fixing missing secrets and gitignore file

cassandra initial commit
2026-03-22 11:39:18 +00:00 · 2020-12-01 11:37:44 +03:00 · 2020-11-24 10:20:57 +03:00
19 changed files with 56 additions and 1500 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -11,7 +11,6 @@
 *.local_dev
 tip-wlan/resources/certs
 tip-wlan/resources/scripts
 tip-wlan/templates
 stern*
 *.tgz
--- a/tip-wlan/Chart.yaml
+++ b/tip-wlan/Chart.yaml
@@ -71,10 +71,12 @@ dependencies:
 - name: kafka
  version: 0.1.0
  condition: kafka.enabled
 - name: postgresql
  version: 10.1.0
  repository: https://charts.bitnami.com/bitnami
  condition: postgresql.enabled
 - name: cassandra
-  version: 5.5.3
+  version: 7.0.1
  repository: https://charts.bitnami.com/bitnami
  condition: cassandra.enabled
--- a/tip-wlan/charts/cassandra/.helmignore
+++ b/tip-wlan/charts/cassandra/.helmignore
@@ -1,21 +0,0 @@
 # Patterns to ignore when building packages.
 # This supports shell glob matching, relative path matching, and
 # negation (prefixed with !). Only one pattern per line.
 .DS_Store
 # Common VCS dirs
 .git/
 .gitignore
 .bzr/
 .bzrignore
 .hg/
 .hgignore
 .svn/
 # Common backup files
 *.swp
 *.bak
 *.tmp
 *~
 # Various IDEs
 .project
 .idea/
 *.tmproj
--- a/tip-wlan/charts/cassandra/Chart.yaml
+++ b/tip-wlan/charts/cassandra/Chart.yaml
@@ -1,21 +0,0 @@
 name: cassandra
 apiVersion: v2
 version: 5.5.3
 appVersion: 3.11.6
 description: Apache Cassandra is a free and open-source distributed database management system 
  designed to handle large amounts of data across many commodity servers, providing high 
  availability with no single point of failure. 
  Cassandra offers robust support for clusters spanning multiple datacenters, with asynchronous
  masterless replication allowing low latency operations for all clients.
 keywords:
  - cassandra
  - database
  - nosql
 icon: https://upload.wikimedia.org/wikipedia/commons/thumb/5/5e/Cassandra_logo.svg/330px-Cassandra_logo.svg.png
 sources:
  - https://github.com/bitnami/bitnami-docker-cassandra
 home: http://cassandra.apache.org
 maintainers:
  - name: Bitnami
    email: containers@bitnami.com
 engine: gotpl
--- a/tip-wlan/charts/cassandra/resources/config/certs/README.md
+++ b/tip-wlan/charts/cassandra/resources/config/certs/README.md
@@ -1 +0,0 @@
 Contains certs needed for this service to start. Please refer to page: https://telecominfraproject.atlassian.net/wiki/spaces/WIFI/pages/262176803/Pre-requisites+before+deploying+Tip-Wlan+solution
--- a/tip-wlan/charts/cassandra/resources/config/cqlshrc.default
+++ b/tip-wlan/charts/cassandra/resources/config/cqlshrc.default
@@ -1,238 +0,0 @@
 ; Licensed to the Apache Software Foundation (ASF) under one
 ; or more contributor license agreements.  See the NOTICE file
 ; distributed with this work for additional information
 ; regarding copyright ownership.  The ASF licenses this file
 ; to you under the Apache License, Version 2.0 (the
 ; "License"); you may not use this file except in compliance
 ; with the License.  You may obtain a copy of the License at
 ;
 ;   http://www.apache.org/licenses/LICENSE-2.0
 ;
 ; Unless required by applicable law or agreed to in writing,
 ; software distributed under the License is distributed on an
 ; "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 ; KIND, either express or implied.  See the License for the
 ; specific language governing permissions and limitations
 ; under the License.
 ;
 ; Sample ~/.cqlshrc file.
 [authentication]
 ;; If Cassandra has auth enabled, fill out these options
 username = cassandra
 password = cassandra
 ; keyspace = ks1
 [ui]
 ;; Whether or not to display query results with colors
 color = on
 ;; Used for displaying timestamps (and reading them with COPY)
 ; datetimeformat = %Y-%m-%d %H:%M:%S%z
 ;; Display timezone
 ;timezone = Etc/UTC
 ;; The number of digits displayed after the decimal point for single and double precision numbers
 ;; (note that increasing this to large numbers can result in unusual values)
 ;float_precision = 5
 ;double_precision = 12
 ;; Used for automatic completion and suggestions
 ; completekey = tab
 ;; The encoding used for characters
 ; encoding = utf8
 ; To use another than the system default browser for cqlsh HELP to open
 ; the CQL doc HTML, use the 'browser' preference.
 ; If the field value is empty or not specified, cqlsh will use the
 ; default browser (specifying 'browser = default' does not work).
 ;
 ; Supported browsers are those supported by the Python webbrowser module.
 ; (https://docs.python.org/2/library/webbrowser.html).
 ;
 ; Hint: to use Google Chome, use
 ; 'browser = open -a /Applications/Google\ Chrome.app %s' on Mac OS X and
 ; 'browser = /usr/bin/google-chrome-stable %s' on Linux and
 ; 'browser = C:/Program Files (x86)/Google/Chrome/Application/chrome.exe %s' on Windows.
 ;
 ; This setting can be overridden with the --browser command line option.
 ;
 ;browser =
 [cql]
 ;; A version of CQL to use (this should almost never be set)
 ; version = 3.2.1
 [connection]
 ;; The host to connect to
 hostname = tip-wlan-cassandra-headless
 ;; The port to connect to (9042 is the native protocol default)
 port = 9042
 ;; Always connect using SSL - false by default
 ssl = true
 ;; A timeout in seconds for opening new connections
 ; timeout = 10
 ;; A timeout in seconds for executing queries
 ; request_timeout = 10
 [csv]
 ;; The size limit for parsed fields
 ; field_size_limit = 131072
 [tracing]
 ;; The max number of seconds to wait for a trace to complete
 ; max_trace_wait = 10.0
 [ssl]
 certfile = /opt/tip-wlan/certs/cacert.pem
 ;; Optional - true by default.
 ;validate = true
 ;; To be provided when require_client_auth=true
 userkey = /opt/tip-wlan/certs/cassandraserverkey_dec.pem
 ;; To be provided when require_client_auth=true
 usercert = /opt/tip-wlan/certs/cassandraservercert.pem
 ;; Optional section, overrides default certfile in [ssl] section, if present
 ; [certfiles]
 ; 192.168.1.3 = ~/keys/cassandra01.cert
 ; 192.168.1.4 = ~/keys/cassandra02.cert
 ;; Options that are common to both COPY TO and COPY FROM
 ; [copy]
 ;; The string placeholder for null values
 ; nullval = null
 ;; For COPY TO, controls whether the first line in the CSV output file will
 ;; contain the column names.  For COPY FROM, specifies whether the first
 ;; line in the CSV file contains column names.
 ; header = false
 ;; The character that is used as the decimal point separator
 ; decimalsep = .
