Merge branch 'WIFI-2434' of https://github.com/Telecominfraproject/wlan-cloud-helm into WIFI-2434

* make all container images configurable and default to tip-docker-cache-repo.jfrog.io registry

CHANGELOG.md

@@ -12,6 +12,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - export servo MBeans with JMX Prometheus exporter [#65](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/65)
 - render post-deployment message [#73](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/73)
 
+### Changed
+
+- migrate to networking.k8s.io/v1 API version for Ingress resources [#74](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/74)
+
 ## [1.0.1] - 2021-04-12
 
 ### Changed
@@ -22,6 +26,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - correct SQL and CQL schema URLs
 
+### Changed
+
+- make images for all init containers configurable [#67](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/67)
+
 ## [1.0.0] - 2021-04-01
 
 ### Added
@@ -34,6 +42,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - improved kafka setup templating [#53](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/53)
 - improved values.yaml [#53](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/53)
 - improved default values and added yaml anchors [#54](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/54)
+- make SSC service able to reconnect to Cassandra [#70](https://github.com/Telecominfraproject/wlan-cloud-helm/pull/70)
 
 ### Removed
 

tip-wlan/charts/opensync-gw-cloud/templates/deployment.yaml

@@ -29,7 +29,7 @@ spec:
       initContainers:
         {{- include "jmxPrometheus.initContainer" . | nindent 8 }}
         - name: wait-for-services
-          image: opsfleet/depends-on:latest
+          image: {{ .Values.waitForServicesImage.registry }}/{{ .Values.waitForServicesImage.repository }}:{{ .Values.waitForServicesImage.tag }}
           args:
           - "-service={{ .Release.Name }}-opensync-mqtt-broker"
           - "-service={{ .Release.Name }}-wlan-prov-service"
@@ -37,7 +37,7 @@ spec:
           - -check_interval=5
       {{- if .Values.global.integratedDeployment }}
         - name: {{ include "common.name" . }}-readiness-int-cloud
-          image: alpine
+          image: {{ .Values.intCloudReadiness.registry }}/{{ .Values.intCloudReadiness.repository }}:{{ .Values.intCloudReadiness.tag }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           command:
           - sh

tip-wlan/charts/opensync-gw-cloud/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/opensync-gw-cloud/values.yaml

@@ -11,7 +11,22 @@ replicaCount: 1
 
 image:
   name: opensync-gateway-cloud
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+waitForServicesImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: opsfleet/depends-on
+  tag: v1.0.0
+
+intCloudReadinessImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/opensync-gw-static/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/opensync-gw-static/values.yaml

@@ -11,7 +11,12 @@ replicaCount: 1
 
 image:
   name: opensync-gateway-static
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/opensync-mqtt-broker/templates/statefulset.yaml

@@ -45,7 +45,7 @@ spec:
         {{- toYaml .Values.podSecurityContext | nindent 8 }}
       initContainers:
         - name: {{ include "common.name" . }}-init-dir-ownership-change
-          image: {{ .Values.alpine.image }}
+          image: {{ .Values.alpine.registry }}/{{ .Values.alpine.repository }}:{{ .Values.alpine.tag }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           # Change ownership to `mosquitto` user for a mounted volume
           command:
@@ -63,7 +63,7 @@ spec:
         - name: {{ .Chart.Name }}
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
-          image: {{ .Values.image.name }}:{{ .Values.image.tag }}
+          image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           {{- if .Values.probes.enabled }}
           livenessProbe:

tip-wlan/charts/opensync-mqtt-broker/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/opensync-mqtt-broker/values.yaml

@@ -5,11 +5,19 @@
 replicaCount: 1
 
 image:
-  name: eclipse-mosquitto
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/eclipse-mosquitto
   tag: 2.0.3
 
 alpine:
-  image: alpine:3.6
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.6
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/wlan-cloud-graphql-gw/templates/ingress.yaml

