ENV LC_ALL C.UTF-8
ENV LANG C.UTF-8
+RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
+ DEBIAN_FRONTEND=noninteractive apt-get -y install \
+ unzip
+
+RUN curl https://get.helm.sh/helm-v3.11.3-linux-amd64.tar.gz --output helm-v3.11.3.tar.gz \
+ && tar -zxvf helm-v3.11.3.tar.gz \
+ && mv linux-amd64/helm /usr/local/bin/helm \
+ && rm -r linux-amd64/
+
+RUN curl https://get.datree.io | /bin/bash
+
+RUN helm plugin install https://github.com/datreeio/helm-datree
+
cd "${CURRENT_DIR}"
fi
done
+
+# Execute linting test for OSM helm chart
+helm lint installers/helm/osm
+
+# Execute datree test for OSM helm chart
+# helm datree test installers/helm/osm --verbose
+
+++ /dev/null
-##
-# Copyright 2019-2020 ETSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-##
-
-########################################################################
-
-version: '3'
-networks:
- netOSM:
- external:
- name: ${OSM_NETWORK:-netosm}
- #driver: overlay
- #driver_opts:
- # com.docker.network.driver.mtu: "1446"
-services:
- ng-ui:
- image: ${DOCKER_USER:-opensourcemano}/ng-ui:${TAG:-8}
- networks:
- - netOSM
- ports:
- - "${OSM_UI_PORTS:-80:80}"
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
-
+++ /dev/null
-##
-# Copyright 2019 ETSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-##
-
-########################################################################
-
-version: '3'
-volumes:
- ro:
- ro_db:
- mongo_db:
- mon_db:
- pol_db:
- osm_packages:
- prom_db:
-networks:
- netOSM:
- external:
- name: ${OSM_NETWORK:-netosm}
- #driver: overlay
- #driver_opts:
- # com.docker.network.driver.mtu: "1446"
-services:
- zookeeper:
- image: wurstmeister/zookeeper:${ZOOKEEPER_TAG:-latest}
-# ports:
-# - "2181:2181"
- networks:
- - netOSM
- healthcheck:
- test: echo ruok | nc -w 2 localhost 2181
- interval: 20s
- timeout: 10s
- retries: 5
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- kafka:
- image: wurstmeister/kafka:${KAFKA_TAG:-latest}
- ports:
- - "9092"
- networks:
- - netOSM
- environment:
- KAFKA_ADVERTISED_HOST_NAME: kafka
- KAFKA_ADVERTISED_PORT: 9092
- KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
- KAFKA_LOG_RETENTION_HOURS: 24
- KAFKA_BROKER_ID: 1
- KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://:9092
- KAFKA_LISTENERS: PLAINTEXT://:9092
- KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT
- KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
- volumes:
- - /var/run/docker.sock:/var/run/docker.sock
- healthcheck:
- test: echo ruok | nc -w 2 zookeeper 2181
- interval: 20s
- timeout: 10s
- retries: 5
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- #depends_on:
- # - zookeeper
- mongo:
- image: mongo
-# ports:
-# - "27017:27017"
- networks:
- - netOSM
- volumes:
- - mongo_db:/data/db
- prometheus:
- image: prom/prometheus:${PROMETHEUS_TAG:-latest}
- hostname: prometheus
- ports:
- - "${OSM_PROM_PORTS:-9091:9090}"
- volumes:
- - ./prometheus/:/etc/prometheus/
- - prom_db:/prometheus
- command:
- - '--config.file=/etc/prometheus/prometheus.yml'
- - '--web.enable-lifecycle'
- networks:
- - netOSM
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- prometheus-cadvisor:
- image: google/cadvisor:${PROMETHEUS_CADVISOR_TAG:-latest}
- ports:
- - "${OSM_PROM_CADVISOR_PORTS:-8080:8080}"
- volumes:
- - /:/rootfs:ro
- - /var/run:/var/run:ro
- - /sys:/sys:ro
- - /var/lib/docker/:/var/lib/docker:ro
- - /dev/disk/:/dev/disk:ro
- networks:
- - netOSM
- keystone:
- image: ${DOCKER_USER:-opensourcemano}/keystone:${TAG:-9}
- networks:
- - netOSM
- environment:
- DB_HOST: mysql
- env_file:
- - ./keystone.env
- ports:
- - "${OSM_KEYSTONE_PORTS:-5000:5000}"
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- nbi:
- image: ${DOCKER_USER:-opensourcemano}/nbi:${TAG:-9}
- networks:
- - netOSM
- volumes:
- - osm_packages:/app/storage
- environment:
- OSMNBI_DATABASE_HOST: mongo
- OSMNBI_MESSAGE_HOST: kafka
- env_file:
- - ./nbi.env
- ports:
- - "${OSM_NBI_PORTS:-9999:9999}"
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- #depends_on:
- # - kafka
- # - mongo
- lcm:
- image: ${DOCKER_USER:-opensourcemano}/lcm:${TAG:-9}
- networks:
- - netOSM
- volumes:
- - osm_packages:/app/storage
- environment:
- OSMLCM_RO_HOST: ro
- OSMLCM_RO_PORT: "9090"
- OSMLCM_DATABASE_HOST: mongo
- OSMLCM_MESSAGE_HOST: kafka
- env_file:
- - ./lcm.env
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- #depends_on:
- # - kafka
- # - mongo
- # - ro
- mysql:
- image: mysql:5
- networks:
- netOSM:
- aliases:
- - ro-db
- volumes:
- - ro_db:/var/lib/mysql
- env_file:
- - ./ro-db.env
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
-# ports:
-# - "3306:3306"
- ro:
- image: ${DOCKER_USER:-opensourcemano}/ro:${TAG:-9}
- networks:
- - netOSM
- environment:
- RO_DB_HOST: mysql
- OSMRO_DATABASE_HOST: mongo
- OSMRO_MESSAGE_HOST: kafka
- env_file:
- - ./ro.env
- #depends_on:
- # - mongo
- # - kafka
- ports:
- - "${OSM_RO_PORTS:-9090:9090}"
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
- mon:
- image: ${DOCKER_USER:-opensourcemano}/mon:${TAG:-9}
- networks:
- - netOSM
- volumes:
- - mon_db:/app/database
- environment:
- OSMMON_MESSAGE_HOST: kafka
- OSMMON_MESSAGE_PORT: 9092
- env_file:
- - ./mon.env
- ports:
- - "${OSM_MON_PORTS:-8662:8662}"
- #depends_on:
- # - kafka
- logging:
- driver: "json-file"
- options:
- max-file: 5
- max-size: 10m
- pol:
- image: ${DOCKER_USER:-opensourcemano}/pol:${TAG:-9}
- networks:
- - netOSM
- volumes:
- - pol_db:/app/database
- environment:
- OSMPOL_MESSAGE_HOST: kafka
- OSMPOL_MESSAGE_PORT: 9092
- env_file:
- - ./pol.env
- #depends_on:
- # - kafka
- # - mon
- logging:
- driver: "json-file"
- options:
- max-file: 5
- max-size: 10m
- grafana:
- image: grafana/grafana
- volumes:
- - ./grafana/dashboards-osm.yml:/etc/grafana/provisioning/dashboards/dashboards-osm.yml
- - ./grafana/osm-sample-dashboard.json:/etc/grafana/provisioning/dashboards/osm-sample-dashboard.json
- - ./grafana/osm-system-dashboard.json:/etc/grafana/provisioning/dashboards/osm-system-dashboard.json
- - ./grafana/datasource-prometheus.yml:/etc/grafana/provisioning/datasources/datasource-prometheus.yml
- hostname: grafana
- ports:
- - "${OSM_GRAFANA_PORTS:-3000:3000}"
- networks:
- - netOSM
- logging:
- driver: "json-file"
- options:
- max-size: "100m"
- max-file: "2"
-
+++ /dev/null
-##
-# Copyright 2019 ETSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-##
-
-########################################################################
-
-version: '3'
-networks:
- netOSM:
- external:
- name: ${OSM_NETWORK:-netosm}
- #driver: overlay
- #driver_opts:
- # com.docker.network.driver.mtu: "1446"
-services:
- pla:
- image: ${DOCKER_USER:-opensourcemano}/pla:${TAG:-9}
- networks:
- - netOSM
- logging:
- driver: "json-file"
- options:
- max-file: 5
- max-size: 10m
+++ /dev/null
-# Copyright 2020 Arctos Labs Scandinavia AB
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: pla
- labels:
- app: pla
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: pla
- template:
- metadata:
- labels:
- app: pla
- spec:
- securityContext:
- runAsUser: 1000
- runAsGroup: 1000
- fsGroup: 1000
- initContainers:
- - name: kafka-mongo-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongo 27017 ); do sleep 3; done; exit 0"]
- containers:
- - name: pla
- image: opensourcemano/pla:13
- env:
- - name: OSMPLA_DATABASE_HOST
- value: mongo
- - name: OSMPLA_MESSAGE_HOST
- value: kafka
- - name: OSMPLA_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
+++ /dev/null
-# Copyright 2022 Whitestack
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: osm-selfsigned-issuer
-spec:
- selfSigned: {}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
- name: osm-ca-certificate
- namespace: osm
-spec:
- isCA: true
- commonName: osm
- secretName: osm-ca
- privateKey:
- algorithm: ECDSA
- size: 256
- issuerRef:
- name: osm-selfsigned-issuer
- kind: ClusterIssuer
- group: cert-manager.io
----
-apiVersion: cert-manager.io/v1
-kind: ClusterIssuer
-metadata:
- name: ca-issuer
-spec:
- ca:
- secretName: osm-ca
\ No newline at end of file
+++ /dev/null
-# Copyright 2020 Minsait - Indra S.A.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# Author: Jose Manuel Palacios (jmpalacios@minsait.com)
-# Author: Alberto Limon (alimonj@minsait.com)
-
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRole
-metadata:
- labels:
- app: grafana
- name: grafana-clusterrole
-rules:
-- apiGroups:
- - ""
- resources:
- - configmaps
- - secrets
- verbs:
- - get
- - watch
- - list
----
-apiVersion: rbac.authorization.k8s.io/v1
-kind: ClusterRoleBinding
-metadata:
- labels:
- app: grafana
- name: grafana-clusterrolebinding
-roleRef:
- apiGroup: rbac.authorization.k8s.io
- kind: ClusterRole
- name: grafana-clusterrole
-subjects:
-- kind: ServiceAccount
- name: grafana
- namespace: osm
----
-apiVersion: v1
-data:
- admin-password: YWRtaW4=
- admin-user: YWRtaW4=
-kind: Secret
-metadata:
- labels:
- app: grafana
- name: grafana
-type: Opaque
----
-apiVersion: v1
-kind: ServiceAccount
-metadata:
- labels:
- app: grafana
- name: grafana
----
-apiVersion: v1
-data:
- provider.yaml: |-
- apiVersion: 1
- providers:
- - name: 'Kubernetes Cluster'
- orgId: 1
- folder: 'Kubernetes Cluster'
- type: file
- disableDeletion: false
- options:
- path: '/tmp/dashboards/Kubernetes Cluster'
- - name: 'Open Source MANO'
- orgId: 1
- folder: 'Open Source MANO'
- type: file
- disableDeletion: false
- options:
- path: '/tmp/dashboards/Open Source MANO'
-kind: ConfigMap
-metadata:
- labels:
- app: grafana
- name: grafana-dashboard-provider
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- labels:
- grafana_datasource: "1"
- name: grafana-datasource
-data:
- datasource.yaml: |-
- apiVersion: 1
- datasources:
- - name: osm_prometheus
- type: prometheus
- url: http://prometheus:9090
- access: proxy
- allowUiUpdates: true
- isDefault: true
- - name: Prometheus
- type: prometheus
- url: http://osm-monitoring-kube-promet-prometheus.monitoring:9090
- access: proxy
- allowUiUpdates: true
- isDefault: false
----
-apiVersion: v1
-data:
- grafana.ini: |
- [log]
- mode = console
- [paths]
- data = /var/lib/grafana/data
- logs = /var/log/grafana
- plugins = /var/lib/grafana/plugins
- provisioning = /etc/grafana/provisioning
-kind: ConfigMap
-metadata:
- labels:
- app: grafana
- name: grafana
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- labels:
- app: grafana
- name: grafana
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: grafana
- template:
- metadata:
- labels:
- app: grafana
- spec:
- containers:
- - env:
- - name: LABEL
- value: grafana_dashboard
- - name: FOLDER
- value: "/tmp/dashboards/Kubernetes Cluster"
- - name: RESOURCE
- value: both
- - name: NAMESPACE
- value: monitoring
- image: kiwigrid/k8s-sidecar:1.15.6
- imagePullPolicy: IfNotPresent
- name: grafana-sc-dashboard
- resources: {}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- volumeMounts:
- - mountPath: "/tmp/dashboards/Kubernetes Cluster"
- name: sc-dashboard-volume-k8s
- - mountPath: "/tmp/dashboards/Open Source MANO"