 ;; The character that is used to separate thousands
 ;; (defaults to the empty string)
 ; thousandssep =
 ;; The string literal format for boolean values
 ; boolstyle = True,False
 ;; The number of child worker processes to create for
 ;; COPY tasks.  Defaults to a max of 4 for COPY FROM and 16
 ;; for COPY TO.  However, at most (num_cores - 1) processes
 ;; will be created.
 ; numprocesses =
 ;; The maximum number of failed attempts to fetch a range of data (when using
 ;; COPY TO) or insert a chunk of data (when using COPY FROM) before giving up
 ; maxattempts = 5
 ;; How often status updates are refreshed, in seconds
 ; reportfrequency = 0.25
 ;; An optional file to output rate statistics to
 ; ratefile =
 ;; Options specific to COPY TO
 ; [copy-to]
 ;; The maximum number token ranges to fetch simultaneously
 ; maxrequests = 6
 ;; The number of rows to fetch in a single page
 ; pagesize = 1000
 ;; By default the page timeout is 10 seconds per 1000 entries
 ;; in the page size or 10 seconds if pagesize is smaller
 ; pagetimeout = 10
 ;; Token range to export.  Defaults to exporting the full ring.
 ; begintoken =
 ; endtoken =
 ; The maximum size of the output file measured in number of lines;
 ; beyond this maximum the output file will be split into segments.
 ; -1 means unlimited.
 ; maxoutputsize = -1
 ;; The encoding used for characters
 ; encoding = utf8
 ;; Options specific to COPY FROM
 ; [copy-from]
 ;; The maximum number of rows to process per second
 ; ingestrate = 100000
 ;; The maximum number of rows to import (-1 means unlimited)
 ; maxrows = -1
 ;; A number of initial rows to skip
 ; skiprows = 0
 ;; A comma-separated list of column names to ignore
 ; skipcols =
 ;; The maximum global number of parsing errors to ignore, -1 means unlimited
 ; maxparseerrors = -1
 ;; The maximum global number of insert errors to ignore, -1 means unlimited
 ; maxinserterrors = 1000
 ;; A file to store all rows that could not be imported, by default this is
 ;; import_<ks>_<table>.err where <ks> is your keyspace and <table> is your table name.
 ; errfile =
 ;; The min and max number of rows inserted in a single batch
 ; maxbatchsize = 20
 ; minbatchsize = 2
 ;; The number of rows that are passed to child worker processes from
 ;; the main process at a time
 ; chunksize =  1000
 ;; The options for COPY can also be specified per-table.  The following
 ;; three sections demonstrate this.
 ;; Optional table-specific options for COPY
 ; [copy:mykeyspace.mytable]
 ; chunksize = 1000
 ;; Optional table-specific options for COPY FROM
 ; [copy-from:mykeyspace.mytable]
 ; ingestrate = 20000
 ;; Optional table-specific options for COPY TO
 ; [copy-to:mykeyspace.mytable]
 ; pagetimeout = 30
--- a/tip-wlan/charts/cassandra/resources/config/cqlshrc.tip-wlan
+++ b/tip-wlan/charts/cassandra/resources/config/cqlshrc.tip-wlan
@@ -1,238 +0,0 @@
 ; Licensed to the Apache Software Foundation (ASF) under one
 ; or more contributor license agreements.  See the NOTICE file
 ; distributed with this work for additional information
 ; regarding copyright ownership.  The ASF licenses this file
 ; to you under the Apache License, Version 2.0 (the
 ; "License"); you may not use this file except in compliance
 ; with the License.  You may obtain a copy of the License at
 ;
 ;   http://www.apache.org/licenses/LICENSE-2.0
 ;
 ; Unless required by applicable law or agreed to in writing,
 ; software distributed under the License is distributed on an
 ; "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 ; KIND, either express or implied.  See the License for the
 ; specific language governing permissions and limitations
 ; under the License.
 ;
 ; Sample ~/.cqlshrc file.
 [authentication]
 ;; If Cassandra has auth enabled, fill out these options
 username = tip_user
 password = tip_password
 ; keyspace = ks1
 [ui]
 ;; Whether or not to display query results with colors
 color = on
 ;; Used for displaying timestamps (and reading them with COPY)
 ; datetimeformat = %Y-%m-%d %H:%M:%S%z
 ;; Display timezone
 ;timezone = Etc/UTC
 ;; The number of digits displayed after the decimal point for single and double precision numbers
 ;; (note that increasing this to large numbers can result in unusual values)
 ;float_precision = 5
 ;double_precision = 12
 ;; Used for automatic completion and suggestions
 ; completekey = tab
 ;; The encoding used for characters
 ; encoding = utf8
 ; To use another than the system default browser for cqlsh HELP to open
 ; the CQL doc HTML, use the 'browser' preference.
 ; If the field value is empty or not specified, cqlsh will use the
 ; default browser (specifying 'browser = default' does not work).
 ;
 ; Supported browsers are those supported by the Python webbrowser module.
 ; (https://docs.python.org/2/library/webbrowser.html).
 ;
 ; Hint: to use Google Chome, use
 ; 'browser = open -a /Applications/Google\ Chrome.app %s' on Mac OS X and
 ; 'browser = /usr/bin/google-chrome-stable %s' on Linux and
 ; 'browser = C:/Program Files (x86)/Google/Chrome/Application/chrome.exe %s' on Windows.
 ;
 ; This setting can be overridden with the --browser command line option.
 ;
 ;browser =
 [cql]
 ;; A version of CQL to use (this should almost never be set)
 ; version = 3.2.1
 [connection]
 ;; The host to connect to
 hostname = tip-wlan-cassandra-headless
 ;; The port to connect to (9042 is the native protocol default)
 port = 9042
 ;; Always connect using SSL - false by default
 ssl = true
 ;; A timeout in seconds for opening new connections
 ; timeout = 10
 ;; A timeout in seconds for executing queries
 ; request_timeout = 10
 [csv]
 ;; The size limit for parsed fields
 ; field_size_limit = 131072
 [tracing]
 ;; The max number of seconds to wait for a trace to complete
 ; max_trace_wait = 10.0
 [ssl]
 certfile = /opt/tip-wlan/certs/cacert.pem
 ;; Optional - true by default.
 ;validate = true
 ;; To be provided when require_client_auth=true
 userkey = /opt/tip-wlan/certs/cassandraserverkey_dec.pem
 ;; To be provided when require_client_auth=true
 usercert = /opt/tip-wlan/certs/cassandraservercert.pem
 ;; Optional section, overrides default certfile in [ssl] section, if present
 ; [certfiles]
 ; 192.168.1.3 = ~/keys/cassandra01.cert
 ; 192.168.1.4 = ~/keys/cassandra02.cert
 ;; Options that are common to both COPY TO and COPY FROM
 ; [copy]
 ;; The string placeholder for null values
 ; nullval = null
 ;; For COPY TO, controls whether the first line in the CSV output file will
 ;; contain the column names.  For COPY FROM, specifies whether the first
 ;; line in the CSV file contains column names.
 ; header = false
 ;; The character that is used as the decimal point separator
 ; decimalsep = .
 ;; The character that is used to separate thousands
 ;; (defaults to the empty string)
 ; thousandssep =
 ;; The string literal format for boolean values
 ; boolstyle = True,False
 ;; The number of child worker processes to create for
 ;; COPY tasks.  Defaults to a max of 4 for COPY FROM and 16
 ;; for COPY TO.  However, at most (num_cores - 1) processes
 ;; will be created.
