Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 51900a9c4e6c8ccb632eceed37329cca797f3f31 / . / kubernetes / vid / values.yaml
blob: f2ca8143a37503c40bf5f9825bcc6d8aeb33fa09 [file] [log] [blame]
# Copyright © 2017 Amdocs, Bell Canada
# Copyright © 2020 Samsung Electronics
# Copyright © 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for vid.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global:
nodePortPrefix: 302
mariadbGalera: &mariadbGalera
#This flag allows VID to instantiate its own mariadb-galera cluster
localCluster: false
service: mariadb-galera
internalPort: 3306
nameOverride: mariadb-galera
centralizedLoggingEnabled: true
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- uid: vid-db-user-secret
name: &dbUserSecretName '{{ include "common.release" . }}-vid-db-user-secret'
type: basicAuth
externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.db.userName }}'
password: '{{ .Values.config.db.userPassword }}'
#################################################################
# AAF part
#################################################################
certInitializer:
nameOverride: vid-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
# aafDeployCredsExternalSecret: some secret
fqdn: vid
fqi: vid@vid.onap.org
public_fqdn: vid.onap.org
fqi_namespace: "org.onap.vid"
cadi_longitude: "0.0"
cadi_latitude: "0.0"
app_ns: org.osaaf.aaf
credsPath: /opt/app/osaaf/local
aaf_add_config: |
echo "*** retrieving password for keystore and trustore"
export $(/opt/app/aaf_config/bin/agent.sh local showpass \
{{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0)
if [ -z "$cadi_keystore_password" ]
then
echo " /!\ certificates retrieval failed"
exit 1
else
echo "*** changing them into shell safe ones"
export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
export TRUSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
cd {{ .Values.credsPath }}
keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
-storepass "${cadi_keystore_password_jks}" \
-keystore {{ .Values.fqi_namespace }}.jks
keytool -storepasswd -new "${TRUSTORE_PASSWD}" \
-storepass "${cadi_truststore_password}" \
-keystore {{ .Values.fqi_namespace }}.trust.jks
echo "*** set key password as same password as keystore password"
keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
-keystore {{ .Values.fqi_namespace }}.jks \
-keypass "${cadi_keystore_password_jks}" \
-storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
echo "*** save the generated passwords"
echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
echo "VID_TRUSTSTORE_PASSWORD=${TRUSTORE_PASSWD}" >> mycreds.prop
echo "*** change ownership of certificates to targeted user"
chown -R 1000 .
fi
subChartsOnly:
enabled: true
# application image
image: onap/vid:8.0.2
pullPolicy: Always
# application configuration
config:
db:
userName: vidadmin
# userCredentialsExternalSecret: some secret
# userPassword: password
asdcclientrestauth: "Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU="
asdcclientrestport: "8443"
vidaaiport: "8443"
onapport: "30225"
onapportrest: "8443"
portalhost: "portal.api.simpledemo.onap.org"
msoport: "8080"
vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz
msodme2serverurl: http://localhost:8081
vidcontactuslink: https://todo_contact_us_link.com
vidmysqlmaxconnections: "5"
logstashServiceName: log-ls
logstashPort: 5044
roleaccesscentralized: remote
mariadb-galera:
db:
# password:
externalSecret: *dbUserSecretName
name: &mysqlDbName vid_openecomp_epsdk
nameOverride: &vid-galera vid-galera
replicaCount: 3
persistence:
enabled: true
mountSubPath: vid/maria/data
externalConfig: |-
[mysqld]
lower_case_table_names = 1
serviceAccount:
nameOverride: *vid-galera
mariadb-init:
config:
userCredentialsExternalSecret: *dbUserSecretName
mysqlDatabase: *mysqlDbName
nameOverride: vid-mariadb-init
# A configMap of same name is created. It points to file that will be run after
# The DB has been created.
dbScriptConfigMap: '{{ include "common.release" . }}-vid-db-init'
# default number of instances
replicaCount: 1
nodeSelector: {}
affinity: {}
# probe configuration parameters
liveness:
initialDelaySeconds: 120
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 10
periodSeconds: 10
service:
type: NodePort
name: vid
portName: vid
externalPort: 8443
internalPort: 8443
nodePort: "00"
externalHttpPort: 8080
internalHttpPort: 8080
ingress:
enabled: false
service:
- baseaddr: "vid-ui"
name: "vid-http"
port: 8443
plain_port: 8080
config:
ssl: "redirect"
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)
resources:
small:
limits:
cpu: 200m
memory: 2Gi
requests:
cpu: 100m
memory: 1Gi
large:
limits:
cpu: 400m
memory: 4Gi
requests:
cpu: 200m
memory: 2Gi
unlimited: {}
# Log configuration
log:
path: /var/log/onap