diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 03bbfd4825ec2d35c411b5bdd9242407010c1331..3787a3a10426e4b68004fc09bc4d40280e81c4f9 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -3,11 +3,11 @@ include: - local: ci-templates/build.yml rules: - - if: '$CI_COMMIT_REF_NAME == "main" || $CI_COMMIT_REF_NAME == "develop"' - + - if: '$CI_COMMIT_REF_NAME == "main" || $CI_COMMIT_REF_NAME == "develop" || $CI_COMMIT_REF_PROTECTED' + - local: ci-templates/build_unprotected.yml rules: - - if: '$CI_COMMIT_REF_NAME != "main" && $CI_COMMIT_REF_NAME != "develop"' + - if: '$CI_COMMIT_REF_NAME != "main" && $CI_COMMIT_REF_NAME != "develop" && !$CI_COMMIT_REF_PROTECTED' maven_build: diff --git a/ci-templates/default.yml b/ci-templates/default.yml index 95386c2ab20ca6a56f1d1fe7662937a6b2140aa7..bb0d5538bb3ecf2424bc1b9bdf05137db1eb8a46 100644 --- a/ci-templates/default.yml +++ b/ci-templates/default.yml @@ -6,8 +6,6 @@ stages: - security .default: - variables: - DEFAULT_VERSION: "1.0.0-SNAPSHOT" before_script: - | if [ "$CI_COMMIT_REF_NAME" = "main" ] && [ -n "$CI_COMMIT_TAG" ]; then @@ -15,5 +13,5 @@ stages: elif [ "$CI_COMMIT_REF_NAME" = "develop" ]; then export APP_VERSION="develop" else - export APP_VERSION=$DEFAULT_VERSION + export APP_VERSION=$CI_COMMIT_REF_NAME fi diff --git a/compose/docker-compose.yaml.configure b/compose/docker-compose.yaml.configure index e5b336d27331079feb3b528d9a46935dba5c380a..ef91ade0954af0c895c9f542a699f38845277944 100644 --- a/compose/docker-compose.yaml.configure +++ b/compose/docker-compose.yaml.configure @@ -106,10 +106,11 @@ services: "spring.activemq.user": "artemis", "spring.activemq.password": "artemis", "logging.level.org.springframework" : "INFO", + "logging.level.org.etsi.osl.portal.api": "INFO", "spring.portal.main.domain": "http://localhost", "spring.portal.portal.title": "Openslice", "server.forward-headers-strategy":"FRAMEWORK" - }' + }' logging: driver: "json-file" options: @@ -140,7 +141,7 @@ services: "spring.activemq.user": "artemis", "spring.activemq.password": "artemis", "logging.level.org.springframework" : "INFO" - }' + }' logging: driver: "json-file" options: @@ -168,7 +169,7 @@ services: "bugzillaurl":"", "bugzillakey":"", "main_operations_product":"" - }' + }' ports: - 13010:13010 networks: @@ -204,10 +205,11 @@ services: "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "artemis", "spring.activemq.password": "artemis", - "logging.level.org.springframework" : "INFO", + "logging.level.org.springframework" : "INFO", + "logging.level.org.etsi.osl.tmf.api" : "INFO", "kroki.serverurl" : "http://localhost/kroki", - "server.forward-headers-strategy":"FRAMEWORK" - }' + "server.forward-headers-strategy":"FRAMEWORK" + }' logging: driver: "json-file" options: @@ -234,14 +236,13 @@ services: image: labs.etsi.org:5050/osl/code/org.etsi.osl.osom:develop environment: SPRING_APPLICATION_JSON: '{ + "spring.datasource.url" : "jdbc:h2:/tmp/tempdb;DB_CLOSE_DELAY=-1", "spring.activemq.brokerUrl": "tcp://anartemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "artemis", "spring.activemq.password": "artemis", "logging.level.org.springframework" : "INFO", - "logging.level.org.etsi.osl.osom" : "INFO" - }' - volumes: - - ./repo:/root + "logging.level.org.etsi.osl.osom" : "INFO" + }' ports: - 13100:13100 networks: @@ -278,8 +279,13 @@ services: "spring.activemq.user": "artemis", "spring.activemq.password": "artemis", "logging.level.org.springframework" : "INFO", - "server.forward-headers-strategy":"FRAMEWORK" - }' + "server.forward-headers-strategy":"FRAMEWORK" + }' + logging: + driver: "json-file" + options: + max-size: "500m" + max-file: "3" volumes: - ./repo:/root ports: @@ -302,8 +308,13 @@ services: "spring.activemq.user": "artemis", "spring.activemq.password": "artemis", "logging.level.org.springframework" : "INFO", - "logging.level.org.etsi.osl.cridge" : "INFO" - }' + "logging.level.org.etsi.osl.cridge" : "INFO" + }' + logging: + driver: "json-file" + options: + max-size: "800m" + max-file: "3" networks: - front - back @@ -342,7 +353,7 @@ services: "spring.activemq.password": "artemis", "centrallogurl":"http://elk_ip:elk_port/index_name/_doc", "logging.level.org.springframework" : "INFO" - }' + }' ports: - 13013:13013 networks: diff --git a/compose/keycloak-init/realm-export.json b/compose/keycloak-init/realm-export.json index c0539ad38dce93628bb73e3bb85181c642976d66..f74761ad1204c69097b2b036d532a717fce21b75 100644 --- a/compose/keycloak-init/realm-export.json +++ b/compose/keycloak-init/realm-export.json @@ -5,9 +5,9 @@ "notBefore": 1586721661, "revokeRefreshToken": false, "refreshTokenMaxReuse": 0, - "accessTokenLifespan": 300, - "accessTokenLifespanForImplicitFlow": 900, - "ssoSessionIdleTimeout": 1800, + "accessTokenLifespan": 3600, + "accessTokenLifespanForImplicitFlow": 3600, + "ssoSessionIdleTimeout": 7200, "ssoSessionMaxLifespan": 36000, "ssoSessionIdleTimeoutRememberMe": 0, "ssoSessionMaxLifespanRememberMe": 0, diff --git a/kubernetes/helm/README.md b/kubernetes/helm/README.md index 89fbcbbdb2c053cd2bbf4748713c3a486f5b4270..b3459eb5a726dcd1e85b697d617c433a81a156e1 100644 --- a/kubernetes/helm/README.md +++ b/kubernetes/helm/README.md @@ -1,44 +1,32 @@ - # OpenSlice Installation Guide with Kubernetes ## Requirements ### Hardware requirements: -| **Minimum Hardware Requirements** | **Recomended Hardware Requirements** | +| **Minimum Hardware Requirements** | **Recommended Hardware Requirements** | | --------------------------------- | ------------------------------------ | | 4 CPU cores | 8 CPU cores | | 8 GB RAM | 16 GB RAM | -| 20 GB storage | 40 GB storage | +| 30 GB storage | 50 GB storage | ### Software Requirements: * **git:** For cloning the project repository. -* **Kubernetes:** A running cluster where OpenSlice will be deployed. +* **Kubernetes:** A running cluster where OpenSlice will be deployed. + * **Disclaimer:** The current manual setup of Persistent Volumes using `hostPath` is designed to operate with **only a single worker node**. This setup will not support data persistence if a pod is rescheduled to another node. * **Helm:** For managing the deployment of OpenSlice. -* **Ingress Controller:** Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource. An Ingress may be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. An Ingress controller is responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic. You must have an Ingress controller to satisfy an Ingress. +* **Ingress Controller:** Ingress exposes HTTP and HTTPS routes from outside the cluster to services within the cluster. Traffic routing is controlled by rules defined on the Ingress resource. An Ingress may be configured to give Services externally-reachable URLs, load balance traffic, terminate SSL / TLS, and offer name-based virtual hosting. An Ingress controller is responsible for fulfilling the Ingress, usually with a load balancer, though it may also configure your edge router or additional frontends to help handle the traffic. You must have an Ingress controller to satisfy an Ingress. * An