From 49b70f0ba3c7e97b79615161c190b80f40ee8f9b Mon Sep 17 00:00:00 2001 From: rshacham Date: Wed, 11 Sep 2019 17:08:37 +0000 Subject: [PATCH] Add portal, aaf, onap charts and integrate with ric common template Change-Id: If0c55a79c746ad7fb05798986afc07f8a403547a Signed-off-by: rshacham --- .../RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE | 39 +++ ric-aux/80-Auxiliary-Functions/bin/install | 2 +- ric-aux/80-Auxiliary-Functions/bin/installOnap | 147 ++++++++++ ric-aux/80-Auxiliary-Functions/etc/aux.conf | 2 +- .../80-Auxiliary-Functions/helm/aaf/.helmignore | 21 ++ ric-aux/80-Auxiliary-Functions/helm/aaf/Chart.yaml | 4 + .../helm/aaf/charts/aaf-cass/.helmignore | 21 ++ .../helm/aaf/charts/aaf-cass/Chart.yaml | 4 + .../helm/aaf/charts/aaf-cass/templates/NOTES.txt | 33 +++ .../aaf/charts/aaf-cass/templates/deployment.yaml | 118 ++++++++ .../helm/aaf/charts/aaf-cass/templates/pv.yaml | 44 +++ .../helm/aaf/charts/aaf-cass/templates/pvc.yaml | 48 ++++ .../aaf/charts/aaf-cass/templates/service.yaml | 49 ++++ .../helm/aaf/charts/aaf-cass/values.yaml | 90 +++++++ .../helm/aaf/charts/aaf-cm/.helmignore | 21 ++ .../helm/aaf/charts/aaf-cm/Chart.yaml | 4 + .../helm/aaf/charts/aaf-cm/templates/NOTES.txt | 33 +++ .../aaf/charts/aaf-cm/templates/deployment.yaml | 122 +++++++++ .../helm/aaf/charts/aaf-cm/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-cm/values.yaml | 73 +++++ .../helm/aaf/charts/aaf-fs/.helmignore | 21 ++ .../helm/aaf/charts/aaf-fs/Chart.yaml | 4 + .../helm/aaf/charts/aaf-fs/templates/NOTES.txt | 33 +++ .../aaf/charts/aaf-fs/templates/deployment.yaml | 122 +++++++++ .../helm/aaf/charts/aaf-fs/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-fs/values.yaml | 75 ++++++ .../helm/aaf/charts/aaf-gui/.helmignore | 21 ++ .../helm/aaf/charts/aaf-gui/Chart.yaml | 4 + .../helm/aaf/charts/aaf-gui/templates/NOTES.txt | 33 +++ .../aaf/charts/aaf-gui/templates/deployment.yaml | 122 +++++++++ .../helm/aaf/charts/aaf-gui/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-gui/values.yaml | 78 ++++++ .../helm/aaf/charts/aaf-hello/.helmignore | 21 ++ .../helm/aaf/charts/aaf-hello/Chart.yaml | 4 + .../helm/aaf/charts/aaf-hello/templates/NOTES.txt | 14 + .../charts/aaf-hello/templates/aaf-hello-pv.yaml | 48 ++++ .../charts/aaf-hello/templates/aaf-hello-pvc.yaml | 52 ++++ .../aaf/charts/aaf-hello/templates/deployment.yaml | 108 ++++++++ .../aaf/charts/aaf-hello/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-hello/values.yaml | 93 +++++++ .../helm/aaf/charts/aaf-locate/.helmignore | 21 ++ .../helm/aaf/charts/aaf-locate/Chart.yaml | 4 + .../helm/aaf/charts/aaf-locate/templates/NOTES.txt | 33 +++ .../charts/aaf-locate/templates/deployment.yaml | 122 +++++++++ .../aaf/charts/aaf-locate/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-locate/values.yaml | 74 +++++ .../helm/aaf/charts/aaf-oauth/.helmignore | 21 ++ .../helm/aaf/charts/aaf-oauth/Chart.yaml | 4 + .../helm/aaf/charts/aaf-oauth/templates/NOTES.txt | 33 +++ .../aaf/charts/aaf-oauth/templates/deployment.yaml | 122 +++++++++ .../aaf/charts/aaf-oauth/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-oauth/values.yaml | 73 +++++ .../helm/aaf/charts/aaf-service/.helmignore | 21 ++ .../helm/aaf/charts/aaf-service/Chart.yaml | 4 + .../charts/aaf-service/templates/deployment.yaml | 129 +++++++++ .../aaf/charts/aaf-service/templates/service.yaml | 33 +++ .../helm/aaf/charts/aaf-service/values.yaml | 80 ++++++ .../helm/aaf/charts/aaf-sms/Chart.yaml | 4 + .../aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml | 4 + .../resources/config/config.json | 7 + .../aaf-sms-quorumclient/templates/configmap.yaml | 26 ++ .../charts/aaf-sms-quorumclient/templates/pv.yaml | 37 +++ .../charts/aaf-sms-quorumclient/templates/pvc.yaml | 48 ++++ .../templates/statefulset.yaml | 74 +++++ .../charts/aaf-sms-quorumclient/values.yaml | 75 ++++++ .../charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml | 5 + .../charts/aaf-sms-vault/templates/configmap.yaml | 41 +++ .../aaf-sms/charts/aaf-sms-vault/templates/pv.yaml | 37 +++ .../charts/aaf-sms-vault/templates/pvc.yaml | 48 ++++ .../charts/aaf-sms-vault/templates/service.yaml | 39 +++ .../aaf-sms-vault/templates/statefulset.yaml | 82 ++++++ .../aaf-sms/charts/aaf-sms-vault/values.yaml | 111 ++++++++ .../aaf/charts/aaf-sms/resources/config/has.json | 44 +++ .../aaf/charts/aaf-sms/resources/config/osdf.json | 98 +++++++ .../aaf/charts/aaf-sms/templates/configmap.yaml | 42 +++ .../aaf/charts/aaf-sms/templates/deployment.yaml | 104 ++++++++ .../helm/aaf/charts/aaf-sms/templates/job.yaml | 92 +++++++ .../helm/aaf/charts/aaf-sms/templates/pv.yaml | 37 +++ .../helm/aaf/charts/aaf-sms/templates/pvc.yaml | 48 ++++ .../helm/aaf/charts/aaf-sms/templates/service.yaml | 39 +++ .../helm/aaf/charts/aaf-sms/values.yaml | 103 +++++++ .../helm/aaf/charts/aaf-sshsm/Chart.yaml | 4 + .../helm/aaf/charts/aaf-sshsm/README.md | 24 ++ .../aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml | 4 + .../aaf-sshsm-abrmd/templates/configmap.yaml | 32 +++ .../charts/aaf-sshsm-abrmd/templates/job.yaml | 87 ++++++ .../aaf-sshsm-abrmd/templates/statefulset.yaml | 93 +++++++ .../aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml | 60 +++++ .../charts/aaf-sshsm-distcenter/Chart.yaml | 4 + .../aaf-sshsm-distcenter/templates/configmap.yaml | 32 +++ .../charts/aaf-sshsm-distcenter/templates/job.yaml | 105 ++++++++ .../charts/aaf-sshsm-distcenter/templates/pv.yaml | 41 +++ .../charts/aaf-sshsm-distcenter/templates/pvc.yaml | 51 ++++ .../charts/aaf-sshsm-distcenter/values.yaml | 69 +++++ .../aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml | 4 + .../charts/aaf-sshsm-testca/templates/job.yaml | 130 +++++++++ .../aaf-sshsm/charts/aaf-sshsm-testca/values.yaml | 61 +++++ .../helm/aaf/charts/aaf-sshsm/requirements.yaml | 18 ++ .../charts/aaf-sshsm/resources/config/prk_passwd | 1 + .../charts/aaf-sshsm/resources/config/srk_handle | 1 + .../helm/aaf/charts/aaf-sshsm/templates/pv.yaml | 57 ++++ .../helm/aaf/charts/aaf-sshsm/templates/pvc.yaml | 79 ++++++ .../aaf/charts/aaf-sshsm/templates/secret.yaml | 22 ++ .../helm/aaf/charts/aaf-sshsm/values.yaml | 65 +++++ .../helm/aaf/requirements.yaml | 17 ++ .../helm/aaf/templates/aaf-config-pv.yaml | 48 ++++ .../helm/aaf/templates/aaf-config-pvc.yaml | 52 ++++ .../helm/aaf/templates/aaf-status-pv.yaml | 48 ++++ .../helm/aaf/templates/aaf-status-pvc.yaml | 52 ++++ .../80-Auxiliary-Functions/helm/aaf/values.yaml | 157 +++++++++++ .../80-Auxiliary-Functions/helm/onap/Chart.yaml | 23 ++ .../helm/onap/requirements.yaml | 21 ++ .../helm/onap/resources/environments/dev.yaml | 144 ++++++++++ .../resources/environments/disable-allcharts.yaml | 85 ++++++ .../onap/resources/environments/minimal-onap.yaml | 178 ++++++++++++ .../onap/resources/environments/public-cloud.yaml | 162 +++++++++++ .../helm/onap/resources/overrides/environment.yaml | 225 ++++++++++++++++ .../overrides/onap-all-ingress-nginx.yaml | 80 ++++++ .../helm/onap/resources/overrides/onap-all.yaml | 78 ++++++ .../helm/onap/resources/overrides/onap-vfw.yaml | 55 ++++ .../helm/onap/resources/overrides/openstack.yaml | 62 +++++ .../helm/onap/templates/_helper.tpl | 33 +++ .../helm/onap/templates/clusterrolebinding.yaml | 32 +++ .../helm/onap/templates/secrets.yaml | 27 ++ .../helm/onap/templates/storageclass.yaml | 34 +++ .../80-Auxiliary-Functions/helm/onap/values.yaml | 23 ++ .../80-Auxiliary-Functions/helm/portal/.helmignore | 24 ++ .../80-Auxiliary-Functions/helm/portal/Chart.yaml | 4 + .../helm/portal/charts/portal-app/.helmignore | 21 ++ .../helm/portal/charts/portal-app/Chart.yaml | 4 + .../resources/certs/keystoreONAPPortal.p12 | Bin 0 -> 4175 bytes .../resources/certs/truststoreONAPall.jks | Bin 0 -> 117990 bytes .../properties/ONAPPORTAL/fusion.properties | 61 +++++ .../deliveries/properties/ONAPPORTAL/logback.xml | 297 +++++++++++++++++++++ .../properties/ONAPPORTAL/music.properties | 34 +++ .../ONAPPORTAL/openid-connect.properties | 17 ++ .../properties/ONAPPORTAL/portal.properties | 43 +++ .../properties/ONAPPORTAL/system.properties | 124 +++++++++ .../charts/portal-app/resources/server/server.xml | 149 +++++++++++ .../portal/charts/portal-app/templates/NOTES.txt | 19 ++ .../charts/portal-app/templates/configmap.yaml | 27 ++ .../charts/portal-app/templates/deployment.yaml | 165 ++++++++++++ .../portal/charts/portal-app/templates/secret.yaml | 27 ++ .../charts/portal-app/templates/service.yaml | 69 +++++ .../helm/portal/charts/portal-app/values.yaml | 110 ++++++++ .../portal/charts/portal-cassandra/.helmignore | 21 ++ .../helm/portal/charts/portal-cassandra/Chart.yaml | 4 + .../docker-entrypoint-initdb.d/portal.cql | 68 +++++ .../docker-entrypoint-initdb.d/portal_single.cql | 145 ++++++++++ .../docker-entrypoint-initdb.d/portalsdk.cql | 68 +++++ .../charts/portal-cassandra/templates/NOTES.txt | 33 +++ .../portal-cassandra/templates/configmap.yaml | 28 ++ .../portal-cassandra/templates/deployment.yaml | 107 ++++++++ .../charts/portal-cassandra/templates/pv.yaml | 38 +++ .../charts/portal-cassandra/templates/pvc.yaml | 49 ++++ .../charts/portal-cassandra/templates/service.yaml | 70 +++++ .../portal/charts/portal-cassandra/values.yaml | 113 ++++++++ .../helm/portal/charts/portal-mariadb/.helmignore | 21 ++ .../helm/portal/charts/portal-mariadb/Chart.yaml | 4 + .../resources/config/mariadb/docker-entrypoint.sh | 190 +++++++++++++ .../resources/config/mariadb/oom_updates.sql | 110 ++++++++ .../charts/portal-mariadb/templates/NOTES.txt | 33 +++ .../charts/portal-mariadb/templates/configmap.yaml | 28 ++ .../portal-mariadb/templates/deployment.yaml | 97 +++++++ .../charts/portal-mariadb/templates/job.yaml | 91 +++++++ .../portal/charts/portal-mariadb/templates/pv.yaml | 38 +++ .../charts/portal-mariadb/templates/pvc.yaml | 49 ++++ .../charts/portal-mariadb/templates/secrets.yaml | 28 ++ .../charts/portal-mariadb/templates/service.yaml | 39 +++ .../helm/portal/charts/portal-mariadb/values.yaml | 149 +++++++++++ .../helm/portal/charts/portal-sdk/.helmignore | 21 ++ .../helm/portal/charts/portal-sdk/Chart.yaml | 4 + .../properties/ONAPPORTALSDK/fusion.properties | 49 ++++ .../properties/ONAPPORTALSDK/logback.xml | 222 +++++++++++++++ .../properties/ONAPPORTALSDK/music.properties | 35 +++ .../properties/ONAPPORTALSDK/portal.properties | 60 +++++ .../properties/ONAPPORTALSDK/system.properties | 83 ++++++ .../portal/charts/portal-sdk/templates/NOTES.txt | 33 +++ .../charts/portal-sdk/templates/configmap.yaml | 27 ++ .../charts/portal-sdk/templates/deployment.yaml | 131 +++++++++ .../charts/portal-sdk/templates/service.yaml | 41 +++ .../helm/portal/charts/portal-sdk/values.yaml | 104 ++++++++ .../helm/portal/charts/portal-widget/.helmignore | 21 ++ .../helm/portal/charts/portal-widget/Chart.yaml | 4 + .../properties/ONAPWIDGETMS/application.properties | 33 +++ .../properties/ONAPWIDGETMS/application.yml | 17 ++ .../charts/portal-widget/templates/NOTES.txt | 33 +++ .../charts/portal-widget/templates/configmap.yaml | 27 ++ .../charts/portal-widget/templates/deployment.yaml | 98 +++++++ .../charts/portal-widget/templates/service.yaml | 41 +++ .../helm/portal/charts/portal-widget/values.yaml | 89 ++++++ .../portal/charts/portal-zookeeper/.helmignore | 21 ++ .../helm/portal/charts/portal-zookeeper/Chart.yaml | 4 + .../charts/portal-zookeeper/templates/NOTES.txt | 33 +++ .../portal-zookeeper/templates/deployment.yaml | 71 +++++ .../charts/portal-zookeeper/templates/service.yaml | 39 +++ .../portal/charts/portal-zookeeper/values.yaml | 77 ++++++ .../helm/portal/requirements.yaml | 18 ++ .../resources/config/log/filebeat/filebeat.yml | 55 ++++ .../helm/portal/templates/configmap.yaml | 28 ++ .../80-Auxiliary-Functions/helm/portal/values.yaml | 54 ++++ .../helm/ric-common/templates/_servicename.tpl | 21 ++ 202 files changed, 11033 insertions(+), 2 deletions(-) create mode 100755 RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE create mode 100755 ric-aux/80-Auxiliary-Functions/bin/installOnap create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/has.json create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/osdf.json create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/README.md create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/requirements.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/prk_passwd create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/srk_handle create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/secret.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/requirements.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/aaf/values.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml create mode 100644 ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/certs/truststoreONAPall.jks create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/fusion.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/logback.xml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/server/server.xml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/secret.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/job.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pv.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pvc.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/secrets.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/.helmignore create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/Chart.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/NOTES.txt create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/service.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/values.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/requirements.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/resources/config/log/filebeat/filebeat.yml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/templates/configmap.yaml create mode 100755 ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml diff --git a/RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE b/RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE new file mode 100755 index 00000000..5b0505f2 --- /dev/null +++ b/RECIPE_EXAMPLE/RIC_AUX_ONAP_COMPONENTS_RECIPE_EXAMPLE @@ -0,0 +1,39 @@ + +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + nodePortPrefixExt: 304 + + # ONAP Repository + # Uncomment the following to enable the use of a single docker + # repository but ONLY if your repository mirrors all ONAP + # docker images. This includes all images from dockerhub and + # any other repository that hosts images for ONAP components. + #repository: nexus3.onap.org:10001 + repositoryCred: + user: docker + password: docker + + # readiness check - temporary repo until images migrated to nexus3 + readinessRepository: oomk8s + # logging agent - temporary repo until images migrated to nexus3 + loggingRepository: docker.elastic.co + + # image pull policy + pullPolicy: Always + + # default mount path root directory referenced + # by persistent volumes and log files + persistence: + mountPath: /dockerdata-nfs + enableDefaultStorageclass: false + parameters: {} + storageclassProvisioner: kubernetes.io/no-provisioner + volumeReclaimPolicy: Retain + + # override default resource limit flavor for all charts + flavor: unlimited + + # flag to enable debugging - application support required + debugEnabled: false diff --git a/ric-aux/80-Auxiliary-Functions/bin/install b/ric-aux/80-Auxiliary-Functions/bin/install index 63ed6d1e..0d843733 100755 --- a/ric-aux/80-Auxiliary-Functions/bin/install +++ b/ric-aux/80-Auxiliary-Functions/bin/install @@ -122,7 +122,7 @@ fi -RICAUX_COMPONENTS="dashboard ves message-router mrsub" +RICAUX_COMPONENTS="dashboard mrsub ves message-router" echo "Deploying RIC AUX components [$RICAUX_COMPONENTS]" echo "Helm Release Name: $RELEASE_NAME" diff --git a/ric-aux/80-Auxiliary-Functions/bin/installOnap b/ric-aux/80-Auxiliary-Functions/bin/installOnap new file mode 100755 index 00000000..796268f0 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/bin/installOnap @@ -0,0 +1,147 @@ +#!/bin/bash +################################################################################ +# Copyright (c) 2019 AT&T Intellectual Property. # +# Copyright (c) 2019 Nokia. # +# # +# Licensed under the Apache License, Version 2.0 (the "License"); # +# you may not use this file except in compliance with the License. # +# You may obtain a copy of the License at # +# # +# http://www.apache.org/licenses/LICENSE-2.0 # +# # +# Unless required by applicable law or agreed to in writing, software # +# distributed under the License is distributed on an "AS IS" BASIS, # +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # +# See the License for the specific language governing permissions and # +# limitations under the License. # +################################################################################ + + +OVERRIDEYAML=$1 + + +DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null && pwd )" + + +source $DIR/../etc/aux.conf + +if [ -z "$RICAUX_RELEASE_NAME" ];then + RELEASE_NAME=$helm_release_name +else + RELEASE_NAME=$RICAUX_RELEASE_NAME +fi + +# Namespace configuration +if [ -z "$RICPLT_NAMESPACE" ];then + PLT_NAMESPACE=$plt_namespace +else + PLT_NAMESPACE=$RICPLT_NAMESPACE +fi +if [ -z "$RICXAPP_NAMESPACE" ];then + XAPP_NAMESPACE=$xapp_namespace +else + XAPP_NAMESPACE=$RICXAPP_NAMESPACE +fi +if [ -z "$RICAUX_NAMESPACE" ];then + AUX_NAMESPACE=$aux_namespace +else + AUX_NAMESPACE=$RICAUX_NAMESPACE +fi +if [ -z "$RICINFRA_NAMESPACE" ];then + INFRA_NAMESPACE=$infra_namespace +else + INFRA_NAMESPACE=$RICINFRA_NAMESPACE +fi + +if [ -z "$RIC_COMMON_OVERRIDE" ];then + COMMON_OVERRIDE="--set global.namespace.platform=$PLT_NAMESPACE --set global.namespace.xapp=$XAPP_NAMESPACE --set global.namespace.aux=$AUX_NAMESPACE --set global.namespace.infra=$INFRA_NAMESPACE" +else + COMMON_OVERRIDE=$RIC_COMMON_OVERRIDE +fi + + + +NODENAME=$(kubectl get node | awk '{print $1}') +LABELFOUND=false +for f in $NODENAME; do + LABEL=$(kubectl describe node $f | grep local-storage) + if [ ! -z "$LABEL" ]; then + LABELFOUND=true + fi +done + +if [ ! -z $OVERRIDEYAML ]; then + FOUND_STORAGECLASS=$(grep storageclass $OVERRIDEYAML) +fi + + + +if ! $LABELFOUND && [ -z "$FOUND_STORAGECLASS" ]; then + echo "***********************************************************************************************" + echo "* ERROR!!!!!!!!!!!!! *" + echo "***********************************************************************************************" + echo "* Nodes label \"local-storage=enable\" is not found in any of the cluster node. *" + echo "* Please pick a node and label it using the following command. *" + echo "* kubectl label --overwrite nodes local-storage=enable *" + echo "***********************************************************************************************" + + exit 1 +fi + + + + +if [ -z "$FOUND_STORAGECLASS" ] && $LABELFOUND; then + + DATAPATH=$(cat $DIR/../helm/dashboard/values.yaml | grep datapath | awk '{ print $2}' ) + + + if [ ! -z $OVERRIDEYAML ]; then + DATAPATHOVERRIDE=$(cat $OVERRIDEYAML | grep datapath | awk '{ print $2}' ) + fi + + if [ ! -z "$DATAPATHOVERRIDE" ]; then + DATAPATH=$DATAPATHOVERRIDE + fi + + + echo "***********************************************************************************************" + echo "* WARNING!!!!!!!!!!!!! *" + echo "***********************************************************************************************" + echo "* Chartmuseume will use local storage. Please make sure that directory *" + echo "* $DATAPATH *" + echo "* exists on the selected cluster node, and contains the proper files. *" + echo "***********************************************************************************************" + + +fi + + + + + + + +RICAUX_COMPONENTS="onap portal aaf" + +echo "Deploying RIC AUX components [$RICAUX_COMPONENTS]" +echo "Helm Release Name: $RELEASE_NAME" + + +COMMON_CHART_VERSION=$(cat $DIR/../../../ric-common/Common-Template/helm/ric-common/Chart.yaml | grep version | awk '{print $2}') + + +helm package -d /tmp $DIR/../../../ric-common/Common-Template/helm/ric-common/ + + +for component in $RICAUX_COMPONENTS; do + echo "Preparing chart for comonent $component" + + mkdir -p $DIR/../helm/$component/charts/ + cp /tmp/ric-common-$COMMON_CHART_VERSION.tgz $DIR/../helm/$component/charts/ + if [ -z $OVERRIDEYAML ]; then + helm install --namespace $AUX_NAMESPACE --name "${RELEASE_NAME}-$component" $COMMON_OVERRIDE $DIR/../helm/$component + else + helm install -f $OVERRIDEYAML --namespace $AUX_NAMESPACE --name "${RELEASE_NAME}-$component" $COMMON_OVERRIDE $DIR/../helm/$component + fi +done diff --git a/ric-aux/80-Auxiliary-Functions/etc/aux.conf b/ric-aux/80-Auxiliary-Functions/etc/aux.conf index 92008b59..98680ed5 100644 --- a/ric-aux/80-Auxiliary-Functions/etc/aux.conf +++ b/ric-aux/80-Auxiliary-Functions/etc/aux.conf @@ -30,7 +30,7 @@ xapp_namespace=ricxapp # namespace defines the namespace that helm will use to deploy RIC # It will be overrided by RICAUX_NAMESPACE -aux_namespace=ricaux +aux_namespace=onap # namespace defines the namespace that helm will use to deploy RIC # It will be overrided by RICINFRA_NAMESPACE diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/.helmignore new file mode 100755 index 00000000..542b3390 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/Chart.yaml new file mode 100755 index 00000000..865837a7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Application Authorization Framework +name: aaf +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/Chart.yaml new file mode 100755 index 00000000..078155e4 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF cassandra +name: aaf-cass +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/NOTES.txt new file mode 100755 index 00000000..bd74a42c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml new file mode 100755 index 00000000..5bbb1d73 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/deployment.yaml @@ -0,0 +1,118 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.global.aaf.cass.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: {{ .Values.global.repository }}/{{.Values.global.aaf.cass.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + # installing with cmd "onap" will not only initialize the DB, but add ONAP bootstrap data as well + command: ["/bin/bash","/opt/app/aaf/cass_init/cmd.sh","onap"] + lifecycle: + preStop: + exec: + command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-cass"] + ports: + - name: storage + containerPort: {{.Values.global.aaf.cass.storage_port}} + - name: ssl-storage + containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} + - name: native-trans + containerPort: {{.Values.global.aaf.cass.native_trans_port}} + - name: rpc + containerPort: {{.Values.global.aaf.cass.rpc_port}} + env: + - name: CASSANDRA_CLUSTER_NAME + value: {{.Values.global.aaf.cass.cluster_name}} + - name: CASSANDRA_DC + value: {{.Values.global.aaf.cass.dc}} + - name: HEAP_NEWSIZE + value: {{.Values.global.aaf.cass.heap_new_size}} + - name: MAX_HEAP_SIZE + value: {{.Values.global.aaf.cass.max_heap_size}} + - name: MY_POD_NAME + valueFrom: + fieldRef: + fieldPath: metadata.name + - name: MY_POD_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.namespace + - name: MY_POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - mountPath: /var/lib/cassandra + name: aaf-cass-vol + - mountPath: /opt/app/aaf/status + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{.Values.global.aaf.cass.native_trans_port}} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{.Values.global.aaf.cass.native_trans_port}} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-cass-vol + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }}-pvc + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pv.yaml new file mode 100755 index 00000000..8249d846 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pv.yaml @@ -0,0 +1,44 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pvc.yaml new file mode 100755 index 00000000..4f9dac07 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" .}}-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/service.yaml new file mode 100755 index 00000000..71882b1c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/templates/service.yaml @@ -0,0 +1,49 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +# annotations: +# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true" +spec: + type: {{ .Values.service.type }} + ports: + - name: storage + protocol: TCP + port: {{.Values.global.aaf.cass.storage_port}} + containerPort: {{.Values.global.aaf.cass.storage_port}} + - name: ssl-storage + protocol: TCP + port: {{.Values.global.aaf.cass.ssl_storage_port}} + containerPort: {{.Values.global.aaf.cass.ssl_storage_port}} + - name: native-trans + protocol: TCP + port: {{.Values.global.aaf.cass.native_trans_port}} + containerPort: {{.Values.global.aaf.cass.native_trans_port}} + - name: rpc + protocol: TCP + port: {{.Values.global.aaf.cass.rpc_port}} + containerPort: {{.Values.global.aaf.cass.rpc_port}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/values.yaml new file mode 100755 index 00000000..ee05a195 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cass/values.yaml @@ -0,0 +1,90 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# +# application configuration +config: {} + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-cass + type: ClusterIP + portName: aaf-cass + #targetPort + internalPort: 7000 + #port + externalPort: 7000 + + internalPort2: 7001 + externalPort2: 7001 + internalPort3: 9042 + externalPort3: 9042 + internalPort4: 9160 + externalPort4: 9160 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} + # Following AAI's advice, and not trying to guess on Cass usage. Guessing just makes it slow +# small: +# limits: +# cpu: "1000m" +# memory: 4096Mi +# requests: +# cpu: 20m +# memory: 2048Mi +# large: +# limits: +# cpu: 400m +# memory: 12000Mi +# requests: +# cpu: 40m +# memory: 9000Mi +# unlimited: {} + +persistence: + enabled: true + #existingClaim: + mountPath: /dockerdata-nfs + mountSubPath: "cass" + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 20Gi + storageClass: "manual" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/Chart.yaml new file mode 100755 index 00000000..1fe3836f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF Certificate Manager +name: aaf-cm +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/NOTES.txt new file mode 100755 index 00000000..bd74a42c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml new file mode 100755 index 00000000..19d76255 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/deployment.yaml @@ -0,0 +1,122 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.cm.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-config-container + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + env: + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" + containers: + - name: {{ include "common.name" . }} + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"] + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.global.aaf.cm.internal_port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.global.aaf.cm.internal_port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/service.yaml new file mode 100755 index 00000000..f54c4d8e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.global.aaf.cm.internal_port }} + nodePort: {{ .Values.global.aaf.cm.public_port }} + name: aaf-cm + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/values.yaml new file mode 100755 index 00000000..6ace7d11 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-cm/values.yaml @@ -0,0 +1,73 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-cm + type: ClusterIP + portName: aaf-cm + #targetPort + internalPort: 8150 + #port + externalPort: 8150 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 20m +# memory: 500Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 600Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/Chart.yaml new file mode 100755 index 00000000..5509a556 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF File Server +name: aaf-fs +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/NOTES.txt new file mode 100755 index 00000000..bd74a42c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml new file mode 100755 index 00000000..cd72fddb --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/deployment.yaml @@ -0,0 +1,122 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.fs.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-config-container + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + env: + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" + containers: + - name: {{ include "common.name" . }} + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-fs aaf-locate && exec bin/fs"] + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/service.yaml new file mode 100755 index 00000000..1042afd6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.global.aaf.fs.internal_port }} + nodePort: {{ .Values.global.aaf.fs.public_port }} + name: aaf-hello + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/values.yaml new file mode 100755 index 00000000..48ad7c10 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-fs/values.yaml @@ -0,0 +1,75 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image +pullPolicy: Always + + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-fs + type: ClusterIP + portName: aaf-fs + #targetPort + internalPort: 8096 + #port + externalPort: 8096 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 10m +# memory: 300Mi +# large: +# limits: +# cpu: 500m +# memory: 700Mi +# requests: +# cpu: 100m +# memory: 400Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/Chart.yaml new file mode 100755 index 00000000..ad8337cf --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF GUI +name: aaf-gui +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/NOTES.txt new file mode 100755 index 00000000..bd74a42c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml new file mode 100755 index 00000000..4a433ccc --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/deployment.yaml @@ -0,0 +1,122 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.gui.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-config-container + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + env: + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" + containers: + - name: {{ include "common.name" . }} + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-gui aaf-locate && exec bin/gui"] + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.global.aaf.gui.internal_port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.global.aaf.gui.internal_port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/service.yaml new file mode 100755 index 00000000..ea069257 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.global.aaf.gui.internal_port }} + nodePort: {{ .Values.global.aaf.gui.public_port }} + name: aaf-gui + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/values.yaml new file mode 100755 index 00000000..3068f14e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-gui/values.yaml @@ -0,0 +1,78 @@ + +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image +pullPolicy: Always + + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-gui + type: NodePort + portName: aaf-gui + #targetPort + internalPort: 8200 + #port + externalPort: 8200 + nodePort: 51 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 100m +# memory: 500Mi +# requests: +# cpu: 10m +# memory: 200Mi +# large: +# limits: +# cpu: 200m +# memory: 1Gi +# requests: +# cpu: 100m +# memory: 500Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/Chart.yaml new file mode 100755 index 00000000..1ecb304c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF Hello +name: aaf-hello +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/NOTES.txt new file mode 100755 index 00000000..ef4d8e7d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/NOTES.txt @@ -0,0 +1,14 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml new file mode 100755 index 00000000..066bf38f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-hello-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-hello + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml new file mode 100755 index 00000000..7c45b8bd --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/aaf-hello-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-hello-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-hello + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml new file mode 100755 index 00000000..c5fcf68a --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/deployment.yaml @@ -0,0 +1,108 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.hello.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-hello-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-hello-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + initContainers: + - name: {{ include "common.name" . }}-config + image: {{ .Values.global.repository }}/{{.Values.aaf_init.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-hello-vol +# NOTE: Before this, need Liveness Attached to aaf-certman + command: ["bash","-c","exec /opt/app/aaf_config/bin/agent.sh"] + env: + - name: APP_FQI + value: "{{ .Values.aaf_init.fqi }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:8095" + - name: aaf_locator_container + value: "oom" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_fqdn + value: "{{ .Values.aaf_init.fqdn }}" + - name: aaf_locator_app_ns + value: "{{ .Values.aaf_init.app_ns }}" + - name: DEPLOY_FQI + value: "deployer@people.osaaf.org" +# Note: We want to put this in Secrets or at LEAST ConfigMaps + - name: DEPLOY_PASSWORD + value: "demo123456!" +# Note: want to put this on Nodes, evenutally + - name: cadi_longitude + value: "{{ .Values.aaf_init.cadi_longitude }}" + - name: cadi_latitude + value: "{{ .Values.aaf_init.cadi_latitude }}" +# Hello specific. Clients don't don't need this, unless Registering with AAF Locator + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + containers: + - name: {{ include "common.name" . }} + command: ["bash","-c","cd /opt/app/aaf && if [ ! -d /opt/app/osaaf/etc ]; then cp -Rf etc logs /opt/app/osaaf; fi && exec bin/hello"] + image: {{ .Values.global.repository }}/{{.Values.service.