Kubernetes/etc/infra.rc +++ b/ric-infra/00-Kubernetes/etc/infra.rc @@ -1,6 +1,7 @@ # modify below for RIC infrastructure (docker-k8s-helm) component versions INFRA_DOCKER_VERSION="" -INFRA_K8S_VERSION="1.13.3" -INFRA_CNI_VERSION="0.6.0" +INFRA_K8S_VERSION="1.16.0" +INFRA_CNI_VERSION="0.7.5" +#INFRA_K8S_VERSION="1.13.3" +#INFRA_CNI_VERSION="0.6.0" INFRA_HELM_VERSION="2.12.3" - diff --git a/ric-infra/00-Kubernetes/heat/scripts/k8s_vm_install.sh b/ric-infra/00-Kubernetes/heat/scripts/k8s_vm_install.sh index 4bb91fef..50c73f77 100644 --- a/ric-infra/00-Kubernetes/heat/scripts/k8s_vm_install.sh +++ b/ric-infra/00-Kubernetes/heat/scripts/k8s_vm_install.sh @@ -1,7 +1,6 @@ #!/bin/bash -x ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -49,11 +48,8 @@ start_ipv6_if () { IPv6IF="$1" if ifconfig -a $IPv6IF; then echo "" >> /etc/network/interfaces.d/50-cloud-init.cfg - #echo "auto ${IPv6IF}" >> /etc/network/interfaces.d/50-cloud-init.cfg echo "allow-hotplug ${IPv6IF}" >> /etc/network/interfaces.d/50-cloud-init.cfg echo "iface ${IPv6IF} inet6 auto" >> /etc/network/interfaces.d/50-cloud-init.cfg - #dhclient -r $IPv6IF - #systemctl restart networking ifconfig ${IPv6IF} up fi } @@ -64,6 +60,9 @@ export DEBIAN_FRONTEND=noninteractive echo "__host_private_ip_addr__ $(hostname)" >> /etc/hosts printenv +IPV6IF="" +#IPV6IF="ens4" + mkdir -p /opt/config echo "__docker_version__" > /opt/config/docker_version.txt echo "__k8s_version__" > /opt/config/k8s_version.txt @@ -76,6 +75,7 @@ echo "__mtu__" > /opt/config/mtu.txt echo "__cinder_volume_id__" > /opt/config/cinder_volume_id.txt echo "__stack_name__" > /opt/config/stack_name.txt +# assume we are setting up AUX cluster VM if hostname contains "aux" ISAUX='false' if [[ $(cat /opt/config/stack_name.txt) == *aux* ]]; then ISAUX='true' @@ -89,10 +89,13 @@ modprobe -- nf_conntrack_ipv4 modprobe -- nf_conntrack_ipv6 modprobe -- nf_conntrack_proto_sctp -start_ipv6_if ens4 +if [ ! -z "$IPV6IF" ]; then + start_ipv6_if $IPV6IF +fi # disable swap -SWAPFILES=$(grep swap /etc/fstab | sed '/^#/ d' |cut -f1 -d' ') +#SWAPFILES=$(grep swap /etc/fstab | sed '/^[ \t]*#/ d' |cut -f1 -d' ') +SWAPFILES=$(grep swap /etc/fstab | sed '/^[ \t]*#/ d' | sed 's/[\t ]/ /g' | tr -s " " | cut -f1 -d' ') if [ ! -z $SWAPFILES ]; then for SWAPFILE in $SWAPFILES do @@ -104,15 +107,10 @@ if [ ! -z $SWAPFILES ]; then else swapoff $SWAPFILE fi - # edit /etc/fstab file, remove line with /swapfile - sed -i -e "/$SWAPFILE/d" /etc/fstab + sed -i "\%$SWAPFILE%d" /etc/fstab fi done fi -# disable swap -#swapoff /swapfile -# edit /etc/fstab file, remove line with /swapfile -#sed -i -e '/swapfile/d' /etc/fstab DOCKERV=$(cat /opt/config/docker_version.txt) @@ -122,6 +120,25 @@ KUBECNIV=$(cat /opt/config/k8s_cni_version.txt) KUBEVERSION="${KUBEV}-00" CNIVERSION="${KUBECNIV}-00" DOCKERVERSION="${DOCKERV}" + +# adjust package version tag +UBUNTU_RELEASE=$(lsb_release -r | sed 's/^[a-zA-Z:\t ]\+//g') +if [[ ${UBUNTU_RELEASE} == 16.* ]]; then + echo "Installing on Ubuntu $UBUNTU_RELEASE (Xenial Xerus) host" + if [ ! -z "${DOCKERV}" ]; then + DOCKERVERSION="${DOCKERV}-0ubuntu1~16.04.5" + fi +elif [[ ${UBUNTU_RELEASE} == 18.* ]]; then + echo "Installing on Ubuntu $UBUNTU_RELEASE (Bionic Beaver)" + if [ ! -z "${DOCKERV}" ]; then + DOCKERVERSION="${DOCKERV}-0ubuntu1~18.04.5" + fi +else + echo "Unsupported Ubuntu release ($UBUNTU_RELEASE) detected. Exit." + exit +fi + + curl -s https://packages.cloud.google.com/apt/doc/apt-key.gpg | apt-key add - echo 'deb http://apt.kubernetes.io/ kubernetes-xenial main' > /etc/apt/sources.list.d/kubernetes.list @@ -131,36 +148,52 @@ echo "APT::Acquire::Retries \"3\";" > /etc/apt/apt.conf.d/80-retries # install low latency kernel, docker.io, and kubernetes apt-get update -apt-get install -y virt-what +RES=$(apt-get install -y virt-what curl jq netcat 2>&1) +if [[ $RES == */var/lib/dpkg/lock* ]]; then + echo "Fail to get dpkg lock. Wait for any other package installation" + echo "process to finish, then rerun this script" + exit -1 +fi + if ! echo $(virt-what) | grep "virtualbox"; then - # this version of low latency kernel causes virtualbox VM to hand. + # this version of low latency kernel causes virtualbox VM to hang. # install if identifying the VM not being a virtualbox VM. apt-get install -y linux-image-4.15.0-45-lowlatency fi + + if [ -z ${DOCKERVERSION} ]; then - apt-get install -y curl jq netcat docker.io + apt-get install -y --allow-change-held-packages --allow-unauthenticated --ignore-hold docker.io +else + apt-get install -y --allow-change-held-packages --allow-unauthenticated --ignore-hold docker.io=${DOCKERVERSION} +fi +systemctl enable docker.service + +if [ -z ${CNIVERSION} ]; then + apt-get install -y --allow-change-held-packages --allow-unauthenticated --ignore-hold kubernetes-cni else - apt-get install -y curl jq netcat docker.io=${DOCKERVERSION} + apt-get install -y --allow-change-held-packages --allow-unauthenticated --ignore-hold kubernetes-cni=${CNIVERSION} fi -apt-get install -y kubernetes-cni=${CNIVERSION} -apt-get install -y --allow-unauthenticated kubeadm=${KUBEVERSION} kubelet=${KUBEVERSION} kubectl=${KUBEVERSION} + +if [ -z ${KUBEVERSION} ]; then + apt-get install -y --allow-change-held-packages --allow-unauthenticated --ignore-hold kubeadm kubelet kubectl +else + apt-get install -y --allow-change-held-packages --allow-unauthenticated --ignore-hold kubeadm=${KUBEVERSION} kubelet=${KUBEVERSION} kubectl=${KUBEVERSION} +fi + apt-mark hold docker.io kubernetes-cni kubelet kubeadm kubectl # test access to k8s docker registry -kubeadm config images pull +kubeadm config images pull --kubernetes-version=${KUBEV} +NODETYPE="master" # non-master nodes have hostnames ending with -[0-9][0-9] -if [[ $(hostname) == *-[0-9][0-9] ]]; then - echo "Done for non-master node" - echo "Starting an NC TCP server on port 29999 to indicate we are ready" - nc -l -p 29999 & -else +if [ "$NODETYPE" == "master" ]; then # below are steps for initializating master node, only run on the master node. # minion node join will be triggered from the caller of the stack creation as ssh command. - # create kubenetes config file if [[ ${KUBEV} == 1.13.* ]]; then cat </root/config.yaml @@ -173,7 +206,6 @@ networking: dnsDomain: cluster.local podSubnet: 10.244.0.0/16 serviceSubnet: 10.96.0.0/12 - --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 kind: KubeProxyConfiguration @@ -191,19 +223,33 @@ networking: dnsDomain: cluster.local podSubnet: 10.244.0.0/16 serviceSubnet: 10.96.0.0/12 - --- apiVersion: kubeproxy.config.k8s.io/v1alpha1 kind: KubeProxyConfiguration mode: ipvs EOF - + elif [[ ${KUBEV} == 1.16.* ]]; then + cat </root/config.yaml +apiVersion: kubeadm.k8s.io/v1beta2 +kubernetesVersion: v${KUBEV} +kind: ClusterConfiguration +apiServer: + extraArgs: + feature-gates: SCTPSupport=true +networking: + dnsDomain: cluster.local + podSubnet: 10.244.0.0/16 + serviceSubnet: 10.96.0.0/12 +--- +apiVersion: kubeproxy.config.k8s.io/v1alpha1 +kind: KubeProxyConfiguration +mode: ipvs +EOF else echo "Unsupported Kubernetes version requested. Bail." exit fi - # create a RBAC file for helm (tiller) cat < /root/rbac-config.yaml apiVersion: v1 @@ -226,20 +272,10 @@ subjects: namespace: kube-system EOF + # start cluster (make sure CIDR is enabled with the flag) kubeadm init --config /root/config.yaml - - # install Helm - HELMV=$(cat /opt/config/helm_version.txt) - HELMVERSION=${HELMV} - cd /root - mkdir Helm - cd Helm - wget https://storage.googleapis.com/kubernetes-helm/helm-v${HELMVERSION}-linux-amd64.tar.gz - tar -xvf helm-v${HELMVERSION}-linux-amd64.tar.gz - mv linux-amd64/helm /usr/local/bin/helm - # set up kubectl credential and config cd /root rm -rf .kube @@ -251,8 +287,11 @@ EOF kubectl get pods --all-namespaces # install flannel - kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml - + if [[ ${KUBEV} == 1.16.* ]]; then + kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/master/Documentation/kube-flannel.yml + else + kubectl apply -f https://raw.githubusercontent.com/coreos/flannel/bc79dd1505b0c8681ece4de4c0d86c5cd2643275/Documentation/kube-flannel.yml + fi # waiting for all 8 kube-system pods to be in running state # (at this point, minions have not joined yet) @@ -265,14 +304,28 @@ EOF # install RBAC for Helm kubectl create -f rbac-config.yaml + # install Helm + HELMV=$(cat /opt/config/helm_version.txt) + HELMVERSION=${HELMV} + cd /root + mkdir Helm + cd Helm + wget https://storage.googleapis.com/kubernetes-helm/helm-v${HELMVERSION}-linux-amd64.tar.gz + tar -xvf helm-v${HELMVERSION}-linux-amd64.tar.gz + mv linux-amd64/helm /usr/local/bin/helm rm -rf /root/.helm - helm init --service-account tiller + if [[ ${KUBEV} == 1.16.* ]]; then + # helm init uses API extensions/v1beta1 which is depreciated by Kubernetes + # 1.16.0. Until upstream (helm) provides a fix, this is the work-around. + helm init --service-account tiller --override spec.selector.matchLabels.'name'='tiller',spec.selector.matchLabels.'app'='helm' --output yaml | sed 's@apiVersion: extensions/v1beta1@apiVersion: apps/v1@' | kubectl apply -f - + else + helm init --service-account tiller + fi export HELM_HOME="/root/.helm" # waiting for tiller pod to be in running state wait_for_pods_running 1 kube-system tiller-deploy - while ! helm version; do echo "Waiting for Helm to be ready" sleep 15 @@ -285,9 +338,6 @@ EOF mkdir -p /opt/data/dashboard-data fi - echo "Starting an NC TCP server on port 29999 to indicate we are ready" - nc -l -p 29999 & - echo "Done with master node setup" fi @@ -303,14 +353,14 @@ if [[ ! -z "${__RUNRICENV_HELMREPO_IP__}" && ! -z "${__RUNRICENV_HELMREPO_HOST__ echo "${__RUNRICENV_HELMREPO_IP__} ${__RUNRICENV_HELMREPO_HOST__}" >> /etc/hosts fi -if [ ! -z "${__RUNRICENV_HELMREPO_CERT__}" ]; then +if [[ "${__RUNRICENV_HELMREPO_CERT_LEN__}" -gt "100" ]]; then cat </etc/ca-certificates/update.d/helm.crt ${__RUNRICENV_HELMREPO_CERT__} EOF fi # add cert for accessing docker registry in Azure -if [ ! -z "${__RUNRICENV_DOCKER_CERT__}" ]; then +if [[ "${__RUNRICENV_DOCKER_CERT_LEN__}" -gt "100" ]]; then mkdir -p /etc/docker/certs.d/${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__} cat </etc/docker/ca.crt ${__RUNRICENV_DOCKER_CERT__} @@ -323,3 +373,4 @@ EOF docker pull ${__RUNRICENV_DOCKER_HOST__}:${__RUNRICENV_DOCKER_PORT__}/whoami:0.0.1 fi +if [ "$(uname -r)" != "4.15.0-45-lowlatency" ]; then reboot; fi diff --git a/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/deployment.yaml b/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/deployment.yaml index faee6f37..f3bf3419 100644 --- a/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/deployment.yaml +++ b/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/deployment.yaml @@ -15,7 +15,7 @@ # limitations under the License. # ################################################################################ -apiVersion: apps/v1beta2 +apiVersion: apps/v1 kind: Deployment metadata: name: {{ include "common.deploymentname.chartmuseum" .}} diff --git a/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/ingress.yaml b/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/ingress.yaml index 2d74a33f..747942a5 100644 --- a/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/ingress.yaml +++ b/ric-infra/15-Chartmuseum/helm/chartmuseum/templates/ingress.yaml @@ -14,7 +14,7 @@ # See the License for the specific language governing permissions and # # limitations under the License. # ################################################################################ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ include "common.ingressname.chartmuseum" . }} diff --git a/ric-infra/20-Monitoring/helm/elfkp/values.yaml b/ric-infra/20-Monitoring/helm/elfkp/values.yaml index eff02e78..3b7ec190 100644 --- a/ric-infra/20-Monitoring/helm/elfkp/values.yaml +++ b/ric-infra/20-Monitoring/helm/elfkp/values.yaml @@ -12,7 +12,7 @@ prometheus: persistentVolume: enabled: false kubeStateMetrics: - enabled: true + enabled: false nodeExporter: enabled: false pushgateway: @@ -20,10 +20,16 @@ prometheus: persistentVolume: enabled: false server: + ingress: + enabled: true + hosts: + - prometheus-entry persistentVolume: - enabled: false + enabled: false +fluentd-elasticsearch: + enabled: true elastic-stack: enabled: true @@ -41,11 +47,19 @@ elastic-stack: kibana: enabled: true + files: + kibana.yml: + elasticsearch.url: http://r1-elfkp-elasticsearch-client:9200 env: - ELASTICSEARCH_URL: http://http.default.svc.cluster.local:9200 + ELASTICSEARCH_URL: http://r1-elfkp-elasticsearch-client:9200 + ELASTICSEARCH_HOSTS: http://r1-elfkp-elasticsearch-client:9200 + ingress: + enabled: true + hosts: + - "kibana-entry" logstash: - enabled: true + enabled: false persistence: enabled: false # elasticsearch: @@ -61,13 +75,17 @@ elastic-stack: # - elastic-stack-elasticsearch-client:9200 fluentd: - enabled: false + enabled: true + output: + host: r1-elfkp-elasticsearch-client fluent-bit: enabled: false fluentd-elasticsearch: - enabled: false + enabled: true + elasticsearch: + host: 'r1-elfkp-elasticsearch-client' nginx-ldapauth-proxy: enabled: false diff --git a/ric-infra/30-Kong/bin/install b/ric-infra/30-Kong/bin/install index 19eaf5df..518fd44f 100755 --- a/ric-infra/30-Kong/bin/install +++ b/ric-infra/30-Kong/bin/install @@ -55,13 +55,9 @@ COMPONENTS=${LIST_OF_COMPONENTS:-"kong"} echo "Deploying RIC infra components [$COMPONENTS]" -COMMON_CHART_VERSION=$(cat $DIR/../../../ric-common/Common-Template/helm/ric-common/Chart.yaml | grep version | awk '{print $2}') -helm package -d /tmp $DIR/../../../ric-common/Common-Template/helm/ric-common for component in $COMPONENTS; do - mkdir -p $DIR/../helm/$component/charts/ - cp /tmp/ric-common-$COMMON_CHART_VERSION.tgz $DIR/../helm/$component/charts/ helm install -f $OVERRIDEYAML --namespace "${NAMESPACE}" --name "${RELEASE_PREFIX}-$component" $DIR/../helm/$component done diff --git a/ric-infra/30-Kong/helm/kong/Chart.yaml b/ric-infra/30-Kong/helm/kong/Chart.yaml index 592e8008..89768a17 100644 --- a/ric-infra/30-Kong/helm/kong/Chart.yaml +++ b/ric-infra/30-Kong/helm/kong/Chart.yaml @@ -1,3 +1,19 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + apiVersion: v1 appVersion: "1.0" description: A Helm chart for Kubernetes diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/Chart.