Update fb_magma_knf to fix issues in orc8r helm chart

Signed-off-by: garciadeblas <gerardo.garciadeblas@telefonica.com>

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/config-manager.service.yaml

+# Copyright (c) 2018-present, Facebook, Inc.
+# All rights reserved.
+#
+# This source code is licensed under the BSD-style license found in the
+# LICENSE file in the root directory of this source tree. An additional grant
+# of patent rights can be found in the PATENTS file in the same directory.
+{{- if .Values.configmanager.create }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: orc8r-configmanager
+  #name: orc8r-configmanager
+  labels:
+    app.kubernetes.io/component: configmanager
+{{ include "metrics.labels" . | indent 4 }}
+    {{- with .Values.configmanager.service.labels }}
+{{ toYaml . | indent 4}}
+    {{- end}}
+  {{- with .Values.configmanager.service.annotations }}
+  annotations:
+{{ toYaml . | indent 4}}
+  {{- end }}
+spec:
+  selector:
+    app.kubernetes.io/component: configmanager
+{{ include "selector-labels" . | indent 4 }}
+  type: {{ .Values.configmanager.service.type }}
+  ports:
+{{- range $port := .Values.configmanager.service.ports }}
+     - name: {{ $port.name }}
+       port: {{ $port.port }}
+       targetPort: {{ $port.targetPort }}
+{{- end }}
+{{- if eq .Values.configmanager.service.type "LoadBalancer" }}
+  {{- if .Values.configmanager.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.configmanager.service.loadBalancerIP }}
+  {{- end -}}
+  {{- if .Values.configmanager.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range .Values.configmanager.service.loadBalancerSourceRanges }}
+  - {{ . }}
+  {{- end }}
+  {{- end -}}
+{{- end -}}
+{{- end }}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/grafana.deployment.yaml

+{{/*
+Copyright (c) 2018-present, Facebook, Inc.
+All rights reserved.
+
+This source code is licensed under the BSD-style license found in the
+LICENSE file in the root directory of this source tree. An additional grant
+of patent rights can be found in the PATENTS file in the same directory.
+*/}}
+{{- if .Values.grafana.create }}
+{{- $serviceName := "orc8r-grafana" -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ $serviceName }}
+  labels:
+    app.kubernetes.io/component: grafana
+{{ include "metrics.labels" . | indent 4 }}
+spec:
+  replicas: {{ .Values.grafana.replicas }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: grafana
+{{ include "selector-labels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/component: grafana
+{{ include "selector-labels" . | indent 8 }}
+    spec:
+      {{- with .Values.grafana.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.grafana.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.grafana.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+{{ toYaml . | trimSuffix "\n" | indent 8 }}
+      {{- end }}
+
+      volumes:
+        - name: "grafana-data"
+{{ toYaml .Values.grafana.volumes.grafanaData.volumeSpec | indent 10 }}
+
+      initContainers:
+        - name: volume-mount
+          image: busybox
+          command: ["sh", "-c", "chmod -R 777 /grafanaData"]
+          volumeMounts:
+            - name: grafana-data
+              mountPath: /grafanaData
+
+      containers:
+        - name: "grafana"
+          image: {{ required "grafana.image.respository must be provided" .Values.grafana.image.repository }}:{{ .Values.grafana.image.tag }}
+          imagePullPolicy: {{ .Values.grafana.image.pullPolicy }}
+          ports:
+            - containerPort: 3000
+          env:
+            - name: PROMETHEUS_HOST
+              value: {{ .Values.grafana.environment.prometheusHost | quote }}
+            - name: PROMETHEUS_PORT
+              value: {{ .Values.grafana.environment.prometheusPort | quote }}
+
+          volumeMounts:
+            - name: "grafana-data"
+              mountPath: /var/lib/grafana
+
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 3000
+            initialDelaySeconds: 10
+            periodSeconds: 30
+          resources:
+{{ toYaml .Values.grafana.resources | indent 12 }}
+{{- end}}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/grafana.service.yaml

