Feature 8170: deploy OSM services with a helm chart
Change-Id: Ice69a2c7adcfdae331fee7212337e47e82130516
Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>
diff --git a/installers/helm/osm/.helmignore b/installers/helm/osm/.helmignore
new file mode 100644
index 0000000..f6c67cb
--- /dev/null
+++ b/installers/helm/osm/.helmignore
@@ -0,0 +1,39 @@
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
diff --git a/installers/helm/osm/Chart.yaml b/installers/helm/osm/Chart.yaml
new file mode 100644
index 0000000..8d44eb4
--- /dev/null
+++ b/installers/helm/osm/Chart.yaml
@@ -0,0 +1,36 @@
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v2
+name: osm
+description: A Helm chart for Open Source MANO (OSM)
+type: application
+icon: https://www.etsi.org/images/articles/logos/OSM.png
+version: 0.0.1
+appVersion: "14"
+# dependencies:
+# - name: mongodb
+# repository: "https://charts.bitnami.com/bitnami"
+# version: "13.9.4"
+# condition: mongodb.enabled
+# - name: airflow
+# repository: "https://airflow.apache.org"
+# version: "1.6.0"
+# condition: airflow.enabled
+# - name: mysql
+# repository: "https://charts.bitnami.com/bitnami"
+# version: "9.9.1"
+# condition: mysql.enabled
diff --git a/installers/helm/osm/templates/NOTES.txt b/installers/helm/osm/templates/NOTES.txt
new file mode 100644
index 0000000..ea59625
--- /dev/null
+++ b/installers/helm/osm/templates/NOTES.txt
@@ -0,0 +1,29 @@
+{{/*
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+*/}}
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.nbi.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services nbi)
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.nbi.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w nbi'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} nbi --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+ echo http://$SERVICE_IP:{{ .Values.nbi.service.port }}
+{{- end }}
diff --git a/installers/helm/osm/templates/_helpers.tpl b/installers/helm/osm/templates/_helpers.tpl
new file mode 100644
index 0000000..cd8ca4f
--- /dev/null
+++ b/installers/helm/osm/templates/_helpers.tpl
@@ -0,0 +1,114 @@
+{{/*
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+*/}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "osm.name" -}}
+{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "osm.fullname" -}}
+{{- if .Values.global.fullnameOverride }}
+{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.global.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "osm.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "osm.labels" -}}
+helm.sh/chart: {{ include "osm.chart" . }}
+{{ include "osm.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "osm.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "osm.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "osm.serviceAccountName" -}}
+{{- if .Values.global.serviceAccount.create }}
+{{- default (include "osm.fullname" .) .Values.global.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.global.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the images to be used
+*/}}
+{{ define "osm.nbi.image" -}}
+{{ printf "%s:%s" (.Values.nbi.image.repository | default (printf "%s/nbi" (.Values.global.image.repositoryBase))) (.Values.nbi.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.lcm.image" -}}
+{{ printf "%s:%s" (.Values.lcm.image.repository | default (printf "%s/lcm" (.Values.global.image.repositoryBase))) (.Values.lcm.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.ro.image" -}}
+{{ printf "%s:%s" (.Values.ro.image.repository | default (printf "%s/ro" (.Values.global.image.repositoryBase))) (.Values.ro.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.mon.image" -}}
+{{ printf "%s:%s" (.Values.mon.image.repository | default (printf "%s/mon" (.Values.global.image.repositoryBase))) (.Values.mon.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.pol.image" -}}
+{{ printf "%s:%s" (.Values.pol.image.repository | default (printf "%s/pol" (.Values.global.image.repositoryBase))) (.Values.pol.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.pla.image" -}}
+{{ printf "%s:%s" (.Values.pla.image.repository | default (printf "%s/pla" (.Values.global.image.repositoryBase))) (.Values.pla.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.ngui.image" -}}
+{{ printf "%s:%s" (.Values.ngui.image.repository | default (printf "%s/ng-ui" (.Values.global.image.repositoryBase))) (.Values.ngui.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.webhookTranslator.image" -}}
+{{ printf "%s:%s" (.Values.webhookTranslator.image.repository | default (printf "%s/webhook" (.Values.global.image.repositoryBase))) (.Values.webhookTranslator.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.keystone.image" -}}
+{{ printf "%s:%s" (.Values.keystone.image.repository | default (printf "%s/keystone" (.Values.global.image.repositoryBase))) (.Values.keystone.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.prometheus.image" -}}
+{{ printf "%s:%s" (.Values.prometheus.sidecarImage.repository | default (printf "%s/prometheus" (.Values.global.image.repositoryBase))) (.Values.prometheus.sidecarImage.tag | default .Values.global.image.tag) }}
+{{- end }}
diff --git a/installers/helm/osm/templates/certauth_setup/ca-issuer.yaml b/installers/helm/osm/templates/certauth_setup/ca-issuer.yaml
new file mode 100644
index 0000000..59de79f
--- /dev/null
+++ b/installers/helm/osm/templates/certauth_setup/ca-issuer.yaml
@@ -0,0 +1,25 @@
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: ca-issuer
+spec:
+ ca:
+ secretName: osm-ca
+{{- end }}
diff --git a/installers/helm/osm/templates/certauth_setup/osm-ca-certificate.yaml b/installers/helm/osm/templates/certauth_setup/osm-ca-certificate.yaml
new file mode 100644
index 0000000..23765df
--- /dev/null
+++ b/installers/helm/osm/templates/certauth_setup/osm-ca-certificate.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: osm-ca-certificate
+ namespace: osm
+spec:
+ isCA: true
+ commonName: osm
+ secretName: osm-ca
+ privateKey:
+ algorithm: ECDSA
+ size: 256
+ issuerRef:
+ name: osm-selfsigned-issuer
+ kind: ClusterIssuer
+ group: cert-manager.io
+{{- end }}
diff --git a/installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml b/installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml
new file mode 100644
index 0000000..7cf9e2c
--- /dev/null
+++ b/installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: osm-selfsigned-issuer
+spec:
+ selfSigned: {}
+{{- end }}
diff --git a/installers/helm/osm/templates/grafana/grafana-clusterrole.yaml b/installers/helm/osm/templates/grafana/grafana-clusterrole.yaml