- name: sc-dashboard-volume-osm
- - env:
- - name: GF_SECURITY_ADMIN_USER
- valueFrom:
- secretKeyRef:
- key: admin-user
- name: grafana
- - name: GF_SECURITY_ADMIN_PASSWORD
- valueFrom:
- secretKeyRef:
- key: admin-password
- name: grafana
- image: grafana/grafana:8.1.1
- imagePullPolicy: IfNotPresent
- livenessProbe:
- failureThreshold: 10
- httpGet:
- path: /api/health
- port: 3000
- scheme: HTTP
- initialDelaySeconds: 60
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 30
- name: grafana
- ports:
- - containerPort: 80
- name: service
- protocol: TCP
- - containerPort: 3000
- name: grafana
- protocol: TCP
- readinessProbe:
- failureThreshold: 3
- httpGet:
- path: /api/health
- port: 3000
- scheme: HTTP
- periodSeconds: 10
- successThreshold: 1
- timeoutSeconds: 1
- resources: {}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- volumeMounts:
- - mountPath: /etc/grafana/grafana.ini
- name: config
- subPath: grafana.ini
- - mountPath: /var/lib/grafana
- name: storage
- - mountPath: "/tmp/dashboards/Kubernetes Cluster"
- name: sc-dashboard-volume-k8s
- - mountPath: "/tmp/dashboards/Open Source MANO"
- name: sc-dashboard-volume-osm
- - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
- name: sc-dashboard-provider
- subPath: provider.yaml
- - mountPath: /etc/grafana/provisioning/datasources
- name: sc-datasources-volume
- dnsPolicy: ClusterFirst
- initContainers:
- - env:
- - name: METHOD
- value: LIST
- - name: LABEL
- value: grafana_datasource
- - name: FOLDER
- value: /etc/grafana/provisioning/datasources
- - name: RESOURCE
- value: both
- image: kiwigrid/k8s-sidecar:1.15.6
- imagePullPolicy: IfNotPresent
- name: grafana-sc-datasources
- resources: {}
- terminationMessagePath: /dev/termination-log
- terminationMessagePolicy: File
- volumeMounts:
- - mountPath: /etc/grafana/provisioning/datasources
- name: sc-datasources-volume
- restartPolicy: Always
- schedulerName: default-scheduler
- securityContext:
- fsGroup: 472
- runAsUser: 472
- serviceAccount: grafana
- serviceAccountName: grafana
- terminationGracePeriodSeconds: 30
- volumes:
- - configMap:
- defaultMode: 420
- name: grafana
- name: config
- - emptyDir: {}
- name: storage
- - emptyDir: {}
- name: sc-dashboard-volume-k8s
- - emptyDir: {}
- name: sc-dashboard-volume-osm
- - configMap:
- defaultMode: 420
- name: grafana-dashboard-provider
- name: sc-dashboard-provider
- - emptyDir: {}
- name: sc-datasources-volume
----
-apiVersion: v1
-kind: Service
-metadata:
- labels:
- app: grafana
- name: grafana
-spec:
- ports:
- - name: service
- nodePort: 3000
- port: 3000
- protocol: TCP
- targetPort: 3000
- selector:
- app: grafana
- sessionAffinity: None
- type: NodePort
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: kafka
-spec:
- clusterIP: None
- ports:
- - port: 9092
- protocol: TCP
- targetPort: 9092
- selector:
- app: kafka
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: kafka
- labels:
- app: kafka
-spec:
- replicas: 1
- serviceName: kafka
- selector:
- matchLabels:
- app: kafka
- template:
- metadata:
- labels:
- app: kafka
- spec:
- initContainers:
- - name: zookeeper-test
- image: alpine:latest
- command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"]
- containers:
- - name: kafka
- image: wurstmeister/kafka:2.11-1.0.2
- ports:
- - containerPort: 9092
- protocol: TCP
- env:
- - name: KAFKA_ADVERTISED_HOST_NAME
- value: kafka.osm
- - name: KAFKA_ADVERTISED_PORT
- value: "9092"
- - name: KAFKA_ZOOKEEPER_CONNECT
- value: zookeeper:2181
- - name: KAFKA_LOG_RETENTION_HOURS
- value: "24"
- - name: KAFKA_BROKER_ID
- value: "1"
- - name: KAFKA_ADVERTISED_LISTENERS
- value: "PLAINTEXT://:9092"
- - name: KAFKA_LISTENERS
- value: "PLAINTEXT://:9092"
- - name: KAFKA_INTER_BROKER_LISTENER_NAME
- value: "PLAINTEXT"
- - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR
- value: "1"
- volumeMounts:
- - name: socket
- mountPath: /var/run/docker.sock
- volumes:
- - name: socket
- hostPath:
- path: /var/run/docker.sock
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: keystone
-spec:
- clusterIP: None
- ports:
- - port: 5000
- protocol: TCP
- targetPort: 5000
- selector:
- app: keystone
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: keystone
- labels:
- app: keystone
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: keystone
- template:
- metadata:
- labels:
- app: keystone
- spec:
- containers:
- - name: keystone
- image: opensourcemano/keystone:13
- ports:
- - containerPort: 5000
- protocol: TCP
- env:
- - name: DB_HOST
- value: mysql
- envFrom:
- - secretRef:
- name: keystone-secret
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-# Copyright 2020 Whitestack
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in), Fabián Bravo(fbravo@whitestack.com)
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: lcm
- labels:
- app: lcm
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: lcm
- template:
- metadata:
- labels:
- app: lcm
- spec:
- securityContext:
- runAsUser: 1000
- runAsGroup: 1000
- fsGroup: 1000
- initContainers:
- - name: kafka-ro-mongo-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 ro 9090 && nc -zvw1 mongodb-k8s 27017 ); do sleep 3; done; exit 0"]
- containers:
- - name: lcm
- image: opensourcemano/lcm:13
- env:
- - name: OSMLCM_RO_HOST
- value: ro
- - name: OSMLCM_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- - name: OSMLCM_MESSAGE_HOST
- value: kafka
- - name: OSMLCM_STORAGE_DRIVER
- value: mongo
- - name: OSMLCM_STORAGE_PATH
- value: /app/storage
- - name: OSMLCM_STORAGE_COLLECTION
- value: files
- - name: OSMLCM_STORAGE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- envFrom:
- - secretRef:
- name: lcm-secret
- volumeMounts:
- - mountPath: /etc/ssl/certs/osm-ca.crt
- name: osm-ca
- readOnly: true
- subPath: osm-ca.crt
- volumes:
- - name: osm-ca
- secret:
- defaultMode: 420
- items:
- - key: tls.crt
- path: osm-ca.crt
- secretName: osm-ca
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: mon
-spec:
- clusterIP: None
- ports:
- - port: 8662
- protocol: TCP
- targetPort: 8662
- selector:
- app: mon
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: mon
- labels:
- app: mon
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: mon
- template:
- metadata:
- labels:
- app: mon
- spec:
- initContainers:
- - name: kafka-mongo-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
- containers:
- - name: mon
- image: opensourcemano/mon:13
- ports:
- - containerPort: 8662
- protocol: TCP
- env:
- - name: OSMMON_MESSAGE_HOST
- value: kafka
- - name: OSMMON_MESSAGE_PORT
- value: "9092"
- - name: OSMMON_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- envFrom:
- - secretRef:
- name: mon-secret
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: mysql
-spec:
- clusterIP: None
- ports:
- - port: 3306
- protocol: TCP
- targetPort: 3306
- selector:
- app: mysql
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: mysql
- labels:
- app: mysql
-spec:
- replicas: 1
- serviceName: mysql
- selector:
- matchLabels:
- app: mysql
- template:
- metadata:
- labels:
- app: mysql
- spec:
- containers:
- - image: mysql:5
- name: mysql
- envFrom:
- - secretRef:
- name: ro-db-secret
- ports:
- - containerPort: 3306
- name: mysql
- volumeMounts:
- - name: mysql-db
- mountPath: /var/lib/mysql
- volumes:
- - name: mysql-db
- hostPath:
- path: /var/lib/osm/osm_ro_db/_data
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: nbi
-spec:
- ports:
- - nodePort: 9999
- port: 9999
- protocol: TCP
- targetPort: 9999
- selector:
- app: nbi
- type: NodePort
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: nbi
- labels:
- app: nbi
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: nbi
- template:
- metadata:
- labels:
- app: nbi
- spec:
- securityContext:
- runAsUser: 1000
- runAsGroup: 1000
- fsGroup: 1000
- initContainers:
- - name: kafka-mongo-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
- containers:
- - name: nbi
- image: opensourcemano/nbi:13
- ports:
- - containerPort: 9999
- protocol: TCP
- env:
- - name: OSMNBI_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- - name: OSMNBI_MESSAGE_HOST
- value: kafka
- - name: OSMNBI_STORAGE_DRIVER
- value: mongo
- - name: OSMNBI_STORAGE_PATH
- value: /app/storage
- - name: OSMNBI_STORAGE_COLLECTION
- value: files
- - name: OSMNBI_STORAGE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- envFrom:
- - secretRef:
- name: nbi-secret
+++ /dev/null
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: v1
-kind: Service
-metadata:
- name: mon
-spec:
- clusterIP: None
- ports:
- - port: 8662
- protocol: TCP
- targetPort: 8662
- selector:
- app: mon
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: mon
- labels:
- app: mon
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: mon
- template:
- metadata:
- labels:
- app: mon
- spec:
- initContainers:
- - name: kafka-mongo-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
- containers:
- - name: mon
- command: ["/bin/bash"]
- args: ["scripts/dashboarder-start.sh"]
- image: opensourcemano/mon:13
- ports:
- - containerPort: 8662
- protocol: TCP
- env:
- - name: OSMMON_MESSAGE_HOST
- value: kafka
- - name: OSMMON_MESSAGE_PORT
- value: "9092"
- - name: OSMMON_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- envFrom:
- - secretRef:
- name: mon-secret
+++ /dev/null
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-
-apiVersion: v1
-kind: Service
-metadata:
- name: prometheus
-spec:
- ports:
- - nodePort: 9091
- port: 9090
- protocol: TCP
- targetPort: 9090
- selector:
- app: prometheus
- type: NodePort
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: prom
-data:
- osm_metric_rules.yml: |
- groups:
- - name: osm_metric_rules
- rules:
- - record: vm_status_extended
- expr: (last_over_time(vm_status[1m]) * on (vm_id, vim_id) group_left(ns_id, vnf_id, vdu_id, project_id, job, vdu_name, vnf_member_index) last_over_time(ns_topology[1m])) or (last_over_time(ns_topology[1m]) * -1)
- labels:
- job: osm_prometheus
- - record: vnf_status
- expr: (0 * (count (vm_status_extended==0) by (ns_id, vnf_id)>=0)) or (min by (ns_id, vnf_id) (vm_status_extended))
- labels:
- job: osm_prometheus
- - record: ns_status
- expr: (0 * (count (vm_status_extended==0) by (ns_id)>=0)) or (min by (ns_id) (vm_status_extended))
- labels:
- job: osm_prometheus
- osm_alert_rules.yml: |
- groups:
- - name: osm_alert_rules
- rules:
- - alert: vdu_down
- expr: vm_status_extended != 1
- for: 3m
- annotations:
- summary: "VDU {{ $labels.vm_id }} in VIM {{ $labels.vim_id }} is down"
- description: "VDU {{ $labels.vm_id }} in VIM {{ $labels.vim_id }} has been down for more than 3 minutes. NS instance id is {{ $labels.ns_id }}"
- prometheus.yml: |
- # Copyright 2018 The Prometheus Authors
- # Copyright 2018 Whitestack
- # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
-
- # my global config
- global:
- scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
- evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
- # scrape_timeout is set to the global default (10s).
