From 8080e4b32d3dc5e66ea85a503a4daa79df3098d0 Mon Sep 17 00:00:00 2001 From: garciadeblas Date: Fri, 14 Apr 2023 09:57:17 +0200 Subject: [PATCH] Feature 8170: deploy OSM services with a helm chart Change-Id: Ice69a2c7adcfdae331fee7212337e47e82130516 Signed-off-by: garciadeblas --- Dockerfile | 13 + devops-stages/stage-test.sh | 7 + installers/docker/docker-compose-ngui.yaml | 39 --- installers/docker/docker-compose.yaml | 271 --------------- installers/docker/osm_pla/docker-compose.yaml | 36 -- installers/docker/osm_pla/pla.yaml | 49 --- installers/docker/osm_pods/kafka.yaml | 83 ----- installers/docker/osm_pods/keystone.yaml | 58 ---- installers/docker/osm_pods/lcm.yaml | 75 ---- installers/docker/osm_pods/mon.yaml | 66 ---- installers/docker/osm_pods/mysql.yaml | 63 ---- installers/docker/osm_pods/nbi.yaml | 76 ----- installers/docker/osm_pods/ng-mon.yaml | 68 ---- installers/docker/osm_pods/ng-prometheus.yaml | 177 ---------- installers/docker/osm_pods/pol.yaml | 53 --- installers/docker/osm_pods/prometheus.yaml | 154 --------- installers/docker/osm_pods/ro.yaml | 72 ---- installers/full_install_osm.sh | 320 ++---------------- installers/helm/osm/.helmignore | 39 +++ installers/helm/osm/Chart.yaml | 36 ++ installers/helm/osm/templates/NOTES.txt | 29 ++ installers/helm/osm/templates/_helpers.tpl | 114 +++++++ .../templates/certauth_setup/ca-issuer.yaml | 25 ++ .../certauth_setup/osm-ca-certificate.yaml} | 24 +- .../certauth_setup/osm-selfsigned-issuer.yaml | 24 ++ .../grafana/grafana-clusterrole.yaml | 34 ++ .../grafana/grafana-clusterrolebinding.yaml | 32 ++ .../templates/grafana/grafana-configmap.yaml | 33 ++ .../grafana-dashboard-provider-configmap.yaml | 42 +++ .../grafana/grafana-datasource-configmap.yaml | 40 +++ .../grafana/grafana-deployment.yaml} | 163 +-------- .../osm/templates/grafana/grafana-secret.yaml | 28 ++ .../templates/grafana/grafana-service.yaml} | 47 +-- .../grafana/grafana-serviceaccount.yaml | 24 ++ .../osm/templates/kafka/kafka-configmap.yaml | 34 ++ .../osm/templates/kafka/kafka-service.yaml | 34 ++ .../templates/kafka/kafka-statefulset.yaml | 88 +++++ .../keystone/keystone-configmap.yaml | 26 ++ .../keystone/keystone-deployment.yaml | 100 ++++++ .../templates/keystone/keystone-service.yaml | 34 ++ .../helm/osm/templates/lcm/lcm-configmap.yaml | 38 +++ .../osm/templates/lcm/lcm-deployment.yaml | 125 +++++++ .../helm/osm/templates/mon/mon-configmap.yaml | 31 ++ .../osm/templates/mon/mon-deployment.yaml | 114 +++++++ .../helm/osm/templates/mon/mon-service.yaml | 34 ++ .../osm/templates/mysql/mysql-service.yaml | 34 ++ .../templates/mysql/mysql-statefulset.yaml | 94 +++++ .../helm/osm/templates/nbi/nbi-configmap.yaml | 31 ++ .../osm/templates/nbi/nbi-deployment.yaml | 99 ++++++ .../helm/osm/templates/nbi/nbi-service.yaml | 34 ++ .../osm/templates/ng_ui/ngui-deployment.yaml | 73 ++++ .../osm/templates/ng_ui/ngui-service.yaml | 34 ++ installers/helm/osm/templates/osm-secret.yaml | 28 ++ .../helm/osm/templates/pla/pla-configmap.yaml | 30 ++ .../osm/templates/pla/pla-deployment.yaml | 82 +++++ .../helm/osm/templates/pol/pol-configmap.yaml | 30 ++ .../osm/templates/pol/pol-deployment.yaml | 96 ++++++ .../prometheus-alertingrules-configmap.yaml | 37 ++ .../prometheus/prometheus-configmap.yaml | 30 ++ .../prometheus/prometheus-prom-configmap.yaml | 87 +++++ .../prometheus-recordingrules-configmap.yaml | 43 +++ .../prometheus/prometheus-service.yaml | 34 ++ .../prometheus/prometheus-statefulset.yaml | 141 ++++++++ .../helm/osm/templates/ro/ro-configmap.yaml | 31 ++ .../helm/osm/templates/ro/ro-deployment.yaml | 99 ++++++ .../helm/osm/templates/ro/ro-service.yaml | 34 ++ .../helm/osm/templates/serviceaccount.yaml | 28 ++ .../helm/osm/templates/vca/vca-secret.yaml | 30 ++ .../webhook-translator-configmap.yaml | 29 ++ .../webhook-translator-deployment.yaml | 83 +++++ .../webhook-translator-secret.yaml | 32 ++ .../webhook-translator-service.yaml} | 45 +-- .../zookeeper/zookeeper-service.yaml} | 46 +-- .../zookeeper/zookeeper-statefulset.yaml | 74 ++++ installers/helm/osm/values.yaml | 211 ++++++++++++ installers/helm/values/airflow-values.yaml | 11 +- installers/install_ngsa.sh | 1 + installers/osm_health.sh | 6 + 78 files changed, 2973 insertions(+), 1896 deletions(-) delete mode 100644 installers/docker/docker-compose-ngui.yaml delete mode 100644 installers/docker/docker-compose.yaml delete mode 100644 installers/docker/osm_pla/docker-compose.yaml delete mode 100644 installers/docker/osm_pla/pla.yaml delete mode 100644 installers/docker/osm_pods/kafka.yaml delete mode 100644 installers/docker/osm_pods/keystone.yaml delete mode 100644 installers/docker/osm_pods/lcm.yaml delete mode 100644 installers/docker/osm_pods/mon.yaml delete mode 100644 installers/docker/osm_pods/mysql.yaml delete mode 100644 installers/docker/osm_pods/nbi.yaml delete mode 100644 installers/docker/osm_pods/ng-mon.yaml delete mode 100644 installers/docker/osm_pods/ng-prometheus.yaml delete mode 100644 installers/docker/osm_pods/pol.yaml delete mode 100644 installers/docker/osm_pods/prometheus.yaml delete mode 100644 installers/docker/osm_pods/ro.yaml create mode 100644 installers/helm/osm/.helmignore create mode 100644 installers/helm/osm/Chart.yaml create mode 100644 installers/helm/osm/templates/NOTES.txt create mode 100644 installers/helm/osm/templates/_helpers.tpl create mode 100644 installers/helm/osm/templates/certauth_setup/ca-issuer.yaml rename installers/{docker/osm_pods/ca_setup.yaml => helm/osm/templates/certauth_setup/osm-ca-certificate.yaml} (73%) create mode 100644 installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml create mode 100644 installers/helm/osm/templates/grafana/grafana-clusterrole.yaml create mode 100644 installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml create mode 100644 installers/helm/osm/templates/grafana/grafana-configmap.yaml create mode 100644 installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml create mode 100644 installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml rename installers/{docker/osm_pods/grafana.yaml => helm/osm/templates/grafana/grafana-deployment.yaml} (56%) create mode 100644 installers/helm/osm/templates/grafana/grafana-secret.yaml rename installers/{docker/osm_pods/ng-ui.yaml => helm/osm/templates/grafana/grafana-service.yaml} (53%) create mode 100644 installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml create mode 100644 installers/helm/osm/templates/kafka/kafka-configmap.yaml create mode 100644 installers/helm/osm/templates/kafka/kafka-service.yaml create mode 100644 installers/helm/osm/templates/kafka/kafka-statefulset.yaml create mode 100644 installers/helm/osm/templates/keystone/keystone-configmap.yaml create mode 100644 installers/helm/osm/templates/keystone/keystone-deployment.yaml create mode 100644 installers/helm/osm/templates/keystone/keystone-service.yaml create mode 100644 installers/helm/osm/templates/lcm/lcm-configmap.yaml create mode 100644 installers/helm/osm/templates/lcm/lcm-deployment.yaml create mode 100644 installers/helm/osm/templates/mon/mon-configmap.yaml create mode 100644 installers/helm/osm/templates/mon/mon-deployment.yaml create mode 100644 installers/helm/osm/templates/mon/mon-service.yaml create mode 100644 installers/helm/osm/templates/mysql/mysql-service.yaml create mode 100644 installers/helm/osm/templates/mysql/mysql-statefulset.yaml create mode 100644 installers/helm/osm/templates/nbi/nbi-configmap.yaml create mode 100644 installers/helm/osm/templates/nbi/nbi-deployment.yaml create mode 100644 installers/helm/osm/templates/nbi/nbi-service.yaml create mode 100644 installers/helm/osm/templates/ng_ui/ngui-deployment.yaml create mode 100644 installers/helm/osm/templates/ng_ui/ngui-service.yaml create mode 100644 installers/helm/osm/templates/osm-secret.yaml create mode 100644 installers/helm/osm/templates/pla/pla-configmap.yaml create mode 100644 installers/helm/osm/templates/pla/pla-deployment.yaml create mode 100644 installers/helm/osm/templates/pol/pol-configmap.yaml create mode 100644 installers/helm/osm/templates/pol/pol-deployment.yaml create mode 100644 installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml create mode 100644 installers/helm/osm/templates/prometheus/prometheus-configmap.yaml create mode 100644 installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml create mode 100644 installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml create mode 100644 installers/helm/osm/templates/prometheus/prometheus-service.yaml create mode 100644 installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml create mode 100644 installers/helm/osm/templates/ro/ro-configmap.yaml create mode 100644 installers/helm/osm/templates/ro/ro-deployment.yaml create mode 100644 installers/helm/osm/templates/ro/ro-service.yaml create mode 100644 installers/helm/osm/templates/serviceaccount.yaml create mode 100644 installers/helm/osm/templates/vca/vca-secret.yaml create mode 100644 installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml create mode 100644 installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml create mode 100644 installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml rename installers/{docker/osm_pods/webhook-translator.yaml => helm/osm/templates/webhook_translator/webhook-translator-service.yaml} (58%) rename installers/{docker/osm_pods/zookeeper.yaml => helm/osm/templates/zookeeper/zookeeper-service.yaml} (54%) create mode 100644 installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml create mode 100644 installers/helm/osm/values.yaml diff --git a/Dockerfile b/Dockerfile index dda7a419..fc5f5bd8 100644 --- a/Dockerfile +++ b/Dockerfile @@ -48,3 +48,16 @@ RUN pip install tox==3.24.5 ENV LC_ALL C.UTF-8 ENV LANG C.UTF-8 +RUN DEBIAN_FRONTEND=noninteractive apt-get update && \ + DEBIAN_FRONTEND=noninteractive apt-get -y install \ + unzip + +RUN curl https://get.helm.sh/helm-v3.11.3-linux-amd64.tar.gz --output helm-v3.11.3.tar.gz \ + && tar -zxvf helm-v3.11.3.tar.gz \ + && mv linux-amd64/helm /usr/local/bin/helm \ + && rm -r linux-amd64/ + +RUN curl https://get.datree.io | /bin/bash + +RUN helm plugin install https://github.com/datreeio/helm-datree + diff --git a/devops-stages/stage-test.sh b/devops-stages/stage-test.sh index 4f32d7ea..4635421d 100755 --- a/devops-stages/stage-test.sh +++ b/devops-stages/stage-test.sh @@ -38,3 +38,10 @@ for charm in $OLD_CHARMS_NAMES; do cd "${CURRENT_DIR}" fi done + +# Execute linting test for OSM helm chart +helm lint installers/helm/osm + +# Execute datree test for OSM helm chart +# helm datree test installers/helm/osm --verbose + diff --git a/installers/docker/docker-compose-ngui.yaml b/installers/docker/docker-compose-ngui.yaml deleted file mode 100644 index 5f52a11e..00000000 --- a/installers/docker/docker-compose-ngui.yaml +++ /dev/null @@ -1,39 +0,0 @@ -## -# Copyright 2019-2020 ETSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -## - -######################################################################## - -version: '3' -networks: - netOSM: - external: - name: ${OSM_NETWORK:-netosm} - #driver: overlay - #driver_opts: - # com.docker.network.driver.mtu: "1446" -services: - ng-ui: - image: ${DOCKER_USER:-opensourcemano}/ng-ui:${TAG:-8} - networks: - - netOSM - ports: - - "${OSM_UI_PORTS:-80:80}" - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - diff --git a/installers/docker/docker-compose.yaml b/installers/docker/docker-compose.yaml deleted file mode 100644 index 0877d81e..00000000 --- a/installers/docker/docker-compose.yaml +++ /dev/null @@ -1,271 +0,0 @@ -## -# Copyright 2019 ETSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -## - -######################################################################## - -version: '3' -volumes: - ro: - ro_db: - mongo_db: - mon_db: - pol_db: - osm_packages: - prom_db: -networks: - netOSM: - external: - name: ${OSM_NETWORK:-netosm} - #driver: overlay - #driver_opts: - # com.docker.network.driver.mtu: "1446" -services: - zookeeper: - image: wurstmeister/zookeeper:${ZOOKEEPER_TAG:-latest} -# ports: -# - "2181:2181" - networks: - - netOSM - healthcheck: - test: echo ruok | nc -w 2 localhost 2181 - interval: 20s - timeout: 10s - retries: 5 - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - kafka: - image: wurstmeister/kafka:${KAFKA_TAG:-latest} - ports: - - "9092" - networks: - - netOSM - environment: - KAFKA_ADVERTISED_HOST_NAME: kafka - KAFKA_ADVERTISED_PORT: 9092 - KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181 - KAFKA_LOG_RETENTION_HOURS: 24 - KAFKA_BROKER_ID: 1 - KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://:9092 - KAFKA_LISTENERS: PLAINTEXT://:9092 - KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT - KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1 - volumes: - - /var/run/docker.sock:/var/run/docker.sock - healthcheck: - test: echo ruok | nc -w 2 zookeeper 2181 - interval: 20s - timeout: 10s - retries: 5 - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - #depends_on: - # - zookeeper - mongo: - image: mongo -# ports: -# - "27017:27017" - networks: - - netOSM - volumes: - - mongo_db:/data/db - prometheus: - image: prom/prometheus:${PROMETHEUS_TAG:-latest} - hostname: prometheus - ports: - - "${OSM_PROM_PORTS:-9091:9090}" - volumes: - - ./prometheus/:/etc/prometheus/ - - prom_db:/prometheus - command: - - '--config.file=/etc/prometheus/prometheus.yml' - - '--web.enable-lifecycle' - networks: - - netOSM - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - prometheus-cadvisor: - image: google/cadvisor:${PROMETHEUS_CADVISOR_TAG:-latest} - ports: - - "${OSM_PROM_CADVISOR_PORTS:-8080:8080}" - volumes: - - /:/rootfs:ro - - /var/run:/var/run:ro - - /sys:/sys:ro - - /var/lib/docker/:/var/lib/docker:ro - - /dev/disk/:/dev/disk:ro - networks: - - netOSM - keystone: - image: ${DOCKER_USER:-opensourcemano}/keystone:${TAG:-9} - networks: - - netOSM - environment: - DB_HOST: mysql - env_file: - - ./keystone.env - ports: - - "${OSM_KEYSTONE_PORTS:-5000:5000}" - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - nbi: - image: ${DOCKER_USER:-opensourcemano}/nbi:${TAG:-9} - networks: - - netOSM - volumes: - - osm_packages:/app/storage - environment: - OSMNBI_DATABASE_HOST: mongo - OSMNBI_MESSAGE_HOST: kafka - env_file: - - ./nbi.env - ports: - - "${OSM_NBI_PORTS:-9999:9999}" - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - #depends_on: - # - kafka - # - mongo - lcm: - image: ${DOCKER_USER:-opensourcemano}/lcm:${TAG:-9} - networks: - - netOSM - volumes: - - osm_packages:/app/storage - environment: - OSMLCM_RO_HOST: ro - OSMLCM_RO_PORT: "9090" - OSMLCM_DATABASE_HOST: mongo - OSMLCM_MESSAGE_HOST: kafka - env_file: - - ./lcm.env - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - #depends_on: - # - kafka - # - mongo - # - ro - mysql: - image: mysql:5 - networks: - netOSM: - aliases: - - ro-db - volumes: - - ro_db:/var/lib/mysql - env_file: - - ./ro-db.env - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" -# ports: -# - "3306:3306" - ro: - image: ${DOCKER_USER:-opensourcemano}/ro:${TAG:-9} - networks: - - netOSM - environment: - RO_DB_HOST: mysql - OSMRO_DATABASE_HOST: mongo - OSMRO_MESSAGE_HOST: kafka - env_file: - - ./ro.env - #depends_on: - # - mongo - # - kafka - ports: - - "${OSM_RO_PORTS:-9090:9090}" - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - mon: - image: ${DOCKER_USER:-opensourcemano}/mon:${TAG:-9} - networks: - - netOSM - volumes: - - mon_db:/app/database - environment: - OSMMON_MESSAGE_HOST: kafka - OSMMON_MESSAGE_PORT: 9092 - env_file: - - ./mon.env - ports: - - "${OSM_MON_PORTS:-8662:8662}" - #depends_on: - # - kafka - logging: - driver: "json-file" - options: - max-file: 5 - max-size: 10m - pol: - image: ${DOCKER_USER:-opensourcemano}/pol:${TAG:-9} - networks: - - netOSM - volumes: - - pol_db:/app/database - environment: - OSMPOL_MESSAGE_HOST: kafka - OSMPOL_MESSAGE_PORT: 9092 - env_file: - - ./pol.env - #depends_on: - # - kafka - # - mon - logging: - driver: "json-file" - options: - max-file: 5 - max-size: 10m - grafana: - image: grafana/grafana - volumes: - - ./grafana/dashboards-osm.yml:/etc/grafana/provisioning/dashboards/dashboards-osm.yml - - ./grafana/osm-sample-dashboard.json:/etc/grafana/provisioning/dashboards/osm-sample-dashboard.json - - ./grafana/osm-system-dashboard.json:/etc/grafana/provisioning/dashboards/osm-system-dashboard.json - - ./grafana/datasource-prometheus.yml:/etc/grafana/provisioning/datasources/datasource-prometheus.yml - hostname: grafana - ports: - - "${OSM_GRAFANA_PORTS:-3000:3000}" - networks: - - netOSM - logging: - driver: "json-file" - options: - max-size: "100m" - max-file: "2" - diff --git a/installers/docker/osm_pla/docker-compose.yaml b/installers/docker/osm_pla/docker-compose.yaml deleted file mode 100644 index 1b101e37..00000000 --- a/installers/docker/osm_pla/docker-compose.yaml +++ /dev/null @@ -1,36 +0,0 @@ -## -# Copyright 2019 ETSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. -## - -######################################################################## - -version: '3' -networks: - netOSM: - external: - name: ${OSM_NETWORK:-netosm} - #driver: overlay - #driver_opts: - # com.docker.network.driver.mtu: "1446" -services: - pla: - image: ${DOCKER_USER:-opensourcemano}/pla:${TAG:-9} - networks: - - netOSM - logging: - driver: "json-file" - options: - max-file: 5 - max-size: 10m diff --git a/installers/docker/osm_pla/pla.yaml b/installers/docker/osm_pla/pla.yaml deleted file mode 100644 index 630b3648..00000000 --- a/installers/docker/osm_pla/pla.yaml +++ /dev/null @@ -1,49 +0,0 @@ -# Copyright 2020 Arctos Labs Scandinavia AB -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pla - labels: - app: pla -spec: - replicas: 1 - selector: - matchLabels: - app: pla - template: - metadata: - labels: - app: pla - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - initContainers: - - name: kafka-mongo-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongo 27017 ); do sleep 3; done; exit 0"] - containers: - - name: pla - image: opensourcemano/pla:13 - env: - - name: OSMPLA_DATABASE_HOST - value: mongo - - name: OSMPLA_MESSAGE_HOST - value: kafka - - name: OSMPLA_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 diff --git a/installers/docker/osm_pods/kafka.yaml b/installers/docker/osm_pods/kafka.yaml deleted file mode 100644 index 69b56bfe..00000000 --- a/installers/docker/osm_pods/kafka.yaml +++ /dev/null @@ -1,83 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: v1 -kind: Service -metadata: - name: kafka -spec: - clusterIP: None - ports: - - port: 9092 - protocol: TCP - targetPort: 9092 - selector: - app: kafka - type: ClusterIP ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: kafka - labels: - app: kafka -spec: - replicas: 1 - serviceName: kafka - selector: - matchLabels: - app: kafka - template: - metadata: - labels: - app: kafka - spec: - initContainers: - - name: zookeeper-test - image: alpine:latest - command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"] - containers: - - name: kafka - image: wurstmeister/kafka:2.11-1.0.2 - ports: - - containerPort: 9092 - protocol: TCP - env: - - name: KAFKA_ADVERTISED_HOST_NAME - value: kafka.osm - - name: KAFKA_ADVERTISED_PORT - value: "9092" - - name: KAFKA_ZOOKEEPER_CONNECT - value: zookeeper:2181 - - name: KAFKA_LOG_RETENTION_HOURS - value: "24" - - name: KAFKA_BROKER_ID - value: "1" - - name: KAFKA_ADVERTISED_LISTENERS - value: "PLAINTEXT://:9092" - - name: KAFKA_LISTENERS - value: "PLAINTEXT://:9092" - - name: KAFKA_INTER_BROKER_LISTENER_NAME - value: "PLAINTEXT" - - name: KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR - value: "1" - volumeMounts: - - name: socket - mountPath: /var/run/docker.sock - volumes: - - name: socket - hostPath: - path: /var/run/docker.sock diff --git a/installers/docker/osm_pods/keystone.yaml b/installers/docker/osm_pods/keystone.yaml deleted file mode 100644 index 43def3ce..00000000 --- a/installers/docker/osm_pods/keystone.yaml +++ /dev/null @@ -1,58 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: v1 -kind: Service -metadata: - name: keystone -spec: - clusterIP: None - ports: - - port: 5000 - protocol: TCP - targetPort: 5000 - selector: - app: keystone - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: keystone - labels: - app: keystone -spec: - replicas: 1 - selector: - matchLabels: - app: keystone - template: - metadata: - labels: - app: keystone - spec: - containers: - - name: keystone - image: opensourcemano/keystone:13 - ports: - - containerPort: 5000 - protocol: TCP - env: - - name: DB_HOST - value: mysql - envFrom: - - secretRef: - name: keystone-secret diff --git a/installers/docker/osm_pods/lcm.yaml b/installers/docker/osm_pods/lcm.yaml deleted file mode 100644 index 3e5a271d..00000000 --- a/installers/docker/osm_pods/lcm.yaml +++ /dev/null @@ -1,75 +0,0 @@ -# Copyright 2019 TATA ELXSI -# Copyright 2020 Whitestack -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in), Fabián Bravo(fbravo@whitestack.com) - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: lcm - labels: - app: lcm -spec: - replicas: 1 - selector: - matchLabels: - app: lcm - template: - metadata: - labels: - app: lcm - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - initContainers: - - name: kafka-ro-mongo-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 ro 9090 && nc -zvw1 mongodb-k8s 27017 ); do sleep 3; done; exit 0"] - containers: - - name: lcm - image: opensourcemano/lcm:13 - env: - - name: OSMLCM_RO_HOST - value: ro - - name: OSMLCM_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - - name: OSMLCM_MESSAGE_HOST - value: kafka - - name: OSMLCM_STORAGE_DRIVER - value: mongo - - name: OSMLCM_STORAGE_PATH - value: /app/storage - - name: OSMLCM_STORAGE_COLLECTION - value: files - - name: OSMLCM_STORAGE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - envFrom: - - secretRef: - name: lcm-secret - volumeMounts: - - mountPath: /etc/ssl/certs/osm-ca.crt - name: osm-ca - readOnly: true - subPath: osm-ca.crt - volumes: - - name: osm-ca - secret: - defaultMode: 420 - items: - - key: tls.crt - path: osm-ca.crt - secretName: osm-ca diff --git a/installers/docker/osm_pods/mon.yaml b/installers/docker/osm_pods/mon.yaml deleted file mode 100644 index 69e05163..00000000 --- a/installers/docker/osm_pods/mon.yaml +++ /dev/null @@ -1,66 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: v1 -kind: Service -metadata: - name: mon -spec: - clusterIP: None - ports: - - port: 8662 - protocol: TCP - targetPort: 8662 - selector: - app: mon - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mon - labels: - app: mon -spec: - replicas: 1 - selector: - matchLabels: - app: mon - template: - metadata: - labels: - app: mon - spec: - initContainers: - - name: kafka-mongo-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] - containers: - - name: mon - image: opensourcemano/mon:13 - ports: - - containerPort: 8662 - protocol: TCP - env: - - name: OSMMON_MESSAGE_HOST - value: kafka - - name: OSMMON_MESSAGE_PORT - value: "9092" - - name: OSMMON_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - envFrom: - - secretRef: - name: mon-secret diff --git a/installers/docker/osm_pods/mysql.yaml b/installers/docker/osm_pods/mysql.yaml deleted file mode 100644 index bbff9c5e..00000000 --- a/installers/docker/osm_pods/mysql.yaml +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: v1 -kind: Service -metadata: - name: mysql -spec: - clusterIP: None - ports: - - port: 3306 - protocol: TCP - targetPort: 3306 - selector: - app: mysql - type: ClusterIP ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: mysql - labels: - app: mysql -spec: - replicas: 1 - serviceName: mysql - selector: - matchLabels: - app: mysql - template: - metadata: - labels: - app: mysql - spec: - containers: - - image: mysql:5 - name: mysql - envFrom: - - secretRef: - name: ro-db-secret - ports: - - containerPort: 3306 - name: mysql - volumeMounts: - - name: mysql-db - mountPath: /var/lib/mysql - volumes: - - name: mysql-db - hostPath: - path: /var/lib/osm/osm_ro_db/_data diff --git a/installers/docker/osm_pods/nbi.yaml b/installers/docker/osm_pods/nbi.yaml deleted file mode 100644 index 728362be..00000000 --- a/installers/docker/osm_pods/nbi.yaml +++ /dev/null @@ -1,76 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: v1 -kind: Service -metadata: - name: nbi -spec: - ports: - - nodePort: 9999 - port: 9999 - protocol: TCP - targetPort: 9999 - selector: - app: nbi - type: NodePort ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: nbi - labels: - app: nbi -spec: - replicas: 1 - selector: - matchLabels: - app: nbi - template: - metadata: - labels: - app: nbi - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - initContainers: - - name: kafka-mongo-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] - containers: - - name: nbi - image: opensourcemano/nbi:13 - ports: - - containerPort: 9999 - protocol: TCP - env: - - name: OSMNBI_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - - name: OSMNBI_MESSAGE_HOST - value: kafka - - name: OSMNBI_STORAGE_DRIVER - value: mongo - - name: OSMNBI_STORAGE_PATH - value: /app/storage - - name: OSMNBI_STORAGE_COLLECTION - value: files - - name: OSMNBI_STORAGE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - envFrom: - - secretRef: - name: nbi-secret diff --git a/installers/docker/osm_pods/ng-mon.yaml b/installers/docker/osm_pods/ng-mon.yaml deleted file mode 100644 index 121c0c58..00000000 --- a/installers/docker/osm_pods/ng-mon.yaml +++ /dev/null @@ -1,68 +0,0 @@ -####################################################################################### -# Copyright ETSI Contributors and Others. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -####################################################################################### -apiVersion: v1 -kind: Service -metadata: - name: mon -spec: - clusterIP: None - ports: - - port: 8662 - protocol: TCP - targetPort: 8662 - selector: - app: mon - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: mon - labels: - app: mon -spec: - replicas: 1 - selector: - matchLabels: - app: mon - template: - metadata: - labels: - app: mon - spec: - initContainers: - - name: kafka-mongo-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] - containers: - - name: mon - command: ["/bin/bash"] - args: ["scripts/dashboarder-start.sh"] - image: opensourcemano/mon:13 - ports: - - containerPort: 8662 - protocol: TCP - env: - - name: OSMMON_MESSAGE_HOST - value: kafka - - name: OSMMON_MESSAGE_PORT - value: "9092" - - name: OSMMON_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - envFrom: - - secretRef: - name: mon-secret diff --git a/installers/docker/osm_pods/ng-prometheus.yaml b/installers/docker/osm_pods/ng-prometheus.yaml deleted file mode 100644 index 77ccbd1b..00000000 --- a/installers/docker/osm_pods/ng-prometheus.yaml +++ /dev/null @@ -1,177 +0,0 @@ -####################################################################################### -# Copyright ETSI Contributors and Others. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License. -####################################################################################### - -apiVersion: v1 -kind: Service -metadata: - name: prometheus -spec: - ports: - - nodePort: 9091 - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: prometheus - type: NodePort ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: prom -data: - osm_metric_rules.yml: | - groups: - - name: osm_metric_rules - rules: - - record: vm_status_extended - expr: (last_over_time(vm_status[1m]) * on (vm_id, vim_id) group_left(ns_id, vnf_id, vdu_id, project_id, job, vdu_name, vnf_member_index) last_over_time(ns_topology[1m])) or (last_over_time(ns_topology[1m]) * -1) - labels: - job: osm_prometheus - - record: vnf_status - expr: (0 * (count (vm_status_extended==0) by (ns_id, vnf_id)>=0)) or (min by (ns_id, vnf_id) (vm_status_extended)) - labels: - job: osm_prometheus - - record: ns_status - expr: (0 * (count (vm_status_extended==0) by (ns_id)>=0)) or (min by (ns_id) (vm_status_extended)) - labels: - job: osm_prometheus - osm_alert_rules.yml: | - groups: - - name: osm_alert_rules - rules: - - alert: vdu_down - expr: vm_status_extended != 1 - for: 3m - annotations: - summary: "VDU {{ $labels.vm_id }} in VIM {{ $labels.vim_id }} is down" - description: "VDU {{ $labels.vm_id }} in VIM {{ $labels.vim_id }} has been down for more than 3 minutes. NS instance id is {{ $labels.ns_id }}" - prometheus.yml: | - # Copyright 2018 The Prometheus Authors - # Copyright 2018 Whitestack - # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # my global config - global: - scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. - evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. - # scrape_timeout is set to the global default (10s). - - # Alertmanager configuration - alerting: - alertmanagers: - - static_configs: - - targets: - - alertmanager:9093 - - # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. - rule_files: - - "osm_metric_rules.yml" - - "osm_alert_rules.yml" - - # A scrape configuration containing exactly one endpoint to scrape: - # Here it's Prometheus itself. - scrape_configs: - - job_name: 'mon_exporter' - static_configs: - - targets: ['mon:8000'] - - job_name: pushgateway - honor_labels: true - scrape_interval: 30s - static_configs: - - targets: - - pushgateway-prometheus-pushgateway:9091 ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: prometheus - labels: - app: prometheus -spec: - replicas: 1 - serviceName: prometheus - selector: - matchLabels: - app: prometheus - template: - metadata: - labels: - app: prometheus - spec: - initContainers: - - name: prometheus-init-config - image: busybox - command: ["/bin/sh", "-c"] - args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi; cp /config/osm_metric_rules.yml /config/osm_alert_rules.yml /etc/prometheus'] - volumeMounts: - - name: prom-config - mountPath: /etc/prometheus - - name: prom-config-base - mountPath: /config - containers: - - name: prometheus - image: prom/prometheus:v2.28.1 - args: - - --config.file=/etc/prometheus/prometheus.yml - - --web.enable-lifecycle - ports: - - containerPort: 9090 - protocol: TCP - volumeMounts: - - name: prom-config - mountPath: /etc/prometheus - - name: prom-db - mountPath: /prometheus - - name: prometheus-config-sidecar - image: opensourcemano/prometheus:13 - env: - - name: MONGODB_URL - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - - name: PROMETHEUS_CONFIG_FILE - value: /etc/prometheus/prometheus.yml - - name: PROMETHEUS_BASE_CONFIG_FILE - value: /etc/prometheus_base/prometheus.yml - - name: TARGET_DATABASE - value: osm - - name: PROMETHEUS_URL - value: http://prometheus:9090 - volumeMounts: - - name: prom-config - mountPath: /etc/prometheus - - name: prom-config-base - mountPath: /etc/prometheus_base - volumes: - - name: prom-db - emptyDir: {} - - name: prom-config - emptyDir: {} - - name: prom-config-base - configMap: - name: prom diff --git a/installers/docker/osm_pods/pol.yaml b/installers/docker/osm_pods/pol.yaml deleted file mode 100644 index 4871be4a..00000000 --- a/installers/docker/osm_pods/pol.yaml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: pol - labels: - app: pol -spec: - replicas: 1 - selector: - matchLabels: - app: pol - template: - metadata: - labels: - app: pol - spec: - securityContext: - runAsUser: 1000 - runAsGroup: 1000 - fsGroup: 1000 - initContainers: - - name: kafka-mongo-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] - containers: - - name: pol - image: opensourcemano/pol:13 - env: - - name: OSMPOL_MESSAGE_HOST - value: kafka - - name: OSMPOL_MESSAGE_PORT - value: "9092" - - name: OSMPOL_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - envFrom: - - secretRef: - name: pol-secret diff --git a/installers/docker/osm_pods/prometheus.yaml b/installers/docker/osm_pods/prometheus.yaml deleted file mode 100644 index a914ea53..00000000 --- a/installers/docker/osm_pods/prometheus.yaml +++ /dev/null @@ -1,154 +0,0 @@ -# Copyright 2021 Whitestack, LLC -# ************************************************************* - -# This file is part of OSM Monitoring module -# All Rights Reserved to Whitestack, LLC - -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at - -# http://www.apache.org/licenses/LICENSE-2.0 - -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -# For those usages not covered by the Apache License, Version 2.0 please -# contact: fbravo@whitestack.com or glavado@whitestack.com -## - -apiVersion: v1 -kind: Service -metadata: - name: prometheus -spec: - ports: - - nodePort: 9091 - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: prometheus - type: NodePort ---- -apiVersion: v1 -data: - prometheus.yml: | - # Copyright 2018 The Prometheus Authors - # Copyright 2018 Whitestack - # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U. - # - # Licensed under the Apache License, Version 2.0 (the "License"); - # you may not use this file except in compliance with the License. - # You may obtain a copy of the License at - # - # http://www.apache.org/licenses/LICENSE-2.0 - # - # Unless required by applicable law or agreed to in writing, software - # distributed under the License is distributed on an "AS IS" BASIS, - # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - # See the License for the specific language governing permissions and - # limitations under the License. - - # my global config - global: - scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. - evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. - # scrape_timeout is set to the global default (10s). - - # Alertmanager configuration - alerting: - alertmanagers: - - static_configs: - - targets: - # - alertmanager:9093 - - # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. - rule_files: - # - "first_rules.yml" - # - "second_rules.yml" - - # A scrape configuration containing exactly one endpoint to scrape: - # Here it's Prometheus itself. - scrape_configs: - - job_name: 'mon_exporter' - static_configs: - - targets: ['mon:8000'] - # Add here other external targets, e.g. a pushgateway - # - job_name: 'pushgateway' - # static_configs: - # - targets: ['prometheus-pushgateway:9091'] -kind: ConfigMap -metadata: - name: prom ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: prometheus - labels: - app: prometheus -spec: - replicas: 1 - serviceName: prometheus - selector: - matchLabels: - app: prometheus - template: - metadata: - labels: - app: prometheus - spec: - initContainers: - - name: prometheus-init-config - image: busybox - command: ["/bin/sh", "-c"] - args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi'] - volumeMounts: - - name: prom-config - mountPath: /etc/prometheus - - name: prom-config-base - mountPath: /config - containers: - - name: prometheus - image: prom/prometheus:v2.28.1 - args: - - --config.file=/etc/prometheus/prometheus.yml - - --web.enable-lifecycle - ports: - - containerPort: 9090 - protocol: TCP - volumeMounts: - - name: prom-config - mountPath: /etc/prometheus - - name: prom-db - mountPath: /prometheus - - name: prometheus-config-sidecar - image: opensourcemano/prometheus:13 - env: - - name: MONGODB_URL - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - - name: PROMETHEUS_CONFIG_FILE - value: /etc/prometheus/prometheus.yml - - name: PROMETHEUS_BASE_CONFIG_FILE - value: /etc/prometheus_base/prometheus.yml - - name: TARGET_DATABASE - value: osm - - name: PROMETHEUS_URL - value: http://prometheus:9090 - volumeMounts: - - name: prom-config - mountPath: /etc/prometheus - - name: prom-config-base - mountPath: /etc/prometheus_base - volumes: - - name: prom-db - emptyDir: {} - - name: prom-config - emptyDir: {} - - name: prom-config-base - configMap: - name: prom diff --git a/installers/docker/osm_pods/ro.yaml b/installers/docker/osm_pods/ro.yaml deleted file mode 100644 index 9885169e..00000000 --- a/installers/docker/osm_pods/ro.yaml +++ /dev/null @@ -1,72 +0,0 @@ -# Copyright 2019 TATA ELXSI -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -# implied. -# See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - -apiVersion: v1 -kind: Service -metadata: - name: ro -spec: - clusterIP: None - ports: - - port: 9090 - protocol: TCP - targetPort: 9090 - selector: - app: ro - type: ClusterIP ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ro - labels: - app: ro -spec: - replicas: 1 - selector: - matchLabels: - app: ro - template: - metadata: - labels: - app: ro - spec: - initContainers: - - name: ro-db-test - image: alpine:latest - command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017 ); do sleep 3; done; exit 0"] - containers: - - name: ro - image: opensourcemano/ro:13 - ports: - - containerPort: 9090 - protocol: TCP - env: - - name: OSMRO_DATABASE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - - name: OSMRO_MESSAGE_HOST - value: kafka - - name: OSMRO_STORAGE_PATH - value: /app/storage - - name: OSMRO_STORAGE_COLLECTION - value: files - - name: OSMRO_STORAGE_URI - value: mongodb://mongodb-k8s:27017/?replicaSet=rs0 - - name: OSMRO_STORAGE_DRIVER - value: mongo - envFrom: - - secretRef: - name: ro-secret diff --git a/installers/full_install_osm.sh b/installers/full_install_osm.sh index a7f46a28..b1e868ad 100755 --- a/installers/full_install_osm.sh +++ b/installers/full_install_osm.sh @@ -316,212 +316,36 @@ function cmp_overwrite() { [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function } -function generate_k8s_manifest_files() { - [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - #Kubernetes resources - sudo cp -bR ${OSM_DEVOPS}/installers/docker/osm_pods $OSM_DOCKER_WORK_DIR - [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function -} - -function generate_docker_env_files() { - [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - echo "Doing a backup of existing env files" - sudo cp $OSM_DOCKER_WORK_DIR/keystone-db.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/keystone.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/lcm.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/mon.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/nbi.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/pol.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/ro-db.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/ro.env{,~} - if [ -n "${INSTALL_NGSA}" ]; then - sudo cp $OSM_DOCKER_WORK_DIR/ngsa.env{,~} - sudo cp $OSM_DOCKER_WORK_DIR/webhook-translator.env{,~} - fi - - echo "Generating docker env files" - # LCM - if [ ! -f $OSM_DOCKER_WORK_DIR/lcm.env ]; then - echo "OSMLCM_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_HOST" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_HOST=${OSM_VCA_HOST}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_HOST.*|OSMLCM_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_SECRET" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_SECRET=${OSM_VCA_SECRET}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_SECRET.*|OSMLCM_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_PUBKEY" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_PUBKEY=${OSM_VCA_PUBKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_PUBKEY.*|OSMLCM_VCA_PUBKEY=${OSM_VCA_PUBKEY}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_CACERT" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_CACERT.*|OSMLCM_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if [ -n "$OSM_VCA_APIPROXY" ]; then - if ! grep -Fq "OSMLCM_VCA_APIPROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_APIPROXY.*|OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - fi - - if ! grep -Fq "OSMLCM_VCA_ENABLEOSUPGRADE" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "# OSMLCM_VCA_ENABLEOSUPGRADE=false" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_APTMIRROR" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "# OSMLCM_VCA_APTMIRROR=http://archive.ubuntu.com/ubuntu/" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_CLOUD" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_CLOUD=${OSM_VCA_CLOUDNAME}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_CLOUD.*|OSMLCM_VCA_CLOUD=${OSM_VCA_CLOUDNAME}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - - if ! grep -Fq "OSMLCM_VCA_K8S_CLOUD" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "OSMLCM_VCA_K8S_CLOUD=${OSM_VCA_K8S_CLOUDNAME}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|OSMLCM_VCA_K8S_CLOUD.*|OSMLCM_VCA_K8S_CLOUD=${OSM_VCA_K8S_CLOUDNAME}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - if [ -n "${OSM_BEHIND_PROXY}" ]; then - if ! grep -Fq "HTTP_PROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "HTTP_PROXY=${HTTP_PROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|HTTP_PROXY.*|HTTP_PROXY=${HTTP_PROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - if ! grep -Fq "HTTPS_PROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "HTTPS_PROXY=${HTTPS_PROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|HTTPS_PROXY.*|HTTPS_PROXY=${HTTPS_PROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - if ! grep -Fq "NO_PROXY" $OSM_DOCKER_WORK_DIR/lcm.env; then - echo "NO_PROXY=${NO_PROXY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/lcm.env - else - sudo sed -i "s|NO_PROXY.*|NO_PROXY=${NO_PROXY}|g" $OSM_DOCKER_WORK_DIR/lcm.env - fi - fi - - # RO - MYSQL_ROOT_PASSWORD=$(generate_secret) - if [ ! -f $OSM_DOCKER_WORK_DIR/ro-db.env ]; then - echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/ro-db.env - fi - if [ ! -f $OSM_DOCKER_WORK_DIR/ro.env ]; then - echo "RO_DB_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/ro.env - fi - if ! grep -Fq "OSMRO_DATABASE_COMMONKEY" $OSM_DOCKER_WORK_DIR/ro.env; then - echo "OSMRO_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/ro.env - fi - - # Keystone - KEYSTONE_DB_PASSWORD=$(generate_secret) - SERVICE_PASSWORD=$(generate_secret) - if [ ! -f $OSM_DOCKER_WORK_DIR/keystone-db.env ]; then - echo "MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/keystone-db.env - fi - if [ ! -f $OSM_DOCKER_WORK_DIR/keystone.env ]; then - echo "ROOT_DB_PASSWORD=${MYSQL_ROOT_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/keystone.env - echo "KEYSTONE_DB_PASSWORD=${KEYSTONE_DB_PASSWORD}" |sudo tee -a $OSM_DOCKER_WORK_DIR/keystone.env - echo "SERVICE_PASSWORD=${SERVICE_PASSWORD}" |sudo tee -a $OSM_DOCKER_WORK_DIR/keystone.env - fi - - # NBI - if [ ! -f $OSM_DOCKER_WORK_DIR/nbi.env ]; then - echo "OSMNBI_AUTHENTICATION_SERVICE_PASSWORD=${SERVICE_PASSWORD}" |sudo tee $OSM_DOCKER_WORK_DIR/nbi.env - echo "OSMNBI_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/nbi.env - fi - - # MON - if [ ! -f $OSM_DOCKER_WORK_DIR/mon.env ]; then - echo "OSMMON_KEYSTONE_SERVICE_PASSWORD=${SERVICE_PASSWORD}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - echo "OSMMON_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/mon" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - fi - - if ! grep -Fq "OS_NOTIFIER_URI" $OSM_DOCKER_WORK_DIR/mon.env; then - echo "OS_NOTIFIER_URI=http://${OSM_DEFAULT_IP}:8662" |sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - else - sudo sed -i "s|OS_NOTIFIER_URI.*|OS_NOTIFIER_URI=http://$OSM_DEFAULT_IP:8662|g" $OSM_DOCKER_WORK_DIR/mon.env - fi - - if ! grep -Fq "OSMMON_VCA_HOST" $OSM_DOCKER_WORK_DIR/mon.env; then - echo "OSMMON_VCA_HOST=${OSM_VCA_HOST}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - else - sudo sed -i "s|OSMMON_VCA_HOST.*|OSMMON_VCA_HOST=$OSM_VCA_HOST|g" $OSM_DOCKER_WORK_DIR/mon.env - fi - - if ! grep -Fq "OSMMON_VCA_SECRET" $OSM_DOCKER_WORK_DIR/mon.env; then - echo "OSMMON_VCA_SECRET=${OSM_VCA_SECRET}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - else - sudo sed -i "s|OSMMON_VCA_SECRET.*|OSMMON_VCA_SECRET=$OSM_VCA_SECRET|g" $OSM_DOCKER_WORK_DIR/mon.env - fi - - if ! grep -Fq "OSMMON_VCA_CACERT" $OSM_DOCKER_WORK_DIR/mon.env; then - echo "OSMMON_VCA_CACERT=${OSM_VCA_CACERT}" | sudo tee -a $OSM_DOCKER_WORK_DIR/mon.env - else - sudo sed -i "s|OSMMON_VCA_CACERT.