Nginx ingress controller is required, which can be installed using [this guide](https://docs.nginx.com/nginx-ingress-controller/installation/installing-nic/installation-with-helm/). * If you use another type of ingress controller, you'll need to modify `[repo-root]/kubernetes/helm/openslice/templates/openslice-ingress.yaml` to conform to your ingress controller's requirements. * **Network Load Balancer:** Required for exposing the service (e.g., GCP, AWS, Azure, MetalLB). * **Domain/IP Address:** Necessary for accessing the application. This should be configured in `[repo-root]/kubernetes/helm/openslice/values.yaml` under `rooturl`. +### Additional Configuration + +* **Storage Class:** In a production environment, specify your `storageClass` in `[repo-root]/kubernetes/helm/openslice/values.yaml` under `storageClass`. If not defined, PVs will be created and managed manually. + * **Disclaimer:** Before deploying, confirm that your storage system supports claims of one 10G and two 1G volumes. + ## Preparing the environment ### 1. Setting Up A Kubernetes Cluster @@ -47,37 +35,33 @@ Refer to the official Kubernetes documentation for setting up a cluster. Ensure ### 2. Installing Helm Helm must be installed on your machine to deploy OpenSlice via Helm charts. Follow the [official Helm installation guide](https://helm.sh/docs/intro/install/). -## Downloading the Project +## Downloading the project -### 1. Create a New Folder to Download the Project +### 1. Create a new folder to download the project ```bash mkdir openslice cd openslice ``` -### 2. Download the Project Code +### 2. Download the project code Clone the project code from the GitLab repository. **Note:** This process will be simplified once the charts are published in the GitLab registry, requiring only the chart to be pulled. ```bash git clone https://labs.etsi.org/rep/osl/code/org.etsi.osl.main.git -cd kubernetes/helm/openslice/ +cd org.etsi.osl.main/kubernetes/helm/openslice/ ``` -### 3. Deploy the Helm Chart +### 3. Prerequisites before deployment -Before deploying the Helm chart, ensure you have configured the necessary components as detailed in the [Configure Helm Chart Services](#configure-helm-chart-services) section. By default, the `main` branch is selected for deployment. +Before deploying the Helm chart, ensure you have configured the necessary components as detailed in the following section, i.e. [Configure Helm Chart Services](#configure-helm-chart-services). By default, the `main` branch is selected for deployment. -We recommend using: -- The **main** branch for the most stable experience. -- The **develop** branch for access to the latest features. For the develop branch installation, it's strongly advisable to follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/). +We recommend: -Deploy OpenSlice with Helm: +* main branch for the most stable experience and +* develop branch for an experience with the latest features (for develop branch installation, it is strongly advisable that you may as well follow the [develop documentation](https://osl.etsi.org/documentation/develop/deployment/)) -```bash -helm install myopenslice . --namespace openslice --create-namespace -``` ## Configure Helm Chart Services @@ -99,7 +83,7 @@ oscreds: database: "keycloak" username: "keycloak" password: "password" - adminpassword: "keycloakadminpass" + adminpassword: "Pa55w0rd" portal: database: "osdb" username: "portaluser" @@ -138,17 +122,16 @@ oscreds: database: "keycloak" username: "keycloak" password: "password" - adminpassword: "keycloakadminpass" + adminpassword: "Pa55w0rd" ``` #### 4. Application and Logging Configuration -Application-specific configurations, such as OAuth client secrets and logging levels, can be set in the `spring` section: +Application-specific configurations, such as OAuth client secrets, can be set in the `spring` section: ```yaml spring: oauthClientSecret: "secret" - loglevel: "INFO" ``` #### 5. Ingress and Root URL @@ -172,46 +155,58 @@ mysql: ## Configure Web UI -In folder `kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js` edit the `config.js.default` configuration file with your configuration. +In folder `kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js` you must make a copy of `config.js.default` file and rename it to `config.js`. + +This is **mandatory** for the configuration file to be discoverable. +Edit the `config.js` configuration file with your static configuration, if needed. ``` -{ - TITLE: "Openslice demo", - WIKI: "{{ .Values.rooturl }}", - BUGZILLA: "{{ .Values.rooturl }}/bugzilla/", - STATUS: "{{ .Values.rooturl }}/", - APIURL: "{{ .Values.rooturl }}", - WEBURL: "{{ .Values.rooturl }}/nfvportal", - APIOAUTHURL: "{{ .Values.rooturl }}/auth/realms/openslice", - APITMFURL: "{{ .Values.rooturl }}/tmf-api/serviceCatalogManagement/v4" +{ + TITLE: "OpenSlice by ETSI", + WIKI: "https://osl.etsi.org/documentation/", + BUGZILLA: "{{ .Values.rooturl }}/bugzilla", + STATUS: "{{ .Values.rooturl }}/status", + APIURL: "{{ .Values.rooturl }}", + WEBURL: "{{ .Values.rooturl }}/nfvportal", + APIOAUTHURL: "{{ .Values.rooturl }}/auth/realms/openslice", + APITMFURL: "{{ .Values.rooturl }}/tmf-api/serviceCatalogManagement/v4" } ``` -Rename `config.js.default` to `config.js`. This is **mandatory** for the configuration file to be discoverable. + ## Configure TMF Web UI In the folder `kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config` there are 3 files available for configuration: -* config.prod.json (Basic information + API configuration) -* theming.scss (CSS color palette theming) -* config.theming.json (HTML configuration - Logo, Favicon, Footer) +* config.prod.default.json (Basic information + API configuration) +* theming.default.scss (CSS color palette theming) +* config.theming.default.json (HTML configuration - Logo, Favicon, Footer) +You must make a copy of files: -The first 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice. -Therefore, ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. -Default versions of such files exist in this path, which must be renamed to not include the `.default` suffix, before deploying OpenSlice. +* `config.prod.default.json` and rename it to `config.prod.json` +* `theming.default.scss` and rename it to `theming.scss` -E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. +The 2 files above (i.e. config.prod.json, theming.scss) are essential for the successful deployment of OpenSlice, and executing the above steps is **mandatory** for the configuration files to be discoverable. + +Ensure that you check the `config.prod.json` and `theming.scss` files and readjust to your deployment if needed. + +```bash +# Starting from the root project directory +cd kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config +``` + +E.g. You may edit "TITLE", "WIKI", etc properties with your domain title. Also configure TMF's API and Keycloak's location for the web application, if needed. ``` { "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2024-Q2 