+# Copyright (c) 2018-present, Facebook, Inc.
+# All rights reserved.
+#
+# This source code is licensed under the BSD-style license found in the
+# LICENSE file in the root directory of this source tree. An additional grant
+# of patent rights can be found in the PATENTS file in the same directory.
+{{- if .Values.grafana.create }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: orc8r-grafana
+  #name: orc8r-grafana
+  labels:
+    app.kubernetes.io/component: grafana
+{{ include "metrics.labels" . | indent 4 }}
+    {{- with .Values.grafana.service.labels }}
+{{ toYaml . | indent 4}}
+    {{- end}}
+  {{- with .Values.grafana.service.annotations }}
+  annotations:
+{{ toYaml . | indent 4}}
+  {{- end }}
+spec:
+  selector:
+    app.kubernetes.io/component: grafana
+{{ include "selector-labels" . | indent 4 }}
+  type: {{ .Values.grafana.service.type }}
+  ports:
+{{- range $port := .Values.grafana.service.ports }}
+     - name: {{ $port.name }}
+       port: {{ $port.port }}
+       targetPort: {{ $port.targetPort }}
+{{- end }}
+{{- if eq .Values.grafana.service.type "LoadBalancer" }}
+  {{- if .Values.grafana.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.grafana.service.loadBalancerIP }}
+  {{- end -}}
+  {{- if .Values.grafana.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range .Values.grafana.service.loadBalancerSourceRanges }}
+  - {{ . }}
+  {{- end }}
+  {{- end -}}
+{{- end -}}
+{{- end }}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/prometheus-cache.deployment.yaml

+{{/*
+Copyright (c) 2018-present, Facebook, Inc.
+All rights reserved.
+
+This source code is licensed under the BSD-style license found in the
+LICENSE file in the root directory of this source tree. An additional grant
+of patent rights can be found in the PATENTS file in the same directory.
+*/}}
+{{- if .Values.prometheusCache.create }}
+{{- $serviceName := "orc8r-prometheus-cache" -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ $serviceName }}
+  labels:
+    app.kubernetes.io/component: prometheus-cache
+{{ include "metrics.labels" . | indent 4 }}
+spec:
+  replicas: {{ .Values.prometheusCache.replicas }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: prometheus-cache
+{{ include "selector-labels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/component: prometheus-cache
+{{ include "selector-labels" . | indent 8 }}
+    spec:
+      {{- with .Values.prometheusCache.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.prometheusCache.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.prometheusCache.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+{{ toYaml . | trimSuffix "\n" | indent 8 }}
+      {{- end }}
+
+      containers:
+        - name: "prometheus-cache"
+          image: {{ required "prometheusCache.image.repository must be provided" .Values.prometheusCache.image.repository }}:{{ .Values.prometheusCache.image.tag }}
+          imagePullPolicy: {{ .Values.prometheusCache.image.pullPolicy }}
+          ports:
+            - containerPort: 9091
+          args: ["-limit={{ .Values.prometheusCache.limit }}"]
+          livenessProbe:
+            httpGet:
+              path: /
+              port: 9091
+            initialDelaySeconds: 10
+            periodSeconds: 30
+          resources:
+{{ toYaml .Values.prometheusCache.resources | indent 12 }}
+{{- end }}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/prometheus-cache.service.yaml

+# Copyright (c) 2018-present, Facebook, Inc.
+# All rights reserved.
+#
+# This source code is licensed under the BSD-style license found in the
+# LICENSE file in the root directory of this source tree. An additional grant
+# of patent rights can be found in the PATENTS file in the same directory.
+{{- if .Values.prometheusCache.create }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: orc8r-prometheus-cache
+  labels:
+    app.kubernetes.io/component: prometheus-cache
+{{ include "metrics.labels" . | indent 4 }}
+    {{- with .Values.prometheusCache.service.labels }}
+{{ toYaml . | indent 4}}
+    {{- end}}
+  {{- with .Values.prometheusCache.service.annotations }}
+  annotations:
+{{ toYaml . | indent 4}}
+  {{- end }}
+spec:
+  selector:
+    app.kubernetes.io/component: prometheus-cache
+{{ include "selector-labels" . | indent 4 }}
+  type: {{ .Values.prometheusCache.service.type }}
+  ports:
+{{- range $port := .Values.prometheusCache.service.ports }}
+     - name: {{ $port.name }}
+       port: {{ $port.port }}
+       targetPort: {{ $port.targetPort }}
+{{- end }}
+{{- if eq .Values.prometheusCache.service.type "LoadBalancer" }}
+  {{- if .Values.prometheusCache.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheusCache.service.loadBalancerIP }}
+  {{- end -}}
+  {{- if .Values.prometheusCache.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range .Values.prometheusCache.service.loadBalancerSourceRanges }}
+  - {{ . }}
+  {{- end }}
+  {{- end -}}
+{{- end -}}
+{{- end -}}
\ No newline at end of file