@@ -1,7 +1,9 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "common.fullname" . -}}
 {{- $svcPort := .Values.service.port -}}
-{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+apiVersion: networking.k8s.io/v1
+{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
@@ -36,15 +38,35 @@ spec:
         paths:
         {{- if $.Values.ingress.lb_https_redirect }}
           - path: /*
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            pathType: ImplementationSpecific
+            {{- end }}
             backend:
+              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              service:
+                name: ssl-redirect
+                port:
+                  name: use-annotation
+              {{- else -}}
               serviceName: ssl-redirect
               servicePort: use-annotation
+              {{- end }}
         {{- end }}
         {{- range .paths }}
           - path: {{ . }}
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            pathType: ImplementationSpecific
+            {{- end }}
             backend:
+              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else -}}
               serviceName: {{ $fullName }}
               servicePort: {{ $svcPort }}
+              {{- end }}
         {{- end }}
   {{- end }}
 {{- end }}

tip-wlan/charts/wlan-cloud-graphql-gw/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port }}']
   restartPolicy: Never

tip-wlan/charts/wlan-cloud-graphql-gw/values.yaml

@@ -11,9 +11,14 @@ replicaCount: 1
 
 image:
   name: wlan-cloud-graphql-gw
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
   pullPolicy: IfNotPresent
 
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
+
 nameOverride: ""
 fullnameOverride: ""
 

tip-wlan/charts/wlan-cloud-static-portal/templates/ingress.yaml

@@ -1,7 +1,9 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "common.fullname" . -}}
 {{- $svcPort := .Values.service.port -}}
-{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+apiVersion: networking.k8s.io/v1
+{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
@@ -36,15 +38,35 @@ spec:
         paths:
         {{- if $.Values.ingress.lb_https_redirect }}
           - path: /*
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            pathType: ImplementationSpecific
+            {{- end }}
             backend:
+              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              service:
+                name: ssl-redirect
+                port:
+                  name: use-annotation
+              {{- else -}}
               serviceName: ssl-redirect
               servicePort: use-annotation
+              {{- end }}
         {{- end }}
         {{- range .paths }}
           - path: {{ . }}
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            pathType: ImplementationSpecific
+            {{- end }}
             backend:
+              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else -}}
               serviceName: {{ $fullName }}
               servicePort: {{ $svcPort }}
+              {{- end }}
         {{- end }}
   {{- end }}
 {{- end }}

tip-wlan/charts/wlan-cloud-static-portal/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port }}']
   restartPolicy: Never

tip-wlan/charts/wlan-cloud-static-portal/values.yaml

@@ -11,9 +11,14 @@ replicaCount: 1
 
 image:
   name: wlan-cloud-ui
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
   pullPolicy: IfNotPresent
 
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
+
 nameOverride: ""
 fullnameOverride: ""
 

tip-wlan/charts/wlan-integrated-cloud-component-service/templates/deployment.yaml

@@ -26,7 +26,7 @@ spec:
       {{- if .Values.integratedWithPersistence.enabled }}
       initContainers:
       - name: wait-for-services
-        image: opsfleet/depends-on:latest
+        image: {{ .Values.waitForServicesImage.registry }}/{{ .Values.waitForServicesImage.repository }}:{{ .Values.waitForServicesImage.tag }}
         args:
         - "-service={{ .Release.Name }}-postgresql"
         - -check_interval=5
@@ -49,7 +49,8 @@ spec:
             secretKeyRef:
               name: {{ include "common.fullname" . }}-creds
               key: schema-repo-password
-        image: postgres:latest
+        image: {{ .Values.createDbSchemaImage.registry }}/{{ .Values.createDbSchemaImage.repository }}:{{ .Values.createDbSchemaImage.tag }}
+        args:
         imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
         command:
         - sh

tip-wlan/charts/wlan-integrated-cloud-component-service/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/wlan-integrated-cloud-component-service/values.yaml

@@ -11,7 +11,22 @@ replicaCount: 1
 
 image:
   name: wlan-integrated-cloud-component-service
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+waitForServicesImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: opsfleet/depends-on
+  tag: v1.0.0
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
+
+createDbSchemaImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/postgres
+  tag: 13.2-alpine
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/wlan-port-forwarding-gateway-service/templates/deployment.yaml

