| # Copyright © 2017 Amdocs, Bell Canada |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| ################################################################# |
| # Global configuration defaults. |
| ################################################################# |
| global: |
| nodePortPrefix: 302 |
| |
| ################################################################# |
| # Certificate configuration |
| ################################################################# |
| certInitializer: |
| nameOverride: cli-cert-initializer |
| aafDeployFqi: deployer@people.osaaf.org |
| aafDeployPass: demo123456! |
| # aafDeployCredsExternalSecret: some secret |
| fqdn: "cli" |
| app_ns: "org.osaaf.aaf" |
| fqi_namespace: "org.onap.cli" |
| fqi: "cli@cli.onap.org" |
| public_fqdn: "aaf.osaaf.org" |
| cadi_longitude: "0.0" |
| cadi_latitude: "0.0" |
| credsPath: /opt/app/osaaf/local |
| aaf_add_config: | |
| echo "*** retrieving password for keystore and trustore" |
| export $(/opt/app/aaf_config/bin/agent.sh local showpass \ |
| {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0) |
| if [ -z "$cadi_keystore_password_p12" ] |
| then |
| echo " /!\ certificates retrieval failed" |
| exit 1 |
| else |
| echo "*** transform AAF certs into pem files" |
| mkdir -p {{ .Values.credsPath }}/certs |
| keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \ |
| -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \ |
| -alias ca_local_0 \ |
| -storepass $cadi_truststore_password |
| openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ |
| -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \ |
| -passin pass:$cadi_keystore_password_p12 \ |
| -passout pass:$cadi_keystore_password_p12 |
| echo "*** generating needed file" |
| cat {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \ |
| {{ .Values.credsPath }}/certs/cert.pem \ |
| {{ .Values.credsPath }}/certs/cacert.pem \ |
| > {{ .Values.credsPath }}/certs/fullchain.pem; |
| cat {{ .Values.credsPath }}/certs/fullchain.pem |
| echo "*** change ownership of certificates to targeted user" |
| chown -R 33 {{ .Values.credsPath }} |
| fi |
| |
| |
| ################################################################# |
| # Application configuration defaults. |
| ################################################################# |
| # application image |
| image: onap/cli:6.0.1 |
| pullPolicy: Always |
| flavor: small |
| |
| # application configuration |
| config: |
| climode: daemon |
| |
| # default number of instances |
| replicaCount: 1 |
| |
| nodeSelector: {} |
| |
| affinity: {} |
| |
| # probe configuration parameters |
| liveness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| # necessary to disable liveness probe when setting breakpoints |
| # in debugger so K8s doesn't restart unresponsive container |
| enabled: true |
| |
| readiness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| |
| service: |
| type: NodePort |
| name: cli |
| externalPort: 443 |
| externalPort1: 9090 |
| internalPort: "443" |
| internalPort1: 9090 |
| nodePort: "60" |
| nodePort1: "71" |
| |
| ingress: |
| enabled: false |
| service: |
| - baseaddr: "cli.api" |
| name: "cli" |
| port: 443 |
| - baseaddr: "cli2.api" |
| name: cli |
| port: 9090 |
| config: |
| ssl: "redirect" |
| |
| # Configure resource requests and limits |
| # ref: http://kubernetes.io/docs/user-guide/compute-resources/ |
| resources: |
| small: |
| limits: |
| cpu: 1 |
| memory: 2Gi |
| requests: |
| cpu: 10m |
| memory: 500Mi |
| large: |
| limits: |
| cpu: 4 |
| memory: 8Gi |
| requests: |
| cpu: 2 |
| memory: 4Gi |
| unlimited: {} |