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/prometheus.deployment.yaml

+{{/*
+Copyright (c) 2018-present, Facebook, Inc.
+All rights reserved.
+
+This source code is licensed under the BSD-style license found in the
+LICENSE file in the root directory of this source tree. An additional grant
+of patent rights can be found in the PATENTS file in the same directory.
+*/}}
+{{- if .Values.prometheus.create }}
+{{- $serviceName := "orc8r-prometheus" -}}
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: {{ $serviceName }}
+  labels:
+    app.kubernetes.io/component: prometheus
+{{ include "metrics.labels" . | indent 4 }}
+spec:
+  replicas: {{ .Values.prometheus.replicas }}
+  selector:
+    matchLabels:
+      app.kubernetes.io/component: prometheus
+{{ include "selector-labels" . | indent 6 }}
+  template:
+    metadata:
+      labels:
+        app.kubernetes.io/component: prometheus
+{{ include "selector-labels" . | indent 8 }}
+    spec:
+      {{- with .Values.prometheus.nodeSelector }}
+      nodeSelector:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.tolerations }}
+      tolerations:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.prometheus.affinity }}
+      affinity:
+{{ toYaml . | indent 8 }}
+      {{- end }}
+      {{- with .Values.imagePullSecrets }}
+      imagePullSecrets:
+{{ toYaml . | trimSuffix "\n" | indent 8 }}
+      {{- end }}
+
+      volumes:
+        - name: "prometheus-config"
+{{ toYaml .Values.metrics.volumes.prometheusConfig.volumeSpec | indent 10 }}
+        - name: "prometheus-data"
+{{ toYaml .Values.metrics.volumes.prometheusData.volumeSpec | indent 10 }}
+        - name: "prometheus-config-file"
+          configMap:
+            name: prometheus-config-file
+        {{ if .Values.prometheus.includeOrc8rAlerts }}
+        - name: "orc8r-alert-rules"
+          configMap:
+            name: orc8r-alert-rules
+        {{- end}}
+
+  {{ if .Values.prometheus.useMinikube }}
+      initContainers:
+        - name: volume-mount
+          image: busybox
+          command: ["sh", "-c", "chmod -R 777 /prometheusData /etc/configs"]
+          volumeMounts:
+          - name: prometheus-data
+            mountPath: /prometheusData
+          - name: prometheus-config
+            mountPath: /etc/configs
+  {{ end }}
+
+      containers:
+        - name: "prometheus"
+          image: {{ required "prometheus.image.repository must be provided" .Values.prometheus.image.repository }}:{{ .Values.prometheus.image.tag }}
+          imagePullPolicy: {{ .Values.prometheus.image.pullPolicy }}
+          volumeMounts:
+            - name: "prometheus-config"
+              mountPath: /etc/prometheus
+              readOnly: true
+            - name: "prometheus-data"
+              mountPath: /data
+            - name: "prometheus-config-file"
+              mountPath: /prometheus
+            {{ if .Values.prometheus.includeOrc8rAlerts }}
+            - name: "orc8r-alert-rules"
+              mountPath: /etc/orc8r_alerts
+            {{- end}}
+          ports:
+            - containerPort: 9090
+          args: ['--config.file=/prometheus/prometheus.yml',
+                 '--storage.tsdb.retention.time={{ .Values.prometheus.retention.time }}',
+                 '--storage.tsdb.path=/data',
+                 '--web.enable-lifecycle']
+          livenessProbe:
+            httpGet:
+              path: /graph
+              port: 9090
+            initialDelaySeconds: 10
+            periodSeconds: 30
+          resources:
+{{ toYaml .Values.prometheus.resources | indent 12 }}
+
+# ---
+# apiVersion: v1
+# kind: PersistentVolumeClaim
+# metadata:
+#   name: prometheus-pvc
+# spec:
+#   accessModes:
+#   - ReadWriteOnce
+#   resources:
+#     requests:
+#       storage: 1Gi
+
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: prometheus-config-file
+data:
+  prometheus.yml: |
+    global:
+      scrape_interval:     15s # By default, scrape targets every 15 seconds.