@@ -24,7 +24,7 @@ spec:
       initContainers:
         {{- include "jmxPrometheus.initContainer" . | nindent 8 }}
         - name: {{ include "common.name" . }}-readiness-opensync-gw
-          image: alpine
+          image: {{ .Values.opensyncGwReadinessImage.registry }}/{{ .Values.opensyncGwReadinessImage.repository }}:{{ .Values.opensyncGwReadinessImage.tag }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           command:
           - sh

tip-wlan/charts/wlan-port-forwarding-gateway-service/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/wlan-port-forwarding-gateway-service/values.yaml

@@ -11,7 +11,17 @@ replicaCount: 1
 
 image:
   name: wlan-port-forwarding-gateway-service
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+opensyncGwReadinessImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/wlan-portal-service/templates/ingress.yaml

@@ -1,7 +1,9 @@
 {{- if .Values.ingress.enabled -}}
 {{- $fullName := include "common.fullname" . -}}
 {{- $svcPort := .Values.service.port1 -}}
-{{- if semverCompare ">=1.14-0" .Capabilities.KubeVersion.GitVersion -}}
+{{- if .Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+apiVersion: networking.k8s.io/v1
+{{- else if .Capabilities.APIVersions.Has "networking.k8s.io/v1beta1" }}
 apiVersion: networking.k8s.io/v1beta1
 {{- else -}}
 apiVersion: extensions/v1beta1
@@ -34,15 +36,35 @@ spec:
         paths:
         {{- if $.Values.ingress.lb_https_redirect }}
           - path: /*
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            pathType: ImplementationSpecific
+            {{- end }}
             backend:
+              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              service:
+                name: ssl-redirect
+                port:
+                  name: use-annotation
+              {{- else -}}
               serviceName: ssl-redirect
               servicePort: use-annotation
+              {{- end }}
         {{- end }}
         {{- range .paths }}
           - path: {{ . }}
+            {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+            pathType: ImplementationSpecific
+            {{- end }}
             backend:
+              {{- if $.Capabilities.APIVersions.Has "networking.k8s.io/v1" }}
+              service:
+                name: {{ $fullName }}
+                port:
+                  number: {{ $svcPort }}
+              {{- else -}}
               serviceName: {{ $fullName }}
               servicePort: {{ $svcPort }}
+              {{- end -}}
         {{- end }}
   {{- end }}
 {{- end }}

tip-wlan/charts/wlan-portal-service/templates/tests/test-connection.yaml

@@ -11,8 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
-      command: ['wget']
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never
 {{- end }}

tip-wlan/charts/wlan-portal-service/values.yaml

@@ -11,7 +11,12 @@ replicaCount: 1
 
 image:
   name: wlan-portal-service
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/wlan-prov-service/templates/deployment.yaml

@@ -25,7 +25,7 @@ spec:
       initContainers:
         {{- include "jmxPrometheus.initContainer" . | nindent 8 }}
         - name: wait-for-services
-          image: opsfleet/depends-on:latest
+          image: {{ .Values.waitForServicesImage.registry }}/{{ .Values.waitForServicesImage.repository }}:{{ .Values.waitForServicesImage.tag }}
           args:
           - "-service={{ .Release.Name }}-postgresql"
           - -check_interval=5
@@ -53,7 +53,7 @@ spec:
               secretKeyRef:
                 name: {{ include "common.fullname" . }}-creds
                 key: schema-repo-password
-          image: {{ .Values.postgresql.image }}
+          image: {{ .Values.postgresql.registry }}/{{ .Values.postgresql.repository }}:{{ .Values.postgresql.tag }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           command:
           - sh
@@ -62,8 +62,8 @@ spec:
             apt update
             apt -y install curl
             echo "***** Fetching latest cloud-sdk-schema-postgresql for DB and Tables sql from JFrog *****"
-            curl --insecure -u$SCHEMA_REPO_USER:$SCHEMA_REPO_PASSWORD -O "https://tip-tip-wlan-cloud-docker-repo.jfrog.io/artifactory/tip-wlan-cloud-schemas/0.0.1-SNAPSHOT/sql/cloud-sdk-schema-postgresql-db-user.sql"
-            curl --insecure -u$SCHEMA_REPO_USER:$SCHEMA_REPO_PASSWORD -O "https://tip-tip-wlan-cloud-docker-repo.jfrog.io/artifactory/tip-wlan-cloud-schemas/0.0.1-SNAPSHOT/sql/cloud-sdk-schema-postgresql-tables.sql"
+            curl --insecure -u$SCHEMA_REPO_USER:$SCHEMA_REPO_PASSWORD -O "https://tip-tip-wlan-cloud-docker-repo.jfrog.io/artifactory/tip-wlan-cloud-schemas/1.2.0-SNAPSHOT/sql/cloud-sdk-schema-postgresql-db-user.sql"
+            curl --insecure -u$SCHEMA_REPO_USER:$SCHEMA_REPO_PASSWORD -O "https://tip-tip-wlan-cloud-docker-repo.jfrog.io/artifactory/tip-wlan-cloud-schemas/1.2.0-SNAPSHOT/sql/cloud-sdk-schema-postgresql-tables.sql"
             echo "***** Now executing cloud-sdk-schema-postgresql-db-user.sql on host {{ $pg }} and creating db prov_db and user tip_user using User Postgres. This uses full client-cert authentication *****"
             ### Observed that PSQL was unable to resolve the Postgres-service host because the postgres service wasnt
             ### really ready when running Postgres in Master-Slave config... hence the below retry-logic