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-hello-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/service.yaml new file mode 100755 index 00000000..ab89171c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.port }} + nodePort: {{ .Values.service.public_port }} + name: aaf-hello + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/values.yaml new file mode 100755 index 00000000..ea6665c6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-hello/values.yaml @@ -0,0 +1,93 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image +aaf_init: + # You might want this in your own app. For AAF, we store in global + # replicas: 1 + fqdn: "aaf-hello" + image: onap/aaf/aaf_agent:2.1.15 + app_ns: "org.osaaf.aaf" + fqi: "aaf@aaf.osaaf.org" + fqdn: "aaf-hello" + public_fqdn: "aaf.osaaf.org" + deploy_fqi: "deployer@people.osaaf.org" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + +service: + image: onap/aaf/aaf_hello:2.1.15 + port: "8130" + public_port: "31119" + +persistence: + enabled: true + config: + #existingClaim: + # You will want "Reatan" in non-Hello Example. + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 40M + storageClass: "manual" + mountPath: "/mnt/data/aaf/hello" + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 500Mi +# requests: +# cpu: 10m +# memory: 200Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 20m +# memory: 500Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/Chart.yaml new file mode 100755 index 00000000..dd0dd28e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF Locate +name: aaf-locate +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/NOTES.txt new file mode 100755 index 00000000..bd74a42c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml new file mode 100755 index 00000000..69d16121 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/deployment.yaml @@ -0,0 +1,122 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.locate.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-config-container + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + env: + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" + containers: + - name: {{ include "common.name" . }} + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"] + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.global.aaf.locate.internal_port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.global.aaf.locate.internal_port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/service.yaml new file mode 100755 index 00000000..606d9476 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.global.aaf.locate.internal_port }} + nodePort: {{ .Values.global.aaf.locate.public_port }} + name: aaf-locate + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/values.yaml new file mode 100755 index 00000000..c13f8349 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-locate/values.yaml @@ -0,0 +1,74 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-locate + type: ClusterIP + portName: aaf-locate + #targetPort + internalPort: 8095 + #port + externalPort: 31111 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 600Mi +# requests: +# cpu: 20m +# memory: 300Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 500Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/Chart.yaml new file mode 100755 index 00000000..5f31657c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF OAuth +name: aaf-oauth +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/NOTES.txt new file mode 100755 index 00000000..bd74a42c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml new file mode 100755 index 00000000..b371c865 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/deployment.yaml @@ -0,0 +1,122 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.oauth.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-config-container + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config aaf-service remove && bin/agent.sh"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + env: + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" + containers: + - name: {{ include "common.name" . }} + command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"] + image: {{ .Values.global.repository }}/{{.Values.global.aaf.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.global.aaf.oauth.internal_port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.global.aaf.oauth.internal_port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/service.yaml new file mode 100755 index 00000000..bb4a0517 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.global.aaf.oauth.internal_port }} + nodePort: {{ .Values.global.aaf.oauth.public_port }} + name: aaf-oauth + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/values.yaml new file mode 100755 index 00000000..3c29a629 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-oauth/values.yaml @@ -0,0 +1,73 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-oauth + type: ClusterIP + portName: aaf-oauth + #targetPort + internalPort: 8140 + #port + externalPort: 8140 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 400Mi +# requests: +# cpu: 20m +# memory: 200Mi +# large: +# limits: +# cpu: 400m +# memory: 600Mi +# requests: +# cpu: 40m +# memory: 200Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/.helmignore new file mode 100755 index 00000000..f0c13194 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/Chart.yaml new file mode 100755 index 00000000..e2794dcd --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP AAF Service +name: aaf-service +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml new file mode 100755 index 00000000..1c097182 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/deployment.yaml @@ -0,0 +1,129 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +spec: + replicas: {{ .Values.global.aaf.service.replicas }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-config-container + image: {{ .Values.global.repository }}/{{.Values.global.aaf.config.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["bash","-c","cd /opt/app/aaf_config && bin/pod_wait.sh config nc aaf-cass.{{ .Release.Namespace }} 9042 sleep 15 remove && bin/agent.sh"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + env: + - name: aaf_env + value: "{{ .Values.global.aaf.aaf_env }}" + - name: cadi_latitude + value: "{{ .Values.global.aaf.cadi_latitude }}" + - name: cadi_longitude + value: "{{ .Values.global.aaf.cadi_longitude }}" + - name: cadi_x509_issuers + value: "{{ .Values.global.aaf.cadi_x509_issuers }}" + - name: aaf_locate_url + value: "https://aaf-locate.{{ .Release.Namespace}}:{{.Values.global.aaf.locate.internal_port}}" + - name: aaf_locator_container + value: "oom" + - name: aaf_release + value: "{{ .Values.global.aaf.aaf_release }}" + - name: aaf_locator_container_ns + value: "{{ .Release.Namespace }}" + - name: aaf_locator_public_fqdn + value: "{{.Values.global.aaf.public_fqdn}}" + - name: aaf_locator_name + value: "{{.Values.global.aaf.aaf_locator_name}}" + - name: aaf_locator_name_oom + value: "{{.Values.global.aaf.aaf_locator_name_oom}}" + - name: cm_always_ignore_ips + value: "true" + - name: CASSANDRA_CLUSTER + value: "{{.Values.global.aaf.cass.fqdn}}.{{ .Release.Namespace }}" +# - name: CASSANDRA_USER +# value: "" +# - name: CASSANDRA_PASSWORD +# value: "" +# - name: CASSANDRA_PORT +# value: "" + containers: + - name: {{ include "common.name" . }} + command: ["/bin/bash","-c","cd /opt/app/aaf && bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"] + image: {{.Values.global.repository}}/{{.Values.global.aaf.image}} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: cm_always_ignore_ips + value: "true" + lifecycle: + preStop: + exec: + command: ["/bin/sh","-c","rm /opt/app/aaf/status/aaf-service* && echo $HOSTNAME >> aaf-service.hosts"] + volumeMounts: + - mountPath: "/opt/app/osaaf" + name: aaf-config-vol + - mountPath: "/opt/app/aaf/status" + name: aaf-status-vol + - mountPath: /etc/localtime + name: localtime + readOnly: true + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.global.aaf.service.internal_port }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.global.aaf.service.internal_port }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: aaf-status-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-status-pvc + - name: aaf-config-vol + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-config-pvc + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/service.yaml new file mode 100755 index 00000000..4a318ffc --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/templates/service.yaml @@ -0,0 +1,33 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.global.aaf.service.internal_port }} + nodePort: {{ .Values.global.aaf.service.public_port }} + name: aaf-service + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + type: "NodePort" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/values.yaml new file mode 100755 index 00000000..77f036ad --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-service/values.yaml @@ -0,0 +1,80 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + aaf: + service: + replicas: 1 + fqdn: "aaf-service" + internal_port: 8100 + public_port: 31110 +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 120 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + +service: + name: aaf-service + type: NodePort + portName: aaf-service + #targetPort + internalPort: 8100 + #port + externalPort: 31110 + +ingress: + enabled: false + +# Configure resource requests and limits +resources: {} +# Allow END users to do this, if they want. Detrimental to Test services +#resources: +# small: +# limits: +# cpu: 200m +# memory: 800Mi +# requests: +# cpu: 20m +# memory: 300Mi +# large: +# limits: +# cpu: 400m +# memory: 1Gi +# requests: +# cpu: 40m +# memory: 300Mi +# unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/Chart.yaml new file mode 100755 index 00000000..b77e08ed --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Secret Management Service +name: aaf-sms +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml new file mode 100755 index 00000000..eaf2ec4c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Secret Management Service Quorum Client +name: aaf-sms-quorumclient +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json new file mode 100755 index 00000000..3a43f000 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/resources/config/config.json @@ -0,0 +1,7 @@ +{ + "url":"https://aaf-sms.{{ include "common.namespace" . }}:10443", + "cafile": "/quorumclient/certs/aaf_root_ca.cer", + "clientcert":"client.cert", + "clientkey":"client.key", + "timeout":"10s" +} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml new file mode 100755 index 00000000..9905a3cb --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/configmap.yaml @@ -0,0 +1,26 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml new file mode 100755 index 00000000..da094981 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml new file mode 100755 index 00000000..e6aacd1b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml new file mode 100755 index 00000000..16f8092d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/templates/statefulset.yaml @@ -0,0 +1,74 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/quorumclient/bin/quorumclient"] + workingDir: /quorumclient/ + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /quorumclient/config.json + name: {{ include "common.name" .}} + subPath: config.json + - mountPath: /quorumclient/auth + name: {{ include "common.fullname" . }}-auth + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + items: + - key: config.json + path: config.json + mode: 0755 + - name: {{ include "common.fullname" . }}-auth + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml new file mode 100755 index 00000000..4dc13a56 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-quorumclient/values.yaml @@ -0,0 +1,75 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/smsquorumclient:4.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 3 + +nodeSelector: {} + +affinity: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + mountSubPath: sms/quorum/data + +ingress: + enabled: false + +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 700Mi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml new file mode 100755 index 00000000..cf8d12ca --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/Chart.yaml @@ -0,0 +1,5 @@ +apiVersion: v1 +appVersion: 0.9.5 +description: Chart to launch Vault as SMS backend +name: aaf-sms-vault +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml new file mode 100755 index 00000000..daf8cadc --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/configmap.yaml @@ -0,0 +1,41 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-vault + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.vault | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-consul + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + config.json: | + {{ .Values.config.consul | toJson }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml new file mode 100755 index 00000000..da094981 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml new file mode 100755 index 00000000..e6aacd1b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml new file mode 100755 index 00000000..04e9a5a9 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.portName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml new file mode 100755 index 00000000..ab0ad17b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/templates/statefulset.yaml @@ -0,0 +1,82 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image.vault }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["vault","server","-config","/vault/config/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + volumeMounts: + - mountPath: /vault/config/config.json + name: {{ include "common.fullname" . }}-vault + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ include "common.resources" . | indent 10 }} + - image: "{{ include "common.repository" . }}/{{ .Values.image.consul }}" + name: {{ include "common.name" . }}-backend + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["consul","agent","-server","-client","0.0.0.0","-bootstrap-expect=1","-config-file","/consul/config/config.json"] + ports: + - name: http + containerPort: 8500 + volumeMounts: + - mountPath: /consul/data + name: {{ include "common.fullname" . }}-consuldata + - mountPath: /consul/config/config.json + name: {{ include "common.fullname" . }}-consulconfiguration + subPath: config.json + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ include "common.resources" . | indent 10 }} + volumes: + - name: {{ include "common.fullname" . }}-consuldata + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-consulconfiguration + configMap: + name: {{ include "common.fullname" . }}-consul + - name: {{ include "common.fullname" . }}-vault + configMap: + name: {{ include "common.fullname" . }}-vault + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml new file mode 100755 index 00000000..360bf420 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/charts/aaf-sms-vault/values.yaml @@ -0,0 +1,111 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + persistence: {} + +# application image +repository: nexus3.onap.org:10001 +image: + consul: library/consul:1.0.6 + vault: library/vault:0.10.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +################################################################# +# Application configuration defaults. +################################################################# +config: + consul: + server: true + log_level: INFO + server: true + data_dir: '/consul/data' + ports: + http: 8500 + https: -1 + + vault: + storage: + consul: + address: localhost:8500 + path: smsvault + listener: + tcp: + address: '[::]:8200' + tls_disable: true + disable_mlock: true + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/consul/data + +service: + type: ClusterIP + name: aaf-sms-db + portName: aaf-sms-db + internalPort: 8200 + externalPort: 8200 + +ingress: + enabled: false + +flavor: small + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 700Mi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/has.json b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/has.json new file mode 100755 index 00000000..4f487712 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/has.json @@ -0,0 +1,44 @@ +{ + "domain": { + "name": "has", + "secrets": [ + { + "name": "aai", + "values": { + "username": "oof@oof.onap.org", + "password": "demo123456!" + } + }, + { + "name": "conductor_api", + "values": { + "username": "admin1", + "password": "plan.15" + } + }, + { + "name": "sdnc", + "values": { + "username": "admin", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U" + } + }, + { + "name": "music_api", + "values": { + "aafuser": "conductor", + "aafpass": "c0nduct0r", + "aafns": "conductor" + } + }, + { + "name": "aaf_api", + "values": { + "username": "aaf_admin@people.osaaf.org", + "password": "demo123456!", + "aaf_conductor_user": "oof@oof.onap.org" + } + } + ] + } +} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/osdf.json b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/osdf.json new file mode 100755 index 00000000..0950957b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/resources/config/osdf.json @@ -0,0 +1,98 @@ +{ + "domain": { + "name": "osdf", + "secrets": [ + { + "name": "so", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "conductor", + "values": { + "UserName": "admin1", + "Password": "plan.15" + } + }, + { + "name": "policyPlatform", + "values": { + "UserName": "testpdp", + "Password": "alpha123" + } + }, + { + "name": "policyClient", + "values": { + "UserName": "python", + "Password": "test" + } + }, + { + "name": "dmaap", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "sdc", + "values": { + "UserName": "NA", + "Password": "NA" + } + }, + { + "name": "osdfPlacement", + "values": { + "UserName": "test", + "Password": "testpwd" + } + }, + { + "name": "osdfPlacementSO", + "values": { + "UserName": "so_test", + "Password": "so_testpwd" + } + }, + { + "name": "osdfPlacementVFC", + "values": { + "UserName": "vfc_test", + "Password": "vfc_testpwd" + } + }, + { + "name": "osdfCMScheduler", + "values": { + "UserName": "test1", + "Password": "testpwd1" + } + }, + { + "name": "configDb", + "values": { + "UserName": "osdf", + "Password": "passwd" + } + }, + { + "name": "pciHMS", + "values": { + "UserName": "", + "Password": "" + } + }, + { + "name": "osdfPCIOpt", + "values": { + "UserName": "pci_test", + "Password": "pci_testpwd" + } + } + ] + } +} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/configmap.yaml new file mode 100755 index 00000000..b513d992 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/configmap.yaml @@ -0,0 +1,42 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + smsconfig.json: | + {{ .Values.config | toJson }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-preload + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml new file mode 100755 index 00000000..ca35fdc5 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/deployment.yaml @@ -0,0 +1,104 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "aaf-sms-vault" + - --container-name + - "aaf-sms-vault-backend" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }} + command: ["/sms/bin/sms"] + workingDir: /sms/ + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + httpGet: + port: {{ .Values.service.internalPort }} + scheme: HTTPS + path: /v1/sms/quorum/status + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + port: {{ .Values.service.internalPort }} + scheme: HTTPS + path: /v1/sms/quorum/status + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /sms/smsconfig.json + name: {{ include "common.name" .}} + subPath: smsconfig.json + - mountPath: /sms/auth + name: {{ include "common.fullname" . }}-auth + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }} + configMap: + name: {{ include "common.fullname" . }} + - name: {{ include "common.fullname" . }}-auth + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml new file mode 100755 index 00000000..a5446ab2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/job.yaml @@ -0,0 +1,92 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-preload + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/ready.py + args: + - --container-name + - "aaf-sms" + - --container-name + - "aaf-sms-quorumclient" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-preload + command: + - "/sms/bin/preload" + - "-cacert" + - "/sms/certs/aaf_root_ca.cer" + - "-jsondir" + - "/preload/config" + - "-serviceport" + - "{{ .Values.service.internalPort }}" + - "-serviceurl" + - "https://aaf-sms.{{ include "common.namespace" . }}" + workingDir: /sms + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /preload/config + name: {{ include "common.name" . }}-preload + resources: +{{ include "common.resources" . | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name : {{ include "common.name" . }}-preload + configMap: + name: {{ include "common.fullname" . }}-preload + restartPolicy: OnFailure + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml new file mode 100755 index 00000000..37ed28ee --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml new file mode 100755 index 00000000..e6aacd1b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/service.yaml new file mode 100755 index 00000000..18334a30 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.fullname" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + - name: {{ .Values.service.PortName }} + {{if eq .Values.service.type "NodePort" -}} + port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default "302" }}{{ .Values.service.nodePort }} + {{- else -}} + port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + protocol: TCP + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml new file mode 100755 index 00000000..de005ed3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sms/values.yaml @@ -0,0 +1,103 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + persistence: {} +flavor: small +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/sms:4.0.1 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + smsdbaddress: "http://aaf-sms-db:8200" + cafile: "/sms/certs/aaf_root_ca.cer" + servercert: "/sms/certs/aaf-sms.pub" + serverkey: "/sms/certs/aaf-sms.pr" + password: "c2VjcmV0bWFuYWdlbWVudHNlcnZpY2VzZWNyZXRwYXNzd29yZA==" + +# subchart configuration +vault: + nameOverride: smsdb + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 30 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 30 + +service: + type: ClusterIP + name: aaf-sms + portName: aaf-sms + internalPort: 10443 + externalPort: 10443 + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 1Gi + mountPath: /dockerdata-nfs + mountSubPath: sms/auth + +ingress: + enabled: false + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/Chart.yaml new file mode 100755 index 00000000..93b177e7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Hardware Security Components +name: aaf-sshsm +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/README.md b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/README.md new file mode 100755 index 00000000..a6f2e62c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/README.md @@ -0,0 +1,24 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Helm Chart for ONAP Hardware Security Components + +This includes the following Kubernetes services: + +1. dist-center - A service that is used to create and distribute private keys +2. abrmd - A service that manages access to the TPM device + +# Service Dependencies + +All services depend on AAF \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml new file mode 100755 index 00000000..5fd7d7cd --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Trusted Platform Module Resource Manager +name: aaf-sshsm-abrmd +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml new file mode 100755 index 00000000..61aa095e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + +{{- end -}} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml new file mode 100755 index 00000000..5618dd52 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/job.yaml @@ -0,0 +1,87 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-init + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + backoffLimit: 2 + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + restartPolicy: Never + containers: + - name: {{ include "common.name" . }}-job + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/abrmd/bin/initialize_tpm.sh"] + workingDir: /abrmd/bin + securityContext: + privileged: true + env: + - name: TPM_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: ABRMD_DATA + value: /abrmd/data + volumeMounts: + - name: {{ include "common.fullname" . }}-data + mountPath: /abrmd/data + - name: {{ include "common.fullname" . }}-tpm-device + mountPath: /dev/tpm0 + - name: {{ include "common.fullname" . }}-tpmconfig + mountPath: "/abrmd/cred/" + readOnly: true + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-data + - name: {{ include "common.fullname" . }}-tpm-device + hostPath: + path: /dev/tpm0 + - name: {{ include "common.fullname" . }}-tpmconfig + secret: + secretName: {{ .Release.Name }}-aaf-sshsm + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml new file mode 100755 index 00000000..4a1dd5c6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/templates/statefulset.yaml @@ -0,0 +1,93 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.global.tpm.enabled .Values.global.abrmd.enabled -}} + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-job-complete + command: + - /root/job_complete.py + args: + - -j + - "{{ include "common.fullname" . }}-init" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/abrmd/bin/run_abrmd.sh"] + workingDir: /abrmd/bin + securityContext: + privileged: true + volumeMounts: + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus + - name: {{ include "common.fullname" . }}-tpm-device + mountPath: /dev/tpm0 + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-dbus + persistentVolumeClaim: + claimName: {{ .Release.Name }}-aaf-sshsm-dbus + - name: {{ include "common.fullname" . }}-tpm-device + hostPath: + path: /dev/tpm0 + +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml new file mode 100755 index 00000000..1fcc1558 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-abrmd/values.yaml @@ -0,0 +1,60 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/abrmd:4.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 1 + +# TPM specific node selection is done at parent chart aaf-sshsm +nodeSelector: {} + +affinity: {} + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: small +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml new file mode 100755 index 00000000..c52f0f64 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Trusted Platform Module Distribution Center +name: aaf-sshsm-distcenter +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml new file mode 100755 index 00000000..ea0ea606 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/configmap.yaml @@ -0,0 +1,32 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} + +{{- end -}} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml new file mode 100755 index 00000000..b4a2d39b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/job.yaml @@ -0,0 +1,105 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: +{{- if .Values.global.tpm.enabled }} + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + command: + - /root/job_complete.py + args: + - -j + - "{{ .Release.Name }}-aaf-sshsm-abrmd-init" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace +{{ else }} + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-gen-passphrase + command: ["sh", "-c", "/usr/bin/openssl rand -base64 12 >/distcenter/data/passphrase"] + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-data + mountPath: /distcenter/data +{{- end }} + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/entrypoint.sh"] + workingDir: /distcenter + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-data + mountPath: /distcenter/data + resources: +{{ toYaml .Values.resources | indent 10 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ include "common.namespace" . }}-aaf-sshsm-data + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml new file mode 100755 index 00000000..fa5fd16c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pv.yaml @@ -0,0 +1,41 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} + +{{- end -}} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml new file mode 100755 index 00000000..6497639a --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/templates/pvc.yaml @@ -0,0 +1,51 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.distcenter.enabled -}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} +{{- end -}} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml new file mode 100755 index 00000000..e8d2f7ec --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-distcenter/values.yaml @@ -0,0 +1,69 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/distcenter:4.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + mountSubPath: sshsm/distcenter/data + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: small +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml new file mode 100755 index 00000000..774de91e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Trusted Platform Module Test CA Service +name: aaf-sshsm-testca +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml new file mode 100755 index 00000000..f905e04c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/templates/job.yaml @@ -0,0 +1,130 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if .Values.global.testca.enabled -}} + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + serviceName: + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-distcenter-ready + command: + - /root/job_complete.py + args: + - -j + - "{{ include "common.namespace" . }}-aaf-sshsm-distcenter" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace +{{- if .Values.global.tpm.enabled }} + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-abrmd-ready + command: ["sh", "/sshsm/bin/abrmd_ready.sh", "300"] + workingDir: /testca/bin + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + volumeMounts: + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus +{{- end }} + containers: + - image: "{{ include "common.repository" . }}/{{ .Values.image }}" + name: {{ include "common.name" . }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["./import.sh"] + workingDir: /testca/bin + env: +{{- if .Values.global.tpm.enabled }} + - name: TPM_NODE_NAME + valueFrom: + fieldRef: + fieldPath: spec.nodeName + - name: DATA_FOLDER + value: /testca/data/host_$(TPM_NODE_NAME) +{{ else }} + - name: DATA_FOLDER + value: /testca/data +{{- end }} + - name: SECRETS_FOLDER + value: /testca/secrets + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: {{ include "common.fullname" . }}-data + mountPath: /testca/data + - name: {{ include "common.fullname" . }}-dbus + mountPath: /var/run/dbus + - name: {{ include "common.fullname" . }}-secrets + mountPath: /testca/secrets + readOnly: true + resources: +{{ toYaml .Values.resources | indent 10 }} + nodeSelector: + {{- if .Values.nodeSelector }} +{{ toYaml .Values.nodeSelector | indent 8 }} + {{- end -}} + {{- if .Values.global.tpm.enabled }} + {{ (printf "%s: \"%s\"" .Values.global.tpm.nodeLabel .Values.global.tpm.nodeLabelValue) }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 8 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ include "common.namespace" . }}-aaf-sshsm-data + - name: {{ include "common.fullname" . }}-dbus + persistentVolumeClaim: + claimName: {{ include "common.namespace" . }}-aaf-sshsm-dbus + - name: {{ include "common.fullname" . }}-secrets + secret: + secretName: {{ include "common.namespace" . }}-aaf-sshsm + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml new file mode 100755 index 00000000..5c3618d2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/charts/aaf-sshsm-testca/values.yaml @@ -0,0 +1,61 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# + +enabled: true + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/aaf/testcaservice:4.0.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +ingress: + enabled: false + +# Configure resource requests and limits +flavor: small +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/requirements.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/requirements.yaml new file mode 100755 index 00000000..e6ac00b2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~5.x-0 + repository: '@local' diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/prk_passwd b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/prk_passwd new file mode 100755 index 00000000..640b3258 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/prk_passwd @@ -0,0 +1 @@ +cHJpbWFyeXBhc3N3b3JkCg== diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/srk_handle b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/srk_handle new file mode 100755 index 00000000..b8b9d8dd --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/resources/config/srk_handle @@ -0,0 +1 @@ +MHg4MTAwMDAyMwo= diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml new file mode 100755 index 00000000..b4d283f1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pv.yaml @@ -0,0 +1,57 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-data +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dataMountSubPath }} +--- +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-dbus + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }}-dbus +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.dbusMountSubPath }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pvc.yaml new file mode 100755 index 00000000..c50a0bc5 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/pvc.yaml @@ -0,0 +1,79 @@ +{{/* +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-data + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-data + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +--- +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }}-dbus + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }}-dbus + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/secret.