+      evaluation_interval: 15s # By default, scrape targets every 15 seconds.
+      external_labels:
+        monitor: 'master'
+
+    scrape_configs:
+      - job_name: 'prometheus'
+        static_configs:
+          - targets: ['localhost:9090']
+
+      - job_name: "magma_pushgateway"
+        honor_labels: true
+        metric_relabel_configs:
+          - regex: 'job'
+            action: labeldrop
+          - regex: 'instance'
+            action: labeldrop
+        static_configs:
+          - targets: ['{{ .Values.prometheus.prometheusCacheHostname }}:9091']
+
+    rule_files:
+      - '/etc/prometheus/alert_rules/*_rules.yml'
+    {{ if .Values.prometheus.includeOrc8rAlerts }}
+      - '/etc/orc8r_alerts/*_rules.yml'
+    {{- end }}
+
+    alerting:
+      alertmanagers:
+        - scheme: http
+          static_configs:
+            - targets: ['{{ .Values.prometheus.alertmanagerHostname }}:9093']
+
+{{ if .Values.prometheus.includeOrc8rAlerts }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: orc8r-alert-rules
+data:
+  cloud_alert_rules.yml: |
+    groups:
+    - name: cloud
+      rules:
+
+    # Disk Usage
+      - alert: disk usage on cloud instance exceeds threshold
+        expr: disk_used / disk_total > 0.88
+        for: 5m
+        labels:
+          severity: critical
+          magma_alert_type: cloud
+          networkID: orc8r
+        annotations:
+          description: "Disk usage on cloud instance exceeds threshold. See ods chart for detail."
+          recovery: "No recovery steps configured currently"
+
+    # Rest 5xx Alerts
+      - alert: REST API 5xx responses
+        expr: rate(response_status{code=~"5.*"}[1m]) > 0
+        for: 5m
+        labels:
+          severity: major
+          magma_alert_type: cloud
+          networkID: orc8r
+        annotations:
+          description: "Obsidian recorded a 5XX response."
+          recovery: "No recovery steps configured currently"
+
+    # Failed Cloud Service
+      - alert: Failed Cloud Service
+        expr: get_metrics_status{serviceName!="METRICSD"} < 1
+        for: 7m
+        labels:
+          severity: critical
+          magma_alert_type: cloud
+          networkID: orc8r
+        annotations:
+          description: "Cloud service {{`{{ $labels.ServiceName }}`}} down."
+          recovery: "No recovery steps configured currently"
+
+    # Alert for metrics down to inhibit other service alerts
+      - alert: Failed Metrics Service
+        expr: get_metrics_status{serviceName="METRICSD"} < 1
+        for: 5m
+        labels:
+          severity: critical
+          magma_alert_type: cloud
+          networkID: orc8r
+        annotations:
+          description: "Cloud service {{`{{ $labels.ServiceName }}`}} down."
+          recovery: "No recovery steps configured currently"
+
+
+  gateway_alert_rules.yml: |
+    groups:
+      - name: gateways
+        rules:
+
+        - alert: Gateway Memory Usage
+          expr: avg_over_time(virtual_memory_percent[5m]) > 90
+          for: 5m
+          labels:
+            severity: major
+            magma_alert_type: gateway
+            networkID: orc8r
+            originatingNetwork: "{{`{{ $labels.networkID }}`}}"
+          annotations:
+            description: "Gateway {{`{{ $labels.gatewayID }}`}} memory usage is too high at 90% for over 5 minutes on network {{`{{ $labels.networkID }}`}}."
+            recovery: "No recovery steps configured currently."
+
+        - alert: Multiple gateways are failing to check in
+          expr: sum(gateway_checkin_status) / count(gateway_checkin_status) <= 0.5
+          for: 7m
+          labels:
+            severity: major
+            magma_alert_type: gateway
+            networkID: orc8r
+            originatingNetwork: "{{`{{ $labels.networkID }}`}}"
+          annotations:
+            description: "At least 50% of gateways have not checked in the last 7 minutes!"
+            recovery: >