tip-wlan/charts/wlan-prov-service/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/wlan-prov-service/values.yaml

@@ -11,7 +11,17 @@ replicaCount: 1
 
 image:
   name: wlan-prov-service
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+waitForServicesImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: opsfleet/depends-on
+  tag: v1.0.0
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""
@@ -128,7 +138,9 @@ affinity: {}
 
 postgresql:
   url: postgresql
-  image: postgres:11
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/postgres
+  tag: 11
 
 env:
   protocol: https

tip-wlan/charts/wlan-spc-service/templates/deployment.yaml

@@ -25,7 +25,7 @@ spec:
       initContainers:
         {{- include "jmxPrometheus.initContainer" . | nindent 8 }}
         - name: wait-for-services
-          image: opsfleet/depends-on:latest
+          image: {{ .Values.waitForServicesImage.registry }}/{{ .Values.waitForServicesImage.repository }}:{{ .Values.waitForServicesImage.tag }}
           args:
           - "-service={{ .Release.Name }}-kafka-headless"
           - -check_interval=5

tip-wlan/charts/wlan-spc-service/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/wlan-spc-service/values.yaml

@@ -11,7 +11,17 @@ replicaCount: 1
 
 image:
   name: wlan-spc-service
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+waitForServicesImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: opsfleet/depends-on
+  tag: v1.0.0
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""

tip-wlan/charts/wlan-ssc-service/templates/deployment.yaml

@@ -26,7 +26,7 @@ spec:
       initContainers:
         {{- include "jmxPrometheus.initContainer" . | nindent 8 }}
         - name: wait-for-services
-          image: opsfleet/depends-on:latest
+          image: {{ .Values.waitForServicesImage.registry }}/{{ .Values.waitForServicesImage.repository }}:{{ .Values.waitForServicesImage.tag }}
           args:
           - "-service={{ .Release.Name }}-kafka-headless"
           - "-service={{ .Release.Name }}-cassandra"
@@ -45,7 +45,7 @@ spec:
               secretKeyRef:
                 name: {{ include "common.fullname" . }}-creds
                 key: schema-repo-password
-          image: {{ .Values.cassandra.image }}
+          image: {{ .Values.cassandra.registry }}/{{ .Values.cassandra.repository }}:{{ .Values.cassandra.tag }}
           imagePullPolicy: {{ .Values.pullPolicy | default .Values.global.pullPolicy }}
           command:
           - sh
@@ -54,7 +54,7 @@ spec:
             apt update
             apt -y install curl
             echo "***** Fetching cloud-sdk-schema-cassandra.cql from JFrog *****"
-            curl --insecure -u$SCHEMA_REPO_USER:$SCHEMA_REPO_PASSWORD -O "https://tip-tip-wlan-cloud-docker-repo.jfrog.io/artifactory/tip-wlan-cloud-schemas/0.0.1-SNAPSHOT/cql/cloud-sdk-schema-cassandra.cql"
+            curl --insecure -u$SCHEMA_REPO_USER:$SCHEMA_REPO_PASSWORD -O "https://tip-tip-wlan-cloud-docker-repo.jfrog.io/artifactory/tip-wlan-cloud-schemas/1.2.0-SNAPSHOT/cql/cloud-sdk-schema-cassandra.cql"
             echo "***** Now executing cloud-sdk-schema-cassandra.cql and creating/updating schema on Cassandra instance *****"
             counter=0
             status=1

