| # Copyright (c) 2018 Amdocs, Bell Canada, AT&T |
| # Modifications Copyright (c) 2020 Nokia |
| # Modifications Copyright (c) 2021 Orange |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # Default values for traversal. |
| # This is a YAML-formatted file. |
| # Declare variables to be passed into your templates. |
| global: # global defaults |
| nodePortPrefix: 302 |
| aafEnabled: true |
| |
| cassandra: |
| #Service Name of the cassandra cluster to connect to. |
| #Override it to aai-cassandra if localCluster is enabled. |
| serviceName: cassandra |
| |
| # Specifies a list of jobs to be run |
| jobs: |
| # When enabled, it will create the schema based on oxm and edge rules |
| createSchema: |
| enabled: true |
| # When enabled, it will create the widget models via REST API to haproxy |
| updateQueryData: |
| enabled: true |
| #migration using helm hooks |
| migration: |
| enabled: false |
| |
| # Common configuration for resources traversal and graphadmin |
| config: |
| # User information for the admin user in container |
| userId: 1000 |
| groupId: 1000 |
| |
| # Specifies that the cluster connected to a dynamic |
| # cluster being spinned up by kubernetes deployment |
| cluster: |
| cassandra: |
| dynamic: true |
| |
| # Specifies if the basic authorization is enabled |
| basic: |
| auth: |
| enabled: true |
| username: AAI |
| passwd: AAI |
| |
| # Active spring profiles for the resources microservice |
| profiles: |
| active: production,dmaap,aaf-auth |
| |
| # Notification event specific properties |
| notification: |
| eventType: AAI-EVENT |
| domain: dev |
| |
| # Schema specific properties that include supported versions of api |
| schema: |
| # Specifies if the connection should be one way ssl, two way ssl or no auth |
| service: |
| client: one-way-ssl |
| # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service |
| translator: |
| list: schema-service |
| source: |
| # Specifies which folder to take a look at |
| name: onap |
| uri: |
| # Base URI Path of the application |
| base: |
| path: /aai |
| version: |
| # Current version of the REST API |
| api: |
| default: v21 |
| # Specifies which version the depth parameter is configurable |
| depth: v11 |
| # List of all the supported versions of the API |
| list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21 |
| # Specifies from which version related link should appear |
| related: |
| link: v11 |
| # Specifies from which version the app root change happened |
| app: |
| root: v11 |
| # Specifies from which version the xml namespace changed |
| namespace: |
| change: v12 |
| # Specifies from which version the edge label appeared in API |
| edge: |
| label: v12 |
| |
| # Specifies which clients should always default to realtime graph connection |
| realtime: |
| clients: SDNC,MSO,SO,robot-ete |
| |
| ################################################################# |
| # Certificate configuration |
| ################################################################# |
| certInitializer: |
| nameOverride: aai-traversal-cert-initializer |
| aafDeployFqi: deployer@people.osaaf.org |
| aafDeployPass: demo123456! |
| # aafDeployCredsExternalSecret: some secret |
| fqdn: aai-traversal |
| fqi: aai-traversal@aai-traversal.onap.org |
| public_fqdn: aai-traversal.onap.org |
| cadi_longitude: "0.0" |
| cadi_latitude: "0.0" |
| app_ns: org.osaaf.aaf |
| credsPath: /opt/app/osaaf/local |
| fqi_namespace: org.onap.aai-traversal |
| aaf_add_config: | |
| echo "*** changing them into shell safe ones" |
| export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| cd {{ .Values.credsPath }} |
| keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ |
| -storepass "${cadi_keystore_password_p12}" \ |
| -keystore {{ .Values.fqi_namespace }}.p12 |
| keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \ |
| -storepass "${cadi_truststore_password}" \ |
| -keystore {{ .Values.fqi_namespace }}.trust.jks |
| echo "*** set key password as same password as keystore password" |
| keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \ |
| -keystore {{ .Values.fqi_namespace }}.p12 \ |
| -keypass "${cadi_keystore_password_p12}" \ |
| -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }} |
| echo "*** save the generated passwords" |
| echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop |
| echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop |
| echo "*** change ownership of certificates to targeted user" |
| chown -R 1000 {{ .Values.credsPath }} |
| |
| # application image |
| image: onap/aai-traversal:1.8.0 |
| pullPolicy: Always |
| restartPolicy: Always |
| flavor: small |
| flavorOverride: small |
| |
| api_list: |
| - 11 |
| - 12 |
| - 13 |
| - 14 |
| - 15 |
| - 16 |
| - 17 |
| - 18 |
| - 19 |
| |
| aai_enpoints: |
| - name: aai-generic-query |
| url: search/generic-query |
| - name: aai-nodes-query |
| url: search/nodes-query |
| - name: aai-nquery |
| url: query |
| |
| # application configuration |
| config: |
| |
| # Specifies timeout information such as application specific and limits |
| timeout: |
| # If set to true application will timeout for queries taking longer than limit |
| enabled: true |
| # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout |
| appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1 |
| # Specifies how long should it wait before timing out the REST request |
| limit: 180000 |
| |
| # Disables the updateQueryData script to run as part of traversal |
| disableUpdateQuery: true |
| |
| # Override of the DSL Timeout Limit |
| dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA' |
| |
| dsl: |
| # Dsl timeout configuration |
| timeout: |
| # Whether or not the dsl is enabled |
| enabled: true |
| # Default time limit of the DSL query |
| limit: 150000 |
| # App Specific Timeout Limit for each of the X-FromAppId |
| appspecific: |
| - JUNITTESTAPP1,1 |
| - JUNITTESTAPP2,-1 |
| - AAI-TOOLS,-1 |
| - DCAE-CCS,1200000 |
| - DCAES,1200000 |
| - VPESAT,-1 |
| - AAI-CACHER,-1 |
| - VidAaiController,300000 |
| - AAI-UI,180000 |
| |
| persistence: |
| mountPath: /dockerdata-nfs |
| mountSubPath: aai/aai-traversal |
| |
| # default number of instances |
| replicaCount: 1 |
| |
| nodeSelector: {} |
| |
| affinity: {} |
| |
| # probe configuration parameters |
| liveness: |
| initialDelaySeconds: 60 |
| periodSeconds: 60 |
| # necessary to disable liveness probe when setting breakpoints |
| # in debugger so K8s doesn't restart unresponsive container |
| enabled: false |
| |
| readiness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| |
| service: |
| type: ClusterIP |
| portName: aai-traversal-8446 |
| internalPort: 8446 |
| portName2: aai-traversal-5005 |
| internalPort2: 5005 |
| |
| ingress: |
| enabled: false |
| |
| # Configure resource requests and limits |
| # ref: http://kubernetes.io/docs/user-guide/compute-resources/ |
| resources: |
| small: |
| limits: |
| cpu: 2 |
| memory: 4Gi |
| requests: |
| cpu: 1 |
| memory: 3Gi |
| large: |
| limits: |
| cpu: 4 |
| memory: 8Gi |
| requests: |
| cpu: 2 |
| memory: 4Gi |
| unlimited: {} |