1.0.0-SNAPSHOT", + "PORTALVERSION":"2024Q2", "WIKI": "https://osl.etsi.org/documentation", "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "http://status.localhost/", + "STATUS": "{BASEURL}/status/", "WEBURL": "{BASEURL}", "PORTAL_REPO_APIURL": "{BASEURL}/osapi", "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", @@ -239,9 +234,9 @@ E.g. Edit "TITLE", "WIKI", etc properties with your domain title. Also configure } ``` -> The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of Openslice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". +> The {BASEURL} placeholder in the file automatically detects the Origin (Protocol://Domain:Port) of the deployment and applies it to every respective property. E.g. If you are attempting a local deployment of OpenSlice, then {BASEURL} is automatically translated to "http://localhost". Similarly, you may use {BASEURL} to translate to a public deployment configuration, e.g. "https://portal.openslice.io". -If further customization, apart from the default provided, is needed for branding (Logo, Footer) then `config.theming.json` needs to be created in io.openslice.tmf.web/src/assets/config directory, as follows: +If further customization, apart from the default provided, is needed for branding (Logo, Footer) then `config.theming.json` needs to be created in kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config directory, as follows: ```bash # Starting from the root project directory @@ -251,13 +246,11 @@ cd kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config ```bash sudo cp config.theming.default.json config.theming.json ``` -#This seems irrelevant now. -> ***IMPORTANT NOTE:*** -If you want to apply changes to the JSON configuration files without the need to rebuild the application, you have to apply the changes at the `org.etsi.osl.tmf.web/dist/io-openslice-portal-web/assets/config` directory. Although, it is mandatory to also apply these changes to the `org.etsi.osl.tmf.web/src/assets/config` for persistancy, as after any future rebuild of OpenSlice the `/dist` directory is being overwritten along with its contents. The OpenSlice team strongly recommends to always apply your changes to the TMF web UI configuration files at `org.etsi.osl.tmf.web/src/assets/config` and rebuild the application. + ### 3. Deploy the Helm Chart -After configuring the services, and editing the docker compose file accordingly, the docker compose instantiation command can be performed. +After configuring the services, and editing the `values.yaml` file accordingly, the helm install command can be performed. ```bash cd kubernetes/helm/openslice/ @@ -268,65 +261,67 @@ helm install myopenslice . --namespace openslice --create-namespace In a Kubernetes environment, you can monitor the status of your deployments and containers using `kubectl`, the Kubernetes command-line tool, which provides powerful capabilities for inspecting the state of resources in your cluster. - -## Post installation steps - -After the successful deployment of OpenSlice, to ensure the E2E user experience, **this section is mandatory**. It contains crucial configuration in regard of authentication and user creation. - ### Checking the Status of your application's deployment To check the status of your deployment, use the following commands. The output should be similar: ```bash -kubectl get pods -n openslice -o wide - -NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES -activemq-59d4bfdb4b-bvjqr 1/1 Running 0 109s 192.168.43.97 kc-2 -bugzilla-client-7dd7cb47cb-8qb8m 1/1 Running 0 100s 192.168.12.114 kc-3 -centrallog-95bbf7867-k8fpt 1/1 Running 0 100s 192.168.12.107 kc-3 -consul-b5dd76b76-64dzk 1/1 Running 0 107s 192.168.43.90 kc-2 -keycloak-7c5b6bbc95-k2qfl 1/1 Running 0 105s 192.168.12.106 kc-3 -manoclient-95f68f4c9-c9t6r 1/1 Running 0 104s 192.168.12.113 kc-3 -mysql-portal-0 1/1 Running 0 107s 192.168.43.99 kc-2 -osom-6d548cf555-q8ptj 1/1 Running 0 104s 192.168.43.93 kc-2 -osportalapi-5fff744db8-5g4zs 1/1 Running 0 103s 192.168.43.98 kc-2 -osscapi-6d68b54d97-jn8tz 0/1 Running 0 102s 192.168.12.104 kc-3 -portalweb-8469d57df4-94tfj 1/1 Running 0 101s 192.168.48.44 kc-nfs -tmfweb-868f7bb9c5-x4lfh 1/1 Running 0 102s 192.168.48.43 kc-nfs +kubectl get pods -n openslice + +NAME READY UP-TO-DATE AVAILABLE AGE +myopenslice-artemis 1/1 1 1 6m28s +myopenslice-blockdiag 1/1 1 1 6m28s +myopenslice-bugzilla 1/1 1 1 6m28s +myopenslice-centrallog 1/1 1 1 6m28s +myopenslice-cridge 1/1 1 1 6m28s +myopenslice-keycloak 1/1 1 1 6m28s +myopenslice-kroki 1/1 1 1 6m28s +myopenslice-manoclient 1/1 1 1 6m28s +myopenslice-oasapi 1/1 1 1 6m28s +myopenslice-osom 1/1 1 1 6m28s +myopenslice-osportalapi 1/1 1 1 6m28s +myopenslice-osscapi 1/1 1 1 6m28s +myopenslice-portalweb 1/1 1 1 6m28s +myopenslice-tmfweb 1/1 1 1 6m28s ``` ```bash -kubectl get deployments -n openslice -o wide - -NAME READY UP-TO-DATE AVAILABLE AGE CONTAINERS IMAGES SELECTOR -activemq 1/1 1 1 2m15s anactivemq webcenter/activemq:5.14.3 org.etsi.osl.service=activemq -bugzilla-client 1/1 1 1 2m6s bugzilla-client openslice/org.etsi.osl.bugzilla:latest org.etsi.osl.service=bugzilla-client -centrallog 1/1 1 1 2m6s centrallog openslice/org.etsi.osl.centrallog.service org.etsi.osl.service=centrallog -consul 1/1 1 1 2m13s aconsul consul org.etsi.osl.service=consul -keycloak 1/1 1 1 2m11s keycloak quay.io/keycloak/keycloak:11.0.3 org.etsi.osl.service=keycloak -manoclient 1/1 1 1 2m10s manoclient openslice/org.etsi.osl.mano:latest org.etsi.osl.service=manoclient -osom 1/1 1 1 2m10s openslice-osom openslice/org.etsi.osl.osom:latest org.etsi.osl.service=osom -osportalapi 1/1 1 1 2m9s openslice-portalapi openslice/org.etsi.osl.portal.api:latest org.etsi.osl.service=osportalapi -osscapi 1/1 1 1 2m8s openslice-scapi openslice/org.etsi.osl.tmf.api:latest org.etsi.osl.service=osscapi -portalweb 1/1 1 1 2m7s openslice-portalweb openslice/org.etsi.osl.portal.web:latest org.etsi.osl.service=portalweb -tmfweb 1/1 1 1 2m8s openslice-tmfweb openslice/org.etsi.osl.tmf.web:latest org.etsi.osl.service=tmfweb +kubectl get deployments -n openslice + +NAME READY UP-TO-DATE AVAILABLE AGE +myopenslice-artemis 1/1 1 1 7m17s +myopenslice-blockdiag 1/1 1 1 7m17s +myopenslice-bugzilla 1/1 1 1 7m17s +myopenslice-centrallog 1/1 1 1 7m17s +myopenslice-cridge 1/1 1 1 7m17s +myopenslice-keycloak 1/1 1 1 7m17s +myopenslice-kroki 1/1 1 1 7m17s +myopenslice-manoclient 1/1 1 1 7m17s +myopenslice-oasapi 1/1 1 1 7m17s +myopenslice-osom 1/1 1 1 7m17s +myopenslice-osportalapi 1/1 1 1 7m17s +myopenslice-osscapi 1/1 1 1 7m17s +myopenslice-portalweb 1/1 1 1 7m17s +myopenslice-tmfweb 1/1 1 1 7m17s ``` ```bash -kubectl get services -n openslice -o wide - -NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE SELECTOR -activemq ClusterIP 10.111.160.120 8161/TCP,61616/TCP 2m22s org.etsi.osl.service=activemq -bugzilla-client ClusterIP 10.101.43.28 13010/TCP 2m14s org.etsi.osl.service=bugzilla-client -centrallog ClusterIP 10.109.15.151 13013/TCP 2m14s org.etsi.osl.service=centrallog -consul ClusterIP 10.101.103.240 8500/TCP,8600/TCP 2m21s