tip-wlan/charts/wlan-ssc-service/templates/tests/test-connection.yaml

@@ -11,7 +11,7 @@ metadata:
 spec:
   containers:
     - name: wget
-      image: busybox
+      image: {{ .Values.testConnectionImage.registry }}/{{ .Values.testConnectionImage.repository }}:{{ .Values.testConnectionImage.tag }}
       command: ['wget']
       args: ['{{ include "common.fullname" . }}:{{ .Values.service.port1 }}']
   restartPolicy: Never

tip-wlan/charts/wlan-ssc-service/values.yaml

@@ -11,7 +11,17 @@ replicaCount: 1
 
 image:
   name: wlan-ssc-service
-  tag: 1.1.0-SNAPSHOT
+  tag: 1.2.0-SNAPSHOT
+
+waitForServicesImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: opsfleet/depends-on
+  tag: v1.0.0
+
+testConnectionImage:
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/alpine
+  tag: 3.13
 
 nameOverride: ""
 fullnameOverride: ""
@@ -124,7 +134,9 @@ kafka:
 cassandra:
   url: cassandra-headless
   port: 9042
-  image: cassandra:3.11.6
+  registry: tip-docker-cache-repo.jfrog.io
+  repository: library/cassandra
+  tag: 3.11.6
 
 env:
   protocol: https

tip-wlan/example-values/aws-basic/README.md

@@ -0,0 +1,5 @@
+# Helm values for deploying a cloud controller onto an AWS EKS cluster
+
+[Detailed instructions](https://openwifi.tip.build/getting-started/controller-installation/aws-install)
+
+[This Terraform module](https://github.com/Telecominfraproject/wlan-cloud-terraform/tree/master/aws-cloudsdk) can be used to set up the required EKS cluster including all necessary addons.