new file mode 100644
index 0000000..1e2753a
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-clusterrole.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: grafana
+ name: grafana-clusterrole
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - secrets
+ verbs:
+ - get
+ - watch
+ - list
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml b/installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml
new file mode 100644
index 0000000..a6c2f97
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml
@@ -0,0 +1,32 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app: grafana
+ name: grafana-clusterrolebinding
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: grafana-clusterrole
+subjects:
+- kind: ServiceAccount
+ name: grafana
+ namespace: osm
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-configmap.yaml b/installers/helm/osm/templates/grafana/grafana-configmap.yaml
new file mode 100644
index 0000000..7d4653b
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-configmap.yaml
@@ -0,0 +1,33 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+data:
+ grafana.ini: |
+ [log]
+ mode = console
+ [paths]
+ data = /var/lib/grafana/data
+ logs = /var/log/grafana
+ plugins = /var/lib/grafana/plugins
+ provisioning = /etc/grafana/provisioning
+kind: ConfigMap
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml b/installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml
new file mode 100644
index 0000000..68dc91b
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml
@@ -0,0 +1,42 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+data:
+ provider.yaml: |-
+ apiVersion: 1
+ providers:
+ - name: 'Kubernetes Cluster'
+ orgId: 1
+ folder: 'Kubernetes Cluster'
+ type: file
+ disableDeletion: false
+ options:
+ path: '/tmp/dashboards/Kubernetes Cluster'
+ - name: 'Open Source MANO'
+ orgId: 1
+ folder: 'Open Source MANO'
+ type: file
+ disableDeletion: false
+ options:
+ path: '/tmp/dashboards/Open Source MANO'
+kind: ConfigMap
+metadata:
+ labels:
+ app: grafana
+ name: grafana-dashboard-provider
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml b/installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml
new file mode 100644
index 0000000..ac07a36
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml
@@ -0,0 +1,40 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ labels:
+ grafana_datasource: "1"
+ name: grafana-datasource
+data:
+ datasource.yaml: |-
+ apiVersion: 1
+ datasources:
+ - name: osm_prometheus
+ type: prometheus
+ url: http://prometheus:9090
+ access: proxy
+ allowUiUpdates: true
+ isDefault: true
+ - name: Prometheus
+ type: prometheus
+ url: http://osm-monitoring-kube-promet-prometheus.monitoring:9090
+ access: proxy
+ allowUiUpdates: true
+ isDefault: false
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-deployment.yaml b/installers/helm/osm/templates/grafana/grafana-deployment.yaml
new file mode 100644
index 0000000..a54d687
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-deployment.yaml
@@ -0,0 +1,157 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: grafana
+ template:
+ metadata:
+ labels:
+ app: grafana
+ spec:
+ containers:
+ - env:
+ - name: LABEL
+ value: grafana_dashboard
+ - name: FOLDER
+ value: "/tmp/dashboards/Kubernetes Cluster"
+ - name: RESOURCE
+ value: both
+ - name: NAMESPACE
+ value: monitoring
+ image: kiwigrid/k8s-sidecar:1.15.6
+ imagePullPolicy: IfNotPresent
+ name: grafana-sc-dashboard
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: "/tmp/dashboards/Kubernetes Cluster"
+ name: sc-dashboard-volume-k8s
+ - mountPath: "/tmp/dashboards/Open Source MANO"
+ name: sc-dashboard-volume-osm
+ - env:
+ - name: GF_SECURITY_ADMIN_USER
+ valueFrom:
+ secretKeyRef:
+ key: admin-user
+ name: grafana
+ - name: GF_SECURITY_ADMIN_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ key: admin-password
+ name: grafana
+ image: grafana/grafana:8.1.1
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ failureThreshold: 10
+ httpGet:
+ path: /api/health
+ port: 3000
+ scheme: HTTP
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 30
+ name: grafana
+ ports:
+ - containerPort: 80
+ name: service
+ protocol: TCP
+ - containerPort: 3000
+ name: grafana
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /api/health
+ port: 3000
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: /etc/grafana/grafana.ini
+ name: config
+ subPath: grafana.ini
+ - mountPath: /var/lib/grafana
+ name: storage
+ - mountPath: "/tmp/dashboards/Kubernetes Cluster"
+ name: sc-dashboard-volume-k8s
+ - mountPath: "/tmp/dashboards/Open Source MANO"
+ name: sc-dashboard-volume-osm
+ - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
+ name: sc-dashboard-provider
+ subPath: provider.yaml
+ - mountPath: /etc/grafana/provisioning/datasources
+ name: sc-datasources-volume
+ dnsPolicy: ClusterFirst
+ initContainers:
+ - env:
+ - name: METHOD
+ value: LIST
+ - name: LABEL
+ value: grafana_datasource
+ - name: FOLDER
+ value: /etc/grafana/provisioning/datasources
+ - name: RESOURCE
+ value: both
+ image: kiwigrid/k8s-sidecar:1.15.6
+ imagePullPolicy: IfNotPresent
+ name: grafana-sc-datasources
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: /etc/grafana/provisioning/datasources
+ name: sc-datasources-volume
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ serviceAccount: grafana
+ serviceAccountName: grafana
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - configMap:
+ defaultMode: 420
+ name: grafana
+ name: config
+ - emptyDir: {}
+ name: storage
+ - emptyDir: {}
+ name: sc-dashboard-volume-k8s
+ - emptyDir: {}
+ name: sc-dashboard-volume-osm
+ - configMap:
+ defaultMode: 420
+ name: grafana-dashboard-provider
+ name: sc-dashboard-provider
+ - emptyDir: {}
+ name: sc-datasources-volume
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-secret.yaml b/installers/helm/osm/templates/grafana/grafana-secret.yaml
new file mode 100644
index 0000000..fd240e6
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-secret.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+data:
+ admin-password: YWRtaW4=
+ admin-user: YWRtaW4=
+kind: Secret
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+type: Opaque
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-service.yaml b/installers/helm/osm/templates/grafana/grafana-service.yaml
new file mode 100644
index 0000000..6adee4b
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-service.yaml
@@ -0,0 +1,35 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+spec:
+ ports:
+ - name: service
+ nodePort: 3000
+ port: 3000
+ protocol: TCP
+ targetPort: 3000
+ selector:
+ app: grafana