+              This many checkins failing likely means that there is a major crash
+              in gateway code or there is a certificate/nginx issue. First see if
+              you can ssh into any of the boxes and check syslog to see if it's
+              able to contact the cloud.
+
+        - alert: Metrics missing
+          expr: sum(process_cpu_seconds_total{job!="prometheus"}) by (networkID, gatewayID) unless sum(gateway_checkin_status) by (networkID, gatewayID)
+          for: 5m
+          labels:
+            severity: minor
+            magma_alert_type: gateway
+            networkID: orc8r
+            originatingNetwork: "{{`{{ $labels.networkID }}`}}"
+          annotations:
+            description: "Gateway {{`{{ $labels.gatewayID }}`}} hasn't sent metrics for at least 5 minutes on network {{`{{ $labels.networkID }}`}}."
+            recovery: "No recovery steps configured currently."
+
+        - alert: Gateway service down
+          expr: process_uptime_seconds > 120 and service_metrics_collected < 1
+          for: 7m
+          labels:
+            severity: major
+            magma_alert_type: gateway
+            networkID: orc8r
+            originatingNetwork: "{{`{{ $labels.networkID }}`}}"
+          annotations:
+            description: "{{`{{ $labels.service }}`}} has been down on gateway {{`{{ $labels.gatewayID }}`}} for at least 7 minutes."
+            recovery: "SSH into gateway and inspect service. Manually restart if necessary."
+
+        - alert: Unattended Upgrades active
+          expr: unattended_upgrade_status > 0
+          for: 5m
+          labels:
+            severity: critical
+            magma_alert_type: gateway
+            networkID: orc8r
+            originatingNetwork: "{{`{{ $labels.networkID }}`}}"
+          annotations:
+            description: "Unattended upgrades can update kernel in gateway {{`{{ $labels.gatewayID }}`}} on network {{`{{ $labels.networkID }}`}}"
+            recovery: >
+              If Unattended Upgrades package is active this means the gateway might
+              automatically upgrade the kernel to an unsupported version. The best
+              remedy is to SSH into the gateway and remove unattended upgrades
+              package using the command
+              `sudo apt-get purge --auto-remove unattended-upgrades`. We should
+              also check how this package was downloaded in
+              /var/log/apt/history.log.
+
+        - alert: Unexpected service restart
+          expr: rate(unexpected_service_restarts[1m]) > 0.1
+          for: 15m
+          labels:
+            severity: major
+            magma_alert_type: gateway
+            networkID: orc8r
+          annotations:
+            description: "Unexpected service restart in gateway {{`{{ $labels.gatewayID }}`}} on network {{`{{ $labels.networkID }}`}}"
+            recovery: "Check /var/log/syslog in the gateway for the root cause."
+
+  metrics_alert_rules.yml: |
+    groups:
+      - name: metrics
+        rules:
+        - alert: Target down
+          expr: up == 0
+          labels:
+            severity: major
+            network_id: internal
+            magma_alert_type: metrics
+            networkID: orc8r
+          annotations:
+            summary: "Instance {{`{{ $labels.instance }}`}} - target is down"
+
+        - alert: Prometheus Cache utilization high
+          expr: cache_size / cache_limit > 0.7
+          labels:
+            severity: major
+            network_id: internal
+            magma_alert_type: metrics
+            networkID: orc8r
+          annotations:
+            description: "Prometheus cache is running out of space"
+
+  {{ if .Values.prometheus.customAlerts }}
+  custom_alert_rules.yml: |
+    groups:
+      - name: custom
+        rules:
+{{ toYaml .Values.prometheus.customAlerts | indent 8 }}
+  {{- end}}
+
+{{- end}}
+{{- end}}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/templates/prometheus.service.yaml