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/Chart.yaml index 8a235201..2e1cf0d2 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/Chart.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/Chart.yaml @@ -1,5 +1,21 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + apiVersion: v1 -appVersion: "1.2" +appVersion: "1.3" description: The Cloud-Native Ingress and Service Mesh for APIs and Microservices engine: gotpl home: https://KongHQ.com/ @@ -7,7 +23,9 @@ icon: https://s3.amazonaws.com/downloads.kong/universe/assets/icon-kong-inc-larg maintainers: - email: shashi@konghq.com name: shashiranjan84 +- email: harry@konghq.com + name: hbagdi name: kong sources: - https://github.com/Kong/kong -version: 0.12.2 +version: 0.17.0 diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/README.md b/ric-infra/30-Kong/helm/kong/charts/kong/README.md index 1df9b716..be6bc157 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/README.md +++ b/ric-infra/30-Kong/helm/kong/charts/kong/README.md @@ -58,55 +58,62 @@ chart and deletes the release. The following table lists the configurable parameters of the Kong chart and their default values. -| Parameter | Description | Default | -| ------------------------------ | -------------------------------------------------------------------------------- | ------------------- | -| image.repository | Kong image | `kong` | -| image.tag | Kong image version | `1.2` | -| image.pullPolicy | Image pull policy | `IfNotPresent` | -| image.pullSecrets | Image pull secrets | `null` | -| replicaCount | Kong instance count | `1` | -| admin.useTLS | Secure Admin traffic | `true` | -| admin.servicePort | TCP port on which the Kong admin service is exposed | `8444` | -| admin.containerPort | TCP port on which Kong app listens for admin traffic | `8444` | -| admin.nodePort | Node port when service type is `NodePort` | | -| admin.hostPort | Host port to use for admin traffic | | -| admin.type | k8s service type, Options: NodePort, ClusterIP, LoadBalancer | `NodePort` | -| admin.loadBalancerIP | Will reuse an existing ingress static IP for the admin service | `null` | -| admin.loadBalancerSourceRanges | Limit admin access to CIDRs if set and service type is `LoadBalancer` | `[]` | -| admin.ingress.enabled | Enable ingress resource creation (works with proxy.type=ClusterIP) | `false` | -| admin.ingress.tls | Name of secret resource, containing TLS secret | | -| admin.ingress.hosts | List of ingress hosts. | `[]` | -| admin.ingress.path | Ingress path. | `/` | -| admin.ingress.annotations | Ingress annotations. See documentation for your ingress controller for details | `{}` | -| proxy.http.enabled | Enables http on the proxy | true | -| proxy.http.servicePort | Service port to use for http | 80 | -| proxy.http.containerPort | Container port to use for http | 8000 | -| proxy.http.nodePort | Node port to use for http | 32080 | -| proxy.http.hostPort | Host port to use for http | | -| proxy.tls.enabled | Enables TLS on the proxy | true | -| proxy.tls.containerPort | Container port to use for TLS | 8443 | -| proxy.tls.servicePort | Service port to use for TLS | 8443 | -| proxy.tls.nodePort | Node port to use for TLS | 32443 | -| proxy.tls.hostPort | Host port to use for TLS | | -| proxy.type | k8s service type. Options: NodePort, ClusterIP, LoadBalancer | `NodePort` | -| proxy.loadBalancerSourceRanges | Limit proxy access to CIDRs if set and service type is `LoadBalancer` | `[]` | -| proxy.loadBalancerIP | To reuse an existing ingress static IP for the admin service | | -| proxy.externalIPs | IPs for which nodes in the cluster will also accept traffic for the proxy | `[]` | -| proxy.externalTrafficPolicy | k8s service's externalTrafficPolicy. Options: Cluster, Local | | -| proxy.ingress.enabled | Enable ingress resource creation (works with proxy.type=ClusterIP) | `false` | -| proxy.ingress.tls | Name of secret resource, containing TLS secret | | -| proxy.ingress.hosts | List of ingress hosts. | `[]` | -| proxy.ingress.path | Ingress path. | `/` | -| proxy.ingress.annotations | Ingress annotations. See documentation for your ingress controller for details | `{}` | -| env | Additional [Kong configurations](https://getkong.org/docs/latest/configuration/) | | -| runMigrations | Run Kong migrations job | `true` | -| readinessProbe | Kong readiness probe | | -| livenessProbe | Kong liveness probe | | -| affinity | Node/pod affinities | | -| nodeSelector | Node labels for pod assignment | `{}` | -| podAnnotations | Annotations to add to each pod | `{}` | -| resources | Pod resource requests & limits | `{}` | -| tolerations | List of node taints to tolerate | `[]` | +| Parameter | Description | Default | +| ---------------------------------- | ------------------------------------------------------------------------------------- | ------------------- | +| image.repository | Kong image | `kong` | +| image.tag | Kong image version | `1.3` | +| image.pullPolicy | Image pull policy | `IfNotPresent` | +| image.pullSecrets | Image pull secrets | `null` | +| replicaCount | Kong instance count | `1` | +| admin.useTLS | Secure Admin traffic | `true` | +| admin.servicePort | TCP port on which the Kong admin service is exposed | `8444` | +| admin.containerPort | TCP port on which Kong app listens for admin traffic | `8444` | +| admin.nodePort | Node port when service type is `NodePort` | | +| admin.hostPort | Host port to use for admin traffic | | +| admin.type | k8s service type, Options: NodePort, ClusterIP, LoadBalancer | `NodePort` | +| admin.loadBalancerIP | Will reuse an existing ingress static IP for the admin service | `null` | +| admin.loadBalancerSourceRanges | Limit admin access to CIDRs if set and service type is `LoadBalancer` | `[]` | +| admin.ingress.enabled | Enable ingress resource creation (works with proxy.type=ClusterIP) | `false` | +| admin.ingress.tls | Name of secret resource, containing TLS secret | | +| admin.ingress.hosts | List of ingress hosts. | `[]` | +| admin.ingress.path | Ingress path. | `/` | +| admin.ingress.annotations | Ingress annotations. See documentation for your ingress controller for details | `{}` | +| proxy.http.enabled | Enables http on the proxy | true | +| proxy.http.servicePort | Service port to use for http | 80 | +| proxy.http.containerPort | Container port to use for http | 8000 | +| proxy.http.nodePort | Node port to use for http | 32080 | +| proxy.http.hostPort | Host port to use for http | | +| proxy.tls.enabled | Enables TLS on the proxy | true | +| proxy.tls.containerPort | Container port to use for TLS | 8443 | +| proxy.tls.servicePort | Service port to use for TLS | 8443 | +| proxy.tls.nodePort | Node port to use for TLS | 32443 | +| proxy.tls.hostPort | Host port to use for TLS | | +| proxy.type | k8s service type. Options: NodePort, ClusterIP, LoadBalancer | `NodePort` | +| proxy.loadBalancerSourceRanges | Limit proxy access to CIDRs if set and service type is `LoadBalancer` | `[]` | +| proxy.loadBalancerIP | To reuse an existing ingress static IP for the admin service | | +| proxy.externalIPs | IPs for which nodes in the cluster will also accept traffic for the proxy | `[]` | +| proxy.externalTrafficPolicy | k8s service's externalTrafficPolicy. Options: Cluster, Local | | +| proxy.ingress.enabled | Enable ingress resource creation (works with proxy.type=ClusterIP) | `false` | +| proxy.ingress.tls | Name of secret resource, containing TLS secret | | +| proxy.ingress.hosts | List of ingress hosts. | `[]` | +| proxy.ingress.path | Ingress path. | `/` | +| proxy.ingress.annotations | Ingress annotations. See documentation for your ingress controller for details | `{}` | +| updateStrategy | update strategy for deployment | `{}` | +| env | Additional [Kong configurations](https://getkong.org/docs/latest/configuration/) | | +| runMigrations | Run Kong migrations job | `true` | +| readinessProbe | Kong readiness probe | | +| livenessProbe | Kong liveness probe | | +| affinity | Node/pod affinities | | +| nodeSelector | Node labels for pod assignment | `{}` | +| podAnnotations | Annotations to add to each pod | `{}` | +| resources | Pod resource requests & limits | `{}` | +| tolerations | List of node taints to tolerate | `[]` | +| podDisruptionBudget.enabled | Enable PodDisruptionBudget for Kong | `false` | +| podDisruptionBudget.maxUnavailable | Represents the minimum number of Pods that can be unavailable (integer or percentage) | `50%` | +| podDisruptionBudget.minAvailable | Represents the number of Pods that must be available (integer or percentage) | | +| serviceMonitor.enabled | Create ServiceMonitor for Prometheus Operator | false | +| serviceMonitor.interval | Scrapping interval | 10s | +| serviceMonitor.namespace | Where to create ServiceMonitor | | ### Admin/Proxy listener override @@ -115,12 +122,12 @@ the value provided by you as opposed to constructing a listen variable from fields like `proxy.http.containerPort` and `proxy.http.enabled`. This allows you to be more prescriptive when defining listen directives. -**Note:** Overriding `env.proxy_listen` and `env.admin_listen` will potentially cause -`admin.containerPort`, `proxy.http.containerPort` and `proxy.tls.containerPort` to become out of sync, +**Note:** Overriding `env.proxy_listen` and `env.admin_listen` will potentially cause +`admin.containerPort`, `proxy.http.containerPort` and `proxy.tls.containerPort` to become out of sync, and therefore must be updated accordingly. -I.E. updatating to `env.proxy_listen: 0.0.0.0:4444, 0.0.0.0:4443 ssl` will need -`proxy.http.containerPort: 4444` and `proxy.tls.containerPort: 4443` to be set in order +I.E. updatating to `env.proxy_listen: 0.0.0.0:4444, 0.0.0.0:4443 ssl` will need +`proxy.http.containerPort: 4444` and `proxy.tls.containerPort: 4443` to be set in order for the service definition to work properly. ### Kong-specific parameters @@ -135,23 +142,24 @@ Enabling both will create both databases in your cluster, but only one will be used by Kong based on the `env.database` parameter. Postgres is enabled by default. -| Parameter | Description | Default | -| ------------------------------ | -------------------------------------------------------------------- | ------------------- | -| cassandra.enabled | Spin up a new cassandra cluster for Kong | `false` | -| postgresql.enabled | Spin up a new postgres instance for Kong | `true` | -| waitImage.repository | Image used to wait for database to become ready | `busybox` | -| waitImage.tag | Tag for image used to wait for database to become ready | `latest` | -| env.database | Choose either `postgres` or `cassandra` | `postgres` | -| env.pg_user | Postgres username | `kong` | -| env.pg_database | Postgres database name | `kong` | -| env.pg_password | Postgres database password (required if you are using your own database)| `kong` | -| env.pg_host | Postgres database host (required if you are using your own database) | `` | -| env.pg_port | Postgres database port | `5432` | -| env.cassandra_contact_points | Cassandra contact points (required if you are using your own database) | `` | -| env.cassandra_port | Cassandra query port | `9042` | -| env.cassandra_keyspace | Cassandra keyspace | `kong` | -| env.cassandra_repl_factor | Replication factor for the Kong keyspace | `2` | - +| Parameter | Description | Default | +| ------------------------------| ------------------------------------------------------------------------| ----------------------| +| cassandra.enabled | Spin up a new cassandra cluster for Kong | `false` | +| postgresql.enabled | Spin up a new postgres instance for Kong | `true` | +| waitImage.repository | Image used to wait for database to become ready | `busybox` | +| waitImage.tag | Tag for image used to wait for database to become ready | `latest` | +| env.database | Choose either `postgres`, `cassandra` or `"off"` (for dbless mode) | `postgres` | +| env.pg_user | Postgres username | `kong` | +| env.pg_database | Postgres database name | `kong` | +| env.pg_password | Postgres database password (required if you are using your own database)| `kong` | +| env.pg_host | Postgres database host (required if you are using your own database) | `` | +| env.pg_port | Postgres database port | `5432` | +| env.cassandra_contact_points | Cassandra contact points (required if you are using your own database) | `` | +| env.cassandra_port | Cassandra query port | `9042` | +| env.cassandra_keyspace | Cassandra keyspace | `kong` | +| env.cassandra_repl_factor | Replication factor for the Kong keyspace | `2` | +| dblessConfig.configMap | Name of an existing ConfigMap containing the `kong.yml` file. This must have the key `kong.yml`.