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/secret.yaml new file mode 100755 index 00000000..50b6f36c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/templates/secret.yaml @@ -0,0 +1,22 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} +type: Opaque +data: +{{ (.Files.Glob "resources/config/*").AsSecrets | indent 2 }} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml new file mode 100755 index 00000000..2d20d579 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/charts/aaf-sshsm/values.yaml @@ -0,0 +1,65 @@ +# Copyright 2018 Intel Corporation, Inc +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuInitRepository: oomk8s + ubuntuInitImage: ubuntu-init:1.0.0 + tpm: + enabled: false + # if enabled, nodeselector will use the below + # values in the nodeselector section of the pod + nodeLabel: "tpm-node" + nodeLabelValue: "true" + abrmd: + enabled: true + distcenter: + enabled: true + testca: + enabled: true + persistence: {} + +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Mi + mountPath: /dockerdata-nfs + dataMountSubPath: sshsm/data + dbusMountSubPath: sshsm/dbus + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 10Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 10m + memory: 100Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/requirements.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/requirements.yaml new file mode 100755 index 00000000..e39a2c35 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/requirements.yaml @@ -0,0 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: ric-common + version: ~2.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml new file mode 100755 index 00000000..9a1e8020 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-config + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.config.size}} + accessModes: + - {{ .Values.persistence.config.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.config.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.config.mountPath }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pvc.yaml new file mode 100755 index 00000000..b22df6d4 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-config-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-config-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-config + accessModes: + - {{ .Values.persistence.config.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.config.size }} +{{- if .Values.persistence.config.storageClass }} +{{- if (eq "-" .Values.persistence.config.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.config.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml new file mode 100755 index 00000000..b8d12c5c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pv.yaml @@ -0,0 +1,48 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## + +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status-pv + namespace: {{ include "common.namespace" . }} + labels: + app: {{ .Chart.Name }}-status + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.status.size}} + accessModes: + - {{ .Values.persistence.status.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.status.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.persistence.status.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.status.mountSubPath }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pvc.yaml new file mode 100755 index 00000000..870ac9c8 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/templates/aaf-status-pvc.yaml @@ -0,0 +1,52 @@ +{{- if and .Values.global.persistence.enabled (not .Values.persistence.existingClaim) -}} +######### +## ============LICENSE_START==================================================== +## org.onap.aaf +## =========================================================================== +## Copyright (c) 2017 AT&T Intellectual Property. All rights reserved. +## =========================================================================== +## Licensed under the Apache License, Version 2.0 (the "License"); +## you may not use this file except in compliance with the License. +## You may obtain a copy of the License at +## +## http://www.apache.org/licenses/LICENSE-2.0 +## +## Unless required by applicable law or agreed to in writing, software +## distributed under the License is distributed on an "AS IS" BASIS, +## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +## See the License for the specific language governing permissions and +## limitations under the License. +## ============LICENSE_END==================================================== +## +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ .Release.Name }}-aaf-status-pvc + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + app: {{ include "common.name" . }}-status + accessModes: + - {{ .Values.persistence.status.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.status.size }} +{{- if .Values.persistence.status.storageClass }} +{{- if (eq "-" .Values.persistence.status.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.status.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/aaf/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/aaf/values.yaml new file mode 100755 index 00000000..0109a5e9 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/aaf/values.yaml @@ -0,0 +1,157 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.2 + ubuntuInitRepository: registry.hub.docker.com + ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 + persistence: + enabled: true + # Standard OOM + pullPolicy: "Always" + repository: "nexus3.onap.org:10001" + + # Use Local + #pullPolicy: IfNotPresent + #repository: "nexus3.onap.org:10003" + + aaf: + readiness: false + image: onap/aaf/aaf_core:2.1.15 + aaf_env: "DEV" + public_fqdn: "aaf.osaaf.org" + aaf_release: "El Alto" + # DUBLIN ONLY - for M4 compatibility with Casablanca + # aaf_locator_name: "public.%NS.%N" + # aaf_locator_name_oom: "%NS.%N" + # EL ALTO and Beyond + aaf_locator_name: "%NS.%N" + aaf_locator_name_oom: "%CNS.%NS.%N" + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + cadi_x509_issuers: "CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US" + + config: + image: onap/aaf/aaf_config:2.1.15 + cass: + replicas: 1 + image: onap/aaf/aaf_cass:2.1.15 + fqdn: "aaf-cass" + cluster_name: "osaaf" + heap_new_size: "512M" + max_heap_size: "1024M" + storage_port: 7000 + ssl_storage_port: 7001 + native_trans_port: 9042 + rpc_port: 9160 + dc: "dc1" + service: + replicas: 1 + fqdn: "aaf-service" + internal_port: 8100 + public_port: 31110 + locate: + replicas: 1 + fqdn: "aaf-locate" + internal_port: 8095 + public_port: 31111 + oauth: + replicas: 1 + fqdn: "aaf0oauth" + internal_port: 8140 + public_port: 31112 + gui: + replicas: 1 + fqdn: "aaf-gui" + internal_port: 8200 + public_port: 31113 + cm: + replicas: 1 + fqdn: "aaf-cm" + internal_port: 8150 + public_port: 31114 + fs: + replicas: 1 + fqdn: "aaf-fs" + internal_port: 8096 + public_port: 31115 + hello: + replicas: 0 + +################################################################# +# Application configuration defaults. +################################################################# + +flavor: small +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 350 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 150 + periodSeconds: 10 + +ingress: + enabled: false + +## Persist data to a persitent volume +persistence: + enabled: true + config: + #existingClaim: + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 2Gi + storageClass: "manual" + mountPath: "/mnt/data/aaf/config" + logs: + #existingClaim: + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + storageClass: "manual" + mountPath: "/mnt/data/aaf/logs" + status: + volumeReclaimPolicy: Delete + accessMode: ReadWriteMany + size: 2M + storageClass: "manual" + mountPath: /dockerdata-nfs + mountSubPath: "status" + cass: + #existingClaim: + volumeReclaimPolicy: Retain + accessMode: ReadWriteOnce + size: 10Gi + storageClass: "manual" + mountPath: /dockerdata-nfs + mountSubPath: "cass" + +resources: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml new file mode 100644 index 00000000..fa2ed656 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/Chart.yaml @@ -0,0 +1,23 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +name: onap +version: 5.0.0 +appVersion: El Alto +description: Open Network Automation Platform (ONAP) +home: https://www.onap.org/ +sources: +- https://gerrit.onap.org/r/#/admin/projects/ +icon: https://wiki.onap.org/download/thumbnails/1015829/onap_704x271%20copy.png?version=1&modificationDate=1488326334000&api=v2 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml new file mode 100755 index 00000000..6c65cd4b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Referencing a named repo called 'local'. +# Can add this repo by running commands like: +# > helm serve +# > helm repo add local http://127.0.0.1:8879 +dependencies: + - name: ric-common + version: ~2.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml new file mode 100644 index 00000000..fa8619ed --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/dev.yaml @@ -0,0 +1,144 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration overrides. +# +# These overrides will affect all helm charts (ie. applications) +# that are listed below and are 'enabled'. +################################################################# +global: + # Change to an unused port prefix range to prevent port conflicts + # with other instances running within the same k8s cluster + nodePortPrefix: 302 + nodePortPrefixExt: 304 + + # ONAP Repository + # Uncomment the following to enable the use of a single docker + # repository but ONLY if your repository mirrors all ONAP + # docker images. This includes all images from dockerhub and + # any other repository that hosts images for ONAP components. + #repository: nexus3.onap.org:10001 + + # readiness check - temporary repo until images migrated to nexus3 + readinessRepository: oomk8s + # logging agent - temporary repo until images migrated to nexus3 + loggingRepository: docker.elastic.co + + # image pull policy + pullPolicy: IfNotPresent + + # override default mount path root directory + # referenced by persistent volumes and log files + persistence: + mountPath: /dockerdata-nfs + + # flag to enable debugging - application support required + debugEnabled: true + +################################################################# +# Enable/disable and configure helm charts (ie. applications) +# to customize the ONAP deployment. +################################################################# +aaf: + enabled: false +aai: + enabled: false + aai-cassandra: + replicaCount: 1 +appc: + enabled: false +cassandra: + enabled: false + replicaCount: 1 +clamp: + enabled: false +cli: + enabled: false +consul: + enabled: false +contrib: + enabled: false +dcaegen2: + enabled: false +dmaap: + enabled: false +esr: + enabled: false +log: + enabled: false + log-logstash: + replicaCount: 1 +sniro-emulator: + enabled: false +oof: + enabled: false +mariadb-galera: + enabled: false +msb: + enabled: false +multicloud: + enabled: false +nbi: + enabled: false +policy: + enabled: false +pomba: + enabled: false +portal: + enabled: false +robot: + enabled: true +sdc: + enabled: false +sdnc: + enabled: false + + replicaCount: 1 + + mysql: + replicaCount: 1 +so: + enabled: false + + replicaCount: 1 + + liveness: + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + + # so server configuration + config: + # message router configuration + dmaapTopic: "AUTO" + # openstack configuration + openStackUserName: "vnf_user" + openStackRegion: "RegionOne" + openStackKeyStoneUrl: "http://1.2.3.4:5000" + openStackServiceTenantName: "service" + openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" + + # configure embedded mariadb + mariadb: + config: + mariadbRootPassword: password +uui: + enabled: false +vfc: + enabled: false +vid: + enabled: false +vnfsdk: + enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml new file mode 100644 index 00000000..27588fa4 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/disable-allcharts.yaml @@ -0,0 +1,85 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# This override file is useful to test one or more subcharts. +# It overrides the default ONAP parent chart behaviour to deploy +# all of ONAP. +# +# Example use to enable a single subchart (from this directory): +# +# helm install local/onap -n onap --namespace onap -f disable-allcharts.yaml --set so.enabled=true + +################################################################# +# Enable/disable and configure helm charts (ie. applications) +# to customize the ONAP deployment. +################################################################# +aaf: + enabled: false +aai: + enabled: false +appc: + enabled: false +cassandra: + enabled: false +clamp: + enabled: false +cli: + enabled: false +consul: + enabled: false +contrib: + enabled: false +dcaegen2: + enabled: false +dmaap: + enabled: false +esr: + enabled: false +log: + enabled: false +sniro-emulator: + enabled: false +mariadb-galera: + enabled: false +msb: + enabled: false +multicloud: + enabled: false +nbi: + enabled: false +oof: + enabled: false +policy: + enabled: false +pomba: + enabled: false +portal: + enabled: false +robot: + enabled: false +sdc: + enabled: false +sdnc: + enabled: false +so: + enabled: false +uui: + enabled: false +vfc: + enabled: false +vid: + enabled: false +vnfsdk: + enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml new file mode 100644 index 00000000..989174c1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/minimal-onap.yaml @@ -0,0 +1,178 @@ +# Copyright © 2017 Amdocs, Bell Canada, Orange +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# This override file is used to deploy a minmal configuration to +# to onboard and deploy a VNF. +# It includes the following components: +# A&AI, DMAAP, Portal, Robot, SDC, SDNC, SO, VID +# +# Minimal resources are also reviewed for the various containers +# A&AI: no override => to be fixed +# DMAAP: no override +# Portal: new values +# Robot: new values +# SO: no override +# SDC: new values +# SDNC: no override +# VID: no override +# +# Replica are set to 1 (A&AI Cassandra) +# +# In addition, some parameters are set to limit the memory footprint +# +# It overrides the default ONAP parent chart behaviour to deploy +# all of ONAP. +# +# helm deploy minimal local/onap --namespace onap -f minimal-onap.yaml + +################################################################# +# Minimal ONAP deployment to onboard and deploy a VNF +################################################################# +aai: + enabled: true + global: + cassandra: + replicas: 1 + aai-cassandra: + replicaCount: 1 +aaf: + enabled: false +appc: + enabled: false +cassandra: + enabled: false + replicaCount: 1 +clamp: + enabled: false +cli: + enabled: false +consul: + enabled: false +contrib: + enabled: false +dcaegen2: + enabled: false +dmaap: + enabled: true +esr: + enabled: false +log: + enabled: false +mariadb-galera: + enabled: true +msb: + enabled: false +multicloud: + enabled: false +nbi: + enabled: false +oof: + enabled: false +policy: + enabled: false +pomba: + enabled: false +portal: + enabled: true + portal-cassandra: + config: + cassandraJvmOpts: "-Xmx512m -Xms256m" + resources: + small: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 100m + memory: 1Gi + portal-app: + resources: + small: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 100m + memory: 1Gi + resources: + portal-mariaddb: + resources: + small: + limits: + cpu: 800m + memory: 1Gi + requests: + cpu: 100m + memory: 500Mi + portal-widget: + resources: + small: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 100m + memory: 500Mi +robot: + enabled: true + config: + openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD" + resources: + small: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 10m + memory: 100Mi +sdc: + enabled: true + sdc-be: + config: + javaOptions: "-Xdebug -agentlib:jdwp=transport=dt_socket,address=4000,server=y,suspend=n -Xmx512m -Xms256m" + sdc-fe: + resources: + small: + limits: + cpu: 1 + memory: 2Gi + requests: + cpu: 10m + memory: 500Mi + sdc-cs: + config: + maxHeapSize: "512M" + heapNewSize: "256M" +sdnc: + enabled: true +sniro-emulator: + enabled: false +so: + enabled: true + config: + # openstack configuration + openStackUserName: "$OPENSTACK_USER_NAME" + openStackRegion: "$OPENSTACK_REGION" + openStackKeyStoneUrl: "$OPENSTACK_KEYSTONE_URL" + openStackServiceTenantName: "$OPENSTACK_TENANT_NAME" + openStackEncryptedPasswordHere: "$OPENSTACK_ENCRYPTED_PASSWORD" +uui: + enabled: false +vid: + enabled: true +vfc: + enabled: false +vnfsdk: + enabled: false diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml new file mode 100644 index 00000000..2d4360c5 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/environments/public-cloud.yaml @@ -0,0 +1,162 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration overrides. +# +# These overrides will affect all helm charts (ie. applications) +# that are listed below and are 'enabled'. +# +# +# This is specifically for the environments which take time to +# deploy ONAP. This increase in timeouts prevents restarting of +# the pods thereby the components will be deployed without error. +################################################################# +aaf: + aaf-cs: + liveness: + initialDelaySeconds: 240 + readiness: + initialDelaySeconds: 240 + aaf-gui: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + aaf-oauth: + liveness: + initialDelaySeconds: 300 + readiness: + initialDelaySeconds: 300 + aaf-service: + liveness: + initialDelaySeconds: 300 + readiness: + initialDelaySeconds: 300 +aai: + aai-champ: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +cassandra: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +clamp: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 +dcaegen2: + dcae-cloudify-manager: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +dmaap: + dmaap-bus-controller: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + message-router: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + dmaap-dr-prov: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + dmaap-dr-node: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + +portal: + portal-app: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 +sdc: + sdc-be: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + sdc-cs: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + sdc-es: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 120 + sdc-onboarding-be: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +sdnc: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 + + dmaap-listener: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + sdnc-ansible-server: + readiness: + initialDelaySeconds: 120 + sdnc-portal: + readiness: + initialDelaySeconds: 120 + ueb-listener: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 + +so: + liveness: + initialDelaySeconds: 120 + so-mariadb: + liveness: + initialDelaySeconds: 900 + readiness: + initialDelaySeconds: 900 + +uui: + uui-server: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +mariadb-galera: + mariadb-galera-server: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml new file mode 100644 index 00000000..75ce8e52 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/environment.yaml @@ -0,0 +1,225 @@ +# Copyright © 2017,2019 Amdocs, AT&T , Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# +# These overrides will affect all helm charts (ie. applications) +# that are listed below and are 'enabled'. +# +# +# This is specifically for the environments which take time to +# deploy ONAP. This increase in timeouts prevents false restarting of +# the pods during startup configuration. +# +# These timers have been tuned by the ONAP integration team. They +# have been tested and validated in the ONAP integration lab (Intel/Windriver lab). +# They are however indicative and may be adapted to your environment as they +# depend on the performance of the infrastructure you are installing ONAP on. +# +# Please note that these timers must remain reasonable, in other words, if +# your infrastructure is not performant enough, extending the timers to very +# large value may not fix all installation issues on over subscribed hardware. +# +################################################################# +aaf: + aaf-cs: + liveness: + initialDelaySeconds: 240 + readiness: + initialDelaySeconds: 240 + aaf-gui: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + aaf-oauth: + liveness: + initialDelaySeconds: 300 + readiness: + initialDelaySeconds: 300 + aaf-service: + liveness: + initialDelaySeconds: 300 + readiness: + initialDelaySeconds: 300 +aai: + liveness: + initialDelaySeconds: 120 + aai-champ: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + aai-data-router: + liveness: + initialDelaySeconds: 120 + aai-sparky-be: + liveness: + initialDelaySeconds: 120 + aai-spike: + liveness: + initialDelaySeconds: 120 + aai-cassandra: + liveness: + periodSeconds: 120 + readiness: + periodSeconds: 60 +appc: + mariadb-galera: + liveness: + initialDelaySeconds: 180 + periodSeconds: 60 +cassandra: + liveness: + initialDelaySeconds: 120 + periodSeconds: 120 + readiness: + initialDelaySeconds: 120 + periodSeconds: 60 +clamp: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 +dcaegen2: + dcae-cloudify-manager: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +dmaap: + dmaap-bus-controller: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + message-router: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + dmaap-dr-prov: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + mariadb: + liveness: + initialDelaySeconds: 180 + periodSeconds: 60 + dmaap-dr-node: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +mariadb-galera: + liveness: + initialDelaySeconds: 180 + periodSeconds: 60 + mariadb-galera-server: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +modeling: + mariadb-galera: + liveness: + initialDelaySeconds: 180 + periodSeconds: 60 +oof: + oof-has: + music: + music-cassandra: + liveness: + periodSeconds: 120 + readiness: + periodSeconds: 60 +portal: + portal-app: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 + portal-cassandra: + liveness: + periodSeconds: 120 + readiness: + periodSeconds: 60 +sdc: + sdc-be: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + sdc-cs: + liveness: + initialDelaySeconds: 120 + periodSeconds: 120 + readiness: + initialDelaySeconds: 120 + periodSeconds: 60 + sdc-es: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 120 + sdc-onboarding-be: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +sdnc: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 + dmaap-listener: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 + mariadb-galera: + liveness: + initialDelaySeconds: 180 + periodSeconds: 60 + sdnc-ansible-server: + readiness: + initialDelaySeconds: 120 + sdnc-portal: + readiness: + initialDelaySeconds: 120 + ueb-listener: + liveness: + initialDelaySeconds: 60 + readiness: + initialDelaySeconds: 60 +so: + liveness: + initialDelaySeconds: 120 + mariadb: + liveness: + initialDelaySeconds: 900 + readiness: + initialDelaySeconds: 900 +uui: + uui-server: + liveness: + initialDelaySeconds: 120 + readiness: + initialDelaySeconds: 120 +vfc: + mariadb-galera: + liveness: + initialDelaySeconds: 180 + periodSeconds: 60 diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml new file mode 100644 index 00000000..ee272695 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all-ingress-nginx.yaml @@ -0,0 +1,80 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################### +# This override file enables helm charts for all ONAP applications. +################################################################### +cassandra: + enabled: true +mariadb-galera: + enabled: true + +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: true +clamp: + enabled: true +cli: + enabled: true +consul: + enabled: true +contrib: + enabled: true +dcaegen2: + enabled: true +dmaap: + enabled: true +esr: + enabled: true +log: + enabled: true +sniro-emulator: + enabled: true +oof: + enabled: true +msb: + enabled: true +multicloud: + enabled: true +nbi: + enabled: true +policy: + enabled: true +pomba: + enabled: true +portal: + enabled: true +robot: + enabled: true +sdc: + enabled: true +sdnc: + enabled: true +so: + enabled: true +uui: + enabled: true +vfc: + enabled: true +vid: + enabled: true + ingress: + enabled: true +vnfsdk: + enabled: true +nginx-ingress: + enabled: true diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml new file mode 100644 index 00000000..04fbc97f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-all.yaml @@ -0,0 +1,78 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################### +# This override file enables helm charts for all ONAP applications. +################################################################### +cassandra: + enabled: true +mariadb-galera: + enabled: true + +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: true +clamp: + enabled: true +cli: + enabled: true +consul: + enabled: true +contrib: + enabled: true +dcaegen2: + enabled: true +dmaap: + enabled: true +esr: + enabled: true +log: + enabled: true +sniro-emulator: + enabled: true +oof: + enabled: true +msb: + enabled: true +multicloud: + enabled: true +nbi: + enabled: true +policy: + enabled: true +pomba: + enabled: true +portal: + enabled: true +robot: + enabled: true +sdc: + enabled: true +sdnc: + enabled: true +so: + enabled: true +uui: + enabled: true +vfc: + enabled: true +vid: + enabled: true +vnfsdk: + enabled: true +modeling: + enabled: true diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml new file mode 100644 index 00000000..323961fb --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/onap-vfw.yaml @@ -0,0 +1,55 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################### +# This override file enables ONAP Application helm charts for the +# vFW use case. +################################################################### +cassandra: + enabled: true +mariadb-galera: + enabled: true + +aaf: + enabled: true +aai: + enabled: true +appc: + enabled: true +clamp: + enabled: true +consul: + enabled: true +dcaegen2: + enabled: true +dmaap: + enabled: true +log: + enabled: true +oof: + enabled: true +msb: + enabled: true +policy: + enabled: true +portal: + enabled: true +robot: + enabled: true +sdc: + enabled: true +sdnc: + enabled: true +so: + enabled: true \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml new file mode 100644 index 00000000..a8294d24 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/resources/overrides/openstack.yaml @@ -0,0 +1,62 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# This override file configures openstack parameters for ONAP +################################################################# +appc: + config: + enableClustering: false + openStackType: "OpenStackProvider" + openStackName: "OpenStack" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackServiceTenantName: "OPENSTACK_TENANTNAME_HERE" + openStackDomain: "Default" + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackEncryptedPassword: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +robot: + appcUsername: "appc@appc.onap.org" + appcPassword: "demo123456!" + openStackKeyStoneUrl: "http://10.12.25.2:5000" + openStackPublicNetId: "971040b2-7059-49dc-b220-4fab50cb2ad4" + openStackTenantId: "09d8566ea45e43aa974cf447ed591d77" + openStackUserName: "OPENSTACK_USERNAME_HERE" + ubuntu14Image: "ubuntu-14-04-cloud-amd64" + ubuntu16Image: "ubuntu-16-04-cloud-amd64" + openStackPrivateNetId: "c7824f00-bef7-4864-81b9-f6c3afabd313" + openStackPrivateSubnetId: "2a0e8888-f93e-4615-8d28-fc3d4d087fc3" + openStackPrivateNetCidr: "10.0.0.0/16" + openStackSecurityGroup: "3a7a1e7e-6d15-4264-835d-fab1ae81e8b0" + openStackOamNetworkCidrPrefix: "10.0" + dcaeCollectorIp: "10.12.6.88" + vnfPubKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDKXDgoo3+WOqcUG8/5uUbk81+yczgwC4Y8ywTmuQqbNxlY1oQ0YxdMUqUnhitSXs5S/yRuAVOYHwGg2mCs20oAINrP+mxBI544AMIb9itPjCtgqtE2EWo6MmnFGbHB4Sx3XioE7F4VPsh7japsIwzOjbrQe+Mua1TGQ5d4nfEOQaaglXLLPFfuc7WbhbJbK6Q7rHqZfRcOwAMXgDoBqlyqKeiKwnumddo2RyNT8ljYmvB6buz7KnMinzo7qB0uktVT05FH9Rg0CTWH5norlG5qXgP2aukL0gk1ph8iAt7uYLf1ktp+LJI2gaF6L0/qli9EmVCSLr1uJ38Q8CBflhkh" + demoArtifactsVersion: "1.4.0-SNAPSHOT" + demoArtifactsRepoUrl: "https://nexus.onap.org/content/repositories/releases" + scriptVersion: "1.4.0-SNAPSHOT" + rancherIpAddress: "10.12.5.127" + config: + # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +so: + # so server configuration + so-catalog-db-adapter: + config: + openStackUserName: "OPENSTACK_USERNAME_HERE" + openStackKeyStoneUrl: "http://10.12.25.2:5000/v2.0" + openStackEncryptedPasswordHere: "XXXXXXXXXXXXXXXXXXXXXXXX_OPENSTACK_ENCRYPTED_PASSWORD_HERE_XXXXXXXXXXXXXXXX" +nbi: + config: + # openstack configuration + openStackRegion: "Yolo" + openStackVNFTenantId: "1234" \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl new file mode 100755 index 00000000..1c9fad67 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/_helper.tpl @@ -0,0 +1,33 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + + +{{/* + Resolve the image repository secret token. + The value for .Values.global.repositoryCred is used: + repositoryCred: + user: user + password: password + mail: email (optional) +*/}} +{{- define "common.repository.secret" -}} + {{- $repo := include "common.repository" . }} + {{- $repo := default "nexus3.onap.org:10001" $repo }} + {{- $cred := .Values.global.repositoryCred }} + {{- $mail := default "@" $cred.mail }} + {{- $auth := printf "%s:%s" $cred.user $cred.password | b64enc }} + {{- printf "{\"%s\":{\"username\":\"%s\",\"password\":\"%s\",\"email\":\"%s\",\"auth\":\"%s\"}}" $repo $cred.user $cred.password $mail $auth | b64enc -}} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml new file mode 100644 index 00000000..fbe9a5b0 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/clusterrolebinding.yaml @@ -0,0 +1,32 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: rbac.authorization.k8s.io/v1beta1 +kind: ClusterRoleBinding +metadata: + name: {{ include "common.namespace" . }}-binding + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: cluster-admin +subjects: + - kind: ServiceAccount + name: default + namespace: {{ include "common.namespace" . }} \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml new file mode 100644 index 00000000..145b55f3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/secrets.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.namespace" . }}-docker-registry-key + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: + .dockercfg: {{ include "common.repository.secret" . }} +type: kubernetes.io/dockercfg diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml new file mode 100644 index 00000000..5418da78 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/templates/storageclass.yaml @@ -0,0 +1,34 @@ +{{/* +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{ if .Values.global.persistence.enableDefaultStorageclass }} +kind: StorageClass +apiVersion: storage.k8s.io/v1 +metadata: + name: "{{ include "common.namespace" . }}-default-storageclass" + namespace: {{ include "common.namespace" . }} + annotations: + storageclass.kubernetes.io/is-default-class: "true" + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +provisioner: {{ .Values.global.persistence.storageclassProvisioner }} +reclaimPolicy: {{ .Values.global.persistence.volumeReclaimPolicy }} +parameters: +{{ toYaml .Values.global.persistence.parameters | indent 2 }} +{{ end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml new file mode 100755 index 00000000..bf4c096e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/onap/values.yaml @@ -0,0 +1,23 @@ +# Copyright © 2019 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +global: + # default mount path root directory referenced + # by persistent volumes and log files + persistence: + mountPath: /dockerdata-nfs + enableDefaultStorageclass: false + parameters: {} + storageclassProvisioner: kubernetes.io/no-provisioner + volumeReclaimPolicy: Retain diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/.helmignore new file mode 100755 index 00000000..a2518729 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/.helmignore @@ -0,0 +1,24 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj + +# docker folder +docker/ diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/Chart.yaml new file mode 100755 index 00000000..f621d10c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Web Portal +name: portal +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/Chart.yaml new file mode 100755 index 00000000..84e67beb --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: ONAP Portal application +name: portal-app +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/certs/keystoreONAPPortal.p12 new file mode 100755 index 0000000000000000000000000000000000000000..9f52189096463ce922331a53de0366ddca8cde52 GIT binary patch literal 4175 zcmY*bXE+-S*A{}HXo;Fd@KCX0Z`Dw$_TF2JYK$1QN$lENl^R7`BP#Z46jh_tsNLG5 zlnS+KS*MVVfYLf!UV3?ag3My#a!?;sg041OVLw^j! z&>z4s^m{N2dE$RjvF|`^OcpRO9B3>Gnrrqf|Bm@ordnjiGk(=~M^U8s?_9Y5btKlz*`N%db@5$i$ z%+IY=riiy3WqDF{og@4T0evC0;LQ%fU0+S4+8AB$Kk)DI-1~gCHFf{Q6=yKgpJbgy zgh25q5hcE&nQx{@a*1V$NPKP+)FI?Lm|r6szuV)%N>b0S->?4AJJp zZ|R?*DHqyn{9rmtBYSk+$Wde_^0f=_o`Fx6K6wwM7Ay z3+HBc?e(@WM}-S#%U^*46J&S^?VIPH_w0SvWaQ-Md7FA0lc;MjDG%ZsUy?%%{PRm+-0ALQ=O9-N#LHJEIdXF#wLEkkF`{EWkVjp! z8YB`94M8CF(-?w@7N^Z-kMO!Hk8=9)Sw@9Vd-U>*<%VDaZ*yF9%>RRn?QFei| z1Q~yX~1a&6t$xt%a9ZAvD7RD7^F zccZ5Wh$U)A6!9FIcnlljJ(_w74ln9U_J+^QZ;^qP4F%e7`)%xTGXmn@sTZnvJg-4} zi#xy+|8132U~y4SVGO}uCUVm{Pl7Cew5;qv+KVl|vFp$B- z1Bu`kmzI{6l#!H_k&=^_hGD2}{yjuVQG%h?{R?T40!aQQ_pJ4zZ^Jrngh7h zJy+pSgBf!k|{CWJb`?nhrhyF7OS$ZU#6Jh&Bd>~nZFx}AKi0Z z`zIT!%k?