 ; numprocesses =
 ;; The maximum number of failed attempts to fetch a range of data (when using
 ;; COPY TO) or insert a chunk of data (when using COPY FROM) before giving up
 ; maxattempts = 5
 ;; How often status updates are refreshed, in seconds
 ; reportfrequency = 0.25
 ;; An optional file to output rate statistics to
 ; ratefile =
 ;; Options specific to COPY TO
 ; [copy-to]
 ;; The maximum number token ranges to fetch simultaneously
 ; maxrequests = 6
 ;; The number of rows to fetch in a single page
 ; pagesize = 1000
 ;; By default the page timeout is 10 seconds per 1000 entries
 ;; in the page size or 10 seconds if pagesize is smaller
 ; pagetimeout = 10
 ;; Token range to export.  Defaults to exporting the full ring.
 ; begintoken =
 ; endtoken =
 ; The maximum size of the output file measured in number of lines;
 ; beyond this maximum the output file will be split into segments.
 ; -1 means unlimited.
 ; maxoutputsize = -1
 ;; The encoding used for characters
 ; encoding = utf8
 ;; Options specific to COPY FROM
 ; [copy-from]
 ;; The maximum number of rows to process per second
 ; ingestrate = 100000
 ;; The maximum number of rows to import (-1 means unlimited)
 ; maxrows = -1
 ;; A number of initial rows to skip
 ; skiprows = 0
 ;; A comma-separated list of column names to ignore
 ; skipcols =
 ;; The maximum global number of parsing errors to ignore, -1 means unlimited
 ; maxparseerrors = -1
 ;; The maximum global number of insert errors to ignore, -1 means unlimited
 ; maxinserterrors = 1000
 ;; A file to store all rows that could not be imported, by default this is
 ;; import_<ks>_<table>.err where <ks> is your keyspace and <table> is your table name.
 ; errfile =
 ;; The min and max number of rows inserted in a single batch
 ; maxbatchsize = 20
 ; minbatchsize = 2
 ;; The number of rows that are passed to child worker processes from
 ;; the main process at a time
 ; chunksize =  1000
 ;; The options for COPY can also be specified per-table.  The following
 ;; three sections demonstrate this.
 ;; Optional table-specific options for COPY
 ; [copy:mykeyspace.mytable]
 ; chunksize = 1000
 ;; Optional table-specific options for COPY FROM
 ; [copy-from:mykeyspace.mytable]
 ; ingestrate = 20000
 ;; Optional table-specific options for COPY TO
 ; [copy-to:mykeyspace.mytable]
 ; pagetimeout = 30
--- a/tip-wlan/charts/cassandra/templates/NOTES.txt
+++ b/tip-wlan/charts/cassandra/templates/NOTES.txt
@@ -1,65 +0,0 @@
 ** Please be patient while the chart is being deployed **
 Cassandra can be accessed through the following URLs from within the cluster:
  - CQL: {{ template "common.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.cluster.domain }}:{{ .Values.service.port }}
  - Thrift: {{ template "common.fullname" . }}.{{ .Release.Namespace }}.svc.{{ .Values.cluster.domain }}:{{ .Values.service.thriftPort }}
 To get your password run:
   export CASSANDRA_PASSWORD=$(kubectl get secret --namespace {{ .Release.Namespace }} {{ template "common.fullname" . }} -o jsonpath="{.data.cassandra-password}" | base64 --decode)
 Check the cluster status by running:
   kubectl exec -it --namespace {{ .Release.Namespace }} $(kubectl get pods --namespace {{ .Release.Namespace }} -l app={{ template "common.name" . }},release={{ .Release.Name }} -o jsonpath='{.items[0].metadata.name}') nodetool status
 To connect to your Cassandra cluster using CQL:
 1. Run a Cassandra pod that you can use as a client:
   kubectl run --namespace {{ .Release.Namespace }} {{ template "common.fullname" . }}-client --rm --tty -i --restart='Never' \
   --env CASSANDRA_PASSWORD=$CASSANDRA_PASSWORD \
   {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}--labels="{{ template "common.name" . }}-client=true"{{ end }} \
   --image {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }} -- bash
 2. Connect using the cqlsh client:
   cqlsh -u {{ .Values.dbUser.user }} -p $CASSANDRA_PASSWORD {{ template "common.fullname" . }}
 {{ if and (.Values.networkPolicy.enabled) (not .Values.networkPolicy.allowExternal) }}
 Note: Since NetworkPolicy is enabled, only pods with label
 "{{ template "common.fullname" . }}-client=true"
 will be able to connect to Cassandra.
 {{- else -}}
 To connect to your database from outside the cluster execute the following commands:
 {{- if contains "NodePort" .Values.service.type }}
   export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
   export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ template "common.fullname" . }})
   cqlsh -u {{ .Values.dbUser.user }} -p $CASSANDRA_PASSWORD $NODE_IP $NODE_PORT
 {{- else if contains "LoadBalancer" .Values.service.type }}
   NOTE: It may take a few minutes for the LoadBalancer IP to be available.
         Watch the status with: 'kubectl get svc --namespace {{ .Release.Namespace }} -w {{ template "common.fullname" . }}'
   export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ template "common.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
   cqlsh -u {{ .Values.dbUser.user }} -p $CASSANDRA_PASSWORD $SERVICE_IP
 {{- else if contains "ClusterIP" .Values.service.type }}
   kubectl port-forward --namespace {{ .Release.Namespace }} svc/{{ template "common.fullname" . }} {{ .Values.service.port }}:{{ .Values.service.port }} &
   cqlsh -u {{ .Values.dbUser.user }} -p $CASSANDRA_PASSWORD 127.0.0.1 {{ .Values.service.port }}
 {{- end }}
 {{- end }}
 {{- if and (contains "bitnami/" .Values.image.repository) (not (.Values.image.tag | toString | regexFind "-r\\d+$|sha256:")) }}
 WARNING: Rolling tag detected ({{ .Values.image.repository }}:{{ .Values.image.tag }}), please note that it is strongly recommended to avoid using rolling tags in a production environment.
 +info https://docs.bitnami.com/containers/how-to/understand-rolling-tags-containers/
 {{- end }}
--- a/tip-wlan/charts/cassandra/templates/_helpers.tpl
+++ b/tip-wlan/charts/cassandra/templates/_helpers.tpl
@@ -1,71 +0,0 @@
 {{/* vim: set filetype=mustache: */}}
 {{/*
 Return the appropriate apiVersion for networkpolicy.