+# Copyright (c) 2018-present, Facebook, Inc.
+# All rights reserved.
+#
+# This source code is licensed under the BSD-style license found in the
+# LICENSE file in the root directory of this source tree. An additional grant
+# of patent rights can be found in the PATENTS file in the same directory.
+{{- if .Values.prometheus.create }}
+apiVersion: v1
+kind: Service
+metadata:
+  name: orc8r-prometheus
+  labels:
+    app.kubernetes.io/component: prometheus
+{{ include "metrics.labels" . | indent 4 }}
+    {{- with .Values.prometheus.service.labels }}
+{{ toYaml . | indent 4}}
+    {{- end}}
+  {{- with .Values.prometheus.service.annotations }}
+  annotations:
+{{ toYaml . | indent 4}}
+  {{- end }}
+spec:
+  selector:
+    app.kubernetes.io/component: prometheus
+{{ include "selector-labels" . | indent 4 }}
+  type: {{ .Values.prometheus.service.type }}
+  ports:
+{{- range $port := .Values.prometheus.service.ports }}
+     - name: {{ $port.name }}
+       port: {{ $port.port }}
+       targetPort: {{ $port.targetPort }}
+{{- end }}
+{{- if eq .Values.prometheus.service.type "LoadBalancer" }}
+  {{- if .Values.prometheus.service.loadBalancerIP }}
+  loadBalancerIP: {{ .Values.prometheus.service.loadBalancerIP }}
+  {{- end -}}
+  {{- if .Values.prometheus.service.loadBalancerSourceRanges }}
+  loadBalancerSourceRanges:
+  {{- range .Values.prometheus.service.loadBalancerSourceRanges }}
+  - {{ . }}
+  {{- end }}
+  {{- end -}}
+{{- end -}}
+{{- end }}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/metrics/values.yaml