-
- # Alertmanager configuration
- alerting:
- alertmanagers:
- - static_configs:
- - targets:
- - alertmanager:9093
-
- # Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
- rule_files:
- - "osm_metric_rules.yml"
- - "osm_alert_rules.yml"
-
- # A scrape configuration containing exactly one endpoint to scrape:
- # Here it's Prometheus itself.
- scrape_configs:
- - job_name: 'mon_exporter'
- static_configs:
- - targets: ['mon:8000']
- - job_name: pushgateway
- honor_labels: true
- scrape_interval: 30s
- static_configs:
- - targets:
- - pushgateway-prometheus-pushgateway:9091
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: prometheus
- labels:
- app: prometheus
-spec:
- replicas: 1
- serviceName: prometheus
- selector:
- matchLabels:
- app: prometheus
- template:
- metadata:
- labels:
- app: prometheus
- spec:
- initContainers:
- - name: prometheus-init-config
- image: busybox
- command: ["/bin/sh", "-c"]
- args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi; cp /config/osm_metric_rules.yml /config/osm_alert_rules.yml /etc/prometheus']
- volumeMounts:
- - name: prom-config
- mountPath: /etc/prometheus
- - name: prom-config-base
- mountPath: /config
- containers:
- - name: prometheus
- image: prom/prometheus:v2.28.1
- args:
- - --config.file=/etc/prometheus/prometheus.yml
- - --web.enable-lifecycle
- ports:
- - containerPort: 9090
- protocol: TCP
- volumeMounts:
- - name: prom-config
- mountPath: /etc/prometheus
- - name: prom-db
- mountPath: /prometheus
- - name: prometheus-config-sidecar
- image: opensourcemano/prometheus:13
- env:
- - name: MONGODB_URL
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- - name: PROMETHEUS_CONFIG_FILE
- value: /etc/prometheus/prometheus.yml
- - name: PROMETHEUS_BASE_CONFIG_FILE
- value: /etc/prometheus_base/prometheus.yml
- - name: TARGET_DATABASE
- value: osm
- - name: PROMETHEUS_URL
- value: http://prometheus:9090
- volumeMounts:
- - name: prom-config
- mountPath: /etc/prometheus
- - name: prom-config-base
- mountPath: /etc/prometheus_base
- volumes:
- - name: prom-db
- emptyDir: {}
- - name: prom-config
- emptyDir: {}
- - name: prom-config-base
- configMap:
- name: prom
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: ng-ui
-spec:
- ports:
- - nodePort: 80
- port: 80
- protocol: TCP
- targetPort: 80
- selector:
- app: ng-ui
- type: NodePort
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: ng-ui
- labels:
- app: ng-ui
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: ng-ui
- template:
- metadata:
- labels:
- app: ng-ui
- spec:
- containers:
- - name: ng-ui
- image: opensourcemano/ng-ui:13
- ports:
- - containerPort: 80
- protocol: TCP
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: pol
- labels:
- app: pol
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: pol
- template:
- metadata:
- labels:
- app: pol
- spec:
- securityContext:
- runAsUser: 1000
- runAsGroup: 1000
- fsGroup: 1000
- initContainers:
- - name: kafka-mongo-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
- containers:
- - name: pol
- image: opensourcemano/pol:13
- env:
- - name: OSMPOL_MESSAGE_HOST
- value: kafka
- - name: OSMPOL_MESSAGE_PORT
- value: "9092"
- - name: OSMPOL_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- envFrom:
- - secretRef:
- name: pol-secret
+++ /dev/null
-# Copyright 2021 Whitestack, LLC
-# *************************************************************
-
-# This file is part of OSM Monitoring module
-# All Rights Reserved to Whitestack, LLC
-
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-
-# http://www.apache.org/licenses/LICENSE-2.0
-
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-# For those usages not covered by the Apache License, Version 2.0 please
-# contact: fbravo@whitestack.com or glavado@whitestack.com
-##
-
-apiVersion: v1
-kind: Service
-metadata:
- name: prometheus
-spec:
- ports:
- - nodePort: 9091
- port: 9090
- protocol: TCP
- targetPort: 9090
- selector:
- app: prometheus
- type: NodePort
----
-apiVersion: v1
-data:
- prometheus.yml: |
- # Copyright 2018 The Prometheus Authors
- # Copyright 2018 Whitestack
- # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U.
- #
- # Licensed under the Apache License, Version 2.0 (the "License");
- # you may not use this file except in compliance with the License.
- # You may obtain a copy of the License at
- #
- # http://www.apache.org/licenses/LICENSE-2.0
- #
- # Unless required by applicable law or agreed to in writing, software
- # distributed under the License is distributed on an "AS IS" BASIS,
- # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- # See the License for the specific language governing permissions and
- # limitations under the License.
-
- # my global config
- global:
- scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
- evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
- # scrape_timeout is set to the global default (10s).
-
- # Alertmanager configuration
- alerting:
- alertmanagers:
- - static_configs:
- - targets:
- # - alertmanager:9093
-
- # Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
- rule_files:
- # - "first_rules.yml"
- # - "second_rules.yml"
-
- # A scrape configuration containing exactly one endpoint to scrape:
- # Here it's Prometheus itself.
