-# Copyright 2021 Canonical Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
#
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-#
-##
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
########################################################################################
# This Dockerfile is intented for devops testing and deb package generation
#
# devops-stages/stage-build.sh
#
-FROM ubuntu:20.04
+FROM ubuntu:22.04
ARG APT_PROXY
RUN if [ ! -z $APT_PROXY ] ; then \
RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get -y install \
debhelper \
- dh-make \
+ dh-python \
git \
python3 \
python3-all \
python3-dev \
- python3-setuptools
-
-RUN python3 -m easy_install pip==21.3.1
-RUN pip install tox==3.24.5
+ python3-setuptools \
+ python3-pip \
+ tox
ENV LC_ALL C.UTF-8
ENV LANG C.UTF-8
RUN DEBIAN_FRONTEND=noninteractive apt-get update && \
DEBIAN_FRONTEND=noninteractive apt-get -y install \
- unzip
+ dh-make
RUN curl https://get.helm.sh/helm-v3.11.3-linux-amd64.tar.gz --output helm-v3.11.3.tar.gz \
&& tar -zxvf helm-v3.11.3.tar.gz \
# License for the specific language governing permissions and limitations
# under the License.
+# Download helm chart dependencies
+helm dependency update installers/helm/osm
+
PKG_DIRECTORIES="common jenkins installers tools docker"
MDG_NAME=devops
DEB_INSTALL=debian/osm-$MDG_NAME.install
fi
done
+# Download helm chart dependencies
+helm dependency update installers/helm/osm
+
# Execute linting test for OSM helm chart
helm lint installers/helm/osm
icon: https://www.etsi.org/images/articles/logos/OSM.png
version: 0.0.1
appVersion: "14"
-# dependencies:
-# - name: mongodb
-# repository: "https://charts.bitnami.com/bitnami"
-# version: "13.9.4"
-# condition: mongodb.enabled
-# - name: airflow
-# repository: "https://airflow.apache.org"
-# version: "1.6.0"
-# condition: airflow.enabled
-# - name: mysql
-# repository: "https://charts.bitnami.com/bitnami"
-# version: "9.9.1"
-# condition: mysql.enabled
+dependencies:
+- name: mysql
+ repository: "https://charts.bitnami.com/bitnami"
+ version: "9.12.3"
+ condition: mysql.enabled
+- name: kafka
+ repository: "https://charts.bitnami.com/bitnami"
+ version: "25.1.12"
+ condition: kafka.enabled
+- name: zookeeper
+ repository: "https://charts.bitnami.com/bitnami"
+ version: "12.1.3"
+ condition: zookeeper.enabled
+
secretKeyRef:
key: admin-password
name: grafana
- image: grafana/grafana:8.1.1
+ image: grafana/grafana:10.1.2
imagePullPolicy: IfNotPresent
livenessProbe:
failureThreshold: 10
name: sc-dashboard-provider
- emptyDir: {}
name: sc-datasources-volume
-{{- end -}}
\ No newline at end of file
+{{- end -}}
+++ /dev/null
-{{- if .Values.kafka.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "osm.fullname" . }}-kafka-configmap
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-data:
- KAFKA_ADVERTISED_HOST_NAME: kafka.osm
- KAFKA_ADVERTISED_PORT: "9092"
- KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181"
- KAFKA_LOG_RETENTION_HOURS: "24"
- KAFKA_BROKER_ID: "1"
- KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://:9092"
- KAFKA_LISTENERS: "PLAINTEXT://:9092"
- KAFKA_INTER_BROKER_LISTENER_NAME: "PLAINTEXT"
- KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
-{{- end }}
\ No newline at end of file
+++ /dev/null
-{{- if .Values.kafka.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: v1
-kind: Service
-metadata:
- name: kafka
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - port: {{ .Values.kafka.service.port }}
- targetPort: 9092
- protocol: TCP
- selector:
- app.kubernetes.io/component: kafka
- {{- include "osm.selectorLabels" . | nindent 4 }}
-{{- end }}
\ No newline at end of file
+++ /dev/null
-{{- if .Values.kafka.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: kafka
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-spec:
- replicas: {{ .Values.kafka.replicaCount | default .Values.global.replicaCount }}
- serviceName: kafka
- selector:
- matchLabels:
- app.kubernetes.io/component: kafka