*|OSMMON_VCA_CACERT=${OSM_VCA_CACERT}|g" $OSM_DOCKER_WORK_DIR/mon.env - fi - - # POL - if [ ! -f $OSM_DOCKER_WORK_DIR/pol.env ]; then - echo "OSMPOL_SQL_DATABASE_URI=mysql://root:${MYSQL_ROOT_PASSWORD}@mysql:3306/pol" | sudo tee -a $OSM_DOCKER_WORK_DIR/pol.env - fi - - # NG-SA - if [ -n "${INSTALL_NGSA}" ] && [ ! -f $OSM_DOCKER_WORK_DIR/ngsa.env ]; then - echo "OSMMON_DATABASE_COMMONKEY=${OSM_DATABASE_COMMONKEY}" | sudo tee -a $OSM_DOCKER_WORK_DIR/ngsa.env - fi - - # Webhook-translator - if [ -n "${INSTALL_NGSA}" ] && [ ! -f $OSM_DOCKER_WORK_DIR/webhook-translator.env ]; then - echo "AIRFLOW_HOST=airflow-webserver" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env - echo "AIRFLOW_PORT=8080" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env - echo "AIRFLOW_USER=admin" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env - echo "AIRFLOW_PASS=admin" | sudo tee -a $OSM_DOCKER_WORK_DIR/webhook-translator.env - fi - - echo "Finished generation of docker env files" - [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function -} - -#creates secrets from env files which will be used by containers -function kube_secrets(){ - [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - kubectl create ns $OSM_NAMESPACE - kubectl create secret generic lcm-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/lcm.env - kubectl create secret generic mon-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/mon.env - kubectl create secret generic nbi-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/nbi.env - kubectl create secret generic ro-db-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/ro-db.env - kubectl create secret generic ro-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/ro.env - kubectl create secret generic keystone-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/keystone.env - if [ -n "${INSTALL_NGSA}" ]; then - kubectl create secret generic ngsa-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/ngsa.env - kubectl create secret generic webhook-translator-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/webhook-translator.env - else - kubectl create secret generic pol-secret -n $OSM_NAMESPACE --from-env-file=$OSM_DOCKER_WORK_DIR/pol.env - fi - [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function -} - #deploys osm pods and services function deploy_osm_services() { [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - echo "The following manifests under $OSM_K8S_WORK_DIR will be deployed:" - ls $OSM_K8S_WORK_DIR - kubectl apply -n $OSM_NAMESPACE -f $OSM_K8S_WORK_DIR + # helm is already installed as part of install_kubeadm_cluster.sh + + # Generate helm values to be passed with -f osm-values.yaml + sudo mkdir -p ${OSM_HELM_WORK_DIR} + sudo bash -c "cat << EOF > ${OSM_HELM_WORK_DIR}/osm-values.yaml +vca: + pubkey: \"${OSM_VCA_PUBKEY}\" +EOF" + + # Generate helm values to be passed with --set + OSM_HELM_OPTS="" + # OSM_HELM_OPTS="${OSM_HELM_OPTS} --set nbi.useOsmSecret=false" + OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.image.repositoryBase=${DOCKER_REGISTRY_URL}${DOCKER_USER}" + OSM_HELM_OPTS="${OSM_HELM_OPTS} --set mysql.dbHostPath=${OSM_NAMESPACE_VOL}" + OSM_HELM_OPTS="${OSM_HELM_OPTS} --set mon.config.OS_NOTIFIER_URI=http://${OSM_DEFAULT_IP}:8662" + OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.host=${OSM_VCA_HOST}" + OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.secret=${OSM_VCA_SECRET}" + OSM_HELM_OPTS="${OSM_HELM_OPTS} --set vca.cacert=${OSM_VCA_CACERT}" + [ -n "$OSM_VCA_APIPROXY" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set lcm.config.OSMLCM_VCA_APIPROXY=${OSM_VCA_APIPROXY}" + [ ! "$OSM_DOCKER_TAG" == "13" ] && OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.image.tag=${OSM_DOCKER_TAG}" + [ -n "${INSTALL_NGSA}" ] || OSM_HELM_OPTS="${OSM_HELM_OPTS} --set global.oldServiceAssurance=true" + + echo "helm -n $OSM_NAMESPACE install $OSM_NAMESPACE $OSM_DEVOPS/installers/helm/osm -f ${OSM_HELM_WORK_DIR}/osm-values.yaml ${OSM_HELM_OPTS}" + helm -n $OSM_NAMESPACE install $OSM_NAMESPACE $OSM_DEVOPS/installers/helm/osm -f ${OSM_HELM_WORK_DIR}/osm-values.yaml ${OSM_HELM_OPTS} + + # Override existing values.yaml with the final values.yaml used to install OSM + helm -n $OSM_NAMESPACE get values $OSM_NAMESPACE | sudo tee -a ${OSM_HELM_WORK_DIR}/osm-values.yaml [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function } @@ -549,73 +373,6 @@ function install_osm_ngsa_service() { [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function } -function parse_yaml() { - [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - TAG=$1 - shift - services=$@ - for module in $services; do - if [ "$module" == "pla" ]; then - if [ -n "$INSTALL_PLA" ]; then - echo "Updating K8s manifest file for ${module} from opensourcemano\/pla:.* to ${DOCKER_REGISTRY_URL}${DOCKER_USER}\/pla:${TAG}" - sudo sed -i "s#opensourcemano/pla:.*#${DOCKER_REGISTRY_URL}${DOCKER_USER}/pla:${TAG}#g" ${OSM_DOCKER_WORK_DIR}/osm_pla/pla.yaml - fi - else - image=${module} - if [ "$module" == "ng-prometheus" ]; then - image="prometheus" - elif [ "$module" == "ng-mon" ]; then - image="mon" - fi - echo "Updating K8s manifest file for ${module} from opensourcemano\/${image}:.* to ${DOCKER_REGISTRY_URL}${DOCKER_USER}\/${image}:${TAG}" - sudo sed -i "s#opensourcemano/${image}:.*#${DOCKER_REGISTRY_URL}${DOCKER_USER}/${image}:${TAG}#g" ${OSM_K8S_WORK_DIR}/${module}.yaml - fi - done - [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function -} - -function update_manifest_files() { - [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - osm_services="nbi lcm ro pol mon ng-mon ng-ui keystone pla prometheus ng-prometheus" - list_of_services="" - for module in $osm_services; do - module_upper="${module^^}" - if ! echo $TO_REBUILD | grep -q $module_upper ; then - list_of_services="$list_of_services $module" - fi - done - if [ ! "$OSM_DOCKER_TAG" == "13" ]; then - parse_yaml $OSM_DOCKER_TAG $list_of_services - fi - if [ -n "$MODULE_DOCKER_TAG" ]; then - parse_yaml $MODULE_DOCKER_TAG $list_of_services_to_rebuild - fi - # The manifest for prometheus is prometheus.yaml or ng-prometheus.yaml, depending on the installation option - # If NG-SA is installed, it will include ng-mon (only mon-dashboarder), ng-prometheus and webhook translator. It won't include pol, mon and prometheus - if [ -n "$INSTALL_NGSA" ]; then - sudo rm -f ${OSM_K8S_WORK_DIR}/prometheus.yaml - sudo rm -f ${OSM_K8S_WORK_DIR}/mon.yaml - sudo rm -f ${OSM_K8S_WORK_DIR}/pol.yaml - else - sudo rm -f ${OSM_K8S_WORK_DIR}/ng-mon.yaml - sudo rm -f ${OSM_K8S_WORK_DIR}/ng-prometheus.yaml - sudo rm -f ${OSM_K8S_WORK_DIR}/webhook-translator.yaml - fi - [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function -} - -function namespace_vol() { - [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function - # List of services with a volume mounted in path /var/lib/osm - osm_services="mysql" - for osm in $osm_services; do - if [ -f "$OSM_K8S_WORK_DIR/$osm.yaml" ] ; then - sudo sed -i "s#path: /var/lib/osm#path: $OSM_NAMESPACE_VOL#g" $OSM_K8S_WORK_DIR/$osm.yaml - fi - done - [ -z "${DEBUG_INSTALL}" ] || DEBUG end of function -} - function add_local_k8scluster() { [ -z "${DEBUG_INSTALL}" ] || DEBUG beginning of function /usr/bin/osm --all-projects vim-create \ @@ -799,43 +556,22 @@ function install_osm() { set_vca_variables track juju juju_ok - if [ -z "$OSM_DATABASE_COMMONKEY" ]; then - OSM_DATABASE_COMMONKEY=$(generate_secret) - [ -z "OSM_DATABASE_COMMONKEY" ] && FATAL "Cannot generate common db secret" - fi - # Deploy OSM services [ -z "$DOCKER_NOBUILD" ] && pull_docker_images [ -z "$DOCKER_NOBUILD" ] && [ -z "$PULL_IMAGES" ] && generate_docker_images track docker_images docker_images_ok - generate_k8s_manifest_files - track osm_files manifest_files_ok - generate_docker_env_files - track osm_files env_files_ok - deploy_charmed_services track deploy_osm deploy_charmed_services_ok - kube_secrets - track deploy_osm kube_secrets_ok - update_manifest_files - track deploy_osm update_manifest_files_ok - namespace_vol - track deploy_osm namespace_vol_ok deploy_osm_services track deploy_osm deploy_osm_services_k8s_ok - if [ -n "$INSTALL_PLA" ]; then - # optional PLA install - deploy_osm_pla_service - track deploy_osm deploy_osm_pla_ok - fi if [ -n "$INSTALL_K8S_MONITOR" ]; then # install OSM MONITORING install_k8s_monitoring track deploy_osm install_k8s_monitoring_ok fi if [ -n "$INSTALL_NGSA" ]; then - # optional PLA install + # optional NGSA install install_osm_ngsa_service track deploy_osm install_osm_ngsa_ok fi diff --git a/installers/helm/osm/.helmignore b/installers/helm/osm/.helmignore new file mode 100644 index 00000000..f6c67cb9 --- /dev/null +++ b/installers/helm/osm/.helmignore @@ -0,0 +1,39 @@ +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*.orig +*~ +# Various IDEs +.project +.idea/ +*.tmproj +.vscode/ diff --git a/installers/helm/osm/Chart.yaml b/installers/helm/osm/Chart.yaml new file mode 100644 index 00000000..8d44eb49 --- /dev/null +++ b/installers/helm/osm/Chart.yaml @@ -0,0 +1,36 @@ +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v2 +name: osm +description: A Helm chart for Open Source MANO (OSM) +type: application +icon: https://www.etsi.org/images/articles/logos/OSM.png +version: 0.0.1 +appVersion: "14" +# dependencies: +# - name: mongodb +# repository: "https://charts.bitnami.com/bitnami" +# version: "13.9.4" +# condition: mongodb.enabled +# - name: airflow +# repository: "https://airflow.apache.org" +# version: "1.6.0" +# condition: airflow.enabled +# - name: mysql +# repository: "https://charts.bitnami.com/bitnami" +# version: "9.9.1" +# condition: mysql.enabled diff --git a/installers/helm/osm/templates/NOTES.txt b/installers/helm/osm/templates/NOTES.txt new file mode 100644 index 00000000..ea59625b --- /dev/null +++ b/installers/helm/osm/templates/NOTES.txt @@ -0,0 +1,29 @@ +{{/* +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +*/}} +1. Get the application URL by running these commands: +{{- if contains "NodePort" .Values.nbi.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services nbi) + export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.nbi.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w nbi' + export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} nbi --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") + echo http://$SERVICE_IP:{{ .Values.nbi.service.port }} +{{- end }} diff --git a/installers/helm/osm/templates/_helpers.tpl b/installers/helm/osm/templates/_helpers.tpl new file mode 100644 index 00000000..cd8ca4fe --- /dev/null +++ b/installers/helm/osm/templates/_helpers.tpl @@ -0,0 +1,114 @@ +{{/* +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +*/}} +{{/* +Expand the name of the chart. +*/}} +{{- define "osm.name" -}} +{{- default .Chart.Name .Values.global.nameOverride | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Create a default fully qualified app name. +We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). +If release name contains chart name it will be used as a full name. +*/}} +{{- define "osm.fullname" -}} +{{- if .Values.global.fullnameOverride }} +{{- .Values.global.fullnameOverride | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- $name := default .Chart.Name .Values.global.nameOverride }} +{{- if contains $name .Release.Name }} +{{- .Release.Name | trunc 63 | trimSuffix "-" }} +{{- else }} +{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" }} +{{- end }} +{{- end }} +{{- end }} + +{{/* +Create chart name and version as used by the chart label. +*/}} +{{- define "osm.chart" -}} +{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" }} +{{- end }} + +{{/* +Common labels +*/}} +{{- define "osm.labels" -}} +helm.sh/chart: {{ include "osm.chart" . }} +{{ include "osm.selectorLabels" . }} +{{- if .Chart.AppVersion }} +app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} +{{- end }} +app.kubernetes.io/managed-by: {{ .Release.Service }} +{{- end }} + +{{/* +Selector labels +*/}} +{{- define "osm.selectorLabels" -}} +app.kubernetes.io/name: {{ include "osm.name" . }} +app.kubernetes.io/instance: {{ .Release.Name }} +{{- end }} + +{{/* +Create the name of the service account to use +*/}} +{{- define "osm.serviceAccountName" -}} +{{- if .Values.global.serviceAccount.create }} +{{- default (include "osm.fullname" .) .Values.global.serviceAccount.name }} +{{- else }} +{{- default "default" .Values.global.serviceAccount.name }} +{{- end }} +{{- end }} + +{{/* +Create the name of the images to be used +*/}} +{{ define "osm.nbi.image" -}} +{{ printf "%s:%s" (.Values.nbi.image.repository | default (printf "%s/nbi" (.Values.global.image.repositoryBase))) (.Values.nbi.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.lcm.image" -}} +{{ printf "%s:%s" (.Values.lcm.image.repository | default (printf "%s/lcm" (.Values.global.image.repositoryBase))) (.Values.lcm.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.ro.image" -}} +{{ printf "%s:%s" (.Values.ro.image.repository | default (printf "%s/ro" (.Values.global.image.repositoryBase))) (.Values.ro.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.mon.image" -}} +{{ printf "%s:%s" (.Values.mon.image.repository | default (printf "%s/mon" (.Values.global.image.repositoryBase))) (.Values.mon.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.pol.image" -}} +{{ printf "%s:%s" (.Values.pol.image.repository | default (printf "%s/pol" (.Values.global.image.repositoryBase))) (.Values.pol.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.pla.image" -}} +{{ printf "%s:%s" (.Values.pla.image.repository | default (printf "%s/pla" (.Values.global.image.repositoryBase))) (.Values.pla.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.ngui.image" -}} +{{ printf "%s:%s" (.Values.ngui.image.repository | default (printf "%s/ng-ui" (.Values.global.image.repositoryBase))) (.Values.ngui.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.webhookTranslator.image" -}} +{{ printf "%s:%s" (.Values.webhookTranslator.image.repository | default (printf "%s/webhook" (.Values.global.image.repositoryBase))) (.Values.webhookTranslator.