org.etsi.osl.service=consul -keycloak ClusterIP 10.110.216.62 8080/TCP,8443/TCP 2m19s org.etsi.osl.service=keycloak -manoclient ClusterIP 10.108.112.84 13011/TCP 2m18s org.etsi.osl.service=manoclient -mysql-portal ClusterIP None 3306/TCP 2m19s org.etsi.osl.service=mysql-portal -osom ClusterIP 10.105.173.85 13100/TCP 2m18s org.etsi.osl.service=osom -osportalapi ClusterIP 10.104.121.164 13000/TCP 2m17s org.etsi.osl.service=osportalapi -osscapi ClusterIP 10.108.6.161 13082/TCP 2m16s org.etsi.osl.service=osscapi -portalweb ClusterIP 10.97.126.98 80/TCP 2m15s org.etsi.osl.service=portalweb -tmfweb ClusterIP 10.98.56.82 80/TCP 2m15s org.etsi.osl.service=tmfweb +kubectl get services -n openslice + +NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE +myopenslice-artemis ClusterIP 10.101.128.223 8161/TCP,61616/TCP,61613/TCP 7m43s +myopenslice-blockdiag ClusterIP 10.109.196.90 8001/TCP 7m43s +myopenslice-bugzilla ClusterIP 10.107.10.101 13010/TCP 7m43s +myopenslice-centrallog ClusterIP 10.109.84.33 13013/TCP 7m43s +myopenslice-keycloak ClusterIP 10.104.172.73 8080/TCP,8443/TCP 7m43s +myopenslice-kroki ClusterIP 10.106.92.111 8000/TCP 7m43s +myopenslice-manoclient ClusterIP 10.100.143.154 13011/TCP 7m43s +myopenslice-mysql ClusterIP 10.108.206.75 3306/TCP 7m43s +myopenslice-oasapi ClusterIP 10.100.107.66 13101/TCP 7m43s +myopenslice-osom ClusterIP 10.97.88.133 13100/TCP 7m43s +myopenslice-osportalapi ClusterIP 10.111.212.76 13000/TCP 7m43s +myopenslice-osscapi ClusterIP 10.101.84.220 13082/TCP 7m43s +myopenslice-portalweb ClusterIP 10.101.16.112 80/TCP 7m43s +myopenslice-tmfweb ClusterIP 10.101.157.185 80/TCP 7m43s ``` ### Accessing Logs for Troubleshooting @@ -337,19 +332,23 @@ If a pod is not in the expected state, you can access its logs for troubleshooti kubectl logs -n openslice ``` +## Post installation steps + +After the successful deployment of OpenSlice, to ensure the E2E user experience, **this section is mandatory**. It contains crucial configuration in regard of authentication and user creation. + ### Configure Keycloak server -The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via the ingress resource under http:///auth. +The Keycloack server is managing authentication and running on a container at port 8080. It is also proxied to your host via the ingress resource under http://your-domain/auth. -- Navigate to http:///auth/ or https:///auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy) +- Navigate to http://your-domain/auth/ or https://your-domain/auth/, (http://ipaddress:8080/auth/ or https://ipaddress:8443/auth/ which are directly accessible without proxy) - Navigate to Administration Console - Login with the credentials from section [Keycloak Configuration](#3-keycloak-configuration). Default values are: - user: admin - - password: KEYCLOAK_PASSWORD + - password: Pa55w0rd -> if you are running in HTTP you will get a message: HTTPS required. +> This applies only if you are running in HTTP and get a message: HTTPS required. To resolve this issue when running in HTTP: @@ -360,141 +359,25 @@ To resolve this issue when running in HTTP: > If you are running in HTTPS, then "Require SSL" can be left unchanged to external requests. -#### 1. Configure redirects +#### 1. Configure email -Navigate to realm Openslice > client > osapiWebClientId and change the Root URL to your domain. - -Also, insert your domain, e.g. http://example.org/*, at: -* Valid Redirect URIs -* Web Origins +Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal. -#### 2. Configure email +Navigate to realm Openslice > Realm Settings > Login Tab > check User registration, Verify email, Forgot password etc. -Keycloak allows new users to register. Subsequently, this will also allow new users to register to the OpenSlice portal. +Finally, enter the details of the mail server at the Email Tab. -On Tab Login > check User registration, Verify email, Forgot password etc. +> Email configuration is optional for test runs, but if not provided the above functionalities (e.g. external user registration) will not be possible. -Also, enter the details on Realm > Email > Enable Authentication. -#### 3. Add an OpenSlice admin user +#### 2. Add an OpenSlice admin user This step is mandatory so as to access the OpenSlice Web UI. To add an OpenSlice admin user you must: -- Navigate to manage/users and add an OpenSlice admin user, e.g. username=admin. +- Navigate to realm Openslice > Users > Add user - Set a password -- Navigate to Role Mappings and add ADMIN and MENTOR to Assigned Roles. - -> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Roles ADMIN and MENTOR guarantee full access through the Openslice UI, thus such a user is always required. - -***IMPORTANT: The following is not currently supported in Kubernetes installation.** -### Keycloak at localhost - -> **This is an important step if you run Keycloak on localhost!** - -1 - Edit your Hosts File, adding the line below - -```127.0.0.1 keycloak``` - -Hosts File Location: - - - In Linux/Unix, the file's location is at /etc/hosts - - - In Windows, its location is at c:\Windows\System32\Drivers\etc\hosts - -2 - Replace http://localhost/auth/ with http://keycloak:8080/auth/ in your Keycloak config for AngularJS and Angular (see examples below). - - -> Explanation - -Nginx uses the http://keycloak:8080 URL, which is accessible via the internal docker system's network. -The Front-end (TS/Angular) shall also use the http://keycloak:8080. -This way, you will not get the invalid token error, as the API is acquiring the token from http://keycloak:8080 (internally) and the Front-end is getting verified by an issuer at the same URL, as well. - - - -2.1 - For the Angular configuration (TMF portal UI), navigate to org.etsi.osl.tmf.web/src/assets/config and edit config.prod.json - -```bash -# Starting from the root project directory -cd org.etsi.osl.tmf.web/src/assets/config -``` - -```bash -nano config.prod.json -``` - -After editing it should look like the example bellow: - -```yaml -{ - "TITLE": "OpenSlice by ETSI", - "PORTALVERSION":"2023-Q3 1.2.0-SNAPSHOT", - "WIKI": "https://openslice.readthedocs.io/en/stable/", - "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "http://status.localhost/", - "WEBURL": "{BASEURL}", - "PORTAL_REPO_APIURL": "{BASEURL}/osapi", - "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", - "APITMFURL": "{BASEURL}/tmf-api", - "OAUTH_CONFIG" : { - "issuer": "http://keycloak:8080/auth/realms/openslice", - "loginUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/auth", - "tokenEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/token", - "userinfoEndpoint": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/userinfo", - "redirectUri": "{BASEURL}/redirect", - "logoutUrl": "http://keycloak:8080/auth/realms/openslice/protocol/openid-connect/logout", - "postLogoutRedirectUri": "{BASEURL}", - - "responseType": "code", - "oidc": false, - "clientId": "osapiWebClientId", - "dummyClientSecret": "secret", - - "requireHttps": false, - "useHttpBasicAuth": true, - clearHashAfterLogin": false, - - "showDebugInformation": true - } -} -``` - -> Note the difference in changing {BASEURL} -> http://keycloak:8080 - -> If you want the changes to take place immediately without rebuilding the project, then repeat the process for org.etsi.osl.tmf.web/dist/org.etsi.osl.tmf.web/assets/config/config.prod.json - -2.2 - For the AngularJS configuration (NVF portal UI), navigate to org.etsi.osl.portal.web/src/js and edit config.js - -```bash -# Starting from the root project directory -cd org.etsi.osl.portal.web/src/js -``` - -```bash -nano config.js -``` - -after editing it should look like the example bellow: - -``` -var appConfig = angular.module('portalwebapp.config',[]); - - -appConfig.factory('APIEndPointService', function() { - return { - TITLE: "OpenSlice by ETSI", - WIKI: "https://openslice.readthedocs.io/en/stable/", - BUGZILLA: "ROOTURL/bugzilla/", - STATUS: "ROOTURL/status/", - APIURL: "http://localost:13000", - WEBURL: "ROOTURL/nfvportal", - APIOAUTHURL: "ROOTURL/auth/realms/openslice", - APITMFURL: "ROOTURL/tmf-api/serviceCatalogManagement/v4" - }; -}); -``` - -> Note the difference in "APIOAUTHURL" property +- Upon creation, navigate to Role Mappings and add ADMIN to Assigned Roles list +> That user is different from the Keycloak admin user. It is required to login and browse the OpenSlice Web UI. The Role ADMIN guarantee full access through the OpenSlice UI, thus such a user is always required. ### NFV Orchestrator Configuration diff --git a/kubernetes/helm/openslice/Chart.yaml b/kubernetes/helm/openslice/Chart.yaml index 4b6899eee6a1e5038d31bb3ed30f656b7d146700..18a24ba8dc405c6e9a6a28de01111afb5cea0697 100644 --- a/kubernetes/helm/openslice/Chart.yaml +++ b/kubernetes/helm/openslice/Chart.yaml @@ -15,9 +15,9 @@ type: application # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 0.1.0 +version: 1.0.0 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. -appVersion: 1.0.0-SNAPSHOT +appVersion: 2024Q2 diff --git a/kubernetes/helm/openslice/files/keycloak-init/realm-export.json b/kubernetes/helm/openslice/files/keycloak-init/realm-export.json index 60f208d4fb6c329781427cd471dbc811119b2943..0be17ce27cf1cb144b41ee61b22c774305645a33 100644 --- a/kubernetes/helm/openslice/files/keycloak-init/realm-export.json +++ b/kubernetes/helm/openslice/files/keycloak-init/realm-export.json @@ -5,9 +5,9 @@ "notBefore": 1586721661, "revokeRefreshToken": false, "refreshTokenMaxReuse": 0, - "accessTokenLifespan": 300, - "accessTokenLifespanForImplicitFlow": 900, - "ssoSessionIdleTimeout": 1800, + "accessTokenLifespan": 3600, + "accessTokenLifespanForImplicitFlow": 3600, + "ssoSessionIdleTimeout": 7200, "ssoSessionMaxLifespan": 36000, "ssoSessionIdleTimeoutRememberMe": 0, "ssoSessionMaxLifespanRememberMe": 0, diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js/config.js.default b/kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js/config.js.default index 1bb2f0f973ac6c7701c3e381c4750cdeea4c6dfa..be3cb6c45c945f14636252146d63010045a508a1 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js/config.js.default +++ b/kubernetes/helm/openslice/files/org.etsi.osl.portal.web/src/js/config.js.default @@ -2,10 +2,10 @@ var appConfig = angular.module('portalwebapp.config',[]); appConfig.factory('APIEndPointService', function() { return { - TITLE: "Openslice demo", - WIKI: "{{ .Values.rooturl }}", - BUGZILLA: "{{ .Values.rooturl }}/bugzilla/", - STATUS: "{{ .Values.rooturl }}/", + TITLE: "OpenSlice by ETSI", + WIKI: "https://osl.etsi.org/documentation/", + BUGZILLA: "{{ .Values.rooturl }}/bugzilla", + STATUS: "{{ .Values.rooturl }}/status", APIURL: "{{ .Values.rooturl }}", WEBURL: "{{ .Values.rooturl }}/nfvportal", APIOAUTHURL: "{{ .Values.rooturl }}/auth/realms/openslice", diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json index 4ef84f6695bfc035cd2fb5d850cf12d76305415f..1d0bb9bae6fc33f8c2d2839da0a01f52bd836247 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.prod.default.json @@ -1,9 +1,9 @@ { - "TITLE": "Openslice demo", - "PORTALVERSION":"2023-Q3 1.0.0-SNAPSHOT", - "WIKI": "https://openslice.readthedocs.io/en/stable/", + "TITLE": "OpenSlice by ETSI", + "PORTALVERSION":"2024Q2", + "WIKI": "https://osl.etsi.org/documentation", "BUGZILLA": "{BASEURL}/bugzilla/", - "STATUS": "{BASEURL}/", + "STATUS": "{BASEURL}/healthstatus/", "WEBURL": "{BASEURL}", "PORTAL_REPO_APIURL": "{BASEURL}/osapi", "ASSURANCE_SERVICE_MGMT_APIURL": "{BASEURL}/oas-api", @@ -12,6 +12,7 @@ "issuer": "{BASEURL}/auth/realms/openslice", "loginUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/auth", "tokenEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/token", + "userinfoEndpoint": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/userinfo", "redirectUri": "{BASEURL}/redirect", "logoutUrl": "{BASEURL}/auth/realms/openslice/protocol/openid-connect/logout", "postLogoutRedirectUri": "{BASEURL}", diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json index 99ecd967db377f1f78dc3bba51753a605e775159..0db3bf0e0708d7218a03f56c68434c7454345fd4 100644 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.json @@ -3,7 +3,7 @@ "DEPLOYMENT_LOGO_PATH":"assets/images/logo_clear.png", "DEFAULT_SERVICE_LOGO_PATH":"assets/images/logo_icon_original.png", "FAVICON_PATH":"favicon.ico", -"WHO_WE_ARE_HTML":"
openslice.io project | openslice.io
openslice.io an opensource OSS
Openslice demo | http://portal.openslice.io
A portal that allows 5G experimenters to deploy experiment descriptors towards the infrastructure.
Openslice demo wiki | https://openslice.readthedocs.io/en/stable/
A wiki containing project documentation.
Openslice demo Report Issues | http://portal.openslice.io/bugzilla/
Our issue tracking system.
", -"CONNECT_WITH_US_HTML":"
", -"FOOTER_HTML":"
openslice.io has received funding from
5GinFIRE | https://5ginfire.eu/ project from the European Horizon 2020 Programme for research, technological development and demonstration under grant agreement number 732497.
5G-VINNI project | https://5g-vinni.eu/ 5G-VINNI project has received funding from the European Horizon 2020 Programme for research, technological development and demonstration under grant agreement number 815279
Openslice demo running openslice.io version 1.1.0-SNAPSHOT| Data Protection Declaration | © 2019-2021 on behalf of openslice.io
" +"WHO_WE_ARE_HTML":"
ETSI SDG OpenSlice|https://osl.etsi.org
The ETSI Software Development Group for OpenSlice (SDG OSL) is developing an open source service based Operations Support System (OSS) to deliver Network Slice as a Service (NSaaS).
OpenSlice by ETSI|http://portal.openslice.io
A portal that allows 5G experimenters to design and deploy network services towards the infrastructure.
OpenSlice by ETSI wiki|https://osl.etsi.org/documentation
A wiki containing OpenSlice software documentation.
", +"CONNECT_WITH_US_HTML":"
", +"FOOTER_HTML":"
OpenSlice has received funding from various projects under European Programmes for research, technological development and demonstration. You may refer to our extensive ecosystem for further details.
