Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 51900a9c4e6c8ccb632eceed37329cca797f3f31 / . / kubernetes / appc / values.yaml
blob: d224030db39ede46a6ff8736067dd62da3571875 [file] [log] [blame]
# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration defaults.
#################################################################
global:
nodePortPrefix: 302
centralizedLoggingEnabled: false
persistence:
mountPath: /dockerdata-nfs
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- uid: "db-root-pass"
name: '{{ include "common.release" . }}-appc-db-root-pass'
externalSecret: '{{ .Values.config.dbRootPassExternalSecret }}'
type: password
password: '{{ .Values.config.dbRootPass }}'
- uid: 'appcdb-user-creds'
name: '{{ include "common.release" . }}-appcdb-user-creds'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.appcdb.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.appcdb.userName }}'
password: '{{ .Values.config.appcdb.password }}'
- uid: 'sdncdb-user-creds'
name: '{{ include "common.release" . }}-sdncdb-user-creds'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.sdncdb.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.sdncdb.userName }}'
password: '{{ .Values.config.sdncdb.password }}'
#################################################################
# Application configuration defaults.
#################################################################
flavor: small
# application image
image: onap/appc-image:1.7.2
pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
# log configuration
log:
path: /var/log/onap
# application configuration
config:
# dbRootPassExternalSecret: some secret
# dbRootPass: password
appcdb:
# Warning: changing this config option may not work.
# It seems that the DB name is hardcoded.
dbName: appcctl
userName: appcctl
# password: appcctl
# userCredsExternalSecret: some secret
sdncdb:
# Warning: changing this config option may not work.
# It seems that the DB name is hardcoded.
dbName: sdnctl
userName: sdnctl
# password: gamma
# userCredsExternalSecret: some secret
odlUid: 100
odlGid: 101
ansibleServiceName: appc-ansible-server
ansiblePort: 8000
mariadbGaleraSVCName: &appc-db appc-db
mariadbGaleraContName: *appc-db
enableAAF: true
enableClustering: false
configDir: /opt/onap/appc/data/properties
dmaapTopic: SUCCESS
dmaapTopicEnv: AUTO
logstashServiceName: log-ls
logstashPort: 5044
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
openStackType: OpenStackProvider
openStackName: OpenStack
openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html
openStackServiceTenantName: default
openStackDomain: default
openStackUserName: admin
openStackEncryptedPassword: enc:LDEbHEAvTF1R
odlUser: admin
dmaapServiceUrl: http://localhost:8080/publish
dmaapServiceUser: appc
dmaapServicePassword: onapappc
appc-ansible-server:
enabled: true
service:
name: appc-ansible-server
internalPort: 8000
config:
mysqlServiceName: *appc-db
appc-cdt:
enabled: true
mariadb-galera:
nameOverride: *appc-db
rootUser:
externalSecret: '{{ include "common.release" . }}-appc-db-root-pass'
service:
name: *appc-db
nfsprovisionerPrefix: appc
sdnctlPrefix: appc
persistence:
mountSubPath: appc/data
enabled: true
disableNfsProvisioner: true
serviceAccount:
nameOverride: *appc-db
replicaCount: 1
mariadbConfiguration: |-
[client]
port=3306
socket=/opt/bitnami/mariadb/tmp/mysql.sock
plugin_dir=/opt/bitnami/mariadb/plugin
[mysqld]
lower_case_table_names = 1
default_storage_engine=InnoDB
basedir=/opt/bitnami/mariadb
datadir=/bitnami/mariadb/data
plugin_dir=/opt/bitnami/mariadb/plugin
tmpdir=/opt/bitnami/mariadb/tmp
socket=/opt/bitnami/mariadb/tmp/mysql.sock
pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
bind_address=0.0.0.0
## Character set
collation_server=utf8_unicode_ci
init_connect='SET NAMES utf8'