- scrape_configs:
- - job_name: 'mon_exporter'
- static_configs:
- - targets: ['mon:8000']
- # Add here other external targets, e.g. a pushgateway
- # - job_name: 'pushgateway'
- # static_configs:
- # - targets: ['prometheus-pushgateway:9091']
-kind: ConfigMap
-metadata:
- name: prom
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: prometheus
- labels:
- app: prometheus
-spec:
- replicas: 1
- serviceName: prometheus
- selector:
- matchLabels:
- app: prometheus
- template:
- metadata:
- labels:
- app: prometheus
- spec:
- initContainers:
- - name: prometheus-init-config
- image: busybox
- command: ["/bin/sh", "-c"]
- args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi']
- volumeMounts:
- - name: prom-config
- mountPath: /etc/prometheus
- - name: prom-config-base
- mountPath: /config
- containers:
- - name: prometheus
- image: prom/prometheus:v2.28.1
- args:
- - --config.file=/etc/prometheus/prometheus.yml
- - --web.enable-lifecycle
- ports:
- - containerPort: 9090
- protocol: TCP
- volumeMounts:
- - name: prom-config
- mountPath: /etc/prometheus
- - name: prom-db
- mountPath: /prometheus
- - name: prometheus-config-sidecar
- image: opensourcemano/prometheus:13
- env:
- - name: MONGODB_URL
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- - name: PROMETHEUS_CONFIG_FILE
- value: /etc/prometheus/prometheus.yml
- - name: PROMETHEUS_BASE_CONFIG_FILE
- value: /etc/prometheus_base/prometheus.yml
- - name: TARGET_DATABASE
- value: osm
- - name: PROMETHEUS_URL
- value: http://prometheus:9090
- volumeMounts:
- - name: prom-config
- mountPath: /etc/prometheus
- - name: prom-config-base
- mountPath: /etc/prometheus_base
- volumes:
- - name: prom-db
- emptyDir: {}
- - name: prom-config
- emptyDir: {}
- - name: prom-config-base
- configMap:
- name: prom
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in)
-
-apiVersion: v1
-kind: Service
-metadata:
- name: ro
-spec:
- clusterIP: None
- ports:
- - port: 9090
- protocol: TCP
- targetPort: 9090
- selector:
- app: ro
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: ro
- labels:
- app: ro
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: ro
- template:
- metadata:
- labels:
- app: ro
- spec:
- initContainers:
- - name: ro-db-test
- image: alpine:latest
- command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017 ); do sleep 3; done; exit 0"]
- containers:
- - name: ro
- image: opensourcemano/ro:13
- ports:
- - containerPort: 9090
- protocol: TCP
- env:
- - name: OSMRO_DATABASE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- - name: OSMRO_MESSAGE_HOST
- value: kafka
- - name: OSMRO_STORAGE_PATH
- value: /app/storage
- - name: OSMRO_STORAGE_COLLECTION
- value: files
- - name: OSMRO_STORAGE_URI
- value: mongodb://mongodb-k8s:27017/?replicaSet=rs0
- - name: OSMRO_STORAGE_DRIVER
- value: mongo
- envFrom:
- - secretRef:
- name: ro-secret
+++ /dev/null
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-
-apiVersion: v1
-kind: Service
-metadata:
- name: webhook-translator
-spec:
- ports:
- - nodePort: 9998
- port: 80
- targetPort: 80
- selector:
- app: webhook-translator
- type: NodePort
----
-apiVersion: apps/v1
-kind: Deployment
-metadata:
- name: webhook-translator
- labels:
- app: webhook-translator
-spec:
- replicas: 1
- selector:
- matchLabels:
- app: webhook-translator
- template:
- metadata:
- labels:
- app: webhook-translator
- spec:
- containers:
- - name: webhook-translator
- image: gerardogarcia/webhook-translator:13
- ports:
- - containerPort: 80
- protocol: TCP
- envFrom:
- - secretRef:
- name: webhook-translator-secret
+++ /dev/null
-# Copyright 2019 TATA ELXSI
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License
-
-apiVersion: v1
-kind: Service
-metadata:
- name: zookeeper
-spec:
- clusterIP: None
- ports:
- - port: 2181
- protocol: TCP
- targetPort: 2181
- selector:
- app: zookeeper
- type: ClusterIP
----
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: zookeeper
- labels:
- app: zookeeper
-spec:
- replicas: 1
- serviceName: zookeeper
- selector:
- matchLabels:
- app: zookeeper
- template:
- metadata:
- labels:
- app: zookeeper
- spec:
- containers:
- - name: zookeeper
- image: wurstmeister/zookeeper:latest
- ports:
- - containerPort: 2181
- protocol: TCP
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
-function generate_k8s_manifest_files() {
- [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- #Kubernetes resources
- sudo cp -bR ${OSM_DEVOPS}/installers/docker/osm_pods $OSM_DOCKER_WORK_DIR
- [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
-}
-
-function generate_docker_env_files() {
- [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- echo "Doing a backup of existing env files"
- sudo cp $OSM_DOCKER_WORK_DIR/keystone-db.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/keystone.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/lcm.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/mon.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/nbi.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/pol.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/ro-db.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/ro.env{,~}
- if [ -n "${INSTALL_NGSA}" ]; then
- sudo cp $OSM_DOCKER_WORK_DIR/ngsa.env{,~}
- sudo cp $OSM_DOCKER_WORK_DIR/webhook-translator.env{,~}
- fi
-
- echo "Generating docker env files"
- # LCM
- if [ ! -f $OSM_DOCKER_WORK_DIR/lcm.env ]; then
- echo "OSMLCM_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_HOST" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_HOST=${OSM_VCA_HOST}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_HOST.*|OSMLCM_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_SECRET" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_SECRET=${OSM_VCA_SECRET}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_SECRET.*|OSMLCM_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_PUBKEY" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_PUBKEY=${OSM_VCA_PUBKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_PUBKEY.*|OSMLCM_VCA_PUBKEY=${OSM_VCA_PUBKEY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_CACERT" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_CACERT.*|OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if [ -n "$OSM_VCA_APIPROXY" ]; then
- if ! grep -Fq "OSMLCM_VCA_APIPROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_APIPROXY.*|OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
- fi
-
- if ! grep -Fq "OSMLCM_VCA_ENABLEOSUPGRADE" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "# OSMLCM_VCA_ENABLEOSUPGRADE=false" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_APTMIRROR" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "# OSMLCM_VCA_APTMIRROR=http://archive.ubuntu.com/ubuntu/" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_CLOUD" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_CLOUD=${OSM_VCA_CLOUDNAME}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_CLOUD.*|OSMLCM_VCA_CLOUD=${OSM_VCA_CLOUDNAME}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
-
- if ! grep -Fq "OSMLCM_VCA_K8S_CLOUD" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "OSMLCM_VCA_K8S_CLOUD=${OSM_VCA_K8S_CLOUDNAME}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|OSMLCM_VCA_K8S_CLOUD.*|OSMLCM_VCA_K8S_CLOUD=${OSM_VCA_K8S_CLOUDNAME}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
- if [ -n "${OSM_BEHIND_PROXY}" ]; then
- if ! grep -Fq "HTTP_PROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "HTTP_PROXY=${HTTP_PROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|HTTP_PROXY.*|HTTP_PROXY=${HTTP_PROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
- if ! grep -Fq "HTTPS_PROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "HTTPS_PROXY=${HTTPS_PROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|HTTPS_PROXY.*|HTTPS_PROXY=${HTTPS_PROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
- if ! grep -Fq "NO_PROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then
- echo "NO_PROXY=${NO_PROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env
- else
- sudo sed -i "s|NO_PROXY.*|NO_PROXY=${NO_PROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env
- fi
- fi
-
- # RO
- MYSQL_ROOT_PASSWORD=$(generate_secret)
- if [ ! -f $OSM_DOCKER_WORK_DIR/ro-db.env ]; then
- echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/ro-db.env
- fi
- if [ ! -f $OSM_DOCKER_WORK_DIR/ro.env ]; then
- echo "RO_DB_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/ro.env
- fi
- if ! grep -Fq "OSMRO_DATABASE_COMMONKEY" $OSM_DOCKER_WORK_DIR/ro.env; then
- echo "OSMRO_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/ro.env
- fi
-
- # Keystone
- KEYSTONE_DB_PASSWORD=$(generate_secret)
- SERVICE_PASSWORD=$(generate_secret)
- if [ ! -f $OSM_DOCKER_WORK_DIR/keystone-db.env ]; then
- echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/keystone-db.env
- fi
- if [ ! -f $OSM_DOCKER_WORK_DIR/keystone.env ]; then
- echo "ROOT_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/keystone.env
- echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |sudo tee -a $OSM_DOCKER_WORK_DIR/keystone.env
- echo "SERVICE_PASSWORD=${SERVICE_PASSWORD}" |sudo tee -a $OSM_DOCKER_WORK_DIR/keystone.env
- fi
-
- # NBI
- if [ ! -f $OSM_DOCKER_WORK_DIR/nbi.env ]; then
- echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${SERVICE_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/nbi.env
- echo "OSMNBI_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/nbi.env
- fi
-
- # MON
- if [ ! -f $OSM_DOCKER_WORK_DIR/mon.env ]; then
- echo "OSMMON_KEYSTONE_SERVICE_PASSWORD=${SERVICE_PASSWORD}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- echo "OSMMON_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/mon" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- fi
-
- if ! grep -Fq "OS_NOTIFIER_URI" $OSM_DOCKER_WORK_DIR/mon.env; then
- echo "OS_NOTIFIER_URI=http://${OSM_DEFAULT_IP}:8662" |sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- else
- sudo sed -i "s|OS_NOTIFIER_URI.*|OS_NOTIFIER_URI=http://$OSM_DEFAULT_IP:8662|g" $OSM_DOCKER_WORK_DIR/mon.env
- fi
-
- if ! grep -Fq "OSMMON_VCA_HOST" $OSM_DOCKER_WORK_DIR/mon.env; then
- echo "OSMMON_VCA_HOST=${OSM_VCA_HOST}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- else
- sudo sed -i "s|OSMMON_VCA_HOST.*|OSMMON_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/mon.env
- fi
-
- if ! grep -Fq "OSMMON_VCA_SECRET" $OSM_DOCKER_WORK_DIR/mon.env; then
- echo "OSMMON_VCA_SECRET=${OSM_VCA_SECRET}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- else
- sudo sed -i "s|OSMMON_VCA_SECRET.*|OSMMON_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/mon.env
- fi
-
- if ! grep -Fq "OSMMON_VCA_CACERT" $OSM_DOCKER_WORK_DIR/mon.env; then