+# Default values for metrics.
+imagePullSecrets: []
+
+metrics:
+  # Default volume configurations for metrics data - shared across prometheus,
+  # alertmanager, and configmanager pods
+  volumes:
+    prometheusData:
+      volumeSpec:
+        emptyDir: {}
+#        persistentVolumeClaim:
+#          claimName: prometheus-pvc
+#        hostPath:
+#          path: /prometheusData
+#          type: DirectoryOrCreate
+    prometheusConfig:
+      volumeSpec:
+        emptyDir: {}
+#        hostPath:
+#          path: /configs/prometheus
+#          type: DirectoryOrCreate
+
+prometheus:
+  # Enable/Disable chart
+  create: true
+
+  # Preconfigure alerts for orchestrator in prometheus
+  includeOrc8rAlerts: false
+
+  prometheusCacheHostname: "orc8r-prometheus-cache"
+  alertmanagerHostname: "orc8r-alertmanager"
+
+  replicas: 1
+
+  # Set to 1 if using a minikube setup
+  useMinikube:
+
+  # Retention configurations for prometheus
+  retention:
+    time: 30d
+
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    ports:
+      - name: prometheus
+        port: 9090
+        targetPort: 9090
+
+  image:
+    repository: docker.io/prom/prometheus
+    tag: v2.12.0
+    pullPolicy: IfNotPresent
+
+  resources: {}
+  nodeSelector: {}
+  tolerations: []
+  affinity: {}
+
+  customAlerts: []
+
+alertmanager:
+  # Enable/Disable chart
+  create: false
+
+  replicas: 1
+
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    ports:
+      - name: alertmanager
+        port: 9093
+        targetPort: 9093
+
+  image:
+    repository: docker.io/prom/alertmanager
+    tag: v0.18.0
+    pullPolicy: IfNotPresent
+
+  resources: {}
+  nodeSelector: {}
+  tolerations: []
+  # Pod affinity must be used to ensure that this pod runs on same node as prometheus
+  affinity:
+    podAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        - labelSelector:
+            matchExpressions:
+              - key: app.kubernetes.io/component
+                operator: In
+                values:
+                  - prometheus
+          topologyKey: "kubernetes.io/hostname"
+
+configmanager:
+  # Enable/Disable chart
+  create: true
+
+  replicas: 1
+
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    ports:
+      - name: prom-configmanager
+        port: 9100
+        targetPort: 9100
+      - name: alertmanager-config
+        port: 9101
+        targetPort: 9101
+
+  environment:
+    promAlertconfigPort: "9100"
+    rulesDir: "/etc/configs/alert_rules"
+    prometheusURL: "orc8r-prometheus:9090"
+    alertmanagerConfigPort: "9101"
+    alertmanagerConfPath: "/etc/configs/alertmanager.yml"
+    alertmanagerURL: "orc8r-alertmanager:9093"
+
+  image:
+    repository: fjvicens/orc8r_config-manager
+    tag: latest
+    pullPolicy: IfNotPresent
+
+  resources: {}
+  nodeSelector: {}
+  tolerations: []
+  # Pod affinity must be used to ensure that this pod runs on same node as prometheus
+  affinity:
+    podAffinity:
+      requiredDuringSchedulingIgnoredDuringExecution:
+        - labelSelector:
+            matchExpressions:
+              - key: app.kubernetes.io/component
+                operator: In
+                values:
+                  - prometheus
+          topologyKey: "kubernetes.io/hostname"
+
+prometheusCache:
+  # Enable/Disable chart
+  create: true
+  # Service configuration.
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    ports:
+      - name: orc8r-prometheus-cache
+        port: 9091
+        targetPort: 9091
+
+  image:
+    repository: fjvicens/orc8r_prometheus-cache
+    tag: latest
+    pullPolicy: IfNotPresent
+
+  # Maximum number of datapoints in the cache at one time. Unlimited if <= 0.
+  limit: 0
+
+  # Number of metrics replicas desired
+  replicas: 1
+
+  # Resource limits & requests
+  resources: {}
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+  # Define which Nodes the Pods are scheduled on.
+  # ref: https://kubernetes.io/docs/user-guide/node-selection/
+  nodeSelector: {}
+
+  # Tolerations for use with node taints
+  # ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+  tolerations: []
+
+  # Assign prometheusCache to run on specific nodes
+  # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  affinity: {}
+
+grafana:
+  # Enable/Disable chart
+  create: true
+  # Service configuration.
+  service:
+    annotations: {}
+    labels: {}
+    type: ClusterIP
+    ports:
+      - name: grafana
+        port: 3000
+        targetPort: 3000
+
+  environment:
+    prometheusHost: "orc8r-prometheus"
+    prometheusPort: "9090"
+
+  volumes:
+    # Default volume configurations for grafana data.
+    grafanaData:
+      volumeSpec:
+        emptyDir: {}
+
+  image:
+    repository: fjvicens/orc8r_grafana
+    tag: latest
+    pullPolicy: IfNotPresent
+
+  # Number of metrics replicas desired
+  replicas: 1
+
+  # Resource limits & requests
+  resources: {}
+  # limits:
+  #   cpu: 100m
+  #   memory: 128Mi
+  # requests:
+  #   cpu: 100m
+  #   memory: 128Mi
+
+  # Define which Nodes the Pods are scheduled on.
+  # ref: https://kubernetes.io/docs/user-guide/node-selection/
+  nodeSelector: {}
+
+  # Tolerations for use with node taints
+  # ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
+  tolerations: []
+
+  # Assign grafana to run on specific nodes
+  # ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/
+  affinity: {}

