| # Copyright © 2018 Amdocs, Bell Canada , ZTE |
| # Copyright © 2021 Orange |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| ################################################################# |
| # Global configuration defaults. |
| ################################################################# |
| global: |
| nodePortPrefix: 302 |
| |
| ################################################################# |
| # AAF part |
| ################################################################# |
| certInitializer: |
| nameOverride: msb-iag-cert-initializer |
| aafDeployFqi: deployer@people.osaaf.org |
| aafDeployPass: demo123456! |
| # aafDeployCredsExternalSecret: some secret |
| fqdn: msb-iag |
| fqi: msb-iag@msb-iag.onap.org |
| fqi_namespace: org.onap.msb-iag |
| public_fqdn: msb-iag.onap.org |
| cadi_longitude: "0.0" |
| cadi_latitude: "0.0" |
| app_ns: org.osaaf.aaf |
| credsPath: /opt/app/osaaf/local |
| aaf_add_config: | |
| mkdir -p {{ .Values.credsPath }}/certs |
| echo "*** retrieve certificate from pkcs12" |
| openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ |
| -out {{ .Values.credsPath }}/certs/cert.crt -nokeys \ |
| -passin pass:$cadi_keystore_password_p12 \ |
| -passout pass:$cadi_keystore_password_p12 |
| echo "*** copy key to relevant place" |
| cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key {{ .Values.credsPath }}/certs/cert.key |
| echo "*** change ownership and read/write attributes" |
| chown -R 1000 {{ .Values.credsPath }}/certs |
| chmod 600 {{ .Values.credsPath }}/certs/cert.crt |
| chmod 600 {{ .Values.credsPath }}/certs/cert.key |
| |
| ################################################################# |
| # Application configuration defaults. |
| ################################################################# |
| # application image |
| image: onap/msb/msb_apigateway:1.6.0 |
| pullPolicy: Always |
| istioSidecar: true |
| |
| # application configuration |
| config: |
| routeLabels: "visualRange:1" |
| |
| # default number of instances |
| replicaCount: 1 |
| |
| nodeSelector: {} |
| |
| affinity: {} |
| |
| # probe configuration parameters |
| liveness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| # necessary to disable liveness probe when setting breakpoints |
| # in debugger so K8s doesn't restart unresponsive container |
| enabled: true |
| |
| readiness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| |
| service: |
| type: NodePort |
| name: msb-iag |
| both_tls_and_plain: true |
| # for liveness and readiness probe only |
| # internalPort: |
| internalPort: 443 |
| internalPlainPort: 80 |
| ports: |
| - name: msb-iag |
| port: 443 |
| plain_port: 80 |
| port_protocol: http |
| nodePort: '83' |
| |
| ingress: |
| enabled: false |
| service: |
| - baseaddr: "msb-iag-ui" |
| name: "msb-iag" |
| port: 443 |
| plain_port: 80 |
| config: |
| ssl: "redirect" |
| |
| # Resource Limit flavor -By Default using small |
| flavor: small |
| # Segregation for Different environment (Small and Large) |
| resources: |
| small: |
| limits: |
| cpu: 100m |
| memory: 400Mi |
| requests: |
| cpu: 50m |
| memory: 200Mi |
| large: |
| limits: |
| cpu: 200m |
| memory: 800Mi |
| requests: |
| cpu: 100m |
| memory: 400Mi |
| unlimited: {} |
| |
| #Pods Service Account |
| serviceAccount: |
| nameOverride: msb-iag |
| roles: |
| - read |
| |
| #Logs configuration |
| log: |
| path: /var/log/onap |
| logConfigMapNamePrefix: '{{ include "common.fullname" . }}' |