Openslice by ETSI running OSL version 2024Q2 | Terms and Conditions | © 2024 on behalf of osl.etsi.org
" } diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.scss b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.scss deleted file mode 100644 index 54839f3b7f6ddf66c56ecfac1de0d715e776fb40..0000000000000000000000000000000000000000 --- a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/config.theming.default.scss +++ /dev/null @@ -1,149 +0,0 @@ -/* You can add global styles to this file, and also import other style files */ - -// @import "@angular/material/prebuilt-themes/indigo-pink.css"; - -@import "~@danielmoncada/angular-datetime-picker/assets/style/picker.min.css"; - -/* override bootstrap's 4 blue color */ -$primary: #428bca; -$secondary: #6c6c6c; - -@import "src/assets/config/theming.scss"; - -@import "~bootstrap/scss/bootstrap"; - -// .mat-chip-list-wrapper { -// flex-wrap: nowrap !important; -// } - -.mat-chip { - overflow: unset !important; - white-space: nowrap !important; -} - -* { - font-family: 'Open Sans', sans-serif; - font-weight: 300; -} - -h1, h2, h3, h4, h5, .h1, .h2, .h3, .h4, .h5 { - font-weight: 300 !important; -} - -.btn { - font-weight: 300 !important; -} - -.shadowed { - text-shadow: 4px 4px 6px #aaa; -} - -.shadowed-dark{ - text-shadow: 4px 4px 6px #513838; -} - -.universal-tooltip { - font-size: .9rem; - // width: 450px; -} - -mat-form-field.white-background .mat-form-field-wrapper .mat-form-field-flex .mat-form-field-outline { - background-color: #fff; - border-radius: 5px -} - -mat-form-field { - width: 100%; -} - -.jumbotron.jumbotron-small.jumbotron-list-container { - min-height: 345px; -} - - -.card.card-paper { - border-radius: 12px; - box-shadow: 0 6px 10px -4px rgba(0,0,0,.15); - background-color: #fff; - color: #252422; - margin-bottom: 20px; - position: relative; - border: 0; - transition: box-shadow .2s ease,-webkit-transform .3s cubic-bezier(.34,2,.6,1); - transition: transform .3s cubic-bezier(.34,2,.6,1),box-shadow .2s ease; - transition: transform .3s cubic-bezier(.34,2,.6,1),box-shadow .2s ease,-webkit-transform .3s cubic-bezier(.34,2,.6,1); -} - -.card.card-paper .card-header { - // padding: 15px 15px 0; - padding: 15px; - // border: 0; -} - -.card.card-paper .card-body { - padding: 15px 15px 0px; -} - -.card.card-paper .card-footer { - padding: 0px 15px 15px; - border: 0; - background: transparent; -} - -.card-stats { - font-size: .9rem; -} - -.card-stats i { - font-size: .8em; -} - -.filter-container mat-form-field.mat-form-field-appearance-outline .mat-form-field-wrapper { - padding: 0; -} - -.table.table-generic { - margin-bottom: 0; - // border: 1px solid #ddd; - // font-family:inherit; -} - -.table.table-generic th { - padding: .5rem; - font-weight: 600; - font-size: 0.9rem; -} - -.table.table-generic td { - vertical-align: middle; - padding: .5rem -} - -.mat-paginator { - font-weight: 600; -} - -mat-panel-title { - font-weight: bold; -} - -.nav-link.active mat-checkbox .mat-checkbox-layout .mat-checkbox-inner-container .mat-checkbox-frame { - border-color:#fff -} - -.nav-link mat-checkbox label { - margin-bottom: 0 ; -} - -.minh-30vh { - min-height: 30vh; -} - -html, body { height: 100%; } -body { margin: 0; font-family: Roboto, "Helvetica Neue", sans-serif; } - -@media screen and (min-width: 576px) { - .jumbotron.jumbotron-small { - padding: 2rem; - } - } \ No newline at end of file diff --git a/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/theming.default.scss b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/theming.default.scss new file mode 100644 index 0000000000000000000000000000000000000000..8e515db3e922c32fc2bbf203e8be8f8a1af0d2dc --- /dev/null +++ b/kubernetes/helm/openslice/files/org.etsi.osl.tmf.web/src/assets/config/theming.default.scss @@ -0,0 +1,22 @@ +/* Default theme */ + +$primary: #428bca; +$secondary: #6c6c6c; + +/* ------------------------------ */ +/* Predefined palette 1 theme */ + +/* $primary: rgba(0,45,126); */ +/* $secondary: #6c6c6c; */ + +/* ------------------------------ */ +/* Predefined palette 2 theme */ + +/* $primary: rgba(255, 124, 0); */ +/* $secondary: #6c6c6c; */ + +/* ------------------------------ */ +/* Predefined palette 3 theme */ + +/* $primary: rgba(247,1, 2); */ +/* $secondary: #6c6c6c; */ diff --git a/kubernetes/helm/openslice/templates/cridge-config.yaml b/kubernetes/helm/openslice/templates/cridge-config.yaml index a08ebd4510247017626150e9f5b5553d9417bbfc..2c62c9a4b728e1fbaef442af56fe08dd6a30d585 100644 --- a/kubernetes/helm/openslice/templates/cridge-config.yaml +++ b/kubernetes/helm/openslice/templates/cridge-config.yaml @@ -10,4 +10,4 @@ metadata: name: {{ include "openslice.fullname" . }}-cridge-kubeconfig data: config: |- - {{- .Files.Get "files/org.etsi.osl.cridge/kubeconfig.yaml" | nindent 4 }} + {{- .Files.Get "files/org.etsi.osl.cridge/config" | nindent 4 }} diff --git a/kubernetes/helm/openslice/templates/cridge.yaml b/kubernetes/helm/openslice/templates/cridge.yaml index 3b90404a5f87cce2bc5151ad8fb72393f8cc8405..5e558467581532ef544ef89545b3216cc76f99bf 100644 --- a/kubernetes/helm/openslice/templates/cridge.yaml +++ b/kubernetes/helm/openslice/templates/cridge.yaml @@ -39,8 +39,8 @@ spec: "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}", - "org.etsi.osl.cridge" : "{{ .Values.cridge.mode | default "DEBUG" }}" + "logging.level.org.springframework" : "{{ .Values.cridge.spring.logLevel | default "INFO" }}", + "logging.level.org.etsi.osl.cridge" : "{{ .Values.cridge.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/templates/kroki-ingress.yaml b/kubernetes/helm/openslice/templates/kroki-ingress.yaml new file mode 100644 index 0000000000000000000000000000000000000000..5127bdb12296565a01db48edf23d8da25c270674 --- /dev/null +++ b/kubernetes/helm/openslice/templates/kroki-ingress.yaml @@ -0,0 +1,23 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + namespace: {{ .Release.Namespace }} + labels: + app: {{ include "openslice.fullname" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + {{- include "openslice.labels" . | nindent 4 }} + annotations: + nginx.ingress.kubernetes.io/rewrite-target: "/$1" + name: {{ include "openslice.fullname" . }}-kroki-ingress +spec: + ingressClassName: nginx + rules: + - http: + paths: + - pathType: ImplementationSpecific + path: "/kroki/(.*)" + backend: + service: + name: {{ include "openslice.fullname" . }}-kroki + port: + number: 8000 diff --git a/kubernetes/helm/openslice/templates/kroki.yaml b/kubernetes/helm/openslice/templates/kroki.yaml index 3139d11f6a3c164693ec045c753586ec917ad651..5b34ae58df9ab87f202e7753f91e6423dc0beef3 100644 --- a/kubernetes/helm/openslice/templates/kroki.yaml +++ b/kubernetes/helm/openslice/templates/kroki.yaml @@ -32,7 +32,7 @@ spec: {{- toYaml .Values.resources | nindent 12 }} env: - name: KROKI_BLOCKDIAG_HOST - value: "blockdiag" + value: {{ include "openslice.fullname" . }}-blockdiag ports: - containerPort: 8000 restartPolicy: Always diff --git a/kubernetes/helm/openslice/templates/manoclient.yaml b/kubernetes/helm/openslice/templates/manoclient.yaml index 88fd7131a43fb6ea2a7ecf30084a872063294ca2..064c0c18b043595834c087cdf909ba8a2111dcf8 100644 --- a/kubernetes/helm/openslice/templates/manoclient.yaml +++ b/kubernetes/helm/openslice/templates/manoclient.yaml @@ -35,7 +35,7 @@ spec: "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}" + "logging.level.org.springframework" : "{{ .Values.manoclient.spring.