 */}}
 {{- define "networkPolicy.apiVersion" -}}
 {{- if semverCompare ">=1.4-0, <1.7-0" .Capabilities.KubeVersion.GitVersion -}}
 {{- print "extensions/v1beta1" -}}
 {{- else -}}
 {{- print "networking.k8s.io/v1" -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Return the proper metrics image name
 */}}
 {{- define "cassandra.metrics.image" -}}
 {{- $registryName := .Values.metrics.image.registry -}}
 {{- $repositoryName := .Values.metrics.image.repository -}}
 {{- $tag := .Values.metrics.image.tag | toString -}}
 {{/*
 Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
 but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
 Also, we can't use a single if because lazy evaluation is not an option
 */}}
 {{- if .Values.global }}
    {{- if .Values.global.imageRegistry }}
        {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
    {{- else -}}
        {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
 {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Return the proper image name (for the init container volume-permissions image)
 */}}
 {{- define "cassandra.volumePermissions.image" -}}
 {{- $registryName := .Values.volumePermissions.image.registry -}}
 {{- $repositoryName := .Values.volumePermissions.image.repository -}}
 {{- $tag := .Values.volumePermissions.image.tag | toString -}}
 {{/*
 Helm 2.11 supports the assignment of a value to a variable defined in a different scope,
 but Helm 2.9 and 2.10 doesn't support it, so we need to implement this if-else logic.
 Also, we can't use a single if because lazy evaluation is not an option
 */}}
 {{- if .Values.global }}
    {{- if .Values.global.imageRegistry }}
        {{- printf "%s/%s:%s" .Values.global.imageRegistry $repositoryName $tag -}}
    {{- else -}}
        {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
    {{- end -}}
 {{- else -}}
    {{- printf "%s/%s:%s" $registryName $repositoryName $tag -}}
 {{- end -}}
 {{- end -}}
 {{/*
 Renders a value that contains template.
 Usage:
 {{ include "cassandra.tplValue" ( dict "value" .Values.path.to.the.Value "context" $) }}
 */}}
 {{- define "cassandra.tplValue" -}}
    {{- if typeIs "string" .value }}
        {{- tpl .value .context }}
    {{- else }}
        {{- tpl (.value | toYaml) .context }}
    {{- end }}
 {{- end -}}
--- a/tip-wlan/charts/cassandra/templates/configmap.yaml
+++ b/tip-wlan/charts/cassandra/templates/configmap.yaml
@@ -1,7 +0,0 @@
 apiVersion: v1
 kind: ConfigMap
 metadata:
  name: cassandra-configurations-override
  namespace: {{ include "common.namespace" . }}
 data:
 {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
--- a/tip-wlan/charts/cassandra/templates/headless-svc.yaml
+++ b/tip-wlan/charts/cassandra/templates/headless-svc.yaml
@@ -1,29 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "common.fullname" . }}-headless
  namespace: {{ include "common.namespace" . }}
  labels: {{- include "common.labels" . | nindent 4 }}
  annotations: {{ include "cassandra.tplValue" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
 spec:
  clusterIP: None
  publishNotReadyAddresses: true
  ports:
    - name: intra
      port: 7000
      targetPort: intra
    - name: tls
      port: 7001
      targetPort: tls
    - name: jmx
      port: 7199
      targetPort: jmx
    - name: cql
      port: {{ .Values.service.port }}
      targetPort: cql
    {{- if .Values.cluster.enableRPC }}
    - name: thrift
      port: {{ .Values.service.thriftPort }}
      targetPort: thrift
    {{- end }}
  selector: {{- include "common.selectorLabels" . | nindent 4 }}
--- a/tip-wlan/charts/cassandra/templates/networkpolicy.yaml
+++ b/tip-wlan/charts/cassandra/templates/networkpolicy.yaml
@@ -1,38 +0,0 @@
 {{- if .Values.networkPolicy.enabled }}
 kind: NetworkPolicy
 apiVersion: {{ include "networkPolicy.apiVersion" . }}
 metadata:
  name: {{ include "common.fullname" . }}
  namespace: {{ include "common.namespace" . }}
  labels: {{- include "common.labels" . | nindent 4 }}
 spec:
  podSelector:
    matchLabels: {{- include "common.selectorLabels" . | nindent 6 }}
  ingress:
    # Allow inbound connections
    # CQL and Thrift ports
    - ports:
        - port: {{ .Values.service.port }}
        - port: {{ .Values.service.thriftPort }}
      from:
      {{- if not .Values.networkPolicy.allowExternal }}
        - podSelector:
            matchLabels:
              {{ include "common.fullname" . }}-client: "true"
      {{- end }}
        - podSelector:
            matchLabels: {{- include "common.selectorLabels" . | nindent 14 }}
    # Internal ports
    - ports:
        - port: intra
        - port: tls
        - port: jmx
      from:
        - podSelector:
            matchLabels: {{- include "common.selectorLabels" . | nindent 14 }}
    {{- if .Values.metrics.enabled }}
    # Allow prometheus scrapes for metrics
    - ports:
        - port: 8080
    {{- end }}
 {{- end }}
--- a/tip-wlan/charts/cassandra/templates/secret.yaml
+++ b/tip-wlan/charts/cassandra/templates/secret.yaml
@@ -1,40 +0,0 @@
 {{- if (not .Values.dbUser.existingSecret) -}}
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ include "common.fullname" . }}
  namespace: {{ include "common.namespace" . }}
  labels: {{- include "common.labels" . | nindent 4 }}
 type: Opaque
 data:
  {{- if .Values.dbUser.password }}
  cassandra-password: {{ .Values.dbUser.password | b64enc | quote }}
  {{- else if (not .Values.dbUser.forcePassword) }}
  cassandra-password: {{ randAlphaNum 10 | b64enc | quote }}
  {{ else }}
  cassandra-password: {{ required "A Cassandra Password is required!" .Values.dbUser.password }}
  {{- end }}
 {{- end }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: cassandra-ssl-certs
  namespace: {{ include "common.namespace" . }}
 type: Opaque
 data:
  truststore: {{ .Files.Get "resources/config/certs/truststore.jks" | b64enc }}
  truststore-password: {{ .Values.creds.sslTruststorePassword | b64enc }}
  keystore: {{ .Files.Get "resources/config/certs/cassandra_server_keystore.jks" | b64enc }}
  keystore-password: {{ .Values.creds.sslKeystorePassword | b64enc }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ include "common.fullname" . }}-client-certs
  namespace: {{ include "common.namespace" . }}
 type: Opaque
 data:
 {{ tpl (.Files.Glob "resources/config/certs/*").AsSecrets . | indent 2 }}
  keystore_creds: {{ .Values.creds.sslKeystorePassword | b64enc }}
  truststore_creds: {{ .Values.creds.sslTruststorePassword | b64enc }}
--- a/tip-wlan/charts/cassandra/templates/service.yaml
+++ b/tip-wlan/charts/cassandra/templates/service.yaml
@@ -1,32 +0,0 @@
 apiVersion: v1
 kind: Service
 metadata:
  name: {{ include "common.fullname" . }}
  namespace: {{ include "common.namespace" . }}
  labels: {{- include "common.labels" . | nindent 4 }}
  annotations: {{ include "cassandra.tplValue" ( dict "value" .Values.service.annotations "context" $) | nindent 4 }}
