Initial Commit for subscriber provision helm chart.
This will be used in 4G as well as 5G
Change-Id: I607b6230823e6de7c909be27b22d911f917aa55b
diff --git a/omec/omec-sub-provision/Chart.yaml b/omec/omec-sub-provision/Chart.yaml
new file mode 100644
index 0000000..0db7314
--- /dev/null
+++ b/omec/omec-sub-provision/Chart.yaml
@@ -0,0 +1,11 @@
+---
+# Copyright 2020-present Open Networking Foundation
+#
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+
+apiVersion: v2
+description: Mobile Sim Provisioning services
+name: omec-sub-provision
+icon: https://guide.opencord.org/logos/cord.svg
+
+version: 0.0.1
diff --git a/omec/omec-sub-provision/templates/NOTES.txt b/omec/omec-sub-provision/templates/NOTES.txt
new file mode 100644
index 0000000..b7e5000
--- /dev/null
+++ b/omec/omec-sub-provision/templates/NOTES.txt
@@ -0,0 +1,9 @@
+{{- /*
+
+# Copyright 2020-present Open Networking Foundation
+#
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+
+*/ -}}
+
+Notes - Instructions to use SIM provision application helm charts
diff --git a/omec/omec-sub-provision/templates/_helpers.tpl b/omec/omec-sub-provision/templates/_helpers.tpl
new file mode 100644
index 0000000..706fcce
--- /dev/null
+++ b/omec/omec-sub-provision/templates/_helpers.tpl
@@ -0,0 +1,115 @@
+{{- /*
+
+# Copyright 2020-present Open Networking Foundation
+#
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+
+*/ -}}
+
+{{/*
+Renders a set of standardised labels
+*/}}
+{{- define "omec-sub-provision.metadata_labels" -}}
+{{- $application := index . 0 -}}
+{{- $context := index . 1 -}}
+release: {{ $context.Release.Name }}
+app: {{ $application }}
+{{- end -}}
+
+{{/*
+Render the given template.
+*/}}
+{{- define "omec-sub-provision.template" -}}
+{{- $name := index . 0 -}}
+{{- $context := index . 1 -}}
+{{- $last := base $context.Template.Name }}
+{{- $wtf := $context.Template.Name | replace $last $name -}}
+{{ include $wtf $context }}
+{{- end -}}
+
+{{/*
+Render ServiceAccount, Role, and RoleBinding required for kubernetes-entrypoint.
+*/}}
+{{- define "omec-sub-provision.service_account" -}}
+{{- $context := index . 1 -}}
+{{- $saName := index . 0 -}}
+{{- $saNamespace := $context.Release.Namespace }}
+---
+apiVersion: v1
+kind: ServiceAccount
+metadata:
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+ labels:
+{{ tuple $saName $context | include "omec-sub-provision.metadata_labels" | indent 4 }}
+---
+{{- if semverCompare ">=1.16-0" $context.Capabilities.KubeVersion.GitVersion }}
+apiVersion: rbac.authorization.k8s.io/v1
+{{- else }}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+{{- end }}
+kind: RoleBinding
+metadata:
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+ labels:
+{{ tuple $saName $context | include "omec-sub-provision.metadata_labels" | indent 4 }}
+roleRef:
+ apiGroup: rbac.authorization.k8s.io
+ kind: Role
+ name: {{ $saName }}
+subjects:
+ - kind: ServiceAccount
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+---
+{{- if semverCompare ">=1.16-0" $context.Capabilities.KubeVersion.GitVersion }}
+apiVersion: rbac.authorization.k8s.io/v1
+{{- else }}
+apiVersion: rbac.authorization.k8s.io/v1beta1
+{{- end }}
+kind: Role
+metadata:
+ name: {{ $saName }}
+ namespace: {{ $saNamespace }}
+ labels:
+{{ tuple $saName $context | include "omec-sub-provision.metadata_labels" | indent 4 }}
+rules:
+ - apiGroups:
+ - ""
+ - extensions
+ - batch
+ - apps
+ verbs:
+ - get
+ - list
+ - patch
+ resources:
+ - statefulsets
+ - daemonsets
+ - jobs
+ - pods
+ - services
+ - endpoints
+ - configmaps
+{{- end -}}
+
+{{/*
+Render init container for coredump.