| `` | +| dblessConfig.config | Yaml configuration file for the dbless (declarative) configuration of Kong | see in `values.yaml` | All `kong.env` parameters can also accept a mapping instead of a value to ensure the parameters can be set through configmaps and secrets. @@ -167,7 +175,7 @@ kong: key: kong name: postgres ``` - + For complete list of Kong configurations please check https://getkong.org/docs/latest/configuration/. @@ -175,7 +183,7 @@ Specify each parameter using the `--set key=value[,key=value]` argument to `helm ```console $ helm install stable/kong --name my-release \ - --set=image.tag=1.2,env.database=cassandra,cassandra.enabled=true + --set=image.tag=1.3,env.database=cassandra,cassandra.enabled=true ``` Alternatively, a YAML file that specifies the values for the above parameters @@ -324,6 +332,16 @@ If your SMTP server requires authentication, you should the `username` and `smtp_password_secret` must be a Secret containing an `smtp_password` key whose value is your SMTP password. +### DB-less Configuration + + +When deploying Kong in DB-less mode (`env.database: "off"`) and without the Ingress +Controller (`ingressController.enabled: false`), Kong needs a config to run. In +this case, configuration can be provided using an exsiting ConfigMap +(`dblessConfig.configMap`) or pushed directly into the values file under +`dblessConfig.config`. See the example configuration in the default values.yaml +for more details. + ### Kong Ingress Controller Kong Ingress Controller's primary purpose is to satisfy Ingress resources @@ -363,12 +381,17 @@ The custom resources are: You can can learn about kong ingress custom resource definitions [here](https://github.com/Kong/kubernetes-ingress-controller/blob/master/docs/custom-resources.md). -| Parameter | Description | Default | -| --------------- | ----------------------------------------- | ---------------------------------------------------------------------------- | -| enabled | Deploy the ingress controller, rbac and crd | false | -| replicaCount | Number of desired ingress controllers | 1 | -| image.repository | Docker image with the ingress controller | kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller | -| image.tag | Version of the ingress controller | 0.2.0 | -| readinessProbe | Kong ingress controllers readiness probe | | -| livenessProbe | Kong ingress controllers liveness probe | | -| ingressClass | The ingress-class value for controller | nginx + +| Parameter | Description | Default | +| ---------------------------------- | ------------------------------------------------------------------------------------- | ---------------------------------------------------------------------------- | +| enabled | Deploy the ingress controller, rbac and crd | false | +| replicaCount | Number of desired ingress controllers | 1 | +| image.repository | Docker image with the ingress controller | kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller | +| image.tag | Version of the ingress controller | 0.2.0 | +| readinessProbe | Kong ingress controllers readiness probe | | +| livenessProbe | Kong ingress controllers liveness probe | | +| ingressClass | The ingress-class value for controller | nginx | +| podDisruptionBudget.enabled | Enable PodDisruptionBudget for ingress controller | `false` | +| podDisruptionBudget.maxUnavailable | Represents the minimum number of Pods that can be unavailable (integer or percentage) | `50%` | +| podDisruptionBudget.minAvailable | Represents the number of Pods that must be available (integer or percentage) | | + diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/charts/cassandra/Chart.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/charts/cassandra/Chart.yaml index 0edae2b9..44592bbd 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/charts/cassandra/Chart.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/charts/cassandra/Chart.yaml @@ -1,3 +1,4 @@ +apiVersion: v1 appVersion: 3.11.3 description: Apache Cassandra is a free and open-source distributed database management system designed to handle large amounts of data across many commodity servers, providing diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/Chart.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/Chart.yaml index fe0846e2..bbaf967c 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/Chart.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/Chart.yaml @@ -1,3 +1,4 @@ +apiVersion: v1 appVersion: 10.6.0 description: Chart for PostgreSQL, an object-relational database management system (ORDBMS) with an emphasis on extensibility and on standards-compliance. diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset-slaves.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset-slaves.yaml index 057ed664..498b9c78 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset-slaves.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset-slaves.yaml @@ -1,5 +1,5 @@ {{- if .Values.replication.enabled }} -apiVersion: apps/v1beta2 +apiVersion: apps/v1 kind: StatefulSet metadata: name: "{{ template "postgresql.fullname" . }}-slave" diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset.yaml index d85826fc..8fee52df 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/charts/postgresql/templates/statefulset.yaml @@ -1,4 +1,4 @@ -apiVersion: apps/v1beta2 +apiVersion: apps/v1 kind: StatefulSet metadata: name: {{ template "postgresql.master.fullname" . }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-internal-declarative-config-values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-internal-declarative-config-values.yaml new file mode 100755 index 00000000..596b7c77 --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-internal-declarative-config-values.yaml @@ -0,0 +1,39 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# CI test for testing dbless deployment without ingress controllers +ingressController: + enabled: false +env: + database: "off" +postgresql: + enabled: false +dblessConfig: + # Or the configuration is passed in full-text below + config: + _format_version: "1.1" + services: + - name: test-svc + url: http://example.com + routes: + - name: test + paths: + - /test + plugins: + - name: request-termination + config: + status_code: 200 + message: "dbless-config" diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-values.yaml new file mode 100755 index 00000000..04eaee7c --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-no-kic-values.yaml @@ -0,0 +1,21 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# CI test for testing dbless deployment +env: + database: "off" +postgresql: + enabled: false diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-values.yaml new file mode 100755 index 00000000..f9fe62ab --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless-values.yaml @@ -0,0 +1,29 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# CI test for testing dbless deployment + +podDisruptionBudget: + enabled: true + +ingressController: + enabled: true + podDisruptionBudget: + enabled: true +env: + database: "off" +postgresql: + enabled: false diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless.yaml deleted file mode 100755 index 6b96a33a..00000000 --- a/ric-infra/30-Kong/helm/kong/charts/kong/ci/dbless.yaml +++ /dev/null @@ -1,7 +0,0 @@ -# CI test for testing dbless deployment -ingressController: - enabled: true -env: - database: "off" -postgresql: - enabled: false diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/ci/default-values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/ci/default-values.yaml index 56474ebb..b24106b9 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/ci/default-values.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/ci/default-values.yaml @@ -1,10 +1,26 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + # Default values for kong. # Declare variables to be passed into your templates. image: repository: kong # repository: kong-docker-kong-enterprise-edition-docker.bintray.io/kong-enterprise-edition - tag: 1.2 + tag: 1.3 pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. @@ -229,7 +245,7 @@ enterprise: # The key value must be a secret configuration, following the example at https://docs.konghq.com/enterprise/0.35-x/kong-manager/authentication/sessions/ session_conf_secret: you-must-create-an-rbac-session-conf-secret # Set to the appropriate plugin config JSON if not using basic-auth - # admin_gui_auth_conf: '' + admin_gui_auth_conf: {} smtp: enabled: false portal_emails_from: none@example.com @@ -251,8 +267,18 @@ enterprise: # Set runMigrations to run Kong migrations runMigrations: true +# update strategy +updateStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: "100%" + # maxUnavailable: "0%" + # Specify Kong configurations # Kong configurations guide https://getkong.org/docs/latest/configuration/ +# Values here take precedence over values from other sections of values.yaml, +# e.g. setting pg_user here will override the value normally set when postgresql.enabled +# is set below. In general, you should not set values here if they are set elsewhere. env: database: postgres proxy_access_log: /dev/stdout @@ -318,6 +344,11 @@ podAnnotations: {} # Kong pod count replicaCount: 1 +# Kong Pod Disruption Budget +podDisruptionBudget: + enabled: false + maxUnavailable: "50%" + # Kong has a choice of either Postgres or Cassandra as a backend datatstore. # This chart allows you to choose either of them with the `database.type` # parameter. Postgres is chosen by default. @@ -347,7 +378,7 @@ ingressController: enabled: false image: repository: kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller - tag: 0.4.0 + tag: 0.5.0 replicaCount: 1 livenessProbe: failureThreshold: 3 @@ -384,3 +415,30 @@ ingressController: name: ingressClass: kong + + podDisruptionBudget: + enabled: false + maxUnavailable: "50%" + +# We pass the dbless (declarative) config over here. +dblessConfig: + # Either Kong's configuration is managed from an existing ConfigMap (with Key: kong.yml) + configMap: "" + # Or the configuration is passed in full-text below + config: + _format_version: "1.1" + services: + # Example configuration + # - name: example.com + # url: http://example.com + # routes: + # - name: example + # paths: + # - "/example" + +serviceMonitor: + # Specifies whether ServiceMonitor for Prometheus operator should be created + enabled: false + # interval: 10s + # Specifies namespace, where ServiceMonitor should be installed + # namespace: monitoring diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/ci/loadbalancer-values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/ci/loadbalancer-values.yaml index eb2a7b97..7a24b872 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/ci/loadbalancer-values.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/ci/loadbalancer-values.yaml @@ -14,6 +14,12 @@ proxy: - 192.168.1.1/32 - 10.10.10.10/32 +updateStrategy: + type: "RollingUpdate" + rollingUpdate: + maxSurge: 1 + maxUnavailable: 0 + readinessProbe: httpGet: path: "/status" diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/requirements.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/requirements.yaml index 9d2cccb6..ef0c8ebb 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/requirements.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/requirements.yaml @@ -1,3 +1,19 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + dependencies: - name: postgresql version: ~3.9.1 diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/_helpers.tpl b/ric-infra/30-Kong/helm/kong/charts/kong/templates/_helpers.tpl index 401878ae..0a39678c 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/_helpers.tpl +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/_helpers.tpl @@ -23,6 +23,11 @@ We truncate at 63 chars because some Kubernetes name fields are limited to this {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} {{- end -}} +{{- define "kong.dblessConfig.fullname" -}} +{{- $name := default "kong-custom-dbless-config" .Values.dblessConfig.nameOverride -}} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} +{{- end -}} + {{/* Create the name of the service account to use */}} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/config-custom-server-blocks.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/config-custom-server-blocks.yaml new file mode 100755 index 00000000..466aa72c --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/config-custom-server-blocks.yaml @@ -0,0 +1,29 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "kong.fullname" . }}-default-custom-server-blocks + labels: + app: {{ template "kong.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + servers.conf: | + # Prometheus metrics server + server { + server_name kong_prometheus_exporter; + listen 0.0.0.0:9542; # can be any other port as well + access_log off; + location /metrics { + default_type text/plain; + content_by_lua_block { + local prometheus = require "kong.plugins.prometheus.exporter" + prometheus:collect() + } + } + location /nginx_status { + internal; + access_log off; + stub_status; + } + } diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/config-dbless.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/config-dbless.yaml new file mode 100755 index 00000000..186c0fa8 --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/config-dbless.yaml @@ -0,0 +1,16 @@ +{{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} +{{- if not .Values.dblessConfig.configMap }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ template "kong.dblessConfig.fullname" . }} + labels: + app: {{ template "kong.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +data: + kong.yml: | +{{ .Values.dblessConfig.config | toYaml | indent 4 }} +{{- end }} +{{- end }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-cluster-role.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-cluster-role.yaml index 2a4bc808..a555c0a0 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-cluster-role.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-cluster-role.yaml @@ -34,7 +34,7 @@ rules: - list - watch - apiGroups: - - "extensions" + - "networking.k8s.io" resources: - ingresses verbs: @@ -49,7 +49,7 @@ rules: - create - patch - apiGroups: - - "extensions" + - "networking.k8s.io" resources: - ingresses/status verbs: @@ -65,4 +65,12 @@ rules: - get - list - watch + - apiGroups: + - "networking.k8s.io" + resources: + - ingresses + verbs: + - get + - list + - watch {{- end -}} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-deployment.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-deployment.yaml index 056b1d41..2bb7f088 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-deployment.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-deployment.yaml @@ -1,5 +1,5 @@ {{- if (and (.Values.ingressController.enabled) (not (eq .Values.env.database "off"))) }} -apiVersion: apps/v1beta2 +apiVersion: apps/v1 kind: Deployment metadata: name: "{{ template "kong.fullname" . }}-controller" @@ -61,7 +61,6 @@ spec: {{- end }} {{- include "kong.license" . | nindent 8 }} {{- end }} - {{- include "kong.env" . | indent 8 }} {{- if .Values.admin.useTLS }} - name: KONG_ADMIN_LISTEN value: "0.0.0.0:{{ .Values.admin.containerPort }} ssl" @@ -82,6 +81,7 @@ spec: - name: KONG_CASSANDRA_CONTACT_POINTS value: {{ template "kong.cassandra.fullname" . }} {{- end }} + {{- include "kong.env" . | indent 8 }} ports: - name: admin containerPort: {{ .Values.admin.containerPort }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-pdb.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-pdb.yaml new file mode 100755 index 00000000..d0327819 --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/controller-pdb.yaml @@ -0,0 +1,20 @@ +{{- if and .Values.ingressController.enabled .Values.ingressController.