character_set_server=utf8
## MyISAM
key_buffer_size=32M
myisam_recover_options=FORCE,BACKUP
## Safety
skip_host_cache
skip_name_resolve
max_allowed_packet=16M
max_connect_errors=1000000
sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE
sysdate_is_now=1
## Binary Logging
log_bin=mysql-bin
expire_logs_days=14
# Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
sync_binlog=0
# Required for Galera
binlog_format=row
## Caches and Limits
tmp_table_size=32M
max_heap_table_size=32M
# Re-enabling as now works with Maria 10.1.2
query_cache_type=1
query_cache_limit=4M
query_cache_size=256M
max_connections=500
thread_cache_size=50
open_files_limit=65535
table_definition_cache=4096
table_open_cache=4096
## InnoDB
innodb=FORCE
innodb_strict_mode=1
# Mandatory per https://github.com/codership/documentation/issues/25
innodb_autoinc_lock_mode=2
# Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
innodb_doublewrite=1
innodb_flush_method=O_DIRECT
innodb_log_files_in_group=2
innodb_log_file_size=128M
innodb_flush_log_at_trx_commit=1
innodb_file_per_table=1
# 80% Memory is default reco.
# Need to re-evaluate when DB size grows
innodb_buffer_pool_size=2G
innodb_file_format=Barracuda
## Logging
log_error=/opt/bitnami/mariadb/logs/mysqld.log
slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
log_queries_not_using_indexes=1
slow_query_log=1
## SSL
## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
# ssl_ca=/certs/ca.pem
# ssl_cert=/certs/server-cert.pem
# ssl_key=/certs/server-key.pem
[galera]
wsrep_on=ON
wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
wsrep_sst_method=mariabackup
wsrep_slave_threads=4
wsrep_cluster_address=gcomm://
wsrep_cluster_name=galera
wsrep_sst_auth="root:"
# Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
innodb_flush_log_at_trx_commit=2
# MYISAM REPLICATION SUPPORT #
wsrep_replicate_myisam=ON
binlog_format=row
default_storage_engine=InnoDB
innodb_autoinc_lock_mode=2
transaction-isolation=READ-COMMITTED
wsrep_causal_reads=1
wsrep_sync_wait=7
[mariadb]
plugin_load_add=auth_pam
## Data-at-Rest Encryption
## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
# plugin_load_add=file_key_management
# file_key_management_filename=/encryption/keyfile.enc
# file_key_management_filekey=FILE:/encryption/keyfile.key
# file_key_management_encryption_algorithm=AES_CTR
# encrypt_binlog=ON
# encrypt_tmp_files=ON
## InnoDB/XtraDB Encryption
# innodb_encrypt_tables=ON
# innodb_encrypt_temporary_tables=ON
# innodb_encrypt_log=ON
# innodb_encryption_threads=4
# innodb_encryption_rotate_key_age=1
## Aria Encryption
# aria_encrypt_tables=ON
# encrypt_tmp_disk_tables=ON
dgbuilder:
nameOverride: appc-dgbuilder
certInitializer:
nameOverride: appc-dgbuilder-cert-initializer
config:
db:
rootPasswordExternalSecret: '{{ include "common.release" . }}-appc-db-root-pass'
userCredentialsExternalSecret: '{{ include "common.release" . }}-sdncdb-user-creds'
dbPodName: *appc-db
dbServiceName: *appc-db
service:
name: appc-dgbuilder
serviceAccount:
nameOverride: appc-dgbuilder
ingress:
enabled: false
service:
- baseaddr: "appc-dgbuilder"
name: "appc-dgbuilder"
port: 3000
config:
ssl: "redirect"
#passing value to cdt chart. value of nodePort3 will be same as appc.service.nodePort3.
appc-cdt:
nodePort3: 11
# default number of instances
replicaCount: 1
nodeSelector: {}
affinity: {}
# probe configuration parameters
liveness:
initialDelaySeconds: 300
periodSeconds: 60
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 300
periodSeconds: 60
service:
type: NodePort
name: appc
portName: appc
internalPort: 8443
externalPort: 8443
nodePort: 30
externalPort2: 1830
nodePort2: 31
clusterPort: 2550
internalPort3: 9191
externalPort3: 9090
nodePort3: 11
## Persist data to a persitent volume
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
volumeReclaimPolicy: Retain
## database data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: appc/mdsal
mdsalPath: /opt/opendaylight/current/daexim
ingress:
enabled: false
service:
- baseaddr: "appc-api"
name: "appc"
port: 8443
plain_port: 1830
config:
ssl: "redirect"
# Configure resource requests and limits
# ref: http://kubernetes.io/docs/user-guide/compute-resources/
resources:
small:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 1
memory: 2Gi
large:
limits:
cpu: 4
memory: 8Gi
requests:
cpu: 2
memory: 4Gi
unlimited: {}