_aC~Wm!7pa&4PGqlZW zrU|&jI;j}T7%Qb3P6)7mnvnGMzGDvf7~#`esT5dMkkl->{4@Y3sN8(nNWC1o$Ui!g zKIJ{81XliFJ>Rk2AUpirj9HBnF7JafUiff(X)5a*-TRB`vEYpN%oxFNWN={RJ1w_? zf{`Fduc<^%fly1?ICi%D%|xL|`p>~aH#@2W#Gvd=i2wF`Yip3|>eZtkO@i!F!&*nX z%(TI$JEK2e8p&3F2h8dYJT!Eku~W;p4mTs;VSBx&uin>C_a~+Riw%o-wei#5*Ga*| z)oLy6_lr!X;y_;RzOAZMbDH#8H2)%Z_?KxtX^_(QHP+=Y7Y9a1;IBA4%h~HdA>#2rF1&jjD02>vhW|nCQ2{l z?7ig_Ovq@0X_oWQ=yPh`YH<6&ag-^q2JL2eFxdE-W{$(JcA7B&$MJE(I9OtmUXs?b zh5iFr_azfl-5ZL+N4bokN~Z4GskJvmb@Nf_*M7D{wOI^J>Exy^A;g8+gH{M*vTFLu zO2^(_F?w{&*&2|Zl?t~Y0fz)D@7q<8FYjEly@?>D<|z)QRk*DD>PUYjuLjD4B;9r8 zcDsaD>vPRwjnj6t)O*j1#_>O5ZhMZFF&>U+N(EcC8&lPo6-)FPa62?lAVbMRDYjfb zw-q(-R3M3sDC2XyP5Bq6Qu&6L4>`1U#Bjc|_kpwgW9OFvYazI%9o5#gtLNQ$fpfvZ zkM;}5ga@kb*zQO!2#qcsm~)TMPxTRm_Aqc57hORyxr6nlk~1@!8tmiOD_Iq;^Y z$Hlx)vOY*XXir9Mcf(DsvmWvH(Wv99_xGO==Z)fSb+gO|L+&m|bVU_ZqsRGb3?Q0w zhb*lZ4chOU*ZLN0zUX{Hjw#L~g9H_2aj zH6G#eDm0%Mq9Y%33&D63Y&-^J7U@c!+;4&@oppu$ z&lCXj?qae|!qAY1h-`6^ETf`>#fC~-7(UrB#=d0)V*E0l;!LE`W_=AMXum!>EAm{K z1sz5X>70QiquHjEzuu9GADkZO(>HO>T!ji6C`NqBBJViJB6_cfOIRtIfEH_b-RHJ% zo(G70&A4K4+|<3k&XLh!wYd%vO9j0vTe&dcW<&-Kq_hWAMyC-MW-Z#JecIWqm|Q5l zl2R;L`VcN6cLn0=H^#GuPC1qz(hEnTZ!Iu&l^Fkk2r(b=Pd(oA>UU@H$(0> zv{40Ck-dsj{|AY}hw#t;yMAa!rxVDBD)c=Ilyl|WUp8|Po{lS^Vp7@cxL(0T#1QQ=*{=2VS z30tMr=z>KW&$*J(wqcqub@rN-&W^7G!v^wIwcVc;9_Z&5Mt@duf!>x;*z{v*Ag_A@ zXWk@XRk563hC{osyc^V<{zx~^i?6FKJIRN1s>8NgU74OvFYfOj*ILTw6=z84V0R1I zjhdcXi(Ii3_v$)YAWSo++6o%LCz8s87dVz5ESfy$nY#*KTD{W3k(sI;2G6BZkQ?Pb zm!3!}YA6@J24&QglxWw4PS%2~8WW#UWS zar|0$HoJ`|dE?zQyv-q*qEF|i>pP(#Io6uhoSD~r@-VZ!!GCZAoA4V1X`{iHm0Bg`450)xP)D9DBA$Vl19 zNq}J1tGOW&X0_RLTzIv`WyOQtwoM!mtie!)NV7sOP4Fo^Q=;Kmi^n}#A|(UFmHZDp C{?6S1 literal 0 HcmV?d00001 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/certs/truststoreONAPall.jks b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/certs/truststoreONAPall.jks new file mode 100755 index 0000000000000000000000000000000000000000..ff844b109d97cf4c452c1a275c50ca5e8acd59af GIT binary patch literal 117990 zcmdqJ1z1&U*ELLccc+xp-ZV%^halb3-JOD@grtO&G)i|%OP6#@r+|Qj0fOHG3_RyN z&v~Egf8X=J-{&P4tj*qg-J3PXm}8E6&UNwr;ynZe1QhUPb@iRV)x^=l$->Om$lAck ziOr17$bdrI(%4D|0s>O)wRC471gr)NCx{mU0vaCV4-F0Shq8vkgs5lL9|%d$^prrX z)3&#MQVK$aL%ba%74!)e5)u{`0_4{QMg}3mL94>RVMD1ZgYiMQmj_7LXllUul!5ax zQApbwv4HtOe3!pK#%342TmS_dg@TKrwS^Idf}@3vfuje7sEMPqg{g&+fwP63Erqa) zv$>t4g|i0*Gle7@m=DBr{c1415d#I7mzRg)_xA^$CSm7DVQ~F2PZMJb7bg=6J6mfH zFgb|y`n7mJUP7Vb=;Gu|ao@z*&CbyZM23&b%LC#B^MJ1YY2l-?@qlO(N)n#N`BjbV`H|&*u`}C4YSlT+?Pf zrJeyYCM-3kI!Ftqfh6+cvS%e8Fo)Q@Z4VP)Auw&d4#Z|Euy}`f+?@}VBl4PBUS|3L zE$a+y-Me9zLWi`8WIBX z=JJ5Rf(F**$nwQ!j6Ku|#& zLckDiHWrDQydSI+(m0DKSI-w?hQ&SHNB)N4oL+6Hq-XkweElu4xCin;moidngbvh9 zzUBgy*2nnUXc0UzPo%pVyP$dC^;BmcA=<9^=njihpliBfOlI6VU|!%lv}WMV76IJ_ zp#y&=Qfx@bZ!oYRXy6+N?eYQi%Lib93l((552R=?crZBq!%g|iiLi>9a@<(~9&aK@ zZ?6U3ylT*95FleH5KWGsIFuFEJr`&B9_m&5Ll?&duh4^`r;Y|`x)?EhHwuZTmC+V46VwF!ca=XMT^ryF?wvl$F?& z&}a>7SVWzqH!+5MN#0Gr$Kbyt@4utaKkzdUY5xH~^MJUn)7T7;`$eH|6l(3{2{4sUb0Kp_J>4=02l@d${!LEqT7I5w;YmV&TtAh z<(r09I5qX8e&o}s=)?fe4Glt`@Xn9x#*eGA9M0Z1)z1#fK~(iHJH6<(aEK@8<*yKf zf4+rwDksxHxyWD;#YSb|-x*A98}6ltN1-S-VlS`0y-Kn=;IXGMjrO`yJhqi-GZ~-p zAq2OlFuVIQ`^pgpkxwvF^T(4 zhD?^hpWqd#m4jqe6OqWks}=e@(6VMIu!>sy>ci5n2=}QxFl{m8fDnNdve+P0n zkPRFHBOIVv;2}|93_yCBIvLs^O^`ZB6%P>*AZ8}4W)`L(N)R~+9^fZ5Xec5WoT&9N zqM)LPNUQcCU(0bR0;Y$AEFc;@YIA32dp=fHYdbSLmLCwkq-0iCr>n;<-|13wTysi| z+o^?=WV$le#OrN%HdpwO1bD)mmlZ%Fa9JTCWIlf`gWg~=d$<ws{{)H_B;$zNRA;-8kgH5Mf|m#={-yZqwSw9v|5kC(sHEc#&7Unfhd z87;FPjYm(eRf2Kmr@(_^J@7%G{lsXsa+R|87Vo=rTvLf-V$5MVr)+PDF9PrL^bE&8 z2z_31R%awg^{eWjpN&g+VZT#E+6<3*Fflj39)2*vRu-_Kz7o~aoLSH!Kw3S{vprSz zfKT31D5}-e+Nj{&Ob*_$-$*Y8wpoheP z!N!67VWR=UbN^0wuqnjqX_1s{E4=Vcxo$2GZvL530Kzl;o$vnhoD0OqHCGY*%(+)u z640C1376w<6Yf8;27jnO69?2KaX7^7n zd@`;1dYK_tK%>w#d9dUmaUg03i2R5+hX-#*tt-KXw6MbCun%)|O>YvGUkP1_yekd& z#iQo*e04lcRmW2ESo_x%uUwKWo!H_=FvKue7X6Rl12>%S*f^{(qY&>=O!QKa8Zj`x z+10(@6Z@IcAcbQGwo7+co2YT8cWAJPtcu-+jj{(=}! z?F&`?h1sU&V4QB-K85t6lpSv@A%=F*aW|de1B)fI-)%vd(vr@3y^)_`HlIV+m?_U& zjj4hE>DB{@DC19U79p;Qt^%4mBCf%q2^OAG2TNI4#HPv4eGB)DYm+T{<@XJlL8=^S`buZl@m(k-;C`l_+7-&MR*U^*|C7qjTi)w^j z7CejeB7}My$AmGlwAV2dcEFu|j(Ajvi(axWLPookdL0ysR(9ouL1FT*C&l$rDZXZs zb+$%jl|MqFO*&b#U`-@tKAFj{AYCWECeHs*8|_Z5`j0y37|SlQm+sCVIDoRN+MFYxJFl#3T!=?zY@K^BlUjsbA zb)lYt)CM99>)C@@6v9&@&y8ocX*0ucrep~#6oefFgyih0gHUAN`i%~-#RZ}wASRH= zx9(X{IDI7rXX<15H*G|P>+6b<*C3D=3fC>U#p6_aP;N?AEw z5wD|GwuZAaQ}vOkmKCz4*Ycnp&B-%N7$sYIFB8^Cd@d=2x@czls6tzK_|Dq#onsiI zcl)nZAQUs6-0pqjJ}|Kz3`0=)rc^ql^e85&rgFmoee^NJrUKC#aeOLaX8rT>lyV5N z{b6)@5$j&0#y!zfK8F`QaayiZndn>)oABCHLQA&!Eqp^I1E zstL8xZZsdK-U?I9Qu}i7(l=w0tg;auUD<`9U>nhXU+|Fl`sLK$XYH5JROrQg6z0ZpPP@-O%?t zga3CaR=`o<{jWO;;vmuMEWrO$v0j@R;QzqXxGK$fdBGqM@c&0?#s%UAbN%!k{$KjA zf2U>V1IO#DzT{3H!MHzP5O`~ijW^>te@oG{wVPHGwFnO3b=(L$`9T0Dxh-+eLV+#r zeHFU>4jZCfB?z@#Wio* z2noZLt!h4z#f4Z@NJ*;#S1iar5*7v#it1Vue0^*k zb2cro<4wprV)@TKqF}}a<+nejy%{v~k~e|+_VlreQ};KnPeIJP!@Ba{Fw-63ChLek z$fDAktcdxNb*Hb+Zz0X@zM$~6Fwc~Kv}`p5FMJvh*~l|r#)4UHRUtBv-1tR`%0q?_ zy@EuL!geoZD1``sgkCB2sY2eh};g4~~9P_PqtTXAVq< zb2a2S`$BtHbb@bTY+`#Q3GJ_3!{69MYD@Sho4{HElF$@jll$K#ArhpBFJN(sQx8da zUB1;#M!Bqk<$fm=EWoF@@-GpkfiqrdJMe7~{WaVve?ImD=gKBV&VcQBrTs*ODZp3i zj|1>mxWL?;?CflpcFWDf|L)WMozSbHiu;-)Rk|f**ex^^h^HITNZ$WH_nVMkS?!Si#YiT7cKO<11fJ4078%sm90kqR-qtpOxY#kBRfE-9A3M{37`JFs#nQo4!$p{TKgd2NWPo-MNe^m zJVg$eUR^_LErK|?Fbx&u5Q&|aiWez?&PGbgpig#Dd8AaS zQ7pZX)hfVo-^F(pj-6PiXV$1oZm`G{JUFr-7>vQST%Y5)udh(i-}h2&iMzCr1Dls- zi`R55(X#+6@wujHkYMqLvOYmL^oIwS_qa2}Y##RKg*zNiR6pe!IKb^Pmom* zD390lg7s#moPcP7G|SR``0~NwC#nz8sIhYeVv42%-mcI)mU*{%2oqdUt)3WsY5ch7 zdT!4+&%pl~iA-CBButG}m6#-xrMeq$<8uLjOr%8(WLtGmYA8A~Pn^ou_S-Z8nnq>X z_Y;M@1)XFl&4ru=hHe`f(oI(RIo~TfpOBb)s)? zVf-<~IhTH0m1vg>qI5r`*Yi`K5QnuLao5NYEd|(*D3dpE9~CQ3pkloD7HN&zYfVO& z5T1O1MrmQ|Yk-E^S~t`wjiofu%r`L3!UMa&c}{Lu=WCuQAeYg1*JRYm>m+OjDPCw= zh}wo|$Pj$aJ6=kf3){!{i zb}fK?u--1)q?B%MrMtMx7E0Vne$xU=pd*LNkC#lS0FzviY-bXtq{puTLr>FcY5;yz zzvNO+l;=0;h+o+W4d%pjch6dS2MYJ`UDR0Qe?|9f#h1foHF38Uvco zk5NocJJ?uXB*LzJMmEF4>+-K-BmDBE-s3I#;7(~F+C1@`_?qV?)JnY0SBnE>3xjwU z4`f}{4IYxXd`)D^FkHw%(03J5i7}5f`dwQ-Jr0CI-8NzP);C}9c^x2iD5xR{qJ z^@wjq*_GUj|DBz`Z#5wRTTLoIwwmCv(Uc9Wohf7utV}3GfgK|-8HnVX!*Ny2O(;~A z#g$Z)RFzeJ?Dv4b7xBp01mBIEOKbh|Gh8K@D{q|?M0`#8II1f5nJ?c$;_~w`%U^xK zOP1&51#yFT!947M;Rvui`1>ITh@A`AG5TM+?!OaZZwmZ`va=1`3&0Sn@tA3J=;S1e zd@26spjH_J(hsa?r_COpUQq9=Dn1JwoLjB86$DQsQJ8ff&$PttNWut0y}6yG6AXj+ z5tK^sB%z{!>vTpPt}a99qcdS zMO7%pPGydVX2P?yEJI?6kP$6U$8*dXd(eM-#e(^IeM>t=>P!;(we@TBI#pOoLEO)nS5-#ZNwxqLA>%pDLA78#rw>_On~p=RW0{d=gf{#Agn08axk zT)qbl3>ApthjR%H{qrXTI3&Q$gn{(uMuLX<18lC`LUo3sjAL ztF`XVQ@-eIJJMs4?UB^7*xoweG~V7pa-f@0K2>6%W_?)NurRbSkJ=UQ(F|W%EbyShwwdz?9j(Q-%`~(;J}kM6;zPu zHFDqq8`c@tA1N1GS2Jc|6%fiJ&gyQ)c17YKTpWOW2{M8n%k_9qg+X7~PJBwmD~e&t zpk9CeREa!p5kJnUy|S&%0hR*7y$M^1G*564g1qO7oCwWK?5;rla|7jfZX$O7$xX1< zfN(SigrmZ>aD@EhjwDF@cP_#M;apM#5;m%&iQSb@yx!>k&OXrCxIZ8NwVfdyaXB;(}Ac$pK40>@$ z#r+GrNPQ;-b}*jvmD=3;+~@$A26y76N7ja>+82WYMq42F7RP3lG_p&Pf}p;W8^Ibze-z zoBJFjrM(qL5ZoL^MCFW|_r0&2Fjb8xMq!MH4-F-&jB36xQQ#;SYvYeL_q=JS>ga)v zil+tQv&lKkwg{KJsv+Ki;DG;}ZynI4mf~?l!5Jt@)92wMkPwC;bLm~MS+?RI(w5Bv56}x1GXMCoG%^b7n z7xe@3(|R6$Rd#aJJc;$hcSU>iY5lnKO$w{rg`*{|jj^t0R=N_dI7k868%`?dpnwLCfCx@S5t3KnDMo+ZtF3%24V;Xce6w*g%i9PDgo8UOC{T)G!1f zJYSsIzk0&&QZwjJ>;!m(VE2vg>czUayS)w_d7Qfvq^}iA%Bgm;EfVfEi?{% zV39wZ%)@`WPR_Y5w(9EzF$j_fQ(=sMvHwXZDe#!*0LpciW*@# zQMX+S!8QM7sT*spev_Dl<$l69r}(zWt=O}3aP6)-CZ>1_=mSv*Z<{=SF2qFl*Fqa# zD*G2GOFA$NP-p!aPe;5a+aD=Rq-rz^^X$~S@Z-*;^vVQiw$3V_vo~-Nq&!B)o!?_F za*eH@fsByC$U8gX3HmUH)YTN2O)b1I>1OwM{4t5bQi9;hsiz5(e6gfgrt^r-)HJBb{OPxu4P_Gaum=_< zNVGj<9PK)a52x~KPlU!b&a5$`=ptGpBzR>Dc*TAb%EZYXs@B<=ncYYOHbpX2EmEVepi;xT&cDP(dhj>LZ=&S%MrwO zIUAAFUl^pGym7im9s{YUSc_=_+m*ftOjsJ6>NAhZs|K+}le_#p!qNid$cc$S< z9r78n59R1VbF*Hx`%;n?YK}9lACE&E&9gnE%i5OlI#`1|Fox~a!xAeOJ?VE z377ByrjdmqL*u=!n^z0k90Ftl1%@bYJhT?Vk{My&tG#35CKsjR6ymjHJl}`o~h}Ts6wQ)pUn!?+>3F)l&-ET*veefacdV-?vhleoc zCFeis9D!*1tg@24uI*Jxhkq4yB*rE#&Q3<=Ce9|-CRTPf*DV!nH@6t+QhvrAbT%Lf z(t+3u{w@n>|3GITha0gbCJrV65namyY_ad>p-{O#5rweijb1br=F5ix|LA)&nke9J znK*)}L6p~lNA#zc|1g=@Zj>KvV8A^7S$ z8m}Fvj!en?wn0R^^s$|BHW9G@pMRGsaAy3)x_c~|Ib?CY+ylNhV|95VcNd4UU-@fV z#t;{gB+nu+($IaepqBiww8P|?a)J#t{D{Nrbs9f}X5q;!$_X1kW0At_WcxxuTwfka z5*r$Vl$y5X+3d202Bfr}qcA@%9Aud)nM9A?v^F962~0h{sR}q*|{U|mpz9> zwhk3sF_bSUs_%;z2@o=}gPut5DZ@q)%1$h3c%+P4l86*`PUH@mqd!|)Hb`_e=y~cj zDG0IhR3Ugd6=|b5VU)Cs&%3{I7Mf!sQXBHb622C%##YAXml5;JX92f+5WhN6p2A-W z^<>7kMyg~?W&fUyVGuxYKz|YxB5PdM=e$(N*C%HCs)%z$1MT*@CGeK=Z~x8lfO zoc7IEb1g-@>f@cVL0-Z{w)JgFgJ_^FA(Er~6Dz08V~p9&C)||Hnnp{9k3+!9<0?3h z?LCfJ;N0k3Sjp?2e7Wd+HO;jau)Aqe+hU}3BvI-Y$2~3_K1n@EHgsZ6EM}CY^(vQB zGjrV@HU*7ZJt+>!<`u6IeNfC1LE!Y+$PlcWvHBIR@xB|x*LXHD0^dZm!P!qlL!AR? z{sMgYULzV6;$@fz1Mn6Q3d2vo+$1KDU&{?_1I?|!B)|Bz8U4Mtl^#TU30h=qa%B?} zic2@)`&w9RO`KV+P0S3enE`OyI9<8~*Uto9_OV{JDpCCQRzMr8>Az@WWe0(;nc?>L zSNz-FDBz96MX&8>HZU8Q2h7RF2{;pg9Sw9yT^@2?9{xY@3I9bB48-moeq|&4aK(Cf zM^(=his;s{cBqBqYTaw^4~I~l=@}ojC&J(egXEPlY~XLvWoCSykR&va_3n$M+jd6T zw|je;2y{)>ExD+9aBfc!%&( zH6UlnQbE`RQ$+e^tbK1RH1L>S7m-{fDN#oSix~J0os+EjIOcr8&cd*e-$r&*iGGThz|R1}MwF_j_L^H&NlMfCY+S zUUm?OgAK&N3j{3N&BOnJGyYxXs;s>58M7(h$MaHufnwwOg!NvF@tN%2lY=7$uaj?k zx0l|%d!=nmm7HwH#7AqP2%ALvc7nvxp)1*&EOp+?x+~nwOh)jtLm44mJ|fD?_?CO& zD5t84cc!8=JZiwzXhWx#roPwOs&>vclrt0gntCcC z?`WE)C}GW>=eUNiD)mkRt!Q>;qqL@@EHx+?Qsd+OW)gEX)6zjf+A^G^lg!^f);3v9p=VW3Z(?tRm%3?~ z{RI?$pBuPJTjqE3^BUIVbv!CztMM!Kv3I&+be2ZOEHBQQQ*2tgVQn-iI!F#`X9G2$ zj83KS_T^t7f09W&6aorcNh_l_2$DNWLhjE?g)FIH z=`$C(C1PDx$tO7YZdR%TxBuN2c=Q+r=_m8x1ijvO+y!?uO%meRdMncf`3yBWrHc*G z9A2;$uy%#Iir&S>HWSEFp~2|?z;`%vIw!5x@bV&8n6rH;#Gp5%dyxx+Dp7O0Oy*1t z&&jq(?h{p}d@-pfvpC&4s7?297Q3HDL@{0xI^3Faz**$I@;COdD0Fp5Jl3I?d%gBl zI8Eox*2vJ;P`oaFE+;b_|1gu`oBa!l%>Wc%0Z`1kh9WY|Wx|3)52D>b{Ua!4!QZPF zWNiHFqUCZ7@Luk0!=AZ2g@owmTgOF#mxj8@yMQ;f>-UcTmUN zPuVwNt?j*>!4R1FWh_p*|CZrXipF{5iJ5^f+jK~bPEWg1iHmyrx0W)FS);?`&dRum zKN5OAUa~nfzz%tkz7&h3nD9jFO=;o8rvk(R{ie4wdW(+v`q;V~C9D~K7y zn8A=i7esTzqy80@R~qIrQ7}8QUHQ_N9gsi#pTB(Lzkqs@pK>sXc|y?B-6feiG2}wO zB0BlWwmK3~_ezxHuiH%gwg$v<_ZUvnVM%G*>fQxF7>d{ABgEF{v)>~~e*HN(FiSe9$3|7>C~c5-(AZHi?4;V-D) z2cUjANy2swbqul6GT+H;x>unf-XNCGcdh=2ccCAXAV}AfAkGHX6qkrMa0cd8epHus zEI;AM64 zgaGxb0Yj6I(f+&LV@y_{KJDF^cJJ=HZ3H-BOIz%&(zjQID5YbI?xU3oO7)xUeI27j zHyOP>!xk03{>iNj>tS_#YiM@6kkWEzBeWKdcMC?Cp;^WSO)h1tG)dJ@!kT5rl; zpsD?4B^S?0vY&Avsf=4{XjSdr$q+hxX- zd0TKzNP0fHJ+nlLa6_JciVPD8KgUpmw3q77$%%0VJxoCE+8NuK7#SJe9D9_3=l_X2 zs0aXap}-gVcifRnmKGR7*ej^WLZ+n{CEdO$*Fk=dZ%AKB5il``@G_wyU}H%-niv4Z z9)+BNEnqSMJ?xHPj4Q5&fyagicB+B;&KOJtBDl`Kn1D`}7n8q4qO66D1<>&hX1v<@ z1H4D7@4pil75!J!kyq)N2T;shm&y4mJztG?@%-!|{9m%pe^I7EOFm?E>Gj8beCD$D z6mPuHFzG~42^sE3R$zVB5G>C&_-rYT4@&u{bI?qUoi&v?y5}tg&7xzTtX?r#?;hpVadg~ z4k@>!F^|8`qc^7Zet4Dp(Au6wweCocwIPe&swHp`kxnx1lQ=f_9oxBQL62KOBwy?2t1j;pIlS_?gVQcnV1WWT({ET4e0w8m|1R@wPX)fmv zVSwr1mOoGe$m~YkN{fSk^}C7uIMojwh>VRS>S1W&c-;gC$b`#?g~q1+`9z9ezorlc z)_0Y4fCXOVmaE7F0aLZymuci$IC5Sd{xB*3v4#9y_UUm*CcujHocogeRk(Ee@E9?& zSm?rxn}4>KR-wFHuz%~m6U1S~+oMj2GsJy@XK!+so(Jkspm}B#aD|=H*SND(?rupQ z!5lNv(_ISWZaEx0)W`62sbjCy*4J@#!W z%qi`slCD(adqX;#dG|?DpFN#_-sFs!=V(w+M#=XJ`_Vq;zA!w<#OQa%PckZBM=ow!$DBHXQhBS z)nDl85$1S+iwm=U_i&^z+3r@1XRwGC2hfgs8s|gi6i@@%O00y9J)* zTp@EHMSP$t(2_om9-31jkhJ$n%=X5Q{J zCD=EcmX4zljzW?O0fpTWG`(f3xypF)FD;d~2~wln^WEHtzEmYhYKG9!SNAQmObMc8 zq1I7}L9dP&l?n4@p5!opawUUNNpfeqJH_ZF_v+>IG7nq$=J4IUDIN>$HWW4U^oyO5 z<(`l)hl4)NkE_JYAQS|TX`zj`-MqJS1xdIidnUJYj=1;}Uh_J_#u3uAPjL&Qw~+@w zIWK5_S8lAnHW!mQv@E@Khx{qFR(sS8jfS+ZBzhNgNzrOcZEL~pD|lmnw+R8KgXect zPm=vaH4F>TG<6$5Hr97k^B66B{v)dWs=zo`mjWs%8#W5bA2y|DSv z$hB+9hSqQ4kd^!8M|jr_SlxsE0EP0l@WtI*5I)XvnW+d2l_AI{!EULlgKO=NrYwyM zAL9hYYbUTN*a`H!GDTVa+Egdq<{BzZc;1@V6q;?u+LhkuK&W5G{En$N+ST-7+)AnY zq=~W)|K#(EAqMC#tT_r5<5F*6*;JpLR~XBpttG;{%=s+VBdF>>1~GhjD3xOow8|+& z7Nq0piQBXf5s6Esf)5c*8{3E`ZT__7v*cK6yht0G+@c-rP&)yop{c0-!5B{{aS9diPFBlv)aCQ#r}Y(<4_dVTv$5 z`V5Y|kKIecDC(K%t<$^2lyrR?j!uX27vQAx9u!$~HR)C#P&ohId5o=h9D_R#ep z!RcHbmW{n*!vB6zp!wx`JW+c!VSAIVcEdO7eRINotXR4S(9CwAVX_*cq6Mu_BL#VM zFE2d&Iy{ot)n8$i^j=y_h8k1J|c@7vAj#gJ&-Jl zobc8+I-=4n#ZC$VS8b@}1EZI2vgLec_yBt00_cV8nqL0g_hffNF(`}Q;2B|K^zsO00@bnhoFCaL4Swm+D}C68;1}u%)CqY zwcnFBTB8qEpHkPnSxCWTPsm}A^^Q$%l4*>64^6ZhHMDM{pf#Dm5U1r^Cha-L5`SLT z*TT)iOeXkLxY%B;`#@f3i!IH$uP0jNU6&rZdusAsezYQk0$rS_wBSrjg|}15_e)_b zUpmA+cc@g*N9x8-<$(`^%6pe*K}!%_C|f2^UC1XNIKB8Lec8gUVM=7mN^GsWc+W;y z&r!<(fxFVfBu6tNj{6e?E9&bQ$Jt>X$2pul@eZBa-nCVe9eYKC*kZN4jPs%pG^Ymj z7M2>+n6CKsO9Fxe@Rt0Zg8U+VasKKZGM#c9{_zL^=5YRsYRXcU z9@D&@q+UUP1{aemocMeu(8F(rOdAKDn#&}rY}&1%NZ49ZKR~hU3!A{^*N?Q=-M)A) zTC~0f54n4UQYNp+!XpK7HXbf0c8or&ef#MCp8Yuq?+yx-A`Ww86W&tWqJ+!lt>WEd zk*deB_84ZbQsFpd2*wya2NXpzJ&i^-8ZtW>Uvo8Mqi!@AJ@R;%i->x+&~iTNN&Cl- z;Y1>^isRxZ>A8lK=C~B1{7IW$O}D1=pW-`(2&oZ+c?hZ;(31yy(9$AVh?m0?1NzCq zAH-z4V4S2~_0hXOH{ttQvAi3QMbk?5K&L=rnMgCDB~y)woA$@odN|zJ9d$qG(u0PA zApT_)0_F9kQD|h~cynS~>XY(Mwt-v+T6mU$ukY;?n74UyNS-0VEQnOlzd+vNNQAmk zWkZ1!epp+`*u=k#YG7wm^rwFX*x4LEDi)-h&h?K6|72$a?ll;=CCYF0GSGnulquX= z{{v^#1Z4HkJD*(N{skHm9$Ewfrmo9lEXtY&EuDpzkOVrXBzc_|9ucq4sJuSt^Aq(p z^*17?PMM!fM81)=K~&f}p?&M7TqnpWm~jxw8?S#8PWqqjL8_EJEEca@x$AR=WP8@k z-pijIIC1mO4J`!$5{IIMcpH7>yH}`6lo#XZZa>Zsa3iQ~vu_1_CzHeG@kd8Q?Z4 zCLTYM6g)Qa^#lL4!2lKz({*y9xf&X{x=EChvhcq%Ux3OM*v0=nn0}cr|9h7DckRHw zSSI*fXzg>rBv+9-s_Xkfx-r>eg#d$<0tz`qW@E&+Z$i@t1oC%34z<1gFjhYKkeeQp zQF4~ItC5eeO7CTpcWSngNR8`Z{vF1rpI7XLckw8q5d~MaoO=nXo{k$D&-rA-eF!12 zjHcpmyudyP#(DU0jXZLEO|c8pOaei%KL|%fsFD5Rk@fR$c&P+UijkZzb4`03&E_ag z%g0mPp<5OBwgwK~Hm1p5l)^saBv;p}{r2XIKrK_vN0s@WO)NgS64@uU50a~DDFpg_ zs5nX<-7zn@wF{JC3v^=iBN|#OcAHPOlBZ6h>yOZ0n3gkmu>~5bhIXK~#j1b^v5UsM zxpQ}P_^de}%n46n&E`uZFHZYDL5wwwtTr8@2^kEmD;LV)MW2C6+rg5J_d2qI&DX^X z7^pK_*}_g8(Dombt$eTjZDHN1i24pQL<^^?Gotjgv<8t+4A+KY4B8Q`H;Ej6WACmg z?Qn~*-ramLvE!so_24uGa&?tF!Ezt8HA{!5bo zQryZOEm{SPGD9l9%hM^XsfQKNru~1a?f<0MZxs6gT(1Vj9*ldT4t;|37EUrjaq3h` z@BciM1m{CMD~g+*2BoV04CjLqKV5Jf{d;mgNbW4xugVIofhk>9_g{rm%4bEY8a_R; zz@2UkS?wr5KHtxKcTe>;9EFXlI|JdK9_YcnTbQcfZYA65-e%lGmP_~f1j!SJ6E6yn zc&4AfM^cCto{_AZn`o(N6DEXk)-xhrN`Pw|jfL(+&(gVa>;6}b-GgKC3#!T;*2vKr zaRb=41iL&}$EdJyuF@7%*f$Ol8!zq1tzSAAc1{lmIHG(o!wf}vjxFoRvDi4_uvp+Q zzg%w}&X1*IGTWq%RU>NkZGAz`6jO01sbm+wX3ODe_=5DsJf}kzE?peSkijZ#gI%^6 z4W-V;JSj4ZIq@C;(%k^F$K#2L&gJzVm8?pG3y-#(U{+A|hb^@`Ahik~-3eOS9s(BK3n88AisToyB+VsQ@D{-PVECmkI`8}{9gzO$_WgMywQH?#qfJYy z)8uDffNlVCLM>osrhm^1D4R>`_|p;>QS16&i4TCmnj3+3IV<*0+)wTM_y!jsAg(F@ z>V9g#(a*zwY8ii5k`$xizF8CXeNY~JRIC5R0qaG{TiUpgg5x(Q6uk5r`Y4}$XY+C6 z*$nur%jpB3Jb9argc5-785LdhWYa_W0XXpXNAyHCF4uvDdH%eteakb-LnVX7bc!kR zmGYSj0^?CEZM`oV1e}eMgPB}ktbE4Hcm&&s+r!ysrdbIt=+P^4118&T#aazGpW$6- zJ`Z!Xnfj1*50&v7vg2%;{%~Y8XP3KbFhwR%4I%YNdw~<#t*PDx53^}yy~6g#e9w!Y zn#AXrxpA5^Gl36wDS7NoRU!l_5%iJXqo;g!O&!1E5eZsZRm@AZ%BG5h_XW8JwVioF z@p!}EGN0`r=n=TdU-Q}Jc*E}&L(sn)cM#vnDm{+r_Xjg8hUMl`rXJb!p#L`R@Rv{c zJr1uth%B_m#g+F5tBy{d#&Ip598IU$)yzMClQ zrY+d0IJQSV#muNTpt<4(C>KEE$0JKK}Xm|aNc4)p28@ZVI84dKt<)nzG>o?JU zIkx{l-d=yzW&LmOocIqc;qOr1z&*(E_Mug8g?V(bjLSEPSCmKy5hsKyy=NhFMRUR*gW;rw@i6hyN1V*hR;6v`-B!<}?^PA4!skcDS5{Fs$l8b>e9W(i2UVTR zs)p0asN;C~rw%&BjN!?^p@b`pM3Esj<7aMA_MHc;V>AZ5K=00;SyUr}W6lv%dLkRNWa=xWCYmJJd$=P%$JzqoKTZt-pTOf(G z;Xy<7IK^_3p0Wh)oO#N@5okgXyb=+Zw)$jt_L(3j_6xm(FZK%dlERqkg!fycO5i%; zvGG}nY0_N|%OjIA?Xb&*9WFv{_sC;Vs7@W>h_5e+9d8H6v&EuaC`+6&rG5*es=qgb zD4w&BQ9Ub&o%yLq|Jl9PL# zt>y~Elm)9T>*yF&A%=Hv(g6U<~G8K0xnqHL0&VxsXT^bo8= zrnTkb`)pWyjho_9z=|?dhP#-rKWoGI7ayx_Si2^p}*RC&J9Evgh>0 zOHYcas?rjsf2v#*tOAW zpP=Z#b0hRyk9tZ{iE(xg46sDb-+o`~ZHlUAph%@kyehG}Dlp7xm^@dC)1#d^5K6oZ zqWzkYLhhFDuQ`@uD9gH6#s~#ORrb9B_uvHRGMOU7C7dn6>nD* z7nru!*eVkx6Z=_=as@1Ipl}~!dX>{lmau98wj~=by{CF`jeH6p4%IW>Sryfs=qm=X zp>e9sQhY{x9K1Rz&PEgLSzY?ZV%SR8=A&mHl{g5-0DNTp)^`yI- zz7IWm$YUSZ3kAhB{AV$9vpMfCU-3IH{x(i>MSQ?;Ch|ka;8y*Y(y}2M8>AthaEzs1 zPHP~c$zyXaa*~d}hXeQc30h9f-yve#ix$8fWjT&)H)5eSEi-Gjt7*mN)i226pow)+ zTF6Z;MhgyAa2U@%J86SE98?PS4pkmIho;ty*mbpl=f_6 z4$mvI_o{-r>WkyhcV+!@M&*ri5k(MjzCz@`_H~kHX}vpx`A}-x6RLG=haQqv!?~^1 ziOME6{+!pl;r8lB|5c_0z5C=(<4!M_vZq~%>f|bTonv5#gNkyfl<(FQUC6o)oyD=Wa;Ccq*{(<1 zX1t`$s$*&%VSId^Yu@t;lCj*{nY7L+esiz3o8|yQ7NX)&4RRRCQL924P5lzW0+;DG z?iV8sD#lE`bk+A_9+`X_V_vSm-{_MgOc^cg_L7%;J8d<6*whYox4`vLixpnRPIdR! z7!_7VOgb8FcUeWtvZDbF9h?uAQn=q?dtq?90i1KWxwjX+_&n6Q`mN<0&Jw%z3SLsvhavtoFcUTCm z5M?Bcn6qy7Tqz}QJc8f)+ixH`+pAiXW}BzC%-48S9;Vtes2&%7i#Isxy=zB0(j40` z7IM2GwZ&0O&EbyF_|XW`1^s^Z-b_*{^jMUB?O{x2c~fX8IcTu`C5s_@2_BT2nAWBr z5`V53i$|RhOyh%$;AP@c#mK>3rqj+9PahL6_@-xz8WOWjC7I<<3KD@hmIGf`!LA#T#Zk z^hG(C`$;e5K%wMiVo|5Q{2?-TCZM^pbdsn1hkd6ct)0xs9E^FDk$@%?1m*9iywN{$IZA!mocyaP1ZWvE zadZW4ukZBZrai!IGk(1CTDpm=UG_#^gBc9sV&eeuasaakz@{+!9)wk8HKiTUTl{qLO>Wk5{XM5g9I-TCO4pYPs6gV?S*1>oeu*suOA`>NYZ|A=gdshxu3W z*S)@#huxh)$wlm`&Oo2b(&9i9eIyoOp^&q-Ol(LPhnRiT-nf6?juQ7ux%l(|s;Ey1_NW!3Q10uMJR4VS(e&o3)Joc*JLEp= zhg+ufcr?TJ5_odgh7d=%+L4=Q?}%wcG=E4#v=TgG>t+n@+SPsjG1#P-ouPv@bf&() z7drLKI!-YGgE$D8h*;<&)T4*vor=cvsV8Ga0e&H4&Q+SJZ94|+TH+)9yu)yo%KD_G zAI~frE#E>8HGPSiY0_@v(~F!%zn7nqdYj&g2+51TkP3O-joIO&Kc`>G=ZAh9+ZRR0 zL@CY>wxVu*)Jc`-U>YT3q_hm6GgFnxS?ys5{HQ;^$vN29VIDE% z&@*<6-KpIAi{&!?oL-l}R$@LO>7C5n+Tg&{N0mwUKxIU<_8s%xUYGlQEM z$q{L=yXK(&sFvR$Yek{Wmn0xdBa(e6yW>#ftX=HrdYEWB*_dLlXr7vBjT5hD9Ei^{B0d|fZMX0QPONw`+AU!5H-7Vd zkc@Pwnl&UYZ_B?Vh|>l~ld-xVTQ|{>31TAM>+$ST?Ah{~Q5^838GxwKDyfYp^$!n% zNsNl}Lx^vic>a9V$Y$Djwf>G4e4FA@5Sp6TLwE|p?33Xm4fMcjL;?KvHtmw) zly?U#Eol=@_ZS8YMyfvcu z*q4{doF%@&awc_gc9SVTXov{0UIzXw{gVL=pf~Pix)Z1OUP)-y3GD@p2Euz7s6<4; zao2?cbP|7ojiEf_H*7smdY0wIR}lK-J9I-)F*DoH`e4!LJ##Dh4}|iIX+2)B_>g|R zz_)n)zCp-)sJo^EMB;1vWXjLLRV!vYQLY)omfTyDD`ga}`3%m66*qs{;`!1Xzdwn- z(%h6PIZ3~vo5K0Km}+`n6nDoya}g~`nU36Tf+@rjepajpgwMD*egV|l%&@9^-{6PQ(xj$%_>rtK z2zh<{G%pwVG^uk^$eWOIH?Nu)*HKKCY)R9%W8(!)Th8Yjd%|T&v6-E<@t@;>#(J*z z1fcZ{7HB<#{?U4d0MR5&BzCN)P;qlFxQxI{-03mINy^eI{o#! zK~F@n?lzmK2MPWPny12%}+mY2#M9EHPT*-sNeFwHpN(_KKp64-7<|^+~Y+K`uvu&S@b*e^N>Qea%+kq12yHl;=-@{wI0um(R)At2o$Fw7Nh1b zz$(8~>!HwPwMd+W8A#-Q%M%; z4x~s>8|77Pk{6e92y)yMN4kuj>`3BgY=5vCZvTPfrJ#VKKXCkSx?8VNTASMIX`YFa zZ#~c9D|b`94c_(rkH4Yx-=1*qvhIlt=CaF{4-VmSW6*?z0*a09L@>sRv(NWWo9;}x_ zmWydQ|HcE~3rBZu=xKUGLWqXbP5q(4VWo&3MHbs78DBhR3(YzK;{f`VM?oJbLZf{a zKSHG#)RP?5(}!W=26eE+b3bJ%Xy8*3>ZFQ)pl$JF=XHA%H^j=$?V|d*9&gA;S*((c z$`tIxteyxD3caa0iv(n6UIp4AHevRL%F<$-kudhe3uVqeq_I+-W{UWP-7Ox4Q}nW} zWxjymV;SQYDYx6-ns&$9L)qypVnn3&9Q(cCqLSjs zCqmEz)F%~z!S5aoP#8Be)>BWa=G4P&y?ByGmE9gvD}!YzIl_eWAW?N-ICa*trl4w8 z1U`h;?XzXJs5KJz@RW-p>ywTJdJu)w=%ffYwQk;~ZdP}K%c#UxP?A_oYzbmdh?BmI z1>=0a`xM-aWu~m48!s6a1>|U(d8U!R6^9&>P2)3xSMiH}l+|i49I55+osHq{RT#HJ zW^VRpTPCB9ywg8mmabnFUE=1zJ?gbp_#E(HqcOLYvb^l89rPj;AISBb&_-kgvU0P& z&-7@P=8!kf`9PXVyRTwYz5QI!b1A70jP^J`D$TC~x4)-hAnbo(J&Y(&3@Qjw09)Brx=i-$>;8sq zhes7JlG?IjGA=8Y4zv4%_Kt+=1Fcos)GVs0?w!#z>cEx3jxLGUkCQy%tnOlD6(QP6 z@!8EzVBm{>j=9x#tnx5j@aQ(f2a8g9*87HTTQ4`(n%JB1Bg@j2)?fP8s#LO3tl5m% z^AnserP-qx^ORH2S&2T4-Qn5G3Sl^>~=wBVQ zDA+$PV&1ylg`}D}LHIP8jsN)z!yE|L5={$RIAY(f2Jxuma?A;XSw#GMl84)$joO7_ zh4aT=9@VCDwiSiBhQX-8(5Hv`5pePQGUgM!n+VtIZz&b9erHoYdFYBZ#23a*kzpO5 z+9l8yNN6HdfTmk~u~voCU;CoFSzt71V++o)LXL;ky-g4!9Vss(mHco&4GH8v+dda6 z_O00{wf}VoQD0BgcRoxF_z!ggJDv>kUmiUjM&`E&Rdvd9>WKfYgkFlH3i<8=wle&g zpYx+s>8Uw+uLvo-NQsjxcIn_^=W1YV;dBK!tiS8J%|-u099Uz3UFrjfBXxy1*y8H! zRN4XIX&eW`_4It&g*5vve?cIr8vrCK_j5)bA{M%mi`|3EtN!XrxfbL6^_DUa1G(gy ztUssY0rh)8Nhmi54_K}pkR7=`1pU`t>7VH4voh)`NW3}qFrjDy`WP;!ZI7C|0PrwYc-@FB?Opd55IEC5V3UofOA!GLZyx-~)CLO#1?7HEveK zO5bcU`|vxq+jRFX3j6lQY9{3n9Hq|=LRX4re4hDORq;|6*(i&bp0?V4nJaLLi!~^K z#wI&h56umG@gn>2_W~qpW$JZY$jO0vjsWCbzWt@83oYGYe+QdW=@LP{#`-CL$S?WZ z+SRZ1^zX7{mve29@n$_|Wk4Q8ARf<*)@{C@{P8t`xz~|GA4-yyV4bjm38gPlIDqE}LvO+IPDYDZq=nW^DXuPxyy zb|mL}1dJA1@FcgbXNC76W{ty0h{WqO%$q)rnft0(U#jsg>h{+xjNCv-0zIzXd&#iKF5<+-WEg#KxxYMJW{zJ z47!Agh9Y;l)PZIl?g2kaEL68W6XXkioT+O}`U?jA2~yXXw7YKSs@0~yBdy(?@7Cmq z>yXwZ@E1%1GCFY!{z761z78Fqx2wZqmXxZR1zgVPbbFgq(!6ww*ZP+bKW|ixXT3LL z@oj`G?y(f%i=BYisnWNM-R~WSHav^m{bGA}4o;5$4q7;FgvNa-w2dHxEq=!Ww^h-y zuv{?>58tx>d=-=;0s9s*e1kk|?h7&2rFO~hr#qi8C|IAScbsTjJoO?&786O;KGDPv zn^z0tQbKaqK_tl){o0cehW6^f9g0ddzC1iMtWU(Rt_X9I2#*B(TLvUsZ2l_0`Mm~$iVWdw-u~M1%XehYgJu}+6nX+vYbFlZZ zjMMsS!B;Khn6N?@FQKKOw0o&PEUR)KdxSnFR;iK?_JZT?VF2dAIYv>hxhWq(6G;^) zJ`5uR*&YOnl?WsSt*d+?Z&yI0NDZmiyn7-kfFH)V5xkVS6AW)zY0ch8ydy===e}#& z742d1Xx{HJ7?UY)DzzI~TL6?0oYl86u=u?_NNSnu7e2!P{lqXi06s_j$nD&aY^SC+ z>kGfR+`y9UWjDYXV2A&|Nw#x>*squ%vV&EqQ4-~#p7GPj&OeS&puirm?8@o8z%=hzy|-PJsfDvf0uhk~ai&elEej;0se<#)*G= z|IkpszWZCb_evWB-2wtX?-H3+(1nT}HC1>2?lOxGJ?h7g25NRNf+IZhuL-3SR=3IS z*L=uSWOAI2IxfzwmYI1#q@UzJ7nt)xrX>O>&qS!{o+5*hSRL|*Y;2^r9WI`F@@=(z z`-p}Z_pYBcD3Obq4YSnmea{<=$4bdnqq%XTFHW*DAH|api`L&Ow=&&N^V?d1hFXJC zYA>GT$Z!;f4sT>3evNLfoVkz_{8|UT!2N@YLgmKGaqP_af==U=QeTIm=B!Og*qghP)rG1CN{kLey`6 zn-))V^iM>)$pHaC`ysA{h;SSOz_3~t79Kzh9uV63ue;JeVL(Yl1eG5KKgmK@&so z*`SyasZYVZ=or7LI$P}BeVS^#h+wE9Ht(67M z2M+Ps7n(xx9{AIAjn2KYTbR%8h{Me`#*h_nCOKI@H<~vsbrkEJ~A6}id;w_298H{RL1fPV< zuHJ6?*?(o%UbQEFk%i&885U)& z!##)j`b}5Xv-9ic`@+OpV&&kC2ml5^R|^E_YGqT0{G1qjIsM_r8U;gximI3h*yz!J z-3Jcj>zxSSYy5mGg-@{-nM2lb@dS8~(Y%tY4 zw*2leS6{i1((FyHO24X+)1-cwd?Gzz*i^Y4`oy)Jm?Js5LrS z;!K8)dh_O8sE;gQJ0~zQumMk;u`w_*H?RRTN}PT(cj>jGU*>*G1r&Ho0dO+8uFM?) zB6mjAH?Oj6=1)8SZKIb^V-W+1ToQ^~SiEuu#*P-oWOPn|x+?%MjsTA!0~)LyO`M#_ z44lD&uh(}3{-geQ_s&m!6<90;5pGs4b~aXSuAf>#h*+2+fUwW6M*+$kMVMIbfM~C1 z44K%EM{w1fG0LGxr%Nv0{L)2jt^ii!2jUU?yNju<^pK{Z~<__3O@Xux%^Lf zpnvj_%OM8rx#<11WO%LJ6MS<02uM#jCR=6)P{bVtX{utC8;$trH0<)LZ4wF&-y0*V zot&&6P*C{mEg5##-B}8-K4@F>VYO7vX2sY1MjAOKpdS)UWw(M+?IuX}l!M%=8h+ZI z$@p{76P3596|oT!E1^+v<1MkM%PG$YLr`Z@5u1<<6ycOVW%{}944{pYpp2w|1c|;DHT`>?)TqU}S$^2xf&=mdN|=w13*Zm99((DXzrt zMLpHErmU(VPva9_?`H=@zY850>Wx3ANLx0vUIs(a`vV~;kTgwxerqxn!+v;Z+S=Sr&l?CYF zaV*9*wel-)Q8f5&k7T-$7YJ|%e36=A5ujfQKOU`Z@m*Bx!VIsbOhso2o-MQ6<7UHi z#kfN4KuBOz3#9qqWXq9nbf2G5m7-PEo_f4G*AFA?nwEpgyp0bESh=KZK!5oxDBztx z_TQcJETASYpz?p5?F8PywLjwp0+$a>28cYcgIM8UfNvo{mm>|Y^GZZNc&ojgwS|!f z)9+aJ2TX!-`DfrgoNe2=i4rU4+=}Nz0I-MPBK9IcCT*b2&ViJ?5fNynoY zQcB6bL%{zqf|X4h)DzAunT(bT-F@<@bb)n$I)Gp`z2(Fod;bkXL-6st+{)g3@--r? zq>rdA3wMh4*j2R0S1qxE;ObbRx|GW(#^$QXMG0nv_wV%WAR_B5k2VfUjdLLmVj@O( zR0u%(S;!u-llfG$Z$--*9}9l1rZmGrfvMkTY)4Syud>G3&!?Pv#;Eao!g%xmJSj#G_{8Gl3V}qc5Y8Gfh1$cqQ<5{Qg$LLiqTNCJ`T6Cw0a- zr}l)Esr0$cU|4oy4gFgalF1yc>9>Wcx3F=E2_e{a1sPhX7CnL(=uHgqkPZx zYohP40jSCI(L<;fNYnn0I8k=bKdf-@6%4X!#UsdKdcf7Z;oLt$HN$s_RZ^Pi;sBAy!*>KQ<|L9(A2RfpIg=n4hB=-rw3_wUxM}jm zWW0^VNoW>jM{nmjtE3h5eH-EOx~lx?c+Pyjq7$yho;+p4$IjmMG?!a#pMB9nmhj#G>f@CIH2ID2=>CY`OG>UWn}> zLIkN6YfH{{!r6un;?DQvv2us%8kH>h(7h+kEjtRVpfK6ndg@&&9VbvpQPYO>ZB(R& zQ45{*cVwmA`Q!D&C@xZFID0#CCKyy9%s6bF+MqP{^WLvj)v^0GGgFb;TXm~!6 zeC=2raxr}hs9c+*&rmHF44DQv;FLTVda1dO&SeY3b<)RHPO=$x+R z>|WWpWNQ!8sF2-g-s$z7W#36aAmMH$k_c+{H@PqqD-X7s8(En@N!4GnG}pnxU2*(Z zc>Gt`tXlp$D>t0$(g>=b%qws z{TS@qLF$$cx6xjRr>mT}+xMP2)8@QrHV;R+0t`#XNWC zV6#mh8?Pmzg-~|ymSfCgqY%m#8~&%6iHp+ri*p+85~gzoxbJpu+*_v66n7z+b_rJ+ zLJ!I?&>zq}OQMjAPX4gsccR@?HqBu+o8^U1_5TrHe{S6H~gvhl#E z8|JG4HXv@Yo1X+!>fHMm^J}O;6jyBR#}kwNEa{(=69_f@sgGJKhRr~TgDi!js8G+;om*}LqpfHsvq*PO+Ho6T_b(81KB zvdAPiKXNigpHWD3u-J3^BZiU3H}D)`+kg6uq4HdA;-B zjD(bj6^cV)IXgHZifTfg5@K74F4#S6vN#!#RFH*5S73fqC0(J*<85**txY8b>PZ*=Esca{A)oBnzDZ zhPBz#D4vvo4hbrr|0Uk{!n!y?KYe%g`?(;ZGrbY?=Q_>bgpR?L?vRiW1j6qUO-d1- zgm?2Cp|2I8nyTo!&!1DpHLZ&)Ep+3uBkoy>D{ax=ih%a)+!jJ)P{z%s7i*x76|yg4 zqqdPCpyQ(*Dek-@O1Qvx{}mg%wn$i;6}?G0-CoskXR+z9*MpBQdk4(g`_c*U>bp9n zp+D)PDh}Oyedy-#xejNMd$xy}E*n|MjmCMJ8gqtahJa-5jz}B@zeQma)IpsNEp+%1 z+*aDEW8lg&g!WAc{Bgkvd#gr=f?|!bqoz&ky1mfBw5IPoA08NtBNle)+}HPlb))fY zdv{Bj!SJ)a(KJu99Z`qJoa>$P;nxhtFnVE}wk#9E1cvOKLL87~rAFCcguyX%@vsL( zSB$KI|JaOf=0&9MUQfD%)dhm2nt-P!a^RmcxEP!?vD<_B>$h=;rLoSt~e;tDUtFQM@ zWG{aPF%egBCGkKn!<7Y&)idoAx@$c|YOONo5S3&_7M^i)>dE<}$Gcd=`xMOc+yZYG zpKlT|%(`Q2Mw=_)IQAT}g|24nBIzuu-?|Gr9_r$9qm#pn`_MM2{MCWcUU0p;D`I7z z4(Z4>`B`MBS`{zW#Y;h2u4syt=L&cC^qT};@^qp?N~Y*yD$I(Vt3TU4%V@=rq|wGo zF44t}sNf<}&ye^Y_LQ@&ssEOjU8vF2D68dLU2Eh|)wVp#RxC_B5VY9y+^=@yy2zT0C#Y*!w$dCI<3JB5vswWv6*rsLGX?ox7+vqJjB zerxtN&(s{9m(_9BAyd1;?YroQgZ&%ZU#&`*QnMHXZDA&qA>$bZLN0tS7WPDm3#|4U z$htqbWEUoWE&LEp^=|MnyY(_9^E4&_d4pP<9a5YJKJp9UFeLkB&oR_@=2A_8SUl(& zoA2)4>c*Vam>uI&LzjfbF*EeVGb*?zgn+8bs@H~M=t;ZhzcD*43#Y}UMLi0S={8}9 zpqM1kOWe8eSOWB*d)&Ch^zfD5)AY`+y-shdNL~-WYUvSy6dIFV4jE_~3 zggF}h=%*Q?0gL*6X+xXdQ6t0m`e+)(G0&P|^G$O`2wkg!j4SW+D8B+V?mw1=s;GPU zZ=mR!+)36CeP6Ttcv`i?ERT9dT@lT1)%lnD@V{xgfgqz4;ed(l5H{4`TjsbwB~-f1 z9$Wv+&h;D@H&2R-VKcVlfd3RR>s`QFllBZXLtdep0~PB@FVaD?Rc1zOegDg}2O-;S;a!`%cw{nglpMkVbLR~8@-ct-j2t8%kD_l@~VZ16c z6{iCEoGi>X{h@fnfPMh`j@`J=jMT&Jn%HK>A|j+xqRAX{GJlx27nL#0O)@MfG9g6U z%ba&;j%VI=9k>{b_?EdE$#@Ez#D|`e_&*L=3waxZdZEIgzkzE&kRvGOHN>N@YI%GR zP6KKFNGgYIqYoyo3WFU(aBEZypAvo^fkj>!gDQB^H#%_yl zlD#-e9V*A%60&Ynwo<}?FYY!5bM6y~-un*I&3!4#>i3uxM_M>6js$Rq;qn>K1Wy7Q z6Ph}k+DzQXLOi}p^AS8k-k*2h={=CUPcR>N=d@jGX7}R zG!eyJ91RU@T`jDwO<2%?PXn@Ch*)r{U?Tbx){(HVuU_~)miBXkDbT+2<84(78{jGi zHujgw|5pN8JX`>dUyCBLULIUCxc^pn8<2JLw+RUd)&)cXCGO!+0Ra$i={4L9BtlfS z*u9j}cPlnv)k#&q-R~reX_GgY3WtAI62_=Avnzo>YvI1< z;j|brKf0#}^=$07eWi8KTM>w_S#%2?tqDyTb=WJE!Ba&di}&+9D(DF!4^H_a1SLux zok5ysKvzw*S0ekcAZTDN=*@cuRsb|`v$C7Tw*z3m0F!RA zUW*((P%YW)SWAk=`xe)SEJ$PA_v}8cabXK&yqbgUZ3Uh=!Z~RUbRNp@{b{`;rb2V~ z2_^#IM3qUGXex1UH-4~pWD(zxkJ4TpKO0?%p*Ch&zk7-o#z~<38bySI(BdV{@$JEO zd_7rjo#jXVap%lmQeWbN*EinJ^?k)P%-DZt8yfq+7CCenz%+t@FT@{KnqO(4c_+8!H@eV{U_Rt`;ro1HhmzJIj7JGNj-P5a6ER{(R%d03>-6 zXE!@XD;8c5_vKF_VX^%1U%1GAp82cS;9q$#5+JcF4~GBekC6SOG>R^UKAz;cpmN~N`~(RI=_iPY#2=VBFLb+Oc%1yYu>x6 zwco@5BBX34#%nbEg&eVFsz_zCr2kx|Vdq(HKouyU{I3;Ve@1a^erCZSkzou#51;8~ zYlAdF>L4{-1R$qjX2NV{VG1G#k%Df)!P28bLlMAW$E=MLgp@`_TXl~3TTV#fF?iuK zfv9nRmUvj(nb|S9{(yOKEr6>N__fPVx~37;xN%=U7TB)VGD*jTx(E30tX0CJ$ID?ep$QWGZ#00vCgD6K!-+FVv4G&qg#G=evONkPr7K;L7 zw9^Hocqn-^2yiepEi?BfHLHk~8B!dEdhRR`-Zk)Ycr$A}kOb1YVX^<2IWyM+@qasK<}z3S zwxG+=GCBeS^j^wbowjT6Q6G&Y3QS|Y4F zZD0r&z8UN{jAC4iK`Kxjd#>0?w{=`X9U77Pl&Hw8UI=;e^O-Uha|hw1z5Ra7E6jel zfz+kxel}0Hx2HP|pUlNYrLe|cb>x-l>3^#$fW4@Be@hc;LK839=s4eKF&5cJw+hbl zFnDWw0=i5uNbuozoL!6NGagPymk~E*xx>C#h6aJPK1vlKQmSNfom(k)TDp06)@?(0 zt&*IL*jmi-SoYncT-z>yn*X~Yg>tcTv;;r=c>pSJEcUewz^|0l7%V-9SLF=x;;n^| z+y9&N{eNh1Ofa%;^s1ebxhQP*`z8fi>LBQr&&FRFr$8%t=(o3L?%V-dZ(L9Cu_)`& z5zjR8CJgLbU<@oVBW_P3w!CfzdB5F6rj7~`R@fQL_2us7!cf?KZ_W~Zf2Hl~ zwl~w8sW&fE9v)lP=BvGp6@gKU@dwhE!}|wWOihF@4-~_ko^&j);6|mgLX|}0z28K~ z_~^?~5?d|^O7I+I6DTx6JHCj{G#rr>XMoggBCcf}lN{q_8vPb9$7)GZ`;mY0Vm*Ku zzmrOI%ZR54yw4JvIhz>$GSn-5#oxDDXXsz%3Z(~_suoZ((Fp|wnSawxVSvny%MCjP zcGl|=zLKgEKz`=Bs_}Y+FZi8blcC5|?5tg!f!Ltak3IN$g#8~UUMaYP-TzAy<^gJ# zE_K*}kuTt?Yw+Pu6aK$+TmOy@CZc86?JK5lc=m)1y}ymhRFN=BD1dsB@G2sq2d+0Z zskh#kz|+^7UuB7l&Pm^|DoN#5mdcrpM#5NmluekK|A*bG#1Ti9{(K_GMjfbiW6|}q zB8IoTD5X)N#Z-_yAJT;&gVj+qLM2YegNx%WXoBsf{Dm-adOT`KVVU_1Q^0iak3Zif z^Rw9|MA+1uR+=@VFvz>hFXgt9?OibMl!FZ&EbyfS74-TME?WQ=e5Mz>{DN?=^HhV+ z+>xuAPnwY`-sb++p-$y=q$o+lt3>(6^T}oJV{?PH=pERkhuRfWxxwsRRD~#LiSc^_ z3GXsVGjxJ&dWy>wNGWQE5??eH4xW`DdHR7@B!RVyJ9yW)7W@2tL3WV-T9DA@!2SXB zeL>y7+CQL>>Tf>QWj;~-#;Uxpc4P4ReHZtuf?Fph1E!z83N#k>uh;)rWB|`%W8nhv zaIgR!8o)kr^YFjuD*v=2RQVMO?^E<6pKMot8bD1{7j`Mn77`rZDP~pwfM01QmaJvv zU0r|fo?cuKRHaYoFEVU2M0y)OCGU7o5VPlgg?g%vyRiF(MAS^2*&MG@gN@UNmpsv~ zyuh+Jwop5ZA8`+pX)R8h@{-iP2Xj9Vw}9j1!g=9sP5Ha!T3QTe&72NX26M!vk&k0xo+}GJ^P(*krCv2#cJfn>1(6*EsE;LXT$|C z3yjd54e#x~v4oj^x3&>yFNb#%q#1KOYLa{q&!23x#MYET`K0!d#|Ckh*$czB;crha zXy;jJ2ZCnYg2|s@l7meX(azSu-Wl-GjSPT9zu_cH&h{@;gasPDVQ(~iBS2)9?Y=4; zuFd$usA|8QM=M(crqGU@cJQZ>+LfzUgr`|<1884;OM8A2S z3Ug0JH0hXU?&3lVm&+wXO3WjE#QK=DhtwBFXK~7q@v;4WMr%WZxdX=BgZo1PR9cIE z9JHj}qTO(Txh_467i)Kj>KI`V(Bq&w9={Cx8q_I%1i0CIZInZ<`B^M%)?xA^v~nBVqluh$R5w+CZ>CFh&|lz z89*i~rqgR}$L(oTiir04{($cNN}Sz6eU(IzeAt7+mRirpq3ut;qnXq$PAk5xj3g`U z6mA}rIj8ov-wTZQ5TP`P7I@l$S*)PONyvErymIhW0`#gP}QjnP`XO)7FXC!*T@WU>%g?&_CFSK!8JfGMsco86vngg6PVef zQP*(De4icFQg=`5HfT6L=a8%NZlCP^Tj#oF!)~7DY74c@-Ajp5YFPt50*2K=FLEj0 z8Z&@8bZSTXfhM1&h)lVFgim6qG?C4qh1hojqv+gs38Ie5ad}G<(dGp3+E~!b#@h@$ z9-R3gtPg3M<*ELt3%wNkzIL!w)YuMWw?~yK+uc*!=~%q>wsxg|)8Y8r6aJFb{~e@4 z{;&#g8efRC*Sy?4ORhqQz|4TZl~K93=a%KSdlek>VYZZP%)^Jtq51IeQ-@vJvZ6w$b}fH;8n#a3?cXItb&8#Nq4UetKJyAlBv>& z47b`&63=iNHJS2;7Fo$bJ95ZRy><7-lTa7j!cRCF31DjO=VgUj!rt}v;u~W1rqg|k zhI;h=WYHgIEtpYj9tO73&DKEhl}cPJPsr1@QnZ4*-~9c8MIO-5e;Pb>i7myZvyBMW zv)MBYBv^P%`u%xf5iZ+nB)UVo_qL-?3cg$W@eowTu|*N~yVdj4k?rK9NMhBpF|U{| z=nL_S7vvR@t7E-sH4|Mk&xR~I?O&M@s(W?kY*;pXTH~qmvy5%|_YlM{p6$Epzudqx z4$+44IiuXV;5*va$`$sizrR7@VdN6NM}2nEl0V_z^Hxk{fE(8A!%Y$Ekwkac7c4 zGqbl(=|3~AD3?zAg>6+^P#S9i#y#-{bccE&jGuWr_`Y^4#95K0j|1HQ=P^G;^Y)1hYdtG zQLK@jkzo;cH57#6y4L(xC(n;om){LYdhC}0!L$P{$t{2p!boxyr|HXQn+gojAf^jH zJJL;Vb12D&Fu%L|$P+CGyLN)2+P{JySxd=+Q3Ee#Hzo5^*>d8C6Upaqk_0|fj{vzfCQL+Ed`{{FFIn13E$7I$5@_oBk!!eFl?99PP1&OW=NtsW`o z3g^1?CMV)A*<=hr5iCRsGUQYg5)uaJ41~A^?hzx#fB||@1Bh;ZyztM1AFK81M9lxd ziQr~tva4ohI3#dGWI!krA~YmO5O~__UJ=mG2eo(l(=?ck?45ppSaW9^>znKB5_&F| z7qUoF2SLay3h%5hv4;e2pey&V&d49aq|fx_N6}h84UKCRiG_5GUnlW-coN>NTPTbm zP%14UF~<}IGOt2t{L;xh*od?sM36X`5IQe zVV%Dib~WPPAtu4}Y*v&uV@n7@B+u3ato(a>kwe*@9Q^X11HlT`B9#p2QAX6{-i{>alg zFlE4Yva>aDGytc{{-6s_m4BffG!=k!WB^@&|ABVIfBZs0JU7tpp7f1`t_t|`f6C)P zW1(NYaFw)T{gJB$QnTzJpa+5#=s~^;kX#@B?|k$>MMYw7%W!1$@1s2J5kJS}x{zvV z@$+Zo;9IhLZdTL=O(gf&j#Y9}#5@lRrkw*hHAw72hxmJV^~Pa_@=JGf!6|F2(4yGv?uIXDEWC|BhjLR!=8qEfTE|4mGeE+N6^Wg(a&uUTv=^t zA9Xk#&f#s;#BaHXTfyj)IjDzb9JXf1QVK*+EzOY6c3wqA0QmT8k_zJzTu@;UVc=!5 zi#3AA_4seLBmXAZ|I?tfhC|PA9dXoUiKo-nb7(+2@n#Ee8OPYmKXc~~m*6&(Fnem6ndIhnnvL%y(nuOnYgw(e9wPh&+mUSPnEcPqQ zg7;Q{;UStx`EBClB@4e9j08yd&q3?RNFw0tf#Z?C>LQSFZ@l_*>@jc~;E)IiD1+bu z290vF{#2d242ggb|BJ5jPi9vWG{|FerGLVT2^}8)pfd8;AHij;90yoEx5~?)0xjit0oeHrE)icIpbA(QdEM1_8?$yG4^K0N$mk{n8+3CkB0jVX{!HYNkD zRHkZFvclq(gi}i$!LR1gg#>o%FFt*uRGDitNwS+h6LyI5X-S+IZq3%CrJVm-FiL|8 zac7(V-oAi-n~>tz9F2%lCN`HSOs>89bHdPF#&fTaj}cdjOvCX9M9$uea~g~+yWQ*c zIXQX~!1;BS{gb2bAu?`D4bGL>U5d?LhYD_yj;*K9blBzy*Hm~aqANOg^|t)gDu0gz z{H+y+t5@NAKJWPYb~-JMy(7Jb6*WqVCNsS~ehG9e0Czk74MhEQXz3W2zYBNyso^HSrf z)_a>Vi0q>@sn$-eyhhGN@6g~R0-T(ArX1~-a=f!x#UXpmQ(800fu8JJygqLjbgl7u zO>2F=#@Pi{w!+8HVoQF?;p&mdl8NJiBs63gZjiJ;}%S1xPy*~LWhad(t@|!sRRH%nW zCQ@Zo1@0YC?I62KBV3iHUzM$bNj*1E)dZvzfc|<;V6y}QnwJ*+vo!s`!%hB^{kOQp z?;BFsQI#!vx|aI1OjAwPzq}aQ7hT+T4||}Oma0lDha7P-K4O2QT>CB_X60UpgNO|M z{#^z&=(kdxi#*)B2Ri&h;?3~_1|{-CD6RWsv>K@5elP@~`BP7^Ib%nqy`H&zA+U0) zJRL4VU^q~j?8FwY56M4?r01E*WmBC#cO>{sfkPA)XXR(Q)@kWqL3OwgA`$i#-_IqK zl(do%(TPgC!DNv^wO4=K^tRB_pembF929SXpO-674(Zc6?y}n6cxU3whMG0~4CV)K z7Ps}Z?_=5{TZ@yGV7xoRKN(9`=2}0m>tNxNnZQnY(L->o`|$i$y*CQ!+eakT*Y^Jp zp+2}908tD5*_F>A&=Rv4Ph}gLJfZE|aQ{sf_OsmlfxuqEWXp_Gl}2k>?2BaDq;HUw z70M9xa;t>o&V;_NKI&QAr7qWbOFT2?(RY}1XE7vn9!3-GljekRuxv^>H4I7Ly`rS~ zz$!xftn`y|2bT9%H8A18y1@unGSVc0|I$x%AP&mjnx| z08PG^MK?d^h9hDTYA6G@19Y+g!X3by*DWnT3o#3z&~k|*&{$MgXZ=VX{)_T0Faodx z=Fh^y1?<}3Eu7=Bv=PL?21xn<%_;vKZt|ZHAeoA!1*fKQq33ZvZ5=m~#bKTNa|R}I zVjb}Xa$R3a=WlwxH8L*?UXYe8!r?BbX-}IuTj~18+{p+boK8ncwsA$L(^xgB@RLdQ z$Xe`V@%5*#ef&z84XEUsjon6G(b$gdZM&gE^hAZ z+-?#jG%Kdwm3Tyc(cb4hX()Jp@S1V_>x9V_0ss-afb{=8>7Qd=eI5JC(Dn+;em!EH2We$ zbcU#}{cJ`q$?%Lyg?1{?SU#4iQ<{)Ib?)N1yBWtP;(d&kmr^U}CnyU-V|{hSYI#zP zP_y%zOgP$n8Mr=@Q(RjQL?kwulOdjOIMSfqS>PM5pHU%g+2kv`%r{Neq& zm`~0--rAz51NM}z3G^knuLwctd>^~+AMMb3i*`7B2SygYgCbFR}x_i^~og zUZV^UW{3U;5Q`5#PzI;eHUYoNLssO3wx|;ijr1nUfO$sp4W0p@%%uPuxHuZ+m%;#8 zc>qw4zI+`C3-qfC?za>EO&i>`OyRGe_}K{eFJR}gYV<$Q828`z*8d5S=9cvgHHg{N zd05%bw+BKW7f#5$hYQ;>j%G>D=Z+;w9$_+~-@n%^UKRfA6&oDPu#ZP?0yFKODi9_K!HJJ`Z#ZK3EVI%c z6C143!izh_Q&{9fhgxSCbtz9J-*|^`+g|W__qCRGvj83TJ!s5L%R!Z;p*k-8#QQIS zQp{bvd-KAHq{XPOuG89wejTT=w$_KCmRGyyv)z;^Jy%0AYaa!x7y2Y^_tn<>Az=|4 zLmm=!xOQkMC31ojFAQWf!!lR3COx-CK^aIDfn;iES1K)%=hI>DJyxnKZwl4jrWNsp zE3u4j8T<@O;>b<&^=Jyk%>+#xHU9Lp5|`@;6O|+q4L;10 zPW_AHr&*kIH%?QHVl0)3=oaDjH(0n@j-53YkZqpj0g&cCQ6gE1_$}1hCm+uOphCP+ zQ3se2v}J`+1vmW+R;i|Y7SNdBD+JYNqV`3C;HA@0kb7l>d^T%Nd!x+42#Y_wB+Y?9 zK)|E-*Jjm`3}-?QPII1=I35))_bf7J3a&_@SZrbFOh4GuEAYRzL4e70?lVY!Z!-V| z(x0P~`J(TB16~f`43hzn5v&(}0}-P8^~m~|4`u&VhjAX3lw5Hb|IaA4E*l)sSft+q zm`my~;7$G&V;DOS!GKekOUAJCLy+J9uDA2IxR81Ek!8L#SBd9X(_dSv2_m>f@E<5k zZQy0lg+_B)!?7_-8ScrzH2H{gl{@q`Xdya{O$Ld7jnkl>*X4?~AJTRZBbl7q)*e14 zYT&EtEzRi@&qpo0jwAHK^KQJ$MD8`7FoN)!`@>6YcIxSIh80hX&Jzir3Y5cLnLo^NPiEW*Cw#$$(Os}i4B)3rA`e5lXHUPX;{Wn{G23=TFaEx$cz<>4wD z&v#jU8Yrfd5RYOBKX;QPnPR-8g>yP5llrS;l`F}d%{rqgqjKP&M0`K-$_hKl3@}8N zQ{;a$m78T|Hq&^0b+)1G#5jnAKffDpF7T_>niU~`dv>MhaRj2E9)fbGVcRIILsOga z@n&7px0@6_~ITnY{QM8`}3bBR_TH;^@MBchRZE@|ZVq!XZz#XR#-dVdl zr?X#VM#MBT)s1=t1XeiJ@2sQskoPg%N}xl(aIF52mOvlJ^pAa>T5q2Pdf>lDET#3qi~01o)FdQ$QzAVhRWl{gk+H&-5upn`)luK1@_ZaRP7e^ zvkMSkY;N4~?%>>+!C&7oTX|Y1v4A+&BaZ$G56vx3!joN3?;)dkM2l2Ra+*N%X7B!( ze|#Y4P$L(Qx+CjdDW)R4TqC6oB*;?VO_xW#S!6rD*UDck8~d7#Q__E`<<&`EyPm(; zARtQUoNE8n+*(mbX5i~Fn$9Yt)Ehs(I}lY)Rz~EXStSs7(LUMV6Smh98nhBEbQYjx zfwFONe1I4wZPd|0sS%%`%h?iji1dXq!;tuMsrPIiD`|Ck=e;1Bqg>0XDI?I(b^>>W zDT@#6mv=R{k`pp8iBXA>EXmG2jDCDluTEdc5 z!Dy|cyA{y~-esNMw4#tP1$l_GNz2Fltmw2*kUq(4`OmVAA9)-|@8T5pt#*lT2)U>1 zdN~O4?UBUfNQdeB)mi^1QuKyXg`4+H~Lgb>XLRhUPDaDMd!v z z6=rOMx@dN^F!=$K(yHJg7P?&w65F!2b{gf=_)iH?mi4Q_W0jSsT`#?@bQwCuY!UXM ztPY1C)iD(lA>{KmAQ@`*%|9n^hb%o`(?5e20g;}cGor>H!oV;jK)sd#sHQ+dVHnu= z%0%iVOVGW0mN%(**Ynrq{NFXK3*ZuY|9xEIUk>ZCk^lR{y60sVUS4pQ=R10l{U^f6 z|6je?zbn){MM8Zw#yD;Ef@vl3#_W^Eg=caxl?Lkk>K3=#@mu1&kjJnf((1Qcr3EGR$%E*}VyjT)(nP}6hC^I9_7ha_*~*$kJM3O$Tm2pr}5N^z(C5L3TE55{Mg@H4fj z0eYKktzg)>)A(h%pW~T0XmI$OqvXV7NE+6!$GxX&PHJc9|1KLZT&t1)BogX1amYi`U7b@F=<8cXzs#!Y~hdrTVPk zrdrk+F70d424~y*(>KKP`^9xeiDHvcNktROAsAr>opYdIDU6I>2UH!m*ce(_xSZ