- echo "OSMMON_VCA_CACERT=${OSM_VCA_CACERT}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env
- else
- sudo sed -i "s|OSMMON_VCA_CACERT.*|OSMMON_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/mon.env
- fi
-
- # POL
- if [ ! -f $OSM_DOCKER_WORK_DIR/pol.env ]; then
- echo "OSMPOL_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/pol" | sudo tee -a $OSM_DOCKER_WORK_DIR/pol.env
- fi
-
- # NG-SA
- if [ -n "${INSTALL_NGSA}" ] && [ ! -f $OSM_DOCKER_WORK_DIR/ngsa.env ]; then
- echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/ngsa.env
- fi
-
- # Webhook-translator
- if [ -n "${INSTALL_NGSA}" ] && [ ! -f $OSM_DOCKER_WORK_DIR/webhook-translator.env ]; then
- echo "AIRFLOW_HOST=airflow-webserver" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env
- echo "AIRFLOW_PORT=8080" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env
- echo "AIRFLOW_USER=admin" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env
- echo "AIRFLOW_PASS=admin" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env
- fi
-
- echo "Finished generation of docker env files"
- [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
-}
-
-#creates secrets from env files which will be used by containers
-function kube_secrets(){
- [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- kubectl create ns $OSM_NAMESPACE
- kubectl create secret generic lcm-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/lcm.env
- kubectl create secret generic mon-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/mon.env
- kubectl create secret generic nbi-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/nbi.env
- kubectl create secret generic ro-db-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/ro-db.env
- kubectl create secret generic ro-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/ro.env
- kubectl create secret generic keystone-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/keystone.env
- if [ -n "${INSTALL_NGSA}" ]; then
- kubectl create secret generic ngsa-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/ngsa.env
- kubectl create secret generic webhook-translator-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/webhook-translator.env
- else
- kubectl create secret generic pol-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/pol.env
- fi
- [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
-}
-
#deploys osm pods and services
function deploy_osm_services() {
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- echo "The following manifests under $OSM_K8S_WORK_DIR will be deployed:"
- ls $OSM_K8S_WORK_DIR
- kubectl apply -n $OSM_NAMESPACE -f $OSM_K8S_WORK_DIR
+ # helm is already installed as part of install_kubeadm_cluster.sh
+
+ # Generate helm values to be passed with -f osm-values.yaml
+ sudo mkdir -p ${OSM_HELM_WORK_DIR}
+ sudo bash -c "cat << EOF > ${OSM_HELM_WORK_DIR}/osm-values.yaml
+vca:
+ pubkey: \"${OSM_VCA_PUBKEY}\"
+EOF"
+
+ # Generate helm values to be passed with --set
+ OSM_HELM_OPTS=""
+ # OSM_HELM_OPTS="${OSM_HELM_OPTS} --set nbi.useOsmSecret=false"
+ OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.image.repositoryBase=${DOCKER_REGISTRY_URL}${DOCKER_USER}"
+ OSM_HELM_OPTS="${OSM_HELM_OPTS} --set mysql.dbHostPath=${OSM_NAMESPACE_VOL}"
+ OSM_HELM_OPTS="${OSM_HELM_OPTS} --set mon.config.OS_NOTIFIER_URI=http://${OSM_DEFAULT_IP}:8662"
+ OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.host=${OSM_VCA_HOST}"
+ OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.secret=${OSM_VCA_SECRET}"
+ OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.cacert=${OSM_VCA_CACERT}"
+ [ -n "$OSM_VCA_APIPROXY" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set lcm.config.OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}"
+ [ ! "$OSM_DOCKER_TAG" == "13" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.image.tag=${OSM_DOCKER_TAG}"
+ [ -n "${INSTALL_NGSA}" ] || OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.oldServiceAssurance=true"
+
+ echo "helm -n $OSM_NAMESPACE install $OSM_NAMESPACE $OSM_DEVOPS/installers/helm/osm -f ${OSM_HELM_WORK_DIR}/osm-values.yaml ${OSM_HELM_OPTS}"
+ helm -n $OSM_NAMESPACE install $OSM_NAMESPACE $OSM_DEVOPS/installers/helm/osm -f ${OSM_HELM_WORK_DIR}/osm-values.yaml ${OSM_HELM_OPTS}
+
+ # Override existing values.yaml with the final values.yaml used to install OSM
+ helm -n $OSM_NAMESPACE get values $OSM_NAMESPACE | sudo tee -a ${OSM_HELM_WORK_DIR}/osm-values.yaml
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
[ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
}
-function parse_yaml() {
- [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- TAG=$1
- shift
- services=$@
- for module in $services; do
- if [ "$module" == "pla" ]; then
- if [ -n "$INSTALL_PLA" ]; then
- echo "Updating K8s manifest file for ${module} from opensourcemano\/pla:.* to ${DOCKER_REGISTRY_URL}${DOCKER_USER}\/pla:${TAG}"
- sudo sed -i "s#opensourcemano/pla:.*#${DOCKER_REGISTRY_URL}${DOCKER_USER}/pla:${TAG}#g" ${OSM_DOCKER_WORK_DIR}/osm_pla/pla.yaml
- fi
- else
- image=${module}
- if [ "$module" == "ng-prometheus" ]; then
- image="prometheus"
- elif [ "$module" == "ng-mon" ]; then
- image="mon"
- fi
- echo "Updating K8s manifest file for ${module} from opensourcemano\/${image}:.* to ${DOCKER_REGISTRY_URL}${DOCKER_USER}\/${image}:${TAG}"
- sudo sed -i "s#opensourcemano/${image}:.*#${DOCKER_REGISTRY_URL}${DOCKER_USER}/${image}:${TAG}#g" ${OSM_K8S_WORK_DIR}/${module}.yaml
- fi
- done
- [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
-}
-
-function update_manifest_files() {
- [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- osm_services="nbi lcm ro pol mon ng-mon ng-ui keystone pla prometheus ng-prometheus"
- list_of_services=""
- for module in $osm_services; do
- module_upper="${module^^}"
- if ! echo $TO_REBUILD | grep -q $module_upper ; then
- list_of_services="$list_of_services $module"
- fi
- done
- if [ ! "$OSM_DOCKER_TAG" == "13" ]; then
- parse_yaml $OSM_DOCKER_TAG $list_of_services
- fi
- if [ -n "$MODULE_DOCKER_TAG" ]; then
- parse_yaml $MODULE_DOCKER_TAG $list_of_services_to_rebuild
- fi
- # The manifest for prometheus is prometheus.yaml or ng-prometheus.yaml, depending on the installation option
- # If NG-SA is installed, it will include ng-mon (only mon-dashboarder), ng-prometheus and webhook translator. It won't include pol, mon and prometheus
- if [ -n "$INSTALL_NGSA" ]; then
- sudo rm -f ${OSM_K8S_WORK_DIR}/prometheus.yaml
- sudo rm -f ${OSM_K8S_WORK_DIR}/mon.yaml
- sudo rm -f ${OSM_K8S_WORK_DIR}/pol.yaml
- else
- sudo rm -f ${OSM_K8S_WORK_DIR}/ng-mon.yaml
- sudo rm -f ${OSM_K8S_WORK_DIR}/ng-prometheus.yaml
- sudo rm -f ${OSM_K8S_WORK_DIR}/webhook-translator.yaml
- fi
- [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
-}
-
-function namespace_vol() {
- [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
- # List of services with a volume mounted in path /var/lib/osm
- osm_services="mysql"
- for osm in $osm_services; do
- if [ -f "$OSM_K8S_WORK_DIR/$osm.yaml" ] ; then
- sudo sed -i "s#path: /var/lib/osm#path: $OSM_NAMESPACE_VOL#g" $OSM_K8S_WORK_DIR/$osm.yaml
- fi
- done
- [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function
-}
-
function add_local_k8scluster() {
[ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function
/usr/bin/osm --all-projects vim-create \
set_vca_variables
track juju juju_ok
- if [ -z "$OSM_DATABASE_COMMONKEY" ]; then
- OSM_DATABASE_COMMONKEY=$(generate_secret)
- [ -z "OSM_DATABASE_COMMONKEY" ] && FATAL "Cannot generate common db secret"
- fi
-
# Deploy OSM services
[ -z "$DOCKER_NOBUILD" ] && pull_docker_images
[ -z "$DOCKER_NOBUILD" ] && [ -z "$PULL_IMAGES" ] && generate_docker_images
track docker_images docker_images_ok
- generate_k8s_manifest_files
- track osm_files manifest_files_ok
- generate_docker_env_files
- track osm_files env_files_ok
-
deploy_charmed_services
track deploy_osm deploy_charmed_services_ok
- kube_secrets
- track deploy_osm kube_secrets_ok
- update_manifest_files
- track deploy_osm update_manifest_files_ok
- namespace_vol
- track deploy_osm namespace_vol_ok
deploy_osm_services
track deploy_osm deploy_osm_services_k8s_ok
- if [ -n "$INSTALL_PLA" ]; then
- # optional PLA install
- deploy_osm_pla_service
- track deploy_osm deploy_osm_pla_ok
- fi
if [ -n "$INSTALL_K8S_MONITOR" ]; then
# install OSM MONITORING
install_k8s_monitoring
track deploy_osm install_k8s_monitoring_ok
fi
if [ -n "$INSTALL_NGSA" ]; then
- # optional PLA install
+ # optional NGSA install
install_osm_ngsa_service
track deploy_osm install_osm_ngsa_ok
fi
--- /dev/null
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*.orig
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
+.vscode/
--- /dev/null
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v2
+name: osm
+description: A Helm chart for Open Source MANO (OSM)
+type: application
+icon: https://www.etsi.org/images/articles/logos/OSM.png
+version: 0.0.1
+appVersion: "14"
+# dependencies:
+# - name: mongodb
+# repository: "https://charts.bitnami.com/bitnami"
+# version: "13.9.4"
+# condition: mongodb.enabled
+# - name: airflow
+# repository: "https://airflow.apache.org"
+# version: "1.6.0"
+# condition: airflow.enabled
+# - name: mysql
+# repository: "https://charts.bitnami.com/bitnami"
+# version: "9.9.1"
+# condition: mysql.enabled
--- /dev/null
+{{/*
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+*/}}
+1. Get the application URL by running these commands:
+{{- if contains "NodePort" .Values.nbi.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services nbi)
+ export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.nbi.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w nbi'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} nbi --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
+ echo http://$SERVICE_IP:{{ .Values.nbi.service.port }}
+{{- end }}
--- /dev/null
+{{/*
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+*/}}
+{{/*
+Expand the name of the chart.
+*/}}
+{{- define "osm.name" -}}
+{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Create a default fully qualified app name.
+We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
+If release name contains chart name it will be used as a full name.
+*/}}
+{{- define "osm.fullname" -}}
+{{- if .Values.global.fullnameOverride }}
+{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- $name := default .Chart.Name .Values.global.nameOverride }}
+{{- if contains $name .Release.Name }}
+{{- .Release.Name | trunc 63 | trimSuffix "-" }}
+{{- else }}
+{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }}
+{{- end }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create chart name and version as used by the chart label.
