blob: c40dbe0d2d727f2564f5e9472765a0a43d44be5a [file] [log] [blame]
# Copyright (c) 2017 Amdocs, Bell Canada
# Modifications Copyright (c) 2018 AT&T
# Modifications Copyright (c) 2020 Nokia, Orange
# Modifications Copyright (c) 2021 Orange
# Modifications Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# Default values for aai.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global: # global defaults
nodePortPrefix: 302
repository: nexus3.onap.org:10001
dockerhubRepository: docker.io
busyboxImage: busybox
readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
restartPolicy: Always
msbEnabled: false
centralizedLoggingEnabled: false
cassandra:
#This will instantiate AAI cassandra cluster, default:shared cassandra.
localCluster: false
#Service Name of the cassandra cluster to connect to.
#Override it to aai-cassandra if localCluster is enabled.
#in case of using k8ssandra-operator in the common cassandra installation
#the service name is:
#serviceName: cassandra-dc1-service
#in case of local k8ssandra-operator instance it is
#serviceName: aai-cassandra-dc1-service
#in case the older cassandra installation is used:
serviceName: cassandra
#This should be same as shared cassandra instance or if localCluster is enabled
#then it should be same as aai-cassandra replicaCount
replicas: 3
#Cassanara login details
username: cassandra
password: cassandra
aai:
serviceName: aai
babel:
serviceName: aai-babel
aaiElasticsearch:
serviceName: aai-elasticsearch
resources:
serviceName: aai-resources
sparkyBe:
serviceName: aai-sparky-be
modelloader:
serviceName: aai-modelloader
searchData:
serviceName: aai-search-data
traversal:
serviceName: aai-traversal
graphadmin:
serviceName: aai-graphadmin
initContainers:
enabled: true
# Specifies a list of jobs to be run
jobs:
# When enabled, it will create the schema based on oxm and edge rules
createSchema:
enabled: true
# When enabled, it will create the widget models via REST API to haproxy
updateQueryData:
enabled: true
#migration using helm hooks
migration:
enabled: false
remoteCassandra:
enabled: false
storage:
backend: cassandra
hostname: 10.10.10.10
connectionTimeout: 100000
cacheSize: 1000000
keyConsistent: true
#If backend is cql or cassandra it should be keyspace name
#else backend is hbase it should be hbase table name
name: aaigraph
## CQL driver specific properties for janusgraph
# cql:
# #Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: QUORUM
# writeConsistency: QUORUM
# replicationFactor: 3
# localConsistencyForSysOps: true
## Cassandra driver specific properties for janusgraph
cassandra:
#Name of the Cassandra Cluster
clusterName: aai-cluster
localDataCenter: Pod lab
readConsistency: LOCAL_QUORUM
writeConsistency: LOCAL_QUORUM
replicationFactor: 3
#storage:
# backend: cassandra
# hostname: somehost1,somehost2,somehost3
# connectionTimeout: 100000
# cacheSize: 1000000
# clusterName: someClusterName
# localDataCenter: someDataCenter
# keyConsistent: true
# #If backend is cql or cassandra it should be keyspace name
# #else backend is hbase it should be hbase table name
# name: your_hbase_table_or_keyspace_name
## CQL driver specific properties for janusgraph
# cql:
# #Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: QUORUM
# writeConsistency: QUORUM
# replicationFactor: 3
# localConsistencyForSysOps: true
## Cassandra driver specific properties for janusgraph
# cassandra:
# #Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: LOCAL_QUORUM
# writeConsistency: LOCAL_QUORUM
# replicationFactor: 3
# Common configuration for resources traversal and graphadmin
config:
# User information for the admin user in container
userId: 1000
groupId: 1000
# Specifies that the cluster connected to a dynamic
# cluster being spinned up by kubernetes deployment
cluster:
cassandra:
dynamic: true
# If cluster.cassandra.dynamic is set to false
# Then the following configuration should be uncommented
# This is if you are planning to connect to a existing
# Cassandra cluster instead of doing the deployment
#storage:
# backend: cassandra
# hostname: somehost1,somehost2,somehost3
# connectionTimeout: 100000
# cacheSize: 1000000
# clusterName: someClusterName
# localDataCenter: someDataCenter
# keyConsistent: true
# # If backend is cql or cassandra it should be keyspace name
# # else backend is hbase it should be hbase table name
# name: your_hbase_table_or_keyspace_name
# # CQL driver specific properties for janusgraph
# cql:
# # Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: QUORUM
# writeConsistency: QUORUM
# replicationFactor: 3
# localConsistencyForSysOps: true
# # Cassandra driver specific properties for janusgraph
# cassandra:
# # Name of the Cassandra Cluster
# cluster: someclustername
# readConsistency: LOCAL_QUORUM
# writeConsistency: LOCAL_QUORUM
# replicationFactor: 3
# Specifies if the basic authorization is enabled
basic:
auth:
enabled: true
username: AAI
passwd: AAI
# Active spring profiles for the resources microservice
# aaf-auth profile will be automatically set if aaf enabled is set to true
profiles:
active: production,dmaap #,aaf-auth
# Notification event specific properties
notification:
eventType: AAI-EVENT
domain: dev
# Schema specific properties that include supported versions of api
schema:
# Specifies if the connection should be one way ssl, two way ssl or no auth
# will be set to no-auth if tls is disabled
service:
client: no-auth
# Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
translator:
list: schema-service
source:
# Specifies which folder to take a look at
name: onap
uri:
# Base URI Path of the application
base:
path: /aai
version:
# Current version of the REST API
api:
default: v27
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
# Specifies from which version related link should appear
related:
link: v11
# Specifies from which version the app root change happened
app:
root: v11
# Specifies from which version the xml namespace changed
namespace:
change: v12
# Specifies from which version the edge label appeared in API
edge:
label: v12
# Keystore configuration password and filename
keystore:
filename: aai_keystore
passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit
# Truststore configuration password and filename
truststore:
filename: aai_keystore
passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit
# Specifies a list of files to be included in auth volume
auth:
files:
- aai_keystore
# Specifies which clients should always default to realtime graph connection
realtime:
clients: SDNC,MSO,SO,robot-ete
# Logback debug enabled
logback:
console:
# If enabled, container will print all logback to standard output
# This will make debugging much easier but it should only be done
# when debugging the issue and changed back as it can affect performance
# since when this is enabled, it prints a lot of information to console
enabled: false
aai-babel:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-graphadmin:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-modelloader:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-resources:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-schema-service:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-sparky-be:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-traversal:
logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
# application image
dockerhubRepository: registry.hub.docker.com
image: onap/aai-haproxy:1.11.0
pullPolicy: Always
flavor: small
flavorOverride: small
# flag to enable debugging - application support required
debugEnabled: false
# application configuration
config:
logstashServiceName: log-ls
logstashPort: 5044
# default number of instances
replicaCount: 1
updateStrategy:
type: RollingUpdate
maxUnavailable: 0
maxSurge: 1
nodeSelector: {}
affinity: {}
# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns
haproxy:
initContainers:
resources:
memory: 100Mi
cpu: 50m
requestBlocking:
enabled: false
customConfigs: []
replicas:
aaiResources: 1
aaiTraversal: 1
# probe configuration parameters
liveness:
initialDelaySeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
#This section is used when localCluster is enabled. AAI will create its own cassandra cluster for its specific use.
#Below command will instantiate the aai cassandra instances:
#helm deploy demo local/onap --version=4.0.0 --namespace onap --set aai.enabled=true \
# --set aai.global.cassandra.localCluster=true \
# --set aai.global.cassandra.serviceName=aai-cassandra
cassandra:
nameOverride: aai-cassandra
serviceAccount:
nameOverride: aai-cassandra
replicaCount: 3
service:
name: aai-cassandra
persistence:
mountSubPath: aai/cassandra
enabled: true
k8ssandraOperator:
enabled: false
config:
clusterName: aai-cassandra
readiness:
initialDelaySeconds: 10
periodSeconds: 10
service:
type: NodePort
portName: http
externalPort: 80
internalPort: 8080
nodePort: 33
sessionAffinity: None
metricsService:
type: ClusterIP
portName: http-prometheus
externalPort: 8448
internalPort: 8448
metrics:
serviceMonitor:
enabled: false
targetPort: 8448
path: /metrics
basicAuth:
enabled: false
selector:
app: '{{ include "common.name" . }}-metrics'
chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
release: '{{ include "common.release" . }}'
heritage: '{{ .Release.Service }}'
relabelings: []
metricRelabelings: []
ingress:
enabled: false
service:
- baseaddr: "aai-api"
name: "aai"
port: 80
config:
ssl: "redirect"
serviceMesh:
authorizationPolicy:
authorizedPrincipalsMetrics: []
authorizedPrincipals:
- serviceAccount: aai-graphadmin-read
- serviceAccount: aai-modelloader-read
- serviceAccount: aai-resources-read
- serviceAccount: aai-schema-service-read
- serviceAccount: aai-traversal-read
- serviceAccount: cds-blueprints-processor-read
- serviceAccount: consul-read
- serviceAccount: dcae-prh-read
- serviceAccount: dcae-slice-analysis-ms-read
- serviceAccount: dcae-tcagen2
- serviceAccount: nbi-read
- serviceAccount: sdnc-read
- serviceAccount: so-read
- serviceAccount: so-bpmn-infra-read
- serviceAccount: so-cnf-adapter-read
- serviceAccount: so-nssmf-adapter-read
- serviceAccount: so-etsi-nfvo-ns-lcm-read
- serviceAccount: so-etsi-sol003-adapter-read
- serviceAccount: so-openstack-adapter-read
- serviceAccount: so-sdc-controller-read
- serviceAccount: so-ve-vnfm-adapter
- serviceAccount: istio-ingress
namespace: istio-ingress
resources:
small:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 1
memory: 1Gi
large:
limits:
cpu: 4
memory: 8Gi
requests:
cpu: 2
memory: 2Gi
unlimited: {}
#Pods Service Account
serviceAccount:
nameOverride: aai
roles:
- read