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.keystone.image" -}} +{{ printf "%s:%s" (.Values.keystone.image.repository | default (printf "%s/keystone" (.Values.global.image.repositoryBase))) (.Values.keystone.image.tag | default .Values.global.image.tag) }} +{{- end }} +{{ define "osm.prometheus.image" -}} +{{ printf "%s:%s" (.Values.prometheus.sidecarImage.repository | default (printf "%s/prometheus" (.Values.global.image.repositoryBase))) (.Values.prometheus.sidecarImage.tag | default .Values.global.image.tag) }} +{{- end }} diff --git a/installers/helm/osm/templates/certauth_setup/ca-issuer.yaml b/installers/helm/osm/templates/certauth_setup/ca-issuer.yaml new file mode 100644 index 00000000..59de79fd --- /dev/null +++ b/installers/helm/osm/templates/certauth_setup/ca-issuer.yaml @@ -0,0 +1,25 @@ +{{- if .Values.certauth.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: ca-issuer +spec: + ca: + secretName: osm-ca +{{- end }} diff --git a/installers/docker/osm_pods/ca_setup.yaml b/installers/helm/osm/templates/certauth_setup/osm-ca-certificate.yaml similarity index 73% rename from installers/docker/osm_pods/ca_setup.yaml rename to installers/helm/osm/templates/certauth_setup/osm-ca-certificate.yaml index 6a3ee654..23765df0 100644 --- a/installers/docker/osm_pods/ca_setup.yaml +++ b/installers/helm/osm/templates/certauth_setup/osm-ca-certificate.yaml @@ -1,4 +1,6 @@ -# Copyright 2022 Whitestack +{{- if .Values.certauth.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,15 +13,8 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and -# limitations under the License - -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: osm-selfsigned-issuer -spec: - selfSigned: {} ---- +# limitations under the License. +####################################################################################### apiVersion: cert-manager.io/v1 kind: Certificate metadata: @@ -36,11 +31,4 @@ spec: name: osm-selfsigned-issuer kind: ClusterIssuer group: cert-manager.io ---- -apiVersion: cert-manager.io/v1 -kind: ClusterIssuer -metadata: - name: ca-issuer -spec: - ca: - secretName: osm-ca \ No newline at end of file +{{- end }} diff --git a/installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml b/installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml new file mode 100644 index 00000000..7cf9e2c3 --- /dev/null +++ b/installers/helm/osm/templates/certauth_setup/osm-selfsigned-issuer.yaml @@ -0,0 +1,24 @@ +{{- if .Values.certauth.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: cert-manager.io/v1 +kind: ClusterIssuer +metadata: + name: osm-selfsigned-issuer +spec: + selfSigned: {} +{{- end }} diff --git a/installers/helm/osm/templates/grafana/grafana-clusterrole.yaml b/installers/helm/osm/templates/grafana/grafana-clusterrole.yaml new file mode 100644 index 00000000..1e2753a9 --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-clusterrole.yaml @@ -0,0 +1,34 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRole +metadata: + labels: + app: grafana + name: grafana-clusterrole +rules: +- apiGroups: + - "" + resources: + - configmaps + - secrets + verbs: + - get + - watch + - list +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml b/installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml new file mode 100644 index 00000000..a6c2f976 --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-clusterrolebinding.yaml @@ -0,0 +1,32 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: rbac.authorization.k8s.io/v1 +kind: ClusterRoleBinding +metadata: + labels: + app: grafana + name: grafana-clusterrolebinding +roleRef: + apiGroup: rbac.authorization.k8s.io + kind: ClusterRole + name: grafana-clusterrole +subjects: +- kind: ServiceAccount + name: grafana + namespace: osm +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/grafana/grafana-configmap.yaml b/installers/helm/osm/templates/grafana/grafana-configmap.yaml new file mode 100644 index 00000000..7d4653b2 --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-configmap.yaml @@ -0,0 +1,33 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +data: + grafana.ini: | + [log] + mode = console + [paths] + data = /var/lib/grafana/data + logs = /var/log/grafana + plugins = /var/lib/grafana/plugins + provisioning = /etc/grafana/provisioning +kind: ConfigMap +metadata: + labels: + app: grafana + name: grafana +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml b/installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml new file mode 100644 index 00000000..68dc91b8 --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-dashboard-provider-configmap.yaml @@ -0,0 +1,42 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +data: + provider.yaml: |- + apiVersion: 1 + providers: + - name: 'Kubernetes Cluster' + orgId: 1 + folder: 'Kubernetes Cluster' + type: file + disableDeletion: false + options: + path: '/tmp/dashboards/Kubernetes Cluster' + - name: 'Open Source MANO' + orgId: 1 + folder: 'Open Source MANO' + type: file + disableDeletion: false + options: + path: '/tmp/dashboards/Open Source MANO' +kind: ConfigMap +metadata: + labels: + app: grafana + name: grafana-dashboard-provider +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml b/installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml new file mode 100644 index 00000000..ac07a36c --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-datasource-configmap.yaml @@ -0,0 +1,40 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + labels: + grafana_datasource: "1" + name: grafana-datasource +data: + datasource.yaml: |- + apiVersion: 1 + datasources: + - name: osm_prometheus + type: prometheus + url: http://prometheus:9090 + access: proxy + allowUiUpdates: true + isDefault: true + - name: Prometheus + type: prometheus + url: http://osm-monitoring-kube-promet-prometheus.monitoring:9090 + access: proxy + allowUiUpdates: true + isDefault: false +{{- end -}} \ No newline at end of file diff --git a/installers/docker/osm_pods/grafana.yaml b/installers/helm/osm/templates/grafana/grafana-deployment.yaml similarity index 56% rename from installers/docker/osm_pods/grafana.yaml rename to installers/helm/osm/templates/grafana/grafana-deployment.yaml index 00e46df4..a54d6878 100644 --- a/installers/docker/osm_pods/grafana.yaml +++ b/installers/helm/osm/templates/grafana/grafana-deployment.yaml @@ -1,133 +1,20 @@ -# Copyright 2020 Minsait - Indra S.A. +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. # -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# Author: Jose Manuel Palacios (jmpalacios@minsait.com) -# Author: Alberto Limon (alimonj@minsait.com) - -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRole -metadata: - labels: - app: grafana - name: grafana-clusterrole -rules: -- apiGroups: - - "" - resources: - - configmaps - - secrets - verbs: - - get - - watch - - list ---- -apiVersion: rbac.authorization.k8s.io/v1 -kind: ClusterRoleBinding -metadata: - labels: - app: grafana - name: grafana-clusterrolebinding -roleRef: - apiGroup: rbac.authorization.k8s.io - kind: ClusterRole - name: grafana-clusterrole -subjects: -- kind: ServiceAccount - name: grafana - namespace: osm ---- -apiVersion: v1 -data: - admin-password: YWRtaW4= - admin-user: YWRtaW4= -kind: Secret -metadata: - labels: - app: grafana - name: grafana -type: Opaque ---- -apiVersion: v1 -kind: ServiceAccount -metadata: - labels: - app: grafana - name: grafana ---- -apiVersion: v1 -data: - provider.yaml: |- - apiVersion: 1 - providers: - - name: 'Kubernetes Cluster' - orgId: 1 - folder: 'Kubernetes Cluster' - type: file - disableDeletion: false - options: - path: '/tmp/dashboards/Kubernetes Cluster' - - name: 'Open Source MANO' - orgId: 1 - folder: 'Open Source MANO' - type: file - disableDeletion: false - options: - path: '/tmp/dashboards/Open Source MANO' -kind: ConfigMap -metadata: - labels: - app: grafana - name: grafana-dashboard-provider ---- -apiVersion: v1 -kind: ConfigMap -metadata: - labels: - grafana_datasource: "1" - name: grafana-datasource -data: - datasource.yaml: |- - apiVersion: 1 - datasources: - - name: osm_prometheus - type: prometheus - url: http://prometheus:9090 - access: proxy - allowUiUpdates: true - isDefault: true - - name: Prometheus - type: prometheus - url: http://osm-monitoring-kube-promet-prometheus.monitoring:9090 - access: proxy - allowUiUpdates: true - isDefault: false ---- -apiVersion: v1 -data: - grafana.ini: | - [log] - mode = console - [paths] - data = /var/lib/grafana/data - logs = /var/log/grafana - plugins = /var/lib/grafana/plugins - provisioning = /etc/grafana/provisioning -kind: ConfigMap -metadata: - labels: - app: grafana - name: grafana ---- +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### apiVersion: apps/v1 kind: Deployment metadata: @@ -246,8 +133,7 @@ spec: restartPolicy: Always schedulerName: default-scheduler securityContext: - fsGroup: 472 - runAsUser: 472 + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} serviceAccount: grafana serviceAccountName: grafana terminationGracePeriodSeconds: 30 @@ -268,21 +154,4 @@ spec: name: sc-dashboard-provider - emptyDir: {} name: sc-datasources-volume ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: grafana - name: grafana -spec: - ports: - - name: service - nodePort: 3000 - port: 3000 - protocol: TCP - targetPort: 3000 - selector: - app: grafana - sessionAffinity: None - type: NodePort +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/grafana/grafana-secret.yaml b/installers/helm/osm/templates/grafana/grafana-secret.yaml new file mode 100644 index 00000000..fd240e60 --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-secret.yaml @@ -0,0 +1,28 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +data: + admin-password: YWRtaW4= + admin-user: YWRtaW4= +kind: Secret +metadata: + labels: + app: grafana + name: grafana +type: Opaque +{{- end -}} \ No newline at end of file diff --git a/installers/docker/osm_pods/ng-ui.yaml b/installers/helm/osm/templates/grafana/grafana-service.yaml similarity index 53% rename from installers/docker/osm_pods/ng-ui.yaml rename to installers/helm/osm/templates/grafana/grafana-service.yaml index 6c153377..6adee4b1 100644 --- a/installers/docker/osm_pods/ng-ui.yaml +++ b/installers/helm/osm/templates/grafana/grafana-service.yaml @@ -1,4 +1,6 @@ -# Copyright 2019 TATA ELXSI +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,42 +13,23 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and -# limitations under the License -# Author: Vijay Nag B S (vijaynag.bs@tataelxsi.co.in) - +# limitations under the License. +####################################################################################### apiVersion: v1 kind: Service metadata: - name: ng-ui + labels: + app: grafana + name: grafana spec: ports: - - nodePort: 80 - port: 80 + - name: service + nodePort: 3000 + port: 3000 protocol: TCP - targetPort: 80 + targetPort: 3000 selector: - app: ng-ui + app: grafana + sessionAffinity: None type: NodePort ---- -apiVersion: apps/v1 -kind: Deployment -metadata: - name: ng-ui - labels: - app: ng-ui -spec: - replicas: 1 - selector: - matchLabels: - app: ng-ui - template: - metadata: - labels: - app: ng-ui - spec: - containers: - - name: ng-ui - image: opensourcemano/ng-ui:13 - ports: - - containerPort: 80 - protocol: TCP +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml b/installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml new file mode 100644 index 00000000..63ea5156 --- /dev/null +++ b/installers/helm/osm/templates/grafana/grafana-serviceaccount.yaml @@ -0,0 +1,24 @@ +{{- if .Values.grafana.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ServiceAccount +metadata: + labels: + app: grafana + name: grafana +{{- end -}} \ No newline at end of file diff --git a/installers/helm/osm/templates/kafka/kafka-configmap.yaml b/installers/helm/osm/templates/kafka/kafka-configmap.yaml new file mode 100644 index 00000000..f967734d --- /dev/null +++ b/installers/helm/osm/templates/kafka/kafka-configmap.yaml @@ -0,0 +1,34 @@ +{{- if .Values.kafka.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-kafka-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + KAFKA_ADVERTISED_HOST_NAME: kafka.osm + KAFKA_ADVERTISED_PORT: "9092" + KAFKA_ZOOKEEPER_CONNECT: "zookeeper:2181" + KAFKA_LOG_RETENTION_HOURS: "24" + KAFKA_BROKER_ID: "1" + KAFKA_ADVERTISED_LISTENERS: "PLAINTEXT://:9092" + KAFKA_LISTENERS: "PLAINTEXT://:9092" + KAFKA_INTER_BROKER_LISTENER_NAME: "PLAINTEXT" + KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1" +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/kafka/kafka-service.yaml b/installers/helm/osm/templates/kafka/kafka-service.yaml new file mode 100644 index 00000000..73a0a050 --- /dev/null +++ b/installers/helm/osm/templates/kafka/kafka-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.kafka.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: kafka + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: ClusterIP + clusterIP: None + ports: + - port: {{ .Values.kafka.service.port }} + targetPort: 9092 + protocol: TCP + selector: + app.kubernetes.io/component: kafka + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/kafka/kafka-statefulset.yaml b/installers/helm/osm/templates/kafka/kafka-statefulset.yaml new file mode 100644 index 00000000..81563eb2 --- /dev/null +++ b/installers/helm/osm/templates/kafka/kafka-statefulset.yaml @@ -0,0 +1,88 @@ +{{- if .Values.kafka.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: kafka + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.kafka.replicaCount | default .Values.global.replicaCount }} + serviceName: kafka + selector: + matchLabels: + app.kubernetes.io/component: kafka + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: kafka + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + initContainers: + - name: zookeeper-test + image: alpine:latest + command: ["sh", "-c", "until nc -zvw1 zookeeper 2181; do sleep 3; done; exit 0"] + containers: + - name: kafka + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # runAsNonRoot: true + image: wurstmeister/kafka:2.11-1.0.2 + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 9092 + protocol: TCP + volumeMounts: + - name: socket + mountPath: /var/run/docker.sock + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-kafka-configmap + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: socket + hostPath: + path: /var/run/docker.sock +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/keystone/keystone-configmap.yaml b/installers/helm/osm/templates/keystone/keystone-configmap.yaml new file mode 100644 index 00000000..f076ad7f --- /dev/null +++ b/installers/helm/osm/templates/keystone/keystone-configmap.yaml @@ -0,0 +1,26 @@ +{{- if .Values.keystone.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-keystone-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + DB_HOST: "mysql" +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/keystone/keystone-deployment.yaml b/installers/helm/osm/templates/keystone/keystone-deployment.yaml new file mode 100644 index 00000000..bf44346d --- /dev/null +++ b/installers/helm/osm/templates/keystone/keystone-deployment.yaml @@ -0,0 +1,100 @@ +{{- if .Values.keystone.