+*/}}
+{{- define "omec-sub-provision.coredump_init" -}}
+{{- $pod := index . 0 -}}
+{{- $context := index . 1 -}}
+- name: {{ $pod }}-coredump-init
+ image: {{ $context.Values.images.tags.init | quote }}
+ imagePullPolicy: {{ $context.Values.images.pullPolicy }}
+ securityContext:
+ privileged: true
+ runAsUser: 0
+ command: ["bash", "-xc"]
+ args:
+ - echo '/tmp/coredump/core.%h.%e.%t' > /mnt/host-rootfs/proc/sys/kernel/core_pattern
+ volumeMounts:
+ - name: host-rootfs
+ mountPath: /mnt/host-rootfs
+{{- end -}}
diff --git a/omec/omec-sub-provision/templates/bin/_simapp-run.sh.tpl b/omec/omec-sub-provision/templates/bin/_simapp-run.sh.tpl
new file mode 100644
index 0000000..1f6ec76
--- /dev/null
+++ b/omec/omec-sub-provision/templates/bin/_simapp-run.sh.tpl
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+# Copyright 2020-present Open Networking Foundation
+#
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+
+set -xe
+
+{{- if .Values.config.coreDump.enabled }}
+cp /simapp/bin/simapp /tmp/coredump/
+{{- end }}
+
+cd /simapp
+cat config/simapp.yaml
+
+./bin/simapp -simapp config/simapp.yaml
diff --git a/omec/omec-sub-provision/templates/configmap-simapp.yaml b/omec/omec-sub-provision/templates/configmap-simapp.yaml
new file mode 100644
index 0000000..50229a3
--- /dev/null
+++ b/omec/omec-sub-provision/templates/configmap-simapp.yaml
@@ -0,0 +1,24 @@
+{{/*
+# Copyright 2020-present Open Networking Foundation
+
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+*/}}
+
+{{- if .Values.config.simapp.deploy }}
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: simapp
+ labels:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 4 }}
+data:
+ simapp-run.sh: |
+{{ tuple "bin/_simapp-run.sh.tpl" . | include "omec-sub-provision.template" | indent 4 }}
+{{- if not .Values.config.useExistingConfigMap -}}
+{{- range $key, $value := .Values.config.simapp.cfgFiles }}
+ {{ $key }}: |-
+{{ toYaml $value | indent 4 }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/omec/omec-sub-provision/templates/deployment-simapp.yaml b/omec/omec-sub-provision/templates/deployment-simapp.yaml
new file mode 100644
index 0000000..5732f75
--- /dev/null
+++ b/omec/omec-sub-provision/templates/deployment-simapp.yaml
@@ -0,0 +1,93 @@
+{{/*
+# Copyright 2020-present Open Networking Foundation
+
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+*/}}
+
+{{- if .Values.config.simapp.deploy }}
+{{ tuple "simapp" . | include "omec-sub-provision.service_account" }}
+---
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+ name: simapp
+ labels:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 4 }}
+spec:
+ replicas: 1
+ #serviceName: simapp-headless
+ selector:
+ matchLabels:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 6 }}
+ template:
+ metadata:
+ labels:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 8 }}
+ {{- with .Values.config.simapp.podAnnotations }}
+ annotations:
+ helm.sh/hook: pre-install
+ helm.sh/hook-weight: "5"
+ {{- toYaml . | nindent 8 }}
+ {{- end }}
+ spec:
+ serviceAccountName: simapp
+ {{- if hasKey .Values.images "pullSecrets" }}
+ imagePullSecrets:
+{{ toYaml .Values.images.pullSecrets | indent 8 }}
+ {{- end }}
+ initContainers:
+ - name: wait-simapp-module2
+ image: {{ .Values.images.tags.init | quote }}
+ imagePullPolicy: {{ .Values.images.pullPolicy }}
+ command: ['sh', '-c', 'until nslookup simapp; do echo waiting for simapp; sleep 4; done;']
+ {{- if .Values.config.coreDump.enabled }}
+{{ tuple "simapp" . | include "omec-sub-provision.coredump_init" | indent 6 }}
+ {{- end }}
+ containers:
+ - name: simapp
+ image: {{ .Values.images.tags.simapp }}
+ imagePullPolicy: {{ .Values.images.pullPolicy }}
+ {{- if .Values.config.coreDump.enabled }}
+ securityContext:
+ runAsUser: 0
+ {{- end }}
+ stdin: true
+ tty: true
+ command: ["/simapp/script/simapp-run.sh"]
+ env:
+ - name: POD_IP
+ valueFrom:
+ fieldRef:
+ fieldPath: status.podIP
+ {{- if .Values.resources.enabled }}
+ resources:
+{{ toYaml .Values.resources.simapp | indent 10 }}
