| # Copyright © 2020 Samsung Electronics |
| # Copyright © 2019 Orange, Bell Canada |
| # Copyright © 2017 Amdocs, Bell Canada |
| # Modification Copyright © 2022 Nordix Foundation |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| ################################################################# |
| # Global configuration defaults. |
| ################################################################# |
| global: |
| nodePortPrefix: 302 |
| nodePortPrefixExt: 304 |
| persistence: |
| mountPath: /dockerdata-nfs |
| cdsKafkaUser: cds-kafka-user |
| |
| ################################################################# |
| # Secrets metaconfig |
| ################################################################# |
| secrets: |
| - name: &dbUserSecretName '{{ include "common.release" . }}-cds-db-secret' |
| uid: 'cds-db-secret' |
| type: basicAuth |
| externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "cds-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}' |
| login: '{{ index .Values "mariadb-galera" "db" "user" }}' |
| password: '{{ index .Values "mariadb-galera" "db" "password" }}' |
| |
| ################################################################# |
| # Application configuration defaults. |
| ################################################################# |
| # application images |
| pullPolicy: Always |
| |
| |
| subChartsOnly: |
| enabled: true |
| |
| # flag to enable debugging - application support required |
| debugEnabled: false |
| |
| # default number of instances |
| replicaCount: 1 |
| |
| nodeSelector: {} |
| |
| affinity: {} |
| |
| # probe configuration parameters |
| liveness: |
| initialDelaySeconds: 20 |
| periodSeconds: 20 |
| timeoutSeconds: 20 |
| # necessary to disable liveness probe when setting breakpoints |
| # in debugger so K8s doesn't restart unresponsive container |
| enabled: true |
| |
| readiness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| |
| ingress: |
| enabled: false |
| |
| mariadb-galera: |
| db: |
| user: sdnctl |
| # password: |
| externalSecret: *dbUserSecretName |
| name: &mysqlDbName sdnctl |
| nameOverride: &dbServer cds-db |
| replicaCount: 1 |
| persistence: |
| enabled: true |
| mountSubPath: cds/data |
| serviceAccount: |
| nameOverride: *dbServer |
| |
| mariadbConfiguration: |- |
| [client] |
| port=3306 |
| socket=/opt/bitnami/mariadb/tmp/mysql.sock |
| plugin_dir=/opt/bitnami/mariadb/plugin |
| |
| [mysqld] |
| lower_case_table_names = 1 |
| default_storage_engine=InnoDB |
| basedir=/opt/bitnami/mariadb |
| datadir=/bitnami/mariadb/data |
| plugin_dir=/opt/bitnami/mariadb/plugin |
| tmpdir=/opt/bitnami/mariadb/tmp |
| socket=/opt/bitnami/mariadb/tmp/mysql.sock |
| pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid |
| bind_address=0.0.0.0 |
| |
| ## Character set |
| collation_server=utf8_unicode_ci |
| init_connect='SET NAMES utf8' |
| character_set_server=utf8 |
| |
| ## MyISAM |
| key_buffer_size=32M |
| myisam_recover_options=FORCE,BACKUP |
| |
| ## Safety |
| skip_host_cache |
| skip_name_resolve |
| max_allowed_packet=16M |
| max_connect_errors=1000000 |
| sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY |
| sysdate_is_now=1 |
| |
| ## Binary Logging |
| log_bin=mysql-bin |
| expire_logs_days=14 |
| # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql |
| sync_binlog=0 |
| # Required for Galera |
| binlog_format=row |
| |
| ## Caches and Limits |
| tmp_table_size=32M |
| max_heap_table_size=32M |
| # Re-enabling as now works with Maria 10.1.2 |
| query_cache_type=1 |
| query_cache_limit=4M |
| query_cache_size=256M |
| max_connections=500 |
| thread_cache_size=50 |
| open_files_limit=65535 |
| table_definition_cache=4096 |
| table_open_cache=4096 |
| |
| ## InnoDB |
| innodb=FORCE |
| innodb_strict_mode=1 |
| # Mandatory per https://github.com/codership/documentation/issues/25 |
| innodb_autoinc_lock_mode=2 |
| # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/ |
| innodb_doublewrite=1 |
| innodb_flush_method=O_DIRECT |
| innodb_log_files_in_group=2 |
| innodb_log_file_size=128M |
| innodb_flush_log_at_trx_commit=1 |
| innodb_file_per_table=1 |
| # 80% Memory is default reco. |
| # Need to re-evaluate when DB size grows |
| innodb_buffer_pool_size=2G |
| innodb_file_format=Barracuda |
| |
| ## Logging |
| log_error=/opt/bitnami/mariadb/logs/mysqld.log |
| slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log |
| log_queries_not_using_indexes=1 |
| slow_query_log=1 |
| |
| ## SSL |
| ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem |
| # ssl_ca=/certs/ca.pem |
| # ssl_cert=/certs/server-cert.pem |
| # ssl_key=/certs/server-key.pem |
| |
| [galera] |
| wsrep_on=ON |
| wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so |
| wsrep_sst_method=mariabackup |
| wsrep_slave_threads=4 |
| wsrep_cluster_address=gcomm:// |
| wsrep_cluster_name=galera |
| wsrep_sst_auth="root:" |
| # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit |
| innodb_flush_log_at_trx_commit=2 |
| # MYISAM REPLICATION SUPPORT # |
| wsrep_replicate_myisam=ON |
| |
| [mariadb] |
| plugin_load_add=auth_pam |
| |
| ## Data-at-Rest Encryption |
| ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem |
| # plugin_load_add=file_key_management |
| # file_key_management_filename=/encryption/keyfile.enc |
| # file_key_management_filekey=FILE:/encryption/keyfile.key |
| # file_key_management_encryption_algorithm=AES_CTR |
| # encrypt_binlog=ON |
| # encrypt_tmp_files=ON |
| |
| ## InnoDB/XtraDB Encryption |
| # innodb_encrypt_tables=ON |
| # innodb_encrypt_temporary_tables=ON |
| # innodb_encrypt_log=ON |
| # innodb_encryption_threads=4 |
| # innodb_encryption_rotate_key_age=1 |
| |
| ## Aria Encryption |
| # aria_encrypt_tables=ON |
| # encrypt_tmp_disk_tables=ON |
| |
| cds-blueprints-processor: |
| enabled: true |
| config: |
| cdsDB: |
| dbServer: *dbServer |
| dbPort: 3306 |
| dbName: *mysqlDbName |
| dbCredsExternalSecret: *dbUserSecretName |
| jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafkaUser }}' |
| |
| cds-command-executor: |
| enabled: true |
| |
| cds-py-executor: |
| enabled: true |
| |
| cds-sdc-listener: |
| enabled: true |
| |
| cds-ui: |
| enabled: true |
| |
| |
| #Resource Limit flavor -By Default using small |
| flavor: small |
| #segregation for different envionment (Small and Large) |
| |
| resources: |
| small: |
| limits: |
| cpu: 2 |
| memory: 4Gi |
| requests: |
| cpu: 1 |
| memory: 2Gi |
| large: |
| limits: |
| cpu: 4 |
| memory: 8Gi |
| requests: |
| cpu: 2 |
| memory: 4Gi |
| unlimited: {} |