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: keystone + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.keystone.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: keystone + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: keystone + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + containers: + - name: keystone + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.keystone.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 5000 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-keystone-configmap + {{- if not .Values.keystone.useOsmSecret }} + - secretRef: + name: {{ .Values.keystone.secretName | default "keystone-secret" }} + {{- else }} + env: + - name: ROOT_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_MYSQL_ROOT_PASSWORD + - name: KEYSTONE_DB_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_KEYSTONE_DB_PASSWORD + - name: SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_SERVICE_PASSWORD + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/keystone/keystone-service.yaml b/installers/helm/osm/templates/keystone/keystone-service.yaml new file mode 100644 index 00000000..7e4aa525 --- /dev/null +++ b/installers/helm/osm/templates/keystone/keystone-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.keystone.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: keystone + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: ClusterIP + clusterIP: None + ports: + - port: {{ .Values.keystone.service.port }} + targetPort: 5000 + protocol: TCP + selector: + app.kubernetes.io/component: keystone + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/lcm/lcm-configmap.yaml b/installers/helm/osm/templates/lcm/lcm-configmap.yaml new file mode 100644 index 00000000..40d74c1d --- /dev/null +++ b/installers/helm/osm/templates/lcm/lcm-configmap.yaml @@ -0,0 +1,38 @@ +{{- if .Values.lcm.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-lcm-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSMLCM_RO_HOST: "ro" + OSMLCM_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + OSMLCM_MESSAGE_HOST: "kafka" + OSMLCM_STORAGE_DRIVER: "mongo" + OSMLCM_STORAGE_PATH: "/app/storage" + OSMLCM_STORAGE_COLLECTION: "files" + OSMLCM_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" +{{- with .Values.lcm.config }} + {{- . | toYaml | nindent 2 }} +{{- end }} +{{- with .Values.httpProxy }} + {{- . | toYaml | nindent 2 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/lcm/lcm-deployment.yaml b/installers/helm/osm/templates/lcm/lcm-deployment.yaml new file mode 100644 index 00000000..e9bfd03f --- /dev/null +++ b/installers/helm/osm/templates/lcm/lcm-deployment.yaml @@ -0,0 +1,125 @@ +{{- if .Values.lcm.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: lcm + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.lcm.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: lcm + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: lcm + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + initContainers: + - name: kafka-ro-mongo-test + image: alpine:latest + command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 ro 9090 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] + containers: + - name: lcm + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.lcm.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-lcm-configmap + {{- if not .Values.lcm.useOsmSecret }} + - secretRef: + name: {{ .Values.lcm.secretName | default "lcm-secret" }} + {{- end }} + env: + - name: OSMLCM_VCA_HOST + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_HOST + - name: OSMLCM_VCA_SECRET + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_SECRET + - name: OSMLCM_VCA_PUBKEY + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_PUBKEY + - name: OSMLCM_VCA_CACERT + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_CACERT + {{- if .Values.lcm.useOsmSecret }} + - name: OSMLCM_DATABASE_COMMONKEY + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_DATABASE_COMMONKEY + {{- end }} + volumeMounts: + - mountPath: /etc/ssl/certs/osm-ca.crt + name: osm-ca + readOnly: true + subPath: osm-ca.crt + volumes: + - name: osm-ca + secret: + defaultMode: 420 + items: + - key: tls.crt + path: osm-ca.crt + secretName: osm-ca + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/mon/mon-configmap.yaml b/installers/helm/osm/templates/mon/mon-configmap.yaml new file mode 100644 index 00000000..06a4545d --- /dev/null +++ b/installers/helm/osm/templates/mon/mon-configmap.yaml @@ -0,0 +1,31 @@ +{{- if .Values.mon.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-mon-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSMMON_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + OSMMON_MESSAGE_HOST: "kafka" + OSMMON_MESSAGE_PORT: "9092" +{{- with .Values.mon.config }} + {{- . | toYaml | nindent 2 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/mon/mon-deployment.yaml b/installers/helm/osm/templates/mon/mon-deployment.yaml new file mode 100644 index 00000000..6d70356d --- /dev/null +++ b/installers/helm/osm/templates/mon/mon-deployment.yaml @@ -0,0 +1,114 @@ +{{- if .Values.mon.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: mon + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.mon.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: mon + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: mon + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + initContainers: + - name: kafka-mongo-test + image: alpine:latest + command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] + containers: + - name: mon + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.mon.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + {{- if not .Values.global.oldServiceAssurance }} + command: ["/bin/bash"] + args: ["scripts/dashboarder-start.sh"] + {{- end }} + ports: + - containerPort: 8662 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-mon-configmap + {{- if not .Values.mon.useOsmSecret }} + - secretRef: + name: {{ .Values.mon.secretName | default "mon-secret" }} + {{- end }} + env: + - name: OSMMON_VCA_HOST + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_HOST + - name: OSMMON_VCA_SECRET + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_SECRET + - name: OSMMON_VCA_CACERT + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-vca-secret + key: OSM_VCA_CACERT + {{- if .Values.mon.useOsmSecret }} + - name: OSMMON_DATABASE_COMMONKEY + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_DATABASE_COMMONKEY + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/mon/mon-service.yaml b/installers/helm/osm/templates/mon/mon-service.yaml new file mode 100644 index 00000000..0737e144 --- /dev/null +++ b/installers/helm/osm/templates/mon/mon-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.mon.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: mon + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: ClusterIP + clusterIP: None + ports: + - port: {{ .Values.mon.service.port }} + targetPort: 8662 + protocol: TCP + selector: + app.kubernetes.io/component: mon + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/mysql/mysql-service.yaml b/installers/helm/osm/templates/mysql/mysql-service.yaml new file mode 100644 index 00000000..a2bb113c --- /dev/null +++ b/installers/helm/osm/templates/mysql/mysql-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.mysql.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: mysql + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: ClusterIP + clusterIP: None + ports: + - port: {{ .Values.mysql.service.port }} + targetPort: 3306 + protocol: TCP + selector: + app.kubernetes.io/component: mysql + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/mysql/mysql-statefulset.yaml b/installers/helm/osm/templates/mysql/mysql-statefulset.yaml new file mode 100644 index 00000000..c9b2d161 --- /dev/null +++ b/installers/helm/osm/templates/mysql/mysql-statefulset.yaml @@ -0,0 +1,94 @@ +{{- if .Values.mysql.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: mysql + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.mysql.replicaCount | default .Values.global.replicaCount }} + serviceName: mysql + selector: + matchLabels: + app.kubernetes.io/component: mysql + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: mysql + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + containers: + - name: mysql + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # runAsNonRoot: true + image: mysql:5 + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 3306 + protocol: TCP + name: mysql + volumeMounts: + - name: mysql-db + mountPath: /var/lib/mysql + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + {{- if not .Values.mysql.useOsmSecret }} + - secretRef: + name: {{ .Values.mysql.secretName | default "ro-db-secret" }} + {{- else }} + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_MYSQL_ROOT_PASSWORD + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: mysql-db + hostPath: + path: {{ .Values.mysql.dbHostPath | default "/var/lib/osm/{{ .Release.Namespace }}/osm_ro_db/_data" }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/nbi/nbi-configmap.yaml b/installers/helm/osm/templates/nbi/nbi-configmap.yaml new file mode 100644 index 00000000..e8dbcaa0 --- /dev/null +++ b/installers/helm/osm/templates/nbi/nbi-configmap.yaml @@ -0,0 +1,31 @@ +{{- if .Values.nbi.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-nbi-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSMNBI_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + OSMNBI_MESSAGE_HOST: "kafka" + OSMNBI_STORAGE_DRIVER: "mongo" + OSMNBI_STORAGE_PATH: "/app/storage" + OSMNBI_STORAGE_COLLECTION: "files" + OSMNBI_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/nbi/nbi-deployment.yaml b/installers/helm/osm/templates/nbi/nbi-deployment.yaml new file mode 100644 index 00000000..1fe1e6d4 --- /dev/null +++ b/installers/helm/osm/templates/nbi/nbi-deployment.yaml @@ -0,0 +1,99 @@ +{{- if .Values.nbi.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: nbi + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.nbi.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: nbi + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: nbi + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + initContainers: + - name: kafka-mongo-test + image: alpine:latest + command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] + containers: + - name: nbi + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.nbi.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 9999 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-nbi-configmap + {{- if not .Values.nbi.useOsmSecret }} + - secretRef: + name: {{ .Values.nbi.secretName | default "nbi-secret" }} + {{- else }} + env: + - name: OSMNBI_AUTHENTICATION_SERVICE_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_SERVICE_PASSWORD + - name: OSMNBI_DATABASE_COMMONKEY + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_DATABASE_COMMONKEY + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/nbi/nbi-service.yaml b/installers/helm/osm/templates/nbi/nbi-service.yaml new file mode 100644 index 00000000..0ea6433c --- /dev/null +++ b/installers/helm/osm/templates/nbi/nbi-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.nbi.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: nbi + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: {{ .Values.nbi.service.type }} + ports: + - nodePort: {{ .Values.nbi.service.nodePort }} + port: {{ .Values.nbi.service.port }} + targetPort: 9999 + protocol: TCP + selector: + app.kubernetes.io/component: nbi + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/ng_ui/ngui-deployment.yaml b/installers/helm/osm/templates/ng_ui/ngui-deployment.yaml new file mode 100644 index 00000000..42683508 --- /dev/null +++ b/installers/helm/osm/templates/ng_ui/ngui-deployment.yaml @@ -0,0 +1,73 @@ +{{- if .Values.ngui.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ngui + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ngui.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: ngui + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: ngui + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + containers: + - name: ngui + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # runAsNonRoot: true + image: {{ include "osm.ngui.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 80 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/ng_ui/ngui-service.yaml b/installers/helm/osm/templates/ng_ui/ngui-service.yaml new file mode 100644 index 00000000..d2eb22ce --- /dev/null +++ b/installers/helm/osm/templates/ng_ui/ngui-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.ngui.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: ng-ui + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: {{ .Values.ngui.service.type }} + ports: + - nodePort: {{ .Values.ngui.service.nodePort }} + port: {{ .Values.ngui.service.port }} + targetPort: 80 + protocol: TCP + selector: + app.kubernetes.io/component: ngui + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/osm-secret.yaml b/installers/helm/osm/templates/osm-secret.yaml new file mode 100644 index 00000000..741d5421 --- /dev/null +++ b/installers/helm/osm/templates/osm-secret.yaml @@ -0,0 +1,28 @@ +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "osm.fullname" . }}-secret + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSM_DATABASE_COMMONKEY: {{ randAlphaNum 32 | b64enc | quote }} + OSM_MYSQL_ROOT_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }} + OSM_KEYSTONE_DB_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }} + OSM_SERVICE_PASSWORD: {{ randAlphaNum 32 | b64enc | quote }} diff --git a/installers/helm/osm/templates/pla/pla-configmap.yaml b/installers/helm/osm/templates/pla/pla-configmap.yaml new file mode 100644 index 00000000..9b97ca34 --- /dev/null +++ b/installers/helm/osm/templates/pla/pla-configmap.yaml @@ -0,0 +1,30 @@ +{{- if .Values.global.oldServiceAssurance -}} +{{- if .Values.pla.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-pla-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSMPLA_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + OSMPLA_DATABASE_HOST: "mongo" + OSMPLA_MESSAGE_HOST: "kafka" +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/pla/pla-deployment.yaml b/installers/helm/osm/templates/pla/pla-deployment.yaml new file mode 100644 index 00000000..d1a1f53a --- /dev/null +++ b/installers/helm/osm/templates/pla/pla-deployment.yaml @@ -0,0 +1,82 @@ +{{- if .Values.global.oldServiceAssurance -}} +{{- if .Values.pla.