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/templates/oasapi-pv-pvc.yaml b/kubernetes/helm/openslice/templates/oasapi-pv-pvc.yaml deleted file mode 100644 index 2e652f97e75766f58d371b3c45554421c311bc1f..0000000000000000000000000000000000000000 --- a/kubernetes/helm/openslice/templates/oasapi-pv-pvc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - namespace: {{ .Release.Namespace }} - labels: - app: {{ include "openslice.fullname" . }} - org.etsi.osl.service: oasapi - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- include "openslice.labels" . | nindent 4 }} - name: {{ include "openslice.fullname" . }}-oasapi-claim0 -spec: - storageClassName: {{ .Values.storageClass | default "oasapi-pv-manual" }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "1Gi" ---- -{{- if or (not .Values.storageClass) (eq .Values.storageClass "manual") }} -apiVersion: v1 -kind: PersistentVolume -metadata: - namespace: {{ .Release.Namespace }} - labels: - app: {{ include "openslice.fullname" . }} - org.etsi.osl.service: oasapi - type: local - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- include "openslice.labels" . | nindent 4 }} - name: {{ include "openslice.fullname" . }}-oasapi-pv-volume -spec: - storageClassName: "oasapi-pv-manual" - capacity: - storage: "1Gi" - accessModes: - - ReadWriteOnce - hostPath: - path: "/dockerdata-nfs/oasapi" -{{- end }} diff --git a/kubernetes/helm/openslice/templates/oasapi.yaml b/kubernetes/helm/openslice/templates/oasapi.yaml index c73b3df7afde260c8e74fafd0a8825a3d455e8d7..ea1ffac809c390158827a126f2b0773981ca252e 100644 --- a/kubernetes/helm/openslice/templates/oasapi.yaml +++ b/kubernetes/helm/openslice/templates/oasapi.yaml @@ -55,24 +55,17 @@ spec: "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}" + "logging.level.org.springframework" : "{{ .Values.oasapi.spring.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 13101 - volumeMounts: - - mountPath: /root - name: {{ include "openslice.fullname" . }}-oasapi-claim0 readinessProbe: httpGet: path: /oas-api/swagger-ui/index.html port: 13101 restartPolicy: Always - volumes: - - name: {{ include "openslice.fullname" . }}-oasapi-claim0 - persistentVolumeClaim: - claimName: {{ include "openslice.fullname" . }}-oasapi-claim0 --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/openslice-ingress.yaml b/kubernetes/helm/openslice/templates/openslice-ingress.yaml index a2c4b575a06fd55db1ad7e31cc047e1dd5c20c39..a5f731485acad1a42297e77910cf176a152cc576 100644 --- a/kubernetes/helm/openslice/templates/openslice-ingress.yaml +++ b/kubernetes/helm/openslice/templates/openslice-ingress.yaml @@ -1,6 +1,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress -metadata: +metadata: namespace: {{ .Release.Namespace }} labels: app: {{ include "openslice.fullname" . }} @@ -12,15 +12,17 @@ metadata: spec: ingressClassName: nginx rules: - - http: - paths: - {{- $root := . }} # Preserve the root context - {{- range .Values.ingress.paths }} - - pathType: Prefix - path: "{{ .path }}" - backend: - service: - name: {{ include "openslice.fullname" $root }}-{{ .service }} - port: - number: {{ .port }} - {{- end }} + - http: + paths: + {{- $root := . }} # Preserve the root context + {{- range .Values.ingress.paths }} + {{- if ne .path "/kroki/(.*)" }} + - pathType: ImplementationSpecific + path: "{{ .path }}" + backend: + service: + name: {{ include "openslice.fullname" $root }}-{{ .service }} + port: + number: {{ .port }} + {{- end }} + {{- end }} diff --git a/kubernetes/helm/openslice/templates/osom-pv-pvc.yaml b/kubernetes/helm/openslice/templates/osom-pv-pvc.yaml deleted file mode 100644 index 9c2c786068f5011f7b5b2427a25367582086e41f..0000000000000000000000000000000000000000 --- a/kubernetes/helm/openslice/templates/osom-pv-pvc.yaml +++ /dev/null @@ -1,39 +0,0 @@ -apiVersion: v1 -kind: PersistentVolumeClaim -metadata: - namespace: {{ .Release.Namespace }} - labels: - app: {{ include "openslice.fullname" . }} - org.etsi.osl.service: osom - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- include "openslice.labels" . | nindent 4 }} - name: {{ include "openslice.fullname" . }}-osom-claim0 -spec: - storageClassName: {{ .Values.storageClass | default "osom-pv-manual" }} - accessModes: - - ReadWriteOnce - resources: - requests: - storage: "100Mi" ---- -{{- if or (not .Values.storageClass) (eq .Values.storageClass "manual") }} -apiVersion: v1 -kind: PersistentVolume -metadata: - namespace: {{ .Release.Namespace }} - labels: - app: {{ include "openslice.fullname" . }} - org.etsi.osl.service: osom - type: local - chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" - {{- include "openslice.labels" . | nindent 4 }} - name: {{ include "openslice.fullname" . }}-osom-pv-volume -spec: - storageClassName: "osom-pv-manual" - capacity: - storage: "100Mi" - accessModes: - - ReadWriteOnce - hostPath: - path: "/dockerdata-nfs/osom" -{{- end }} diff --git a/kubernetes/helm/openslice/templates/osom.yaml b/kubernetes/helm/openslice/templates/osom.yaml index 12edc14626ad446a6114fec67e38954cd46e8bac..a7b758e9f0261aa75193f41faa349bd40a1a2b05 100644 --- a/kubernetes/helm/openslice/templates/osom.yaml +++ b/kubernetes/helm/openslice/templates/osom.yaml @@ -32,23 +32,17 @@ spec: - name: SPRING_APPLICATION_JSON value: >- { + "spring.datasource.url" : "{{ .Values.osom.spring.datasource.url | default "jdbc:h2:~/tempdb;DB_CLOSE_DELAY=-1" }}", "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}" + "logging.level.org.springframework" : "{{ .Values.osom.spring.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} ports: - containerPort: 13100 - volumeMounts: - - mountPath: /root - name: {{ include "openslice.fullname" . }}-osom-claim0 restartPolicy: Always - volumes: - - name: {{ include "openslice.fullname" . }}-osom-claim0 - persistentVolumeClaim: - claimName: {{ include "openslice.fullname" . }}-osom-claim0 --- apiVersion: v1 kind: Service diff --git a/kubernetes/helm/openslice/templates/osportalapi-pv-pvc.yaml b/kubernetes/helm/openslice/templates/osportalapi-pv-pvc.yaml index 3679ef541d48d67fc813b6fa5188d48bec9d35bb..cb3bc42eb2db961bccc9f98146178072b46db9c3 100644 --- a/kubernetes/helm/openslice/templates/osportalapi-pv-pvc.