+ sessionAffinity: None
+ type: NodePort
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml b/installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml
new file mode 100644
index 0000000..63ea515
--- /dev/null
+++ b/installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml
@@ -0,0 +1,24 @@
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+{{- end -}}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/kafka/kafka-configmap.yaml b/installers/helm/osm/templates/kafka/kafka-configmap.yaml
new file mode 100644
index 0000000..f967734
--- /dev/null
+++ b/installers/helm/osm/templates/kafka/kafka-configmap.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-kafka-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ KAFKA_ADVERTISED_HOST_NAME: kafka.osm
+ KAFKA_ADVERTISED_PORT: "9092"
+ KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
+ KAFKA_LOG_RETENTION_HOURS: "24"
+ KAFKA_BROKER_ID: "1"
+ KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://:9092"
+ KAFKA_LISTENERS: "PLAINTEXT://:9092"
+ KAFKA_INTER_BROKER_LISTENER_NAME: "PLAINTEXT"
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/kafka/kafka-service.yaml b/installers/helm/osm/templates/kafka/kafka-service.yaml
new file mode 100644
index 0000000..73a0a05
--- /dev/null
+++ b/installers/helm/osm/templates/kafka/kafka-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: kafka
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.kafka.service.port }}
+ targetPort: 9092
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/kafka/kafka-statefulset.yaml b/installers/helm/osm/templates/kafka/kafka-statefulset.yaml
new file mode 100644
index 0000000..81563eb
--- /dev/null
+++ b/installers/helm/osm/templates/kafka/kafka-statefulset.yaml
@@ -0,0 +1,88 @@
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: kafka
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.kafka.replicaCount | default .Values.global.replicaCount }}
+ serviceName: kafka
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ initContainers:
+ - name: zookeeper-test
+ image: alpine:latest
+ command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"]
+ containers:
+ - name: kafka
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: wurstmeister/kafka:2.11-1.0.2
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9092
+ protocol: TCP
+ volumeMounts:
+ - name: socket
+ mountPath: /var/run/docker.sock
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-kafka-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: socket
+ hostPath:
+ path: /var/run/docker.sock
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/keystone/keystone-configmap.yaml b/installers/helm/osm/templates/keystone/keystone-configmap.yaml
new file mode 100644
index 0000000..f076ad7
--- /dev/null
+++ b/installers/helm/osm/templates/keystone/keystone-configmap.yaml
@@ -0,0 +1,26 @@
+{{- if .Values.keystone.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-keystone-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ DB_HOST: "mysql"
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/keystone/keystone-deployment.yaml b/installers/helm/osm/templates/keystone/keystone-deployment.yaml
new file mode 100644
index 0000000..bf44346
--- /dev/null
+++ b/installers/helm/osm/templates/keystone/keystone-deployment.yaml
@@ -0,0 +1,100 @@
+{{- if .Values.keystone.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: keystone
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.keystone.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: keystone
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: keystone
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ containers:
+ - name: keystone
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.keystone.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 5000
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-keystone-configmap
+ {{- if not .Values.keystone.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.keystone.secretName | default "keystone-secret" }}
+ {{- else }}
+ env:
+ - name: ROOT_DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ - name: KEYSTONE_DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_KEYSTONE_DB_PASSWORD
+ - name: SERVICE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_SERVICE_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/keystone/keystone-service.yaml b/installers/helm/osm/templates/keystone/keystone-service.yaml
new file mode 100644
index 0000000..7e4aa52
--- /dev/null
+++ b/installers/helm/osm/templates/keystone/keystone-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.keystone.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: keystone
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.keystone.service.port }}
+ targetPort: 5000
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: keystone
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/lcm/lcm-configmap.yaml b/installers/helm/osm/templates/lcm/lcm-configmap.yaml
new file mode 100644
index 0000000..40d74c1
--- /dev/null
+++ b/installers/helm/osm/templates/lcm/lcm-configmap.yaml
@@ -0,0 +1,38 @@
+{{- if .Values.lcm.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-lcm-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMLCM_RO_HOST: "ro"
+ OSMLCM_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMLCM_MESSAGE_HOST: "kafka"
+ OSMLCM_STORAGE_DRIVER: "mongo"
+ OSMLCM_STORAGE_PATH: "/app/storage"
+ OSMLCM_STORAGE_COLLECTION: "files"
+ OSMLCM_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+{{- with .Values.lcm.config }}
+ {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- with .Values.httpProxy }}
+ {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/lcm/lcm-deployment.yaml b/installers/helm/osm/templates/lcm/lcm-deployment.yaml
new file mode 100644
index 0000000..e9bfd03
--- /dev/null
+++ b/installers/helm/osm/templates/lcm/lcm-deployment.yaml
@@ -0,0 +1,125 @@
+{{- if .Values.lcm.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: lcm
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.lcm.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: lcm
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: lcm
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-ro-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 ro 9090 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: lcm
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.lcm.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-lcm-configmap
+ {{- if not .Values.lcm.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.lcm.secretName | default "lcm-secret" }}
+ {{- end }}
+ env:
+ - name: OSMLCM_VCA_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_HOST
+ - name: OSMLCM_VCA_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_SECRET
+ - name: OSMLCM_VCA_PUBKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_PUBKEY
+ - name: OSMLCM_VCA_CACERT
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_CACERT
+ {{- if .Values.lcm.useOsmSecret }}
+ - name: OSMLCM_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ volumeMounts:
+ - mountPath: /etc/ssl/certs/osm-ca.crt
+ name: osm-ca
+ readOnly: true
+ subPath: osm-ca.crt
+ volumes:
+ - name: osm-ca
+ secret:
+ defaultMode: 420
+ items:
+ - key: tls.crt
+ path: osm-ca.crt
+ secretName: osm-ca
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/mon/mon-configmap.yaml b/installers/helm/osm/templates/mon/mon-configmap.yaml
new file mode 100644
index 0000000..06a4545
--- /dev/null
+++ b/installers/helm/osm/templates/mon/mon-configmap.yaml
@@ -0,0 +1,31 @@
+{{- if .Values.mon.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-mon-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMMON_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMMON_MESSAGE_HOST: "kafka"
+ OSMMON_MESSAGE_PORT: "9092"
+{{- with .Values.mon.config }}
+ {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/mon/mon-deployment.yaml b/installers/helm/osm/templates/mon/mon-deployment.yaml
new file mode 100644
index 0000000..6d70356
--- /dev/null
+++ b/installers/helm/osm/templates/mon/mon-deployment.yaml
@@ -0,0 +1,114 @@
+{{- if .Values.mon.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mon
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.mon.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: mon
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: mon
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: mon
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.mon.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ {{- if not .Values.global.oldServiceAssurance }}
+ command: ["/bin/bash"]
+ args: ["scripts/dashboarder-start.sh"]
+ {{- end }}
+ ports:
+ - containerPort: 8662
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-mon-configmap
+ {{- if not .Values.mon.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.mon.secretName | default "mon-secret" }}
+ {{- end }}
+ env:
+ - name: OSMMON_VCA_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_HOST
+ - name: OSMMON_VCA_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_SECRET
+ - name: OSMMON_VCA_CACERT
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_CACERT
+ {{- if .Values.mon.useOsmSecret }}
+ - name: OSMMON_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/mon/mon-service.yaml b/installers/helm/osm/templates/mon/mon-service.yaml
new file mode 100644
index 0000000..0737e14
--- /dev/null
+++ b/installers/helm/osm/templates/mon/mon-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.mon.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: mon
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.mon.service.port }}
+ targetPort: 8662
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: mon
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/mysql/mysql-service.yaml b/installers/helm/osm/templates/mysql/mysql-service.yaml
new file mode 100644
index 0000000..a2bb113
--- /dev/null
+++ b/installers/helm/osm/templates/mysql/mysql-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.mysql.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: mysql
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.mysql.service.port }}
+ targetPort: 3306
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/mysql/mysql-statefulset.yaml b/installers/helm/osm/templates/mysql/mysql-statefulset.yaml
new file mode 100644
index 0000000..c9b2d16
--- /dev/null
+++ b/installers/helm/osm/templates/mysql/mysql-statefulset.yaml
@@ -0,0 +1,94 @@
+{{- if .Values.mysql.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: mysql
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.mysql.replicaCount | default .Values.global.replicaCount }}
+ serviceName: mysql
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: mysql
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: mysql:5
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ name: mysql
+ volumeMounts:
+ - name: mysql-db
+ mountPath: /var/lib/mysql
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ {{- if not .Values.mysql.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.mysql.secretName | default "ro-db-secret" }}
+ {{- else }}
+ env:
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: mysql-db
+ hostPath:
+ path: {{ .Values.mysql.dbHostPath | default "/var/lib/osm/{{ .Release.Namespace }}/osm_ro_db/_data" }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/nbi/nbi-configmap.yaml b/installers/helm/osm/templates/nbi/nbi-configmap.yaml
new file mode 100644
index 0000000..e8dbcaa
--- /dev/null
+++ b/installers/helm/osm/templates/nbi/nbi-configmap.yaml
@@ -0,0 +1,31 @@
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-nbi-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMNBI_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMNBI_MESSAGE_HOST: "kafka"
+ OSMNBI_STORAGE_DRIVER: "mongo"
+ OSMNBI_STORAGE_PATH: "/app/storage"
+ OSMNBI_STORAGE_COLLECTION: "files"
+ OSMNBI_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/nbi/nbi-deployment.yaml b/installers/helm/osm/templates/nbi/nbi-deployment.yaml
new file mode 100644
index 0000000..1fe1e6d
--- /dev/null
+++ b/installers/helm/osm/templates/nbi/nbi-deployment.yaml
@@ -0,0 +1,99 @@
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nbi
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.nbi.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: nbi
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: nbi
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: nbi
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.nbi.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9999
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-nbi-configmap
+ {{- if not .Values.nbi.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.nbi.secretName | default "nbi-secret" }}
+ {{- else }}
+ env:
+ - name: OSMNBI_AUTHENTICATION_SERVICE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_SERVICE_PASSWORD
+ - name: OSMNBI_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/nbi/nbi-service.yaml b/installers/helm/osm/templates/nbi/nbi-service.yaml
new file mode 100644
index 0000000..0ea6433
--- /dev/null
+++ b/installers/helm/osm/templates/nbi/nbi-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: nbi
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.nbi.service.type }}
+ ports:
+ - nodePort: {{ .Values.nbi.service.nodePort }}
+ port: {{ .Values.nbi.service.port }}
+ targetPort: 9999
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: nbi
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/ng_ui/ngui-deployment.yaml b/installers/helm/osm/templates/ng_ui/ngui-deployment.yaml
new file mode 100644
index 0000000..4268350
--- /dev/null
+++ b/installers/helm/osm/templates/ng_ui/ngui-deployment.yaml
@@ -0,0 +1,73 @@
+{{- if .Values.ngui.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: ngui
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.ngui.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: ngui
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: ngui
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: ngui
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: {{ include "osm.ngui.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/ng_ui/ngui-service.yaml b/installers/helm/osm/templates/ng_ui/ngui-service.yaml
new file mode 100644
index 0000000..d2eb22c
--- /dev/null
+++ b/installers/helm/osm/templates/ng_ui/ngui-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.ngui.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: ng-ui
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.ngui.service.type }}
+ ports:
+ - nodePort: {{ .Values.ngui.service.nodePort }}
+ port: {{ .Values.ngui.service.port }}
+ targetPort: 80
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: ngui
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/osm-secret.yaml b/installers/helm/osm/templates/osm-secret.yaml
new file mode 100644
index 0000000..741d542
--- /dev/null
+++ b/installers/helm/osm/templates/osm-secret.yaml
@@ -0,0 +1,28 @@
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "osm.fullname" . }}-secret
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSM_DATABASE_COMMONKEY: {{ randAlphaNum 32 | b64enc | quote }}
+ OSM_MYSQL_ROOT_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }}
+ OSM_KEYSTONE_DB_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }}
+ OSM_SERVICE_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }}
diff --git a/installers/helm/osm/templates/pla/pla-configmap.yaml b/installers/helm/osm/templates/pla/pla-configmap.yaml
new file mode 100644
index 0000000..9b97ca3
--- /dev/null
+++ b/installers/helm/osm/templates/pla/pla-configmap.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pla.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-pla-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMPLA_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMPLA_DATABASE_HOST: "mongo"
+ OSMPLA_MESSAGE_HOST: "kafka"
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/pla/pla-deployment.yaml b/installers/helm/osm/templates/pla/pla-deployment.yaml
new file mode 100644
index 0000000..d1a1f53
--- /dev/null
+++ b/installers/helm/osm/templates/pla/pla-deployment.yaml
@@ -0,0 +1,82 @@
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pla.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: pla
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.pla.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: pla
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: pla
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: pla
+ securityContext:
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.pla.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-pla-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/pol/pol-configmap.yaml b/installers/helm/osm/templates/pol/pol-configmap.yaml
new file mode 100644
index 0000000..caa5b41
--- /dev/null
+++ b/installers/helm/osm/templates/pol/pol-configmap.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pol.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-pol-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMPOL_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMPOL_MESSAGE_HOST: "kafka"
+ OSMPOL_MESSAGE_PORT: "9092"
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/pol/pol-deployment.yaml b/installers/helm/osm/templates/pol/pol-deployment.yaml
new file mode 100644
index 0000000..a8b97c8
--- /dev/null
+++ b/installers/helm/osm/templates/pol/pol-deployment.yaml
@@ -0,0 +1,96 @@
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pol.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: pol
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.pol.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: pol
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: pol
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: pol
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.pol.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 8662
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-pol-configmap
+ {{- if not .Values.pol.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.pol.secretName | default "pol-secret" }}
+ {{- else }}
+ env:
+ - name: OSMPOL_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml
new file mode 100644
index 0000000..b4f2679
--- /dev/null
+++ b/installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml
@@ -0,0 +1,37 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-alertingrules-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ osm_alert_rules.yml: |
+ groups:
+ - name: osm_alert_rules
+ rules:
+ - alert: vdu_down
+ expr: vm_status_extended != 1
+ for: 3m
+ annotations:
+ summary: "VDU {{ "{{" }} $labels.vm_id }} in VIM {{ "{{" }} $labels.vim_id }} is down"
+ description: "VDU {{ "{{" }} $labels.vm_id }} in VIM {{ "{{" }} $labels.vim_id }} has been down for more than 3 minutes. NS instance id is {{ "{{" }} $labels.ns_id }}"
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/prometheus/prometheus-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-configmap.yaml
new file mode 100644
index 0000000..b213e22
--- /dev/null
+++ b/installers/helm/osm/templates/prometheus/prometheus-configmap.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ MONGODB_URL: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ PROMETHEUS_CONFIG_FILE: "/etc/prometheus/prometheus.yml"
+ PROMETHEUS_BASE_CONFIG_FILE: "/etc/prometheus_base/prometheus.yml"
+ TARGET_DATABASE: "osm"
+ PROMETHEUS_URL: "http://prometheus:9090"
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml
new file mode 100644
index 0000000..18fef22
--- /dev/null
+++ b/installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml
@@ -0,0 +1,87 @@
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-prom-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ prometheus.yml: |
+ # Copyright 2018 The Prometheus Authors
+ # Copyright 2018 Whitestack
+ # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U.