+*/}}
+{{- define "osm.chart" -}}
+{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }}
+{{- end }}
+
+{{/*
+Common labels
+*/}}
+{{- define "osm.labels" -}}
+helm.sh/chart: {{ include "osm.chart" . }}
+{{ include "osm.selectorLabels" . }}
+{{- if .Chart.AppVersion }}
+app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
+{{- end }}
+app.kubernetes.io/managed-by: {{ .Release.Service }}
+{{- end }}
+
+{{/*
+Selector labels
+*/}}
+{{- define "osm.selectorLabels" -}}
+app.kubernetes.io/name: {{ include "osm.name" . }}
+app.kubernetes.io/instance: {{ .Release.Name }}
+{{- end }}
+
+{{/*
+Create the name of the service account to use
+*/}}
+{{- define "osm.serviceAccountName" -}}
+{{- if .Values.global.serviceAccount.create }}
+{{- default (include "osm.fullname" .) .Values.global.serviceAccount.name }}
+{{- else }}
+{{- default "default" .Values.global.serviceAccount.name }}
+{{- end }}
+{{- end }}
+
+{{/*
+Create the name of the images to be used
+*/}}
+{{ define "osm.nbi.image" -}}
+{{ printf "%s:%s" (.Values.nbi.image.repository | default (printf "%s/nbi" (.Values.global.image.repositoryBase))) (.Values.nbi.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.lcm.image" -}}
+{{ printf "%s:%s" (.Values.lcm.image.repository | default (printf "%s/lcm" (.Values.global.image.repositoryBase))) (.Values.lcm.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.ro.image" -}}
+{{ printf "%s:%s" (.Values.ro.image.repository | default (printf "%s/ro" (.Values.global.image.repositoryBase))) (.Values.ro.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.mon.image" -}}
+{{ printf "%s:%s" (.Values.mon.image.repository | default (printf "%s/mon" (.Values.global.image.repositoryBase))) (.Values.mon.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.pol.image" -}}
+{{ printf "%s:%s" (.Values.pol.image.repository | default (printf "%s/pol" (.Values.global.image.repositoryBase))) (.Values.pol.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.pla.image" -}}
+{{ printf "%s:%s" (.Values.pla.image.repository | default (printf "%s/pla" (.Values.global.image.repositoryBase))) (.Values.pla.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.ngui.image" -}}
+{{ printf "%s:%s" (.Values.ngui.image.repository | default (printf "%s/ng-ui" (.Values.global.image.repositoryBase))) (.Values.ngui.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.webhookTranslator.image" -}}
+{{ printf "%s:%s" (.Values.webhookTranslator.image.repository | default (printf "%s/webhook" (.Values.global.image.repositoryBase))) (.Values.webhookTranslator.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.keystone.image" -}}
+{{ printf "%s:%s" (.Values.keystone.image.repository | default (printf "%s/keystone" (.Values.global.image.repositoryBase))) (.Values.keystone.image.tag | default .Values.global.image.tag) }}
+{{- end }}
+{{ define "osm.prometheus.image" -}}
+{{ printf "%s:%s" (.Values.prometheus.sidecarImage.repository | default (printf "%s/prometheus" (.Values.global.image.repositoryBase))) (.Values.prometheus.sidecarImage.tag | default .Values.global.image.tag) }}
+{{- end }}
--- /dev/null
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: ca-issuer
+spec:
+ ca:
+ secretName: osm-ca
+{{- end }}
--- /dev/null
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+ name: osm-ca-certificate
+ namespace: osm
+spec:
+ isCA: true
+ commonName: osm
+ secretName: osm-ca
+ privateKey:
+ algorithm: ECDSA
+ size: 256
+ issuerRef:
+ name: osm-selfsigned-issuer
+ kind: ClusterIssuer
+ group: cert-manager.io
+{{- end }}
--- /dev/null
+{{- if .Values.certauth.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: cert-manager.io/v1
+kind: ClusterIssuer
+metadata:
+ name: osm-selfsigned-issuer
+spec:
+ selfSigned: {}
+{{- end }}
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRole
+metadata:
+ labels:
+ app: grafana
+ name: grafana-clusterrole
+rules:
+- apiGroups:
+ - ""
+ resources:
+ - configmaps
+ - secrets
+ verbs:
+ - get
+ - watch
+ - list
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: rbac.authorization.k8s.io/v1
+kind: ClusterRoleBinding
+metadata:
+ labels:
+ app: grafana
+ name: grafana-clusterrolebinding
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: ClusterRole
+ name: grafana-clusterrole
+subjects:
+- kind: ServiceAccount
+ name: grafana
+ namespace: osm
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+data:
+ grafana.ini: |
+ [log]
+ mode = console
+ [paths]
+ data = /var/lib/grafana/data
+ logs = /var/log/grafana
+ plugins = /var/lib/grafana/plugins
+ provisioning = /etc/grafana/provisioning
+kind: ConfigMap
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+data:
+ provider.yaml: |-
+ apiVersion: 1
+ providers:
+ - name: 'Kubernetes Cluster'
+ orgId: 1
+ folder: 'Kubernetes Cluster'
+ type: file
+ disableDeletion: false
+ options:
+ path: '/tmp/dashboards/Kubernetes Cluster'
+ - name: 'Open Source MANO'
+ orgId: 1
+ folder: 'Open Source MANO'
+ type: file
+ disableDeletion: false
+ options:
+ path: '/tmp/dashboards/Open Source MANO'
+kind: ConfigMap
+metadata:
+ labels:
+ app: grafana
+ name: grafana-dashboard-provider
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ labels:
+ grafana_datasource: "1"
+ name: grafana-datasource
+data:
+ datasource.yaml: |-
+ apiVersion: 1
+ datasources:
+ - name: osm_prometheus
+ type: prometheus
+ url: http://prometheus:9090
+ access: proxy
+ allowUiUpdates: true
+ isDefault: true
+ - name: Prometheus
+ type: prometheus
+ url: http://osm-monitoring-kube-promet-prometheus.monitoring:9090
+ access: proxy
+ allowUiUpdates: true
+ isDefault: false
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+spec:
+ replicas: 1
+ selector:
+ matchLabels:
+ app: grafana
+ template:
+ metadata:
+ labels:
+ app: grafana
+ spec:
+ containers:
+ - env:
+ - name: LABEL
+ value: grafana_dashboard
+ - name: FOLDER
+ value: "/tmp/dashboards/Kubernetes Cluster"
+ - name: RESOURCE
+ value: both
+ - name: NAMESPACE
+ value: monitoring
+ image: kiwigrid/k8s-sidecar:1.15.6
+ imagePullPolicy: IfNotPresent
+ name: grafana-sc-dashboard
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: "/tmp/dashboards/Kubernetes Cluster"
+ name: sc-dashboard-volume-k8s
+ - mountPath: "/tmp/dashboards/Open Source MANO"
+ name: sc-dashboard-volume-osm
+ - env:
+ - name: GF_SECURITY_ADMIN_USER
+ valueFrom:
+ secretKeyRef:
+ key: admin-user
+ name: grafana
+ - name: GF_SECURITY_ADMIN_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ key: admin-password
+ name: grafana
+ image: grafana/grafana:8.1.1
+ imagePullPolicy: IfNotPresent
+ livenessProbe:
+ failureThreshold: 10
+ httpGet:
+ path: /api/health
+ port: 3000
+ scheme: HTTP
+ initialDelaySeconds: 60
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 30
+ name: grafana
+ ports:
+ - containerPort: 80
+ name: service
+ protocol: TCP
+ - containerPort: 3000
+ name: grafana
+ protocol: TCP
+ readinessProbe:
+ failureThreshold: 3
+ httpGet:
+ path: /api/health
+ port: 3000
+ scheme: HTTP
+ periodSeconds: 10
+ successThreshold: 1
+ timeoutSeconds: 1
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: /etc/grafana/grafana.ini
+ name: config
+ subPath: grafana.ini
+ - mountPath: /var/lib/grafana
+ name: storage
+ - mountPath: "/tmp/dashboards/Kubernetes Cluster"
+ name: sc-dashboard-volume-k8s
+ - mountPath: "/tmp/dashboards/Open Source MANO"
+ name: sc-dashboard-volume-osm
+ - mountPath: /etc/grafana/provisioning/dashboards/sc-dashboardproviders.yaml
+ name: sc-dashboard-provider
+ subPath: provider.yaml
+ - mountPath: /etc/grafana/provisioning/datasources
+ name: sc-datasources-volume
+ dnsPolicy: ClusterFirst
+ initContainers:
+ - env:
+ - name: METHOD
+ value: LIST
+ - name: LABEL
+ value: grafana_datasource
+ - name: FOLDER
+ value: /etc/grafana/provisioning/datasources
+ - name: RESOURCE
+ value: both
+ image: kiwigrid/k8s-sidecar:1.15.6
+ imagePullPolicy: IfNotPresent
+ name: grafana-sc-datasources
+ resources: {}
+ terminationMessagePath: /dev/termination-log
+ terminationMessagePolicy: File
+ volumeMounts:
+ - mountPath: /etc/grafana/provisioning/datasources
+ name: sc-datasources-volume
+ restartPolicy: Always
+ schedulerName: default-scheduler
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ serviceAccount: grafana
+ serviceAccountName: grafana
+ terminationGracePeriodSeconds: 30
+ volumes:
+ - configMap:
+ defaultMode: 420
+ name: grafana
+ name: config
+ - emptyDir: {}
+ name: storage
+ - emptyDir: {}
+ name: sc-dashboard-volume-k8s
+ - emptyDir: {}
+ name: sc-dashboard-volume-osm
+ - configMap:
+ defaultMode: 420
+ name: grafana-dashboard-provider
+ name: sc-dashboard-provider
+ - emptyDir: {}
+ name: sc-datasources-volume
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+data:
+ admin-password: YWRtaW4=
+ admin-user: YWRtaW4=
+kind: Secret
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+type: Opaque
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+spec:
+ ports:
+ - name: service
+ nodePort: 3000
+ port: 3000
+ protocol: TCP
+ targetPort: 3000
+ selector:
+ app: grafana
+ sessionAffinity: None
+ type: NodePort
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.grafana.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ labels:
+ app: grafana
+ name: grafana
+{{- end -}}
\ No newline at end of file
--- /dev/null
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-kafka-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ KAFKA_ADVERTISED_HOST_NAME: kafka.osm
+ KAFKA_ADVERTISED_PORT: "9092"
+ KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
+ KAFKA_LOG_RETENTION_HOURS: "24"
+ KAFKA_BROKER_ID: "1"
+ KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://:9092"
+ KAFKA_LISTENERS: "PLAINTEXT://:9092"
+ KAFKA_INTER_BROKER_LISTENER_NAME: "PLAINTEXT"
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: kafka
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.kafka.service.port }}
+ targetPort: 9092
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.kafka.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: kafka
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.kafka.replicaCount | default .Values.global.replicaCount }}
+ serviceName: kafka
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: kafka
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ initContainers:
+ - name: zookeeper-test
+ image: alpine:latest
+ command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"]
+ containers:
+ - name: kafka
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: wurstmeister/kafka:2.11-1.0.2
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9092
+ protocol: TCP
+ volumeMounts:
+ - name: socket
+ mountPath: /var/run/docker.sock
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-kafka-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: socket
+ hostPath:
+ path: /var/run/docker.sock
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.keystone.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-keystone-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ DB_HOST: "mysql"
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.keystone.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: keystone
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.keystone.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: keystone
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: keystone
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ containers:
+ - name: keystone
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.keystone.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 5000
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-keystone-configmap
+ {{- if not .Values.keystone.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.keystone.secretName | default "keystone-secret" }}
+ {{- else }}
+ env:
+ - name: ROOT_DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ - name: KEYSTONE_DB_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_KEYSTONE_DB_PASSWORD
+ - name: SERVICE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_SERVICE_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.keystone.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: keystone
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.keystone.service.port }}
+ targetPort: 5000
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: keystone
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.lcm.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-lcm-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMLCM_RO_HOST: "ro"
+ OSMLCM_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMLCM_MESSAGE_HOST: "kafka"
+ OSMLCM_STORAGE_DRIVER: "mongo"
+ OSMLCM_STORAGE_PATH: "/app/storage"
+ OSMLCM_STORAGE_COLLECTION: "files"
+ OSMLCM_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+{{- with .Values.lcm.config }}
+ {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- with .Values.httpProxy }}
+ {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.lcm.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: lcm
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.lcm.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: lcm
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: lcm
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-ro-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 ro 9090 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: lcm
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.lcm.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-lcm-configmap