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: "{{ template "kong.fullname" . }}-controller" + labels: + app: "{{ template "kong.name" . }}" +spec: + {{- if .Values.ingressController.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.ingressController.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.ingressController.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.ingressController.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app: {{ template "kong.name" . }} + release: {{ .Release.Name }} + component: controller +{{- end }} \ No newline at end of file diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/deployment.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/deployment.yaml index fcc21b3d..9bcbab07 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/deployment.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/deployment.yaml @@ -1,4 +1,4 @@ -apiVersion: apps/v1beta2 +apiVersion: apps/v1 kind: Deployment metadata: name: "{{ template "kong.fullname" . }}" @@ -15,18 +15,28 @@ spec: app: {{ template "kong.name" . }} release: {{ .Release.Name }} component: app + {{- if .Values.updateStrategy }} + strategy: +{{ toYaml .Values.updateStrategy | indent 4 }} + {{- end }} + template: metadata: - {{- if .Values.podAnnotations }} annotations: + {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off" )) }} + {{- if .Values.dblessConfig.config }} + checksum/dbless.config: {{ toYaml .Values.dblessConfig.config | sha256sum }} + {{- end }} + {{- end }} + {{- if .Values.podAnnotations }} {{ toYaml .Values.podAnnotations | indent 8 }} - {{- end }} + {{- end }} labels: app: {{ template "kong.name" . }} release: {{ .Release.Name }} component: app spec: - {{- if (and (.Values.ingressController) (eq .Values.env.database "off")) }} + {{- if (and (.Values.ingressController.enabled) (eq .Values.env.database "off")) }} serviceAccountName: {{ template "kong.serviceAccountName" . }} {{ end }} {{- if .Values.image.pullSecrets }} @@ -40,7 +50,7 @@ spec: {{- include "kong.wait-for-db" . | nindent 6 }} {{ end }} containers: - {{- if (and (.Values.ingressController) (eq .Values.env.database "off")) }} + {{- if (and (.Values.ingressController.enabled) (eq .Values.env.database "off")) }} {{- include "kong.controller-container" . | nindent 6 }} {{ end }} - name: {{ template "kong.name" . }} @@ -98,7 +108,7 @@ spec: - name: KONG_ADMIN_GUI_AUTH value: {{ .Values.enterprise.rbac.admin_gui_auth | default "basic-auth" }} - name: KONG_ADMIN_GUI_AUTH_CONF - value: {{ toJson .Values.enterprise.rbac.admin_gui_auth_conf | default "" }} + value: '{{ toJson .Values.enterprise.rbac.admin_gui_auth_conf }}' - name: KONG_ADMIN_GUI_SESSION_CONF valueFrom: secretKeyRef: @@ -135,7 +145,8 @@ spec: {{- end }} {{- include "kong.license" . | nindent 8 }} {{- end }} - {{- include "kong.env" . | indent 8 }} + - name: KONG_NGINX_HTTP_INCLUDE + value: /kong/servers.conf {{- if .Values.postgresql.enabled }} - name: KONG_PG_HOST value: {{ template "kong.postgresql.fullname" . }} @@ -151,6 +162,11 @@ spec: - name: KONG_CASSANDRA_CONTACT_POINTS value: {{ template "kong.cassandra.fullname" . }} {{- end }} + {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} + - name: KONG_DECLARATIVE_CONFIG + value: "/kong_dbless/kong.yml" + {{- end }} + {{- include "kong.env" . | indent 8 }} ports: - name: admin containerPort: {{ .Values.admin.containerPort }} @@ -174,6 +190,9 @@ spec: {{- end}} protocol: TCP {{- end }} + - name: metrics + containerPort: 9542 + protocol: TCP {{- if .Values.enterprise.enabled }} {{- if .Values.manager.http.enabled }} - name: manager @@ -224,6 +243,13 @@ spec: protocol: TCP {{- end }} {{- end }} + volumeMounts: + - name: custom-nginx-template-volume + mountPath: /kong + {{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} + - name: kong-custom-dbless-config-volume + mountPath: /kong_dbless/ + {{- end }} readinessProbe: {{ toYaml .Values.readinessProbe | indent 10 }} livenessProbe: @@ -240,3 +266,16 @@ spec: {{- end }} tolerations: {{ toYaml .Values.tolerations | indent 8 }} + volumes: + - name: custom-nginx-template-volume + configMap: + name: {{ template "kong.fullname" . }}-default-custom-server-blocks +{{- if (and (not .Values.ingressController.enabled) (eq .Values.env.database "off")) }} + - name: kong-custom-dbless-config-volume + configMap: + {{- if .Values.dblessConfig.configMap }} + name: {{ .Values.dblessConfig.configMap }} + {{- else }} + name: {{ template "kong.dblessConfig.fullname" . }} + {{- end }} +{{- end }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-admin.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-admin.yaml index 6b0a32cb..3ca0587f 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-admin.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-admin.yaml @@ -2,7 +2,7 @@ {{- $serviceName := include "kong.fullname" . -}} {{- $servicePort := .Values.admin.servicePort -}} {{- $path := .Values.admin.ingress.path -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ template "kong.fullname" . }}-admin @@ -30,4 +30,4 @@ spec: tls: {{ toYaml .Values.admin.ingress.tls | indent 4 }} {{- end -}} -{{- end -}} \ No newline at end of file +{{- end -}} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-manager.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-manager.yaml index 6dc70845..76c798d7 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-manager.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-manager.yaml @@ -3,7 +3,7 @@ {{- $serviceName := include "kong.fullname" . -}} {{- $servicePort := include "kong.ingress.servicePort" .Values.manager -}} {{- $path := .Values.manager.ingress.path -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ template "kong.fullname" . }}-manager diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal-api.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal-api.yaml index b93abb91..e6fa104d 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal-api.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal-api.yaml @@ -3,7 +3,7 @@ {{- $serviceName := include "kong.fullname" . -}} {{- $servicePort := include "kong.ingress.servicePort" .Values.portalapi -}} {{- $path := .Values.portalapi.ingress.path -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ template "kong.fullname" . }}-portalapi diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal.yaml index 99a249b3..da399b5b 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-portal.yaml @@ -3,7 +3,7 @@ {{- $serviceName := include "kong.fullname" . -}} {{- $servicePort := include "kong.ingress.servicePort" .Values.portal -}} {{- $path := .Values.portal.ingress.path -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ template "kong.fullname" . }}-portal diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-proxy.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-proxy.yaml index df799ce2..002f0cd6 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-proxy.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/ingress-proxy.yaml @@ -2,7 +2,7 @@ {{- $serviceName := include "kong.fullname" . -}} {{- $servicePort := include "kong.ingress.servicePort" .Values.proxy -}} {{- $path := .Values.proxy.ingress.path -}} -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ template "kong.fullname" . }}-proxy diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-post-upgrade.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-post-upgrade.yaml index c35e1302..dcc9b77a 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-post-upgrade.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-post-upgrade.yaml @@ -55,7 +55,6 @@ spec: {{- if .Values.enterprise.enabled }} {{- include "kong.license" . | nindent 8 }} {{- end }} - {{- include "kong.env" . | indent 8 }} {{- if .Values.postgresql.enabled }} - name: KONG_PG_HOST value: {{ template "kong.postgresql.fullname" . }} @@ -71,6 +70,7 @@ spec: - name: KONG_CASSANDRA_CONTACT_POINTS value: {{ template "kong.cassandra.fullname" . }} {{- end }} + {{- include "kong.env" . | indent 8 }} command: [ "/bin/sh", "-c", "kong migrations finish" ] restartPolicy: OnFailure {{- end }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-pre-upgrade.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-pre-upgrade.yaml index 7338c06c..18398715 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-pre-upgrade.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations-pre-upgrade.yaml @@ -55,7 +55,6 @@ spec: {{- if .Values.enterprise.enabled }} {{- include "kong.license" . | nindent 8 }} {{- end }} - {{- include "kong.env" . | indent 8 }} {{- if .Values.postgresql.enabled }} - name: KONG_PG_HOST value: {{ template "kong.postgresql.fullname" . }} @@ -71,6 +70,7 @@ spec: - name: KONG_CASSANDRA_CONTACT_POINTS value: {{ template "kong.cassandra.fullname" . }} {{- end }} + {{- include "kong.env" . | indent 8 }} command: [ "/bin/sh", "-c", "kong migrations up" ] restartPolicy: OnFailure {{- end }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations.yaml index a0039239..76c9b297 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/migrations.yaml @@ -50,7 +50,6 @@ spec: {{- if .Values.enterprise.enabled }} {{- include "kong.license" . | nindent 8 }} {{- end }} - {{- include "kong.env" . | indent 8 }} {{- if .Values.postgresql.enabled }} - name: KONG_PG_HOST value: {{ template "kong.postgresql.fullname" . }} @@ -66,6 +65,7 @@ spec: - name: KONG_CASSANDRA_CONTACT_POINTS value: {{ template "kong.cassandra.fullname" . }} {{- end }} + {{- include "kong.env" . | indent 8 }} command: [ "/bin/sh", "-c", "kong migrations bootstrap" ] restartPolicy: OnFailure {{- end }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/pdb.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/pdb.yaml new file mode 100755 index 00000000..f52b6fb0 --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/pdb.yaml @@ -0,0 +1,20 @@ +{{- if .Values.podDisruptionBudget.enabled }} +apiVersion: policy/v1beta1 +kind: PodDisruptionBudget +metadata: + name: "{{ template "kong.fullname" . }}" + labels: + app: "{{ template "kong.name" . }}" +spec: + {{- if .Values.podDisruptionBudget.minAvailable }} + minAvailable: {{ .Values.podDisruptionBudget.minAvailable }} + {{- end }} + {{- if .Values.podDisruptionBudget.maxUnavailable }} + maxUnavailable: {{ .Values.podDisruptionBudget.maxUnavailable }} + {{- end }} + selector: + matchLabels: + app: {{ template "kong.name" . }} + release: {{ .Release.Name }} + component: app +{{- end }} \ No newline at end of file diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/templates/servicemonitor.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/templates/servicemonitor.yaml new file mode 100755 index 00000000..d138d05e --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/templates/servicemonitor.yaml @@ -0,0 +1,29 @@ +{{- if and ( .Capabilities.APIVersions.Has "monitoring.coreos.com/v1" ) .Values.serviceMonitor.enabled }} +apiVersion: monitoring.coreos.com/v1 +kind: ServiceMonitor +metadata: + name: {{ template "kong.fullname" . }} + {{- if .Values.serviceMonitor.namespace }} + namespace: {{ .Values.serviceMonitor.namespace }} + {{- end }} + labels: + app: {{ template "kong.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + heritage: {{ .Release.Service }} + release: {{ .Release.Name }} +spec: + endpoints: + - targetPort: metrics + scheme: http + {{- if .Values.serviceMonitor.interval }} + interval: {{ .Values.serviceMonitor.interval }} + {{- end }} + jobLabel: {{ .Release.Name }} + namespaceSelector: + matchNames: + - {{ .Release.Namespace }} + selector: + matchLabels: + app: {{ template "kong.name" . }} + release: {{ .Release.Name }} +{{- end }} diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml index 56474ebb..e0fee22f 100755 --- a/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml +++ b/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml @@ -1,10 +1,26 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + # Default values for kong. # Declare variables to be passed into your templates. image: repository: kong # repository: kong-docker-kong-enterprise-edition-docker.bintray.io/kong-enterprise-edition - tag: 1.2 + tag: 1.3 pullPolicy: IfNotPresent ## Optionally specify an array of imagePullSecrets. ## Secrets must be manually created in the namespace. @@ -229,7 +245,7 @@ enterprise: # The key value must be a secret configuration, following the example at https://docs.konghq.com/enterprise/0.35-x/kong-manager/authentication/sessions/ session_conf_secret: you-must-create-an-rbac-session-conf-secret # Set to the appropriate plugin config JSON if not using basic-auth - # admin_gui_auth_conf: '' + admin_gui_auth_conf: {} smtp: enabled: false portal_emails_from: none@example.com @@ -251,8 +267,18 @@ enterprise: # Set runMigrations to run Kong migrations runMigrations: true +# update strategy +updateStrategy: {} + # type: RollingUpdate + # rollingUpdate: + # maxSurge: "100%" + # maxUnavailable: "0%" + # Specify Kong configurations # Kong configurations guide https://getkong.org/docs/latest/configuration/ +# Values here take precedence over values from other sections of values.yaml, +# e.g. setting pg_user here will override the value normally set when postgresql.enabled +# is set below. In general, you should not set values here if they are set elsewhere. env: database: postgres proxy_access_log: /dev/stdout @@ -318,6 +344,11 @@ podAnnotations: {} # Kong pod count replicaCount: 1 +# Kong Pod Disruption Budget +podDisruptionBudget: + enabled: false + maxUnavailable: "50%" + # Kong has a choice of either Postgres or Cassandra as a backend datatstore. # This chart allows you to choose either of them with the `database.type` # parameter. Postgres is chosen by default. @@ -347,7 +378,7 @@ ingressController: enabled: false image: repository: kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller - tag: 0.4.0 + tag: 0.6.0 replicaCount: 1 livenessProbe: failureThreshold: 3 @@ -384,3 +415,30 @@ ingressController: name: ingressClass: kong + + podDisruptionBudget: + enabled: false + maxUnavailable: "50%" + +# We pass the dbless (declarative) config over here. +dblessConfig: + # Either Kong's configuration is managed from an existing ConfigMap (with Key: kong.yml) + configMap: "" + # Or the configuration is passed in full-text below + config: + _format_version: "1.1" + services: + # Example configuration + # - name: example.com + # url: http://example.com + # routes: + # - name: example + # paths: + # - "/example" + +serviceMonitor: + # Specifies whether ServiceMonitor for Prometheus operator should be created + enabled: false + # interval: 10s + # Specifies namespace, where ServiceMonitor should be installed + # namespace: monitoring diff --git a/ric-infra/30-Kong/helm/kong/requirements.yaml b/ric-infra/30-Kong/helm/kong/requirements.yaml index 2587ea7e..d41853fd 100644 --- a/ric-infra/30-Kong/helm/kong/requirements.yaml +++ b/ric-infra/30-Kong/helm/kong/requirements.yaml @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -18,4 +17,4 @@ dependencies: - name: kong repository: '@stable' - version: ~0.12.2 \ No newline at end of file + version: ~0.17.0 diff --git a/ric-infra/30-Kong/helm/kong/values.yaml b/ric-infra/30-Kong/helm/kong/values.yaml index 2cab0bc5..9bec10cf 100644 --- a/ric-infra/30-Kong/helm/kong/values.yaml +++ b/ric-infra/30-Kong/helm/kong/values.yaml @@ -1,3 +1,19 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + # Default values for kong_platform. # This is a YAML-formatted file. # Declare variables to be passed into your templates. diff --git a/ric-infra/45-Tiller/helm/xapp-tiller/templates/deployment-tiller.yaml b/ric-infra/45-Tiller/helm/xapp-tiller/templates/deployment-tiller.yaml index 6b1e8e88..ddc96773 100644 --- a/ric-infra/45-Tiller/helm/xapp-tiller/templates/deployment-tiller.yaml +++ b/ric-infra/45-Tiller/helm/xapp-tiller/templates/deployment-tiller.yaml @@ -114,7 +114,7 @@ subjects: namespace: {{ $deployNameSpace }} {{- end }} --- -apiVersion: extensions/v1beta1 +apiVersion: apps/v1 kind: Deployment metadata: labels: @@ -124,6 +124,10 @@ metadata: namespace: {{ $deployNameSpace }} spec: replicas: 1 + selector: + matchLabels: + app: helm + name: tiller template: metadata: labels: diff --git a/ric-infra/README.md b/ric-infra/README.md index 487bfb7c..80b46d77 100644 --- a/ric-infra/README.md +++ b/ric-infra/README.md @@ -8,9 +8,11 @@ Such a development cluster is mimicking a closed field-trial environment. ### Directory Structure . ├── 00-Kubernetes Contains scripts to deploy K8S cluster -├── 10-Nexus Contains scripts and helm charts to deploy the docker registry and helm repo -├── 20-Monitoring Helm charts for installed ELFK stack +├── 15-Chartmuseum Contains scripts and helm charts to deploy the Helm chart museum +├── 20-Monitoring Helm charts for installing ELFK stack +├── 30-Kong Helm charts for installing Kong Proxy/Ingress Controller ├── 40-Credential Helm charts to onboard credential and secrets for docker registry and helm repo +├── 45-Tiller └── README.md This file @@ -20,31 +22,34 @@ $ # Modify the configuration files in ./00-Kubernetes/etc/ $ . ./00-Kubernetes/bin/install ``` -### To deploy Nexus repo manager + +### To deploy the Chartmuseum ```sh -$ # Modify the configuration files in ./10-Nexus/etc/ -$ . ./10-Nexus/bin/install +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +$ #. ./15-Chartmuseum/bin/install -f YOUR_OVERRIDE_FILE +$ # To uninstall, +$ . ./15-Chartmuseum/bin/uninstall ``` -### Nexus Deployment Options -You can configure the Helm release name, Kubernetes namespace, and specify ingress controller port using configuration -files located in ./10-Nexus/etc/ - -In the one-click deployment solution, the above setting will be overrided by environment variables shown below. -*RICINFRA_RELEASE_NAME -*RICINFRA_NAMESPACE -*INGRESS_PORT - +### To deploy ELFK stack +```sh +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +$ . ./20-Monitoring/bin/install -f YOUR_OVERRIDE_FILE +$ # To uninstall, +$ . ./20-Monitoring/bin/uninstall +``` -### Passing credential to RIC -The installation process of the Nexus repo manager will generate certificates and credential for docker registry and -helm repo. -### To deploy ELFK stack +### To deploy Kong ```sh -$ # Modify the configuration files in ./20-Monitoring/etc/ -$ . ./20-Monitoring/bin/install +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +$ . ./30-Kong/bin/install -f YOUR_OVERRIDE_FILE +$ # To uninstall, +$ . ./30-Kong/bin/uninstall ``` @@ -62,5 +67,12 @@ You can configure the Helm release name, Kubernetes namespace using configuratio Please make sure that the namespace is the same one as the one used for RIC platform components. +### To deploy an additional Tiller for xapp deployment +```sh +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_INFRA_RECIPE_EXAMPLE +$ . ./45-Tiller/bin/install -f YOUR_OVERRIDE_FILE +$ # To uninstall, +$ . ./45-Tiller/bin/uninstall +``` -TODO: Fill in the details about how to pass the credential to RIC diff --git a/ric-platform/50-RIC-Platform/bin/install b/ric-platform/50-RIC-Platform/bin/install index 83c71822..c49d1875 100755 --- a/ric-platform/50-RIC-Platform/bin/install +++ b/ric-platform/50-RIC-Platform/bin/install @@ -48,7 +48,7 @@ GLOBAL_BLOCK=$(cat $OVERRIDEYAML | awk '/^global:/{getline; while ($0 ~ /^ +.*|^ NAMESPACE_BLOCK=$(cat $OVERRIDEYAML | awk '/^ namespace:/{getline; while ($0 ~ /^ .*|^ *$/) {print $0; if (getline == 0) {break}}}') NAMESPACE=$(echo "$NAMESPACE_BLOCK" | awk '/^ *platform:/{print $2}') RELEASE_PREFIX=$(echo "$GLOBAL_BLOCK" | awk '/^ *releasePrefix:/{print $2}') -COMPONENTS=${LIST_OF_COMPONENTS:-"appmgr rtmgr dbaas e2mgr e2term a1mediator submgr vespamgr"} +COMPONENTS=${LIST_OF_COMPONENTS:-"appmgr rtmgr e2mgr e2term a1mediator submgr vespamgr jaegeradapter"} echo "Deploying RIC infra components [$COMPONENTS]" diff --git a/ric-platform/50-RIC-Platform/bin/uninstall b/ric-platform/50-RIC-Platform/bin/uninstall index f991eac0..bad70194 100755 --- a/ric-platform/50-RIC-Platform/bin/uninstall +++ b/ric-platform/50-RIC-Platform/bin/uninstall @@ -16,7 +16,7 @@ # limitations under the License. # ################################################################################ -COMPONENTS="appmgr rtmgr dbaas e2mgr e2term a1mediator submgr vespamgr" +COMPONENTS="appmgr rtmgr e2mgr e2term a1mediator submgr vespamgr jaegeradapter" echo "Undeploying RIC platform components [$COMPONENTS]" diff --git a/ric-platform/50-RIC-Platform/helm/a1mediator/templates/ingress-a1mediator.yaml b/ric-platform/50-RIC-Platform/helm/a1mediator/templates/ingress-a1mediator.yaml index 06e70b88..8a047440 100644 --- a/ric-platform/50-RIC-Platform/helm/a1mediator/templates/ingress-a1mediator.yaml +++ b/ric-platform/50-RIC-Platform/helm/a1mediator/templates/ingress-a1mediator.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ include "common.ingressname.a1mediator" . }} diff --git a/ric-platform/50-RIC-Platform/helm/appmgr/templates/ingress-appmgr.yaml b/ric-platform/50-RIC-Platform/helm/appmgr/templates/ingress-appmgr.yaml index 5bc0e948..e515d12e 100644 --- a/ric-platform/50-RIC-Platform/helm/appmgr/templates/ingress-appmgr.yaml +++ b/ric-platform/50-RIC-Platform/helm/appmgr/templates/ingress-appmgr.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ include "common.ingressname.appmgr" . }} diff --git a/ric-platform/50-RIC-Platform/helm/appmgr/templates/serviceaccount.yaml b/ric-platform/50-RIC-Platform/helm/appmgr/templates/serviceaccount.yaml index 4fd198bc..96da29ab 100644 --- a/ric-platform/50-RIC-Platform/helm/appmgr/templates/serviceaccount.yaml +++ b/ric-platform/50-RIC-Platform/helm/appmgr/templates/serviceaccount.yaml @@ -48,7 +48,7 @@ metadata: namespace: {{ include "common.tillerNameSpace" $ctx }} rules: - apiGroups: [""] - resources: ["configmaps"] + resources: ["configmaps", "endpoints"] verbs: ["get"] --- apiVersion: rbac.authorization.k8s.io/v1beta1 diff --git a/ric-platform/50-RIC-Platform/helm/dbaas/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/dbaas/templates/deployment.yaml deleted file mode 100644 index 7095b184..00000000 --- a/ric-platform/50-RIC-Platform/helm/dbaas/templates/deployment.yaml +++ /dev/null @@ -1,55 +0,0 @@ -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.deploymentname.dbaas" . }} - namespace: {{ include "common.namespace.platform" . }} - labels: - app: {{ include "common.namespace.platform" . }}-{{ include "common.name.dbaas" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.dbaas.backend.replicas }} - selector: - matchLabels: - app: {{ include "common.namespace.platform" . }}-{{ include "common.name.dbaas" . }} - release: {{ .Release.Name }} - template: - metadata: - {{- if .Values.dbaas.annotations }} - annotations: - {{- .Values.dbaas.annotations | nindent 8 -}} - {{ end }} - labels: - app: {{ include "common.namespace.platform" . }}-{{ include "common.name.dbaas" . }} - release: {{ .Release.Name }} - spec: - imagePullSecrets: - - name: {{ include "common.repositoryCred" . }} - terminationGracePeriodSeconds: {{ .Values.dbaas.backend.terminationGracePeriodSeconds }} - containers: - - image: {{ include "common.repository" . }}/{{ .Values.dbaas.backend.image.name }}:{{ .Values.dbaas.backend.image.tag }} - imagePullPolicy: {{ include "common.pullPolicy" . }} - ports: - - containerPort: {{ include "common.serviceport.dbaas.tcp" . }} - name: sql - protocol: TCP - name: {{ include "common.containername.dbaas" . }} - restartPolicy: Always diff --git a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/configmap.yaml b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/configmap.yaml index a60f35d2..04dc74dc 100644 --- a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/configmap.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/configmap.yaml @@ -28,10 +28,15 @@ data: rte|1080|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|1090|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|1100|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} + rte|1200|{{ include "common.servicename.rsm.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.rsm.rmr.data" . }} + rte|1210|{{ include "common.servicename.rsm.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.rsm.rmr.data" . }} + rte|1220|{{ include "common.servicename.rsm.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.rsm.rmr.data" . }} rte|10020|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10060|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|10061|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10062|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} + rte|10070|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} + rte|10071|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|10080|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10360|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|10361|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} @@ -41,11 +46,69 @@ data: rte|12010|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|12020|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|20001|{{ include "common.servicename.a1mediator.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.a1mediator.rmr.data" . }} - rte|12011|service-admin-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12012|service-admin-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12021|service-admin-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12022|service-admin-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12050|service-admin-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|20000|service-admin-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 newrt|end +--- + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.configmapname.e2mgr" . }}-configuration-configmap + namespace: {{ include "common.namespace.platform" . }} +data: + configuration.yaml: | + logging: + {{- if hasKey .Values.e2mgr "logLevel" }} + logLevel: {{ .Values.e2mgr.logLevel }} + {{- else }} + logLevel: "info" + {{- end }} + http: + {{- if hasKey .Values.e2mgr "httpPort" }} + port: {{ .Values.e2mgr.httpPort }} + {{- else }} + port: 3800 + {{- end }} + rmr: + {{- if hasKey .Values.e2mgr "rmrPort" }} + port: {{ .Values.e2mgr.rmrPort }} + {{- else }} + port: 3801 + {{- end }} + {{- if hasKey .Values.e2mgr "maxMsgSize" }} + maxMsgSize: {{ .Values.e2mgr.maxMsgSize }} + {{- else }} + maxMsgSize: 4096 + {{- end }} + + {{- if hasKey .Values.e2mgr "notificationResponseBuffer" }} + notificationResponseBuffer: {{ .Values.e2mgr.notificationResponseBuffer }} + {{- else }} + notificationResponseBuffer: 100 + {{- end }} + + {{- if hasKey .Values.e2mgr "bigRedButtonTimeoutSec" }} + bigRedButtonTimeoutSec: {{ .Values.e2mgr.bigRedButtonTimeoutSec }} + {{- else }} + bigRedButtonTimeoutSec: 5 + {{- end }} + + {{- if hasKey .Values.e2mgr "maxConnectionAttempts" }} + maxConnectionAttempts: {{ .Values.e2mgr.maxConnectionAttempts }} + {{- else }} + maxConnectionAttempts: 3 + {{- end }} + + {{- if hasKey .Values.e2mgr "maxRnibConnectionAttempts" }} + maxRnibConnectionAttempts: {{ .Values.e2mgr.maxRnibConnectionAttempts }} + {{- else }} + maxRnibConnectionAttempts: 3 + {{- end }} + + {{- if hasKey .Values.e2mgr "rnibRetryIntervalMs" }} + rnibRetryIntervalMs: {{ .Values.e2mgr.rnibRetryIntervalMs }} + {{- else }} + rnibRetryIntervalMs: 10 + {{- end }} + +--- diff --git a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/deployment.yaml index fb27c755..446bb9e0 100644 --- a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/deployment.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/deployment.yaml @@ -52,6 +52,9 @@ spec: - mountPath: /opt/E2Manager/router.txt name: local-router-file subPath: router.txt + - mountPath: /opt/E2Manager/resources/configuration.yaml + name: local-configuration-file + subPath: configuration.yaml envFrom: - configMapRef: name: {{ include "common.configmapname.e2mgr" . }}-env @@ -70,3 +73,6 @@ spec: - name: local-router-file configMap: name: {{ include "common.configmapname.e2mgr" . }}-router-configmap + - name: local-configuration-file + configMap: + name: {{ include "common.configmapname.e2mgr" . }}-configuration-configmap diff --git a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/env.yaml b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/env.yaml index dd70a68a..3c95c5b7 100644 --- a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/env.