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pla + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.pla.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: pla + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: pla + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + initContainers: + - name: kafka-mongo-test + image: alpine:latest + command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] + containers: + - name: pla + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.pla.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-pla-configmap + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/pol/pol-configmap.yaml b/installers/helm/osm/templates/pol/pol-configmap.yaml new file mode 100644 index 00000000..caa5b419 --- /dev/null +++ b/installers/helm/osm/templates/pol/pol-configmap.yaml @@ -0,0 +1,30 @@ +{{- if .Values.global.oldServiceAssurance -}} +{{- if .Values.pol.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-pol-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSMPOL_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + OSMPOL_MESSAGE_HOST: "kafka" + OSMPOL_MESSAGE_PORT: "9092" +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/pol/pol-deployment.yaml b/installers/helm/osm/templates/pol/pol-deployment.yaml new file mode 100644 index 00000000..a8b97c8a --- /dev/null +++ b/installers/helm/osm/templates/pol/pol-deployment.yaml @@ -0,0 +1,96 @@ +{{- if .Values.global.oldServiceAssurance -}} +{{- if .Values.pol.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: pol + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.pol.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: pol + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: pol + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + initContainers: + - name: kafka-mongo-test + image: alpine:latest + command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] + containers: + - name: pol + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.pol.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 8662 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-pol-configmap + {{- if not .Values.pol.useOsmSecret }} + - secretRef: + name: {{ .Values.pol.secretName | default "pol-secret" }} + {{- else }} + env: + - name: OSMPOL_DATABASE_COMMONKEY + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_DATABASE_COMMONKEY + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml new file mode 100644 index 00000000..b4f26794 --- /dev/null +++ b/installers/helm/osm/templates/prometheus/prometheus-alertingrules-configmap.yaml @@ -0,0 +1,37 @@ +{{- if not .Values.global.oldServiceAssurance -}} +{{- if .Values.prometheus.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-prometheus-alertingrules-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + osm_alert_rules.yml: | + groups: + - name: osm_alert_rules + rules: + - alert: vdu_down + expr: vm_status_extended != 1 + for: 3m + annotations: + summary: "VDU {{ "{{" }} $labels.vm_id }} in VIM {{ "{{" }} $labels.vim_id }} is down" + description: "VDU {{ "{{" }} $labels.vm_id }} in VIM {{ "{{" }} $labels.vim_id }} has been down for more than 3 minutes. NS instance id is {{ "{{" }} $labels.ns_id }}" +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/prometheus/prometheus-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-configmap.yaml new file mode 100644 index 00000000..b213e22e --- /dev/null +++ b/installers/helm/osm/templates/prometheus/prometheus-configmap.yaml @@ -0,0 +1,30 @@ +{{- if .Values.prometheus.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-prometheus-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + MONGODB_URL: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + PROMETHEUS_CONFIG_FILE: "/etc/prometheus/prometheus.yml" + PROMETHEUS_BASE_CONFIG_FILE: "/etc/prometheus_base/prometheus.yml" + TARGET_DATABASE: "osm" + PROMETHEUS_URL: "http://prometheus:9090" +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml new file mode 100644 index 00000000..18fef224 --- /dev/null +++ b/installers/helm/osm/templates/prometheus/prometheus-prom-configmap.yaml @@ -0,0 +1,87 @@ +{{- if .Values.prometheus.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-prometheus-prom-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + prometheus.yml: | + # Copyright 2018 The Prometheus Authors + # Copyright 2018 Whitestack + # Copyright 2018 Telefonica Investigacion y Desarrollo, S.A.U. + # + # Licensed under the Apache License, Version 2.0 (the "License"); + # you may not use this file except in compliance with the License. + # You may obtain a copy of the License at + # + # http://www.apache.org/licenses/LICENSE-2.0 + # + # Unless required by applicable law or agreed to in writing, software + # distributed under the License is distributed on an "AS IS" BASIS, + # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + # See the License for the specific language governing permissions and + # limitations under the License. + + # my global config + global: + scrape_interval: 15s # Set the scrape interval to every 15 seconds. Default is every 1 minute. + evaluation_interval: 15s # Evaluate rules every 15 seconds. The default is every 1 minute. + # scrape_timeout is set to the global default (10s). + + # Alertmanager configuration + alerting: + alertmanagers: + - static_configs: + - targets: +{{- if .Values.global.oldServiceAssurance }} + # - alertmanager:9093 +{{- else }} + - alertmanager:9093 +{{- end }} + # Load rules once and periodically evaluate them according to the global 'evaluation_interval'. +{{- if .Values.global.oldServiceAssurance }} + rule_files: + # - "first_rules.yml" + # - "second_rules.yml" +{{- else }} + rule_files: + - "osm_metric_rules.yml" + - "osm_alert_rules.yml" +{{- end }} + # A scrape configuration containing exactly one endpoint to scrape: + # Here it's Prometheus itself. + scrape_configs: + - job_name: 'mon_exporter' + static_configs: + - targets: ['mon:8000'] +{{- if .Values.global.oldServiceAssurance }} + # Add here other external targets, e.g. a pushgateway + # - job_name: 'pushgateway' + # static_configs: + # - targets: ['prometheus-pushgateway:9091'] +{{- else }} + - job_name: pushgateway + honor_labels: true + scrape_interval: 30s + static_configs: + - targets: + - pushgateway-prometheus-pushgateway:9091 +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml b/installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml new file mode 100644 index 00000000..c314d86e --- /dev/null +++ b/installers/helm/osm/templates/prometheus/prometheus-recordingrules-configmap.yaml @@ -0,0 +1,43 @@ +{{- if not .Values.global.oldServiceAssurance -}} +{{- if .Values.prometheus.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-prometheus-recordingrules-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + osm_metric_rules.yml: | + groups: + - name: osm_metric_rules + rules: + - record: vm_status_extended + expr: (last_over_time(vm_status[1m]) * on (vm_id, vim_id) group_left(ns_id, vnf_id, vdu_id, project_id, job, vdu_name, vnf_member_index) last_over_time(ns_topology[1m])) or (last_over_time(ns_topology[1m]) * -1) + labels: + job: osm_prometheus + - record: vnf_status + expr: (0 * (count (vm_status_extended==0) by (ns_id, vnf_id)>=0)) or (min by (ns_id, vnf_id) (vm_status_extended)) + labels: + job: osm_prometheus + - record: ns_status + expr: (0 * (count (vm_status_extended==0) by (ns_id)>=0)) or (min by (ns_id) (vm_status_extended)) + labels: + job: osm_prometheus +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/prometheus/prometheus-service.yaml b/installers/helm/osm/templates/prometheus/prometheus-service.yaml new file mode 100644 index 00000000..99eef4a2 --- /dev/null +++ b/installers/helm/osm/templates/prometheus/prometheus-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.prometheus.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: prometheus + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: {{ .Values.prometheus.service.type }} + ports: + - nodePort: {{ .Values.prometheus.service.nodePort }} + port: 9090 + targetPort: 9090 + protocol: TCP + selector: + app.kubernetes.io/component: prometheus + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml b/installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml new file mode 100644 index 00000000..476ab4f0 --- /dev/null +++ b/installers/helm/osm/templates/prometheus/prometheus-statefulset.yaml @@ -0,0 +1,141 @@ +{{- if .Values.prometheus.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: prometheus + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.prometheus.replicaCount | default .Values.global.replicaCount }} + serviceName: prometheus + selector: + matchLabels: + app.kubernetes.io/component: prometheus + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: prometheus + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + initContainers: + - name: prometheus-init-config + image: busybox + command: ["/bin/sh", "-c"] +{{- if .Values.global.oldServiceAssurance }} + args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi'] +{{- else }} + args: ['if [ ! -f "/etc/prometheus/prometheus.yml" ]; then cp /config/prometheus.yml /etc/prometheus; fi; cp /config/osm_metric_rules.yml /config/osm_alert_rules.yml /etc/prometheus'] +{{- end }} + volumeMounts: + - name: prom-config + mountPath: /etc/prometheus + - name: prom-config-base + mountPath: /config + containers: + - name: prometheus + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # runAsNonRoot: true + image: prom/prometheus:v2.28.1 + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + args: + - --config.file=/etc/prometheus/prometheus.yml + - --web.enable-lifecycle + ports: + - containerPort: 9090 + protocol: TCP + volumeMounts: + - name: prom-config + mountPath: /etc/prometheus + - name: prom-db + mountPath: /prometheus + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + - name: prometheus-config-sidecar + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # runAsNonRoot: true + image: {{ include "osm.prometheus.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + volumeMounts: + - name: prom-config + mountPath: /etc/prometheus + - name: prom-config-base + mountPath: /etc/prometheus_base + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-prometheus-configmap + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} + volumes: + - name: prom-db + emptyDir: {} + - name: prom-config + emptyDir: {} + - name: prom-config-base + projected: + sources: + - configMap: + name: {{ include "osm.fullname" . }}-prometheus-prom-configmap + items: + - key: prometheus.yml + path: prometheus.yml +{{- if not .Values.global.oldServiceAssurance }} + - configMap: + name: {{ include "osm.fullname" . }}-prometheus-recordingrules-configmap + items: + - key: osm_metric_rules.yml + path: osm_metric_rules.yml + - configMap: + name: {{ include "osm.fullname" . }}-prometheus-alertingrules-configmap + items: + - key: osm_alert_rules.yml + path: osm_alert_rules.yml +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/ro/ro-configmap.yaml b/installers/helm/osm/templates/ro/ro-configmap.yaml new file mode 100644 index 00000000..39bb90ba --- /dev/null +++ b/installers/helm/osm/templates/ro/ro-configmap.yaml @@ -0,0 +1,31 @@ +{{- if .Values.ro.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-ro-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSMRO_DATABASE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" + OSMRO_MESSAGE_HOST: "kafka" + OSMRO_STORAGE_DRIVER: "mongo" + OSMRO_STORAGE_PATH: "/app/storage" + OSMRO_STORAGE_COLLECTION: "files" + OSMRO_STORAGE_URI: "mongodb://mongodb-k8s:27017/?replicaSet=rs0" +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/ro/ro-deployment.yaml b/installers/helm/osm/templates/ro/ro-deployment.yaml new file mode 100644 index 00000000..7c07534a --- /dev/null +++ b/installers/helm/osm/templates/ro/ro-deployment.yaml @@ -0,0 +1,99 @@ +{{- if .Values.ro.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: ro + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.ro.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: ro + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: ro + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + initContainers: + - name: kafka-mongo-test + image: alpine:latest + command: ["sh", "-c", "until (nc -zvw1 kafka 9092 && nc -zvw1 mongodb-k8s 27017); do sleep 3; done; exit 0"] + containers: + - name: ro + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.ro.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 9090 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-ro-configmap + {{- if not .Values.ro.useOsmSecret }} + - secretRef: + name: {{ .Values.ro.secretName | default "ro-secret" }} + {{- else }} + env: + - name: OSMRO_DATABASE_COMMONKEY + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_DATABASE_COMMONKEY + - name: RO_DB_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ include "osm.fullname" . }}-secret + key: OSM_MYSQL_ROOT_PASSWORD + {{- end }} + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/ro/ro-service.yaml b/installers/helm/osm/templates/ro/ro-service.yaml new file mode 100644 index 00000000..30ecb749 --- /dev/null +++ b/installers/helm/osm/templates/ro/ro-service.yaml @@ -0,0 +1,34 @@ +{{- if .Values.ro.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Service +metadata: + name: ro + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + type: ClusterIP + clusterIP: None + ports: + - port: {{ .Values.ro.service.port }} + targetPort: 9090 + protocol: TCP + selector: + app.kubernetes.io/component: ro + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/serviceaccount.yaml b/installers/helm/osm/templates/serviceaccount.yaml new file mode 100644 index 00000000..db76fa9b --- /dev/null +++ b/installers/helm/osm/templates/serviceaccount.yaml @@ -0,0 +1,28 @@ +{{- if .Values.global.serviceAccount.create -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ServiceAccount +metadata: + name: {{ include "osm.serviceAccountName" . }} + labels: + {{- include "osm.labels" . | nindent 4 }} + {{- with .Values.global.serviceAccount.annotations }} + annotations: + {{- toYaml . | nindent 4 }} + {{- end }} +{{- end }} diff --git a/installers/helm/osm/templates/vca/vca-secret.yaml b/installers/helm/osm/templates/vca/vca-secret.yaml new file mode 100644 index 00000000..106047c8 --- /dev/null +++ b/installers/helm/osm/templates/vca/vca-secret.yaml @@ -0,0 +1,30 @@ +{{- if .Values.vca.