lab z)~$(gShTHGJ#g#RJpH*h!Tv6JVPa(TvnN?6_^}}-02^Wq@P%_3+G$6mv}+}{4?C#O zy$-wIM{{+P2l<8m9NGb72;jXD0Sigq#Eo1QAbvOT_y)*;$3nh%fLsh{^nB|OAz|UD znwyZTsYocRDyyleeuHGNf~7TqUj>ateg2%Ii<2|Cgcv}`{%7gHOZ)~vMfSrJ{5-b* zKj&8eBE%ysQPnCuG^c#$IYwot(xEkRtGHvVdT7sN9L3;tIx`Hq78ZL`qkl_B zXz6-o|CiBlkA<9odrV1#25mbjGt_ZL#lE1N=k`mTS?uY1P0ZRV<$9GqY`)+}Xvk;<~S zo%Ag($TQQKVQG3M!+X;Z|!nP zlx2TO$@lY0Hh%woB}1nG`{4s%CHq{gWK4)A?dj@WV%ui94Ns_>Tx%Y`xC)TqmBlQn z%zDA=0R(yo;57%n^0(Lz8Vl?o{HSSN2>Zo~3d-~K4ZhS-zl0v+S6u(+V$ z`Utty*b|#CHKU0I7ukfka4Wt3Eul%TLeTqobr;idHR0{!zHuI*V&ZMlD1xxhH4lPc z<&&&`q1&OKH1RlL*pKcZbi4Oxt>n)!4d@N9qNIygLepo^9;-a5JljXG?q+Q76u4CbT^ZQ|d6Z-|x z3wcgU0yGW*PHPZTCeS(zzH!+&JjbA4u8(s*2{Gl{Ea#w6cExiv@h`z87+*_Wv`8WR zD)&BrO}0)-6q%vLZV>Nl!r|ewaaMzpj5_joiMqBV@eJFU-y!9shJ%cpim;!^Ar&|#e3Ze&i1o(z zDIkY!d*#VlN34ak!0g@?T0Wowxhb#&hsDucFmrVOKI|5(YeNP@SB9dURlBfa;HeJD zYHT{jNN&dqTEe-i10?&R{y9Yf==;+Xq3zOe%g|1Cet++r+v0%TqN<`^yRWdzU+7)OjA0iV}in7>flg%Qu^Jv@Pl zAl=E9yK!jXRadi;ja9v2AUJ3}w0eA``+?;7qfE}bS@FFeW#Z3*kYEK@Cy|#FUd}w= zK8agrF%ym)T3{<$!AL z4Qalo=w>l^@M|zV+m@^$qs`Tai4I<7# z0AHt;)|=Aw{^-}!YWoT}TLXy#Dg_&JA6P*0g+aK(Om=@tAt+YAcQ+!K7bh+kgAtMK zzJ6swGkrBaa>l(VnOzK7-@`FU7J~Sklzf_!my!IdX!TO?Gfql7_Qos-htH)*K-S{# z>9~X9%}whAc+R|dnMV{qk{#>nR~P0T-4NMH!*|@>4|JC8HfvKYlQy1@9I|~zvIrl8 zK$?>7uzq{u$rq_>WX?lMkAnAJWm5_xJ5Arpd*=if*^;^5a;HS{XqDw)z#(1I=0zJ$ z6pshAg!Fcs&KrcS5MGMl3RHAWu`dpV(#)st$H^{z+J7o@j+gnmWm%+}@9xcBiHru~ zSII}gnm?t|e>~w&GUouF)juI~?$qJ8aATMWec=IUDOJQ*kx@_2(4a8b(gGjFS!P@( z@V$sKzMW>NqB^-{M+2>eX5361CTAfZNj>2c{YMjIz7la3llNY_JGQ`~)Az>&*&CE( zzDBO)rBe@NlMj9=&_+M`hRkv6Oeu>(q}&0@h|vF;VX>~pHM05MS(nUa9go;Zq6Nj( zIo7jeFMGWwu@j{SP}O!L`m@5fDB1-|`8*#J5=zB+u-Ey|uvtJqv?aUs(c$c^nPX;o zlXk@NQ3^$8;0vNC$|Ru=)C&V9FZT^#wr5Ezv_vShvL5R&uHEgnDMUeWFVgQ&kAc)e zF|W5E@Mt5umjv6?zD}j2J34kt<-;VU78kThP78FY2xw1|C@A)+N!3{SGVWb>7m_4T zn>&T{FIPGEVMY0u4%>&h%qD_biC$U*2q>u1(bva5RWD4cS5&mm9@&Mz%ad zhCazr(+E40?Jc{D2ivt9MaindGt6WuE z3#0c}AR3DH?d7GGM>|J^Vzf zCF$le(o6c=8;JV6{XK>g%(mw)pU~h30^Huw#KywK=I8Kj_wRNg5N!Nvj*nua6`rIeA2iC`R#{+JhOmb>>t-rTig^Hl%zWY3s_vuRg`W8gJ{ygWTQf#NJE$ zex7Kgv>|O8;xlo$0!x6i5(b1sS?KRTRRyJ@KAFTll=MKOyp+wmWQYmG$}->b$4V;k+2fjkzWp zq(20b-Fre2LtiWU$-ib)CDvV@iSX3VPW;VHNau&53lK}pR`1)l97|p{oxLwAIGFid z;SpYaF$VfehL+K6mWM(yNwY6eoM)npd1FGN#OOZ)z60iQJ_28qYh=sLE4 z#Nz%ifSha28{Gmc^oa{sGD2R*d`bUX&G8z+xw^d#4&jMxzkPQhma!)%li8!XFlcyy zg7n9g3dbXHe|FI|Ce1JEk%mHbqR-M%wC^#S&}geDKvcNj%R)_IimD}v&Te~lsy_(I zjqZXmENuJ0Ip>-50gXpDo+ZKlNnyHOz7H13y$%HFa$U0xB?RjARcb3`y14XVUMB>N zxfHnPcQY{H7GFUW)Dp`=Az=@;i1Zvsa$fiG=h-b(jU(VpNVKu!Yp)o585W$dme!5V zm+x7d_0e7O=!BbPB|LC%{tRX^%RG~XY6yBO>+|$2*<|R4AToWpEh5S@KYdC#)AGL;jwX)3E(({PFG&$7h^v6T}UMqB|7o}B)gww>2#$DQ7JE4U6uHEq^q zH*&PovQ>GXSf?{GG$1}wX|mES!j!IFLCC4>5ipP&kwmN%Y|VUYq(-z`w_VD+DE5LU zXO$(K=H_;$qWWP6(kajDHe`FH#H3`H`BuHeF`RB}k@Pkl7h@dMuWF#p;Fzzd+l()a zBtI9O%-36-GGCK6PF;BLF>jkL2C^Kd3Wem!nFXT-l{;x=KCy%0R!>(_37$^)s{^TE zTlzM2)(3-TVL=Rs)_FRT87M{m%PC5;_BGS$0tU;Li`wI#&jjW~`rylql$%skJ~6C! zo>qVH*9#gJ!Jqc4gduJx%e`-hL*6}y5{g7JZmPC)BHc|#W3d3(859JL@%ePzMft$U z;HUmO#}EA<7;d25!w#4#(S?~pBL?hUHBT^BR_=;<0wX!!n(inl;!GFQHRr=O-=JwI zq`<@H_1CL2HQ;oZ4J>BKdycK=1+ev;ARczkb24~fQtrp$KYh8sGsTe#*#S?fZI?94 zBR-aKMTsy@z7DJDvuOzPf(2+y5^hC=$8xgfiJX-xLy1QD*Ap-`A~k}GgrdM}=oLz0}TC08k0 zmT+59$U=v}SE98OGDfMJa?P>qdA&NK@3mgy@~3pMNZo3E=p)YwKS*(E$$m(8g1J6e z)PRCj1<^xe-DZW7sP!OmN-=fk>k|f3*4%EM%y|;BT14i({53P>;s<04l7bVttvy=p ztoPTXQy(WyyZ0G2~Y|M1NI+=mtO%^eEfy)&`%?1Lm8Q|M_O%(Xf4*ppL_#Yei3s^mj z3gDB$C4Ark@Va9Z6A+gW0vB{GOf8HIfGIB%S3BT4KvQUK;p7Yw%M{5J3KqChV!L{6 zK&F@F@>tIixU}B6z38#)85!uY>47i!YvJu1+SWH|8q_tPo9=Vn^S*sQ_BD%8><9Yd zkR=uCAcZu=SEdv9qCi#ltm{h_oqP7v|kAYB6c?>&}ls?oohzSl#tq-#Er zlaaI{tUt_k{cP}gE#8!Kj_>IFvt+0eJ1Z+jYAVMplPzkkl~uNPyYs~|M|-grl+!Si z@3b{fOh%I$`%ajV`l#tSVGi`;a9jjLzEYAAbXjlstH9(f-=>g@imdCu>$GXCs%SHm zu6AtE%GDZK&mWX$g+zn8kdUljcCUjfDcnFWF4{C6F@)=NL>iOeXQffa(L1ya0lR&) zUMj&h6EvarZ{Ekf7JSju9BZr9q3dk&M*A#h>Dga@PsGJ_e2c(*Ew7_ zH@F)#h2`GAdYu1*Ib5;tif31IF%TE%yz+LLi=7|-pUmN2xys-9m(N5BX7CJIIQwuE zy=0ITZ=EFI#AO&?%1~pE_qWy*Gb(h5uqA37UCY0VwiH7~8cdL1RK@f{4>kPN(;!X{ zHl~-vhTOa5cVz{7UOVWmi#8^%b&o6n8M#l)`>I8bcmPUHPb(8*x+W3FTc+ z&jWU$+U=C2x8yD3v|$5@$1fy4ycNd79CiMP%(}!tW0`haqpXBnuuj4gcCR7L0;kMJ zp4_O7)0Gb%s+;??Q)+8%$CbnhXE!Ogs>{=3QnZM{SNp7=Mj^-4kMpT`ohm6Yh|MHp zl|MmOQQq?{->7XL;ql=xcNrCZu?92+Evk%*Zw>8~OH=gQ88i>pA6xwoSCWy?p%S6n z^Hk_DDf&vvgL2?p(TGwN5Q)6qIyJ-P-j^At^);pZgW za=tfwB;j<#I)a%6ohoR26cP%n+vrn^uP0%b&qa3#SP$Px(xidz3 zZ0>Q~Lw)S%8bS2f@l=^pL;~s|3vorNlg#yU87T>==i8PXnB8)zeRpccp&n_;n^Yy1 z5zW&*!`*3ucm&UfXIuqSMR`31>A}q;@9lFdM79I`tAT|Dc*GS5u?^=9-;;i~IoLv= z`0)hT;G-@!ctnWQ@}1#)#E0g;8l7Lmm3*DWKVBzn2VB(z@H_Tkx}I}$=K>;q9yXxb!Ui^X;0Hhe z^zsnoSNiQOU5JhTgYOS4vJ37oqg?;v`vZ$>nK*(&AWhbP|NZ=(W2rkRW9SiGHr9W0 zNP))Tb?1FdF&`s|-Tl^N>-?d9%AnjY*m*4jd_*Orkrc{3qvKyBZn5vJNgoUHnsU-| ziAvV%)1Ai6#oq599n43k*=4pTyjR5Yn9PAiNO}R~K+Ho`vy;>PU5MSPxIitvb#ub8 zKH{5q8pd}PPaZ>$W)(2atM?}jzrh$S4#30;!MmmZ%1rn{?gZU~?6JP3(S0}Kur@UY zv*IuWVf@wyHV;!Q!!hS~m3EKXV=a%ZS%eN;21*E4hUJbB8vUPUlWdtK!vvamckenR z+?~@)e{q7Muy|Dst0~Y{KYT-l?imjGAuog`nr3O7h}yGEe%~ z(4R*|bM8oMp2K< z!DBOq0k0oXg{x0iGnhZ#>*D-mWvlrrPI{gRx3S5xp~{&1KpeXj zak%uxQZPwEjQDazW7^K(W_`D)^HT6AS(rcz9xrwf?bz6DskcS(lDn@xV-;x~tlVyu z$Pdfe6h5ar23Y)It8ZJp8LlMgBaI@!($gZ)Of9V>g#3bng$$DKsD8*tvir%i{~@j=^<};$iz+o+sp4 z!+N*hAgW$nX6I8({a1Y8Ukk`ws=C5sA%gW}$W`s!Y`-xuBmGc|0f@j|tewGPFh)kK zv>+O=3q-~u14A4xVsWq||6N${N6++9SLU*Ietzn?n>_zzSA0IfWrd&V;?E%r7#AR< z2yT&|S9kzbu`5`eUo>d`|MrIe71VZ^i_0?N&8xeQru;+VG&=jQ?;auW>*+&LjY#2lTZ-u-n0&rsCVhc`W z!Nwz@ejXc%iJZf`!2lrOUpAnh#0Eq+>{ky#|NVFHckxKQ@1{l?)xueNov24)X!z0n zg?)HBvG>tP99&VvNBLE}?q8E!zOXD8S-}K~_v9^^N1v)G8lvYqp!LJ^Fo^~!mhwNe zix|sB8<>*`6BsvU=2;=NuF?p9v@MPH+S39zM7%0?87`wN3nod^W1C#o-zt)#X_E|n zJ<#F94%%`pK31PPm(EZssgf11t-fn02l8I!(6fvlgC%2<7D@P8qghgRlgemBHD!US zhOh7&r3PyFjD;4-vPHt}?ARvG5QlMdPobsTg;i(J17pp}+v6Y3Ft0#K6gBIq9@xB> z8PKu5^>jP+mAZBZr@E*mNbgng=OqE5%5KaU*4u9$%ls+P;gsE%dn)wCpQohQ!357G zGD9t4^|zYIZzazwi4GV<4#xQugsg8K2%G7&wwQJb-%2_O!HU&t+s^FKi>S%3*%_}g zt_iQKCF+|xE-?)i>0dipo+b^=`*1^%2ns|c>2U@VVxJ`JG}PRpL6BSqLIyK2k#bF9*f-4>M`P|2q;Ql}eSJ>cC^ zXiHOdr^*$?89Ae$JnTFT_^8?8F`n#Q5Oo$T2#*`T==F|dlil^6D6?$PVO*GbAhh3; zwA9A8-0iBx>NoM3L~>CMM5j|S7aZ+g>MY_as2~|1%71E-S8Z^&4t?L0jz#s#-Xhx< zy^FsTq5D~~a1Q;u(0~taG0x}K`ZJ21^%t0rEcE{Otmi8A?(NR^MahB=BMBG>0(@a{ zzskmg{Qj%7w5zF3t_hK5Z&snhv5e0HQfXxu$+=$4aaLkB=zDE>pbcz?SdgpR( z`@aNR;Ng!#g;vx~vqr|=$%5BRF7NK)Ji6()ac@JL2{B~c%0}ONrK~-c5=C2f@M*cu zUS~DZ^a4%->MV49r)zlCtU_xVmP;*U^J@29t0%Q#GbOpRjvwT+z9`hgjlAzNcJ_Mp zKqTG7NpmMQmEW>Fxw|c-en7%TV#$_5=&T-{ReNoB^4x4Nfi2F?*v`Pf;HN-RrV#79 zy}$rLBn%s{%Mo7gaKEyWfV{5ka8jb*+HMFa*Q6Xxz*SdrIRjfG^K%tK*2^v(JPN#u zfwiffqcJNX2p=3BBB5Xc8ys*i;9U5&g^dM}4Y7WU2T|}vL;#-N@6qEAcCYi60a!8i z2O=BX!(#{jyU>dMe|mF&w=XsdXMD0=82ZK~#aNBQ?VIAxzyQ?DVldRDOOFHME1?NMm% z&CLvK2LxwFCMrBO-%XB{47}0l+Vr-MlQBXU-q^&yS^8N)+@Zl^S8~OIxK7im4R=Fm z^^f6%SnpYLNHbGTc|L!>!KP^kzi(B0jLq=0rl@b+NY5#93O1#Hr=S^28RQ7!$>hr92xhxNx^uD2jSSAQv%p%qvXs7MA?MY6;B}d7!Qbg^0lJ=xSDtqx z{>AJ5uq`8~pFn*~Tl<=OH15?Qe!pL#t^G5EW?x=)J+_QFjO*I!md+*=y8d{SBEABR zJmlNeXHT}8>YY_Znoduy)pjaqeG1cu_0_L|mEHTi^Qx)sg>!HOUHs` zYbysdqtC-xtygIINGUC_5ydDhd)j;h*4%1{A#*Ci)|%TV)x{>ZFrSHL_!qQrIv!2# z+>r)dH-Wa^T)*zLnFgJ;z+IY&gCBEL2i2d?ScrkeIJ$yBQ%sShe-NwdJer-V(y&`- zzL0JE>Wy`I4*H{}4fA*EyJfp?8F=^*{i>{j-ZV0O5F)IpFk0F-Wb_}kgb-2O;SG5F zV4dq>@&y*_4?I0TwHpVrzxx@e3LuIu1HL#f6IT9;Ptr&bOJ^HYH+A&|TdjVc3Hh%w z-EfnCr`!RLQvTy4J^#iC@c-Of|BIOsobt6(XdJPXl8q2Y1Jo=&J<_$Eibllr*Acu^xh9a$hG^O~SwXbadpbHfwbf6a$A7S9e7rF$ z7M9I_OFE83ag%0#T%Wn&`hPkWjHAb?p`><9T~P{caRQlh)QG7zc6D_?n?Zn#p+LqD z@8qo^&PCK6X@!PTLb_IADQ&1VJw={ng#alH=9Aad1Z2aPQbl1PlDG4ffUz#v@lhdRPR59)6K1{(!tV z{xUpiGxvRYLmL5Gs2;Gqr7o8DCFte4rV2v#)#w1+RlogBHys%Z?|0}5uw<3lzZKJw zu#kS7@$EtAs}G*SeK%qlM!!cU zkM^_0&Ck7Ev~epL;RYJqCC=D0&I^27jx5aS$Ad4M_5~mo;n>&w8Ol`h_;8&fXGPG+ z`I?{SXRTK##4@w#uWR(afQdIZU*VzAcd2;n_B9TByNq1sq*NG3dI*ZufIzo4X}i>| z#yHipNv{QKJI(MI)p|kI0=E!)%62^>R4tP5rP%R^NOnU@bC5JgHVv4VqX;n{nvR-Iqe zK`@o&B8}|t?4XA?Ihn}@bc%bqFFduiwu7dNX6Kb?jb47CVO?}`?ct_M2h%c@^@~KK z;~5omGj+j$+5yh%t=;Bl{Zp@0iuz*1*FWk=Mn0JJ)TAY3A(?v(!7UQ=LEPqz3T@K8 zJu?_moHyYQpO4JlzL9&I$jQm|6JE+IGEcO(ObDe&#Ef70i`CH3qoSTC}B}%^nYQqN`x#(dB@03#&?r?I9Ry?%hdA!qWAK5UZo`Si1K^N!Hf6Eo$y^#!72hC%e+*w|x3zvMk4(2O7?=sU zlU{s4d@n3_Eo;KT1T{y=YpZ^kLLc?T-HiFV6Q#SzPm?Rwnb%>~3`6D^y57jQ+%_hi z9SG5^lU3+3hbJM_iR<%ra3pSTHrrqW=oYmTr-GW(npAuk5I;p`#E~UgD)-JI za^<>Bc!em6j|tk+Sse4q(2ycNx$h;+w6S(0sQb*|^xmp>63JM`53ll@7x~rA{O~GX zcO?d%_V;?8vc?lyR_{q}XhGDE!?S%7#|M_e95*Vg4yggS*f3~K{PgGD=uD`2f3+cNa9wj z9W5>6oqkgTv!v9CJDSB^JJwukQeS`d1YUrG9Ix#Q?t0sV<6)PR_dG5OPNCqb<&EmB z4XwIlvaz>v#z+}hT?Tdgyu=}OwGCbrzMs!ZggsVDFzf_kh&)^)+PEvP;|H#AL2MY2 zr@UA{V~2Su($xZWC~idl$gf{?WL${Rb;KzB&TLHHB3dT1$QR}ZQUmp;?0cV)4es5G zWAKxDbpy1OkD+gw z5IMGUc^Pm|8#n}UaRBl%|IlUrZls`3LljpveKmPxL~iTsL+4{LURjgMHQZ2+Y1BJ$ z&I9qaFv6u!w^)noqvFgb$k7NPmk7P&@pP8LYlKn=UvC%`zcR@qtEp+Ii8(p7k3r5f zYlO_cGvKg_PUrfyT-`&0f$Wi|>RJvRr+F@<0(vep_cl?}+Zc=j$6`&5cdEf%-FtVZ z7^ifiZTWKqr;hzsW_PtKVA<`$x%vmO``1qMMje zh(p7wpL>uyACb~nlExmoUFG+bsDnbK>vQK;685upZ+GRckNvi8`hj`t^seL|G$HXo z3G0Lr3rw$+)Q@DfGW^XJA2<8?mL zf&~^RZ(asFbUW1w-OQlAHT6|^gcQ7$WHr= zKtcbmDbsN!oywB6Jl6BZbRcHfjXXCko;OV;!6#cf0rhYlLvB{+HdHLPJgxKLANITr zd|VnDK~jtxb=MSc68BTY{o&bz3fI;X9;_miIZ+D++dck``!}Zd^TbgfYpLBq9z#`@ zZZCVh%W}W{J)0uuwIt@2#jiV*p-McDcTLq@-=QldJyAxHlTmuWCD4?83k8EDIOTTH zo+D<$^83$eQw2Ktay5^j%A6p&rYND;4&M_v8$u-ZQjj+$=HIFEw`@%D@GRVwrBeRl zd|D^JT0jD2TaJ2Pyrpb}l3VX(kT*j-^V+>95wj_aO*ibAbc(z}&X8trokZ``EZf?P z+Olu5KJrRvS?;zV6lk`Rr?A;7)|BfQ6lr02uW&6ycSB;rdOsOzBy&P794>_*JJW3l z^r)oIWh-F+nIZ3hwZ_uz;W%V87h0m!rc*+(ogTO2n=uBp7PPpcFuL~i#MdWc78@w< zGC2#!PZ|-RI?Yydl@SL0t98E1utc}lMt-nYQi8X%T&|t8D%?usLTfbbEe<6Me5kTfw z_A?+PrUp@-*K>ge=eJ9ctC|>@+uB*%nOT^869@+YwBXZ_vFLuBb`I?Yu;4#z{wKWG zWv!PBz=U(N^Rk|!HUXWY?}z^v@8oZ#)7ZMs)*bR-f=W>^jpzI2w!5J5Lxi%5kNNW+ ze{9W~8lA9ZP>DUJ$`uU!_-IXUbLEEkK5d?m*W3dA$F8R;ERT9%ArnYrOo@5(<&Lzf zonWXY&6AV%BREaC55AfwOL@V&uB=WQKu-6p-7q5fI2;7@neN@m_*yh1As zeFyT3zi@~EnSx))ee6G-lVzQ2`G4=D^#?lmDByegE>Zo5+AeH{P-wxoo2_wB6j&Hu94m0%#1Tr}xiTNR3?Wcx_543k? zA#9v$pI3)h1<0=!&`Q3#; zF9I3%EZ{=g|Kviz1uwstpMA(>mk0q1Uc}MD6OgX{R@s8bLQ*lZb9QzzHn2AN4_yuP zRabKnM_*|uiMTkM+ntL;e5YpM1&@dQNS?W`ww3oIsV^-F+-Q znc=aNT?1{Pj^8R({ia8NlQ~T6OO{32TsYw=7J2$}88jx#q5lD0l; z1#a3Bya;2Q3A{Vzd~BuH9`*!7IZRURQ>_c}s_(LD*{uULM-3=~13ZU28>F=G&g~h} zjn>aUSMeHA6){*bt0 zeCHau8_x)vAdjERL#HG2nDX9!vi8lR^m_yM%6H(Is!y7Fa+?N|U}fvy>VfLLoR1s>a2ZJ zSY}^doI?6z#fa!2i%;hc0T)0rTbxgR{z2-A)a$!HfD#6L0Y8v0Jb}XCk7Mm6`#ea5 zmRdU~-gK?;>K_+eaMSzQG2nr4E`kd*b>Ldy>CelG8#jpaBAj5p2qM`3O#lWsrr_lQ zW(I@qcN`igH73TwbwuA9)6J|eiiTrb$`Q;-4 zV;3+Sl?!393D^)sKDJvS_1#0iPVjo!Y(}q;Xtig}DT87n+13f#Ag91<9*lOf5O&VizX;$ zVU}Jk!54Ec8RTwlsCdn|Dz!woYE&!0%;MgrF#QQV*Zj7cqtycvd3@0a?tR?+aZ70? z40OLR2mnLKp3Rt?oHR-xh*rxp;jyxD{@*JBzt$nIa=cyi>+lfwLP8a_o^~~hHc9F2 zTU!P%wB2xC=23YA>r2G(wu7az2a%sUYV^}cnn3j*-IS08sbBiX zRM|bJuP>ytmuG*miT|>j`gbu@|7~vS-@bu=<)&5$nrw2^4VY4-9X^}Qy@=YVc@%sf zDGu$3hx(~xsQ-#nL1r424k}rni7m>rLG?iVkW{!dj4Y@5=bF4$wk@A=#tI6Aimt&$ zv6lEg<9HLpVHS$`8XI#-UP9f1%pL0f)QnUd-Ak@+BklHuH%uX3Sv73Wyg+sIEUZOa zIc8JSf90k$ap-vY-EyY1siD2~kG2p~_-|m?ccCDzR)!29E#W`pH0*0iyWtV0*WHHr zslSS3p1xsaIyl{&dIjWN9foseHdMN(Si?s22_SrfMp3dE|R*X6FmBZN+AvY7JHHNd(@WbmxP z)>z(i$X#vI&wI9ge>sd6{So!}hk(7(ytvNfZc%(r?2OW6$#`ako}Cb}7TgCKOp4oK zO!qxCN_V&PtcD??USJz&op}`n@5Em7sDE(VEPpKnAG<4$^XQz^~V$bkgamQrL$aN(NT@2Q%roE zLWsQ_<4$jwn0>?S(cl1~uGD%sw{4#4P#e&X2!kKn=Y|U zM-CI60^Gw@un!DhNllt5ct#*S-)U_bHRDs!d-esV-hkeA3bxP&&PT zBLoe`dhF|Lrp|{DOXu~ews-Y%9HfQXa_oBXh%BL|I&MjwB(7M6V=Ftj zh?tyXCDT+6_KeBu$dh=_hu$hN=(?Q#AAB4P^8vNIs?KB{&^PmBXS>|kDR2;?B!8lqyffNnF8T2}XL}GddB;(TQVLOr|YbrzEcePJxWvb4*(vngXv-@)b5oo~VB61J4`zMXZY z*!0Jzf9s9@M!^aH%SQ|jc8T+evdv%@Mvf9i$`VxrG@n&iKd*k;ub=O_3yBRC`AT#N zLWs9!V#J8$B@@My*o;=)SMOhmmh_rUe=NTlTPsa1-@8MiSUkqWHsJqepKI1)@u^r; zM$qn)RTuY?g=TC%?&)=`^yg&sI~ospuD>P(&3!*SOQ?g zi}vIH$J|$jRn>Og(hbrL(%m5qBHdB~(%oIs9nv7(EeI0Q4N}q_(k+eB&Dnr~KF@id z?>px`?{|K9T`cx;ueCSp9`~GM&N;?!O>}TpKOb6f0L=pa8L*MG+&{F4_^A}@qWi0R zt*+wuFEI@(AAY`D=0)$pj-qSC_)CrUPP7tmy&ohCEDElmv7xb@w%G%E_E#V7kFH-p zt@6kJ{64!25cjwXhZzA(Ex_fPnVs>@GxPS4m4WT<@IQ1H|5VD1c_!_fBD*#My>9c8 z*m(MtRT%m=>Tr0_{x`jJKu|6P%pr#xPuDOc3sS2^P?;Q=W+~w2FeNk{(oQ+JE~Q^j zy0#nc6%5y~Xqs{!=soHGSTcZO)cvVvt73_Vj&OdHW_01qDpvBwL^-|+V+BWU)g2ND zPjhOGHwLWAIFKWQUyD>*B8J0A2e%X!{B`paZ&X6QqUnsQdP`g_|4R92u^MXOb{Qb* zri{8CzJ*RDT&4AKvB`BqF083ay0#Q9sGKVZ^S4r zJ$EFXhU-?E_keew^Fy%`TT$numxoyRZB!x+FwV-8;mp&%6bE^F+16aS!H5k-v8vVj zxGf?KQAbMjvK^DsPbo$ z(3Ti1_mvO`8&Qd;Feq zOr6A%w;b=1(hMd;bIoGWme=-Azxn8x)hTXhzsce`Dpd-WAudT;jW(g551EgVrPRuR zrCd={RIbXqOxPurl0+yQkqq};r+jpUr~u;k>1?$%c;L%-rzkIf1}~pK+Ks;t2@`?= zA})Z16r`4)9k4tI@XsIq##RdQ0T@Y<5fHtW7#Yik$*`PTLiTF^#!dIzPX4ziJlM(a zXeJO~ASRd(**HCJjowPHYfL;24qNDu+^Vs7ovQNkY}gEvuy+bkxDc9jz9!G7x@5?U zBJewR6THR1seHBlH1gotd&E|?y&EkRk3PSwU>;FiQV?!KwCW&NR6?5GEK?8xa;LfK`Dq}_6P10@?87zO^Ekg(NuaqTOFAgX>K zrZJ)mlb|!ia2yCGld5WUNaU!6{=^4(n3wc?RIw;B}_SLUi+q z=M5paT{)*%o-G=b3xmyd#Ku385OpSDvX4wFJTcm!s!`PMSJxgPx0+&t7a6;mQ4zjlEj2vT;E>@zaufdq`n~)@cpE%Y zh{qwN{9OwgJ@8dcBDN!66{Ti7;Lb}8z)kvImCt}oOM4wmymhs%x7STqUxtJe-6m}V zB{;l6;6lDh3SI0N!zni>S}vXTAk-`NuU8_X8W-_W67+r{-{6l5414Kem;JKnTP;#W zlJZN>a<*5{%&tr#plWS7KB9+8FD$&CkYmbhCsBMHEuV0OWIAXGTS*8>pJZ z6{ptSo?n!EVpK;r0rPB5)w(Vy8)DQbF9iAv8=9pciYPM;vbs7^MP$B2L?UK=Pv5&D zuKM;9`M%GbMxBP^m-QSA-H-6<+Jhm(W-kd5x+${ysWxIdMF(On@uEmSb#%0}z=0Q% zwGG=3FH#vc^Qh(|ZVk9#=cS+utv*Um)SsiLXy~_$Ht-RpoZQq8DSq==FHKR2tjV&6 zjWHohs}A@5YZfM*Y5_tB8@LQLbK&-L$^nMC*E80tvz2VT^Usf}AxX(r>npCgLCUI5 z8wFYdkfKwG%`k$hgUI0&M84*iHG77nlW*Z+EklMmT6I$&x;ZSo`Yws7%b@+QQZXr^ z79;jL+kE2;f-gHqL>a`W6RE!g_}`uIJLBd5F!Z{c-2?!-p(#X-rVtmE1asLMj;V?? zQEyFEHfh(}wyz4YuzClj$}$?VmmlI>$n`(2c7K6~BX!YPK2IwTs1gz`_Q{D84asTv zhEAR2K;z7+WrpM#*P9qdZ?Mm z)V#q7G&b8D*6K_5cEP6*ty`x=o@yffAj?Q;f;U%*OucS;vItvBWDcCm_(a?vbDzv& z?Y+H3J|JsWVf2$so*bCZ?(L;~a}#aupoRh!x4)AED>b{`WrScb0))VftXdzl$`p}T z)?w!J-f=hB-MuuwU}W)IWpn9fVDp!ehz*LUXcr@wI4T%JT0anW#1&BO(J9g=olwfO z8E<8a8DPYYa*YEZX$6HH!l+ggxh60(FO%63dpo#>D=;`MuZl<;j%-x)O6{oFH8CaU z2du$fJ{fJIPe@+>Tw5Bm1|mV2p*q$g6JBI&EB zYPNa9pcI3A5R=Folx})J|4YCdvl$XubU=0fyzKMGTFS;mQFiZy!zM0qMy#`@FhXY3 zZW#s5i~fsnYmX}ptn^0`k=1Pq^$;aO;bf7SVb}S0sVUlTsp; zl|f$LqdFMt+~L3<4;6#-@4)`OkP3qW`910U;dT#;Lh?r%`m5v0-?%WUVMd{6{uCEUVQ9nm4K%7 z2L0QkIFqW6M#Q+iQYs9EviMxZ)Z@FlLN4u}HJ=YJKYzp-_@xQ;YN4~{J`wc>h6a!V z;P<*PkMDJ1(sk3dvo#si|Gi&6Bm7-!8KD0Y3}E-bc;^U*hX`oMLGpS8u%P+v?*I$n z7VsW{fq?>|(%+Ctbj|3DdiX=kgvcZ@0iq0Zd_>ylgV6MEU;e%S0UP2@Z{yevk{<{R za7#GgFPP~VbU{HNn*VtEZnI_Oe#*_ulevn1kQ$5%zoDAtg_vGaMtGpyC<~9uDBaZO zF++)#D@b#?eire&c{eXVjVOLFuvVIDCfwqodP^(@4CepL<#N{}6J4&t&~W7GG#8oj z2MR}?B2-81@pCEz@^tv~x3+4VR^Ort^#wK0FZU>o@-qXR_MG-)3LzcY?^l$erJlB) zp3~p;Hf^i@Tv1?PfZiq`z=~S`9w+^!x9N`%<@-D;3<~D0osftnf#B^`2t;fw?XA8S zA_3kVw=@qR6#V(}f1|AlkQCp=N#EO=?hgNqlm6e_#6NX3&819iDq)IcsBTSYiu!Lh z&fcu-8R8!58aooe>0Asx{rIS9Dhu_@ z>%axrIgiy)w8gC+&aoxrOcdJ5uwqSQo^&X1s7kdQeReRR1pF*5ExUI992*@Ro%Y9; zn%K`8L1gvwiij~yE?OL=&gi%sc_yRF3|^tPOA%lf?8o5c?TPw#=VTaW>;Fgos{f^CCMJo458b?xm&hF%kRf4? z>C6zQY7zLDCs4UOFj!{+o=6tPE3p_1H!P95Htf5-xWHL>(G=N?$IfjE6UVEJ%AlFO z{W{apLber6LR};kW8NU|iJgo?t1G4Y2PC_hiPv!h-=zfeTcCFltiDd|qJN*cEj)-p-yB7f8_DDPU{jLvn%xPGZuMNi*!KTlSPhXq` zRQ;ATS*0!Y%E+m9I`H}XRMWW()pp@C@YnG`Jg`MnT=B9i?L|OA4-yE$9_OlP?fUJYUG^m54yuj+?)sj$fIY$^gUB|1Hq-LPEWl zY1>anfRqK~1vzkJIhPd`pGE06y!!=m&{tNKv_W+yKsRLC_LC^=R(lKK-L*DPdaOY3wXc#Sm2cn>!Z- zqdjc~L70qwK>0~-a{c56{owS=-2uB0+j912Q{XPAAokT)Ii(Xt#}jiXJ@Sa|LBd0E z=T&snNCgokIg^XgwAddyn;YuYe`yR%GzOHpVT{`aYwxb*-Y!Zfi%LHCW>IE zbq*a;_-4GU$=vPC;{vnX?V-uBx@2G5?tsbMPxF;t^8HEamwuVNwj^-{h;|RRF{npN zxYzC&)rA_zqv#(5py8yB-c z3MH*?=V)nT`a>cU7KM>Qm-1F9`^mq-0rkJyAa#o;thZ?Z17O(bmbdvq<@`q+Q2$3h z>_5R$F$okDr88@)7Tmip5?sEvPerV)J-`;;>e63EjPW3ML zSy}jLjbc@4l|S;L4l_yji*ch2F;@>E z!1f|)R)AJ!IV-SkKxz-UcNc=U*n+nYCkpqEzw#8%+D9^D;o&~*u_M7EeDfLgx{yk) zGkgq8Y$a4zB#_(Kr{`Lvf!bZBJ*EgDWpqfO+0b?w70P{;FU_`^8D>D8k0l^BXjgun z6zv|C0MeRX#eXGDekVO37|egn(g4GOX)|bMsHdwks4yroD566fn`;~D(;FHaFaSbY z21p2SY6MUaY%tXD)e&s}!q70&)&WnGQBh197c4pkQgq_)lQ@7e0!z9dt%i3)I1aXV zzq@^>U*&U;5&gFxXSeIVGC&^)aGZk_Gcz*(u}1Hv8{d$KGid4zOk&5=^K8x}&^9<8 z=Qt6uZ@0Zoe}(*B2SLb6ul-A$0c||AyJqotFNOX-@H;4Mk-4)o*Ql3J#su)6dCe`j z;VmZDAR?b))||HN%un;bTZkp->eEAG_v(t?&Ge;&MX?NTT+Jsdhm?A)2FtdtUSErB%x9Mxb`#U5HIv>ZV z9jh}zF=s1OV)7ZO?LQOuV^{Fe99pN@FGL#8+tD?-4}X4)HvJ8;4E;+~61)yTELQ`@B;wf zS=l_gO$lK@yaD`NB4)QlG&~S(F(_rw*GFETiX^f8@SxHPC8p1UTyI1!E}@%Zp?fX#yC~K z%AUGO6?>Vy#=J%nd%_1`BygQsKaLw-7Z^MbHmA^{-kZ>B?R--o`Xute<8&Gcr7hXf zp{1w_#Kg-vU&v<(e68k1OEg=!sI@N9HikZAOpwHUc*jea)skgR4O657xHG>k!HrWe z+x?AewfK-D+hWsl_r6gz5Nb(|#Sbwtw9f)2#>yfDs?1Qn&CMRSoxbK9vOkJyjT{RK z9E{kWF`s+=QQtZ?7#{R0xk(khFlu`9+R63(R`CgX&vYLt_3Gn`#Iz;ZUQT&9(KUpI zu5t$mxiusdKO0?8um!Lu)C5={>vnG+S9ZNH_-ao&W7vYAtrb|tJCt{sHHB9)R7$Kc zFX&*t!#~;bfv8d*cb*k*Cc}}6afSA1b#?mF!p*AZ1gviQ4Rgk$S{gL8&A77R%!RS?`%o0rHr9kL(Le-EOMk>bVQeWA#uqMV8aD_V^?sp z{m)IH7|$Z7;KKFPKwCM33HU5R4S6`nuiaDwyEHC(wP%8v9Y+M2SfO>mqROp3YF?4GIz2eO;TnpNPur8@gJv=~_zDp{_0w{jF5w(dOmfB7 zuiP9qV_7^g2xh+coQ7UPR!?b4(HVa5z4|P8>G<4h&9%G>9@a+w)BzHbUnCapV!@m2 zjbg|((PJ%rSIsYEWhYD#@y|!utQC)=2w$DVIGvx;k_8yNU~tT3d&Mk=s9eOS9ky>$ zx`*j5uA%j&N(aXVSRi+6?Utgmxn}~&ks0vCXekh;^X3STm>g zDlf9m^2D4@ixFy&(p{@ec31{0$#mGU1K>{Aujoc1JRl>f@W$QM{CpBh*rE6~G|pHd zSGsg8lsw)(k2$IRl(ZI>3EVzz(B!0jz>T|DrTnB0?5=(9P8{up%#xw6YYcF}m{Ip{?ohF;btT%YQL1ZtX*$4Y4;62gH zU*&KHNQMUGj0wl>(;(K=D-bmUKQ|UgJ^Zj|e!4yNZMk%BJ~CW^3YN5m4698J5nO-F z8*%d^V;|ie&?D#qW?ud<#1lQ2{~6|jA_CAI4nS}o-iNuMz(52K5%M;&edsX!T=GZf z2Mh|bqJ^=uzMUn3ycHdRGl34$jN(kYAfK9tz9yy+`DLI;GTQ{t)ZyvJC?V1P)f&ORMy5lS!fZO z@G?T0W#&m@xL4rwD)ZQ9&<7JSKJfe!B_^h)myg_a(hS>n$TShj9zn@`%~qo553k-4 zI=0v)Rexu}(YW%4{vPq8^`5hR)z*-r~oM#~# zm6v`5K<|uTGqC-DliP%Ky#p(WN_Vf{39Gmdu+ofGPN|=WGNUR~Zhf}w?+Y9+z?q8W z!c(~iH2{tLS4ex%b8uIp0?3P2hxYG%L9HFwEfI_|E9cgXM?M!@g2 zyL5_Fr8|Vd)`;amf(wQ%xyAF&(2{nv?^>VHsvRd61g2KY#a#JgqS&=A6RhbnXLDfz zSIPPav}_2XPY26FJM{u~r4}l=8Ixm3{Rf-)fxce8nolIpP{)-n*T@9&@m4(}`au;a zcu)97PNjBCU^w5PByphvqj7v*{`?IJ9_ydBCiuc z((VzRHP^`}kwarkw0$HEAN*ujxuPqODdapAL(J)VtJ$Pd;~mfb*H1-F5Lmk@4bTXq zY1Xxa*xoH0oV)g`+u0T?Gl2fCg}wP7B#~&p^UpN|4j_nb&4fYo z@7EBN^amhAI8b$&KNphNgADP1ZzN32KzQFch<(>tb!U0@{QF(piY5M>SNq`|45+r> z#!C+m8UBrz`lpzwdp;9nY3lS661{Xz>)l+en%?71diMdtbHQih4!SW#Tg5g6K|&(_ zIWd`04~Z1iYJMRf(%C4K5-uK_{k18XenB8K%qf?pxd5}n=}@PvQfS6V_D3T z<6?8lRK>^WTM{l2OmQ`}DazkYmBhgCGu0uiX04~sW`h%PLI!xUr22bYkL!}t&!PK? zbv|ssKVGt-2u~|CB5IFl+84jXy{0X+^ASDwhim;TniJzpL z9X-Tj7o;WMxQ>JabB_r_A9oa^No$Iill`;nh^UFz=EMOOVK1$?$3mfj-oC3ZVPrG^ zDjKdI0}`L_92-Eonk)I!w2C%D*|JD9aF4L;|V^`S~{xJE~F`|-b}m-ZK2QBx$! z;7qjIOlP+>sY@Qsy2Kjq8hNgLiLZT9b#1Xj-9T`vk2R$T?M^y#t*v8o=8g%nr&~UF zQM}5f8)6v#J!bmvnh8HI?u86M6R~7(FV`QMi+Q&(pWORfCF^fb_&YOU;D3*qFqB{J z5jxzZAa;xH!kMBl)TI^fGm6--s`eIsdueEEr&aUVZi$>gfTg5ebvM*ZIYa7GNOV*E z7)Riu>?&4RuPJM^d^-$w7v=6V`io|Lhfr1E8n-!b9=+;DRJ$w~g%O$f9gR_eS|*?Lj(~%b+Tc8;SfeazxFUBE`;3;~*bBA1ykh4yPya=J3hOh$Qe0G9uK_Ax z)&WxjS_`>EF*40T)KJw#CHMen|WnsG`&!ZW$0^p4Jxoa`JiKmEa;$|>(U~KdA6+{)iygqxXAQ|ey5m9;5gt5+!C`?E zMEU4z5;l+ZvdLo$ZwZ@yNUc~T%G9%hA*U;JvVhU+@%%>vwvjjae*RAS!*{@sscU3! zVQA#2t#4&&e4iXYRQ~xa_Y3vQ0jOUBK>hgd1R>g|27M8=;_5gcjTMOD`jkJ>U*iG# zD=0C3hj|z{Y=Q5W1jr_s-D=Pi2w2k55J=kT{gQ=;Bh-H`A@(obaqc)f7Dgrjg?1~4 z%XYgZJUnFhe|`Ob+9wuCAMJ)t2Qu3m_Pu}X#wl%{GD44fpljCyOlZQk>H8c~f=m@! zz>F}}Vk@ao+YTS*sv5L?2ng6C@rMe~neqzBn&$R!OXF{bSR1@Qhs%l<_h` z@@Pbu&m>&6je;n`4196ilM@pryIkzc)T40-H8@`&#XQ)k&KzG2DD0>Tr(}5|L<+Qw zt7@Xwrsal`h&)wkvSI)5#Ek7GVMrZ81*X9Gr1=Awkh20%QKS5E#h1lX?kvXP{A)rv zz4lzgulA4-(WqXE9po#(;TSC@))S2q7tzXY?num~&rWpAFvka=jd(rGj`72F-sk8} zL%)4Y^o$?hG9id};*9U9vr|b9aMW-L4-{GsA~0p4bPzNPO*Q9Ls29=(YzE*o#Ngwjq+==9^oKdSU>ykmJE&{34 z7}ke1C$_glDGJ}+zW~w>4@f(FxRXl5{lzFUXrX3B4mwA^XX2TE$T4t0fEiLj0)YVv z?F_U4iUwdsbx#}uG7|uYXh;PL1O$dERPwPC=7sC7>MOXIGferGT--^-KNjF!QVd<@ zBd-F?8zWZp&8zmzfq=MzT+43MB!NZ43`qWS+J0^+38bJ2RYy+PE97;N&&oI`R2oi6 zX)siVxukp$#xHDJgA7D3D7}>IAi9$`Dc0Ey$*8}LRq*M*IenrY78?4LAOLG~kGz?u zoZ}Ixi_vpC#bh`Yx0gKp(WG)v3nDaVj96n$kcu63$Q5yinm&HD)-9jSypSAVU`m?2 z<4!ht&d;}L^C_aaUd#^5(iJr~K%s>=%CW?bCl!w1g=s%xbxA7XFoxC9dP?vly!hhD zE-jQeUUgHF+UaHvPP%RG{?jXsV!gCfIw zu!3{l(;zuP@Ni+1&AGaUeP z5D4I~4#}65?zX=%_U1*epb*ZO+k6eZBTx-49OQqbBGQOs2~3DsbCo|#(T&If-Hq~O zAo>0Kr*=-%Abc!0=LE)XBfHv1wPjxz2HA-HZM20bMOBO}9dqft8X=`Di~HMzP$E&S zAi^J~ody_}BJ8!k#@gD%)xLB#3z``Rg-s=^MV=j1;3y!=V&1g(nxgG{B(nlKw1*al zV;a#867j|Wgs@a(E;v!#vqmwzB9p#(oY`>7z3pu|nBbPk#hP->3EWo~>e6N_%GRek zv|OUbGsN7YTQ1N}`Q}r34Dkb=HlTsIs=`G!POea(g!)BQi?}(ZRGEx(24E-6cI(!2 zH#{o6v1G`>elbee1*Z0}f;>nR+%DQxOW}qxtJ~a?TAs#A?D)W{p^EFB^Ub}E#4KX= zuE+66TeNdK{B)?`ARY_X1Y4|MkP3DDCnd}pt#%@udc(|x*fa2DmdYb1H%LtOrSjQ`)POm|=m*5_@42<+oP zB&btI5Y$X0ul%uC?l74}`}2zmq z3vCnh8YNh7Wu#?z-SvLzbzhZp zDw1JO!if~gnf4Fo`SWv-o>45!Bx?`C-tVmi`NnM*)C52&l|g-vcrjXXW$YhtJe4U+M8*2H@}7 zWq?_?KN@U)8*N~uW1zXmY0^J%`lp`IZ|C1d;*0!tP|p2e1|4uH_7GP*?scUOR_v0D1G%&CQs7u}Z(*0!$ z6=1M^+cHQ1<_(MlVBX;Y|Db>AWCAmIT`+i!{A@=+pA4Z-^}=4{n7#;l=&C+ z%b!o8K7o!Cfi^%?(@NXM4)Bw$t-bl*%4go0Rcc#V0aP-zbzC(WJDq#y zl``l*z<+rm#@h)_K!-LA3M{{#-ko1O0spff9+t2us6T(JpzxgFM-SHbrfX0X%%3mc zw{5PPdT8>?Ke9@<~W(cA$g|_oKbQf|nrD*yD=d1?CbMrLcEb1AiX-JT#w^&(? zB6@&I;s|-{2#NJssOw&-WQ{L6a3p4ng@xD^TVy9@eNGx?S4+yo?6oKMZQNRtVzv&$ z{`&E>6EE{UXdKPy0BOf@H3?&>u6mS*?pM+-dAi3u58eAZAD%lZq05Sjb8}$Qoa^cZxZILUfQt-#eGh4jsy&RzL~bP)b4vg7);rEJX`{5?8{lf|367 zpsV`noT(4yD>fzib!JGzdHhaOsu+i&aHXuThjQil@=yZ{G9%9N!B=&-FP`jQf2dq_ zs2d~Ff6I40Wbhug-Za5~kI(G@ld0RKW4S<2IOdeh__Lyq3r#HKjS7umR>$f_{!E6h z=SxBj!U1`OueFx1r}N&$3R-X7Mw${Ik^?5u{L!%mnsnQaG&BevvS#EC(Zo=*EM*uJ!`XToYi-PFr=t%eD#%|l#7^xX3Z-EIEh3M!15Cz;Y0soIX{$cw0 zqlkW2Gym0*2`H$4m#YK}*Zybk=AS^Pqj%MI?P9cUm6nz%cYf82ud9z#tkRmQbu602 zFcSv1MAJC;X=z*4hw#Dp?0kL|&XJkuaqek5_H6N9DN^qf@f>+%_T2+9bL&WV-O7So z&DLz+QyCrE#?$ugY4)gPh*hXaxHbxY#fzSouhHDC*IApSY@m4>IoY49Ix^yfmUWT{ zCB7{*2SR-bR#l6#B?}YJ&rc++uN~mU|2)@8?e!d%xY8KinmVpLjeC3_HUxUMk?kN0 z7>Zhk^~g(C#c2(_MYaHj7htPM<&>Vt-<&uCGeMAC$qlLkt6uGQ!{o6S!03H!GEk54 zZOI_T4^YQ`4oiUC%U@>!E6ZLj(Q^+vw^OFSZ~y*(Ey4e4Br4@?H3mIx5&<5KC&PvU z)Y$Z>TYsyF{p|_AZ+>?mfQt+^)Jvg?)X$QP64jCG0yJS|ullE#<(;g@R|%tmrxXJcN%W3`40`91+4}NWN{y3< zKc&7RqP7xPRuloa-|Q*3`_W4?9H%p)6My=$q>s+r(}aza&U4zW5zH8@1@)R14nj?? zs_hIWeh5u74Y|?vi7tDCV7A8!88u8>oH6`H$Wk++QuQYXV(Dda!_yR^1+o; z-fjvL`KKFnC|Qo{kH!Cv7$`Ytp@^!ID^JgJfkvp{R%*)qnGF z@&DUMK1PCvBp)Li6C1$D0U#ZCNAi6?{P&Q2cUSr+k}tjSIbztxzS+}quw=g)#_k!~ z6{LJHZXCsyFUkyfB;~Dpesdu-i!D6!-fJ@NMFPyWRmEDw$Lhkj0}4I76aBY&KojJE zhgnk#r@qQ}8E}slf&fpEjBw?F2p4DLE}z;eJ5(JbM8H>k9q2tj>yTV+^=E(y#c*fc zYM-w|NNx@dSPo?OGd$<*ELcEE2FHvacym-5Reni4GBDOgF1C=$odlH?tWHI^aLMsb ze#*^#02^AqUL724AVWMn*ufh<<8-(a)loI#38YsNFT}Z=hHiT<&~?s+9FAN?6o(Bc zv`#~b7P>|5Ea^v3gV_VHp{GmI!TyJqt3K)Ez8YXHM-dGSJZ*b<#`Ww;+1ar}I#b5Y zz_CR=ZL%zzaPMvi!&Jh>)mF3<-wtn3y$Y4(;Y8cbR0+#hn`=LdAX*I+vYw4hFmq1h z;fZ(EIBrBYO4lfYCBA(5=pB&*ZC3^&-pYs|aYSHR2i4ldQDT`gK0U*0C>({%ig@B} zC`a5Fb?u>^*U6fh;*p7agzv=Aq4FBEDHyx#-uoSYZZ8cUT18}%(hMfxU3n7Yl^axH0s&cY&<{ zW&8)2bT@tiDBED3tJ+`kI(KS1c6QGXXtpA^JyjoNdRJ{SF@}aF98a9H7NLrnAi4bh zS(Z2Blfb@>i#D)W(O}@tP~ZVoW{6l}13NsKotDa)a(L}tUH1t($BuuhV?&u~57*hCr7ZBY1 zK`u?$W-m@2y~U=tw9*YyZIhH8M3{r^g*G7GeD63jIf>#JXQ6ak?NMvAC}>rU7SQtz zyoqIxw&W)nlUz2cQY5wl(Fe}d*@MIw!gs!HVI4YRGh#{^Dwxq*>Yq*XY!hy493BRD zYw0TtS?e91rdl7buoB4cD-6wR`{aTwk+RSEG0|$+ zM#!l@YwPEcSUkh>#T(0f-phZ%kJ{QW-t{s|*8s$`0i2UdBzYT%O!6pDwkeO;0~4|Y zb|;uDLvKV|d`m5DuB_M)wCwS$xw^5Dae)TswySY{CzqdeDq2lBnoMhqv+_ij*@juo z0i~`+In7sEo}HKa3;C)~KZ+)JnWsL6pyEa@4}O%CN%A!}bliDCqEatbH^%p)cpoku zNdU9fYU>>)deUnyop4#1EgeTk4PJK};qr_dwq2HXggZ@Q?0AfNs@~G2Q1jfWZVCr|&@)2M54g zoef~3#d_CO1#s5^^eX-k2mZf&`+tg>W}e3mBA>DjL%njYl(V|B+#RSv>QQ%G+}>~p z3mxyZv=va&DrANc+y>Re^(2X0&5L}2?0vF8eK=jDP4^lx)YPoD45VS~NxLW;@zU3q zY;w#P$V)?7QjPTdNXy3uTv%R{llab+Zf__{UrW!w zY~+7m2-S{>us1BfYc`mI42%*wtz@au9qlrj zS(%^Ru5B?qc%H2AaYZm!m4J$A2}!PbL~xtUraE(cRnMG;%U<+19Nz9O!j|@UkawBK zs*XuV?y-t2xQ52f-<~at6kbx`8Yq5G)j}A&UVo31z@Qi)fPrs7fMI@5&VB_=%eJ)h zJqQ40uGzBeZl~(7x^;%v41emp0cPacZj-miU_>~_TZMr@L9CwnQ4gT`7tA^pC$hj1TdjOUfr1+(>VW3S27;c^h&XyopfD?>tSd4$miT9-_UR-5VY`V!(B=HMF%1Xu5>oWoz${$DZX|b zH8c2r=u?z9{=`6Cb+6qmJOlCRQOiL|@|Y|^6Gdnk8eeq0eFkEMv-xzg797+HGCTI> zN|YI9aVEzrB1vl2?aP-BeQKXfVor08L)+9}K{dKSjEfCmJ$X({2ep<8E+v9FhQ3ic zUWqtX7uS>-R<3ZjmVe0-F+R+wst$fFUw|wTXf|N^{!hvhG2Zbsf65X8GA9lu1{UW3 zkSq}+fa3k@;0f^U;0Z8b@C49xn@7K%Z43b_(z-zve}k22mDut8gL}@rkra;WqsllV zH`?6bxD7r3uB^Ru|0XT{WC?}9kD~4398IXpDvGOE<#wOS!8z2>bCzPj7m$lof-{+o zlyP%M(W)lXCT6S)+!LFU!k8ZsT|K7z0{LW5hogPArI zOlxi~B1!+0@%hoX3z@eu6VJW!c-BA2@&LX6oOSGUY+;x0!OY`@F(Em?Joj6I^tUJc znSuSyf_4oWdW^~Dy-;0}weuq8la6*WcxK;69Ww1cMD&T?a($LTq@eeC`QQe7b_eE~ zDG9~L!53R{AHd@?EvecS8b}*7i$3{p3e&WdHMDGqSz)5bL7{{YEa1>_iuB;G05Qa< z9tveOW0wF+7c?{zTj=t6inl}V%q&@Uw&;9YwiyTeWM>F_9$1h8{K@hwYVmMFpX?j= z9Xj^ThJNAaJT}Wtq$x>()QAMLIn_*Qp$nArgm(Vk)AZg99i6QHWoNOP!qadvF7u>KLFBj$~I^UX=oE6n_U)hx-tt-QO){o?QawhE9 z_X@k*E$Hvw@HV!;d&7%<`sH>9J_9JfO#)VR^Zka5DEaQJds^3W;qi&|q$;TYZ#{2t zfc@CZ@4<%rz$+f*UwOr&{KYFC1xY|gN=8ryut)zi%lpNie1A<&{-I_3Un+99`s{$+ z{O3F?JKzv7Tz2mo|NqN<{!@w;xvmg34D+J25T0bVeL&FAE`gdY%Z=Cy$huyBzU`a} zIb6a6@kK+Ll}(klN0-DSjJG_?C1BdSH%M`vhyJ`U=e%lXZ`N3xKckv{NiOqC_jYzD zwvL$CzJfnbHanj$@jgU#KWl8urI+zY@Tj;n6tHQ40~&w5WlA%$6CRI?THwCAY;if6 zw-QA%C19#kt$4NBQg2one1H&|xRPXMoN)R|ltF0h{USWKkk%zrtSouGVQV*CrRk<{ zXD2~=>0|vlQK;H%>HK{kVK(2b^L%u&n?cAU$Mm0_ok%d+#m2m>>;(e3&cQ*A(;=>Xtb%>WGlKiVX zcsv>uDapM}WwKLmMOJ+uq-eh)pt@pr5T5hgZ`{6N?|0ebw?8v6js8J9LHw0=dVqp} zg?iVA0rPE4*te=kw$AK>6hA7^8_DFJ)nKPi8%pL;&yH)5#U0S7%RQ{z;Vgx zn_iLZ8rnqnMu)tLV+sSasDT^W=*BmRdu$vQbXh4C^<-#E=2JreaaE<5fRmqE?N$_Q zM#s8Qo+NrHb^^@0JWW(x1~jHUoPM554{;UtM+(1IoSQ*voxN-q=*W1(5LDnkBM1{+ zLVHlpz#t2+4!`~UY}zk}IV6Z8KHYtXp-#%B5J_LKsXnIwPei-zfQom2onFre<~@1= zaL5W1nE zDdIKFj)b8%0sC|HA$u6}RbsG1`xXqa*a*@NJ4lyD8!tY%HFcW9ya~w}Y_7y>gu;$fog1k;Qghq{}XMltOsEWtGpkCxO&?AIvh>A zyIlayRNu)$A7GLA-T3rjY*$45E4JGJ>;kKR*skw>CqPCbtS2{96e(7g-W%;7r~HuV z_b@lRrOYHBYz2Va44DD(zAOhVA*3QLB%mNB|3d%^76nXBMn-}0yGRNs3ewM02yS2a z!H07I#3t{gChtdznT(Aemb2MPL&Lw%Vt{UlM#llDo=6sUaoXd53LaOn-*q(9$tl;M(ISjM>(6oI!6dpD;|X zj~GD$XlLdJc!=3AlLfVj37sb|hQ4QRcX~;;)mA(dK-Ts%c?0_k94XyrW6v3+86?xi z(?$J-zh`6j6<~lXr@jrXu8kSpZDw}gZ@_eyoJst6I_ZBt5}LPW+pJa^ztV zUOQj5Nev z%r|DBBtaHu1cubE<^?QWR7A}16K>(V!%y^{ePT_tz|!ssHT-Jyc8~;otreqIsK`~I z!t)iV6oD=Hr2t|ItMN1YXi{(LT&@Vrxt9Fm1KOCTn70F%af>QTnZ?-X+VCeR*79%I zuDFYV@XUfyi-luDD&<^zX{GxXHzZ(o6R(})zfjiVOySnfnD&7okUh=cvgN*ho`*!P z*f1R?u_uGMgLc#4A8)XmNNUYu_Waui*&c%wDaw0T(6M*20+iD36Jy=q7#p_2pRfR~ z4hRrc0MNkyy*Ll@Cki|iER>e{QHFwHS5)9@zu5c8-8Pt_iPqskc83&|%*3W_wrWNBdsEmZzks-r(EAEU#U@sTrtJl+>^cf0<~hPQ>LCR*H}1uga;#^D zIvS1(nTp$$pN%obIEw{$#M@I>oXK5R?I+&#kbaprg_(XN^+q}`z0ZYiUj^8t3cecB z%RQJKhkXr3DS>B~a6Rh?4t+Lwndmw$4>& zz32D~M*ay!01{nZlkljvgj0@#CaS~?sB5pEU=LzHHgzN0&chk~vg)Yv0u6_+Ah+2@ z9kJAUw_axXeIckhoi$x?+w%LY1~{a*G|bNw?I4q?CYkgCHFWh=7EGgn)pON+}@y-Fp+F&-sqmd#>x8_q;!V zy*Bs01J)dC&NaszlSx^mzNS#=VNpWL5q*!3K67KgMSVk&9+qn8Gvo&*_nl6QZH($k zF}%=DUa#E_aCwm;vg27QL5b44UXKy?CH~fDJJrl5$YA57?bH9-LXuhc}-(q*eg0p%JxUR71!S(F39Xt z##ZHL+q{XbsWJMVM>$Nj{z%u`dgeyEsCJpHj>=?S+PuSQ473+574Ga`nLfyhy36u1 zAYFnb6#J#PkE6{?bG{C@f;z4E6zfv&T9^#T#T&dhq=l>Y!gWgU~I_;Ov5KbFc zNDS)(ps*+4pc!5u@h@7JV1Mkoda0bsW#0!BppUN<5K&)fQmK2n0$s9!w%p1rObQy3 zENrwOYOvdeicO|&Zt4zcpef;KZ}08^&!Um(zV)&KS3zx(ok z^4NxP`P8b_YMZ)sf?nQJtKgR~50LNONp6|uP8lySdst+!wTMEpKbImTU$J-Z%dKZ( zrGt$RJhIykgt<9$1UmQFFs0lQg|q{@4ye6?yhXrrCMyCg2 zj-8KT={xQ2aTuD_n+rrb5_sI-{g5j|PAC$axW0XezcHw^2#2LP{`u3)kubdP0;xey zVM~g#760xk3yMU2rMA9_m2bmIUQ|ds?tVf)pqSK@1==(w|!=GSs`=lV<#z3w*!(OM$J|!X|)bgbLKZ0rrQ42BRc* z)g>1VMcmxX-r51MRhO&43JqD=$=m^K%PN-#qN1U=TH8C>nVXs0J6`I{!J@HU9Z2!> z*Z;KG6aoVfnc#hNXk=(Sf}fugbp);oMkps1M;A-*?mHX6TVm&BXJg}J=K`}N!9(tg zA?W}5^Zm&m><=7%i=1@OqYh6QR~{=YK{*U^SXaSzRd6BkN5*0?g%gLH$9PLs20b|m zvtnTKeDhe4wiFp#MQiQj2wKqzqCHmIdvXt5TmiJ@3H zVyFW&y}RvoGr}Bo8G4Wg<#E+P6dqfeXkqw=aEfiTQgJ#hq1K^_C{-m!h6n zn&Few4AEocbQ+m+(Y#f?g%<6O=C}Ob&yrPdcc;?vjQR0n- ziC=PLK4xx&Rcuct)#iu@UmAJhndS$dx&C&n+L41M{4=OqQPpy-88eN|pNog8IiQi- zd5Iq*REdMmjtd-X#zENe_G?KG@^yJ<(Sll)$mXQH}Q?*q^cB()_m2P_toRB z)ga-gOJfrE&;}1xOQ3HE-1@+S)Q0f@Zn50xAlK3{2qYBw5`L+U3MvhXD~%EFYeV95 zmztw$QY83{@)fvsiI;QePl@{uMnX~?rP3zC;?+8g!;&qUpK2;d(?zE|3{vBlpsIh* zOh>neC-f6%{|21DCMFQBu~XB{;6;U2bdoSMl)1!)v}E_$OVNG<2FQ+`qG%<86Pu>2 zkNRSvhTj3k;VP1Acp&;Nrg)9KxbrDJqWx##5o2~N!rP|?X1SdoyOG)^pL!_=r+&_k z=_Cm(eONvu6I#eDOW zAu$bEW-z9$Jjg!!8%o^v4UV$NF7-C4?WZ)xNMEw1neHInpJrn5ImEGw4W^DiM6S}P z3v7NYrtz?| zT;|ICxEAPon$=Xk&L@m})3qJXK9r+`7)AYJbX5>so~&FZLOj?FtIGjXe^v4xu$di=J1Fxe6Z)`_%lXYzR$I;gwiJNCu$H&pLw z&7}WGtyx@ylXoo32;l!x>@~5zBX$f6{7vNc${k|~>n2p7;KJJCTiuZIHlzT-EnB=4 z#c{gc#Lx9SY#a?wrqKa=b$)>hd18PO zaqaL<5i?cYGyRk~Bs8d+GQdm2fI=VPHx){5en}MrQT+A)ZUCaRnF56G((<^1u zU(d}9Vg#QX7U))Re$9Wn3PDo4;MIf&D3ImgWWQWofFT!n_wPk-}irL78NNJ1srAJIr_%B;QvqJgYDrAD|+F92Elf z1%x6*FnDyrpp#COgwG_EMeZQsWsjzxdMZ=cO(m^waN@8`R<~y*H4+xAmm3vRy+|K$ zO6?p`-qsRVrj{&Uq8jrFn~iWqNilo6tk!0%g-^rzwYRr_{EQ!Iz+_;v4ow&4=~Cjt ze!wU5BTgO+`T!@zO5QM*EPw6FEc}Xfl76~dhV>*9%eior2XCh)E||4}5QVnO~qD&>Lovzr8On zaTL;ey)x#7J5^ENuLoEFf4IxcJ|!4Z_n+d{<(h`KXmigQ%&ez4Y; z4DJ^+3z&PBvZQ~NK0I1K^WF%RD^v;CD%6*I#9|1aCa5O%aj?#G2wI{kBlts{k-#_I zx;meVDb#pg_su|3i_v{;C+^zzW4cOb>QFuGQ!;V3I#n&HR* z6e9vq3hS{v**syB#<7if8E5)U?ce^spum5V95WjqAK!miju|2Zz{dwpVE;^C z|3~DQ|5qONPYBrGl%aNfpPY!yk(kG|^+%uWBP@{e7Ps{7a01FM{;Q|Pop_>(M^VP{ zpFJo#F%kSqnH&msF~wpJnadfBb@DA~6oyw?)byMv;O>ri_vKr+1ml~P!$-Fa-+dGF zaCd!6ToyGmh1QbYVZI^}m&B=sLXnkV_OFN)yHIURqSXhBG?*H>QpuXZuR)P3A13m? zG6abDdzots<5E~4u_h(9mq@b~-AUQPS~%@OVN_l6SZcV_uz+4LQ1n7UM>BG1MO~j{ zEpy8R54Et*5N&I=%i~SuzRk{|SV1laPTyy5)3;eBJY%8eSr|*|x7~;hNU_xQdYP7k zWd(36qO2OVQy?DYZ_^zDCzv?Nouz*v?TfJX)tr9P%{H5zzNH+N#_7SWJu{5U+FkCC zOU`5BD*SHQ@C`ofG}j^HbcGSJA(>&ELo=$-nl3gOnvvtPj%QSqEQqN6#cuu5&7__0 zpV|(vj*6ei&J;!tsW(kQ>C&|a&HZS?CRGUwI*A3v(ch^e6XKfUHNhj0D_^QtwVSOp zS%)4byM5{%hed>C_58>p4F^X`zhb$<8b6Rxm#5Ew;d{@*6Mc=x1sYI8TiczzsURW& zZoKI{hqaUPny#r$7-{UNj_q2ua%GZv<&4T3Xqo%>(I>uhX$4F**yG1#k_DR0pLR<% zmD@I=cq=K(hiu4i`^{iN;DiL6F><#*_lV2@uLLZq{wt(d&R#(ZY&!rafXFdS-nnB0 z3n%$|lN->3Yi8xFO?Yu2q&^XFn=a}QFEgFIKuUuh&;sG%0P8vdE%gA2r;FkL`u+XMUKfx2 z@?4s_w)$|wcWt4S<{d;4o9t=t`S0s7*Xs7F8kXj>7Z``vJKP8x1;M2JcyF!!gn;j! zjhR;uv`(2In;ft2DBP$#-3o=F0AlWdqU-dx3gup{G2O!C$ir`?R`007bZCc=X)2s(B zZ~0!Il235D?AD16u|dE1GK*v__aB{Wg&#;j{E-Kw%)Gov|UnB3yR7q-#`l$L;%iF`sObJ)u8vQZQ6+0DEd+F8^f)8UO-G#)Q8J<6J@bTRz`r;qQ3J^QKNLVdK; zVx6}}N1rTdzZIx5iSV@OEQx2hG4>hP0q8JnXlLp(|et&73}KtDU4{8O{|Hv zjTu|l!%=BPDG)Sn>Z#`%;)0q(p`o8dumQH7< zqte1~(N~KmEg!68Xhsm;8E@d+eei}aeUf)ubzhn3+~(cg9DwR{7Yl0_S2ru5hTYTH z#rzkWm)VxSvU#}sfE(ck*uDO_&EJ%4LyJ~{x?P9)mYd9JbFMJ-hpDIh*kddZb2LBX1hs{>NKhGF{EaZdl2r zf;KK=f;TPs`Mxq@4_d4zA#>#0rBtu;t(av z8B4`)i4K1e`SxB;Y)whYUaWNlLib_ht#3$~)-1>zkLl6x+;})3%UNZu+IoO6XjN{Z z&>~!B+=>!`@oG+J!xv5=6UD$bVSJ z0P*GU*UUwkSI{s|G_uXc$|yGoW?I*+==j9^ z9m^jkazbstb*CSIzR{ z=jF$d!Rk3G6d;O04-!ROfkTRa64_6vGWVJUx`h;u(C4N{ioiyE{Ogw(Ql!{QWvKfpd5&*N{n4iVYWp4e?FT z&?K25o&<%oy@?DP_}>QJRYAK2ybS@NbM}NCKTh1AdU6YadLBiDy0%e7} z6$@nJXnMH16a3F#5}1)Ka@0JF^i)D?pL}GCo#KdN(dtR@#oD=R#_$sd ziZ5vo9m>BRyjR_~eR}Rc1VP^hiUlbCnf|QdLEyOq z{D2T~fS(-T*J8jocHm1&3;Y6@M@-7#Pk^^2fj7XDkV!&FQc48uoS)OVfE_^($Mcl2 zowchQ=uVDgj(C{pwYBj24FF)pdNDQx=e-RfJS0O7LsMfzc0+RyL+~|!FW0#waB+V1 z(G|>p6tPK!>5j-+dn$NHrb@FOzDGa%ar<4*ZRFL?Ax+{s(BvDUQv}rl+eH}h-kT#gv7=6Em*W%jq5TCiGq#t^Qg-= zVXwalMj6E@}!Z@N>WLjBtMfs|#bcXtm*JnbcNJHpL5QOLb# z)&)79bZ08&JBlUo0vVN%^^q*uzrr7dqw$BzS!8GGBr2vDBZSH2fi?C1xR3dBjTc&? zmwCK~`1+Ql9L=o5>}c?Cw$Anc1*{bm$Q*_Z>a#UgpTl$yTNAR_e9Diblk^2YtiG?l zW^eo9siUj=**CptErrI`+xr6Z4E+a;-z?(KbKK;BY82pho7q};&tmCIWK^pt-F<`>Be zzzc#bh1l#r4^zLm_1|+1|MM=3|Gl^Vr$u%QjsGRXfzrZm8)1rJY=n9>xk&#|HU+jl zJ^!m4euDe99=xWL+(t!@4fLS`YFKsr_redTCBl}iiPh5M=baZPn9-FS_g=|P)_)_? zs$i^l!&x6XqFE$rB28wo5xDy(Qd;YbIw#RdJ$Nd_4d;br7MvCTT&$=rshrY~M1sJw z);N??zuJb6Uj_ei3)_LzUYF4jwhjzqzyPQ8T;puKxjoDfQ$j((@@y!9tgnSq9>0C@ zvkgv`CUn^69COm^)wVIzlaJp7j!4~MPj(8Qg~5=O2(7nsZ8lpo7Axy}r!g1K+DlnO zGmx#LVU>N{#=!bglf+%r2tO1?lP}sI{+|Ttzgy=|W6Uswnk#{R4`Sqv$bD`vm$8GH z5d7P8hHT8qa~FhoTF(d&W?NDrIbs<1orHWaoZt=|oFEos&NiCqC9;|vaR{4_pc=xS zl^9y!tcA-YrypzoVeo3KvvuPyM|QWJgdo<|AaU< zA(FbCZs@$wVHe?Y*HYBS?r8Q>4Y7~Pl6jux49DS0V=S%&&%~W>nji}hg_|27Zw_$R&KDvGdkyS>vi}mO%W8iAi50y7R=fbPqVxhQeo^{@U`5b1 ztN{Gqi<&SLG)fKTOXeDoNHli=D$QNZDXt71;uT*eBhm1F9(?XJOPGT{bIFKY<{EN{2#c-6bxuGm?5t^a=7Tv@p`3$Yyow~h*K$lQL(cPdWL1zo=P6Pfq3vcrU74G5zpbH{rBCHrsJq2Pw{%E_U$ zeK@vbJo=oeKj@dXpqCCP8*HvID!JQ=3wMwGfnwGnWzl?~*3e*c_F8EIA#Y`gFRtRZ z`n;H@-(&YAiwjq7C6x<9nczii!89EkQ!Q~k26@|ZoA{K&QH9(!Uzlc$TBcU#F;O>c znSwT<&n=*JUgD>G(CJ8;Am-ap1Uu+H@)-&(IPf%&p}avI#p?J z7R*Iy%-Kwf;pj09i^E{eHQz4!Na9t;+BXaEA$_dE_d`t_`V2eoo4VcYkRd=z<6F-k zAbRGd8-trMfrGy1ji}vA84S-X_?VhTh@iGu!uQpyQnNUWy!H&@OwjbyFd<8c;Pw$m zfXAo7azbTz+F0x-4qXuYC%n}6b9Ohj17ZMkvtJFr+VaZq;Q;p&oa}=|_(z5h<|%vmw0C%zc{Z)?P5B7RYp%3#Ufyq#f9$5r^N2X zG&`fjN^gwSXGI!vwyCv**4e&y=UdhNr+XOU-i!Xk1H)SlbSDgJS+!M-a3v>uy>->k z8FG&9ZWHD>I#E9mwwCk1K{>Hmj)a*`pEh42DV2_8Ae?EhcD$S;WW~BA@8pZkTi$|8 zy*>V>G`E9ooHhI78II0zNaAF;uL95qHG6~^^9KPx|19<7{#((n`3P7q1?CevwYau$ zKA3YOJCx=l_HvDM!E$ixxzpH-Z)4d?ILbReI^-n%itX?^z(1AMuF-sA_1u61-+=;0 zt`VvDlA=wb_50ohG~K=iLHX~qFvJJ-Z*NIR%i znG4&|YQJtG`P&KJAzCAlnDZDoun5awvf5q6|G`#E@N!(nk4nL+^FcE-j$`+v!)!C0 zxXq6}eZS9BhvDn!TxyoXSt%ayi6Tk8&`Z{uy#6Psvrk3!j+kioe{btWX_4?w?S^7$%iZHet)a9t7h))9!VyHF0+HXm zAr5Yz8x(N9voLPa3t#I&ix=mUMV92Z(IAtDG&Nr7jmC#y?k{(byaoS9Y1;_FgK3%o__BnzuW)ZKEvB>IhDQ?^Vy8H%QtN zi_c8QJ|P;t&1=upL*5>XT~z-bYkDYBI9+EkXJRov;vg2Y!~AT`Q!YF6?gFDuhbYxo zX1X9LVK0rpXi`50$Q1ExZjE~x;mwwddUslUf_pL3}%J{=@2=wC}UJ+eq-B zFU+l|?NaS3jm6*AQ=zfSUq$q!avH{<2==UwB_-L + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${applicationLoggerPattern} + + + + + + + + + + + + ${logDirectory}/${generalLogName}.log + + + ${logDirectory}/${generalLogName}.log.%d{yyyy-MM-dd}.zip + + 30 + + + ${applicationLoggerPattern} + + + + + + 256 + + true + + + + + + + + + + + + + + + + + + + ${logDirectory}/${auditLogName}.log + + + ${logDirectory}/${auditLogName}.log.%d{yyyy-MM-dd}.zip + + 30 + + + ${auditLoggerPattern} + + + + 256 + + + + + ${logDirectory}/${metricsLogName}.log + + + ${logDirectory}/${metricsLogName}.log.%d{yyyy-MM-dd}.zip + + 30 + + + ${metricsLoggerPattern} + + + + + + 256 + + + + + ${logDirectory}/${errorLogName}.log + + + ${logDirectory}/${errorLogName}.log.%d{yyyy-MM-dd}.zip + + 30 + + + ${errorLoggerPattern} + + + + + 256 + + + + + ${debugLogDirectory}/${debugLogName}.log + + + ${logDirectory}/${debugLogName}.log.