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/env.yaml @@ -24,6 +24,7 @@ data: DBAAS_PORT_6379_TCP_ADDR: {{ include "common.servicename.dbaas.tcp" . | quote }} DBAAS_PORT_6379_TCP_PORT: {{ include "common.serviceport.dbaas.tcp" . | quote }} RMR_RTG_SVC: {{ include "common.serviceport.e2mgr.rmr.route" . | quote }} + RMR_SRC_ID: {{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }} RIC_ID: "{{ .Values.e2mgr.env.RIC_ID }}" #nano: {{ include "common.serviceport.e2mgr.rmr.data" . | quote }} diff --git a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/ingress-e2mgr.yaml b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/ingress-e2mgr.yaml index 51764871..015aff27 100644 --- a/ric-platform/50-RIC-Platform/helm/e2mgr/templates/ingress-e2mgr.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2mgr/templates/ingress-e2mgr.yaml @@ -1,4 +1,4 @@ -apiVersion: extensions/v1beta1 +apiVersion: networking.k8s.io/v1beta1 kind: Ingress metadata: name: {{ include "common.ingressname.e2mgr" . }} diff --git a/ric-platform/50-RIC-Platform/helm/e2term/resources/cleaner.sh b/ric-platform/50-RIC-Platform/helm/e2term/resources/cleaner.sh new file mode 100644 index 00000000..f297fd73 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/e2term/resources/cleaner.sh @@ -0,0 +1,25 @@ +#!/bin/sh +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +( +echo "$0 cleaning old files under $1 older than $2 days" > /tmp/cleaner.log +while true; do + find $1 -type f -mtime +$2 -delete + sleep 86400 +done +) >/dev/null 2>&1 & +disown -a diff --git a/ric-platform/50-RIC-Platform/helm/e2term/resources/configfile.properties b/ric-platform/50-RIC-Platform/helm/e2term/resources/configfile.properties new file mode 100644 index 00000000..f83a8152 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/e2term/resources/configfile.properties @@ -0,0 +1,18 @@ +Processors: pub +pub.Class: com.att.research.basin.pubsubx.Publisher +pub.Threads: 2 +pub.PublishURL: {{ .Values.e2term.pizpub.publishURL }} +pub.User: {{ .Values.e2term.pizpub.user }} +pub.Password: {{ .Values.e2term.pizpub.password }} +pub.meta.feed_id: {{ .Values.e2term.pizpub.feedId }} +pub.meta.version: 1 +pub.meta.splits: 1 +Factories: scanner +scanner.Class: com.att.research.basin.pubsubx.FileScanner +scanner.Destination: pub +scanner.Directory: {{ .Values.e2term.pizpub.dataRootDir }}/{{ .Values.e2term.pizpub.scanDirectory }} +scanner.MinAgeSeconds: 10 +scanner.ScanIntervalSeconds: 10 +scanner.DeleteOrGZip: delete +scanner.LinkDirectory: {{ .Values.e2term.pizpub.dataRootDir }}/{{ .Values.e2term.pizpub.processedDirectory }} +scanner.meta.record_count: countNewLines diff --git a/ric-platform/50-RIC-Platform/helm/e2term/resources/pizpub.crontab b/ric-platform/50-RIC-Platform/helm/e2term/resources/pizpub.crontab new file mode 100644 index 00000000..a798dfed --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/e2term/resources/pizpub.crontab @@ -0,0 +1,18 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +# +0 * * * * find {{ .Values.dataRootDir }}/{{ .Values.processedDirectory }} -type f -mtime +3 -delete diff --git a/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap-pizpub.yaml b/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap-pizpub.yaml new file mode 100644 index 00000000..a6698341 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap-pizpub.yaml @@ -0,0 +1,24 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ +{{ if .Values.e2term.pizpub.enabled }} +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.configmapname.e2term" . }}-pizpub + namespace: {{ include "common.namespace.platform" . }} +data: +{{ tpl (.Files.Glob "resources/*").AsConfig . | indent 2 }} +{{ end }} diff --git a/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap.yaml b/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap.yaml index bfd13380..316a64ec 100644 --- a/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2term/templates/configmap.yaml @@ -27,12 +27,17 @@ data: newrt|start rte|1080|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|1090|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} - rte|1100|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} + rte|1100|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10020|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10060|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|10061|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10062|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} + rte|10030|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} + rte|10070|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} + rte|10071|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10080|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} + rte|10091|{{ include "common.servicename.rsm.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.rsm.rmr.data" . }} + rte|10092|{{ include "common.servicename.rsm.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.rsm.rmr.data" . }} rte|10360|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|10361|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} rte|10362|{{ include "common.servicename.e2mgr.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2mgr.rmr.data" . }} @@ -41,11 +46,14 @@ data: rte|12010|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|12020|{{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.e2term.rmr.data" . }} rte|20001|{{ include "common.servicename.a1mediator.rmr" . }}.{{ include "common.namespace.platform" . }}:{{ include "common.serviceport.a1mediator.rmr.data" . }} - rte|12011|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12050|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12012|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12021|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12022|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|12050|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 - rte|20000|service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12011|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12050|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12012|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12021|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12022|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12041|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12042|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|12050|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 + rte|20000|service-ricxapp-ueec-rmr.{{ include "common.namespace.xapp" . }}:4560;service-admission-ctrl-xapp-rmr.{{ include "common.namespace.xapp" . }}:4560 newrt|end + diff --git a/ric-platform/50-RIC-Platform/helm/e2term/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/e2term/templates/deployment.yaml index 03d66035..feab4260 100644 --- a/ric-platform/50-RIC-Platform/helm/e2term/templates/deployment.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2term/templates/deployment.yaml @@ -46,6 +46,9 @@ spec: dnsPolicy: ClusterFirstWithHostNet imagePullSecrets: - name: {{ include "common.repositoryCred" . }} + {{- with .Values.e2term.nodeselector }} + nodeSelector: {{ toYaml . | trim | nindent 8 -}} + {{- end }} containers: - name: {{ include "common.containername.e2term" . }} image: {{ include "common.repository" . }}/{{ .Values.e2term.image.name }}:{{ .Values.e2term.image.tag }} @@ -54,6 +57,19 @@ spec: - mountPath: /opt/e2/router.txt name: local-router-file subPath: router.txt + - mountPath: /tmp/rmr_verbose + name: local-router-file + subPath: rmr_verbose +{{ if .Values.e2term.pizpub.enabled }} + - mountPath: "{{ .Values.e2term.env.messagecollectorfile }}" + name: vol-shared + readOnly: false + subPath: "{{ .Values.e2term.pizpub.scanDirectory }}" +{{ else }} + - mountPath: "{{ .Values.e2term.env.messagecollectorfile }}" + name: vol-shared + readOnly: false +{{ end }} envFrom: - configMapRef: name: {{ include "common.configmapname.e2term" . }}-env @@ -66,7 +82,38 @@ spec: tty: true securityContext: privileged: {{ .Values.e2term.privilegedmode }} + +{{ if .Values.e2term.pizpub.enabled }} + - name: {{ include "common.containername.e2term" . }}-pizpub + image: {{ include "common.repository" . }}/{{ .Values.e2term.pizpub.imageName }}:{{ .Values.e2term.pizpub.imageVersion }} + imagePullPolicy: {{ include "common.pullPolicy" . }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: "{{ .Values.e2term.pizpub.dataRootDir }}" + name: vol-shared + readOnly: false + - name: pizpub-config + mountPath: /opt/app/config/conf/ + lifecycle: + postStart: + exec: + command: ["/bin/sh", "/opt/app/config/conf/cleaner.sh", "{{ .Values.e2term.pizpub.dataRootDir }}/{{ .Values.e2term.pizpub.processedDirectory }}", "3"] +{{ end }} volumes: - name: local-router-file configMap: name: {{ include "common.configmapname.e2term" . }}-router-configmap +{{ if .Values.e2term.pizpub.enabled }} + - name: localtime + hostPath: + path: /etc/localtime + - name: pizpub-config + configMap: + name: {{ include "common.configmapname.e2term" . }}-pizpub +{{ end }} + - name: vol-shared + persistentVolumeClaim: + claimName: {{ include "common.pvcname.e2term" . }} + diff --git a/ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pv.yaml b/ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pv.yaml new file mode 100644 index 00000000..2f461320 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pv.yaml @@ -0,0 +1,31 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################1 +{{if eq .Values.e2term.storageClassName "local-storage" }} +apiVersion: v1 +kind: PersistentVolume +metadata: + name: {{ include "common.pvname.e2term" . }} + labels: + type: local +spec: + storageClassName: {{ .Values.e2term.storageClassName }} + capacity: + storage: {{ .Values.e2term.dataVolSize }} + accessModes: + - ReadWriteOnce + hostPath: + path: /mnt/{{ include "common.pvname.e2term" . }} +{{ end }} diff --git a/ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pvc.yaml b/ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pvc.yaml new file mode 100644 index 00000000..df01541b --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/e2term/templates/e2term-pvc.yaml @@ -0,0 +1,28 @@ +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.pvcname.e2term" . }} +spec: + accessModes: + - ReadWriteOnce + resources: + requests: + storage: {{ .Values.e2term.dataVolSize }} + storageClassName: {{ .Values.e2term.storageClassName }} + #volumeName: {{ include "common.pvname.e2term" . }} diff --git a/ric-platform/50-RIC-Platform/helm/e2term/templates/env.yaml b/ric-platform/50-RIC-Platform/helm/e2term/templates/env.yaml index 2183db15..aa2ae948 100644 --- a/ric-platform/50-RIC-Platform/helm/e2term/templates/env.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2term/templates/env.yaml @@ -22,10 +22,12 @@ data: DBAAS_SERVICE_HOST: {{ include "common.servicename.dbaas.tcp" . | quote }} DBAAS_SERVICE_PORT: {{ include "common.serviceport.dbaas.tcp" . | quote }} DBAAS_PORT_6379_TCP_ADDR: {{ include "common.servicename.dbaas.tcp" . | quote }} - DBAAS_PORT_6379_TCP_PORT: {{ include "common.serviceport.dbaas.tcp" . | quote }} + DBAAS_PORT_6379_TCP_PORT: {{ include "common.serviceport.dbaas.tcp" . | quote }} + RMR_SRC_ID: {{ include "common.servicename.e2term.rmr" . }}.{{ include "common.namespace.platform" . }} RMR_RTG_SVC: {{ include "common.serviceport.e2term.rmr.route" . | quote }} RMR_SEED_RT: "router.txt" RMR_VCTL_FILE: "/tmp/rmr_verbose" sctp: {{ include "common.serviceport.e2term.sctp" . | quote }} nano: {{ include "common.serviceport.e2term.rmr.data" . | quote }} print: "{{ .Values.e2term.env.print }}" + volume: "{{ .Values.e2term.env.messagecollectorfile }}" diff --git a/ric-platform/50-RIC-Platform/helm/e2term/values.yaml b/ric-platform/50-RIC-Platform/helm/e2term/values.yaml index f58b1107..d8ff8f69 100644 --- a/ric-platform/50-RIC-Platform/helm/e2term/values.yaml +++ b/ric-platform/50-RIC-Platform/helm/e2term/values.yaml @@ -44,8 +44,26 @@ e2term: replicaCount: 1 env: print: "1" - + messagecollectorfile: "/data/outgoing/" # Service ports are now defined in # ric-common/Common-Template/helm/ric-common/templates/_ports.tpl file. # If need to change a service port, make the code change necessary, then # update the _ports.tpl file with the new port number. + + dataVolSize: 100Mi + storageClassName: local-storage + #storageClassName: ric-storage-class + + pizpub: + enabled: true + nsPrefix: ric + imageVersion: 0.0.5155 + imageName: pizpub + publishURL: "https://feeds-drtr.web.att.com/publish/3641" + user: "m14983@ric.att.com" + password: "pizPub01!" + feedId: 3641 + dataRootDir: "/data" + scanDirectory: "outgoing" + processedDirectory: "sent" + diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/.helmignore b/ric-platform/50-RIC-Platform/helm/jaegeradapter/.helmignore new file mode 100644 index 00000000..d29b3993 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/.helmignore @@ -0,0 +1,37 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# Copyright (c) 2019 Nokia. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/Chart.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/Chart.yaml new file mode 100644 index 00000000..91fe7fcf --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/Chart.yaml @@ -0,0 +1,19 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +appVersion: "1.0" +description: A Helm chart for Kubernetes +name: jaegeradapter +version: 0.1.0 diff --git a/ric-platform/50-RIC-Platform/helm/dbaas/requirements.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/requirements.yaml similarity index 92% rename from ric-platform/50-RIC-Platform/helm/dbaas/requirements.yaml rename to ric-platform/50-RIC-Platform/helm/jaegeradapter/requirements.yaml index 2ab71b4e..f8e2a9af 100644 --- a/ric-platform/50-RIC-Platform/helm/dbaas/requirements.yaml +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/requirements.yaml @@ -1,6 +1,5 @@ ################################################################################ # Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -17,4 +16,5 @@ dependencies: - name: ric-common - version: ~2.0.0 + version: ~2.0.7 + diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/agent-service.