 spec:
  type: {{ .Values.service.type }}
  {{- if and (eq .Values.service.type "LoadBalancer") (not (empty .Values.service.loadBalancerIP)) }}
  loadBalancerIP: {{ .Values.service.loadBalancerIP }}
  {{- end }}
  ports:
    - name: cql
      port: {{ .Values.service.port }}
      targetPort: cql
      {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.cql)) }}
      nodePort: {{ .Values.service.nodePorts.cql }}
      {{- else if eq .Values.service.type "ClusterIP" }}
      nodePort: null
      {{- end }}
    {{- if .Values.cluster.enableRPC }}
    - name: thrift
      port: {{ .Values.service.thriftPort }}
      targetPort: thrift
      {{- if and (or (eq .Values.service.type "NodePort") (eq .Values.service.type "LoadBalancer")) (not (empty .Values.service.nodePorts.thrift)) }}
      nodePort: {{ .Values.service.nodePorts.thrift }}
      {{- else if eq .Values.service.type "ClusterIP" }}
      nodePort: null
      {{- end }}
    {{- end }}
  selector: {{- include "common.selectorLabels" . | nindent 4 }}
--- a/tip-wlan/charts/cassandra/templates/statefulset.yaml
+++ b/tip-wlan/charts/cassandra/templates/statefulset.yaml
@@ -1,306 +0,0 @@
 apiVersion: apps/v1
 kind: StatefulSet
 metadata:
  name: {{ include "common.fullname" . }}
  namespace: {{ include "common.namespace" . }}
  labels: {{- include "common.labels" . | nindent 4 }}
 spec:
  selector:
    matchLabels: {{- include "common.selectorLabels" . | nindent 6 }}
  serviceName: {{ include "common.fullname" . }}-headless
  replicas: {{ .Values.cluster.replicaCount }}
  updateStrategy:
    type: {{ .Values.statefulset.updateStrategy }}
    {{- if (eq "Recreate" .Values.statefulset.updateStrategy) }}
    rollingUpdate: null
    {{- else if .Values.statefulset.rollingUpdatePartition }}
    rollingUpdate:
      partition: {{ .Values.statefulset.rollingUpdatePartition }}
    {{- end }}
  template:
    metadata:
      labels: {{- include "common.labels" . | nindent 8 }}
      {{- if .Values.podLabels }}
      {{- toYaml .Values.podLabels | nindent 8 }}
      {{- end }}
      {{- if or .Values.podAnnotations (and .Values.metrics.enabled .Values.metrics.podAnnotations) }}
      annotations:
        {{- if .Values.podAnnotations }}
        {{- toYaml .Values.podAnnotations | nindent 8 }}
        {{- end }}
        {{- if .Values.metrics.podAnnotations }}
        {{- toYaml .Values.metrics.podAnnotations | nindent 8 }}
        {{- end }}
      {{- end }}
    spec:
      {{- if .Values.affinity }}
      affinity: {{- include "cassandra.tplValue" (dict "value" .Values.affinity "context" $) | nindent 8 }}
      {{- end }}
      {{- if .Values.nodeSelector }}
      nodeSelector: {{- include "cassandra.tplValue" (dict "value" .Values.nodeSelector "context" $) | nindent 8 }}
      {{- end }}
      {{- if .Values.tolerations }}
      tolerations: {{- include "cassandra.tplValue" (dict "value" .Values.tolerations "context" $) | nindent 8 }}
      {{- end }}
      {{- if .Values.securityContext.enabled }}
      securityContext:
        fsGroup: {{ .Values.securityContext.fsGroup }}
        runAsUser: {{ .Values.securityContext.runAsUser }}
      {{- end }}
      {{- if and .Values.volumePermissions.enabled .Values.persistence.enabled }}
      initContainers:
        - name: volume-permissions
          image: {{ include "cassandra.volumePermissions.image" . }}
          imagePullPolicy: {{ .Values.volumePermissions.image.pullPolicy | quote }}
          command:
            - /bin/bash
            - -ec
            - |
              chown -R {{ .Values.securityContext.runAsUser }}:{{ .Values.securityContext.fsGroup }} /bitnami/cassandra
          securityContext:
            runAsUser: 0
          {{- if .Values.volumePermissions.resources }}
          resources: {{- toYaml .Values.volumePermissions.resources | nindent 12 }}
          {{- end }}
          volumeMounts:
            - name: data
              mountPath: /bitnami/cassandra
      {{- end }}
      containers:
        - name: cassandra
          command:
            - bash
            - -ec
            # Node 0 is the password seeder
            - |
              if [[ $HOSTNAME =~ (.*)-0$ ]]; then
                echo "Setting node as password seeder"
                export CASSANDRA_PASSWORD_SEEDER=yes
              else
                # Only node 0 will execute the startup initdb scripts
                export CASSANDRA_IGNORE_INITDB_SCRIPTS=1
              fi
              {{ .Values.entrypoint }} {{ .Values.cmd }}
          image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
          imagePullPolicy: {{ .Values.image.pullPolicy | quote }}
          env:
            - name: BITNAMI_DEBUG
              value: {{ ternary "true" "false" .Values.image.debug | quote }}
            - name: CASSANDRA_CLUSTER_NAME
              value: {{ .Values.cluster.name }}
            - name: CASSANDRA_SEEDS
              {{- $global := . }}
              {{- $replicas := .Values.cluster.seedCount | int }}
              {{- $domain := .Values.cluster.domain }}
              value: "{{- range $i, $e := until $replicas }}{{ include "common.fullname" $global }}-{{ $i }}.{{ include "common.fullname" $global }}-headless.{{ $global.Values.global.nsPrefix }}.svc.{{ $domain }}{{- if (lt ( add1 $i ) $replicas ) }},{{- end }}{{- end }}"
            - name: CASSANDRA_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ if .Values.dbUser.existingSecret }}{{ .Values.dbUser.existingSecret }}{{- else }}{{ include "common.fullname" . }}{{- end }}
                  key: cassandra-password
            - name: POD_IP
              valueFrom:
                fieldRef:
                  fieldPath: status.podIP
            - name: CASSANDRA_USER
              value: {{ .Values.dbUser.user | quote }}
            - name: CASSANDRA_NUM_TOKENS
              value: {{ .Values.cluster.numTokens | quote }}
            - name: CASSANDRA_DATACENTER
              value: {{ .Values.cluster.datacenter }}
            - name: CASSANDRA_ENDPOINT_SNITCH
              value: {{ .Values.cluster.endpointSnitch }}
            {{- if   .Values.tlsEncryptionSecretName }}
            - name: CASSANDRA_INTERNODE_ENCRYPTION
              value: {{ .Values.cluster.internodeEncryption | quote }}
            - name: CASSANDRA_CLIENT_ENCRYPTION
              value: {{ .Values.cluster.clientEncryption | quote }}
            - name: CASSANDRA_TRUSTSTORE_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.tlsEncryptionSecretName }}
                  key: truststore-password
            - name: CASSANDRA_KEYSTORE_PASSWORD
              valueFrom:
                secretKeyRef:
                  name: {{ .Values.tlsEncryptionSecretName }}
                  key: keystore-password
            {{- end }}
            - name: CASSANDRA_RACK
              value: {{ .Values.cluster.rack }}
