blob: f594e41c0d47906cc9d2f597c7c9906cbe9fa280 [file] [log] [blame]
# Copyright (c) 2017 Amdocs, Bell Canada
# Modifications Copyright (c) 2018 AT&T
# Modifications Copyright (c) 2020 Nokia, Orange
# Modifications Copyright (c) 2021 Orange
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for aai.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global: # global defaults
nodePortPrefix: 302
repository: nexus3.onap.org:10001
dockerhubRepository: docker.io
busyboxImage: busybox
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
restartPolicy: Always
aafEnabled: true
msbEnabled: true
centralizedLoggingEnabled: true
cassandra:
#This will instantiate AAI cassandra cluster, default:shared cassandra.
localCluster: false
#Service Name of the cassandra cluster to connect to.
#Override it to aai-cassandra if localCluster is enabled.
serviceName: cassandra
#This should be same as shared cassandra instance or if localCluster is enabled
#then it should be same as aai-cassandra replicaCount
replicas: 3
#Cassanara login details
username: cassandra
password: cassandra
aai:
serviceName: aai
babel:
serviceName: aai-babel
aaiElasticsearch:
serviceName: aai-elasticsearch
resources:
serviceName: aai-resources
sparkyBe:
serviceName: aai-sparky-be
dataRouter:
serviceName: aai-data-router
gizmo:
serviceName: aai-gizmo
modelloader:
serviceName: aai-modelloader
searchData:
serviceName: aai-search-data
traversal:
serviceName: aai-traversal
graphadmin:
serviceName: aai-graphadmin
spike:
serviceName: aai-spike
initContainers:
enabled: true
# Specifies a list of jobs to be run
jobs:
# When enabled, it will create the schema based on oxm and edge rules
createSchema:
enabled: true
# When enabled, it will create the widget models via REST API to haproxy
updateQueryData:
enabled: true
#migration using helm hooks
migration:
enabled: false
remoteCassandra:
enabled: false
storage:
backend: cassandra
hostname: 10.10.10.10
connectionTimeout: 100000
cacheSize: 1000000
keyConsistent: true
#If backend is cql or cassandra it should be keyspace name
#else backend is hbase it should be hbase table name
name: aaigraph
## CQL driver specific properties for janusgraph
# cql:
# #Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: QUORUM
# writeConsistency: QUORUM
# replicationFactor: 3
# localConsistencyForSysOps: true
## Cassandra driver specific properties for janusgraph
cassandra:
#Name of the Cassandra Cluster
clusterName: aai-cluster
localDataCenter: Pod lab
readConsistency: LOCAL_QUORUM
writeConsistency: LOCAL_QUORUM
replicationFactor: 3
#storage:
# backend: cassandra
# hostname: somehost1,somehost2,somehost3
# connectionTimeout: 100000
# cacheSize: 1000000
# clusterName: someClusterName
# localDataCenter: someDataCenter
# keyConsistent: true
# #If backend is cql or cassandra it should be keyspace name
# #else backend is hbase it should be hbase table name
# name: your_hbase_table_or_keyspace_name
## CQL driver specific properties for janusgraph
# cql:
# #Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: QUORUM
# writeConsistency: QUORUM
# replicationFactor: 3
# localConsistencyForSysOps: true
## Cassandra driver specific properties for janusgraph
# cassandra:
# #Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: LOCAL_QUORUM
# writeConsistency: LOCAL_QUORUM
# replicationFactor: 3
# Common configuration for resources traversal and graphadmin
config:
# User information for the admin user in container
userId: 1000
groupId: 1000
# Specifies that the cluster connected to a dynamic
# cluster being spinned up by kubernetes deployment
cluster:
cassandra:
dynamic: true
# If cluster.cassandra.dynamic is set to false
# Then the following configuration should be uncommented
# This is if you are planning to connect to a existing
# Cassandra cluster instead of doing the deployment
#storage:
# backend: cassandra
# hostname: somehost1,somehost2,somehost3
# connectionTimeout: 100000
# cacheSize: 1000000
# clusterName: someClusterName
# localDataCenter: someDataCenter
# keyConsistent: true
# # If backend is cql or cassandra it should be keyspace name
# # else backend is hbase it should be hbase table name
# name: your_hbase_table_or_keyspace_name
# # CQL driver specific properties for janusgraph
# cql:
# # Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: QUORUM
# writeConsistency: QUORUM
# replicationFactor: 3
# localConsistencyForSysOps: true
# # Cassandra driver specific properties for janusgraph
# cassandra:
# # Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: LOCAL_QUORUM
# writeConsistency: LOCAL_QUORUM
# replicationFactor: 3
# Specifies if the basic authorization is enabled
basic:
auth:
enabled: true
username: AAI
passwd: AAI
# Active spring profiles for the resources microservice
# aaf-auth profile will be automatically set if aaf enabled is set to true
profiles:
active: production,dmaap #,aaf-auth
# Notification event specific properties
notification:
eventType: AAI-EVENT
domain: dev
# Schema specific properties that include supported versions of api
schema:
# Specifies if the connection should be one way ssl, two way ssl or no auth
# will be set to no-auth if tls is disabled
service:
client: one-way-ssl
# Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
translator:
list: schema-service
source:
# Specifies which folder to take a look at
name: onap
uri:
# Base URI Path of the application
base:
path: /aai
version:
# Current version of the REST API
api:
default: v27
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
# Specifies from which version related link should appear
related:
link: v11
# Specifies from which version the app root change happened
app:
root: v11
# Specifies from which version the xml namespace changed
namespace:
change: v12
# Specifies from which version the edge label appeared in API
edge:
label: v12
# Keystore configuration password and filename
keystore:
filename: aai_keystore
passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit
# Truststore configuration password and filename
truststore:
filename: aai_keystore
passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit
# Specifies a list of files to be included in auth volume
auth:
files:
- aai_keystore
# Specifies which clients should always default to realtime graph connection
realtime:
clients: SDNC,MSO,SO,robot-ete
# Logback debug enabled
logback:
console:
# If enabled, container will print all logback to standard output
# This will make debugging much easier but it should only be done
# when debugging the issue and changed back as it can affect performance
# since when this is enabled, it prints a lot of information to console
enabled: false
aai-babel:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-graphadmin:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-modelloader:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-resources:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-schema-service:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-sparky-be:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-traversal:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
#################################################################
# Certificate configuration
#################################################################
certInitializer:
nameOverride: aai-cert-initializer
aafDeployFqi: deployer@people.osaaf.org
aafDeployPass: demo123456!
# aafDeployCredsExternalSecret: some secret
fqdn: "aai"
app_ns: "org.osaaf.aaf"
fqi_namespace: "org.onap.aai"
fqi: "aai@aai.onap.org"
public_fqdn: "aaf.osaaf.org"
cadi_longitude: "0.0"
cadi_latitude: "0.0"
credsPath: /opt/app/osaaf/local
aaf_add_config: |
echo "*** transform AAF certs into pem files"
mkdir -p {{ .Values.credsPath }}/certs
keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \
-keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \
-alias ca_local_0 \
-storepass $cadi_truststore_password
openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
-nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
-passin pass:$cadi_keystore_password_p12 \
-passout pass:$cadi_keystore_password_p12
echo "*** generating needed file"
cat {{ .Values.credsPath }}/certs/cert.pem \
{{ .Values.credsPath }}/certs/cacert.pem \
{{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
> {{ .Values.credsPath }}/certs/fullchain.pem;
chown 1001 {{ .Values.credsPath }}/certs/*
# application image
dockerhubRepository: registry.hub.docker.com
image: aaionap/haproxy:1.4.2
pullPolicy: Always
flavor: small
flavorOverride: small
# flag to enable debugging - application support required
debugEnabled: false
# application configuration
config:
logstashServiceName: log-ls
logstashPort: 5044
# default number of instances
replicaCount: 1
updateStrategy:
type: RollingUpdate
maxUnavailable: 0
maxSurge: 1
nodeSelector: {}
affinity: {}
# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns
haproxy:
requestBlocking:
enabled: false
customConfigs: []
# probe configuration parameters
liveness:
initialDelaySeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
#This section is used when localCluster is enabled. AAI will create its own cassandra cluster for its specific use.
#Below command will instantiate the aai cassandra instances:
#helm deploy demo local/onap --version=4.0.0 --namespace onap --set aai.enabled=true \
# --set aai.global.cassandra.localCluster=true \
# --set aai.global.cassandra.serviceName=aai-cassandra
cassandra:
nameOverride: aai-cassandra
serviceAccount:
nameOverride: aai-cassandra
replicaCount: 3
service:
name: aai-cassandra
persistence:
mountSubPath: aai/cassandra
enabled: true
readiness:
initialDelaySeconds: 10
periodSeconds: 10
service:
type: NodePort
portName: http
externalPort: 8443
internalPort: 8443
nodePort: 33
externalPlainPort: 80
internalPlainPort: 8080
nodeport: 33
ingress:
enabled: false
service:
- baseaddr: "aai-api"
name: "aai"
port: 8443
plain_port: 80
config:
ssl: "redirect"
resources:
small:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 1
memory: 1Gi
large:
limits:
cpu: 4
memory: 8Gi
requests:
cpu: 2
memory: 2Gi
unlimited: {}
#Pods Service Account
serviceAccount:
nameOverride: aai
roles:
- read