-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
+# Copyright 2021 Canonical Ltd.
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+##
########################################################################################
# This Dockerfile is intented for devops testing and deb package generation
#
# devops-stages/stage-build.sh
#
-FROM ubuntu:22.04
+FROM ubuntu:20.04
ARG APT_PROXY
RUN if [ ! -z $APT_PROXY ] ; then \
RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get -y install \
debhelper \
- dh-python \
+ dh-make \
git \
python3 \
python3-all \
python3-dev \
- python3-setuptools \
- python3-pip \
- tox
+ python3-setuptools
+
+RUN python3 -m easy_install pip==21.3.1
+RUN pip install tox==3.24.5
ENV LC_ALL C.UTF-8
ENV LANG C.UTF-8
RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get -y install \
- dh-make
+ unzip
RUN curl https://get.helm.sh/helm-v3.11.3-linux-amd64.tar.gz --output helm-v3.11.3.tar.gz \
&& tar -zxvf helm-v3.11.3.tar.gz \
# License for the specific language governing permissions and limitations
# under the License.
-# Download helm chart dependencies
-helm dependency update installers/helm/osm
-
PKG_DIRECTORIES="common jenkins installers tools docker"
MDG_NAME=devops
DEB_INSTALL=debian/osm-$MDG_NAME.install
fi
done
-# Download helm chart dependencies
-helm dependency update installers/helm/osm
-
# Execute linting test for OSM helm chart
helm lint installers/helm/osm
icon: https://www.etsi.org/images/articles/logos/OSM.png
version: 0.0.1
appVersion: "14"
-dependencies:
-- name: mysql
- repository: "https://charts.bitnami.com/bitnami"
- version: "9.12.3"
- condition: mysql.enabled
-- name: kafka
- repository: "https://charts.bitnami.com/bitnami"
- version: "25.1.12"
- condition: kafka.enabled
-- name: zookeeper
- repository: "https://charts.bitnami.com/bitnami"
- version: "12.1.3"
- condition: zookeeper.enabled
-
+# dependencies:
+# - name: mongodb
+# repository: "https://charts.bitnami.com/bitnami"
+# version: "13.9.4"
+# condition: mongodb.enabled
+# - name: airflow
+# repository: "https://airflow.apache.org"
+# version: "1.6.0"
+# condition: airflow.enabled
+# - name: mysql
+# repository: "https://charts.bitnami.com/bitnami"
+# version: "9.9.1"
+# condition: mysql.enabled
secretKeyRef:
key: admin-password
name: grafana
- image: grafana/grafana:10.1.2
+ image: grafana/grafana:8.1.1
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 10
name: sc-dashboard-provider
- emptyDir: {}
name: sc-datasources-volume
-{{- end -}}
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-kafka-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ KAFKA_ADVERTISED_HOST_NAME: kafka.osm
+ KAFKA_ADVERTISED_PORT: "9092"
+ KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
+ KAFKA_LOG_RETENTION_HOURS: "24"
+ KAFKA_BROKER_ID: "1"
+ KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://:9092"
+ KAFKA_LISTENERS: "PLAINTEXT://:9092"
+ KAFKA_INTER_BROKER_LISTENER_NAME: "PLAINTEXT"
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: kafka
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.kafka.service.port }}
+ targetPort: 9092
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: kafka
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.kafka.replicaCount | default .Values.global.replicaCount }}
+ serviceName: kafka
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ initContainers:
+ - name: zookeeper-test
+ image: alpine:latest
+ command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"]
+ containers:
+ - name: kafka
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: wurstmeister/kafka:2.11-1.0.2
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9092
+ protocol: TCP
+ volumeMounts:
+ - name: socket
+ mountPath: /var/run/docker.sock
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-kafka-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: socket
+ hostPath:
+ path: /var/run/docker.sock
+{{- end }}
\ No newline at end of file
- name: ROOT_DB_PASSWORD
valueFrom:
secretKeyRef:
- name: mysql
- key: mysql-root-password
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
- name: KEYSTONE_DB_PASSWORD
valueFrom:
secretKeyRef:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
-{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mysql.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: mysql
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.mysql.service.port }}
+ targetPort: 3306
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mysql.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: mysql
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.mysql.replicaCount | default .Values.global.replicaCount }}
+ serviceName: mysql
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: mysql
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: mysql:8.0.34
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ name: mysql
+ volumeMounts:
+ - name: mysql-db
+ mountPath: /var/lib/mysql
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ {{- if not .Values.mysql.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.mysql.secretName | default "ro-db-secret" }}
+ {{- else }}
+ env:
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: mysql-db
+ hostPath:
+ path: {{ .Values.mysql.dbHostPath | default "/var/lib/osm/{{ .Release.Namespace }}/osm_ro_db/_data" }}
+{{- end }}
\ No newline at end of file
# readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
# runAsNonRoot: true
- image: prom/prometheus:v2.47.0
+ image: prom/prometheus:v2.28.1
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
args:
- --config.file=/etc/prometheus/prometheus.yml
- key: osm_alert_rules.yml
path: osm_alert_rules.yml
{{- end }}
-{{- end }}
+{{- end }}
\ No newline at end of file
- name: RO_DB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
- name: mysql
- key: mysql-root-password
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
{{- end }}
{{- with .Values.global.nodeSelector }}
nodeSelector:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
-{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.zookeeper.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: zookeeper
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.zookeeper.service.port }}
+ targetPort: 2181
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.zookeeper.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: zookeeper
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.zookeeper.replicaCount | default .Values.global.replicaCount }}
+ serviceName: zookeeper
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: zookeeper
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: wurstmeister/zookeeper:latest
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 2181
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
kafka:
enabled: true
- listeners:
- client:
- protocol: "PLAINTEXT"
- fullnameOverride: "kafka"
+ service:
+ port: 9092
# replicaCount: 1
keystone:
mysql:
enabled: true
- image:
- tag: "8.1-debian-11"
- fullnameOverride: "mysql"
+ # dbHostPath: "/var/lib/osm/osm"
+ service:
+ port: 3306
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "ro-db-secret"
nbi:
enabled: true
zookeeper:
enabled: true
- fullnameOverride: "zookeeper"
+ service:
+ port: 2181
# replicaCount: 1
# State of Statefulsets
STS_STATE=$(kubectl get statefulset -n ${STACK_NAME} --no-headers 2>&1)
- STS_READY=$(echo "${STS_STATE}" | awk '$2=="1/1" || $2=="2/2" || $2=="3/3" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
- STS_NOT_READY=$(echo "${STS_STATE}" | awk '$2!="1/1" && $2!="2/2" && $2!="3/3" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
+ STS_READY=$(echo "${STS_STATE}" | awk '$2=="1/1" || $2=="2/2" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
+ STS_NOT_READY=$(echo "${STS_STATE}" | awk '$2!="1/1" && $2!="2/2" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
COUNT_STS_READY=$(echo "${STS_READY}" | grep -v -e '^$' | wc -l)
COUNT_STS_NOT_READY=$(echo "${STS_NOT_READY}" | grep -v -e '^$' | wc -l)
projects / osm / devops.git / commitdiff