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/nms/Chart.yaml

+apiVersion: v1
+description: Magma NMS
+home: https://github.com/facebookincubator/magma
+keywords:
+- magma
+- nms
+- orc8r
+name: nms
+sources:
+- https://github.com/facebookincubator/magma
+version: 0.1.0

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/nms/README.md

+## NMS
+
+Install NMS which includes nginx and magmalte subcomponents.
+
+## Install charts
+
+```
+$ helm upgrade --install nms ./nms --namespace=magma
+```
+
+## Overview
+
+This chart installs the magma NMS. The NMS is the UI for managing, configuring, and monitoring networks.
+
+## Prerequisites
+
+1. we will first need the orc8r to be setup
+
+2. API and Nginx certs present under secrets named `orc8r-secrets-certs`
+
+3. MySql Database created for NMS
+
+4. magmalte image ( build using Docker file https://github.com/facebookincubator/magma/blob/master/nms/fbcnms-projects/magmalte/Dockerfile )
+
+
+
+## Configuration
+
+The following table list the configurable parameters of the NMS chart and their default values.
+
+| Parameter        | Description     | Default   |
+| ---              | ---             | ---       |
+| magmalte:        |
+| `manifests.secrets` | Enable Magmalte secrets to store mysql info. | `true` |
+| `manifests.deployment` | Enable Magmalte deployment | `true` |
+| `manifests.service` | Enable Magmalte services. | `true` |
+| `env.api_host` | orc8r proxy endpoint. | `[]` |
+| `env.host` | Host to bind | `[]` |
+| `env.port` | Magmalte service port bind. | `{}` |
+| `env.mapbox_access_token` | Mapbox Access token. | `` |
+| `env.mysql_host` | MySQL host IP/Name. | `` |
+| `env.mysql_db` | NMS Database name. | `` |
+| `env.mysql_user` | NMS Database user. | `` |
+| `env.mysql_pass` | NMS Database password. | `` |
+| `labels.node_selector_key` | Target Node selector label Key. | `` |
+| `labels.node_selector_value` | Target Node selector label value. | `` |
+| `image.repository` | Repository for NMS Magmalte image. | `nil` |
+| `image.tag` | Tag for NMS Magmalte image. | `latest` |
+| `image.pullPolicy` | Pull policy for NMS Magmalte image. | `IfNotPresent` |
+| `service.type` | Service type for magmalte | `ClusterIP` |
+| `service.http.port` | Service port number for magmalte | `8081` |
+| `service.http.targetport` | Service targetport number for magmalte | `8081` |
+| `service.http.nodePort` | Service nodePort number | `""` |
+| Nginx:       |
+| `manifests.configmap` | Enable Nginx configmap to store config files. | `true` |
+| `manifests.deployment` | Enable Nginx deployment | `true` |
+| `manifests.service` | Enable Nginx services. | `true` |
+| `labels.node_selector_key` | Target Node selector label Key. | `` |
+| `labels.node_selector_value` | Target Node selector label value. | `` |
+| `image.repository` | Repository for NMS Nginx image. | `nil` |
+| `image.tag` | Tag for NMS Nginx image. | `latest` |
+| `image.pullPolicy` | Pull policy for NMS Nginx image. | `IfNotPresent` |
+| `service.type` | Service type for Nginx | `ClusterIP` |
+| `service.http.port` | Service port number for Nginx | `443` |
+| `service.http.targetport` | Service targetport number for Nginx | `443` |
+| `service.http.nodePort` | Service nodePort number | `""` |
+| Global: |
+| `pod.replicas.nginx.server` | Number of instances to deploy for Nginx server. | `1` |
+| `pod.replicas.magmalte.server` | Number of instances to deploy for Magmalte server. | `1` |
+| `pod.resources.enabled` | Enable resources requests and limits for Pods. | `False` |
+| `pod.resources.nginx.requests` | Define resources requests and limits for Nginx Pods. | `{}` |
+| `pod.resources.magmalte.requests` | Define resources requests and limits for Magmalte Pods. | `{}` |
+| `proxy.nodeSelector` | Define which Nodes the Pods are scheduled on. | `{}` |
+| `proxy.tolerations` | If specified, the pod's tolerations. | `[]` |
+| `proxy.affinity` | Assign the orchestrator proxy to run on specific nodes. | `{}` |
+
+```
+- Install NMS chart:
+```bash
+$ cat values.yaml
+magmalte:
+  env:
+    mapbox_access_token: ""
+    mysql_host: mariadb.magma.svc.cluster.local
+    mysql_db: magma
+    mysql_user: magma
+    mysql_pass: password
+
+  image:
+    repository: docker.io/magmalte
+
+$ helm upgrade --install nms ./nms --namespace=magma
+
+```
+- Create Admin user:
+```bash
+kubectl exec -it -n magma $(kubectl get pod -n magma  \
+-l app.kubernetes.io/component=magmalte -o jsonpath="{.items[0].metadata.name}") \
+-- yarn run setAdminPassword admin@magma.test password1234
+```
+
+- NMS Dashboard should be reachable via https://<nginx_svc>
+
+Get nginx_svc with following command 
+
+```bash
+kubectl get svc -n magma -l app.kubernetes.io/component=nginx,app.kubernetes.io/instance=nms \ 
+-o jsonpath="{.items[0].spec.clusterIP}"
+```

magma/fb_magma_knf/helm-chart-v3s/orc8r/charts/nms/templates/etc/_nginx_proxy_ssl.conf.tpl

+server {
+  listen 443;
+  ssl on;
+  ssl_certificate /etc/nginx/conf.d/nms_nginx.pem;
+  ssl_certificate_key /etc/nginx/conf.d/nms_nginx.key.pem;
+  location / {
+     proxy_pass http://magmalte:8081;
+  }
+}