+ {{- end }}
+ volumeMounts:
+ - name: run-script
+ mountPath: /simapp/script/simapp-run.sh
+ subPath: simapp-run.sh
+ - name: nf-config
+ mountPath: /simapp/config
+ {{- if .Values.config.coreDump.enabled }}
+ - name: coredump
+ mountPath: /tmp/coredump
+ {{- end }}
+ volumes:
+ - name: run-script
+ configMap:
+ name: simapp
+ defaultMode: 493
+ - name: nf-config
+ configMap:
+ name: simapp
+ defaultMode: 493
+ {{- if .Values.config.coreDump.enabled }}
+ - name: host-rootfs
+ hostPath:
+ path: /
+ - name: coredump
+ hostPath:
+ path: {{ .Values.config.coreDump.path }}
+ {{- end }}
+{{- end }}
diff --git a/omec/omec-sub-provision/templates/service-simapp.yaml b/omec/omec-sub-provision/templates/service-simapp.yaml
new file mode 100644
index 0000000..ab91f83
--- /dev/null
+++ b/omec/omec-sub-provision/templates/service-simapp.yaml
@@ -0,0 +1,43 @@
+{{/*
+# Copyright 2020-present Open Networking Foundation
+
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+*/}}
+
+{{- if .Values.config.simapp.deploy }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: simapp
+ labels:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 4 }}
+spec:
+ type: ClusterIP
+ selector:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 4 }}
+ ports:
+ - name: prometheus-exporter
+ port: {{ .Values.config.simapp.prometheus.port }}
+ protocol: TCP
+{{- if .Values.config.simapp.prometheus.nodePort.enabled }}
+---
+apiVersion: v1
+kind: Service
+metadata:
+ name: simapp-external
+ labels:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 4 }}
+spec:
+ type: NodePort
+ selector:
+{{ tuple "simapp" . | include "omec-sub-provision.metadata_labels" | indent 4 }}
+ ports:
+{{- if .Values.config.simapp.prometheus.nodePort.enabled }}
+ - name: prometheus-exporter
+ port: {{ .Values.config.simapp.prometheus.port }}
+ protocol: TCP
+ nodePort: {{ .Values.config.simapp.prometheus.nodePort.port }}
+{{- end }}
+{{- end }}
+{{- end }}
diff --git a/omec/omec-sub-provision/values.yaml b/omec/omec-sub-provision/values.yaml
new file mode 100644
index 0000000..d0bdff0
--- /dev/null
+++ b/omec/omec-sub-provision/values.yaml
@@ -0,0 +1,94 @@
+# Copyright 2020-present Open Networking Foundation
+#
+# SPDX-License-Identifier: LicenseRef-ONF-Member-Only-1.0
+
+images:
+ tags:
+ init: docker.io/omecproject/pod-init:1.0.0
+ simapp: docker.io/ajaythakuronf/simapp:0.0.1-dev
+ pullPolicy: IfNotPresent
+ # Optionally specify an array of imagePullSecrets.
+ # Secrets must be manually created in the namespace.
+ pullSecrets:
+ - name: aether.registry
+
+resources:
+ enabled: false
+ simapp:
+ requests:
+ cpu: 1
+ memory: 1Gi
+ limits:
+ cpu: 1
+ memory: 1Gi
+
+config:
+ coreDump:
+ enabled: false
+ path: /tmp/coredump
+ simapp:
+ deploy: true
+ podAnnotations:
+ field.cattle.io/workloadMetrics: '[{"path":"/metrics","port":9089,"schema":"HTTP"}]'
+ prometheus:
+ port: 9089
+ nodePort:
+ enabled: false
+ port: 30080
+ cfgFiles:
+ simapp.yaml:
+ info:
+ version: 1.0.0
+ description: SIMAPP initial local configuration
+ logger:
+ # network function
+ APP:
+ debugLevel: info
+ ReportCaller: false
+ configuration:
+ provision-network-slice: false
+ device-groups:
+ - name: "iot-camera"
+ imsis:
+ - "123456789123456"
+ - "123456789123457"
+ ip-domain-name: "pool1"
+ ip-domain-expanded:
+ dnn: internet
+ dns-primary: "8.8.8.8"
+ mtu: 1460
+ ue-ip-pool: "10.91.0.0/16"
+ site-info: "menlo"
+ network-slices:
+ - name: "slice1"
+ slice-id:
+ sd: 65565
+ sst: 255
+ site-device-group:
+ - "iot-camera"
+ applications-information:
+ - app-name: "iot-app"
+ end-port: 40000
+ endpoint: "1.1.1.1/32"
+ protocol: 17
+ start-port: 40000
+ deny-applications:
+ - "iot-app-deny"
+ permit-applications:
+ - "iot-app1-permit"
+ - "iot-app2-permit"
+ qos:
+ downlink: 20000000
+ traffic-class: "platinum"
+ uplink: 4000000
+ site-info:
+ gNodeBs:
+ - name: "menlo-gnb1"
+ tac: 1
+ plmn:
+ mcc: "315"
+ mnc: "010"
+ site-name: "menlo"
+ upf:
+ upf-name: "upf.menlo.aetherproject.org"
+ upf-port: 8805