tip-wlan/example-values/aws-basic/values.yml

@@ -0,0 +1,129 @@
+shared:
+  service:
+    srv-https-annotations: &srv-https-annotations
+      kubernetes.io/ingress.class: alb
+      alb.ingress.kubernetes.io/scheme: internet-facing
+      alb.ingress.kubernetes.io/group.name: wlan-cloudsdk
+      alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:eu-central-1:0123456789:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
+      alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_302"}}'
+
+# Annotations for namespace
+annotations: {
+    "helm.sh/resource-policy": keep
+}
+dockerRegistrySecret: ewoJImF1dGhzIjogewoJCSJ0aXAtdGlwLXdsYW4tY2xvdWQtZG9ja2VyLXJlcG8uamZyb2cuaW8iOiB7CgkJCSJhdXRoIjogImRHbHdMWEpsWVdRNmRHbHdMWEpsWVdRPSIKCQl9Cgl9LAoJIkh0dHBIZWFkZXJzIjogewoJCSJVc2VyLUFnZW50IjogIkRvY2tlci1DbGllbnQvMTkuMDMuOCAobGludXgpIgoJfQp9
+
+opensync-gw-static:
+  enabled: false
+
+opensync-gw-cloud:
+  service:
+    type: LoadBalancer
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: opensync-controller.cloudsdk.lab.wlan.tip.build,opensync-redirector.cloudsdk.lab.wlan.tip.build
+      service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
+  enabled: true
+  externalhost:
+    address:
+      ovsdb: opensync-controller.cloudsdk.lab.wlan.tip.build
+      mqtt: opensync-mqtt-broker.cloudsdk.lab.wlan.tip.build
+  persistence:
+    enabled: false
+  image:
+    name: opensync-gateway-cloud
+
+opensync-mqtt-broker:
+  service:
+    type: LoadBalancer
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: opensync-mqtt-broker.cloudsdk.lab.wlan.tip.build
+      service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: "gp2"
+
+wlan-cloud-graphql-gw:
+  enabled: true
+  ingress:
+    annotations:
+      <<: *srv-https-annotations
+    enabled: true
+    alb_https_redirect: true
+    hosts:
+    - host: wlan-graphql.cloudsdk.lab.wlan.tip.build
+      paths: [
+        /*
+        ]
+  env:
+    portalsvc: wlan-portal-svc.cloudsdk.lab.wlan.tip.build
+
+wlan-cloud-static-portal:
+  enabled: true
+  env:
+    graphql: https://wlan-graphql.cloudsdk.lab.wlan.tip.build
+  service:
+    type: NodePort
+  ingress:
+    annotations:
+      <<: *srv-https-annotations
+    alb_https_redirect: true
+    hosts:
+      - host: wlan-ui.cloudsdk.lab.wlan.tip.build
+        paths: [
+           /*
+          ]
+wlan-portal-service:
+  service:
+    type: NodePort
+    nodePortStatic: false
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: gp2
+  tsp:
+    host: wlan-portal-svc.cloudsdk.lab.wlan.tip.build
+  ingress:
+    enabled: true
+    alb_https_redirect: true
+    tls: []
+    annotations:
+      <<: *srv-https-annotations
+      alb.ingress.kubernetes.io/backend-protocol: HTTPS
+      alb.ingress.kubernetes.io/healthcheck-protocol: HTTPS
+      alb.ingress.kubernetes.io/healthcheck-port: traffic-port
+      alb.ingress.kubernetes.io/healthcheck-path: /ping
+    hosts:
+      - host: wlan-portal-svc.cloudsdk.lab.wlan.tip.build
+        paths: [
+           /*
+          ]
+
+wlan-prov-service:
+  enabled: true
+
+wlan-ssc-service:
+  enabled: true
+
+wlan-spc-service:
+  enabled: true
+
+wlan-port-forwarding-gateway-service:
+  enabled: true
+
+kafka:
+  enabled: true
+  persistence:
+
+cassandra:
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: gp2
+
+postgresql:
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: gp2

tip-wlan/example-values/aws-internal/README.md

@@ -0,0 +1,8 @@
+# Helm values for deploying a cloud controller onto an AWS EKS cluster with internal accessibility
+
+These values are almost the same as you can find in [aws-basic](../aws-basic) example values, but this case adds required annotations to make your installaion work in private mode without any endpoints exposed to the Internet.
+
+[Detailed instructions](https://openwifi.tip.build/getting-started/controller-installation/aws-install)
+
+[This Terraform module](https://github.com/Telecominfraproject/wlan-cloud-terraform/tree/master/aws-cloudsdk) can be used to set up the required EKS cluster including all necessary addons.
+