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ # my global config
+ global:
+ scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+ evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
+ # scrape_timeout is set to the global default (10s).
+
+ # Alertmanager configuration
+ alerting:
+ alertmanagers:
+ - static_configs:
+ - targets:
+{{- if .Values.global.oldServiceAssurance }}
+ # - alertmanager:9093
+{{- else }}
+ - alertmanager:9093
+{{- end }}
+ # Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
+{{- if .Values.global.oldServiceAssurance }}
+ rule_files:
+ # - "first_rules.yml"
+ # - "second_rules.yml"
+{{- else }}
+ rule_files:
+ - "osm_metric_rules.yml"
+ - "osm_alert_rules.yml"
+{{- end }}
+ # A scrape configuration containing exactly one endpoint to scrape:
+ # Here it's Prometheus itself.
+ scrape_configs:
+ - job_name: 'mon_exporter'
+ static_configs:
+ - targets: ['mon:8000']
+{{- if .Values.global.oldServiceAssurance }}
+ # Add here other external targets, e.g. a pushgateway
+ # - job_name: 'pushgateway'
+ # static_configs:
+ # - targets: ['prometheus-pushgateway:9091']
+{{- else }}
+ - job_name: pushgateway
+ honor_labels: true
+ scrape_interval: 30s
+ static_configs:
+ - targets:
+ - pushgateway-prometheus-pushgateway:9091
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml
new file mode 100644
index 0000000..c314d86
--- /dev/null
+++ b/installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml
@@ -0,0 +1,43 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-recordingrules-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ osm_metric_rules.yml: |
+ groups:
+ - name: osm_metric_rules
+ rules:
+ - record: vm_status_extended
+ expr: (last_over_time(vm_status[1m]) * on (vm_id, vim_id) group_left(ns_id, vnf_id, vdu_id, project_id, job, vdu_name, vnf_member_index) last_over_time(ns_topology[1m])) or (last_over_time(ns_topology[1m]) * -1)
+ labels:
+ job: osm_prometheus
+ - record: vnf_status
+ expr: (0 * (count (vm_status_extended==0) by (ns_id, vnf_id)>=0)) or (min by (ns_id, vnf_id) (vm_status_extended))
+ labels:
+ job: osm_prometheus
+ - record: ns_status
+ expr: (0 * (count (vm_status_extended==0) by (ns_id)>=0)) or (min by (ns_id) (vm_status_extended))
+ labels:
+ job: osm_prometheus
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/prometheus/prometheus-service.yaml b/installers/helm/osm/templates/prometheus/prometheus-service.yaml
new file mode 100644
index 0000000..99eef4a
--- /dev/null
+++ b/installers/helm/osm/templates/prometheus/prometheus-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: prometheus
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.prometheus.service.type }}
+ ports:
+ - nodePort: {{ .Values.prometheus.service.nodePort }}
+ port: 9090
+ targetPort: 9090
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: prometheus
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml b/installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml
new file mode 100644
index 0000000..476ab4f
--- /dev/null
+++ b/installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml
@@ -0,0 +1,141 @@
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: prometheus
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.prometheus.replicaCount | default .Values.global.replicaCount }}
+ serviceName: prometheus
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: prometheus
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: prometheus
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ initContainers:
+ - name: prometheus-init-config
+ image: busybox
+ command: ["/bin/sh", "-c"]
+{{- if .Values.global.oldServiceAssurance }}
+ args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi']
+{{- else }}
+ args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi; cp /config/osm_metric_rules.yml /config/osm_alert_rules.yml /etc/prometheus']
+{{- end }}
+ volumeMounts:
+ - name: prom-config
+ mountPath: /etc/prometheus
+ - name: prom-config-base
+ mountPath: /config
+ containers:
+ - name: prometheus
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: prom/prometheus:v2.28.1
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ args:
+ - --config.file=/etc/prometheus/prometheus.yml
+ - --web.enable-lifecycle
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ volumeMounts:
+ - name: prom-config
+ mountPath: /etc/prometheus
+ - name: prom-db
+ mountPath: /prometheus
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ - name: prometheus-config-sidecar
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: {{ include "osm.prometheus.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ volumeMounts:
+ - name: prom-config
+ mountPath: /etc/prometheus
+ - name: prom-config-base
+ mountPath: /etc/prometheus_base
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-prometheus-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: prom-db
+ emptyDir: {}
+ - name: prom-config
+ emptyDir: {}
+ - name: prom-config-base
+ projected:
+ sources:
+ - configMap:
+ name: {{ include "osm.fullname" . }}-prometheus-prom-configmap
+ items:
+ - key: prometheus.yml
+ path: prometheus.yml
+{{- if not .Values.global.oldServiceAssurance }}
+ - configMap:
+ name: {{ include "osm.fullname" . }}-prometheus-recordingrules-configmap
+ items:
+ - key: osm_metric_rules.yml
+ path: osm_metric_rules.yml
+ - configMap:
+ name: {{ include "osm.fullname" . }}-prometheus-alertingrules-configmap