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "osm.fullname" . }}-vca-secret + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + OSM_VCA_HOST: {{ ( .Values.vca.host | default ( randAlphaNum 32 ) ) | b64enc | quote }} + OSM_VCA_SECRET: {{ ( .Values.vca.secret | default ( randAlphaNum 32 ) ) | b64enc | quote }} + OSM_VCA_PUBKEY: {{ ( .Values.vca.pubkey | default ( randAlphaNum 32 ) ) | b64enc | quote }} + OSM_VCA_CACERT: {{ ( .Values.vca.cacert | default ( randAlphaNum 32 ) ) | b64enc | quote }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml new file mode 100644 index 00000000..f4464137 --- /dev/null +++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-configmap.yaml @@ -0,0 +1,29 @@ +{{- if not .Values.global.oldServiceAssurance -}} +{{- if .Values.webhookTranslator.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "osm.fullname" . }}-webhook-configmap + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + AIRFLOW_HOST: "airflow-webserver" + AIRFLOW_PORT: "8080" +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml new file mode 100644 index 00000000..84a3dba2 --- /dev/null +++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-deployment.yaml @@ -0,0 +1,83 @@ +{{- if not .Values.global.oldServiceAssurance -}} +{{- if .Values.webhookTranslator.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: Deployment +metadata: + name: webhook-translator + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.webhookTranslator.replicaCount | default .Values.global.replicaCount }} + selector: + matchLabels: + app.kubernetes.io/component: webhook-translator + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: webhook-translator + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + securityContext: + {{- toYaml .Values.global.podSecurityContext | nindent 8 }} + containers: + - name: webhook-translator + securityContext: + readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + runAsNonRoot: true + {{- toYaml .Values.global.securityContext | nindent 12 }} + image: {{ include "osm.webhookTranslator.image" . }} + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 80 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + envFrom: + - configMapRef: + name: {{ include "osm.fullname" . }}-webhook-configmap + - secretRef: + name: {{ include "osm.fullname" . }}-webhook-secret + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml new file mode 100644 index 00000000..e11022c7 --- /dev/null +++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-secret.yaml @@ -0,0 +1,32 @@ +{{- if not .Values.global.oldServiceAssurance -}} +{{- if .Values.webhookTranslator.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: v1 +kind: Secret +type: Opaque +metadata: + name: {{ include "osm.fullname" . }}-webhook-secret + labels: + {{- include "osm.labels" . | nindent 4 }} +data: + # AIRFLOW_USER: {{ randAlphaNum 32 | b64enc | quote }} + AIRFLOW_USER: {{ "admin" | b64enc | quote }} + # AIRFLOW_PASS: {{ randAlphaNum 32 | b64enc | quote }} + AIRFLOW_PASS: {{ "admin" | b64enc | quote }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/docker/osm_pods/webhook-translator.yaml b/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml similarity index 58% rename from installers/docker/osm_pods/webhook-translator.yaml rename to installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml index eb41f589..97a426f0 100644 --- a/installers/docker/osm_pods/webhook-translator.yaml +++ b/installers/helm/osm/templates/webhook_translator/webhook-translator-service.yaml @@ -1,3 +1,5 @@ +{{- if not .Values.global.oldServiceAssurance -}} +{{- if .Values.webhookTranslator.enabled -}} ####################################################################################### # Copyright ETSI Contributors and Others. # @@ -14,42 +16,21 @@ # See the License for the specific language governing permissions and # limitations under the License. ####################################################################################### - apiVersion: v1 kind: Service -metadata: - name: webhook-translator -spec: - ports: - - nodePort: 9998 - port: 80 - targetPort: 80 - selector: - app: webhook-translator - type: NodePort ---- -apiVersion: apps/v1 -kind: Deployment metadata: name: webhook-translator labels: - app: webhook-translator + {{- include "osm.labels" . | nindent 4 }} spec: - replicas: 1 + type: {{ .Values.webhookTranslator.service.type }} + ports: + - nodePort: {{ .Values.webhookTranslator.service.nodePort }} + port: 80 + targetPort: 80 + protocol: TCP selector: - matchLabels: - app: webhook-translator - template: - metadata: - labels: - app: webhook-translator - spec: - containers: - - name: webhook-translator - image: gerardogarcia/webhook-translator:13 - ports: - - containerPort: 80 - protocol: TCP - envFrom: - - secretRef: - name: webhook-translator-secret + app.kubernetes.io/component: webhook-translator + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/docker/osm_pods/zookeeper.yaml b/installers/helm/osm/templates/zookeeper/zookeeper-service.yaml similarity index 54% rename from installers/docker/osm_pods/zookeeper.yaml rename to installers/helm/osm/templates/zookeeper/zookeeper-service.yaml index 0e31ed48..0b761f4e 100644 --- a/installers/docker/osm_pods/zookeeper.yaml +++ b/installers/helm/osm/templates/zookeeper/zookeeper-service.yaml @@ -1,4 +1,6 @@ -# Copyright 2019 TATA ELXSI +{{- if .Values.zookeeper.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -11,42 +13,22 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or # implied. # See the License for the specific language governing permissions and -# limitations under the License - +# limitations under the License. +####################################################################################### apiVersion: v1 kind: Service metadata: name: zookeeper + labels: + {{- include "osm.labels" . | nindent 4 }} spec: + type: ClusterIP clusterIP: None ports: - - port: 2181 - protocol: TCP - targetPort: 2181 - selector: - app: zookeeper - type: ClusterIP ---- -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: zookeeper - labels: - app: zookeeper -spec: - replicas: 1 - serviceName: zookeeper + - port: {{ .Values.zookeeper.service.port }} + targetPort: 2181 + protocol: TCP selector: - matchLabels: - app: zookeeper - template: - metadata: - labels: - app: zookeeper - spec: - containers: - - name: zookeeper - image: wurstmeister/zookeeper:latest - ports: - - containerPort: 2181 - protocol: TCP + app.kubernetes.io/component: zookeeper + {{- include "osm.selectorLabels" . | nindent 4 }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml b/installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml new file mode 100644 index 00000000..a4ed2ec1 --- /dev/null +++ b/installers/helm/osm/templates/zookeeper/zookeeper-statefulset.yaml @@ -0,0 +1,74 @@ +{{- if .Values.zookeeper.enabled -}} +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +apiVersion: apps/v1 +kind: StatefulSet +metadata: + name: zookeeper + labels: + {{- include "osm.labels" . | nindent 4 }} +spec: + replicas: {{ .Values.zookeeper.replicaCount | default .Values.global.replicaCount }} + serviceName: zookeeper + selector: + matchLabels: + app.kubernetes.io/component: zookeeper + {{- include "osm.selectorLabels" . | nindent 6 }} + template: + metadata: + {{- with .Values.global.podAnnotations }} + annotations: + {{- toYaml . | nindent 8 }} + {{- end }} + labels: + app.kubernetes.io/component: zookeeper + {{- include "osm.selectorLabels" . | nindent 8 }} + spec: + {{- with .Values.global.imagePullSecrets }} + imagePullSecrets: + {{- toYaml . | nindent 8 }} + {{- end }} + serviceAccountName: {{ include "osm.serviceAccountName" . }} + containers: + - name: zookeeper + securityContext: + # readOnlyRootFilesystem: true + allowPrivilegeEscalation: false + # runAsNonRoot: true + image: wurstmeister/zookeeper:latest + imagePullPolicy: {{ .Values.global.image.pullPolicy }} + ports: + - containerPort: 2181 + protocol: TCP + resources: + limits: + memory: 1024Mi + requests: + memory: 128Mi + {{- with .Values.global.nodeSelector }} + nodeSelector: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.affinity }} + affinity: + {{- toYaml . | nindent 8 }} + {{- end }} + {{- with .Values.global.tolerations }} + tolerations: + {{- toYaml . | nindent 8 }} + {{- end }} +{{- end }} \ No newline at end of file diff --git a/installers/helm/osm/values.yaml b/installers/helm/osm/values.yaml new file mode 100644 index 00000000..65c4406a --- /dev/null +++ b/installers/helm/osm/values.yaml @@ -0,0 +1,211 @@ +####################################################################################### +# Copyright ETSI Contributors and Others. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or +# implied. +# See the License for the specific language governing permissions and +# limitations under the License. +####################################################################################### +# Default values for osm. +# This is a YAML-formatted file. +# Declare variables to be passed into your templates. + +global: + replicaCount: 1 + + image: + repositoryBase: docker.io/opensourcemano + pullPolicy: IfNotPresent + # Overrides the image tag whose default is the chart appVersion. + tag: "13" + + imagePullSecrets: [] + nameOverride: "" + fullnameOverride: "" + + serviceAccount: + # Specifies whether a service account should be created + create: true + # Annotations to add to the service account + annotations: {} + # The name of the service account to use. + # If not set and create is true, a name is generated using the fullname template + name: "" + + podAnnotations: {} + + podSecurityContext: + # runAsUser: 1000 + # runAsGroup: 1000 + fsGroup: 1000 + + securityContext: + runAsUser: 1000 + + nodeSelector: {} + + tolerations: [] + + affinity: {} + + behindHttpProxy: false + httpProxy: {} + # HTTP_PROXY: + # HTTPS_PROXY: + # NO_PROXY: + + oldServiceAssurance: false + +certauth: + enabled: true + +grafana: + enabled: true + +kafka: + enabled: true + service: + port: 9092 + # replicaCount: 1 + +keystone: + enabled: true + service: + port: 5000 + image: {} + # repository: opensourcemano/keystone + # tag: "13" + # replicaCount: 1 + useOsmSecret: true + # secretName: "keystone-secret" + +lcm: + enabled: true + image: {} + # repository: opensourcemano/lcm + # tag: "13" + # replicaCount: 1 + useOsmSecret: true + # secretName: "lcm-secret" + config: + OSMLCM_VCA_CLOUD: "lxd-cloud" + OSMLCM_VCA_K8S_CLOUD: "k8scloud" + # OSMLCM_VCA_APIPROXY: "" + # OSMLCM_VCA_ENABLEOSUPGRADE: true + # OSMLCM_VCA_APTMIRROR: "http://archive.ubuntu.com/ubuntu/" + +mon: + enabled: true + service: + port: 8662 + image: {} + # repository: opensourcemano/mon + # tag: "13" + # replicaCount: 1 + useOsmSecret: true + # secretName: "mon-secret" + config: {} + # OS_NOTIFIER_URI: "http://DEFAULT_IP:8662" + +mysql: + enabled: true + # dbHostPath: "/var/lib/osm/osm" + service: + port: 3306 + # replicaCount: 1 + useOsmSecret: true + # secretName: "ro-db-secret" + +nbi: + enabled: true + service: + type: NodePort + port: 9999 + nodePort: 9999 + image: {} + # repository: opensourcemano/nbi + # tag: "13" + # replicaCount: 1 + useOsmSecret: true + # secretName: "nbi-secret" + +ngui: + enabled: true + service: + type: NodePort + port: 80 + nodePort: 80 + image: {} + # repository: opensourcemano/ng-ui + # tag: "13" + # replicaCount: 1 + +# pla module is disabled by default unless global.oldServiceAssurance and pla.enabled are set to true +pla: + enabled: false + image: {} + # repository: opensourcemano/pla + # tag: "13" + # replicaCount: 1 + +# pol module is disabled by default unless global.oldServiceAssurance and pol.enabled are set to true +pol: + enabled: true + image: {} + # repository: opensourcemano/pol + # tag: "13" + # replicaCount: 1 + useOsmSecret: true + # secretName: "pol-secret" + +prometheus: + enabled: true + service: + type: NodePort + nodePort: 9091 + # replicaCount: 1 + sidecarImage: {} + # repository: opensourcemano/ro + # tag: "13" + +ro: + enabled: true + service: + port: 9090 + image: {} + # repository: opensourcemano/ro + # tag: "13" + # replicaCount: 1 + useOsmSecret: true + # secretName: "ro-secret" + +vca: + enabled: true + # host: "" + # secret: "" + # cacert: "" + # pubkey: "" + +webhookTranslator: + enabled: true + service: + type: NodePort + nodePort: 9998 + image: {} + # repository: opensourcemano/webhook + # tag: "13" + # replicaCount: 1 + +zookeeper: + enabled: true + service: + port: 2181 + # replicaCount: 1 diff --git a/installers/helm/values/airflow-values.yaml b/installers/helm/values/airflow-values.yaml index 79473aad..e9144189 100644 --- a/installers/helm/values/airflow-values.yaml +++ b/installers/helm/values/airflow-values.yaml @@ -25,9 +25,14 @@ webserver: extraEnv: | - name: AIRFLOW__API__AUTH_BACKENDS value: 'airflow.api.auth.backend.basic_auth' -extraEnvFrom: | - - secretRef: - name: ngsa-secret + - name: OSMMON_DATABASE_COMMONKEY + valueFrom: + secretKeyRef: + name: osm-secret + key: OSM_DATABASE_COMMONKEY +# extraEnvFrom: | +# - secretRef: +# name: ngsa-secret config: core: dags_folder: "/home/airflow/.local/lib/python3.10/site-packages/osm_ngsa" diff --git a/installers/install_ngsa.sh b/installers/install_ngsa.sh index 30edc701..87f5daa1 100755 --- a/installers/install_ngsa.sh +++ b/installers/install_ngsa.sh @@ -31,6 +31,7 @@ function install_airflow() { sudo sed -i "s#defaultAirflowTag:.*#defaultAirflowTag: ${OSM_DOCKER_TAG}#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml echo "Updating Helm values file helm/values/airflow-values.yaml to use defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow" sudo sed -i "s#defaultAirflowRepository:.*#defaultAirflowRepository: ${DOCKER_REGISTRY_URL}${DOCKER_USER}/airflow#g" ${OSM_HELM_WORK_DIR}/airflow-values.yaml + if ! helm -n osm status airflow 2> /dev/null ; then # if it does not exist, create secrets and install kubectl -n osm create secret generic airflow-webserver-secret --from-literal="webserver-secret-key=$(python3 -c 'import secrets; print(secrets.token_hex(16))')" diff --git a/installers/osm_health.sh b/installers/osm_health.sh index 6c314fbd..077290be 100755 --- a/installers/osm_health.sh +++ b/installers/osm_health.sh @@ -47,6 +47,12 @@ failures_in_a_row=0 oks_in_a_row=0 +# Show status of the OSM services deployed with helm +echo "helm -n ${STACK_NAME} list" +helm -n ${STACK_NAME} list +echo "helm -n ${STACK_NAME} status ${STACK_NAME}" +helm -n ${STACK_NAME} status ${STACK_NAME} + #################################################################################### # Loop to check system readiness #################################################################################### -- 2.25.1