            {{- if .Values.jvm.maxHeapSize }}
            - name: MAX_HEAP_SIZE
              value: {{ .Values.jvm.maxHeapSize | quote }}
            {{- end }}
            {{- if .Values.jvm.newHeapSize }}
            - name: HEAP_NEWSIZE
              value: {{ .Values.jvm.newHeapSize | quote }}
            {{- end }}
            {{- if .Values.jvm.extraOpts }}
            - name: JVM_EXTRA_OPTS
              value: {{ .Values.jvm.extraOpts | quote }}
            {{- end }}
            - name: CASSANDRA_ENABLE_RPC
              value: {{ .Values.cluster.enableRPC | quote }}
            {{- if .Values.cluster.enableUDF }}
            - name: CASSANDRA_ENABLE_USER_DEFINED_FUNCTIONS
              value: {{ .Values.cluster.enableUDF | quote }}
            {{- end }}
          {{- if .Values.livenessProbe.enabled }}
          livenessProbe:
            exec:
              command: ["/bin/sh", "-c", "nodetool status"]
            initialDelaySeconds: {{ .Values.livenessProbe.initialDelaySeconds }}
            periodSeconds: {{ .Values.livenessProbe.periodSeconds }}
            timeoutSeconds: {{ .Values.livenessProbe.timeoutSeconds }}
            successThreshold: {{ .Values.livenessProbe.successThreshold }}
            failureThreshold: {{ .Values.livenessProbe.failureThreshold }}
          {{- end }}
          {{- if .Values.readinessProbe.enabled }}
          readinessProbe:
            exec:
              command: ["/bin/sh", "-c", "nodetool status | grep -E \"^UN\\s+${POD_IP}\""]
            initialDelaySeconds: {{ .Values.readinessProbe.initialDelaySeconds }}
            periodSeconds: {{ .Values.readinessProbe.periodSeconds }}
            timeoutSeconds: {{ .Values.readinessProbe.timeoutSeconds }}
            successThreshold: {{ .Values.readinessProbe.successThreshold }}
            failureThreshold: {{ .Values.readinessProbe.failureThreshold }}
          {{- end }}
          {{- if not .Values.persistence.enabled }}
          lifecycle:
            preStop:
              exec:
                command:
                  - bash
                  - -ec
                  - nodetool decommission
          {{- end }}
          ports:
            - name: intra
              containerPort: 7000
            - name: tls
              containerPort: 7001
            - name: jmx
              containerPort: 7199
            - name: cql
              containerPort: 9042
            {{- if .Values.cluster.enableRPC }}
            - name: thrift
              containerPort: 9160
            {{- end }}
          {{- if .Values.resources }}
          resources: {{ toYaml .Values.resources | nindent 12 }}
          {{- end }}
          volumeMounts:
            - name: data
              mountPath: /bitnami/cassandra
            {{- if .Values.tlsEncryptionSecretName }}
            - name: encryption-secrets
              mountPath: /bitnami/cassandra/secrets
            {{- end }}
            {{- if .Values.initDBConfigMap }}
            - name: init-db-cm
              mountPath: /docker-entrypoint-initdb.d/configmap
            {{- end }}
            {{- if .Values.initDBSecret }}
            - name: init-db-secret
              mountPath: /docker-entrypoint-initdb.d/secret
            {{- end }}
            {{ if .Values.existingConfiguration }}
            - name: configurations
              mountPath: /bitnami/cassandra/conf
            {{- end }}
            - mountPath: /opt/tip-wlan/certs/cacert.pem
              name: cassandra-client-certificates
              subPath: cacert.pem
            - mountPath: /opt/tip-wlan/certs/cassandraservercert.pem
              name: cassandra-client-certificates
              subPath: cassandraservercert.pem
            - mountPath: /opt/tip-wlan/certs/cassandraserverkey_dec.pem
              name: cassandra-client-certificates
              subPath: cassandraserverkey_dec.pem              
        {{- if .Values.metrics.enabled }}
        - name: metrics
          image: {{ include "cassandra.metrics.image" . }}
          imagePullPolicy: {{ .Values.metrics.image.pullPolicy | quote }}
          ports:
            - name: metrics
              containerPort: 8080
              protocol: TCP
            - name: jmx
              containerPort: 5555
          {{- if .Values.metrics.resources }}
          resources: {{- toYaml .Values.metrics.resources | nindent 12 }}
          {{- end }}
          livenessProbe:
            tcpSocket:
              port: metrics
          readinessProbe:
            httpGet:
              path: /metrics
              port: metrics
            initialDelaySeconds: 20
            timeoutSeconds: 45
        {{- end }}
      {{- if .Values.image.pullSecrets }}
      imagePullSecrets:
        - name: {{ .Values.image.pullSecrets }}
      {{- end }}
      volumes:
        - name: cassandra-client-certificates
          secret:
            secretName: {{ include "common.fullname" . }}-client-certs
        {{- if .Values.tlsEncryptionSecretName }}
        - name: encryption-secrets
          secret:
            secretName: {{ .Values.tlsEncryptionSecretName }}
            items:
              - key: keystore
                path: keystore
              - key: truststore
                path: truststore
        {{- end }}
        {{- if .Values.existingConfiguration }}
        - name: configurations
          configMap:
            name: {{ tpl .Values.existingConfiguration $ }}
        {{- end }}
        {{- if .Values.initDBConfigMap }}
        - name: init-db-cm
          configMap:
            name: {{ tpl .Values.initDBConfigMap $ }}
        {{- end }}
        {{- if .Values.initDBSecret }}
        - name: init-db-secret
          configMap:
            name: {{ tpl .Values.initDBSecret $ }}
        {{- end }}
 {{- if not .Values.persistence.enabled }}
        - name: data
          emptyDir: {}
 {{- else }}
  volumeClaimTemplates:
    - metadata:
        name: data
        labels:
          app: {{ include "common.name" . }}
          release: {{ .Release.Name }}
        {{- if .Values.persistence.annotations }}
        annotations: {{- toYaml .Values.persistence.annotations | nindent 10 }}
        {{- end }}
      spec:
        accessModes:
          {{- range .Values.persistence.accessModes }}
          - {{ . | quote }}
          {{- end }}
        resources:
          requests:
            storage: {{ .Values.persistence.size | quote }}
      {{- if .Values.persistence.storageClass }}
      {{- if (eq "-" .Values.persistence.storageClass) }}
        storageClassName: ""
      {{- else }}
        storageClassName: "{{ .Values.persistence.storageClass }}"
      {{- end }}
      {{- end }}
 {{- end }}
--- a/tip-wlan/charts/cassandra/templates/tests/test-cassandra-record-insert-del.yaml
+++ b/tip-wlan/charts/cassandra/templates/tests/test-cassandra-record-insert-del.yaml