+ items:
+ - key: osm_alert_rules.yml
+ path: osm_alert_rules.yml
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/ro/ro-configmap.yaml b/installers/helm/osm/templates/ro/ro-configmap.yaml
new file mode 100644
index 0000000..39bb90b
--- /dev/null
+++ b/installers/helm/osm/templates/ro/ro-configmap.yaml
@@ -0,0 +1,31 @@
+{{- if .Values.ro.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-ro-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMRO_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMRO_MESSAGE_HOST: "kafka"
+ OSMRO_STORAGE_DRIVER: "mongo"
+ OSMRO_STORAGE_PATH: "/app/storage"
+ OSMRO_STORAGE_COLLECTION: "files"
+ OSMRO_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/ro/ro-deployment.yaml b/installers/helm/osm/templates/ro/ro-deployment.yaml
new file mode 100644
index 0000000..7c07534
--- /dev/null
+++ b/installers/helm/osm/templates/ro/ro-deployment.yaml
@@ -0,0 +1,99 @@
+{{- if .Values.ro.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: ro
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.ro.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: ro
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: ro
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: ro
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.ro.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-ro-configmap
+ {{- if not .Values.ro.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.ro.secretName | default "ro-secret" }}
+ {{- else }}
+ env:
+ - name: OSMRO_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ - name: RO_DB_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/ro/ro-service.yaml b/installers/helm/osm/templates/ro/ro-service.yaml
new file mode 100644
index 0000000..30ecb74
--- /dev/null
+++ b/installers/helm/osm/templates/ro/ro-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.ro.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: ro
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.ro.service.port }}
+ targetPort: 9090
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: ro
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/serviceaccount.yaml b/installers/helm/osm/templates/serviceaccount.yaml
new file mode 100644
index 0000000..db76fa9
--- /dev/null
+++ b/installers/helm/osm/templates/serviceaccount.yaml
@@ -0,0 +1,28 @@
+{{- if .Values.global.serviceAccount.create -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "osm.serviceAccountName" . }}
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+ {{- with .Values.global.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end }}
diff --git a/installers/helm/osm/templates/vca/vca-secret.yaml b/installers/helm/osm/templates/vca/vca-secret.yaml
new file mode 100644
index 0000000..106047c
--- /dev/null
+++ b/installers/helm/osm/templates/vca/vca-secret.yaml
@@ -0,0 +1,30 @@
+{{- if .Values.vca.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSM_VCA_HOST: {{ ( .Values.vca.host | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+ OSM_VCA_SECRET: {{ ( .Values.vca.secret | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+ OSM_VCA_PUBKEY: {{ ( .Values.vca.pubkey | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+ OSM_VCA_CACERT: {{ ( .Values.vca.cacert | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml
new file mode 100644
index 0000000..f446413
--- /dev/null
+++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml
@@ -0,0 +1,29 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-webhook-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ AIRFLOW_HOST: "airflow-webserver"
+ AIRFLOW_PORT: "8080"
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml
new file mode 100644
index 0000000..84a3dba
--- /dev/null
+++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml
@@ -0,0 +1,83 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: webhook-translator
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.webhookTranslator.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: webhook-translator
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: webhook-translator
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ containers:
+ - name: webhook-translator
+ securityContext:
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.webhookTranslator.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-webhook-configmap
+ - secretRef:
+ name: {{ include "osm.fullname" . }}-webhook-secret
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml
new file mode 100644
index 0000000..e11022c
--- /dev/null
+++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml
@@ -0,0 +1,32 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "osm.fullname" . }}-webhook-secret
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ # AIRFLOW_USER: {{ randAlphaNum 32 | b64enc | quote }}
+ AIRFLOW_USER: {{ "admin" | b64enc | quote }}
+ # AIRFLOW_PASS: {{ randAlphaNum 32 | b64enc | quote }}
+ AIRFLOW_PASS: {{ "admin" | b64enc | quote }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml
new file mode 100644
index 0000000..97a426f
--- /dev/null
+++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml
@@ -0,0 +1,36 @@
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: webhook-translator
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.webhookTranslator.service.type }}
+ ports:
+ - nodePort: {{ .Values.webhookTranslator.service.nodePort }}
+ port: 80
+ targetPort: 80