tip-wlan/example-values/aws-internal/values.yml

@@ -0,0 +1,131 @@
+shared:
+  service:
+    srv-https-annotations: &srv-https-annotations
+      kubernetes.io/ingress.class: alb
+      alb.ingress.kubernetes.io/scheme: internal
+      alb.ingress.kubernetes.io/group.name: wlan-cloudsdk
+      alb.ingress.kubernetes.io/certificate-arn: "arn:aws:acm:eu-central-1:0123456789:certificate/xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
+      alb.ingress.kubernetes.io/listen-ports: '[{"HTTP": 80}, {"HTTPS": 443}]'
+      alb.ingress.kubernetes.io/actions.ssl-redirect: '{"Type": "redirect", "RedirectConfig": { "Protocol": "HTTPS", "Port": "443", "StatusCode": "HTTP_302"}}'
+
+# Annotations for namespace
+annotations: {
+    "helm.sh/resource-policy": keep
+}
+dockerRegistrySecret: ewoJImF1dGhzIjogewoJCSJ0aXAtdGlwLXdsYW4tY2xvdWQtZG9ja2VyLXJlcG8uamZyb2cuaW8iOiB7CgkJCSJhdXRoIjogImRHbHdMWEpsWVdRNmRHbHdMWEpsWVdRPSIKCQl9Cgl9LAoJIkh0dHBIZWFkZXJzIjogewoJCSJVc2VyLUFnZW50IjogIkRvY2tlci1DbGllbnQvMTkuMDMuOCAobGludXgpIgoJfQp9
+
+opensync-gw-static:
+  enabled: false
+
+opensync-gw-cloud:
+  service:
+    type: LoadBalancer
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: opensync-controller.cloudsdk.lab.wlan.tip.build,opensync-redirector.cloudsdk.lab.wlan.tip.build
+      service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
+      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
+  enabled: true
+  externalhost:
+    address:
+      ovsdb: opensync-controller.cloudsdk.lab.wlan.tip.build
+      mqtt: opensync-mqtt-broker.cloudsdk.lab.wlan.tip.build
+  persistence:
+    enabled: false
+  image:
+    name: opensync-gateway-cloud
+
+opensync-mqtt-broker:
+  service:
+    type: LoadBalancer
+    annotations:
+      external-dns.alpha.kubernetes.io/hostname: opensync-mqtt-broker.cloudsdk.lab.wlan.tip.build
+      service.beta.kubernetes.io/aws-load-balancer-type: "nlb-ip"
+      service.beta.kubernetes.io/aws-load-balancer-internal: "true"
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: "gp2"
+
+wlan-cloud-graphql-gw:
+  enabled: true
+  ingress:
+    annotations:
+      <<: *srv-https-annotations
+    enabled: true
+    alb_https_redirect: true
+    hosts:
+    - host: wlan-graphql.cloudsdk.lab.wlan.tip.build
+      paths: [
+        /*
+        ]
+  env:
+    portalsvc: wlan-portal-svc.cloudsdk.lab.wlan.tip.build
+
+wlan-cloud-static-portal:
+  enabled: true
+  env:
+    graphql: https://wlan-graphql.cloudsdk.lab.wlan.tip.build
+  service:
+    type: NodePort
+  ingress:
+    annotations:
+      <<: *srv-https-annotations
+    alb_https_redirect: true
+    hosts:
+      - host: wlan-ui.cloudsdk.lab.wlan.tip.build
+        paths: [
+           /*
+          ]
+wlan-portal-service:
+  service:
+    type: NodePort
+    nodePortStatic: false
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: gp2
+  tsp:
+    host: wlan-portal-svc.cloudsdk.lab.wlan.tip.build
+  ingress:
+    enabled: true
+    alb_https_redirect: true
+    tls: []
+    annotations:
+      <<: *srv-https-annotations
+      alb.ingress.kubernetes.io/backend-protocol: HTTPS
+      alb.ingress.kubernetes.io/healthcheck-protocol: HTTPS
+      alb.ingress.kubernetes.io/healthcheck-port: traffic-port
+      alb.ingress.kubernetes.io/healthcheck-path: /ping
+    hosts:
+      - host: wlan-portal-svc.cloudsdk.lab.wlan.tip.build
+        paths: [
+           /*
+          ]
+
+wlan-prov-service:
+  enabled: true
+
+wlan-ssc-service:
+  enabled: true
+
+wlan-spc-service:
+  enabled: true
+
+wlan-port-forwarding-gateway-service:
+  enabled: true
+
+kafka:
+  enabled: true
+  persistence:
+
+cassandra:
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: gp2
+
+postgresql:
+  enabled: true
+  persistence:
+    enabled: true
+    storageClass: gp2

tip-wlan/templates/_prometheus-jmx.tpl

@@ -16,14 +16,13 @@
 
 {{- define "jmxPrometheus.initContainer" -}}
 {{- if .Values.global.monitoring.enableJmxPrometheusMetrics -}}
-- name: download-jmx-prometheus-exporter
-  image: alpine:latest
+- name: jmx-prometheus-exporter
+  image: {{ .Values.global.monitoring.jmxExporterAgent.registry }}/{{ .Values.global.monitoring.jmxExporterAgent.repository }}:{{ .Values.global.monitoring.jmxExporterAgent.tag }}
   command:
-  - wget
+  - cp
   args:
-  - -P
+  - {{ .Values.global.monitoring.jmxExporterAgent.path }}
   - {{ include "jmxPrometheus.agentDir" . }}
-  - https://repo1.maven.org/maven2/io/prometheus/jmx/jmx_prometheus_javaagent/0.14.0/jmx_prometheus_javaagent-0.14.0.jar
   volumeMounts:
 {{ include "jmxPrometheus.tmpVolumeMount" . | indent 2 }}
 {{- end -}}
@@ -69,7 +68,7 @@
 