@@ -1,53 +0,0 @@
 {{- if .Values.testsEnabled -}}
 # NOTE: For the test to work, make sure that the cluster-size remains the same
 # if you are doing helm-del and then helm-install with existing pvc.
 apiVersion: v1
 kind: Pod
 metadata:
  name: {{ include "common.fullname" . }}-test-insertion-deletion
  namespace: {{ include "common.namespace" . }}
  annotations:
    "helm.sh/hook": test-success
 spec:
  containers:
  - name: {{ include "common.name" . }}-test-cassandra-basic
    image: {{ .Values.image.registry }}/{{ .Values.image.repository }}:{{ .Values.image.tag }}
    command:
    - sh
    - -c
    - |
      cqlsh --cqlshrc /bitnami/cassandra/conf/cqlshrc.tip-wlan -e \
      "CREATE KEYSPACE MYDB WITH REPLICATION = { 'class' : 'SimpleStrategy', 'replication_factor' : 1 }; \
      use MYDB; \
      CREATE TABLE BOOKS (id int PRIMARY KEY, title text, year text); \
      INSERT INTO BOOKS (id, title, year) VALUES (1, 'Power Of Now', '1994'); \
      SELECT * FROM BOOKS; \
      DELETE FROM BOOKS WHERE id=1; \
      SELECT * FROM BOOKS; \
      DROP TABLE BOOKS; \
      DROP KEYSPACE MYDB;"
    volumeMounts:
      {{ if .Values.existingConfiguration }}
      - name: configurations
        mountPath: /bitnami/cassandra/conf
      {{- end }}
      - mountPath: /opt/tip-wlan/certs/cacert.pem
        name: cassandra-client-certificates
        subPath: cacert.pem
      - mountPath: /opt/tip-wlan/certs/cassandraservercert.pem
        name: cassandra-client-certificates
        subPath: cassandraservercert.pem
      - mountPath: /opt/tip-wlan/certs/cassandraserverkey_dec.pem
        name: cassandra-client-certificates
        subPath: cassandraserverkey_dec.pem   
  restartPolicy: Never
  volumes:
  {{- if .Values.existingConfiguration }}
  - name: configurations
    configMap:
      name: {{ tpl .Values.existingConfiguration $ }}
  {{- end }}
  - name: cassandra-client-certificates
    secret:
      secretName: {{ include "common.fullname" . }}-client-certs
 {{- end }}
--- a/tip-wlan/charts/cassandra/values.yaml
+++ b/tip-wlan/charts/cassandra/values.yaml
@@ -1,331 +0,0 @@
 ## Global Docker image parameters
 ## Please, note that this will override the image parameters, including dependencies, configured to use the global value
 ## Current available global Docker image parameters: imageRegistry and imagePullSecrets
 ##
 # global:
 #   imageRegistry: myRegistryName
 #   imagePullSecrets:
 #     - myRegistryKeySecretName
 #   storageClass: myStorageClass
 ## Bitnami Cassandra image version
 ## ref: https://hub.docker.com/r/bitnami/cassandra/tags/
 ##
 image:
  registry: docker.io
  repository: bitnami/cassandra
  ## Bitnami Cassandra image tag
  ## ref: https://github.com/bitnami/bitnami-docker-cassandra#supported-tags-and-respective-dockerfile-links
  ##
  tag: 3.11.6-debian-10-r138
  ## Specify a imagePullPolicy
  ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
  ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
  ##
  pullPolicy: IfNotPresent
  ## Optionally specify an array of imagePullSecrets.
  ## Secrets must be manually created in the namespace.
  ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
  ##
  # pullSecrets:
  #   - myRegistryKeySecretName
  ## Set to true if you would like to see extra information on logs
  ## It turns BASH debugging in minideb-extras-base
  ##
  debug: false
 ## String to partially override cassandra.fullname template (will maintain the release name)
 ##
 # nameOverride:
 ## String to fully override cassandra.fullname template
 ##
 # fullnameOverride:
 ## Init containers parameters:
 ## volumePermissions: Change the owner and group of the persistent volume mountpoint to runAsUser:fsGroup values from the securityContext section.
 ##
 volumePermissions:
  enabled: true
  image:
    registry: docker.io
    repository: bitnami/minideb
    tag: buster
    pullPolicy: Always
    ## Optionally specify an array of imagePullSecrets.
    ## Secrets must be manually created in the namespace.
    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
    ##
    # pullSecrets:
    #   - myRegistryKeySecretName
  ## Init container' resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  resources:
    # We usually recommend not to specify default resources and to leave this as a conscious
    # choice for the user. This also increases chances charts run on environments with little
    # resources, such as Minikube. If you do want to specify resources, uncomment the following
    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
    limits: {}
    #   cpu: 100m
    #   memory: 128Mi
    requests: {}
    #   cpu: 100m
    #   memory: 128Mi
 ## Service parameters
 ##
 service:
  ## Service type
  ##
  type: ClusterIP
  ## CQL port
  ##
  port: 9042
  ## Thrift Client API port
  ##
  thriftPort: 9160
  ## Specify the nodePort(s) value(s) for the LoadBalancer and NodePort service types.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
  ##
  nodePorts:
    cql: ""
    thriftPort: ""
  ## Set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  # loadBalancerIP:
  ## Provide any additional annotations which may be required. This can be used to
  ## set the LoadBalancer service type to internal only.
  ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
  ##
  annotations: {}
 ## Enable persistence using Persistent Volume Claims
 ## ref: http://kubernetes.io/docs/user-guide/persistent-volumes/
 ##
 persistence:
  ## If true, use a Persistent Volume Claim, If false, use emptyDir
  ##
  enabled: false
  ## Persistent Volume Storage Class
  ## If defined, storageClassName: <storageClass>
  ## If set to "-", storageClassName: "", which disables dynamic provisioning
  ## If undefined (the default) or set to null, no storageClassName spec is
  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
  ##   GKE, AWS & OpenStack)
  ##
  storageClass: "-"
  ## Persistent Volume Claim annotations
  ##
  annotations:
  ## Persistent Volume Access Mode
  ##
  accessModes:
    - ReadWriteOnce
  ## Persistent Volume size
  ##
  size: 1Gi
 ## Cassandra pods' resource requests and limits
 ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
 ## Minimum memory for development is 4GB and 2 CPU cores
 ## Minimum memory for production is 8GB and 4 CPU cores
 ## ref: http://docs.datastax.com/en/archived/cassandra/2.0/cassandra/architecture/architecturePlanningHardware_c.html
 ##
 resources:
  # We usually recommend not to specify default resources and to leave this as a conscious
  # choice for the user. This also increases chances charts run on environments with little
  # resources, such as Minikube. If you do want to specify resources, uncomment the following
  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
  limits: {}
  #   cpu: 2
  #   memory: 4Gi
  requests: {}
  #   cpu: 2
  #   memory: 4Gi
 ## Secret with keystore, keystore password, truststore, truststore password
 ##
 tlsEncryptionSecretName: cassandra-ssl-certs
 ## ConfigMap with custom cassandra configuration files. This overrides any other Cassandra configuration set in the chart
 ##
 existingConfiguration: cassandra-configurations-override
 ## Cluster parameters
 ##
 cluster:
  name: TipWlanCluster
  replicaCount: 3
  seedCount: 2
  numTokens: 256
  datacenter: DC1
  rack: RAC1
  enableRPC: true
  endpointSnitch: SimpleSnitch
  ## Enable the creation of the Pod Disruption Budget
  ##
  pdbEnabled: true
  ## Minimum number of cluster nodes that will be running. Needs pdbEnabled=true
  ##
  minAvailable: 1
  ## Maximum number of cluster nodes that may not be running. Needs pdbEnabled=true.
  ##
  # maxUnavailable: 1
  ## Encryption values. NOTE: They require tlsEncryptionSecretName
  ##
  internodeEncryption: all
  clientEncryption: true
  domain: cluster.local
 ## JVM Settings
 ##
 jvm:
  ## Extra JVM options
  ##
  extraOpts:
  ## Memory settings: These are calculated automatically
  ## unless specified otherwise
  ##
  # maxHeapSize: 4G
  # newHeapSize: 800M
 ## Database credentials
 ##
 dbUser:
  user: cassandra
  forcePassword: false
  password: cassandra
  # existingSecret:
 ## ConfigMap with cql scripts. Useful for creating a keyspace
 ## and pre-populating data
 ##
 # initDBConfigMap:
 ## Secret with cql script (with sensitive data). Useful for creating a keyspace
 ## and pre-populating data
 ##
 # initDBSecret:
 ## Cassandra container's liveness and readiness probes
 ## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
 ##
 livenessProbe:
  enabled: true
  initialDelaySeconds: 60
  periodSeconds: 30
  timeoutSeconds: 5
  successThreshold: 1
  failureThreshold: 5
 readinessProbe:
  enabled: true
  initialDelaySeconds: 60
  periodSeconds: 10
  timeoutSeconds: 5
  successThreshold: 1
  failureThreshold: 5
 ## Additional pod annotations
 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
 ##
 podAnnotations: {}
 ## Additional pod labels
 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/
 ##
 podLabels: {}
 ## Affinity for pod assignment
 ## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
 ##
 affinity: {}
 ## Node labels for pod assignment. Evaluated as a template.
 ## Ref: https://kubernetes.io/docs/user-guide/node-selection/
 ##
 nodeSelector: {}
 ## Tolerations for pod assignment
 ## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
 ##
 tolerations: []
 ## StatefulSet settings
 ##
 statefulset:
  updateStrategy: OnDelete
  # rollingUpdatePartition:
 ## Pod Security Context
 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
 ##
 securityContext:
  enabled: true
  fsGroup: 1001
  runAsUser: 1001
 ## Container entrypoint and cmd (useful for using different images)
 ##
 entrypoint: "/entrypoint.sh"
 cmd: "/run.sh"
 ## Network policies
 ## Ref: https://kubernetes.io/docs/concepts/services-networking/network-policies/
 ##
 networkPolicy:
  ## Specifies whether a NetworkPolicy should be created
  ##
  enabled: false
  ## The Policy model to apply. When set to false, only pods with the correct
  ## client label will have network access to the port Redis is listening
  ## on. When true, Redis will accept connections from any source
  ## (with the correct destination port).
  ##
  # allowExternal: true
 ## Enable/disable the chart's tests.  Useful if using this chart as a dependency of
 ## another chart and you don't want these tests running when trying to develop and
 ## test your own chart.
 testsEnabled: true
 ## Cassandra Prometheus exporter configuration
 ## ref: https://hub.docker.com/r/bitnami/cassandra-exporter/tags/
 ##
 metrics:
  enabled: false
  image:
    registry: docker.io
    pullPolicy: IfNotPresent
    repository: bitnami/cassandra-exporter
    tag: 2.3.4-debian-10-r119
    ## Optionally specify an array of imagePullSecrets.
    ## Secrets must be manually created in the namespace.
    ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
    ##
    # pullSecrets:
    #   - myRegistryKeySecretName
  ## Cassandra Prometheus exporter resource requests and limits
  ## ref: http://kubernetes.io/docs/user-guide/compute-resources/
  ##
  resources:
    # We usually recommend not to specify default resources and to leave this as a conscious
    # choice for the user. This also increases chances charts run on environments with little
    # resources, such as Minikube. If you do want to specify resources, uncomment the following
    # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
    limits: {}
    #   cpu: 100m
    #   memory: 128Mi
    requests: {}
    #   cpu: 100m
    #   memory: 128Mi
  ## Metrics exporter pod Annotation and Labels
  ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
  ##
  podAnnotations:
    prometheus.io/scrape: "true"
    prometheus.io/port: "8080"
 creds:
  sslKeystorePassword: DUMMY_PASSWORD
  sslTruststorePassword: DUMMY_PASSWORD
--- a/tip-wlan/resources/environments/dev-local-rework.yaml
+++ b/tip-wlan/resources/environments/dev-local-rework.yaml
@@ -154,19 +154,35 @@ kafka:
    sslKeystorePassword: mypassword
    sslTruststorePassword: mypassword
    sslKeyPassword: mypassword
 cassandra:
  enabled: true
  tlsEncryptionSecretName: tip-common-cassandra-certs
  image:
    debug: true
  cluster:
    replicaCount: 1
    seedCount: 1
  persistence:
    enabled: true
-    storageClass: standard
+    storageClass: "hostpath"
-  creds:
+  replicaCount: 1
-    sslKeystorePassword: mypassword
+  cluster:
-    sslTruststorePassword: mypassword
+    name: TipWlanCluster
    seedCount: 1
    internodeEncryption: all
    clientEncryption: true
  exporter:
    enabled: false
    serviceMonitor:
      enabled: true
      additionalLabels:
        release: prometheus-operator
  dbUser:
    user: cassandra
    password: cassandra
  resources:
    limits: {}
    requests:
      cpu: 1
      memory: 3Gi
 postgresql:
  enabled: true
  postgresqlDatabase: tip
--- a/tip-wlan/templates/cassandra-dependencies.yaml
+++ b/tip-wlan/templates/cassandra-dependencies.yaml
@@ -0,0 +1,30 @@
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ .Release.Namespace }}-common-cassandra-certs
  namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
  truststore: {{ .Files.Get "resources/certs/truststore.jks" | b64enc }}
  truststore-password: {{ "mypassword" | b64enc }}
  keystore: {{ .Files.Get "resources/certs/cassandra_server_keystore.jks" | b64enc }}
  keystore-password: {{ "mypassword" | b64enc }}
  cassandraservercert.pem: {{ .Files.Get "resources/certs/cassandraservercert.pem" | b64enc }}
  cassandraserverkey_dec.pem: {{ .Files.Get "resources/certs/cassandraserverkey_dec.pem" | b64enc }}
 ---
 apiVersion: v1
 kind: Secret
 metadata:
  name: {{ .Release.Namespace }}-common-cassandra-client-certs
  namespace: {{ .Release.Namespace }}
 type: Opaque
 data:
  cacert.pem: {{ .Files.Get "resources/certs/cacert.pem" | b64enc }}
  cassandra_server_keystore.jks: {{ .Files.Get "resources/certs/cassandra_server_keystore.jks" | b64enc }}
  cassandraservercert.pem: {{ .Files.Get "resources/certs/cassandraservercert.pem" | b64enc }}
  cassandraserverkey_dec.pem: {{ .Files.Get "resources/certs/cassandraserverkey_dec.pem" | b64enc }}
  kafka-server.pkcs12: {{ .Files.Get "resources/certs/kafka-server.pkcs12" | b64enc }}
  truststore.jks: {{ .Files.Get "resources/certs/truststore.jks" | b64enc }}
  server.pkcs12: {{ .Files.Get "resources/certs/server.pkcs12" | b64enc }}
Author	SHA1	Message	Date
Gleb Boushev	12c8715136	fixing missing secrets and gitignore file	2020-12-01 11:37:44 +03:00
Gleb Boushev	9689a60173	cassandra initial commit	2020-11-24 10:20:57 +03:00
		`@@ -1 +0,0 @@`
			`Contains certs needed for this service to start. Please refer to page: https://telecominfraproject.atlassian.net/wiki/spaces/WIFI/pages/262176803/Pre-requisites+before+deploying+Tip-Wlan+solution`