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: webhook-translator
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/zookeeper/zookeeper-service.yaml b/installers/helm/osm/templates/zookeeper/zookeeper-service.yaml
new file mode 100644
index 0000000..0b761f4
--- /dev/null
+++ b/installers/helm/osm/templates/zookeeper/zookeeper-service.yaml
@@ -0,0 +1,34 @@
+{{- if .Values.zookeeper.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: zookeeper
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.zookeeper.service.port }}
+ targetPort: 2181
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml b/installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml
new file mode 100644
index 0000000..a4ed2ec
--- /dev/null
+++ b/installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml
@@ -0,0 +1,74 @@
+{{- if .Values.zookeeper.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: zookeeper
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.zookeeper.replicaCount | default .Values.global.replicaCount }}
+ serviceName: zookeeper
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: zookeeper
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: wurstmeister/zookeeper:latest
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 2181
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
diff --git a/installers/helm/osm/values.yaml b/installers/helm/osm/values.yaml
new file mode 100644
index 0000000..65c4406
--- /dev/null
+++ b/installers/helm/osm/values.yaml
@@ -0,0 +1,211 @@
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+# Default values for osm.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global:
+ replicaCount: 1
+
+ image:
+ repositoryBase: docker.io/opensourcemano
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: "13"
+
+ imagePullSecrets: []
+ nameOverride: ""
+ fullnameOverride: ""
+
+ serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+ podAnnotations: {}
+
+ podSecurityContext:
+ # runAsUser: 1000
+ # runAsGroup: 1000
+ fsGroup: 1000
+
+ securityContext:
+ runAsUser: 1000
+
+ nodeSelector: {}
+
+ tolerations: []
+
+ affinity: {}
+
+ behindHttpProxy: false
+ httpProxy: {}
+ # HTTP_PROXY: <HTTP_PROXY>
+ # HTTPS_PROXY: <HTTPS_PROXY>
+ # NO_PROXY: <NO_PROXY>
+
+ oldServiceAssurance: false
+
+certauth:
+ enabled: true
+
+grafana:
+ enabled: true
+
+kafka:
+ enabled: true
+ service:
+ port: 9092
+ # replicaCount: 1
+
+keystone:
+ enabled: true
+ service:
+ port: 5000
+ image: {}
+ # repository: opensourcemano/keystone
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "keystone-secret"
+
+lcm:
+ enabled: true
+ image: {}
+ # repository: opensourcemano/lcm
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "lcm-secret"
+ config:
+ OSMLCM_VCA_CLOUD: "lxd-cloud"
+ OSMLCM_VCA_K8S_CLOUD: "k8scloud"
+ # OSMLCM_VCA_APIPROXY: "<VCA API proxy>"
+ # OSMLCM_VCA_ENABLEOSUPGRADE: true
+ # OSMLCM_VCA_APTMIRROR: "http://archive.ubuntu.com/ubuntu/"
+
+mon:
+ enabled: true
+ service:
+ port: 8662
+ image: {}
+ # repository: opensourcemano/mon
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "mon-secret"
+ config: {}
+ # OS_NOTIFIER_URI: "http://DEFAULT_IP:8662"
+
+mysql:
+ enabled: true
+ # dbHostPath: "/var/lib/osm/osm"
+ service:
+ port: 3306
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "ro-db-secret"
+
+nbi:
+ enabled: true
+ service:
+ type: NodePort
+ port: 9999
+ nodePort: 9999
+ image: {}
+ # repository: opensourcemano/nbi
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "nbi-secret"
+
+ngui:
+ enabled: true
+ service:
+ type: NodePort
+ port: 80
+ nodePort: 80
+ image: {}
+ # repository: opensourcemano/ng-ui
+ # tag: "13"
+ # replicaCount: 1
+
+# pla module is disabled by default unless global.oldServiceAssurance and pla.enabled are set to true
+pla:
+ enabled: false
+ image: {}
+ # repository: opensourcemano/pla
+ # tag: "13"
+ # replicaCount: 1
+
+# pol module is disabled by default unless global.oldServiceAssurance and pol.enabled are set to true
+pol:
+ enabled: true
+ image: {}
+ # repository: opensourcemano/pol
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "pol-secret"
+
+prometheus:
+ enabled: true
+ service:
+ type: NodePort
+ nodePort: 9091
+ # replicaCount: 1
+ sidecarImage: {}
+ # repository: opensourcemano/ro
+ # tag: "13"
+
+ro:
+ enabled: true
+ service:
+ port: 9090
+ image: {}
+ # repository: opensourcemano/ro
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "ro-secret"
+
+vca:
+ enabled: true
+ # host: ""
+ # secret: ""
+ # cacert: ""
+ # pubkey: ""
+
+webhookTranslator:
+ enabled: true
+ service:
+ type: NodePort
+ nodePort: 9998
+ image: {}
+ # repository: opensourcemano/webhook
+ # tag: "13"
+ # replicaCount: 1
+
+zookeeper:
+ enabled: true
+ service:
+ port: 2181
+ # replicaCount: 1
diff --git a/installers/helm/values/airflow-values.yaml b/installers/helm/values/airflow-values.yaml
index 79473aa..e914418 100644
--- a/installers/helm/values/airflow-values.yaml
+++ b/installers/helm/values/airflow-values.yaml
@@ -25,9 +25,14 @@
extraEnv: |
- name: AIRFLOW__API__AUTH_BACKENDS
value: 'airflow.api.auth.backend.basic_auth'
-extraEnvFrom: |
- - secretRef:
- name: ngsa-secret
+ - name: OSMMON_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: osm-secret
+ key: OSM_DATABASE_COMMONKEY
+# extraEnvFrom: |
+# - secretRef:
+# name: ngsa-secret
config:
core:
dags_folder: "/home/airflow/.local/lib/python3.10/site-packages/osm_ngsa"