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/agent-service.yaml new file mode 100644 index 00000000..13b44cb4 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/agent-service.yaml @@ -0,0 +1,43 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename.jaegeradapter.agent" . }} + namespace: {{ include "common.namespace.platform" . }} + labels: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: ClusterIP + ports: + - name: {{ include "common.portname.jaegeradapter.zipkincompact" . }} + port: {{ include "common.serviceport.jaegeradapter.zipkincompact" . }} + protocol: UDP + targetPort: {{ include "common.serviceport.jaegeradapter.zipkincompact" . }} + - name: {{ include "common.portname.jaegeradapter.jaegercompact" . }} + port: {{ include "common.serviceport.jaegeradapter.jaegercompact" . }} + protocol: UDP + targetPort: {{ include "common.serviceport.jaegeradapter.jaegercompact" . }} + - name: {{ include "common.portname.jaegeradapter.jaegerbinary" . }} + port: {{ include "common.serviceport.jaegeradapter.jaegerbinary" . }} + protocol: UDP + targetPort: {{ include "common.serviceport.jaegeradapter.jaegerbinary" . }} + selector: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + release: {{ .Release.Name }} + diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/collector-service.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/collector-service.yaml new file mode 100644 index 00000000..130055c7 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/collector-service.yaml @@ -0,0 +1,43 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename.jaegeradapter.collector" . }} + namespace: {{ include "common.namespace.platform" . }} + labels: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: ClusterIP + ports: + - name: {{ include "common.portname.jaegeradapter.jaegerhttpt" . }} + port: {{ include "common.serviceport.jaegeradapter.jaegerhttpt" . }} + protocol: TCP + targetPort: {{ include "common.serviceport.jaegeradapter.jaegerhttpt" . }} + - name: {{ include "common.portname.jaegeradapter.jaegerhttp" . }} + port: {{ include "common.serviceport.jaegeradapter.jaegerhttp" . }} + protocol: TCP + targetPort: {{ include "common.serviceport.jaegeradapter.jaegerhttp" . }} + - name: {{ include "common.portname.jaegeradapter.zipkinhttp" . }} + port: {{ include "common.serviceport.jaegeradapter.zipkinhttp" . }} + protocol: TCP + targetPort: {{ include "common.serviceport.jaegeradapter.zipkinhttp" . }} + selector: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + release: {{ .Release.Name }} + diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/deployment.yaml new file mode 100644 index 00000000..a80c0d6d --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/deployment.yaml @@ -0,0 +1,84 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1 +kind: Deployment +metadata: + name: {{ include "common.deploymentname.jaegeradapter" . }} + namespace: {{ include "common.namespace.platform" . }} + labels: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.jaegeradapter.replicaCount }} + selector: + matchLabels: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + release: {{ .Release.Name }} + template: + metadata: + {{- if .Values.jaegeradapter.annotations }} + annotations: + {{- .Values.jaegeradapter.annotations | nindent 8 -}} + {{ end }} + labels: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + release: {{ .Release.Name }} + spec: + hostname: {{ include "common.name.jaegeradapter" . }} + imagePullSecrets: + - name: {{ include "common.repositoryCred" . }} + containers: + - name: {{ include "common.containername.jaegeradapter" . }} + image: {{ include "common.repository" . }}/{{ .Values.jaegeradapter.image.name }}:{{ .Values.jaegeradapter.image.tag }} + imagePullPolicy: {{ include "common.pullPolicy" . }} + envFrom: + - configMapRef: + name: {{ include "common.configmapname.jaegeradapter" . }} + ports: + - name: {{ include "common.portname.jaegeradapter.zipkincompact" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.zipkincompact" . }} + protocol: UDP + - name: {{ include "common.portname.jaegeradapter.jaegercompact" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.jaegercompact" . }} + protocol: UDP + - name: {{ include "common.portname.jaegeradapter.jaegerbinary" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.jaegerbinary" . }} + protocol: UDP + - name: {{ include "common.portname.jaegeradapter.httpquery" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.httpquery" . }} + protocol: TCP + - name: {{ include "common.portname.jaegeradapter.httpconfig" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.httpconfig" . }} + protocol: TCP + - name: {{ include "common.portname.jaegeradapter.zipkinhttp" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.zipkinhttp" . }} + protocol: TCP + - name: {{ include "common.portname.jaegeradapter.jaegerhttp" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.jaegerhttp" . }} + protocol: TCP + - name: {{ include "common.portname.jaegeradapter.jaegerhttpt" . }} + containerPort: {{ include "common.serviceport.jaegeradapter.jaegerhttpt" . }} + protocol: TCP + livenessProbe: + httpGet: + path: / + port: {{ include "common.serviceport.jaegeradapter.httpquery" . }} + readinessProbe: + httpGet: + path: / + port: {{ include "common.serviceport.jaegeradapter.httpquery" . }} + initialDelaySeconds: 5 diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/env.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/env.yaml new file mode 100644 index 00000000..e21b8d9f --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/env.yaml @@ -0,0 +1,11 @@ +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.configmapname.jaegeradapter" . }} + namespace: {{ include "common.namespace.platform" . }} +data: + TRACING_ENABLED: "0" + TRACING_JAEGER_SAMPLER_TYPE: "const" + TRACING_JAEGER_SAMPLER_PARAM: "1" + TRACING_JAEGER_AGENT_ADDR: {{ include "common.servicename.jaegeradapter.agent" . }}.{{ include "common.namespace.platform" . }} + TRACING_JAEGER_LOG_LEVEL: "error" diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/query-service.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/query-service.yaml new file mode 100644 index 00000000..dc0f6ba7 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/templates/query-service.yaml @@ -0,0 +1,35 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename.jaegeradapter.query" . }} + namespace: {{ include "common.namespace.platform" . }} + labels: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: ClusterIP + ports: + - name: {{ include "common.portname.jaegeradapter.httpquery" . }} + port: {{ include "common.serviceport.jaegeradapter.httpquery" . }} + protocol: TCP + targetPort: {{ include "common.serviceport.jaegeradapter.httpquery" . }} + selector: + app: {{ include "common.namespace.platform" . }}-{{ include "common.name.jaegeradapter" . }} + release: {{ .Release.Name }} + diff --git a/ric-platform/50-RIC-Platform/helm/jaegeradapter/values.yaml b/ric-platform/50-RIC-Platform/helm/jaegeradapter/values.yaml new file mode 100644 index 00000000..664f82e2 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/jaegeradapter/values.yaml @@ -0,0 +1,38 @@ +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for jaeger-all-in-one. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +repository: "nexus3.o-ran-sc.org:10004" +imagePullPolicy: IfNotPresent +repositoryCred: docker-reg-cred + +jaegeradapter: + replicaCount: 1 + + repositoryOverride: docker.io + image: + name: jaegertracing/all-in-one + tag: 1.12 + pullPolicy: IfNotPresent + + nameOverride: "" + fullnameOverride: "" + + ingress: + enabled: false + annotations: {} + tls: [] diff --git a/ric-platform/50-RIC-Platform/helm/rtmgr/templates/config.yaml b/ric-platform/50-RIC-Platform/helm/rtmgr/templates/config.yaml index 0214fc3b..6b3f5796 100644 --- a/ric-platform/50-RIC-Platform/helm/rtmgr/templates/config.yaml +++ b/ric-platform/50-RIC-Platform/helm/rtmgr/templates/config.yaml @@ -33,17 +33,17 @@ data: [ { "name": "E2TERM", - "fqdn": "{{ include "common.servicename.e2term.rmr" . }}", + "fqdn": "{{ printf "%s.%s" (include "common.servicename.e2term.rmr" .) (include "common.namespace.platform" .) }}", "port": {{ include "common.serviceport.e2term.rmr.data" . }} }, { "name": "SUBMAN", - "fqdn": "{{ include "common.servicename.submgr.rmr" . }}", + "fqdn": "{{ printf "%s.%s" (include "common.servicename.submgr.rmr" .) (include "common.namespace.platform" .) }}", "port": {{ include "common.serviceport.submgr.rmr.data" . }} }, { "name": "E2MAN", - "fqdn": "{{ include "common.servicename.e2mgr.rmr" . }}", + "fqdn": "{{ printf "%s.%s" (include "common.servicename.e2mgr.rmr" .) (include "common.namespace.platform" .) }}", "port": {{ include "common.serviceport.e2mgr.rmr.data" . }} } ] diff --git a/ric-platform/50-RIC-Platform/helm/rtmgr/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/rtmgr/templates/deployment.yaml index 592309eb..ee0878e5 100644 --- a/ric-platform/50-RIC-Platform/helm/rtmgr/templates/deployment.yaml +++ b/ric-platform/50-RIC-Platform/helm/rtmgr/templates/deployment.yaml @@ -59,6 +59,8 @@ spec: name: rtmgrcfg readOnly: true ports: + - name: "http" + containerPort: {{ include "common.serviceport.rtmgr.http" . }} - name: "rmrroute" containerPort: {{ include "common.serviceport.rtmgr.rmr.route" . }} - name: "rmrdata" diff --git a/ric-platform/50-RIC-Platform/helm/submgr/templates/configmap.yaml b/ric-platform/50-RIC-Platform/helm/submgr/templates/configmap.yaml new file mode 100644 index 00000000..a8ee3866 --- /dev/null +++ b/ric-platform/50-RIC-Platform/helm/submgr/templates/configmap.yaml @@ -0,0 +1,35 @@ +#================================================================================== +# Copyright (c) 2019 AT&T Intellectual Property. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +#================================================================================== +apiVersion: v1 +kind: ConfigMap +metadata: + name: submgrcfg + namespace: ricplt +data: + # FQDN and port info of rtmgr + submgrcfg: | + "local": + "host": ":8080" + "logger": + "level": 3 + "rmr": + "protPort" : "tcp:4560" + "maxSize": 2072 + "numWorkers": 1 + "rtmgr": + "hostAddr": {{ include "common.servicename.rtmgr.http" . | quote }} + "port" : {{ include "common.serviceport.rtmgr.http" . }} + "baseUrl" : "/ric/v1" diff --git a/ric-platform/50-RIC-Platform/helm/submgr/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/submgr/templates/deployment.yaml index 2c66c7bf..ff759944 100644 --- a/ric-platform/50-RIC-Platform/helm/submgr/templates/deployment.yaml +++ b/ric-platform/50-RIC-Platform/helm/submgr/templates/deployment.yaml @@ -67,3 +67,15 @@ spec: - name: rmrdata containerPort: {{ include "common.serviceport.submgr.rmr.data" . }} protocol: TCP + volumeMounts: + - name: config-volume + mountPath: /cfg + volumes: + - name: config-volume + configMap: + name: submgrcfg + items: + - key: submgrcfg + path: submgr-config.yaml + mode: 0644 + diff --git a/ric-platform/50-RIC-Platform/helm/submgr/templates/env.yaml b/ric-platform/50-RIC-Platform/helm/submgr/templates/env.yaml index 091207b5..9e656768 100644 --- a/ric-platform/50-RIC-Platform/helm/submgr/templates/env.yaml +++ b/ric-platform/50-RIC-Platform/helm/submgr/templates/env.yaml @@ -24,4 +24,6 @@ data: DBAAS_PORT_6379_TCP_ADDR: {{ include "common.servicename.dbaas.tcp" . | quote }} DBAAS_PORT_6379_TCP_PORT: {{ include "common.serviceport.dbaas.tcp" . | quote }} RMR_RTG_SVC: {{ include "common.serviceport.submgr.rmr.route" . | quote }} - + RMR_SRC_ID: {{ include "common.servicename.submgr.rmr" . }}.{{ include "common.namespace.platform" . }} + CFGFILE: "/cfg/submgr-config.yaml" + SUBMGR_SEED_SN: "1" diff --git a/ric-platform/50-RIC-Platform/helm/submgr/values.yaml b/ric-platform/50-RIC-Platform/helm/submgr/values.yaml index f911e477..b0f6d99d 100644 --- a/ric-platform/50-RIC-Platform/helm/submgr/values.yaml +++ b/ric-platform/50-RIC-Platform/helm/submgr/values.yaml @@ -28,6 +28,6 @@ submgr: image: name: ric-plt-submgr - tag: 0.1.1 + tag: 0.10.5 replicaCount: 1 diff --git a/ric-platform/50-RIC-Platform/helm/vespamgr/templates/deployment.yaml b/ric-platform/50-RIC-Platform/helm/vespamgr/templates/deployment.yaml index 8f053aa7..289045ce 100644 --- a/ric-platform/50-RIC-Platform/helm/vespamgr/templates/deployment.yaml +++ b/ric-platform/50-RIC-Platform/helm/vespamgr/templates/deployment.yaml @@ -42,6 +42,9 @@ spec: hostname: {{ include "common.name.vespamgr" . }} imagePullSecrets: - name: {{ include "common.repositoryCred" . }} + {{- with .Values.vespamgr.nodeselector }} + nodeSelector: {{ toYaml . | trim | nindent 8 -}} + {{- end }} containers: - name: {{ include "common.containername.vespamgr" . }} image: {{ include "common.repository" . }}/{{ .Values.vespamgr.image.name }}:{{ .Values.vespamgr.image.tag }} @@ -55,5 +58,14 @@ spec: name: {{ include "common.configmapname.vespamgr" . }} - secretRef: name: vespa-secrets - + env: + - name: VESMGR_APPMGRDOMAIN + value: appmgr-service + livenessProbe: + httpGet: + path: /supervision + port: 8080 + initialDelaySeconds: 30 + periodSeconds: 60 + timeoutSeconds: 20 diff --git a/ric-platform/50-RIC-Platform/helm/vespamgr/templates/secret.yaml b/ric-platform/50-RIC-Platform/helm/vespamgr/templates/secret.yaml index e3213187..3473c4b5 100644 --- a/ric-platform/50-RIC-Platform/helm/vespamgr/templates/secret.yaml +++ b/ric-platform/50-RIC-Platform/helm/vespamgr/templates/secret.yaml @@ -4,6 +4,5 @@ metadata: name: vespa-secrets type: Opaque data: - VESMGR_PRICOLLECTOR_USER: "" - VESMGR_PRICOLLECTOR_PASSWORD: "" - + VESMGR_PRICOLLECTOR_USER: "c2FtcGxlMQo=" + VESMGR_PRICOLLECTOR_PASSWORD: "c2FtcGxlMQo=" diff --git a/ric-platform/50-RIC-Platform/helm/vespamgr/values.yaml b/ric-platform/50-RIC-Platform/helm/vespamgr/values.yaml index 8485f46a..ffe1c1cb 100644 --- a/ric-platform/50-RIC-Platform/helm/vespamgr/values.yaml +++ b/ric-platform/50-RIC-Platform/helm/vespamgr/values.yaml @@ -29,7 +29,7 @@ vespamgr: image: name: ric-plt-vespamgr - tag: 0.0.1 + tag: 0.0.3 # Service ports are now defined in # ric-common/Common-Template/helm/ric-common/templates/_ports.tpl file. diff --git a/ric-platform/README.md b/ric-platform/README.md index 44f67c26..915c7d3c 100644 --- a/ric-platform/README.md +++ b/ric-platform/README.md @@ -5,6 +5,8 @@ Helm charts, deployment scripts and configuration files for RIC platform compone ### Directory Structure . ├── 50-RIC-Platform Deployment scripts, charts and configuration files for RIC platform components +│   ├── bin Contains deployment and uninstall scripts +│   └── helm Contains helm charts ├── 55-Ext-Services Deployment scripts and chart for external service used