 {{- define "jmxPrometheus.jvmOpts" -}}
 {{- if .Values.global.monitoring.enableJmxPrometheusMetrics -}}
--javaagent:{{ include "jmxPrometheus.agentDir" . }}/jmx_prometheus_javaagent-0.14.0.jar={{ include "jmxPrometheus.portNumber" . }}:{{ include "jmxPrometheus.configPath" . }}
+-javaagent:{{ include "jmxPrometheus.agentDir" . }}/{{ .Values.global.monitoring.jmxExporterAgent.path | base }}={{ include "jmxPrometheus.portNumber" . }}:{{ include "jmxPrometheus.configPath" . }}
 {{- end -}}
 {{- end -}}
 

tip-wlan/templates/kafka-dependencies.yaml

@@ -53,7 +53,7 @@ spec:
           done
       containers:
       - name: kafka-config
-        image: confluentinc/cp-kafka:5.0.1
+        image: {{ .Values.kafka.initJobConfig.image }}
         command: 
         - bash
         - -c

tip-wlan/values.yaml

@@ -37,12 +37,15 @@ global:
   nodePortPrefix: 302
   nodePortPrefixExt: 304
 
+  imageRoot:
+    registry: tip-docker-cache-repo.jfrog.io
+
   repository:
     registry: tip-tip-wlan-cloud-docker-repo.jfrog.io
     username: tip-read
     password: tip-read
   # image pull policy
-  pullPolicy: Always
+  pullPolicy: IfNotPresent
 
   # flag to enable debugging - application support required
   debugEnabled: false
@@ -75,6 +78,12 @@ global:
   monitoring:
     enableJmxPrometheusMetrics: false
     enablePrometheusPodMonitors: false
+    # Docker image containing the JMX exporter Java agent
+    jmxExporterAgent:
+      registry: tip-docker-cache-repo.jfrog.io
+      repository: bitnami/jmx-exporter
+      tag: 0.15.0
+      path: /opt/bitnami/jmx-exporter/jmx_prometheus_javaagent.jar
 
 # DockerRegistry Secret
 createDockerRegistrySecret: true
@@ -143,6 +152,7 @@ kafka:
   enabled: false
   replicaCount: 1
   image:
+    registry: tip-docker-cache-repo.jfrog.io
     debug: true
   auth:
     clientProtocol: mtls
@@ -170,6 +180,8 @@ kafka:
         release: prometheus-operator
   zookeeper:
     enabled: true
+    image:
+      registry: tip-docker-cache-repo.jfrog.io
     persistence:
       enabled: true
   resources:
@@ -184,6 +196,7 @@ cassandra:
   enabled: false
   tlsEncryptionSecretName: tip-common-cassandra-certs
   image:
+    registry: tip-docker-cache-repo.jfrog.io
     debug: true
   persistence:
     enabled: true
@@ -215,6 +228,7 @@ postgresql:
   enabled: false
   postgresqlDatabase: tip
   image:
+    registry: tip-docker-cache-repo.jfrog.io
     debug: true
   metrics:
     enabled: false
@@ -240,6 +254,8 @@ postgresql:
     storageClass: glusterfs-storage
   volumePermissions:
     enabled: true
+    image:
+      registry: tip-docker-cache-repo.jfrog.io
   livenessProbe:
     enabled: false
   readinessProbe:
@@ -261,7 +277,7 @@ postgresql:
   primary:
     extraInitContainers:
     - command: [ "sh", "-c", "chmod 0600 /opt/bitnami/postgresql/certs/postgresclientkey_dec.pem" ]
-      image: busybox:latest
+      image: tip-docker-cache-repo.jfrog.io/library/busybox:latest
       name: chmod-client-cert-additional
       securityContext:
         runAsUser: 0