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi-pv-pvc.yaml @@ -14,7 +14,7 @@ spec: - ReadWriteOnce resources: requests: - storage: "100Mi" + storage: "1Gi" --- {{- if or (not .Values.storageClass) (eq .Values.storageClass "osportalapi-pv-volume") }} apiVersion: v1 @@ -31,7 +31,7 @@ metadata: spec: storageClassName: "osportalapi-pv-volume" capacity: - storage: "100Mi" + storage: "1Gi" accessModes: - ReadWriteOnce hostPath: diff --git a/kubernetes/helm/openslice/templates/osportalapi.yaml b/kubernetes/helm/openslice/templates/osportalapi.yaml index c84ee91f0b44ef930b1d4c510a9ce12a2b8b7556..8c2927c3116af756659c34645cdcad957b7b0500 100644 --- a/kubernetes/helm/openslice/templates/osportalapi.yaml +++ b/kubernetes/helm/openslice/templates/osportalapi.yaml @@ -56,7 +56,8 @@ spec: "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework" : "{{ .Values.spring.logLevel | default "INFO" }}" + "logging.level.org.springframework" : "{{ .Values.portalapi.spring.logLevel | default "INFO" }}", + "logging.level.org.etsi.osl.portal.api": "{{ .Values.portalapi.logLevel | default "INFO" }}" } resources: {{- toYaml .Values.resources | nindent 12 }} diff --git a/kubernetes/helm/openslice/templates/osscapi.yaml b/kubernetes/helm/openslice/templates/osscapi.yaml index e52a6b32f69513b09de3169b0780b39fdc7b56bf..cf96f7d26268efc80d2d38e727ce98290028802b 100644 --- a/kubernetes/helm/openslice/templates/osscapi.yaml +++ b/kubernetes/helm/openslice/templates/osscapi.yaml @@ -56,7 +56,7 @@ spec: "spring.activemq.brokerUrl": "tcp://{{ include "openslice.fullname" . }}-artemis:61616?jms.watchTopicAdvisories=false", "spring.activemq.user": "{{ .Values.oscreds.activemq.user }}", "spring.activemq.password": "{{ .Values.oscreds.activemq.password }}", - "logging.level.org.springframework": "{{ .Values.spring.logLevel | default "INFO" }}", + "logging.level.org.springframework": "{{ .Values.osscapi.spring.logLevel | default "INFO" }}", "kroki.serverurl":"{{ .Values.rooturl }}/kroki" } resources: diff --git a/kubernetes/helm/openslice/templates/portalweb-config.yaml b/kubernetes/helm/openslice/templates/portalweb-config.yaml index 35e9c505477b945c3aef7f422b769140cd9525b5..0ce4191dedd8d634c51cc0781e1afbf03ca6534e 100644 --- a/kubernetes/helm/openslice/templates/portalweb-config.yaml +++ b/kubernetes/helm/openslice/templates/portalweb-config.yaml @@ -10,5 +10,6 @@ metadata: {{- include "openslice.labels" . | nindent 4 }} data: config.js: | - {{- tpl (.Files.Get "files/org.etsi.osl.portal.web/src/js/config.js") . | nindent 4 }} + {{- $configJs := .Files.Get "files/org.etsi.osl.portal.web/src/js/config.js" | required "config.js is required" }} + {{ tpl $configJs . | nindent 4 }} \ No newline at end of file diff --git a/kubernetes/helm/openslice/templates/tmfweb-config.yaml b/kubernetes/helm/openslice/templates/tmfweb-config.yaml index 89a772799a3aa727afd0f51538c3e1617996c774..badce4153c45a9aa610586a3b2b66bac6302fd46 100644 --- a/kubernetes/helm/openslice/templates/tmfweb-config.yaml +++ b/kubernetes/helm/openslice/templates/tmfweb-config.yaml @@ -10,8 +10,10 @@ metadata: name: {{ include "openslice.fullname" . }}-tmfweb-config data: config.prod.json: | - {{- .Files.Get "files/org.etsi.osl.tmf.web/src/assets/config/config.prod.json" | nindent 4 }} + {{- $prodJson := .Files.Get "files/org.etsi.osl.tmf.web/src/assets/config/config.prod.json" | required "config.prod.json is required" }} + {{ $prodJson | nindent 4 }} config.theming.json: | {{- .Files.Get "files/org.etsi.osl.tmf.web/src/assets/config/config.theming.json" | nindent 4 }} - config.theming.scss: | - {{- .Files.Get "files/org.etsi.osl.tmf.web/src/assets/config/config.theming.scss" | nindent 4 }} + theming.scss: | + {{- $themingScss := .Files.Get "files/org.etsi.osl.tmf.web/src/assets/config/theming.scss" | required "theming.scss is required" }} + {{ $themingScss | nindent 4 }} diff --git a/kubernetes/helm/openslice/values.yaml b/kubernetes/helm/openslice/values.yaml index 2f6cccaa56be85aaecd3fa3e7a233e03a00f9a46..59e39e5b9701b38fe5fe6445b9ff4ad0caa94d18 100644 --- a/kubernetes/helm/openslice/values.yaml +++ b/kubernetes/helm/openslice/values.yaml @@ -14,17 +14,17 @@ image: repository: yuzutech/kroki-blockdiag pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "0.18.0" bugzilla: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.bugzilla pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" centrallog: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.centrallog.service pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" keycloak: repository: quay.io/keycloak/keycloak pullPolicy: Always @@ -34,27 +34,27 @@ image: repository: yuzutech/kroki pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "latest" + tag: "0.18.0" manoclient: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.mano pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" osom: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.osom pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" portalapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" osscapi: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.api pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" mysql: repository: mysql pullPolicy: Always @@ -64,22 +64,22 @@ image: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.oas pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" portalweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.portal.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" tmfweb: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.tmf.web pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" cridge: repository: labs.etsi.org:5050/osl/code/org.etsi.osl.cridge pullPolicy: Always # Overrides the image tag whose default is the chart appVersion. - tag: "develop" + tag: "2024Q2_RC" bugzillaurl: example.com:443/bugzilla bugzillakey: VH2Vw0iI5aYgALFFzVDWqhACwt6Hu3bXla9kSC1Z @@ -99,7 +99,7 @@ oscreds: database: keycloak username: keycloak password: password - adminpassword: keycloakadminpass + adminpassword: Pa55w0rd portal: database: osdb username: portaluser @@ -107,14 +107,38 @@ oscreds: spring: oauthClientSecret: secret - loglevel: INFO mysql: storage: 10Gi cridge: - mode: "DEBUG" - + logLevel: INFO + spring: + loglevel: INFO + +portalapi: + logLevel: INFO + spring: + loglevel: INFO + +manoclient: + spring: + loglevel: INFO + +oasapi: + spring: + loglevel: INFO + +osom: + spring: + loglevel: INFO + datasource: + url: "jdbc:h2:/tmp/tempdb;DB_CLOSE_DELAY=-1" + +osscapi: + spring: + loglevel: INFO + # Storage class to be used for provisioning. Default is manual # storageClass: ~ @@ -161,6 +185,9 @@ ingress: - path: "/auth" service: "keycloak" port: 8080 + - path: "/kroki/(.*)" + service: "kroki" + port: 8000 - path: "/osapi" service: "osportalapi" port: 13000 diff --git a/pom.xml b/pom.xml index 9e83d373074293a38bf7a59310b7a0343e66d2bd..b22ca3a80a9b3bb430d1024fae9c3513dc099d4d 100644 --- a/pom.xml +++ b/pom.xml @@ -5,7 +5,7 @@ org.etsi.osl org.etsi.osl.main - 1.0.0-SNAPSHOT + 1.0.0 pom org.etsi.osl.main @@ -33,24 +33,24 @@ 1.7.0 - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT - 1.0.0-SNAPSHOT + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0 + 1.0.0