by RIC to reach services outside of cluster └── README.md This file @@ -16,19 +18,14 @@ In the one-click deployment solution, the above setting will be overrided by env ### To Deploy RIC Platform ```sh -$ # Modify the configuration files in ./50-RIC-Platform/etc/ -$ . ./50-RIC-Platform/bin/install -$ # If you have an override value.yaml file, please use -$ #. ./50-RIC-Platform/bin/install YOUR_OVERRIDE_FILE +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE +$ #. ./50-RIC-Platform/bin/install -f YOUR_OVERRIDE_FILE ``` ### RIC Platform Deployment Options -You can configure the Helm release name, Kubernetes namespace using configuration files located in ./50-RIC-Platform/etc/ -Please make sure that the namespace is the same one as the one used for RIC platform components. - -In the one-click deployment solution, the above setting will be overrided by environment variables shown below. -*RICPLT_RELEASE_NAME -*RICPLT_NAMESPACE +You can configure the Helm release name, Kubernetes namespaces using the override file with +parameters global.releasePrefix and global.namespace ### To Undeploy RIC Platform ```sh @@ -40,11 +37,11 @@ The IP address described below should be the interface IP address of the VM host If the aux cluster is multi-node, any of the nodes can be specified here. ```sh -$ # Set the value of ext/ip in values.yaml to be the external IP address. If you will use an override file and it has ext/ip set, -$ # make sure it is set correctly. -$ . ./55-Ext-Services/bin/install -$ # If you have an override value.yaml file, please use -$ #. ./50-Ext-Services/bin/install YOUR_OVERRIDE_FILE +$ # An override file must be used. +$ # Modify the override file, for example ../RECIPE_EXAMPLE/RIC_PLATFORM_RECIPE_EXAMPLE +$ # Set the values of extsvcaux/ricip and extsvcaux/auxip to be the external IP addresses of VM hosting RIC cluster and VM hosting AUX cluster, respectively. +$ # These values should be set in the override file +$ . ./55-Ext-Services/bin/install -f YOUR_OVERRIDE_FILE ``` ### To Undeploy External services diff --git a/ric-xapps/90-xApps/bin/install b/ric-xapps/90-xApps/bin/install deleted file mode 100755 index aa177140..00000000 --- a/ric-xapps/90-xApps/bin/install +++ /dev/null @@ -1,170 +0,0 @@ -#!/bin/bash -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ - - -while [ -n "$1" ]; do # while loop starts - - case "$1" in - - -n) - CHART_NAME=$2 - shift - ;; - - -v) CHART_VERSION=$2 - shift - ;; # Message for -b option - - -f) OVERRIDEYAML=$2 - shift - ;; # Message for -c option - - -i) FULLIMAGE=$2 - shift - ;; - - -d) DESCRIPTOR_PATH=$2 - shift - ;; - - -c) CONFIG_JSON_PATH=$2 - shift - ;; - - -h) HELM_REPO_USERNAME=$2 - shift - ;; - - -p) HELM_REPO_PASSWORD=$2 - shift - ;; - - *) echo "Option $1 not recognized" ;; # In case you typed a different option other than a,b,c - - esac - - shift - -done - - - - -if [ -z $CHART_NAME ]; then - echo "Please specify chart name using -n option." - exit 1 -fi -if [ -z $CHART_VERSION ]; then - echo "Please specify chart version using -v option." - exit 1 -fi -if [ -z $FULLIMAGE ]; then - echo "Please specify image using -i option." - exit 1 -fi -if [ -z $DESCRIPTOR_PATH ]; then - echo "Please specify descriptor file using -d option." - exit 1 -fi -if [ -z $CONFIG_JSON_PATH ]; then - echo "Please specify config json file using -c option." - exit 1 -fi - - -if [ ! -f $DESCRIPTOR_PATH ]; then - echo "Descriptor file cannot be founded at $DESCRIPTOR_PATH" - exit 1 -fi -if [ ! -f $CONFIG_JSON_PATH ]; then - echo "Config json file cannot be founded at $CONFIG_JSON_PATH" - exit 1 -fi - - -DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" - - -source $DIR/../etc/xapp.conf - -if [ -z $OVERRIDEYAML ]; then - HELM_REPO=$default_helm_repo - DOCKER_REGISTRY=$default_docker_registry -else - helm_repo_override=$(grep "^ *helmRepository:" $OVERRIDEYAML | awk '{gsub(/ /,""); gsub(/\"/,""); split($0, b, "tory:");split(b[2],c,"#"); print c[1]}') - docker_reg_override=$(grep "^ *repository:" $OVERRIDEYAML | awk '{ gsub(/ /,""); gsub(/\"/,""); split($0, b, "tory:");split(b[2],c,"#"); print c[1]}') - if [ -z $helm_repo_override ]; then - HELM_REPO=$default_helm_repo - else - HELM_REPO=$helm_repo_override - fi - - if [ -z $docker_reg_override ]; then - DOCKER_REGISTRY=$default_docker_registry - else - DOCKER_REGISTRY=$docker_reg_override - fi -fi - - - - -rm -rf /tmp/$CHART_NAME - -cp -r $DIR/../helm/xapp-std/ /tmp/$CHART_NAME - - - -sed -i "s/^name: xapp-std/name: $CHART_NAME/" /tmp/$CHART_NAME/Chart.yaml -sed -i "s/^version: 0.0.1/version: $CHART_VERSION/" /tmp/$CHART_NAME/Chart.yaml - - -registry_path=$(echo $FULLIMAGE | awk '{n=split($0, a, "/"); if(n>1) print a[1]}') - - - -tag=$(echo $FULLIMAGE | awk '{n=split($0, a, "/"); split(a[n], b, ":"); print b[2]}') - -image=$(echo $FULLIMAGE | awk -v head="$registry_path/" -v tail=":$tag" '{gsub (head, ""); gsub(tail,""); gsub(/\//,"\\/"); print $0}') - - -sed -i "s/^ name: xapp-std/ name: $CHART_NAME/" /tmp/$CHART_NAME/values.yaml -sed -i "s/^ name: xapp-std/ name: $image/" /tmp/$CHART_NAME/values.yaml -sed -i "s/^ tag: latest/ tag: $tag/" /tmp/$CHART_NAME/values.yaml - - -if [ -z $registry_path ]; then - sed -i "s/^ repository: xapp-std-reg/ repository: $DOCKER_REGISTRY/" /tmp/$CHART_NAME/values.yaml -else - sed -i "s/^ repository: xapp-std-reg/ repository: $registry_path/" /tmp/$CHART_NAME/values.yaml -fi - - -mkdir /tmp/$CHART_NAME/config/ -mkdir /tmp/$CHART_NAME/descriptors/ - -cp $CONFIG_JSON_PATH /tmp/$CHART_NAME/config/ -cp $DESCRIPTOR_PATH /tmp/$CHART_NAME/descriptors/ - - -helm package -d /tmp /tmp/$CHART_NAME - - -echo $HELM_REPO -#curl -k -u $HELM_REPO_USERNAME:$HELM_REPO_PASSWORD $HELM_REPO --upload-file /tmp/$CHART_NAME-$CHART_VERSION.tgz -v -curl -Lk -u $HELM_REPO_USERNAME:$HELM_REPO_PASSWORD "$HELM_REPO"/api/charts --data-binary "@/tmp/$CHART_NAME-$CHART_VERSION.tgz" diff --git a/ric-xapps/90-xApps/helm/xapp-std/templates/_helpers.tpl b/ric-xapps/90-xApps/helm/xapp-std/templates/_helpers.tpl deleted file mode 100644 index d427a461..00000000 --- a/ric-xapps/90-xApps/helm/xapp-std/templates/_helpers.tpl +++ /dev/null @@ -1,77 +0,0 @@ -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################ -{{/* vim: set filetype=mustache: */}} -{{/* -Expand the name of the chart. -*/}} -{{- define "ricxapp.name" -}} - {{- default .Chart.Name .Values.ricxapp.name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create a default fully qualified app name. -We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). -If release name contains chart name it will be used as a full name. -*/}} -{{- define "ricxapp.fullname" -}} - {{- $name := ( include "ricxapp.name" . ) -}} - {{- $fullname := ( printf "%s-%s" .Release.Namespace $name ) -}} - {{- default $fullname .Values.ricxapp.fullname | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{/* -Create chart name and version as used by the chart label. -*/}} -{{- define "ricxapp.chart" -}} - {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "ricxapp.namespace" -}} - {{- default .Release.Namespace .Values.nsPrefix -}} -{{- end -}} - - - -{{- define "ricxapp.servicename.rmr" -}} - {{- $name := ( include "ricxapp.fullname" . ) -}} - {{- printf "service-%s-rmr" $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "ricxapp.servicename.http" -}} - {{- $name := ( include "ricxapp.fullname" . ) -}} - {{- printf "service-%s-http" $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "ricxapp.configmapname" -}} - {{- $name := ( include "ricxapp.fullname" . ) -}} - {{- printf "configmap-%s" $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "ricxapp.deploymentname" -}} - {{- $name := ( include "ricxapp.fullname" . ) -}} - {{- printf "deployment-%s" $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - - -{{- define "ricxapp.containername" -}} - {{- $name := ( include "ricxapp.fullname" . ) -}} - {{- printf "container-%s" $name | trunc 63 | trimSuffix "-" -}} -{{- end -}} - -{{- define "ricxapp.imagepullsecret" -}} - {{- printf "docker-reg-cred" -}} -{{- end -}} diff --git a/ric-xapps/90-xApps/helm/xapp-std/templates/appconfig.yaml b/ric-xapps/90-xApps/helm/xapp-std/templates/appconfig.yaml deleted file mode 100644 index ab8c2940..00000000 --- a/ric-xapps/90-xApps/helm/xapp-std/templates/appconfig.yaml +++ /dev/null @@ -1,32 +0,0 @@ -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################' - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "ricxapp.configmapname" . }}-appconfig -data: -{{- $dbaasservice := .Values.ricplt.dbaasService | quote -}} -{{- $pltingressurl := .Values.ricplt.pltIngressUrl | quote -}} -{{- $xappingressurl := .Values.ricplt.xappIngressUrl | quote -}} -{{- $appmgrrmrservice := .Values.ricplt.appmgrRMRService | quote -}} -{{- $e2mgrrmrservice := .Values.ricplt.e2mgrRMRService | quote -}} -{{- $e2termrmrservice := .Values.ricplt.e2termRMRService | quote -}} -{{- $rtmgrrmrservice := .Values.ricplt.rtmgrRMRService | quote -}} -{{- $a1mediatorrmrservice := .Values.ricplt.a1mediatorRMRService | quote -}} - -{{- (.Files.Glob "config/*").AsConfig | replace "__DBAAS_SERVICE__" $dbaasservice | replace "__PLT_INGRESS_URL__" $pltingressurl | replace "__XAPP_INGRESS_URL__" $xappingressurl | replace "__APPMGR_RMR_SERVICE__" $appmgrrmrservice | replace "__E2MGR_RMR_SERVICE__" $e2mgrrmrservice | replace "__E2TERM_RMR_SERVICE__" $e2termrmrservice | replace "__RTMGR_RMR_SERVICE__" $rtmgrrmrservice | replace "__A1MEDIATOR_RMR_SERVICE__" $a1mediatorrmrservice | nindent 2 }} diff --git a/ric-xapps/90-xApps/helm/xapp-std/templates/deployment.yaml b/ric-xapps/90-xApps/helm/xapp-std/templates/deployment.yaml deleted file mode 100644 index b539b9b4..00000000 --- a/ric-xapps/90-xApps/helm/xapp-std/templates/deployment.yaml +++ /dev/null @@ -1,73 +0,0 @@ -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################' -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "ricxapp.fullname" . }} - labels: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ .Release.Name }} - heritage: {{ .Release.Service }} -spec: - replicas: {{ .Values.ricxapp.replicaCount }} - selector: - matchLabels: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - release: {{ .Release.Name }} - template: - metadata: - labels: - app: {{ include "ricxapp.namespace" . }}-{{ include "ricxapp.name" . }} - release: {{ .Release.Name }} - spec: - hostname: {{ include "ricxapp.name" . }} - imagePullSecrets: - - name: {{ include "ricxapp.imagepullsecret" . }} - containers: - - name: {{ include "ricxapp.containername" . }} - image: "{{ .Values.ricxapp.image.repository }}/{{ .Values.ricxapp.image.name }}:{{ .Values.ricxapp.image.tag }}" - imagePullPolicy: {{ .Values.ricxapp.image.pullPolicy }} - ports: - - name: http - containerPort: {{ .Values.ricxapp.service.http.containerPort }} - protocol: TCP - - name: rmrroute - containerPort: {{ .Values.ricxapp.service.rmr.route.port }} - protocol: TCP - - name: rmrdata - containerPort: {{ .Values.ricxapp.service.rmr.data.port }} - protocol: TCP - volumeMounts: - - name: config-volume - mountPath: {{ .Values.ricxapp.appconfig.path }} - envFrom: - - configMapRef: - name: {{ include "ricxapp.configmapname" . }}-appenv - {{- if .Values.ricxapp.livenessProbe }} - livenessProbe: - {{- .Values.ricxapp.livenessProbe | nindent 12 -}} - {{ end }} - {{- if .Values.ricxapp.readinessProbe }} - readinessProbe: - {{- .Values.ricxapp.readinessProbe | nindent 12 -}} - {{ end }} - restartPolicy: Always - volumes: - - name: config-volume - configMap: - name: {{ include "ricxapp.configmapname" . }}-appconfig diff --git a/ric-xapps/90-xApps/helm/xapp-std/values.yaml b/ric-xapps/90-xApps/helm/xapp-std/values.yaml deleted file mode 100644 index 50eab3c2..00000000 --- a/ric-xapps/90-xApps/helm/xapp-std/values.yaml +++ /dev/null @@ -1,74 +0,0 @@ -################################################################################ -# Copyright (c) 2019 AT&T Intellectual Property. # -# Copyright (c) 2019 Nokia. # -# # -# Licensed under the Apache License, Version 2.0 (the "License"); # -# you may not use this file except in compliance with the License. # -# You may obtain a copy of the License at # -# # -# http://www.apache.org/licenses/LICENSE-2.0 # -# # -# Unless required by applicable law or agreed to in writing, software # -# distributed under the License is distributed on an "AS IS" BASIS, # -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # -# See the License for the specific language governing permissions and # -# limitations under the License. # -################################################################################' -# This is a YAML-formatted file. -# Declare variables to be passed into your templates. -ricplt: - # This section is reserved for values imported from RIC Platform charts - dbaasService: "service-ricplt-dbaas-tcp.ricplt.svc.cluster.local" - pltIngressUrl: "ricplt-entry" - xappIngressUrl: "ricxapp-entry" - - appmgrRMRService: "service-ricplt-appmgr-rmr.ricplt.svc.cluster.local" - e2mgrRMRService: "service-ricplt-e2mgr-rmr.ricplt.svc.cluster.local" - e2termRMRService: "service-ricplt-e2term-rmr.ricplt.svc.cluster.local" - rtmgrRMRService: "service-ricplt-rtmgr-rmr.ricplt.svc.cluster.local" - a1mediatorRMRService: "service-ricplt-a1mediator-rmr.ricplt.svc.cluster.local" - - - -ricxapp: - # This section is for xapp. Templates to be resolved from xApp descriptor - replicaCount: 1 - name: xapp-std - # Your can specify the chart fullname by using the following option - #fullname: xapp-std - - image: - pullPolicy: IfNotPresent - repository: xapp-std-reg - name: xapp-std - tag: latest - - service: - http: - port: 8080 - containerPort: 8080 - rmr: - route: - port: 4561 - data: - port: 4560 - - livenessProbe: |- - httpGet: - path: ric/v1/health/alive - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 15 - - readinessProbe: |- - httpGet: - path: ric/v1/health/ready - port: 8080 - initialDelaySeconds: 5 - periodSeconds: 15 - - - appconfig: - path: /opt/ric/config - - appenv: diff --git a/ric-xapps/README.md b/ric-xapps/README.md deleted file mode 100644 index 5fb28adb..00000000 --- a/ric-xapps/README.md +++ /dev/null @@ -1,9 +0,0 @@ -# RIC xApps - -Helm charts for xApps. - -### Directory Structure -. -├── 90-xApps Helm charts for xApps -└── README.md - -- 2.16.6