+ {{- if not .Values.lcm.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.lcm.secretName | default "lcm-secret" }}
+ {{- end }}
+ env:
+ - name: OSMLCM_VCA_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_HOST
+ - name: OSMLCM_VCA_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_SECRET
+ - name: OSMLCM_VCA_PUBKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_PUBKEY
+ - name: OSMLCM_VCA_CACERT
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_CACERT
+ {{- if .Values.lcm.useOsmSecret }}
+ - name: OSMLCM_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ volumeMounts:
+ - mountPath: /etc/ssl/certs/osm-ca.crt
+ name: osm-ca
+ readOnly: true
+ subPath: osm-ca.crt
+ volumes:
+ - name: osm-ca
+ secret:
+ defaultMode: 420
+ items:
+ - key: tls.crt
+ path: osm-ca.crt
+ secretName: osm-ca
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mon.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-mon-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMMON_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMMON_MESSAGE_HOST: "kafka"
+ OSMMON_MESSAGE_PORT: "9092"
+{{- with .Values.mon.config }}
+ {{- . | toYaml | nindent 2 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mon.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: mon
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.mon.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: mon
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: mon
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: mon
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.mon.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ {{- if not .Values.global.oldServiceAssurance }}
+ command: ["/bin/bash"]
+ args: ["scripts/dashboarder-start.sh"]
+ {{- end }}
+ ports:
+ - containerPort: 8662
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-mon-configmap
+ {{- if not .Values.mon.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.mon.secretName | default "mon-secret" }}
+ {{- end }}
+ env:
+ - name: OSMMON_VCA_HOST
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_HOST
+ - name: OSMMON_VCA_SECRET
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_SECRET
+ - name: OSMMON_VCA_CACERT
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ key: OSM_VCA_CACERT
+ {{- if .Values.mon.useOsmSecret }}
+ - name: OSMMON_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mon.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: mon
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.mon.service.port }}
+ targetPort: 8662
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: mon
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mysql.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: mysql
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.mysql.service.port }}
+ targetPort: 3306
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.mysql.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: mysql
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.mysql.replicaCount | default .Values.global.replicaCount }}
+ serviceName: mysql
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: mysql
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: mysql
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: mysql:5
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 3306
+ protocol: TCP
+ name: mysql
+ volumeMounts:
+ - name: mysql-db
+ mountPath: /var/lib/mysql
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ {{- if not .Values.mysql.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.mysql.secretName | default "ro-db-secret" }}
+ {{- else }}
+ env:
+ - name: MYSQL_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: mysql-db
+ hostPath:
+ path: {{ .Values.mysql.dbHostPath | default "/var/lib/osm/{{ .Release.Namespace }}/osm_ro_db/_data" }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-nbi-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMNBI_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMNBI_MESSAGE_HOST: "kafka"
+ OSMNBI_STORAGE_DRIVER: "mongo"
+ OSMNBI_STORAGE_PATH: "/app/storage"
+ OSMNBI_STORAGE_COLLECTION: "files"
+ OSMNBI_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: nbi
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.nbi.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: nbi
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: nbi
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: nbi
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.nbi.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9999
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-nbi-configmap
+ {{- if not .Values.nbi.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.nbi.secretName | default "nbi-secret" }}
+ {{- else }}
+ env:
+ - name: OSMNBI_AUTHENTICATION_SERVICE_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_SERVICE_PASSWORD
+ - name: OSMNBI_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.nbi.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: nbi
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.nbi.service.type }}
+ ports:
+ - nodePort: {{ .Values.nbi.service.nodePort }}
+ port: {{ .Values.nbi.service.port }}
+ targetPort: 9999
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: nbi
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.ngui.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: ngui
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.ngui.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: ngui
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: ngui
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: ngui
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: {{ include "osm.ngui.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.ngui.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: ng-ui
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.ngui.service.type }}
+ ports:
+ - nodePort: {{ .Values.ngui.service.nodePort }}
+ port: {{ .Values.ngui.service.port }}
+ targetPort: 80
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: ngui
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "osm.fullname" . }}-secret
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSM_DATABASE_COMMONKEY: {{ randAlphaNum 32 | b64enc | quote }}
+ OSM_MYSQL_ROOT_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }}
+ OSM_KEYSTONE_DB_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }}
+ OSM_SERVICE_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }}
--- /dev/null
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pla.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-pla-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMPLA_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMPLA_DATABASE_HOST: "mongo"
+ OSMPLA_MESSAGE_HOST: "kafka"
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pla.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: pla
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.pla.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: pla
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: pla
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: pla
+ securityContext:
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.pla.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-pla-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pol.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-pol-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMPOL_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMPOL_MESSAGE_HOST: "kafka"
+ OSMPOL_MESSAGE_PORT: "9092"
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.global.oldServiceAssurance -}}
+{{- if .Values.pol.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: pol
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.pol.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: pol
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: pol
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: pol
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.pol.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 8662
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-pol-configmap
+ {{- if not .Values.pol.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.pol.secretName | default "pol-secret" }}
+ {{- else }}
+ env:
+ - name: OSMPOL_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-alertingrules-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ osm_alert_rules.yml: |
+ groups:
+ - name: osm_alert_rules
+ rules:
+ - alert: vdu_down
+ expr: vm_status_extended != 1
+ for: 3m
+ annotations:
+ summary: "VDU {{ "{{" }} $labels.vm_id }} in VIM {{ "{{" }} $labels.vim_id }} is down"
+ description: "VDU {{ "{{" }} $labels.vm_id }} in VIM {{ "{{" }} $labels.vim_id }} has been down for more than 3 minutes. NS instance id is {{ "{{" }} $labels.ns_id }}"
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ MONGODB_URL: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ PROMETHEUS_CONFIG_FILE: "/etc/prometheus/prometheus.yml"
+ PROMETHEUS_BASE_CONFIG_FILE: "/etc/prometheus_base/prometheus.yml"
+ TARGET_DATABASE: "osm"
+ PROMETHEUS_URL: "http://prometheus:9090"
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-prom-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ prometheus.yml: |
+ # Copyright 2018 The Prometheus Authors
+ # Copyright 2018 Whitestack
+ # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U.
+ #
+ # Licensed under the Apache License, Version 2.0 (the "License");
+ # you may not use this file except in compliance with the License.
+ # You may obtain a copy of the License at
+ #
+ # http://www.apache.org/licenses/LICENSE-2.0
+ #
+ # Unless required by applicable law or agreed to in writing, software
+ # distributed under the License is distributed on an "AS IS" BASIS,
+ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ # See the License for the specific language governing permissions and
+ # limitations under the License.
+
+ # my global config
+ global:
+ scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute.
+ evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute.
+ # scrape_timeout is set to the global default (10s).
+
+ # Alertmanager configuration
+ alerting:
+ alertmanagers:
+ - static_configs:
+ - targets:
+{{- if .Values.global.oldServiceAssurance }}
+ # - alertmanager:9093
+{{- else }}
+ - alertmanager:9093
+{{- end }}
+ # Load rules once and periodically evaluate them according to the global 'evaluation_interval'.
+{{- if .Values.global.oldServiceAssurance }}
+ rule_files:
+ # - "first_rules.yml"
+ # - "second_rules.yml"
+{{- else }}
+ rule_files:
+ - "osm_metric_rules.yml"
+ - "osm_alert_rules.yml"
+{{- end }}
+ # A scrape configuration containing exactly one endpoint to scrape:
+ # Here it's Prometheus itself.
+ scrape_configs:
+ - job_name: 'mon_exporter'
+ static_configs:
+ - targets: ['mon:8000']
+{{- if .Values.global.oldServiceAssurance }}
+ # Add here other external targets, e.g. a pushgateway
+ # - job_name: 'pushgateway'
+ # static_configs:
+ # - targets: ['prometheus-pushgateway:9091']
+{{- else }}
+ - job_name: pushgateway
+ honor_labels: true
+ scrape_interval: 30s
+ static_configs:
+ - targets:
+ - pushgateway-prometheus-pushgateway:9091
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-prometheus-recordingrules-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ osm_metric_rules.yml: |
+ groups:
+ - name: osm_metric_rules
+ rules:
+ - record: vm_status_extended
+ expr: (last_over_time(vm_status[1m]) * on (vm_id, vim_id) group_left(ns_id, vnf_id, vdu_id, project_id, job, vdu_name, vnf_member_index) last_over_time(ns_topology[1m])) or (last_over_time(ns_topology[1m]) * -1)
+ labels:
+ job: osm_prometheus
+ - record: vnf_status
+ expr: (0 * (count (vm_status_extended==0) by (ns_id, vnf_id)>=0)) or (min by (ns_id, vnf_id) (vm_status_extended))
+ labels:
+ job: osm_prometheus
+ - record: ns_status
+ expr: (0 * (count (vm_status_extended==0) by (ns_id)>=0)) or (min by (ns_id) (vm_status_extended))
+ labels:
+ job: osm_prometheus
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: prometheus
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.prometheus.service.type }}
+ ports:
+ - nodePort: {{ .Values.prometheus.service.nodePort }}
+ port: 9090
+ targetPort: 9090
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: prometheus
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.prometheus.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: prometheus
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.prometheus.replicaCount | default .Values.global.replicaCount }}
+ serviceName: prometheus
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: prometheus
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: prometheus
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ initContainers:
+ - name: prometheus-init-config
+ image: busybox
+ command: ["/bin/sh", "-c"]
+{{- if .Values.global.oldServiceAssurance }}
+ args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi']
+{{- else }}
+ args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi; cp /config/osm_metric_rules.yml /config/osm_alert_rules.yml /etc/prometheus']
+{{- end }}
+ volumeMounts:
+ - name: prom-config
+ mountPath: /etc/prometheus
+ - name: prom-config-base
+ mountPath: /config
+ containers:
+ - name: prometheus
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: prom/prometheus:v2.28.1
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ args:
+ - --config.file=/etc/prometheus/prometheus.yml
+ - --web.enable-lifecycle
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ volumeMounts:
+ - name: prom-config
+ mountPath: /etc/prometheus
+ - name: prom-db
+ mountPath: /prometheus
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ - name: prometheus-config-sidecar
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: {{ include "osm.prometheus.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ volumeMounts:
+ - name: prom-config
+ mountPath: /etc/prometheus
+ - name: prom-config-base
+ mountPath: /etc/prometheus_base
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-prometheus-configmap
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ volumes:
+ - name: prom-db
+ emptyDir: {}
+ - name: prom-config
+ emptyDir: {}
+ - name: prom-config-base
+ projected:
+ sources:
+ - configMap:
+ name: {{ include "osm.fullname" . }}-prometheus-prom-configmap
+ items:
+ - key: prometheus.yml
+ path: prometheus.yml
+{{- if not .Values.global.oldServiceAssurance }}
+ - configMap:
+ name: {{ include "osm.fullname" . }}-prometheus-recordingrules-configmap
+ items:
+ - key: osm_metric_rules.yml
+ path: osm_metric_rules.yml
+ - configMap:
+ name: {{ include "osm.fullname" . }}-prometheus-alertingrules-configmap
+ items:
+ - key: osm_alert_rules.yml
+ path: osm_alert_rules.yml
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.ro.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-ro-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSMRO_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+ OSMRO_MESSAGE_HOST: "kafka"
+ OSMRO_STORAGE_DRIVER: "mongo"
+ OSMRO_STORAGE_PATH: "/app/storage"
+ OSMRO_STORAGE_COLLECTION: "files"
+ OSMRO_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0"
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.ro.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: ro
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.ro.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: ro
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: ro
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ initContainers:
+ - name: kafka-mongo-test
+ image: alpine:latest
+ command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"]
+ containers:
+ - name: ro
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.ro.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 9090
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-ro-configmap
+ {{- if not .Values.ro.useOsmSecret }}
+ - secretRef:
+ name: {{ .Values.ro.secretName | default "ro-secret" }}
+ {{- else }}
+ env:
+ - name: OSMRO_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_DATABASE_COMMONKEY
+ - name: RO_DB_ROOT_PASSWORD
+ valueFrom:
+ secretKeyRef:
+ name: {{ include "osm.fullname" . }}-secret
+ key: OSM_MYSQL_ROOT_PASSWORD
+ {{- end }}
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.ro.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: ro
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.ro.service.port }}
+ targetPort: 9090
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: ro
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.global.serviceAccount.create -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ include "osm.serviceAccountName" . }}
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+ {{- with .Values.global.serviceAccount.annotations }}
+ annotations:
+ {{- toYaml . | nindent 4 }}
+ {{- end }}
+{{- end }}
--- /dev/null
+{{- if .Values.vca.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "osm.fullname" . }}-vca-secret
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ OSM_VCA_HOST: {{ ( .Values.vca.host | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+ OSM_VCA_SECRET: {{ ( .Values.vca.secret | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+ OSM_VCA_PUBKEY: {{ ( .Values.vca.pubkey | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+ OSM_VCA_CACERT: {{ ( .Values.vca.cacert | default ( randAlphaNum 32 ) ) | b64enc | quote }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: {{ include "osm.fullname" . }}-webhook-configmap
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ AIRFLOW_HOST: "airflow-webserver"
+ AIRFLOW_PORT: "8080"
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: webhook-translator
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.webhookTranslator.replicaCount | default .Values.global.replicaCount }}
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: webhook-translator
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: webhook-translator
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ securityContext:
+ {{- toYaml .Values.global.podSecurityContext | nindent 8 }}
+ containers:
+ - name: webhook-translator
+ securityContext:
+ readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ runAsNonRoot: true
+ {{- toYaml .Values.global.securityContext | nindent 12 }}
+ image: {{ include "osm.webhookTranslator.image" . }}
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 80
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ envFrom:
+ - configMapRef:
+ name: {{ include "osm.fullname" . }}-webhook-configmap
+ - secretRef:
+ name: {{ include "osm.fullname" . }}-webhook-secret
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Secret
+type: Opaque
+metadata:
+ name: {{ include "osm.fullname" . }}-webhook-secret
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+data:
+ # AIRFLOW_USER: {{ randAlphaNum 32 | b64enc | quote }}
+ AIRFLOW_USER: {{ "admin" | b64enc | quote }}
+ # AIRFLOW_PASS: {{ randAlphaNum 32 | b64enc | quote }}
+ AIRFLOW_PASS: {{ "admin" | b64enc | quote }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if not .Values.global.oldServiceAssurance -}}
+{{- if .Values.webhookTranslator.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: webhook-translator
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: {{ .Values.webhookTranslator.service.type }}
+ ports:
+ - nodePort: {{ .Values.webhookTranslator.service.nodePort }}
+ port: 80
+ targetPort: 80
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: webhook-translator
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.zookeeper.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: v1
+kind: Service
+metadata:
+ name: zookeeper
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ type: ClusterIP
+ clusterIP: None
+ ports:
+ - port: {{ .Values.zookeeper.service.port }}
+ targetPort: 2181
+ protocol: TCP
+ selector:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 4 }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+{{- if .Values.zookeeper.enabled -}}
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+apiVersion: apps/v1
+kind: StatefulSet
+metadata:
+ name: zookeeper
+ labels:
+ {{- include "osm.labels" . | nindent 4 }}
+spec:
+ replicas: {{ .Values.zookeeper.replicaCount | default .Values.global.replicaCount }}
+ serviceName: zookeeper
+ selector:
+ matchLabels:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 6 }}
+ template:
+ metadata:
+ {{- with .Values.global.podAnnotations }}
+ annotations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ labels:
+ app.kubernetes.io/component: zookeeper
+ {{- include "osm.selectorLabels" . | nindent 8 }}
+ spec:
+ {{- with .Values.global.imagePullSecrets }}
+ imagePullSecrets:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ serviceAccountName: {{ include "osm.serviceAccountName" . }}
+ containers:
+ - name: zookeeper
+ securityContext:
+ # readOnlyRootFilesystem: true
+ allowPrivilegeEscalation: false
+ # runAsNonRoot: true
+ image: wurstmeister/zookeeper:latest
+ imagePullPolicy: {{ .Values.global.image.pullPolicy }}
+ ports:
+ - containerPort: 2181
+ protocol: TCP
+ resources:
+ limits:
+ memory: 1024Mi
+ requests:
+ memory: 128Mi
+ {{- with .Values.global.nodeSelector }}
+ nodeSelector:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.affinity }}
+ affinity:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ {{- with .Values.global.tolerations }}
+ tolerations:
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+{{- end }}
\ No newline at end of file
--- /dev/null
+#######################################################################################
+# Copyright ETSI Contributors and Others.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#######################################################################################
+# Default values for osm.
+# This is a YAML-formatted file.
+# Declare variables to be passed into your templates.
+
+global:
+ replicaCount: 1
+
+ image:
+ repositoryBase: docker.io/opensourcemano
+ pullPolicy: IfNotPresent
+ # Overrides the image tag whose default is the chart appVersion.
+ tag: "13"
+
+ imagePullSecrets: []
+ nameOverride: ""
+ fullnameOverride: ""
+
+ serviceAccount:
+ # Specifies whether a service account should be created
+ create: true
+ # Annotations to add to the service account
+ annotations: {}
+ # The name of the service account to use.
+ # If not set and create is true, a name is generated using the fullname template
+ name: ""
+
+ podAnnotations: {}
+
+ podSecurityContext:
+ # runAsUser: 1000
+ # runAsGroup: 1000
+ fsGroup: 1000
+
+ securityContext:
+ runAsUser: 1000
+
+ nodeSelector: {}
+
+ tolerations: []
+
+ affinity: {}
+
+ behindHttpProxy: false
+ httpProxy: {}
+ # HTTP_PROXY: <HTTP_PROXY>
+ # HTTPS_PROXY: <HTTPS_PROXY>
+ # NO_PROXY: <NO_PROXY>
+
+ oldServiceAssurance: false
+
+certauth:
+ enabled: true
+
+grafana:
+ enabled: true
+
+kafka:
+ enabled: true
+ service:
+ port: 9092
+ # replicaCount: 1
+
+keystone:
+ enabled: true
+ service:
+ port: 5000
+ image: {}
+ # repository: opensourcemano/keystone
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "keystone-secret"
+
+lcm:
+ enabled: true
+ image: {}
+ # repository: opensourcemano/lcm
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "lcm-secret"
+ config:
+ OSMLCM_VCA_CLOUD: "lxd-cloud"
+ OSMLCM_VCA_K8S_CLOUD: "k8scloud"
+ # OSMLCM_VCA_APIPROXY: "<VCA API proxy>"
+ # OSMLCM_VCA_ENABLEOSUPGRADE: true
+ # OSMLCM_VCA_APTMIRROR: "http://archive.ubuntu.com/ubuntu/"
+
+mon:
+ enabled: true
+ service:
+ port: 8662
+ image: {}
+ # repository: opensourcemano/mon
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "mon-secret"
+ config: {}
+ # OS_NOTIFIER_URI: "http://DEFAULT_IP:8662"
+
+mysql:
+ enabled: true
+ # dbHostPath: "/var/lib/osm/osm"
+ service:
+ port: 3306
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "ro-db-secret"
+
+nbi:
+ enabled: true
+ service:
+ type: NodePort
+ port: 9999
+ nodePort: 9999
+ image: {}
+ # repository: opensourcemano/nbi
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "nbi-secret"
+
+ngui:
+ enabled: true
+ service:
+ type: NodePort
+ port: 80
+ nodePort: 80
+ image: {}
+ # repository: opensourcemano/ng-ui
+ # tag: "13"
+ # replicaCount: 1
+
+# pla module is disabled by default unless global.oldServiceAssurance and pla.enabled are set to true
+pla:
+ enabled: false
+ image: {}
+ # repository: opensourcemano/pla
+ # tag: "13"
+ # replicaCount: 1
+
+# pol module is disabled by default unless global.oldServiceAssurance and pol.enabled are set to true
+pol:
+ enabled: true
+ image: {}
+ # repository: opensourcemano/pol
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "pol-secret"
+
+prometheus:
+ enabled: true
+ service:
+ type: NodePort
+ nodePort: 9091
+ # replicaCount: 1
+ sidecarImage: {}
+ # repository: opensourcemano/ro
+ # tag: "13"
+
+ro:
+ enabled: true
+ service:
+ port: 9090
+ image: {}
+ # repository: opensourcemano/ro
+ # tag: "13"
+ # replicaCount: 1
+ useOsmSecret: true
+ # secretName: "ro-secret"
+
+vca:
+ enabled: true
+ # host: ""
+ # secret: ""
+ # cacert: ""
+ # pubkey: ""
+
+webhookTranslator:
+ enabled: true
+ service:
+ type: NodePort
+ nodePort: 9998
+ image: {}
+ # repository: opensourcemano/webhook
+ # tag: "13"
+ # replicaCount: 1
+
+zookeeper:
+ enabled: true
+ service:
+ port: 2181
+ # replicaCount: 1
extraEnv: |
- name: AIRFLOW__API__AUTH_BACKENDS
value: 'airflow.api.auth.backend.basic_auth'
-extraEnvFrom: |
- - secretRef:
- name: ngsa-secret
+ - name: OSMMON_DATABASE_COMMONKEY
+ valueFrom:
+ secretKeyRef:
+ name: osm-secret
+ key: OSM_DATABASE_COMMONKEY
+# extraEnvFrom: |
+# - secretRef:
+# name: ngsa-secret
config:
core:
dags_folder: "/home/airflow/.local/lib/python3.10/site-packages/osm_ngsa"
sudo sed -i "s#defaultAirflowTag:.*#defaultAirflowTag: ${OSM_DOCKER_TAG}#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
echo "Updating Helm values file helm/values/airflow-values.yaml to use defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow"
sudo sed -i "s#defaultAirflowRepository:.*#defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml
+
if ! helm -n osm status airflow 2> /dev/null ; then
# if it does not exist, create secrets and install
kubectl -n osm create secret generic airflow-webserver-secret --from-literal="webserver-secret-key=$(python3 -c 'import secrets; print(secrets.token_hex(16))')"
oks_in_a_row=0
+# Show status of the OSM services deployed with helm
+echo "helm -n ${STACK_NAME} list"
+helm -n ${STACK_NAME} list
+echo "helm -n ${STACK_NAME} status ${STACK_NAME}"
+helm -n ${STACK_NAME} status ${STACK_NAME}
+
####################################################################################
# Loop to check system readiness
####################################################################################
projects / osm / devops.git / commitdiff