Feature 10957: Set up dedicated namespace for helm based EE and add client side TLS...

[osm/LCM.git] / osm_lcm / ns.py
diff --git a/osm_lcm/ns.py b/osm_lcm/ns.py

index 58d6475..83705d4 100644 (file)
--- a/osm_lcm/ns.py
+++ b/osm_lcm/ns.py
@@ -133,6 +133,7 @@ class NsLcm(LcmBase):
      SUBOPERATION_STATUS_NOT_FOUND = -1
      SUBOPERATION_STATUS_NEW = -2
      SUBOPERATION_STATUS_SKIP = -3
+    EE_TLS_NAME = "ee-tls"
      task_name_deploy_vca = "Deploying VCA"
  
      def __init__(self, msg, lcm_tasks, config: LcmCfg):
@@ -963,6 +964,10 @@ class NsLcm(LcmBase):
              image["vim_info"] = {}
          for flavor in target["flavor"]:
              flavor["vim_info"] = {}
+        if db_nsr.get("shared-volumes"):
+            target["shared-volumes"] = deepcopy(db_nsr["shared-volumes"])
+            for shared_volumes in target["shared-volumes"]:
+                shared_volumes["vim_info"] = {}
          if db_nsr.get("affinity-or-anti-affinity-group"):
              target["affinity-or-anti-affinity-group"] = deepcopy(
                  db_nsr["affinity-or-anti-affinity-group"]
@@ -1233,6 +1238,15 @@ class NsLcm(LcmBase):
                          if target_vim not in ns_ags["vim_info"]:
                              ns_ags["vim_info"][target_vim] = {}
  
+                # shared-volumes
+                if vdur.get("shared-volumes-id"):
+                    for sv_id in vdur["shared-volumes-id"]:
+                        ns_sv = find_in_list(
+                            target["shared-volumes"], lambda sv: sv_id in sv["id"]
+                        )
+                        if ns_sv:
+                            ns_sv["vim_info"][target_vim] = {}
+
                  vdur["vim_info"] = {target_vim: {}}
                  # instantiation parameters
                  if vnf_params:
@@ -1817,7 +1831,7 @@ class NsLcm(LcmBase):
                      ee_id, credentials = await self.vca_map[
                          vca_type
                      ].create_execution_environment(
-                        namespace=namespace,
+                        namespace=nsr_id,
                          reuse_ee_id=ee_id,
                          db_dict=db_dict,
                          config=osm_config,
@@ -2737,13 +2751,16 @@ class NsLcm(LcmBase):
  
              # create namespace and certificate if any helm based EE is present in the NS
              if check_helm_ee_in_ns(db_vnfds):
-                # TODO: create EE namespace
+                await self.vca_map["helm-v3"].setup_ns_namespace(
+                    name=nsr_id,
+                )
                  # create TLS certificates
                  await self.vca_map["helm-v3"].create_tls_certificate(
-                    secret_name="ee-tls-{}".format(nsr_id),
+                    secret_name=self.EE_TLS_NAME,
                      dns_prefix="*",
                      nsr_id=nsr_id,
                      usage="server auth",
+                    namespace=nsr_id,
                  )
  
              nsi_id = None  # TODO put nsi_id when this nsr belongs to a NSI
@@ -4633,9 +4650,12 @@ class NsLcm(LcmBase):
              # Delete Namespace and Certificates if necessary
              if check_helm_ee_in_ns(list(db_vnfds_from_member_index.values())):
                  await self.vca_map["helm-v3"].delete_tls_certificate(
-                    certificate_name=db_nslcmop["nsInstanceId"],
+                    namespace=db_nslcmop["nsInstanceId"],
+                    certificate_name=self.EE_TLS_NAME,
+                )
+                await self.vca_map["helm-v3"].delete_namespace(
+                    namespace=db_nslcmop["nsInstanceId"],
                  )
-                # TODO: Delete namespace
  
              # Delete from k8scluster
              stage[1] = "Deleting KDUs."