%d{yyyy-MM-dd}.zip + + 30 + + + ${defaultLoggerPattern} + + + + + 256 + + true + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties new file mode 100755 index 00000000..6981fb05 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/music.properties @@ -0,0 +1,34 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +music.version = v2 +music.keyspace = keyspaces +music.session.keyspace = portal +music.tables = tables +music.session.attr.tables = spring_session_attributes +music.session.meta.tables = spring_session +music.consistency.info = type +music.consistency.info.value = eventual +music.cache = false +music.session.max.inactive.interval.seconds = 1800 +music.serialize.compress = true + +#By default it's eventual +music.atomic.get = false +music.atomic.put = true +cassandra.host={{.Values.cassandra.service.name}} +zookeeper.host={{.Values.zookeeper.service.name}} +cassandra.user={{.Values.cassandra.config.cassandraUsername}} +cassandra.password={{.Values.cassandra.config.cassandraPassword}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties new file mode 100755 index 00000000..1760d5bc --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/openid-connect.properties @@ -0,0 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +authentication_server_url = http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/ +ecomp_openid_connect_client = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/openid_connect_login +ecomp_redirect_uri = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/welcome.htm diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties new file mode 100755 index 00000000..06726702 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/portal.properties @@ -0,0 +1,43 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Not used by portal +portal.api.impl.class = org.onap.portalsdk.core.onboarding.client.OnBoardingApiServiceImpl.not.used.by.portal +portal.api.prefix = /api +max.idle.time = 5 +user.attribute.name = user_attribute + +# for single sign on +ecomp_redirect_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm + +# URL of the ECOMP Portal REST API +ecomp_rest_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/auxapi + +ueb_listeners_enable = true + +ueb_app_key = 7GkVcrO6sIDb3ngW +ueb_app_secret = uCYgKjWKK5IxPGNNZzYSSWo9 +ueb_app_mailbox_name = ECOMP-PORTAL-INBOX + +ueb_url_list = message-router +ecomp_portal_inbox_name = ECOMP-PORTAL-INBOX + +# Consumer group name for UEB topic. +# Use the special tag to generate a unique one for each sdk-app server. +ueb_app_consumer_group_name = {UUID} + +role_access_centralized = remote + +ext_req_connection_timeout = 15000 +ext_req_read_timeout = 20000 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties new file mode 100755 index 00000000..8d21859b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/config/deliveries/properties/ONAPPORTAL/system.properties @@ -0,0 +1,124 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#mysql +db.driver = org.mariadb.jdbc.Driver +db.connectionURL = jdbc:mariadb:failover://portal-db:3306/portal +db.userName =root +db.password =Aa123456 +db.hib.dialect = org.hibernate.dialect.MySQLDialect +db.min_pool_size = 5 +db.max_pool_size = 10 +hb.dialect = org.hibernate.dialect.MySQLDialect +hb.show_sql = false +hb.db_reconnect = true +hb.idle_connection_test_period = 3600 + +app_display_name = Portal +files_path = /tmp +context_root = ONAPPORTAL +# menu settings +menu_query_name = menuData +menu_properties_file_location = /WEB-INF/fusion/menu/ +application_menu_set_name = APP +application_menu_attribute_name = applicationMenuData +application_menu_properties_name = menu.properties +business_direct_menu_set_name = BD +business_direct_menu_properties_name = bd.menu.properties +business_direct_menu_attribute_name = businessDirectMenuData + +application_user_id = 30000 +post_default_role_id = 1 + +#Enable Fusion Mobile capabilities for the application +mobile_enable = false + +cache_config_file_path = /WEB-INF/conf/cache.ccf +cache_switch = 1 +cache_load_on_startup = false + +user_name = fullName +decryption_key = AGLDdG4D04BKm2IxIWEr8o== + + +#Cron Schedules +cron_site_name = one +log_cron = 0 * * * * ? * +sessiontimeout_feed_cron = 0 0/5 * * * ? * + +#Front end URL +frontend_url = https://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/applicationsHome + + +# An Unqiue 128-bit value defined to indentify a specific version of +# ECOMP Portal deployed on a specific virtual machine. +# This value must be generated and updated at the time of +# the deployment. +# Online Unique UUID generator - https://www.uuidgenerator.net/ +instance_uuid = 90bc9497-10e6-49fe-916b-dcdfaa972383 + +elastic_search_url = http:// +contact_us_link = http:// +user_guide_link = http:// + +# Contact Us page properties +ush_ticket_url = http:// +feedback_email_address = portal@lists.onap.org +portal_info_url = https:// + +#Online user bar refresh interval, in seconds +online_user_update_rate = 30 + +#Online user bar refresh total duration, in seconds +online_user_update_duration = 300 + +#authenticate user server +authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers + +#window width threshold to collapse left/right menu when page onload +window_width_threshold_left_menu = 1400 +window_width_threshold_right_menu = 1350 + +# User notification refresh interval and duration, in seconds +notification_update_rate = 90 +notification_update_duration = 900 + +#Microservices Related Properties for Portal +microservices.widget.protocol = http +microservices.widget.hostname = portal-widget +microservices.widget.username = widget_user +microservices.widget.password = M+KcrCMVrR1rAxtiFE49n1uXC3FCkNBqFgeYsubEC/U= +#This property won't be needed after consul is functional on VMs - +microservices.widget.local.port = 8082 +microservices.m-learn.local.port = 8083 +#HALO API enable flag +external_access_enable = false + +#delete auditlog from number of days ago +auditlog_del_day_from = 365 + +#External system notification URL +external_system_notification_url= https://jira.onap.org/browse/ + +# External Access System Basic Auth Credentials & Rest endpoint(These credentials doesn't work as these are place holders for now) +ext_central_access_user_name = aaf_admin@people.osaaf.org +ext_central_access_password = VTCIC7wfMI0Zy61wkqKQC0bF0EK2YmL2JLl1fQU2YC4= +ext_central_access_url = https://aaf-service:8100/authz/ +ext_central_access_user_domain = @people.osaaf.org + +# External Central Auth system access +remote_centralized_system_access = true + +#cookie domain +cookie_domain = onap.org diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/server/server.xml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/server/server.xml new file mode 100755 index 00000000..c9515c1f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/resources/server/server.xml @@ -0,0 +1,149 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/NOTES.txt new file mode 100755 index 00000000..9a67a4c9 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/configmap.yaml new file mode 100755 index 00000000..28de588a --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-onapportal + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml new file mode 100755 index 00000000..1fa62bf9 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/deployment.yaml @@ -0,0 +1,165 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-job-completion + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: "{{ .Values.global.pullPolicy | default .Values.pullPolicy }}" + command: + - /root/job_complete.py + args: + - --job-name + - {{ include "common.namespace" . }}-portal-db-config + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /start-apache-tomcat.sh + - -i + - "" + - -n + - "" + env: + - name: CATALINA_OPTS + value: > + -Djavax.net.ssl.keyStore={{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + -Djavax.net.ssl.keyStorePassword={{ .Values.global.trustpass }} + -Djavax.net.ssl.trustStore={{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + -Djavax.net.ssl.trustStorePassword={{ .Values.global.trustpass }} + - name: javax.net.ssl.keyStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.keyStorePassword + value: {{ .Values.global.trustpass }} + - name: javax.net.ssl.trustStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.trustStorePassword + value: {{ .Values.global.trustpass }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ .Values.service.internalPort3 }} + - containerPort: {{ .Values.service.internalPort4 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/fusion/conf/fusion.properties" + subPath: fusion.properties + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/openid-connect.properties" + subPath: openid-connect.properties + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/conf/system.properties" + subPath: system.properties + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/portal.properties" + subPath: portal.properties + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/music.properties" + subPath: music.properties + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/logback.xml" + subPath: logback.xml + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" + subPath: server.xml + - name: authz-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}" + subPath: {{ .Values.global.keystoreFile}} + - name: authz-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}" + subPath: {{ .Values.global.truststoreFile}} + - name: var-log-onap + mountPath: /var/log/onap + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - name: portal-data-filebeat + mountPath: /usr/share/filebeat/data + - name: var-log-onap + mountPath: /var/log/onap + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: properties-onapportal + configMap: + name: {{ include "common.fullname" . }}-onapportal + defaultMode: 0755 + - name: authz-onapportal + secret: + secretName: {{ include "common.fullname" . }}-authz-onapportal + - name: filebeat-conf + configMap: + name: portal-filebeat + - name: var-log-onap + emptyDir: {} + - name: portal-data-filebeat + emptyDir: {} + - name: portal-tomcat-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/secret.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/secret.yaml new file mode 100755 index 00000000..18f85c16 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/secret.yaml @@ -0,0 +1,27 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-authz-onapportal + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: +{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/service.yaml new file mode 100755 index 00000000..0813682d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/templates/service.yaml @@ -0,0 +1,69 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "portal", + "version": "v2", + "url": "/", + "protocol": "REST" + "port": "{{ .Values.service.externalPort }}", + "visualRange":"1" + } + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{ if or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer") -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName }}2 + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName }}3 + - port: {{ .Values.service.externalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + name: {{ .Values.service.portName }}4 + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName }}2 + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName }}3 + {{- end }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml new file mode 100755 index 00000000..aa8951c0 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-app/values.yaml @@ -0,0 +1,110 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/portal-app:2.5.0 +pullPolicy: Always + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: LoadBalancer + name: portal-app + portName: portal-app + externalPort: 8989 + internalPort: 8080 + nodePort: 15 + externalPort2: 8006 + internalPort2: 8005 + nodePort2: 13 + externalPort3: 8010 + internalPort3: 8009 + nodePort3: 14 + externalPort4: 8443 + internalPort4: 8443 + nodePort4: 25 + +mariadb: + service: + name: portal-db +widget: + service: + name: portal-widget +cassandra: + service: + name: portal-cassandra + config: + cassandraUsername: root + cassandraPassword: Aa123456 +zookeeper: + service: + name: portal-zookeeper +messageRouter: + service: + name: message-router + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 10Gi + requests: + cpu: 1 + memory: 6Gi + large: + limits: + cpu: 4 + memory: 15Gi + requests: + cpu: 2 + memory: 8Gi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/Chart.yaml new file mode 100755 index 00000000..b26f50ef --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: Portal cassandra +name: portal-cassandra +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql new file mode 100755 index 00000000..4fd368a5 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal.cql @@ -0,0 +1,68 @@ +// Copyright © 2018 Amdocs, Bell Canada, AT&T +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +CREATE KEYSPACE IF NOT EXISTS portal + WITH REPLICATION = { + 'class' : 'SimpleStrategy', + 'replication_factor': 1 + } + AND DURABLE_WRITES = true; + + +CREATE TABLE portal.spring_session ( + primary_id text PRIMARY KEY, + creation_time text, + expiry_time text, + last_access_time text, + max_inactive_interval text, + principal_name text, + session_id text, + vector_ts text +) WITH bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '10'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; + + +CREATE TABLE portal.spring_session_attributes ( + primary_id text, + attribute_name text, + attribute_bytes blob, + vector_ts text, + PRIMARY KEY (primary_id, attribute_name) +) WITH CLUSTERING ORDER BY (attribute_name ASC) + AND bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '1'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql new file mode 100755 index 00000000..7827727e --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portal_single.cql @@ -0,0 +1,145 @@ +// Copyright © 2018 Amdocs, Bell Canada, AT&T +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + + +CREATE KEYSPACE IF NOT EXISTS admin + WITH REPLICATION = { + 'class' : 'SimpleStrategy', + 'replication_factor': 1 + } + AND DURABLE_WRITES = true; + +CREATE TABLE IF NOT EXISTS admin.keyspace_master ( + uuid uuid, + keyspace_name text, + application_name text, + is_api boolean, + password text, + username text, + is_aaf boolean, + PRIMARY KEY (uuid) +); + + +CREATE KEYSPACE IF NOT EXISTS portal + WITH REPLICATION = { + 'class' : 'SimpleStrategy', + 'replication_factor': 1 + } + AND DURABLE_WRITES = true; + + +CREATE TABLE portal.spring_session ( + primary_id text PRIMARY KEY, + creation_time text, + expiry_time text, + last_access_time text, + max_inactive_interval text, + principal_name text, + session_id text, + vector_ts text +) WITH bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '10'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; + + +CREATE TABLE portal.spring_session_attributes ( + primary_id text, + attribute_name text, + attribute_bytes blob, + vector_ts text, + PRIMARY KEY (primary_id, attribute_name) +) WITH CLUSTERING ORDER BY (attribute_name ASC) + AND bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '1'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; + + + +CREATE KEYSPACE IF NOT EXISTS portalsdk + WITH REPLICATION = { + 'class' : 'SimpleStrategy', + 'replication_factor': 1 + } + AND DURABLE_WRITES = true; + + +CREATE TABLE portalsdk.spring_session ( + primary_id text PRIMARY KEY, + creation_time text, + expiry_time text, + last_access_time text, + max_inactive_interval text, + principal_name text, + session_id text, + vector_ts text +) WITH bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '10'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; + + +CREATE TABLE portalsdk.spring_session_attributes ( + primary_id text, + attribute_name text, + attribute_bytes blob, + vector_ts text, + PRIMARY KEY (primary_id, attribute_name) +) WITH CLUSTERING ORDER BY (attribute_name ASC) + AND bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '1'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql new file mode 100755 index 00000000..4f6148e3 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/resources/config/cassandra/docker-entrypoint-initdb.d/portalsdk.cql @@ -0,0 +1,68 @@ +// Copyright © 2018 Amdocs, Bell Canada, AT&T +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +CREATE KEYSPACE IF NOT EXISTS portalsdk + WITH REPLICATION = { + 'class' : 'SimpleStrategy', + 'replication_factor': 1 + } + AND DURABLE_WRITES = true; + + +CREATE TABLE portalsdk.spring_session ( + primary_id text PRIMARY KEY, + creation_time text, + expiry_time text, + last_access_time text, + max_inactive_interval text, + principal_name text, + session_id text, + vector_ts text +) WITH bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '10'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; + + +CREATE TABLE portalsdk.spring_session_attributes ( + primary_id text, + attribute_name text, + attribute_bytes blob, + vector_ts text, + PRIMARY KEY (primary_id, attribute_name) +) WITH CLUSTERING ORDER BY (attribute_name ASC) + AND bloom_filter_fp_chance = 0.01 + AND caching = {'keys': 'ALL', 'rows_per_partition': '1'} + AND comment = '' + AND compaction = {'class': 'org.apache.cassandra.db.compaction.SizeTieredCompactionStrategy', 'max_threshold': '32', 'min_threshold': '4'} + AND compression = {'chunk_length_in_kb': '64', 'class': 'org.apache.cassandra.io.compress.LZ4Compressor'} + AND crc_check_chance = 1.0 + AND dclocal_read_repair_chance = 0.1 + AND default_time_to_live = 0 + AND gc_grace_seconds = 864000 + AND max_index_interval = 2048 + AND memtable_flush_period_in_ms = 0 + AND min_index_interval = 128 + AND read_repair_chance = 0.0 + AND speculative_retry = '99PERCENTILE'; diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/NOTES.txt new file mode 100755 index 00000000..ee7a285c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/configmap.yaml new file mode 100755 index 00000000..3f454689 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/configmap.yaml @@ -0,0 +1,28 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-docker-entry-initd + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/cassandra/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml new file mode 100755 index 00000000..20407940 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/deployment.yaml @@ -0,0 +1,107 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + - containerPort: {{ .Values.service.internalPort2 }} + - containerPort: {{ .Values.service.internalPort3 }} + - containerPort: {{ .Values.service.internalPort4 }} + - containerPort: {{ .Values.service.internalPort5 }} + {{ if eq .Values.liveness.enabled true }} + livenessProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end }} + readinessProbe: + exec: + command: + - /bin/bash + - -c + - nodetool status | grep $POD_IP | awk '$1!="UN" { exit 1; }' + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: CASSUSER + value: "{{ .Values.config.cassandraUsername }}" + - name: CASSPASS + value: "{{ .Values.config.cassandraPassword }}" + - name: JVM_OPTS + value: "{{ .Values.config.cassandraJvmOpts }}" + - name: POD_IP + valueFrom: + fieldRef: + fieldPath: status.podIP + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: cassandra-docker-entrypoint-initdb + mountPath: /docker-entrypoint-initdb.d/aaa_portal_single.cql + subPath: portal_single.cql + - name: {{ include "common.fullname" . }}-data + mountPath: /var/lib/cassandra/data + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: cassandra-docker-entrypoint-initdb + configMap: + name: {{ include "common.fullname" . }}-docker-entry-initd + - name: localtime + hostPath: + path: /etc/localtime + {{- if .Values.persistence.enabled }} + - name: {{ include "common.fullname" . }}-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml new file mode 100755 index 00000000..252ca765 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pv.yaml @@ -0,0 +1,38 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pvc.yaml new file mode 100755 index 00000000..1deed4e9 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/pvc.yaml @@ -0,0 +1,49 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/service.yaml new file mode 100755 index 00000000..b404559f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/templates/service.yaml @@ -0,0 +1,70 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.portName }}2 + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }} + name: {{ .Values.service.portName }}3 + - port: {{ .Values.service.externalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }} + name: {{ .Values.service.portName }}4 + - port: {{ .Values.service.externalPort5 }} + targetPort: {{ .Values.service.internalPort5 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort5 }} + name: {{ .Values.service.portName }}5 + + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + - port: {{ .Values.service.externalPort2 }} + targetPort: {{ .Values.service.internalPort2 }} + name: {{ .Values.service.portName }}2 + - port: {{ .Values.service.externalPort3 }} + targetPort: {{ .Values.service.internalPort3 }} + name: {{ .Values.service.portName }}3 + - port: {{ .Values.service.externalPort4 }} + targetPort: {{ .Values.service.internalPort4 }} + name: {{ .Values.service.portName }}4 + - port: {{ .Values.service.externalPort5 }} + targetPort: {{ .Values.service.internalPort5 }} + name: {{ .Values.service.portName }}5 + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml new file mode 100755 index 00000000..c46ca423 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-cassandra/values.yaml @@ -0,0 +1,113 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for mariadb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + persistence: {} + + +# application image +repository: nexus3.onap.org:10001 +image: onap/music/cassandra_music:3.0.0 +pullPolicy: Always + +# application configuration +config: + cassandraUsername: root + cassandraPassword: Aa123456 + cassandraJvmOpts: -Xmx2536m -Xms2536m + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: portal/cassandra/data + +service: + type: ClusterIP + name: portal-cassandra + portName: portal-cassandra + externalPort: 9160 + internalPort: 9160 + externalPort2: 7000 + internalPort2: 7000 + externalPort3: 7001 + internalPort3: 7001 + externalPort4: 7199 + internalPort4: 7199 + externalPort5: 9042 + internalPort5: 9042 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 1 + memory: 4Gi + large: + limits: + cpu: 4 + memory: 10Gi + requests: + cpu: 2 + memory: 6Gi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/Chart.yaml new file mode 100755 index 00000000..2e0a822d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: MariaDB Service +name: portal-mariadb +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh new file mode 100755 index 00000000..f00bf8b7 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/docker-entrypoint.sh @@ -0,0 +1,190 @@ +#!/bin/bash +set -eo pipefail +shopt -s nullglob + +# if command starts with an option, prepend mysqld +if [ "${1:0:1}" = '-' ]; then + set -- mysqld "$@" +fi + +# skip setup if they want an option that stops mysqld +wantHelp= +for arg; do + case "$arg" in + -'?'|--help|--print-defaults|-V|--version) + wantHelp=1 + break + ;; + esac +done + +# usage: file_env VAR [DEFAULT] +# ie: file_env 'XYZ_DB_PASSWORD' 'example' +# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of +# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) +file_env() { + local var="$1" + local fileVar="${var}_FILE" + local def="${2:-}" + if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then + echo >&2 "error: both $var and $fileVar are set (but are exclusive)" + exit 1 + fi + local val="$def" + if [ "${!var:-}" ]; then + val="${!var}" + elif [ "${!fileVar:-}" ]; then + val="$(< "${!fileVar}")" + fi + export "$var"="$val" + unset "$fileVar" +} + +_check_config() { + toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" ) + if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then + cat >&2 <<-EOM + + ERROR: mysqld failed while attempting to check config + command was: "${toRun[*]}" + + $errors + EOM + exit 1 + fi +} + +# Fetch value from server config +# We use mysqld --verbose --help instead of my_print_defaults because the +# latter only show values present in config files, and not server defaults +_get_config() { + local conf="$1"; shift + "$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null | awk '$1 == "'"$conf"'" { print $2; exit }' +} + +# allow the container to be started with `--user` +if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then + _check_config "$@" + DATADIR="$(_get_config 'datadir' "$@")" + mkdir -p "$DATADIR" + find "$DATADIR" \! -user mysql -exec chown mysql '{}' + + exec gosu mysql "$BASH_SOURCE" "$@" +fi + +if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then + # still need to check config, container may have started with --user + _check_config "$@" + # Get config + DATADIR="$(_get_config 'datadir' "$@")" + + if [ ! -d "$DATADIR/mysql" ]; then + file_env 'MYSQL_ROOT_PASSWORD' + if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then + echo >&2 'error: database is uninitialized and password option is not specified ' + echo >&2 ' You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD' + exit 1 + fi + + mkdir -p "$DATADIR" + + echo 'Initializing database' + # "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here) + mysql_install_db --datadir="$DATADIR" --rpm "${@:2}" + echo 'Database initialized' + + SOCKET="$(_get_config 'socket' "$@")" + "$@" --skip-networking --socket="${SOCKET}" & + pid="$!" + + mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" ) + + for i in {60..0}; do + if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then + break + fi + echo 'MySQL init process in progress...' + sleep 1 + done + if [ "$i" = 0 ]; then + echo >&2 'MySQL init process failed.' + exit 1 + fi + + if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then + # sed is for https://bugs.mysql.com/bug.php?id=20545 + mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql + fi + + if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then + export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)" + echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD" + fi + + rootCreate= + # default root to listen for connections from anywhere + file_env 'MYSQL_ROOT_HOST' '%' + if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then + # no, we don't care if read finds a terminating character in this heredoc + # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151 + read -r -d '' rootCreate <<-EOSQL || true + CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ; + GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ; + EOSQL + fi + + "${mysql[@]}" <<-EOSQL + -- What's done in this file shouldn't be replicated + -- or products like mysql-fabric won't work + SET @@SESSION.SQL_LOG_BIN=0; + + DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ; + SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ; + GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ; + ${rootCreate} + DROP DATABASE IF EXISTS test ; + FLUSH PRIVILEGES ; + EOSQL + + if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then + mysql+=( -p"${MYSQL_ROOT_PASSWORD}" ) + fi + + file_env 'MYSQL_DATABASE' + if [ "$MYSQL_DATABASE" ]; then + echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}" + mysql+=( "$MYSQL_DATABASE" ) + fi + + file_env 'MYSQL_USER' + file_env 'MYSQL_PASSWORD' + if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then + echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}" + + if [ "$MYSQL_DATABASE" ]; then + echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}" + fi + fi + + echo + for f in /docker-entrypoint-initdb.d/*; do + case "$f" in + *.sh) echo "$0: running $f"; . "$f" ;; + *.sql) echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;; + *.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;; + *) echo "$0: ignoring $f" ;; + esac + echo + done + + if ! kill -s TERM "$pid" || ! wait "$pid"; then + echo >&2 'MySQL init process failed.' + exit 1 + fi + + echo + echo 'MySQL init process done. Ready for start up.' + echo + fi +fi + +exec "$@" \ No newline at end of file diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql new file mode 100755 index 00000000..59b85f7c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/resources/config/mariadb/oom_updates.sql @@ -0,0 +1,110 @@ +/* +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +*/ + +USE portal; +/* +Any updates required by OOM to the portaldb are made here. +1. split up SDC-FE and SDC-BE. Originally both FE and BE point to the same IP +while the OOM K8s version has these service split up. +*/ +-- app_url is the FE, app_rest_endpoint is the BE +--portal-sdk => TODO: doesn't open a node port yet +update fn_app set app_url = 'http://{{.Values.config.portalSdkHostName}}:{{.Values.config.portalSdkPort}}/ONAPPORTALSDK/welcome.htm', app_rest_endpoint = 'http://portal-sdk:8080/ONAPPORTALSDK/api/v3' where app_name = 'xDemo App'; +--dmaap-bc => the dmaap-bc doesn't open a node port.. +update fn_app set app_url = 'http://{{.Values.config.dmaapBcHostName}}:{{.Values.config.dmaapBcPort}}/ECOMPDBCAPP/dbc#/dmaap', app_rest_endpoint = 'http://dmaap-bc:8989/ECOMPDBCAPP/api/v2' where app_name = 'DMaaP Bus Ctrl'; +--sdc-be => 8443:30204, 8080:30205 +--sdc-fe => 8181:30206, 9443:30207 +update fn_app set app_url = 'http://{{.Values.config.sdcFeHostName}}:{{.Values.config.sdcFePort}}/sdc1/portal', app_rest_endpoint = 'http://sdc-be:8080/api/v3' where app_name = 'SDC'; +--pap => 8443:30219 +update fn_app set app_url = 'https://{{.Values.config.papHostName}}:{{.Values.config.papPort}}/onap/policy', app_rest_endpoint = 'https://pap:8443/onap/api/v3' where app_name = 'Policy'; +--vid => 8080:30200 +update fn_app set app_url = 'https://{{.Values.config.vidHostName}}:{{.Values.config.vidPort}}/vid/welcome.htm', app_rest_endpoint = 'https://vid:8443/vid/api/v3' where app_name = 'Virtual Infrastructure Deployment'; +--sparky => TODO: sparky doesn't open a node port yet +update fn_app set app_url = 'https://{{.Values.config.aaiSparkyHostName}}:{{.Values.config.aaiSparkyPort}}/services/aai/webapp/index.html#/viewInspect', app_rest_endpoint = 'https://aai-sparky-be.{{.Release.Namespace}}:8000/api/v2' where app_name = 'A&AI UI'; +--cli => 8080:30260 +update fn_app set app_url = 'http://{{.Values.config.cliHostName}}:{{.Values.config.cliPort}}/', app_type = 1 where app_name = 'CLI'; +--msb-iag => 80:30280 +update fn_app set app_url = 'http://{{.Values.config.msbHostName}}:{{.Values.config.msbPort}}/iui/microservices/default.html' where app_name = 'MSB'; + + + +/* Create RIC Dashboard app */ + +INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES +(12, 'RIC-Dashboard', '', NULL, NULL, 'http://{{.Values.config.ricdashboardHostName}}:{{.Values.config.ricdashboardPort}}', '','http://portal.api.simpledemo.onap.org:8990/ONAPPORTALSDK/api/v2', '', '', NULL, 'password', 'N', 'Y', NULL, 'Default', 'ueb_key', 'ueb_secret', 'ECOMP-PORTAL-OUTBOX', 1,'N',NULL); + + + +/* +Create SO-Monitoring App +*/ +INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES +(10, 'SO-Monitoring', 'images/cache/portal-345993588_92550.png', NULL, NULL, 'http://{{.Values.config.soMonitoringHostName}}:{{.Values.config.soMonitoringPort}}', NULL, 'http://so-monitoring:30224', '', '', NULL, 'password', 'Y', 'Y', NULL, 'user', '', '', '', 1,'N','SO-Monitoring'); + +/* +Add SO Monitoring to Default apps +*/ +INSERT IGNORE INTO `fn_pers_user_app_sel` VALUES (10,1,10,'S'); + +/* +Add Contact information for SO Monitoring +*/ +INSERT IGNORE INTO `fn_app_contact_us` (app_id, contact_name, contact_email, url, active_yn, description) VALUES ( 10,"SO Team","so@lists.onap.org","https://wiki.onap.org/display/DW/Approved+Projects",NULL, "Service Orchestration (SO)."); + +/* +Additionally, some more update statments; these should be refactored to another SQL file in future releases +*/ + +-- portal +update fn_app set auth_central = 'Y' , auth_namespace = 'org.onap.portal' where app_id = 1; +-- portal-sdk +update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key' where app_id = 2; +-- SDC +update fn_app set app_username='sdc', app_password='j85yNhyIs7zKYbR1VlwEfNhS6b7Om4l0Gx5O8931sCI=', ueb_key='ueb_key' where app_id = 4; +-- policy +update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='ueb_key_5', auth_central = 'Y' , auth_namespace = 'org.onap.policy' where app_id = 5; +-- vid +update fn_app set app_username='Default', app_password='2VxipM8Z3SETg32m3Gp0FvKS6zZ2uCbCw46WDyK6T5E=', ueb_key='2Re7Pvdkgw5aeAUD', auth_central = 'Y' , auth_namespace = 'org.onap.vid' where app_id = 6; +-- aai sparky +update fn_app set app_username='aaiui', app_password='4LK69amiIFtuzcl6Gsv97Tt7MLhzo03aoOx7dTvdjKQ=', ueb_key='ueb_key_7' where app_id = 7; + + +/* +Replace spaces with underscores for role names to match AAF role names +*/ +UPDATE fn_role SET role_name= REPLACE(role_name, ' ', '_') WHERE active_yn= 'Y'; + + +/* +Onboard LF Acumos App +*/ +INSERT IGNORE INTO `fn_app` (`app_id`, `app_name`, `app_image_url`, `app_description`, `app_notes`, `app_url`, `app_alternate_url`, `app_rest_endpoint`, `ml_app_name`, `ml_app_admin_id`, `mots_id`, `app_password`, `open`, `enabled`, `thumbnail`, `app_username`, `ueb_key`, `ueb_secret`, `ueb_topic_name`, `app_type`,`auth_central`,`auth_namespace`) VALUES +(11, 'LF Acumos Marketplace', 'images/cache/portal_907838932_26954.png', NULL, NULL, 'https://marketplace.acumos.org/#/home', NULL, NULL, '', '', NULL, '', 'Y', 'Y', NULL, '', '', '', '', 2,'N',NULL); + + +-- add Acumos thumbnail +UPDATE`fn_app`SET`thumbnail`=0x89504E470D0A1A0A0000000D494844520000010D0000004408060000009B326018000000017352474200AECE1CE90000000467414D410000B18F0BFC6105000000097048597300000EC400000EC401952B0E1B000051D749444154785EED7D07605555D6F54AEFBDF742120221F41E7A930E0A2A36D451B18E7DFC6C63EF3ACE388EBD6043054511A448EFBD844012D27BEFBD27FF5EFBBD28202558E67766B2E0E625EFB673CB5E67ED7DF639C7A443803F289A9BDB50515E8F152BE2B07A6D124C4C4DE0E06085871F9A0467672B242695A0ADDD048BBF3884E69676B8B8D962D8207F0C1FE887A8084F24A69600268087AB9D2CB63031913FBAD18D6EFC2AFC7F278DC2FC2AC41F2F4479692D2CADCD919F5B0D5F7F27F48EF6C5FAB509D8B93B0BA56575B077B4468B10C3002185E8DEDE58BE2A1E0E7696080E71C5965DE9B07790F56D406D630B5AE592AEBA241A3985B5D8B43713013E8E1814ED8388101739A329C2839CD13FD2D350806E74A31B1784FF6FA471707726962CDE8F92E21A2585BBFE321EC34787E2F18757A3674F2F9C482E415646194C2DCC6061618EC6D636F8783BE1A69B87E3B3250771F0483EEEBF672C3E5A72081DA6663033073ACC4CE507D0C2A5AD1D174F8BC489CC0A1C8C2B8095ADA5F085095ADADB10E2EB84293121F074B3C194E1C1C61275A31BDDE80AFEADA4D12A522023A504AFBFB811B107F2E02C465B5BDB8C19F3FBE1BE4726EB36CDB2CDE5733ED46D69E8266626686BEB40B390C05F1F9D821DBB32F0FDDA440C1D120467576BECDA93250AC502EDE27A989ACBB67239266666FA49A2B9624E1F1C4E2844625AB91CCF02AD72ACB0205704F9D8E3D3D589880872C193B78E44DF080F3D7F37BAD18D7343AAE6DF1759A92538B8331DFF7A76039EB9F73B3C74F357488E2F4280B8080162BC93A6F746700F77E3D6404E6639AAAB1B6069694E6140E180CAAA465CBB70308A44956CDB960A7B714B7CBCEC91935D095321156E632A3FDB4918F20779D054AECC4294C7722198FE3D3D1112E084E6A656D9B203365666B2AD097C3DEC515AD18067DFDF8BC389C5D87630475C20F171BAD18D6E9C15664F088CBFFF66686D6EC3C615C7F1CE4B9B4425B4E3BD57B6E2C89E0CE48991F78CF6C6806181E83F34182EEE7628CCADC4FEDD194200E5B016C5B0757332FAF4F545427C21CCC5E8EBEA5B3054B69F32B5279E7AEA079889AB626F6F891E611E481443178610C63085528709DD13611A3287280F33F9BEADBD0369D9559838320825E50DA8AC6D52F78401D29CC26A580939719BB6D60EFCE3B343D8775C084D088984D28D6E74E3E7F85D94464D5503CA4BAA111EE585CDDFC5C3D1C91A73AE1E827B9F9A0EDF405714E455E3DB2507B0EEDB38A48B12A14BB272D951EC1215B172591CEA6B9A71DB9DA34519B4C04388E5A2A99178F491756AE02489800017716B1A505BD748DB97A55D7F76B4B70B6F1874877E25DB9A8B5C696C6EC5EAADE9983C32183616E2CAC8AACADA46833221C7D0B591ED6C6DCC91955F855B9EDA886D877265AB6E74A31BA7E3778D6964A79562C95BBBE0EBE78CF8B83C242714C1CCDC1466A220CCADCDD121864AA36D1745D0DED20107676BF419E087E5CB6231624C18EEB8670C7C7D9CF0FE7B7BF1CD3747E1EC6A8792D25ADC7DCF587CF6C5117525CCCDCD657F03515068B4CBF13AC465818919AF4E8F4D57A54A148BAD9D05AE9E1D8DE89EEE2815D5F1F83BBB61696E8656F15AE64EEC818D7BB3515A590F37671B0CE8E981876E18063B1B0BC3C574A31BDD50FCA64AA3AEA6D1F89B01813DDC917EA2108BFFB90D19C9C5B013B7C2D6C61216E286988A410B65A82230E96817B7C314B9D915080C71839D9D158E1ECA868DAD052CACCC30615218EAEB5A9095550E7F21A0CCCC72545634A83A686B6B13C26947B3587E93B8450DCDED528E6654563608C1D4A1A0A81AC5A58D701542F2F3B4C7F4B1A1880EF7C0787179E68C0FD37D064779E2C68BFBE09EAB07E0A2114118D4CB03E5D54D4817D7A91BDDE8C6A9F8554AA3BDAD1DA50535D8BF351947F765236A4000D62F3F8A1B1F9D2CC6EF8A7D5B528420CC912A0AE3D8A11C5494D5A343C8C2C2C2523EDBD101337527DACD4415886BD1D8D486E8817EDAA272FC7821264C8D40AFDEBED8B02E11B32FE98BB008778486BAE39147D6E0E0915CB8B8DA6A1CC4D28A8B1C43140609C743C8C1DBD3019E1E767075B245634B2BF28A6B909255851BE747CB3A43BCE2D977F748194CB070566F04FA38EA77052535C8C8AB4589B85835428225423E61FECE18290AC84DDCAC6E74E37F1DBF9834F2324A11BB3303C7850C18836453C7F6EFE331686C0F210A4B34D43521490C7FD2DC3E6896DA9F6E4987FC4B4F2A467A6AA9A80E2B3172C377A6421A8C2FB4B677C02FD0052E1EF6D8B92D0DD3E74623E158018E1D2FC082AB07E3EE7BC7EAB95B455D3CF6F8063838580A5998CB37A259E4FC248DBAFA6694890A2912822A1157A356DC121373463D4C34DFE396AB07C2C949CE2D0AE799F7F68942E9C0B0BEDE78EECE51F866630A36EDCF4190B783B6CA3434B6C2CFCB1EF72F1CACE7ED4637BAF10B5B4FF2C43D483A9287A37BB3509A5F8D82AC0AA4C717C1D1CD0EA3A6F4C2F6B509E839C01F1525B5C84B2F478F282FA42516A140DC8F7E4383316058104E08193436B4AA719A98507188D10B5A5BDBE01BE08ADCCC32F41F1C80C2C26A3489F13258397D666FDD265548870961B1B105881342C9C8AC405A7A2952A55C39B955281375C0E42E4BB6B4385AC1C6CA12E6421C57CE89C2CE43F958B53515FE5E0EC82DAA858D28A176718F2AC5A5F97455BC0665738A6A905520D75552872BA74522C4CF49CF7B5814934F77AB4A37FEC771C1A4919F5186D59F1DC4CAC507909F5E863A632B04839AA3A7F5C291BD99A8AD6A847FB02B6A6B9A502D069C23063D767A14F2B24BB16753AAB8297598B770089CDCAC5155DE246E40931CD9A038D844EBE5EB888A8A460487B9232DA5144D0D2D98785124BEFD260E8D8D2D78E7ED3DEABE4C9A180E5F712B68E8241636B1527958989B69BC8344441DD5D8D48A9821816810923A9258289E503B22A47CCDADEDC828A8C2A59323B0799F2826E12D531353398E09A2C40D9A363A04EF7E7D0CF58D4DC82DAE45627A051EFEE72E38DA5B2032C4CD7043FECD484F4F47515109CA2BCA51525A8ABABA7A383B1B48AD1BDD381D35627F6952515695D6A1BCA0064599557016F5CCC688AE808E48E29E6C146654222FA904D6F69617E69E241ECEC1130B3F1735D00E7B91F8CC99606442BC0538B9DAA0F7D020ECDD9484E6A6360C1917266AA11C456294B4DC167103E6888B117F24178971F9AA307A0D0C44786F4F0D5A1E3D948B8AF23A315C33F41DE48FCAAA06F48EF6C1DAD509983AB30FF2F32AB17D7B3A1A8520DE7C6B3EEEB9F73B58D95868BE464888AB2809536489CA484A2B81B98519CC2CCDE59CEDA86F6E4564B827860DF4C7D2D5F13057774688A4A51DF75E3F148FBDB113B72D18802FD69D1032E980BBB30D068B32AAAD6FC57E51316CAE8D94E3975736C2CED60243FAF860E59654FCF5E6E188E9EFA7C7FA77A1AABA1AB7DF719794A54AAED70C2D52B6007F3FBCFBF6BF8C5B74A31BA762C9939BF1F1131BE1225E80982A8ACA2BB1F8E87D081197BC2B6066F69F7ABC8AAAE27A5434D5E2910F1674BDF5A4A2B806FFBCFF3B357647210833062F850C5833D78981470F0B46767231DA9A8546C4F8E84EB0C6679E9585F61F31C3FA15C7101EE58D9E7D7D5401A4C4E763CDD77128CAADC678511293448D58DB98225D8E13262A836C16DDD7175555F538723817F6F656183E2C5093BF7AF7F28295A5190A0A2AB1735726E2C4DD610BC96C513BE13DDC515FD3027F512C7D7A0A610CF0C39ACD295A16930EBA432668686A41AAB84B93C4553A72A244FE6EC55021A9182197A32965D829E446E5C126597B21272F775BA464552253C86BEAA810DCF7CA367CBE26D17073FE4D484FCF40756DAD90A2B9DE7F0B21C6CAEA2AE4648B4AEA4637CE80836B93606B632DCA9BFDB3E49D811992F6753D07898A9DEADD5AD4B5B5ECCD0AB9CBA4B14C6AE48AA23A58DB592963197E98A059DC054F7F6771356C912A866B2E86CC55861805C39C063010DA2A35E3C6157188EAEF8F3031FA56A9ED2D8484524F1461D5D223C813A39C3AA72FAEB969246EBD672C6EBC7524C27B7A61DBA614588B8190A7AEB86AB09245CCA8505538E6723318AFA8AA6EC4814379DA2BD65A2EF2963F0DC67BAFCEC11BCFCF10C337415E41B5121E6326CCEFA04B532F6ECF8BF78DC590686F5C3A25920D381AEF2816F7C9C64A6E2F133CE41A790D24391B6B33511F4568927D678DED81E73ED8872FD69CD0EBFB7720AFA040DD370B7323695858A05648242D33D3B84537BA712AF2922A602D0A99F6672A2E899D8D0DF67C7B21EFAC89DA0DED598EA079555D228DF48442EC58190F4B1BB28C9108E4477B7B1B3AE40833AF1A88AFDED90D3B472B35311EB8435E6EF57CD4E2E4D4F2BB419D9862F597471035C01F3DA37C34186A618C43241ECFC3CA2F631112E6AAB5285B3B7CFD1C515FDB2C46DE8AFEB24F546F2F9E1DE3C6F5808BB315DAC405A172A08B66656586868666ACDB90AC01CE4E8C1911848B64FB61E24E0CECE38D3E111E1810E98587160DD7F5D7CEEA8D84F412EC1275C1E0A9A5B02955462778CD3C07FFD94859576E4D839790E4D491C178FE83FD2828A9356EF9FB8171A3B4D474BDA72C0BC1CF367906054226DDE8C6E9488BCD47637DB3D8DD4F66CEE127B2C49E7F0DBA441A6B3E3E8086DA4635640365C84B2BFF5B5B3A10D9CF1FC70FE648ED4F16922FD53581760E63A733F15594343AC42DE0BE06C633C1C695C7111CEE8E883EBE68A8695426B31515D3D6DA8A7D3B33F4BC3C46B528883113C25059D1881917472361733ABE7C6E2B02029C1112EA8626512F3421AA045E0CF7099675B572B30A8A6BD1246EC8079FC7E2D0D13CA46694A1B8B4566E648B2A0DF639518821E617D769CCC2688FA7C2F825B7A65C73B4B5C4C7AB12B4235C94B851EF7F7B4CD7FF9E686C6840764E8E14C55066067309733373A4A6A58B826267BC5F86D2B2721C8F4F405CDC71A4A4A619BF3D376A6AEB909B9B2F845588A2A2626D81EA0A2A2A2A919F5F8002594A4B4B8DDF1A617C1C67425171313233B3905F58A0EE6F5751585884CCAC6C3DE7AF459DA8BAE494541C8D3BA69F3535BFAEB2A895FD4F2425EBBD4FCFC8D0BCA7DF12E9B185686E6E517BEB7C5F482035E50D28C9ADD2BF7F09BA14089DEEFD28BC825C55DEB00F28E3027CC2ACFD46CDE885C3DB33505FDF045331AE0E133331E416F4ECE7AB599EF187F345013065DCF0A2B38584BBD34D6017F68BE6F5D5CE6C69C92586B13398013AAD0F32334A515C5CA3B189B03E5E181113825917F7C513B33E959B51808F33EE475C6201EEB97B259C5D6DF5980CC07AFB3A62D28470AC589D48FEC29851C158B12E093636426062F0ADCC3597B25709A98C1E1288BBAE1BA22FE15FFEBE0D85A5F5E2FF9D9A36CE817FFAF52439B5235148874A8460F9A9662E9D128135DB33B1E485E9FAFDEF85FCC2423CF0E0C342A2B55A067D09E47EF3A5F0F1F6C2DF5F7E11F60E17D61CBC69F3567CBBE23B949697CBF3AB5715C3B47C6727470C1F3E14575F7105ECECEC8C5B9F8AE5DFACC0DBEF7F0027074778C9F99F7FFA49383A3A18D79E1D7FFBFB6BD8BE63973C810EF4EAD51B2F3EFBA4710DB0E09AEBE4FEDBA0AAAA0A77DE7E0B468F1A854F967C8E6DDB7748F91A9418593E2B2B4B840405E3F65B6F86A7E7CF8734A8936B79F783C5883B7A4C5CD07AC37EF2AED9D8DA62C4D0A1B8FCF2F9728D5D6F714A494DC5871F7E82ACDC6C51B28D72CF9BA542B494725821223C0CB7DF7233BCBCBA3EA8D3B1F8447CF8F147282E2CD6B2F259D2D5B4B1B6469F3E5172BC9BE020F7F5D7E2ADBB5663CD5BFBE1E06A2395B229DAE59DA50D971556E3E9D50B31647A4FE39667477B5B076E897A0DD5ECEC595287073E9D7F6EA5D12086F5C683AB60EF6CA3014FC801CC483152DBD5D736A1F7E0409497D6A1A2A446D7EB2A13210659DF202E859DAD35CF4A7A817C6DD88635921C877EB954F5F8F6A3FD881A148879D70CC6F5778CC6B44BFA234708E3C4B17CD456376B3F921D9B92111AE18E385119C7B6666A6C65F9ABBBD02FDA0F11F27D436D0B5AEA5BD1A7B73762860663F98A63A8AD6B4249592DECACE56188E2618F59AA040B59AC84CCE86A4489D2197BF5122CF93E01D7CE8ED2DEAD4CE8D20B3905244983DAE8045B2FAAEB5AB0646D12E64D0A47A5361BFF7E28CC93DAB9A0486B0A7B0707C4C4C4FC68E4256565C8931AB8ABC8CECDC51D77DD8FBF3CF81032B2B2D0D8D8A8C7B1104320A83C967CB10CD366CEC5DE7DFBF4BBD3D1D6D62A06D480C6A646DDBFD3653A1F9A5B9AE51E1BF669967D4F46BEB859C5A228D84AF4C3C64D983BEF727CF0E1C7A248CA757B1A575353132A2BABB067FF7E4C9F7B095E7BFD0D253C82EB972DFF0613264FC3AA55DFCB7594EAF6BA9F187A9990E3E7CB9661C6EC8BF1DDCAD57AFFCE052A89E75F7A190BAFBF09878FC66AF336AFD35A8C9B9FBCFE3DFBF663EEA597E39DF73F947B72EE6115CA45653DFEE4B3B8F6FA3F21E944326AEAEAF438DA7F4ACA585D5383F51B3763F28C3958FAF572E35EBF0C3C5EC2CE6CD8DA5BA2BAAC01F31F18A53DB9F96ED3ED4FDCFDCB83E767250DD6BE2FDFFE35B689013AB8D8A9AA2028723AE4E4D622D1C3A27D70786BAA30B8A53E00C37BC3D609533437081B4B4DCCDD648D128D6E4349201BF2A218CD6564F6E0F6345C77C718CC5D301033E645235E5C89BABA66D4892196145523BABF1FA2A27CF1BDB02607E4616067C757F168916D66CC8C4265553D2688E17A78D861D5DA04348BE133586A21ECCA1A8DA9EB94CFDA7222A4C1E65F17276B0D74BA3AD9606F5C81E68AF41577C35D58992ECF8FC4219FBC2EC3B59D0AC63758CE6FB6A42221B5144542A0BF1732A59663262CEF2163436347C7E82789902F7757E5774949291EFEEB13E2D2A4A0478F1EF2C25AA8D151FE17899AA9A8A8D04BF7F4F080938B339E7AF605AC5DFB8361E79340C94BD7882F3C09B9ABE0B6BA8F2CA7E70A58496DCB1A9C2A80AE9289AC670DCE6746A2A91405C2C06F9BBC3BF6A280820202F0FDDA75F8EB134FE9FEFF7AE36DBCFFFE62F8F9F9C2D5D555BFA3A1733FD6E87C193DDCDDE12ECBEB6FBD850F167FACDB9C0D4F3EFBBCAA315F5F1FD8DBDB0B41CAFB5852823CA36BC5BF1D85C0BDBDBCF09518F94B7FFB8771CF9F83E57FE6F917B06BCF6EBDEF241E920CCB5626A4CF67C867EB2AF7DCC7CB1B1F8852FAE8E34F8D7B5F38CAF36B64A916F56E8EA6D666F41E1988B0413E1AE360AA42AA7800BF14674DEE7A6CC12738BE37138ECEB654F5F222D1E06485B046A348E27173FB885B928646A9E5D90C43FFA3C354B7926DE4B593173A24D203A9C70B35B6C17C0E53715D94DDE580A6F2A9BD5CE54F4BB988590B06E879EDEDAD11D4C31DC347F5C0D09860F4EAE38BEB6F1B898AAC2ABC7AC7D770F370D2F3652617C23BD415D32FEF2F72DD547CC20AEC3B98A301513359CF7270F42E929BB5FC5D5ED5242445E33741ADB852F32E8AC4BA9DE92AD7AA453579BAD9A1ACAA01BD42DD902B6E115B584C29E984A4BC3D6C95344BCAEB7FF6A233685A2EFB6517D6A0A2BA51D3CE1DD8C2F41BE3BD0F3E16D96EE84047497CF5950BB062E52A91CAAD526337C1C5D909C3447A9F0F575F7B83D468D56A04AC29298BC78C1E2D527F11E6CE9E8D5E3D7B222B3B5B6B452B3160BA905BB76F47FF7E7DD5383A91909888FD070EC34A5E7E1AF094C993D46D381F76EFD9A33106C2C3C35DF7EB045D114AFECEDA97464E92701302183A7408264F1C0FFFA000A914C4784BCB94F429E9A950D6AD5F8FB8E3C7F5BA181C6E1077C64B5C9751A34662C2D831F0F1F4929ABD560D94C4642DE7D9272AC1598C3452AEF974BC4A376AD72EB9AFCEF22EB4A84B327CC810DC74D30D5878CD9518346080BA3D1999D9FA4ED8885B159F9080D696560C1CD0DF78949FF0F853CFE2C8915838CBF1E8BEB7C812E8EF8FF9975C82C99326C0C7C70BE5E5157ADFA90458C69DBB760B89B8213232C27894AEE3C09A64ECFE3651EE9189DC232B2C78740C9A4419EFFB3E09B68E56EA098CB9AC0F6CD89DE31C904780EFDFDC87A686568D05C65CD2FBCC4A63E5077B706C4F269CC490280CC8017439A8325A9ADBE017ECA646999F5AA63108AD8D4D459AB5B33A66CD2E062B37CFD2D2C2A8500CF91C1DF2309581A4A6903DE49FB8398DCDB0B631C7210EC493558E171F5E8D6D1B92B07CC9413CF9C04A1CDE9F096F4F47ACF8FB6E5881B2507615B8B838E0D34737CB31A05DEF776C4F959ACA4C5F24BD5259CC854CB2B32B85D9DD34206A2A17C3264B27B9515413F57213581C5B7161761CCA41CF6057EC3E928FE9A3427558C056B600C975B3A4C6D39E11DCFF84943D59CE157BA2CCF8ED6F8BD8B8A35A3B35CB0B1C121CA4DF458485C97535C2567CF5838762F5BB73E1F32FBE446945191CC4B0688CBD7AF5C45BFF7A0D0FDC77B71A419FA8DE98356B063E7AFF5D5C77F55572EC668D05D0C0FEFEFABF37818CB5708B18EAEC9933F0F187EFE1A1BFDC87CB2F9D8F3B6FB9056FFFEB9F78F2AF8FC8B336536366DC8535353F196B6240F1E6458BB058AEE39E3BFF8CCB64BFBBEFFE3316BFF70E16CA7551E5B2F2721445B3F893CF548D9C8CC38763B165C74E5511748B78DCA79F7C0C4F3CF608468F1C81F0D0508C17227AF2B147657958899704C2ED7FD8B0116969E9C62319B07BEF3EECD8B1038E8E8E5A5E1AF1C30FDE8FB7DFF827165C360F53A74CC6AD52DE8F3E7817375EBF50EF3B89D343D4DE3FFEF5CBEE7B6A6C3E5A44713339CB23C409F62EB6088CF65295C177B9AEBC1129877E99DAF8196964261661E5FB7BE12CB52B0FAE8BFC508540F690DFC3C52D39BE3F1B162C00BF5362309000C17DF467A7C1A9111BBEE3EFBC2134C60631DAB09E5E183ABA075E796C2D567C7608DB37266947B7F0080F5C76CD50F1170DAC3DED96A1B2B761842DC2D2DA0C1585B558FBEE014D275F70C540D48BABC0726A49F8299BB68A9131C78365D77F42062E4EB6A8956D35182BFC45366EA86F456E41B52671ED921B3E634CA8BA68243D5E3F8F792E38D858E2B0DCBBDDE25A192FF637035D8616216183F2694770908134FAF58BD60021C939F53CAD1ED5D5D5D82852DB450C852F2E7B1A3FFDC4E3521B9F3980B7E0F24B317BC674A9F92AB416E5F11910FC77A15E8C75EA9429B8E3B65BF4BA4FC730511E7F11B2A30A2009D070F91E9697970B09DE8B8B67CF306E792AAEBAE2725CB56081920CF761D075CBB6EDC6B506ACDFB4194D727E3E75BA7F2C0349F54C60396EF8D3427DB7E82E928C491227E34371833A039B54770FFDDF5F306AE448FDFB74CC9F7709AEBEEA0A7D5EBC6E12E3CA95DF1BD7761D25A2CCD95193EEBC5F989BAA73EF1017B87839C87B2DA421AA9895FE2FC1CF9EC6966F8EA2B2B816E63434351543FC81710AB624048A31338DBC30B35C5B4714F45BC44E9434E4C119BE6BD702F36FD11946E313C333AE673F10BF00174D375FF7F551B4092BDAD859C0D6CE5A7BC86E589388267123464F88C0076FED127FCC1753FE3408B5150DBA3FCF66EF6C8DE57FDB857629CF94291122A17D3536A18511B074626BAA2AACD9314DCAC37F9C07A5B8ACE1470223B998C90D8E4D2A45FF087764E456A348D6C70CF4937D0DC1ADCECB3A1B781C2A8E8DFBB2B16C7D8AF1DBDF06FB0F1E9617DC102C6300B957642FFD3EB26784948BD7C001884C909A7E76E2484E4ED5788685100C9B3D6FBDF90695F6E7C22D37DF68787EB2588A81B1D5E3DF01D6DA2E4E8E5824AEC0B9307CD8505C24C4525D5D23F700A815831C346800468B4B722E5C76E9251ADBE0794888DB4E228D969666ECD9BB57BF671075A8B82431230CF93C67C3B42917A17764A46E4F1C893DAACF8AA8A8AC404E7E9E1CCF5ACB396EDC580C1057EF5CB85208DBD3C35355A5B5EC177BEC9851B1770D65F9D5C84928D1CA84EF65483F43CAB8930801375F074365292E555EF26F401AC53995D8BD3A01760E56CA467C59D4E4E95AC817EDE287450D0F46DCAE74B918CA1C59ABEE0037960388FCEFBCB48E16832B63705FD8A2C24D643B395693280CBF00678C98148E355F1E5212222B32BB9379086672A1ACE5A7CCEA836C21A74FDED98D155FC7E2EA47C7C3C9D356FD4682637514A557206177365C84087A84BAA15F5F1F7978CCDD907F72523605B734B7C3D5C95A1E244B67026747A9618469D9BB5624882CE2CA48F92AAA1B50585287617D3DB1F560166CAD2C101DE681EA9A6634C98D56123C07D8FFC55AAE978AE3B704E3077413784F2CAD2DD5FF2502038244C2BA6A6D6B67678B6DDBCF6ED46C31696D6F55A5E2E4ECA43182AE60CCA81891EF75EA021D3B9E60FCF6F705DD8551725EBEF4E743CC88611A07E1B36D1675306FEE6CE39A7363FEFCB9DA4A43E24C3C9164FC562A98C616E4E6E4684C81EFFFC8E1C38C6BCE8DBE7DFB295170BFC2C242D4D51B82E2F1F189F23E1B62798C7D4C1A3F5EBF3F1FA65E344594739D3E77E69A5455767D402806414BB2AB74747E33331304F531BC2F768ED608161785E66A25B6937A300F7555A7B6607505A79046E2A16CD456366820B1D33C9406C48829FDFB8F0D436E7209AAA5B6A7B8A0612AC882FC9555B63C3CB23E13A7DAA586B79207CF422A64A7C6BA4678FA3961A4B8141BBE3D267FB3ED9DC3FD71F42ED9460ED1D0206E4BA427060E0BC28A2F63E5C19A61C907FBE01AEC8411737AA159540A37ACAF6AC2A069E1881CE10F6F0F7B79099A7464AF1E216E22C1DB34D8CA547533291753CB99A52AF7105E6EF6C6B472C335D018D98E6D29E5D87D341F23FBFA098199E2EB8DC9880872C64DF3FB625A4C885E42A9DC9FCA9A46540AE9742E0C80F2B35C1E4095289DEADA66DDF6B7006B85DCDC3C7D199BA416EC21FE742748141E6E547E2D2AB5D3334EF5A54F4683B1F5802D0FCE22959953D315D8D9DBA3B2AA5ADDA092B262E3B7BF2F5AE47AFC7C7C8C7F9D1B0E0EF64268361A0321B1D9D9762D57C5D7DB5B2B1FD6C4AD6DAD3FAA847A1A3B5F0C45071C1CBB962FC15C1955D282063916DD498284AB55AFDC7B4B2B4B25ECAE80DB65E7E46AAB566E5EBEC656BA8A8C6345FADEF09C76A2C67D420D2D490CFA07F47297EFDBD55D29CCA84055E9A9F19CAEE014D2387120076D2DA22CA486A6FD134A00626C6CC2ECD93F0087B7A569932779829B74928AFE4572503211C2905A9929DE6C52D56C41594D77C3D5C31113664561FD37C7502B8646C6E30BCC6DD984C7E1726A2A1BB170D1485494D661FBA6243839D92991FC202ECBC2C727C88368D45A9F893637BD320DFB572763EDBBFB70D32DC3F1AD10D184096172BA0E1D538342889DD148029CBA31C0D711F945D55A460E2DCA1B687CD61ADBE0A03D8744294C1D1D8A8AAA0684FA3962402F4FCC1A1B8AC76E1E81CBA7F4C49FE646E3964BFBE3D605FD71BB2C775C3E00B75D219FF2FB7D0B0763D2B04075E57E0B544A0D939797A7A4C09A67D8905307040A09095183A1FF5B595125EE598D71CD69A00AD440B53C1F7DEAC68B3E0F2E131FFBEF2FBF80179E7B1AF7DF738FF1DBDF0F343C4A71ED72D005E8BB6ABC14EE4BF2EF0AD8818BEF00F7E1313A732CA8167E245429C78F15E379C0B3D21E0883ED18FEB21322D3E3C8319988D7D0D0B566F9A183066AC21E03B0F7DF7B175C5C9C8D6BCE8F9443B91AFBA38DDA89C20E8AFA296EE51DEAA2F796EF404B633B724E9418D7741DA7DCE18C8442F179E526C9C90C2F9618BFBC68EC68367EDE006CFEFAB0484133BDA97A33C528F9A9FE96BC94FCCAB4DD38C0AFB0378D941314313FA2A9A1195E3ECE9830A70F562E39887AA9ADA942E404421386F8079B4E1BEADA30626C0F0C15A37DFD858D1ADF3097F7C7CAD214CB3EDE0F73776B4CBB7E08F28A4B31E78E91F00A71C66B37ADC0A78F6D85B3BD15AEBD76089E7F710B6EBF6504EC6C2CF502B3322BE1EFEF84DADA464C1EDD039B77640A9919A2C86C5161F9DAE5A5E1C3B61355B3FB709E267A3197C3C5591EBA11EEAED6281195B5431ECA27E2C6BDF6E921FC4B94D0BBDFC4E1BDAFE2F0CED771787F791C5EFA683F46DFB014B9856731E00B405A7ABA1099210988FD6F4EF7D7478E1CAEE3A3B28992E9DC59523B9D11BC58230CAF73D7C0969A91E2D30F1D3CE8BCBEF8FF179C7631AC2CBA02D6C23F816F89F1067512C685A2B3963D0D43878B1BA8F6C23398E09D7717D3AA0C2BCF011F1F6FCC9C310D93274C5017D1DADAC6B8E6FC48DE97AFEA9D15B157D0A9CAA6FFC41EB07660ACC3545CB166C46D3CBB3A3D1B4E218D9A8A7AED1B42A864978BA50FECEEE388C6FA46D494378A9F644898D25B4072E00DE08DD687209FFC2F44D32E4CD72612894A8299A5B6F6D61833B31776AC494093B83A1C8D9C7E0B9B67D97B8E8F9B29E6249149337BA3A2BC16FB76A58B3CB4963398889C3247B1B814EBBF4BC0C26726C0C5CA5EB3DC7EF8E020EA2AC43510F5B0E38B384C9FDD0B9EEE36F8528C79EA9408D8D858A0B4B4162E0EC2B801CE48CF2A975A9BE794F24A99D98AC3739BC9C568DC465D1513EC8DCDC7A8FE7E282EAFC396FDD9D8139B87A7DEDEAB4DC4D1E1EE9837310C574FEF8D20512E0DE2073343D456AE89FD57DC8468189C5DB7FBD7F73E4DCFCC56A5C71AD0CFD7578E7F6A5A3765B185B156A6FB525C7AE13547377E3F589A5B62A8A843B642D9DBDB69B0FAF1279E4195B87CBF07182FCC4B2D85A58DB9DA59FF2961C6350670D6421B3B4B7D9F989290117FE1F1B71F49E318FB7F70701C3118150DF283E4502F7E7ACF8101C817FF877E9A2637899D71ADEE2E864716FD31206A0447CBAA979ABD4E5C0D5B29E4DCEB0663EDD2232893DA9783F7980AB1F03CCA32240F35D876788B22183BB5173EFCC70E752998F04D22A1BAB1950B7EFBD5ED70F575C23F0FDD0A3731D88F1FD9A8AD288E2EB678EF8175F076B3C784F111484E29C521510C93C7856917782670B9CA368C653053B4336783B114CDD9901BDCC84C5271919CED2DE1EFE380C76F1B816F37A6E858A22BB7A7A14CAEE5586A197E103258B72B03C9B9E5983F290C8F2E1A0E2F371B1D098C933BD12D627F1B8ED3F16B9199912EB7A75D9B49434282B46FC6C9707674D20C48CA6B76F6CB48EBEE26FF47C3BD77DEAEA3ABD58A7BC96CD783878F60D16D7760F3D66DC62D7E3B146555C87B5AAD71C9BAB6460C9BF9F3C4B5DE314168A869520249FB0599A14A1A1C1323764B0AE6DC3412EE62904DA20C18372053B9FB39C1C5D316F1FB45D25B5BA87A205DD0255135220BA55EBB100AFD282693B00DD83FC405F3E478D73F380193E6F5C35AA9F91B6A9A6121F29F2D2406CA919F240C2106D6FD9C64E9D607262235B110077667E81406EA73CA5A06312D2C99CCD3847FBDBA4DFC342FBC7AFD724346AAA5B996ADAAB4012BFEB60B77DF351A33847838C87071492DA6882AE817ED8D0517472345589803F070D8401DB9DCCD4E7BAA4E1BDF03B3274660EA9810CC1A178E948C723C2BCAA257A8AB8E48EEED6AAF2D23D65206A6423736B7214988F4F9F70FE05D714BA68E0CC575B3A330634C0FF879D8C9353139ECDC7D11CE07F695C8C894FB6E69A81998CCD5D93FA413EE1E1CA13D5454468B3E07E652B0A9AE1B7F1C383939E31FAFBC02773737CDBF60C09681D7871E7D1CB7FDF96E6CDBB14353D27F0B6CFF2A1EB626563ACBA1B7872B3C835C8C6B7EC2F8ABFBA1BAA9415B368BCA2A50947D6153752869EC5A158F0DAA02AAD137A607265F31087D4784E0CFAFCCC5D34BAFC5C7CF6D109FCA122DA21E480C6D523B33D049D7857641DF89C1155B276BB8793B20A8A71716DE3701BD06FA638818A0871051694115CCA590745D0C1E5E2759C83F2111CAF946510403460663A39487C4C5E09E12926CC920255B66786E9F00839F66EF62A8753BFD53DE845DDF26A043882BBCA79BEC63AA599DE3C78661DAE49E18C39EB25323316E6408A68CEB81417DBC1115E1A199A4F12925D8272EC88A0DC958FCCD511D7478EBC11C8C18E0077B212492048FC773D17DE1EF9CF1CD5B08A249CAF4CED7B1F876530AF28A6A30B09717668E09C56C39C7D603BFBC6310D38AF30B0AF53E30101A1814605C732AD8078339272497DCDC5C7476E0EAC61F0741F2EC9E79F2714446466A65400406F823332B0B2FBCF8373CFED433DA09EFD722767D0A6C1CACD44DE931E0CC2D503DFAF9E8085E740C6C618D436B928D6BBA06531AFE916DA93A18F0814D4958FEC6766C5F1187BFBC7D29864B6DEDE6ED88EB1E9A8251337B63D2E5FD31FD9AC1987DE308CCBB3D0657DC331E57DD370E57DF3B1E178B441F3F371AFD4785C027D8552CD9780601ED9DC4221667F446D86221EA41B7216130FFC00C834787A24654CA66210D8EDD41462365304F84CA8663657096B57997F65797E28697A68A41B175C770322B31EE9423F9D8B5E204E6CCED8394B412AC597B420C4EB95131697C1876EFCBC61E21841DFBB2B079473A62138A5020245121F780238939DA5BA9A2609EC6BA1D9998333E140919A5F017426C6939E9C204BC060B7353383958A34E48EF6872093E5D2DC425DFD7335FBFE997AB8DA2E222D4371A92D94808BE3EBEFAFBE90813A541523113D78A636ED49E9616DD8D3F06820203F0F2F3CFE09A2BAF906754ABFD4CA83A98C075FC783C9E78F2193CF4C863F2DC7FB95B5B985E29B6648E5679EF7A0CF8A9AFD0C9B077B5416098A776ECB411577CEFAA9FF254BA025376712F2F96DA5164F54221873B5EB9180327448832F829505353598F0431B24352936E5A1E8B95EFEFC1672F6FC63B7FFD1E6F3FB2066F3DFA3D168B1AF9F2F5ED58FDD1416C5F790C6F3EB606B13BD3B1EA9383CA1F0347F740A3B827DAB4C51A5B3844DD0E59C7C2F71D168CC131A178FDC91FB4C544C7E0602C83D4411746544643631BFEFC9771422C0DB8FDFA2FD061698A2B1E9B809A52C3602854004C8679FFFEB5B0B630C7FD778FC30DD70FC3B7DFC5232BBB02B97955F87C692C6EB87A304244B63166C24E6DA41473EDB569D0403C17E3289C802921AD0C6EAEB64A003D7C1DB5A5E24C20A9B1BF8A839D05AE9D19A54DC45BF7E768B098B3D177AAA10BC1A1234785C4D853B8035EEE1E67CD5D0809098615631DBC4FB26D6CEC61E39A6EFCD1C044B43F5DB7102BBF5A863933A76B9C83791DAC141C1C1CE499C7E28AABAFC5D7DF7E6BDCA3EB483A90AB7147BE031636E6E815136C5CF373840AA1508D305C50927981EE495D7513FC42DC44DA5B60F3D24358F2D206EC5C791C2F2D5AAA999F6545D5F8FCD5ADA82AAB456579BD32189B73EC1DADE1222A84B9EC74495CDC1DE0EC6E0B7B7151189D8D1A1288951FEDC7472F6D4296487F374F7B8C12D78064A18381C8C9D54151FB6CC7F4F9FD34B6B26D5D229C5D6CB58F080D98A0BDB536B76B7F940917F5C292C5FB112B3768B3A888E9370D82AB9FA3BA4E848DA395104411F6AF4A44CC9860EC946BF8E18713D8BD374B5B4E366F4FC357E27E70D4F1A913C230415C155F2F3BED7BD2748A2A10BA1235C4806E49590382FD9C747473954AA741B311C5250A0B70C68C3161A811D2B3B1B1E421B06A5B1A0E8992F97194B00BC0891349DA94DA2244E5EEE90157D79FFBA704BF0FF0F3D52659F6F2DCBE73AF714D37FEA8B0B5B7C39D77DC867FBCF222A64C9CA041F9BADA3A1DC888CB3BEF7D88F73E586CDCBA6BC8385A8016A9586963D6527985449F7DC4F188C1FEE0F0066C8D600C3233AEEB43009A16A4976205E711D99381FADA16F1D54596DB5AA238BF123F2C398C6FDEDC8509F3FAE928E3E652B36B2F52A9D1D5748C06CF58039B2E69DCFC9B391001611EC816A9CE74F3CA925A241DCD07C79E9872991C4B24BEE6BF930C5ADAE1EC668721A274BE786B37EC8470D80CABAC42188D8DA9E131E37BE8EF5F7E7C4088C5068BDFDE0D07773B4CB8B29F0E61C6425125B8393AE3B3C736C3D9DE1AC1E22A31C18C6AA1A8B01691E11E62D4CD58BF350D1BB7A6A2A2A20183FBF9E1C605FDD4FD282EA9D332F1CEB37C74AD9233CB94102A850C1CE56118D2D10DA0A1322374CAF0204C1C1E28F7A70385A50D3ADEE8D1A462047A39A24E941453E32F046C2D292D2B53D260AB88CF394686622DC5E658068959932526FE7B4749EFC62F07BBE5DF7BD79FF1F4937F4540803F8AC535A1EBCEE106BE5CF6B528E365C62DCF8FA28C4AD99759C4EDDAC7C4DEEDECB91D3D870B6998339E086DA02848AF30AE393F4CD9D468C3E1C96D3962B1D81D9BFCE540AC299D4439FC20EEC584CB07E877ED5299B79BB2B615A391B39930218A2422166E224C492A61EE7EAF210128C828456D65A3924CA618CF00914ABBD726E2D8DE6C5C7CE3102513C628CA8BAB71FF0BB3502424B5ED87C41FBBEE1A5A650C6569935ADCDDDD1E975E33043B36A760E2E4484C9DD95B9487A7D4C6459871CB5078048A1210E324380072F689526CF9E408EEBB6F9C1CC29038969C528C90401725167BB95E2A8BA30985F86A550296AF49C298C101B87FD17084FA3B69AC84528F6549CAAC90BF4D10E0E928FB59A94B43E2600CC3C1D61A2FDC3D0AE181AE3896528A2FD625238E5339C87AE66E84C8B102BDEDD575BA10A4A6A7A3B4A44449835DA5274E9E685C73660CECD74F5B6BF8C23112CFDE9EDDF8CF41BFE868BCFBD6BF70E7ED37EBF3A68BE1E4E488D7DF780B79F9EC397D6ED063483B92AFF6D82236D86F620FED437636F845B88B7DDBFF58D1A7C7757DE43753361FAA0F6F30553A0CCA09CCA560B771CE7770684312A245C63333D4A49D244183E6468CC08A93A1BBCABE721CFAF011D17E38B63F5B0393661626282BA84695D4E8034787E284D4C0DBBE4BC084397DE1E5EB8C88BE7E88ECE78B4DDFC5EBCC6B8651A0581E39243FE43CEC421F332E14B93995080876C34D778FC6D5370CC3ED42081C04C725D809E3456D340A01B25C6C6DE0540AABDF3B085771A3E6CC8E467E7E2D32B32A101AE26A28BB94952D3296B29D9D101573393E581A8BAF57272042B699383C5849C4C3C55AC8A34DF335C60FF597ED9AB58F4B656D232EBB28024FDF3142DC8F627C2E84C8D6160645D9A396E5E6F1796CED9A7F81E0C8E324015E8B95B5158EC6C6E29B15DFE1ABE5CB65F9E6A7E5EBE558F9FDF7481192E1B817DC9E2FC1B1F87F4FE7B26EFCB6983F6F9E0E88545D53AB158093A323967DF58D71EDD951535E8FC2CC4A7539F8EEB3C3DA9A77F6E3DB5777FD6C59F18F5DD8F6459C0805434F769A5BE6B1628D2D7605A694EE6CC6645E01FF913668549A192AFF5970BA199E81CEFA1D5B334C384AB06CA3C627309A3838E3975F30272A6A5077A1B3431893BBB67D770C03C6F68083938D065E37AF8843589437FEFCF4547DC9BFFBE4006CAD2DF5B86421CDCC947F3CBA9DB8043BB7A4E1A15B97E1D13BBFC1BD8B96E1BE9B97E1DE5B64B9F56B2CFBEC10AE7C688C468D7F6C491125C131128F6E4AC14D8B862127AF123672FCA3C70A10DDDB5BBBBCB3FC1A8A95FF9672B399365E55DB84EFB7A462F7E15C1416D761D4403FDC7EE5202109A6B39BE1D93B47A177A80B5EBD7F9CB82C4EF8DBC787B0666786AE77B4B352A2E03D6339388A57567E159284AC2E14F1274E68649D65A454FDECF3A5F8F0A34FF0F1A79FCBB2E4A7E5B3CFF1EEFB8BB166ED3A1DA487E7668A704ECED99B7A0DF7B56BE0F81094CC1C8794A35E75827EF34FE8FAF10C3D8BFFC030BED3178E9FEEC12F3D4227664C9B8A9E11E1A238E49D13A599939BA7CFE15C28CDAD464D5983D4E326B0167B8BDD9C8EC5FFB71E4B9EDAF2B3E5B327B6E08BA7B7EA40C10C3990688A33CBD54BE80A4CFB8882182FEE0787FFD2F13B694672E3A812B42399D47625F2E2536A734224E10CD9C4D8642ABFAB3010A3E7AD62EFD369570FD6002883A1541DDC486B4BA971F74B6D3D6C4298BEB4D515F5483E96877031E0379F5A8FFABA4698B269942FBD1C8BC76F2741C93FC6591A1B9BD022EE446B738B2A1E76086BD79EACED58F9751C6A65DBB9778D447589B12545F6E7B066FFBC7535AC85EC82839CB5DFCC8103391832C01FEDA21E38D298216E21D7A9D740F210E5214CCD818953B2CA7532A42FD724E05F0F4D4044B00BA2C33DB0F8E969784FCEF9D06BBB74B268E67970391924A5882017A4E5566A30F54271F8D0E11FC7BBD0B89180B930675B884E12E7D81709423AECFDFA230C8F563FB4AF5017F1F77FBE81F1932FC28CD997E0C65B6F377E2BC791676AA8643ACBD7B56372F01B92DAAF35ACDF0B1C6782D765FCEBA4DFCF0DDE03DE0B425EA71FC151DBA3070DC5C0A131183966220A8BBA1670E4A8E91CB087A4C18E881C55FD5C483B9CA7E3E0680F7516597EB0572B33B8CFB4A87D69A7B60E4D6FC84FAD40614AD75C5A534EA9D8536A53CE92C64E657A93E4803459551642240C0C166494212CDA57FB91E8CD64A1C4C6F57D919BC40998A3470623E14096DE3C164A098672C558B0A29C72588A02E0A44AECBA3E536A709E6FD7BA24383A1A460AE3B979D19DF79D464DF2E09804ACC5C98A3AC51C2F5C162A25E698ACFDEE38163C3C46FBA8D09D20AC44A1E4A596E1E0EA645C76697FA9B90DA33B151454C1DBC7116D1D0CC692FC486C72CD525E9687F79C44C5291939C749B9B8565FAEFD6956AAACBC2A1C4F2B83A7AB8DBA477AADA7A15594928F9B1D0A4AEBE1E57EE66900CE869CBC3C343637C9359A89E1B78203F0B05584CAC3D6EE0C8B7CCFF51CA087DB731C8ABCBC7C1DF4A5133A7E279FAB2C8CD2333FA72B607ABF7F4000BCBD3C11141068FC167075711165D962385E5D9D066EBB8292B252AD80FEA8B0B3B5F98904E5B1F25E7505159595FADE12EC02CF1EDB849B9B1B02FDFC34B9CBCBDB531B00BA829A9A6A2566123C9FA799E9B95DDC13FB7235B99121022EECDD7AB6854998EC326FEB64C81CA51D5557D6212FFDB47968CE02531BF1F9930FE5E222510864A956AD15A50611A3616D4EB140D97F58247BDFD1A172435928F9928662346E1A1E47F10A087347F2913C0D721AEF1FDF3A250F1EA7A1AE1935158D70F77680A7AF232E12435EFAF61EA989D9E1CB50FBE8D080DC4DFE19F238A42C727C133929D790C4F82DB7D36EEDB295958D39562C3B8A7629C3FCFB63502F464E704B5B7B2B2C7D7EBBFC06EDE9CA099D2BAB9B0C83F2880B61A89D0DE7309CCB703D1A9F91752437C635DC9D6DB1F5500E12D2CBB0725B1AAE9ADE4B5D1236959D0E9EAB455E0E1F4F079455D623A6DF9993B2CE866371C775AC07AA3C1AE5FDF7DE83575E7C0E2F3DFF0C5E7AEE0C8B7CFFEACB2FE0964537FDE80B9F3E423913C3CC85184944CC484C4AE95A16E0AE3D7BB5BF0BC7D3080BFB692C8FE0C040796686347F9E335194CDF9C0E9127440602A23C363FEC3C1C2C20A9E9E46E3960779E4E851E39A73233E21514D82DDDF3DDCDD748E152258C8822A966A9BC316242777EDBEEF3F74489526DF2F573717D8D99FBBE239B42E453B85D6D73463C49C9E7879C78D787ADDC2332ECF70F9E15A3CB7E13AB8F9396843839585250EAFEBDA708E1AD31832B9273E7F79132EBD638CD6B0CDF5AD70F5B64779A1B01D6B76B9199C6D7DFBB7719830BF9F14CC3031924E0B205293FD51DCBD9D34A6515956A76A8037DCC0D7F276F0006280249F435B5310DADB1757DC3E4AB7FDE1AB233ACC5F3BEFB8323C771283E501480CF2A9E792DF4822BACE786E1D514CD650113088FAE9E27DB8445C144F7145D83243D83A5822F9601E762D3D8E5973FBA81B51284AC3CBD35E4981C76302998EF921903368994972754DCD70177299240AAAB4BC16474F94E0AB0DC9F8E0DBE33AD6C68D17B3AB78C78F430276822D2775A2DA4843574EEB85C1515D9BA1BB13CCEA646DC7C5D1C911D17DFAC0C7DB1B01FEFE675D38D667AFC8087848CD462264EDCF7E2B9D888C0C878BA883565122EC3CF5F2DFFE6E5C73762CF972A98E5942894C793C6ECC58E31AC0D3CB4B0726E67C2224EF4F3EFB5CC7DB3C17962FFF56D50F0DE88F0A2AB211C386E9FD638C68CBB66D421C71C6B567C6E123B13878E8883677F399F5EDD3D730AF8F20383858542087D86B5512F8F093CFF4FB7361EBB6EDC8C9310CBCD4228A93CDB20C729F0B59E5C53A921DFB8BF51D1FAA9D39D94272B6C537CC4D47F38F1CEEAF95B99DA88E1DCBE28D473B37F4E9C5CCEE83E1D322717C6F16864CE9A9BD533DFC9CB52F8A8EAA25352F3B6BA51E2BD06EF29438ECD36130E676D9BE19BD0607203BA9C4207B69D86230AA066886ACB5655B1A24E550716E39C6CF89C6AA4F0FEAC44794AB6C62E5365AC3CB86DC9FBF185E2F2A1EFE4697C8401C9AF7A0E7D1CDE026AEC277CBE26029AA20E6E2DEDAFCCA6311ECCCB6EADDFDF076B1434C4C30F272AB35B8AA2D353C8CA194FCC5B08FFCA72209957B103328003FECC84474B82736EFCD86AB8395CE4EBF715F0E9232CB7199DC2F3B5B73ED1E4FF0A5610AFAD5337A6340A40716CE8ED2EFBB8A26794972F3F38CAE491B0244DA1A5A94CE0F66147A7B7B8942E460BB1D48CFCC32AEA13BE18A0913C669976C1A0695C3934F3F7B4A70B313725BB16ACD1A2CFB6A39DCDD5C512B12BD57644FF489328C4D4AB09BF784F163B4C2E0580F59D93978F99557751CD2D34137E69F6FBEA5031B53FEFFD13169FC58706A0682D7F7AF37DE4262D29953AD3945E3ABAFBDAEC4C967EF24CF60A2DC979371D51597EA044F2495E2A2623CF5CCF3670D6C1E3A74186FBCF39EDE5F1E8FCF72F6AC99C6B567C6A1F529B083B855627BECDF151875E6F4F133217C903F9A1B9B6126EF6C517DD73243F56D64C0E4FAC7A78B4F648EF0817E08EDE32335B4853695AA918A66679E013B9115E757232852E41B7D211AB9487C4E6F10DAC70B2744BE33804AA353A3979F6A8CD4FC84F049B3B822A3C5A0483A3BD7246AEE3B41C3D7FD68C4F283718AD2C21A21AE2A9415F1B31A25F2C9EF4AE5B3443F6BF5772EE525F528CAAFC23B6FEEC482BF8ED3B66A553902BA4BC9FBF270684D126EBB7524B2732B35DF42E76311E3523747889165E6B93938F1005107FD7B7963F9FA2444043AA3A8B45ED58521B80B384AB90F1C2FC49E6385B8E2A2489D74A95ECE49CE614D7AF3BCBEF076BFB069120906BDF272F3953438C176787898F62BE90A6CC42003FCFDF4771DA13C2DED94CE6BD72DBC5A0CDC4A0983C3E9D3F5B8FFA147F0F5B72B703C3E5E0D63EFFE0378FCA9A7F0C69BEFE8C3A06A69696952D7E774CC9E3153550E87C82361ED97DAF69E071EC4A79F7FAE83F3EE93637DB362251E78F8117CBB6215382CDF1F59657482031B0DECDF4FE3191C60989D0639C114A73B88157785F795E9DE1F7CF4311E7BF269255E2A810A515A13268CD75EC72763EEEC590811C541F562B8EF7BF0E0238F61FD864DEA4272F024BA776FBFF73E9E78F6397068463E738EC171F97C4E2179EE2107F7AF4A82BDB85574339C3DEC11D4BBEB534486F6F796774D14BBBCB876B042E2DEF377B0FC31BAC2D60E670F3B1CDF9D89DB5E9C85C29C4A94FE7D3B9C7D1CC0742B1AA08D9D15920E6461D0A4089C607F0A21010ED9B7F0FF26E1CBBF6F3510006B7F1ABE18A1928DC18AF41C4CD5EED9DF1F638434BE7E772F8AC54D7072B553A3A5356A70553E2BCBEA3145DC20E66F68CC408EA5E6AF0C64000FCB2011D54E87B8C83C678B7824765206067AC65CDE073BBE4A80935C135D2C96FFAB9777E3852DD763EEDC286CD8948298618158B5EE84A6BE931B9BDBDAB483D99431A1DA0D7FE58624396E07FACB43D8B23F476A7C294A1B0D89E733D1795FD3B22B7440E22BA6F7C2AA2DA93A695249533D9E7E771F5EB96FAC3C90930ADD05B069939319A9DF2FF017A5D155D0B50C0D09C6D6ED3BF4A54B4FCB503F9A815282B4F8CA0BCFE3C147FFAA64C2F12FCB4ACBF0DEFB1FEAF36259194761F77BC31C22ADA8961AF1BA85D760C8A0817A8C93C111B6FFF6D2F39877D9023508D68E35D5D558F2F952AD25F97C34A02C04E6E6EAA25DF6CDF89D5C1B9FD71F1574B9FFFAC843B8EA9AEB9408D8E4CD7773E9B2AFF0E5D265EAAE711C535E1B49850BA7B21C36648890EBCF4750E7F11E79E87E3CF0D05F75A63706ADE982BEFCEA6B4AA40C74733065B531516D266295548423860DC5CD37FDC97894B32337A9545C130B6DB0F00CB1D5F86257D163901FAC39F1BA54FED61652117E9F845EC3CFDC9BBA13A71CFD4F8F4F4573430B5EFFCB4A78FA3A63E845BDE013E40A8EE8C52EF17CA94A447D70EED4E09E5EDA8E1C18E6AE69E295A575F2B21903A07293A828749C42F993B33355091188A7838B6FE4E8CE2658FAC64E4D19570B145E2068884C170FEAE18E9BEE1B8F11E3C231606810068E08C26059060DE7673006CA2753CA675ED2176326C93603033072540F8C1DD703FDFAF9A9AB70FB5B73B4F5847116C256DC8A235B5370786D326EBE79848E72CE4994B4CBBD180C035896F2325C3CAD9794B705AB44F2F1A58F08729732B523471416F98B1DE9D83242854270C0E2CAAA267CFC5D3CC60D0D44BF084F6DBD49CFA9405ED1858FCE94949CA44A802F2967E3EA9CE3A4AB080A0C82995C07F7E7485E1C9CF664F4E9D31BAFFFE35584F508155553A1D7C8DACFD1D15E89C2C9C949FD71CE2BCA87F7D003F76BAFCCB381FD24967EFE29060E1820954283BE139DC7E1EC641CF897E0E0C4ECC2EFE9E1AE711212C8E92D092C73E7A227EF0AE4F1F1BD3979E90A0CDB1A9A1ECF94ADCB9C9CCF3EF950E31B3A676D63A31A3B1515631D8E0E8E62F076DAE18CD73C67F64CEDC17A36848785E395979E5352E7B8AF8493B383D894A912B5AD9D0D1CE4BE3536362801733472CE4B73BE314F8B332B509455295E82A9A64D746552E793C1F003E743610308BB7F7465CCD09F4DCB386862381C9C6DF08F3BBF86BDB32D82C5151934210279A925282FAE5557860F2A6C801FE2F76469A6684176B9CE2A4D52A1BB4217A2471F6FF41B1D8AFD9B9231784218068D0B130272C1BC453158F6F62E1CDB9BA9FDFE69B0ACE6492F7C88ECE13AF38A81E83B2C08775CF2117E5811872DDF27602397EF8ECB673C36AC3A8ECD3F9C407A4A99B82CB53828C77AEDF94D58BFE604D6CAFA43077230636EB4DED0E403F986D4747939A84AD20E17E0F2FB462129B51469E9A5F2825B2135BD0C2EE25E5C3CB3378E9D28466C62B1BC14E27F0A11DE75C3507CB93A0135F52DB85AD65F33BBB7908B09F61D37B44C903BF89ED637B6E28410D188BEDEE2AAD8E9C03DECE41626AECD8560DD0F1B919C9CA24AC1D9C901D75C75E505497A1AC096AD3BB409942ACD4B8C748048ED934163E6140116E616C8CDCB4392B825242AB68270F46B1B2B6B796927E1969B6ED0C980CE07D6B49CFC2730D05F95526A4AAA48EE2254881F5F2D06E2EDEDA3D348DEBAE8464D3ACBCACE52A3F4F5F5C6A489138C4701FEF1FA9BE2F636699F9B98E1237406F5F38123757FFEE5328DA5D0B59B3C792202859CCE07B66230598E6AAA54D4D69FAE5DA83187934125312A66A4AABD4271218E27C4A3DA38323B9545AD10EB6859BF48D4C0FC8BE71AF73A3BD84C1D337284E6D1C4279CD0B14FD8558144C1C1798AA51C51BD7A61D10D7FC282CBE7FF184C3D17328F1763C34747947C2A6A6B70E3F353E1117061EF5C567C1112F7E4AA1B4F5BE488FFD6C6B001F9FBF469194D84D5CF48E9B1DBD2F0F7BB966BFF11F6629D76ED10ED0D7760638ACE123FE1D2FED8B3F604068D0FC3AEB589689603D2FE59F871F3A371D363D35057D3888DCB8E222DBE0015A5F578E0F58BB5167FE8AA4F74EA0253710118EE603095E383729E14B61DBFB5F2267CF9F61E2C7D6F9761A01D3930678FD7CA87AA5DC8852D142DB2C8AF888CF2C5485119BB7666205B082025A5046F2CBE12FE2EB67868CA6234D5B66A6A2D512DE57870C9A570EAE781D7FFB90BFF77FF387CF5ED71F8FAD863F5C65454D43408C958EAA85FE346896F6AD681551BD3A4E6B4C6BA0F2F37C478044FBCB90719F99CEF94B107B906294B93288C1AD96FECA00084073AC1CED60A13879EFF053E19372CBA0545620094F7C3870FC5630F3D685CD375DC7EE73D2A7FD93B3632A227FEF1B7178D6BCE8C86FA46A4A4A7A901F9FAF8C0DB537C62C365FE22B0E6A4EA68E96885A39D83925EA702E8541252BF6B4571322132E8C7BFB9DEE0C29CBF10DC873912DC962D602ECE2E6A94E7836116F932254E96F7E4796ACF06AA8DDCFC7C550A6CAD62D099FBFF52F058B1B171AA5438E136E780E5B4141782556FECC5470F6F04C7E26516F6E2CCFBE0EED7B569173A11B72D1D778D7B073E5E2E6A6B8F7D770522871B72729896704BD46B2A0A9841FAC0A7F34F754F4E46FFB13DF0F69EBBB1E899E9DA99EDBD27D662DB37C7102E0A234A5440A330CF9839D1422AF57072B5C1D46B8660D153D3F0ECD26B953008469EE3F766A9B1370A8130857C87D4DA745538A319BF37280C060B20C4528B990B06A97FC5161AAA1AB22D0740E55817ECD7C10995D89AC098839DF87136E2129D905AFF9DD7B68BEF698911A26EA832D67E2F4410E18E81E2BE90213BC1710656BF770091216EF8DBCBD31112EC8207EE198D5DFBB2919EC597C84C034A541A21FE8E58BF3503D1911E1831D00FA5E2A6119C28DADCC204413E8EF0F37480AF879D2C0E08F37746FF9E9EC82BAE4190AF1396AE4D425965D7679267F43B39254D836A7C910644471BD75C18428383757F4EE0CC0C440654CF051B5B6BF4955A9DC13F2671FD1AC22068F0F6E296B8383AFFCCF855F19144847C4F5750868184E4F9CA33EF0A6110DC8706C719D3BC3C3CBB441804EF8DAF2820EED715C220E89670C0A3C103076A00F8D71006E1EFEB8B99D3A762DEC5737494F90B250C2223AE5087C264BF91F021BEDA747AA17074B38713BB2C48E5D7D2D4725E17E59CBA973D5D99F4F5D4B2EBF1D28A1B31EBC661FAA07B0F0DC645570DC2FCDB6370F1AD3178EEABEB71ED4313B50B7D70AF9F1E80A38B9DF84966F861E9617171C2A550EDD8FC350796F9A9E661B32C0BC1D803DD8839A268BEFE600F7233C475B0B712792BFE3D7D8076D624861A9D39186CC9A9AD6D1235D3A4DFB393D8813D9938202495256EC7A25B47E9F1E7FFDF281D4A908C4930269172300F8736A4C0CEE6A71B3C636A4FCC99162935A3A5D4D0ED080970D159E22F9F1585406F27A46654E0FE97B6E0B3550978EBCB58AC1676DE7E384F3BA9ED389287DD4773B12B2E1FFB8F152036A90471C9A5F2029B8ADBD2B50C4022252D55DC0AC358911C6BB577EFDEFAFB85222666B8DC9B7A35BEA2C2229414772DD3AF1BFF59A8AF6E425E5299E645913442FB79E37CB3C09F092E5E7608EAE5A1EF1C6D2B33FEDC93629D93343AE1EC6E873E234230FBA691B8ED85999875C3308408397034E390DE3EB0170571368C9D172D4AC416972C1A81551F1F405672B148294B250B064059E3B4494DC85C8F85F71A92872A8A6A1110EA2A6ECA0D98BB70B02A0506CD982549C5C13960FB0E0EC00431F28BE6F4C1745966CDED8B05B2ED1C21AE71137B225B4887F00B77C7E8CB7A8B7433D4F89C82817D58963D6798BFB3BAB6116BD625E1D57FEE444E5E35268FEFA1C1D01993C2E0266A67BD90C3CE83D9AA2EB265FDD6FDD93A0607550E7BB072FE562E36425A9CA18D04E6CF56A89452F878DAC2435CA4AE62CBB6ADDAA24137C1D3D3FD825A4E4EC6B061C3447E372AC153B227249E3F5BB31BFF7928C9AD448E9006BB68507987F6BFB0CCE34EB0853128DA5BFB74B11B46C69142B1B9B3770BE81269FC1A440D0EC45D2FCFD63E221F3EB74147F832382572724E712656C65EB67E212E9879C560BCFDEC7A24C6E662F69583E1244AE5BABBC6E2D29B8663F61503B140486BFAFCFE8888F2D666BCA2FC6A51156548901A7EFB96547CF3E511BCFFE60E7C2A4AE5D9277EC0F2A547B41975C123E361290A824C4AD0F5D9BF2B055922ED92D2CA5052560B1B295F5656053E5A7204ABD69F406D5D0BD66E4943430365BE19D88A65239F1C48884153114BAA9C7E822172CF5884AFA73D0AC4D5AAAC6ED6D695AE62F79E7D7A5F2AABAA743E13ED2FF20B400DC77E22F4BD793C1EB71BFF7D284CAB40B6284956AA8CED0544BA19D75C3882A23C34219236727C5B262A0A8CC96752B973C8090ED5590F4E37D9F6F3D693DF1A4C180B0CF7C0AAC5FB10BB3313B6F686082DC9828954FCC75EA093850CFA8F0846FCFE1CF885BA232CCA47833BE525B5F8E2AD5DD8BF231DC70E6423510822536AF182BC4A9496D4E9D48DB5E2A270B83F364F31026C6B6FA9C65227EE4B4E76A52A92C2D47224EDCF85B5A8232D57BB39D28F16E0DA07C7A1548EC1418539DD818383B5BA27CC300D0A70425246A5AA9B0E792A2C76A3105C9F080FA4E6541A5C7FFAE77A44DEDF0E6D8E1D35C05FE74519D1D71723BBC8FE6D6DAD484E4D838F97B712C6C8E1C3D1BB57A471ED85A34194065B0342434234159D6DFEDDF8EF425662319A4A9B7552E7F0813E187559F42F724F08CEED5A5DDA28C4E3AE794E232FE90D07171B55AAD90986A131BCBC5D307466CFB3B79EFC96600EC7D3377C89A2DC0A5508AA6F8430A83728E739C8CE927DF760DBEA04BCF9F85A38893B34EB1A511AE2D65455D463D907FBB4B9D4D482E6C95610A9E1A5AA67C169E034544B210BED15C86F59E38B298F9ED0035B36A6E0ED8FAE40656A251E9EF6B1F67F610B0F150107567D76ED4258063961F386147CF1F55138898A68956344F5F602F3483834E0816385B0B7B7469B1CB55DC863E2C820EC3C92A70462222E49A75C63E7B6405F7B784AB9B71DCAC3E72F4C47B04FD726FCE56360993A633DA707092F143C5EE7A3E527038CDDF8EFC28F3D95B5F2950F63CBDE2F058F6750CBF2BEC87BDD093D0FDF4B798FD838F1EBDECC2E62C3B223C8482CD20B6312155501A3B42DCDED282FAAC1C5370CD3C140367E15ABBE59CCE49E58BFFC285EBC6F05F66E4EC5A8493DC5CFE70D22D1C885D1A0C41E1807F1F275C4CC79FDF5780C9872E6341A092F8C199BCC5578E78DDDE8393200E31744A34AD409E516C7FE681417E4A3BF6E42A89F13A2FA78C2C3C3FEC7D1C639F6C6A61D19888AF094DADF5EDBD3CDE4A88C379495D523C0DB41632C1A9B11F0A3555899FD55E2D3CA71FDECA82E1306C18745C32659FC5AC22078BCCE637513C67F27D480B90859FC5AC220782C1EE764C2203ACFC14FFD5B7FFE8EA8A96CC09EB509DA2C6BEB680D3B59989D692B6E000730F60974C1823B4661EBCAE3B0B435C7DC1B86EBD080A585B5F0F67541765A29EC1DADE0EA61A7FE166F0D0DB4AABC1E4E2EB678F0B999B86AD17078783A68162A099142C44248884DB7BC4066BBB1DFC8C5F7C6207CB02F027A792030CA1311F23BB35D930FE461C4902084063133AECD7002F9EF2EF26CC50F27306A70A02A9D36F9C76629E663B0795789DEB0A91295159B6B65F71E4242375CFCCB9A4BBBD18D3F3A7E77F784929B4921741FD4BA3A21C6CD7C0B0ECBC7AEB90B635E5337E5E9C557E2E8DE4C6C59755C13B8B80BE310532F1D80CFDFDA21BF5B81B3BF47447BE3FE6767C237C030ACFFD60D27F0FCC3E2DAE808CCA67076B3D51696B5ABE2316E5284C6396EBF734CA785EB3E945D9462ECF64F6CDF9581C79ED90807676B0C88F6436A56B9E6668C1E1E846A295BACA8252689798BF288E8E18EF5BB3285F82C741EDB7A59EFED618BD9637BE09249E1BF685CD06E74E33F01BF7B20943299C119B69E309ED0B950E6337FE3C4913C6C13C33EBA3B13B73C3E056F3FB55E8D7AFCAC28241CCE57E5C04E710D421481E19EA8AE6EC00DF78EC3ED8F4CD164B14E048B11B3D973F7D634915880978F231C9DAC909F5785BEFDFCF0DD8A63484F2FC3F163F9D8BD371B3BC4E05DDD6DB176433212840CBE5F93A0EE0C07182E29AD87AFAF834E1ACDF94C720B6B103324007945B53A7646496523268F0CC6A1F822ED6CC48C42073B2BDC77ED604C1F15AA64D88D6EFCB7E277278DB38135B6A3932DAA2B840C22DC5122C6DD50D7826431EAC2EC0A9D2680533CC6EEC9D06DD971EEF2452330EB8A811830FCCC3347F51672A03F76787F964EB844C5502C6E4E5884078EC515A020B74A08A204A9C9C538129BAF81CED8238699F2BF5F73029C152D44CE939E5E0E5F219DDAFA66B0031D83ADB50DAD1831D81FC7924A8448DA1133D01F87138AC0FE369CCB756A4C302E9D72619D85BAD18DFF44FC5B5A4FBA024E0F59905589F88359A8969A9CB3D68F9C14090F76CDB7B280A30BBB10772DA0979D518655DFC4A9CAA0C2E1644699A2323A5B6E74DC53B96C27671B8C1063DF2BCA63842887152BE371E55503F0E55771888EF64171591D0AC5B5E25CB0354228532786EBDF7B8FE663DCC8203470DE9494523409A9DCB37030E6895BD28D6EFCB7E30F431ABF0798F895975B89679F58077B7191D84D8AF1070D6C88BAE04CF0D3A6478AEA2880BBB82A2666667070B0425E418DBA50B50DCDC82FAED5EEC36DE22771E0A0CBE74663A5B834754D2DB8E692BE78E38B23B011B7E6A367A722F0025A4BBAD18DFF54FC573BDF41A16EDA52C33142080EA843BED01616015B44E2138A316448000E1ECE852B9359841882039D35B5DD446E0F9B54C9AB1C5E902D27FB8FE422667080E668B03F0B6769EB27EE55376174E37F05FFF511BBFE03FCD1B3B70FAAAA0C23940B0B0871086BC887B9A50952928AB5F9D4CFD719078438CCCCCDD0BB1747A366A28B6104746D02975F2C2C4C90262E948D85B99084233272AA7454F3FBAF3BFF9813DDE8C67F0BFE27C2FCCFFE6D16BC4509D45437EB781E1C48954DC166F28FB922DFAD3A8EB9B3A390935581FCC22A9DCB64D8C0001D7884DD63D4ADE9304C914802D9B8271DE3449D5454D5E38DC726C3CFFBC2C62FE84637FE93F15F1DD338194585D5D8BB2B13E9E9A548882FD2690C6AEB5B60EF60ADAEC6C409E1422C0E183A2C10FEBE4E282CAEC57D0FAF41AD900CBBECB3058789951DF283718E6103FDF1C89F4769E7B46E74E37F09FF33A4D1095E6E4D75132ACAEB70F46801F6EFCF425A6639FCFC9DF1E273D3D53D216A6A9B448124205BC885638032C9ABACAA11CD6D1D183AC00F57CF8B4678B0AB6EDB8D6EFCEF00F87F9ED91B4B4AFAE0D90000000049454E44AE426082 