- {{- include "osm.selectorLabels" . | nindent 6 }}
- template:
- metadata:
- {{- with .Values.global.podAnnotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- labels:
- app.kubernetes.io/component: kafka
- {{- include "osm.selectorLabels" . | nindent 8 }}
- spec:
- {{- with .Values.global.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "osm.serviceAccountName" . }}
- initContainers:
- - name: zookeeper-test
- image: alpine:latest
- command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"]
- containers:
- - name: kafka
- securityContext:
- # readOnlyRootFilesystem: true
- allowPrivilegeEscalation: false
- # runAsNonRoot: true
- image: wurstmeister/kafka:2.11-1.0.2
- imagePullPolicy: {{ .Values.global.image.pullPolicy }}
- ports:
- - containerPort: 9092
- protocol: TCP
- volumeMounts:
- - name: socket
- mountPath: /var/run/docker.sock
- resources:
- limits:
- memory: 1024Mi
- requests:
- memory: 128Mi
- envFrom:
- - configMapRef:
- name: {{ include "osm.fullname" . }}-kafka-configmap
- {{- with .Values.global.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.global.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.global.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- volumes:
- - name: socket
- hostPath:
- path: /var/run/docker.sock
-{{- end }}
\ No newline at end of file
- name: ROOT_DB_PASSWORD
valueFrom:
secretKeyRef:
- name: {{ include "osm.fullname" . }}-secret
- key: OSM_MYSQL_ROOT_PASSWORD
+ name: mysql
+ key: mysql-root-password
- name: KEYSTONE_DB_PASSWORD
valueFrom:
secretKeyRef:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
+++ /dev/null
-{{- if .Values.mysql.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: v1
-kind: Service
-metadata:
- name: mysql
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - port: {{ .Values.mysql.service.port }}
- targetPort: 3306
- protocol: TCP
- selector:
- app.kubernetes.io/component: mysql
- {{- include "osm.selectorLabels" . | nindent 4 }}
-{{- end }}
\ No newline at end of file
+++ /dev/null
-{{- if .Values.mysql.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: mysql
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-spec:
- replicas: {{ .Values.mysql.replicaCount | default .Values.global.replicaCount }}
- serviceName: mysql
- selector:
- matchLabels:
- app.kubernetes.io/component: mysql
- {{- include "osm.selectorLabels" . | nindent 6 }}
- template:
- metadata:
- {{- with .Values.global.podAnnotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- labels:
- app.kubernetes.io/component: mysql
- {{- include "osm.selectorLabels" . | nindent 8 }}
- spec:
- {{- with .Values.global.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "osm.serviceAccountName" . }}
- containers:
- - name: mysql
- securityContext:
- # readOnlyRootFilesystem: true
- allowPrivilegeEscalation: false
- # runAsNonRoot: true
- image: mysql:8.0.34
- imagePullPolicy: {{ .Values.global.image.pullPolicy }}
- ports:
- - containerPort: 3306
- protocol: TCP
- name: mysql
- volumeMounts:
- - name: mysql-db
- mountPath: /var/lib/mysql
- resources:
- limits:
- memory: 1024Mi
- requests:
- memory: 128Mi
- envFrom:
- {{- if not .Values.mysql.useOsmSecret }}
- - secretRef:
- name: {{ .Values.mysql.secretName | default "ro-db-secret" }}
- {{- else }}
- env:
- - name: MYSQL_ROOT_PASSWORD
- valueFrom:
- secretKeyRef:
- name: {{ include "osm.fullname" . }}-secret
- key: OSM_MYSQL_ROOT_PASSWORD
- {{- end }}
- {{- with .Values.global.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.global.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.global.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- volumes:
- - name: mysql-db
- hostPath:
- path: {{ .Values.mysql.dbHostPath | default "/var/lib/osm/{{ .Release.Namespace }}/osm_ro_db/_data" }}
-{{- end }}
\ No newline at end of file
# readOnlyRootFilesystem: true
allowPrivilegeEscalation: false
# runAsNonRoot: true
- image: prom/prometheus:v2.28.1
+ image: prom/prometheus:v2.47.0
imagePullPolicy: {{ .Values.global.image.pullPolicy }}
args:
- --config.file=/etc/prometheus/prometheus.yml
- key: osm_alert_rules.yml
path: osm_alert_rules.yml
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
- name: RO_DB_ROOT_PASSWORD
valueFrom:
secretKeyRef:
- name: {{ include "osm.fullname" . }}-secret
- key: OSM_MYSQL_ROOT_PASSWORD
+ name: mysql
+ key: mysql-root-password
{{- end }}
{{- with .Values.global.nodeSelector }}
nodeSelector:
tolerations:
{{- toYaml . | nindent 8 }}
{{- end }}
-{{- end }}
\ No newline at end of file
+{{- end }}
+++ /dev/null
-{{- if .Values.zookeeper.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: v1
-kind: Service
-metadata:
- name: zookeeper
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-spec:
- type: ClusterIP
- clusterIP: None
- ports:
- - port: {{ .Values.zookeeper.service.port }}
- targetPort: 2181
- protocol: TCP
- selector:
- app.kubernetes.io/component: zookeeper
- {{- include "osm.selectorLabels" . | nindent 4 }}
-{{- end }}
\ No newline at end of file
+++ /dev/null
-{{- if .Values.zookeeper.enabled -}}
-#######################################################################################
-# Copyright ETSI Contributors and Others.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
-# implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#######################################################################################
-apiVersion: apps/v1
-kind: StatefulSet
-metadata:
- name: zookeeper
- labels:
- {{- include "osm.labels" . | nindent 4 }}
-spec:
- replicas: {{ .Values.zookeeper.replicaCount | default .Values.global.replicaCount }}
- serviceName: zookeeper
- selector:
- matchLabels:
- app.kubernetes.io/component: zookeeper
- {{- include "osm.selectorLabels" . | nindent 6 }}
- template:
- metadata:
- {{- with .Values.global.podAnnotations }}
- annotations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- labels:
- app.kubernetes.io/component: zookeeper
- {{- include "osm.selectorLabels" . | nindent 8 }}
- spec:
- {{- with .Values.global.imagePullSecrets }}
- imagePullSecrets:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- serviceAccountName: {{ include "osm.serviceAccountName" . }}
- containers:
- - name: zookeeper
- securityContext:
- # readOnlyRootFilesystem: true
- allowPrivilegeEscalation: false
- # runAsNonRoot: true
- image: wurstmeister/zookeeper:latest
- imagePullPolicy: {{ .Values.global.image.pullPolicy }}
- ports:
- - containerPort: 2181
- protocol: TCP
- resources:
- limits:
- memory: 1024Mi
- requests:
- memory: 128Mi
- {{- with .Values.global.nodeSelector }}
- nodeSelector:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.global.affinity }}
- affinity:
- {{- toYaml . | nindent 8 }}
- {{- end }}
- {{- with .Values.global.tolerations }}
- tolerations:
- {{- toYaml . | nindent 8 }}
- {{- end }}
-{{- end }}
\ No newline at end of file
kafka:
enabled: true
- service:
- port: 9092
+ listeners:
+ client:
+ protocol: "PLAINTEXT"
+ fullnameOverride: "kafka"
# replicaCount: 1
keystone:
mysql:
enabled: true
- # dbHostPath: "/var/lib/osm/osm"
- service:
- port: 3306
- # replicaCount: 1
- useOsmSecret: true
- # secretName: "ro-db-secret"
+ image:
+ tag: "8.1-debian-11"
+ fullnameOverride: "mysql"
nbi:
enabled: true
zookeeper:
enabled: true
- service:
- port: 2181
+ fullnameOverride: "zookeeper"
# replicaCount: 1
# State of Statefulsets
STS_STATE=$(kubectl get statefulset -n ${STACK_NAME} --no-headers 2>&1)
- STS_READY=$(echo "${STS_STATE}" | awk '$2=="1/1" || $2=="2/2" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
- STS_NOT_READY=$(echo "${STS_STATE}" | awk '$2!="1/1" && $2!="2/2" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
+ STS_READY=$(echo "${STS_STATE}" | awk '$2=="1/1" || $2=="2/2" || $2=="3/3" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
+ STS_NOT_READY=$(echo "${STS_STATE}" | awk '$2!="1/1" && $2!="2/2" && $2!="3/3" {printf ("%20s\t%s\t%s\n", $1, $2, $4)}')
COUNT_STS_READY=$(echo "${STS_READY}" | grep -v -e '^$' | wc -l)
COUNT_STS_NOT_READY=$(echo "${STS_NOT_READY}" | grep -v -e '^$' | wc -l)