WHERE `app_id`='11' and `app_name` = 'LF Acumos Marketplace'; + + + + +Insert into fn_user_role (USER_ID,ROLE_ID,PRIORITY,APP_ID) values (1,999,null,12); + +INSERT IGNORE INTO `fn_pers_user_app_sel` (`id`,`user_id`,`app_id`,`status_cd`) VALUES (11,1,11,'S'); +INSERT IGNORE INTO `fn_pers_user_app_sel` (`id`,`user_id`,`app_id`,`status_cd`) VALUES (12,1,12,'S'); + +commit; diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/NOTES.txt new file mode 100755 index 00000000..ee7a285c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/configmap.yaml new file mode 100755 index 00000000..9a08da5a --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/configmap.yaml @@ -0,0 +1,28 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-mariadb + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/mariadb/*").AsConfig . | indent 2 }} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml new file mode 100755 index 00000000..f826c9c2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/deployment.yaml @@ -0,0 +1,97 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: MYSQL_HOST + value: "{{ include "common.servicename" . }}" + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }} + key: db-root-password + volumeMounts: + - mountPath: /var/lib/mysql + name: mariadb-data + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /usr/local/bin/docker-entrypoint.sh + subPath: docker-entrypoint.sh + name: docker-entry + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + {{- if .Values.persistence.enabled }} + - name: mariadb-data + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + - name: localtime + hostPath: + path: /etc/localtime + - name: docker-entry + configMap: + name: {{ include "common.fullname" . }}-mariadb + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/job.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/job.yaml new file mode 100755 index 00000000..515c5219 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/job.yaml @@ -0,0 +1,91 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: batch/v1 +kind: Job +metadata: + name: {{ include "common.fullname" . }}-config + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }}-job + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + template: + metadata: + labels: + app: {{ include "common.name" . }}-job + release: {{ .Release.Name }} + spec: + restartPolicy: Never + initContainers: + - name: {{ include "common.name" . }}-init-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - {{ include "common.name" . }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }}-job + image: "{{ .Values.global.readinessRepository }}/{{ .Values.mariadbInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: "{{ include "common.servicename" . }}" + - name: DB_USER + value: {{ .Values.config.mariadbUser }} + - name: DB_PASS + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}, key: db-root-password} + - name: SQL_SRC_DIR + value: {{ .Values.config.sqlSourceDirectory }} + - name: {{ include "common.name" . }}-oom-update-job + image: "{{ .Values.global.readinessRepository }}/{{ .Values.mariadbInitImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + env: + - name: DB_HOST + value: "{{ include "common.servicename" . }}" + - name: DB_USER + value: {{ .Values.config.mariadbUser }} + - name: DB_PORT + value: "{{ .Values.service.internalPort }}" + - name: DB_PASS + valueFrom: + secretKeyRef: {name: {{ include "common.fullname" . }}, key: db-root-password} + command: + - /bin/sh + - -x + - -c + - "mysql -vv --user=$DB_USER --password=$DB_PASS --host=$DB_HOST --port=$DB_PORT < /tmp/oom_updates.sql" + volumeMounts: + - name: portal-mariadb-sql + mountPath: /tmp/oom_updates.sql + subPath: oom_updates.sql + volumes: + - name: portal-mariadb-sql + configMap: + name: {{ include "common.fullname" . }}-mariadb + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" + restartPolicy: Never diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pv.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pv.yaml new file mode 100755 index 00000000..252ca765 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pv.yaml @@ -0,0 +1,38 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size}} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pvc.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pvc.yaml new file mode 100755 index 00000000..1deed4e9 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/pvc.yaml @@ -0,0 +1,49 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/secrets.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/secrets.yaml new file mode 100755 index 00000000..65980755 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/secrets.yaml @@ -0,0 +1,28 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + db-root-password: {{ .Values.config.mariadbRootPassword | b64enc | quote }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/service.yaml new file mode 100755 index 00000000..5ef05c94 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.externalPort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml new file mode 100755 index 00000000..eb14aed1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-mariadb/values.yaml @@ -0,0 +1,149 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for mariadb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + persistence: {} + readinessRepository: oomk8s + + +# application image +repository: nexus3.onap.org:10001 +image: onap/portal-db:2.5.0 +pullPolicy: Always + +readinessImage: readiness-check:2.0.0 +mariadbInitImage: "mariadb-client-init:3.0.0" + +# application configuration +config: + mariadbUser: root + mariadbRootPassword: Aa123456 + #The directory where sql files are found in the projects gerrit repo. + sqlSourceDirectory: portal/deliveries + # sdc frontend assignment for port 8181 + sdcFePort: "30206" + # application's front end hostname. Must be resolvable on the client side environment + sdcFeHostName: "sdc.api.fe.simpledemo.onap.org" + # policy pap ui assignment for port 8443 + papPort: "30219" + # application's front end hostname. Must be resolvable on the client side environment + papHostName: "policy.api.simpledemo.onap.org" + # vid ui assignment for port 8443 + vidPort: "30200" + # application's front end hostname. Must be resolvable on the client side environment + vidHostName: "vid.api.simpledemo.onap.org" + # aai sparky ui assignment for port 8080 + aaiSparkyPort: "30220" + # application's front end hostname. Must be resolvable on the client side environment + aaiSparkyHostName: "aai.ui.simpledemo.onap.org" + # cli ui assignment for port 8080 + cliPort: "30260" + # application's front end hostname. Must be resolvable on the client side environment + cliHostName: "cli.api.simpledemo.onap.org" + # portal sdk (demo app) ui assignment for port 8990 + portalSdkPort: "30212" + # application's front end hostname. Must be resolvable on the client side environment + portalSdkHostName: "portal-sdk.simpledemo.onap.org" + # dmaap bus controller ui assignment for port ? + dmaapBcPort: "" # TODO: populate with + # application's front end hostname. Must be resolvable on the client side environment + dmaapBcHostName: "dmaap-bc.simpledemo.onap.org" + # msb IAG ui assignment for port 80 + msbPort: "30280" + # application's front end hostname. Must be resolvable on the client side environment + msbHostName: "msb.api.simpledemo.onap.org" + # SO Monitoring assignment for port 30224 + soMonitoringPort: "30224" + # application's front end hostname. Must be resolvable on the client side environment + soMonitoringHostName: "so-monitoring" + ricdashboardPort: 30080 + ricdashboardHostName: 192.168.130.61 + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 450 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 450 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: portal/mariadb/data + +service: + type: ClusterIP + name: portal-db + portName: portal-db + externalPort: 3306 + internalPort: 3306 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 800m + memory: 1Gi + requests: + cpu: 400m + memory: 500Mi + large: + limits: + cpu: 2 + memory: 2Gi + requests: + cpu: 800m + memory: 1Gi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml new file mode 100755 index 00000000..96a8aac6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: Portal software development kit +name: portal-sdk +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties new file mode 100755 index 00000000..5c24429c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/fusion.properties @@ -0,0 +1,49 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# login settings +login_method_backdoor = backdoor +login_method_attribute_name = login_method + +# These properties will be removed after SingleSignOnController is cleaned +authentication_mechanism = BOTH +login_method_csp = csp +login_method_web_junction = web_junction + +#login message +login.error.hrid.empty = Login failed, please contact system administrator. +login.error.hrid.not-found = User not found, please contact system administrator. +login.error.user.inactive = Account is disabled, please contact system administrator. + +# User Session settings +user_attribute_name = user +roles_attribute_name = roles +role_function_list = role_function_list +role_functions_attribute_name = role_functions + +# Import-user LDAP settings +post_initial_context_factory = com.sun.jndi.ldap.LdapCtxFactory +post_provider_url = ldap://ldap.mycompany.com:389 +post_security_principal = ou=people,o=mycompany,c=us +post_max_result_size = 499 + +# menu settings +menu_query_name = menuData +application_menu_set_name = APP +application_menu_attribute_name = applicationMenuData +business_direct_menu_set_name = BD +business_direct_menu_attribute_name = businessDirectMenuData + +# Role settings +sys_admin_role_id = 1 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml new file mode 100755 index 00000000..85e1eed6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/logback.xml @@ -0,0 +1,222 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${defaultLoggerPattern} + + + + + + + + ${logDirectory}/${generalLogName}.log + + + ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.log.zip + + 30 + 3GB + + + ${applicationLoggerPattern} + + + + + 256 + + true + + + + + + + + + + + + + ${logDirectory}/${auditLogName}.log + + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.log.zip + + 30 + 3GB + + + ${auditLoggerPattern} + + + + 256 + + + + ${logDirectory}/${metricsLogName}.log + + + ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.log.zip + + 30 + 3GB + + + ${metricsLoggerPattern} + + + + 256 + + + + ${logDirectory}/${errorLogName}.log + + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.log.zip + + 30 + 3GB + + + ${errorLoggerPattern} + + + + 256 + + + + ${debugLogDirectory}/${debugLogName}.log + + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.log.zip + + 30 + 3GB + + + ${defaultLoggerPattern} + + + + 256 + + + + + + + + + + + + + + + + + + + + + diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties new file mode 100755 index 00000000..8881cc2f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/music.properties @@ -0,0 +1,35 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +music.version = v2 +music.keyspace = keyspaces +music.session.keyspace = portalsdk +music.tables = tables +music.session.attr.tables = spring_session_attributes +music.session.meta.tables = spring_session +music.consistency.info = type +music.consistency.info.value = eventual +music.cache = false +music.session.max.inactive.interval.seconds = 1800 +music.serialize.compress = true + +#By default it's eventual +music.atomic.get = false +music.atomic.put = true + +cassandra.host={{.Values.cassandra.service.name}} +zookeeper.host={{.Values.zookeeper.service.name}} +cassandra.user={{.Values.cassandra.config.cassandraUsername}} +cassandra.password={{.Values.cassandra.config.cassandraPassword}} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties new file mode 100755 index 00000000..2ccace54 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/portal.properties @@ -0,0 +1,60 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Properties read by ECOMP Framework library, ecompFW.jar + +########################################################################## +# The following properties should NOT be changed by partner applications. +########################################################################## + +portal.api.prefix = /api +max.idle.time = 5 +user.attribute.name = user_attribute + +#Use REST API instead of UEB to fetch the functional menu data +use_rest_for_functional_menu=true + +########################################################################## +# The following properties MUST be changed by partner applications. +########################################################################## + +# Name of java class that implements the OnBoardingApiService interface. +# epsdk 1.3 uses org.onap prefix +portal.api.impl.class = org.onap.portalapp.service.OnBoardingApiServiceImpl + +# CSP Global Log On for single sign on +ecomp_redirect_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalFEPort}}/ONAPPORTAL/login.htm + +# URL of the ECOMP Portal REST API + +ecomp_rest_url = http://{{.Values.global.portalHostName}}:{{.Values.global.portalPort}}/ONAPPORTAL/auxapi + +# Applications do not need to run a UEB listener in 1610. +ueb_listeners_enable = false + +# UEB Configuration +ueb_url_list = message-router +# ECOMP Portal listens on this UEB topic +ecomp_portal_inbox_name = ECOMP-PORTAL-INBOX +# Replace these 3 default values with the ones for your specific App, +# as shown on the on-boarding page on the ECOMP Portal web application. +ueb_app_key = jQd4a9zVNi4ePyBp +ueb_app_secret = P0HpqEBhKJvxjRYdw2sCTUll +ueb_app_mailbox_name = ECOMP-PORTAL-OUTBOX-APP1 +# Consumer group name for UEB topic. +# Use the special tag '{UUID}' to generate a unique one for each sdk-app server. +ueb_app_consumer_group_name = {UUID} + +decryption_key = AGLDdG4D04BKm2IxIWEr8o== diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties new file mode 100755 index 00000000..3bbb1a7f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/resources/config/deliveries/properties/ONAPPORTALSDK/system.properties @@ -0,0 +1,83 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# Properties read by ECOMP Core library, ecompSDK-core.jar + +########################################################################## +# The following properties should NOT be changed by partner applications. +########################################################################## + +application_user_id = 30000 +post_default_role_id = 16 +clustered = true + +#Enable Fusion Mobile capabilities for the application +mobile_enable = false + +# Cache config file is needed on the classpath +cache_config_file_path = /WEB-INF/classes/cache.ccf +cache_switch = 199 +cache_load_on_startup = false + +user_name = fullName +decryption_key = AGLDdG4D04BKm2IxIWEr8o== + +########################################################################## +# The following properties MAY require changes by partner applications. +########################################################################## + +db.driver = org.mariadb.jdbc.Driver +db.connectionURL = jdbc:mariadb://portal-db:3306/ecomp_sdk +db.userName = root +db.password = Aa123456 +db.min_pool_size = 5 +db.max_pool_size = 10 +hb.dialect = org.hibernate.dialect.MySQLDialect +# SQL statements are logged to stdout +hb.show_sql = true +hb.idle_connection_test_period = 3600 + +app_display_name = Demo App +files_path = /tmp + +#element map files +element_map_file_path = /tmp +element_map_icon_path = app/fusionapp/icons/ + +#Cron Schedules +log_cron = 0 0/1 * * * ?; +mylogins_feed_cron = 0 0/60 * * * ?; +#sessiontimeout_feed_cron = 0 * * * * ? * +my_login_feed_output_dir = /tmp/MyLogins + +# Link shown in Help menu +contact_us_link = https://todo_contact_us_link.com + +# An Unique 128-bit value defined to identify a specific version +# of an application deployed on a specific virtual machine. +# This value must be generated and updated by the application +# which is using the ECOMP SDK at the time of its deployment. +# Online Unique UUID generator - https://www.uuidgenerator.net/ +instance_uuid=8da691c9-987d-43ed-a358-00ac2f35685d + +# R Cloud feature - configure this property to enable notebook feature - for more details on RCloud please visit https://rcloud.social/index.html +guard_notebook_url= + +#authenticate user server +#TODO: what is this URL supposed to be pointing to? Nothing in portal opens 8383 +authenticate_user_server=http://{{.Values.global.portalHostName}}:8383/openid-connect-server-webapp/allUsers + +#cookie domain +cookie_domain = onap.org diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt new file mode 100755 index 00000000..496dd8d1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml new file mode 100755 index 00000000..bce68965 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-onapportalsdk + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTALSDK/*").AsConfig . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml new file mode 100755 index 00000000..f59a16a6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/deployment.yaml @@ -0,0 +1,131 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - "portal-db" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /start-apache-tomcat.sh + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/fusion/conf/fusion.properties" + subPath: fusion.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/conf/system.properties" + subPath: system.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/portal.properties" + subPath: portal.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/music.properties" + subPath: music.properties + - name: properties-onapportalsdk + mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTALSDK/WEB-INF/classes/logback.xml" + subPath: logback.xml + - name: portal-tomcat-logs + mountPath: "{{ .Values.global.env.tomcatDir }}/logs" + - name: var-log-onap + mountPath: /var/log/onap + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + - name: filebeat-onap + image: "{{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - name: portal-data-filebeat + mountPath: /usr/share/filebeat/data + - name: var-log-onap + mountPath: /var/log/onap + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: properties-onapportalsdk + configMap: + name: {{ include "common.fullname" . }}-onapportalsdk + defaultMode: 0755 + - name: filebeat-conf + configMap: + name: portal-filebeat + - name: var-log-onap + emptyDir: {} + - name: portal-data-filebeat + emptyDir: {} + - name: portal-tomcat-logs + emptyDir: {} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml new file mode 100755 index 00000000..0629ea07 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml new file mode 100755 index 00000000..be5d8aee --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-sdk/values.yaml @@ -0,0 +1,104 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/portal-sdk:2.5.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: portal-sdk + portName: portal-sdk + internalPort: 8080 + externalPort: 8080 + nodePort: 12 + +mariadb: + service: + name: portal-db +widget: + service: + name: portal-widget +cassandra: + service: + name: portal-cassandra + config: + cassandraUsername: root + cassandraPassword: Aa123456 +zookeeper: + service: + name: portal-zookeeper +messageRouter: + service: + name: message-router + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 4 + memory: 10Gi + requests: + cpu: 2 + memory: 5Gi + large: + limits: + cpu: 8 + memory: 20Gi + requests: + cpu: 4 + memory: 10Gi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml new file mode 100755 index 00000000..3c20f58f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: Portal widgets micro service application +name: portal-widget +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties new file mode 100755 index 00000000..a53dd2e2 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.properties @@ -0,0 +1,33 @@ +## General App Properties +server.contextPath=/widget +server.port=8082 +spring.http.multipart.max-file-size=128MB +spring.http.multipart.max-request-size=128MB +microservice.widget.location=/tmp + +## App DB Properties +spring.datasource.url=jdbc:mysql://portal-db:3306/portal +spring.datasource.username=root +spring.datasource.password=Aa123456 +spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.MySQLDialect +spring.database.driver.classname=org.mariadb.jdbc.Driver +spring.jpa.show-sql=false +spring.jpa.properties.hibernate.format_sql=false + +## Basic Authentication Properties +security.user.name=widget_user +security.user.password=ENC(IjywcRnI9+nuVEh9+OFFiRWAjBT1n718) + +initialization.default.widgets=true +initialization.widgetData.url=http://portal-app:{{.Values.global.portalPort}}/ONAPPORTAL/commonWidgets + +## Account Basic Authentication Properties +account.user.name=portal +account.user.password=6APqvG4AU2rfLgCvMdySwQ== + +## Certificate Properties +#server.ssl.key-store=classpath:widget-keystore.p12 +#server.ssl.key-store-password=ENC(DiIYnAMab4u7rEW2yKhF9zBL00uU55q8) +#server.ssl.keyStoreType=PKCS12 +#server.ssl.keyAlias=widget-microservice + diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml new file mode 100755 index 00000000..087c93f5 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/resources/config/deliveries/properties/ONAPWIDGETMS/application.yml @@ -0,0 +1,17 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +jasypt: + encryptor: + password: EncryptionKey diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt new file mode 100755 index 00000000..496dd8d1 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.fullname" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.fullname" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.fullname" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml new file mode 100755 index 00000000..6779c286 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/configmap.yaml @@ -0,0 +1,27 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-onapwidgetms + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPWIDGETMS/*").AsConfig . | indent 2 }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml new file mode 100755 index 00000000..fdf9915f --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/deployment.yaml @@ -0,0 +1,98 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - name: {{ include "common.name" . }}-readiness + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /root/ready.py + args: + - --container-name + - "portal-db" + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: + - /start-wms.sh + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - name: properties-onapwidgetms + mountPath: "/application.properties" + subPath: application.properties + - name: properties-onapwidgetms + mountPath: "/application.yml" + subPath: application.yml + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: properties-onapwidgetms + configMap: + name: {{ include "common.fullname" . }}-onapwidgetms + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml new file mode 100755 index 00000000..be573d34 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/templates/service.yaml @@ -0,0 +1,41 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.portName }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml new file mode 100755 index 00000000..62e095db --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-widget/values.yaml @@ -0,0 +1,89 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + readinessRepository: oomk8s + readinessImage: readiness-check:2.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuInit: ubuntu-init:1.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/portal-wms:2.5.0 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +mariadb: + service: + name: portal-db + +service: + type: ClusterIP + name: portal-widget + portName: portal-widget + externalPort: 8082 + internalPort: 8082 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 1 + memory: 4Gi + requests: + cpu: 500m + memory: 2Gi + large: + limits: + cpu: 2 + memory: 8Gi + requests: + cpu: 1 + memory: 4Gi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/.helmignore b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/.helmignore new file mode 100755 index 00000000..daebc7da --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/Chart.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/Chart.yaml new file mode 100755 index 00000000..ae03fa00 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/Chart.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +description: Zookeeper for ONAP Portal +name: portal-zookeeper +version: 5.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/NOTES.txt b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/NOTES.txt new file mode 100755 index 00000000..ee7a285c --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/NOTES.txt @@ -0,0 +1,33 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml new file mode 100755 index 00000000..73056bea --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/deployment.yaml @@ -0,0 +1,71 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ include "common.repository" . }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ include "common.resources" . | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/service.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/service.yaml new file mode 100755 index 00000000..5ef05c94 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.internalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.externalPort }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + {{- end}} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/values.yaml new file mode 100755 index 00000000..c7c80303 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/charts/portal-zookeeper/values.yaml @@ -0,0 +1,77 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# Default values for mariadb. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. +global: # global defaults + nodePortPrefix: 302 + persistence: {} + + +# application image +repository: nexus3.onap.org:10001 +image: zookeeper:3.4 +pullPolicy: Always + + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: ClusterIP + name: portal-zookeeper + portName: portal-zk + externalPort: 2181 + internalPort: 2181 + +ingress: + enabled: false + +# Resource Limit flavor -By Default using small +flavor: small +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 500m + memory: 600Mi + requests: + cpu: 250m + memory: 300Mi + large: + limits: + cpu: 1 + memory: 1Gi + requests: + cpu: 500m + memory: 600Mi + unlimited: {} diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/requirements.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/requirements.yaml new file mode 100755 index 00000000..229a4d3d --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/requirements.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: ric-common + version: ~2.0.0 diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/resources/config/log/filebeat/filebeat.yml b/ric-aux/80-Auxiliary-Functions/helm/portal/resources/config/log/filebeat/filebeat.yml new file mode 100755 index 00000000..400b8df6 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,55 @@ +# Copyright © 2018 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among availabe Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/templates/configmap.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/templates/configmap.yaml new file mode 100755 index 00000000..0c677328 --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/templates/configmap.yaml @@ -0,0 +1,28 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: portal-filebeat + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} + diff --git a/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml b/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml new file mode 100755 index 00000000..f8eccf7b --- /dev/null +++ b/ric-aux/80-Auxiliary-Functions/helm/portal/values.yaml @@ -0,0 +1,54 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications Copyright © 2018 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +global: + env: + tomcatDir: "/opt/apache-tomcat-8.0.37" + # portal frontend port + portalPort: "8989" + portalFEPort: "30225" + # application's front end hostname. Must be resolvable on the client side environment + portalHostName: "portal.api.simpledemo.onap.org" + keystoreFile: "keystoreONAPPortal.p12" + truststoreFile: "truststoreONAPall.jks" + keypass: ",@{9!OOv%HO@#c+0Z}axu!xV" + trustpass: "changeit" + +config: + logstashServiceName: log-ls + logstashPort: 5044 + +portal-mariadb: + nameOverride: portal-db + +mariadb: + service: + name: portal-db +widget: + service: + name: portal-widget +cassandra: + service: + name: portal-cassandra + config: + cassandraUsername: root + cassandraPassword: Aa123456 +zookeeper: + service: + name: portal-zookeeper + +messageRouter: + service: + name: message-router diff --git a/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl b/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl index 509daed2..cd9b7340 100644 --- a/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl +++ b/ric-common/Common-Template/helm/ric-common/templates/_servicename.tpl @@ -135,3 +135,24 @@ {{- $name := ( include "common.fullname.ves" . ) -}} {{- printf "service-%s-tcp" $name | trunc 63 | trimSuffix "-" -}} {{- end -}} + + + +#################### Default ############### + + +{{/* + Resolve the name of a chart's service. + + The default will be the chart name (or .Values.nameOverride if set). + And the use of .Values.service.name overrides all. + + - .Values.service.name : override default service (ie. chart) name +*/}} +{{/* + Expand the service name for a chart. +*/}} +{{- define "common.servicename" -}} + {{- $name := default .Chart.Name .Values.nameOverride -}} + {{- default $name .Values.service.name | trunc 63 | trimSuffix "-" -}} +{{- end -}} \ No newline at end of file -- 2.16.6