| # Copyright (c) 2018 Amdocs, Bell Canada, AT&T |
| # Modifications Copyright (c) 2020 Nokia, Orange |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); |
| # you may not use this file except in compliance with the License. |
| # You may obtain a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, |
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| # See the License for the specific language governing permissions and |
| # limitations under the License. |
| |
| # Default values for sparky-be. |
| # This is a YAML-formatted file. |
| # Declare variables to be passed into your templates. |
| global: # global defaults |
| nodePortPrefix: 302 |
| aai: |
| serviceName: aai |
| aaiElasticsearch: |
| serviceName: aai-elasticsearch |
| gizmo: |
| serviceName: aai-gizmo |
| searchData: |
| serviceName: aai-search-data |
| |
| |
| ################################################################# |
| # Certificate configuration |
| ################################################################# |
| certInitializer: |
| nameOverride: aai-sparky-cert-initializer |
| aafDeployFqi: deployer@people.osaaf.org |
| aafDeployPass: demo123456! |
| # aafDeployCredsExternalSecret: some secret |
| fqdn: "aai" |
| app_ns: "org.osaaf.aaf" |
| fqi_namespace: "org.onap.aai" |
| fqi: "aai@aai.onap.org" |
| public_fqdn: "aaf.osaaf.org" |
| cadi_longitude: "0.0" |
| cadi_latitude: "0.0" |
| credsPath: /opt/app/osaaf/local |
| aaf_add_config: | |
| echo "*** changing passwords into shell safe ones" |
| export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| cd {{ .Values.credsPath }} |
| keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ |
| -storepass "${cadi_keystore_password_p12}" \ |
| -keystore {{ .Values.fqi_namespace }}.p12 |
| keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \ |
| -storepass "${cadi_truststore_password}" \ |
| -keystore {{ .Values.fqi_namespace }}.trust.jks |
| echo "*** save the generated passwords" |
| echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop |
| echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop |
| echo "*** change ownership of certificates to targeted user" |
| chown -R 1000 {{ .Values.credsPath }} |
| |
| # application image |
| image: onap/sparky-be:2.0.3 |
| pullPolicy: Always |
| restartPolicy: Always |
| flavor: small |
| flavorOverride: small |
| dockerhubRepository: registry.hub.docker.com |
| ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 |
| # application configuration |
| config: |
| elasticsearchHttpPort: 9200 |
| gerritBranch: 3.0.0-ONAP |
| gerritProject: http://gerrit.onap.org/r/aai/test-config |
| portalUsername: aaiui |
| portalPassword: OBF:1t2v1vfv1unz1vgz1t3b # aaiui |
| portalCookieName: UserId |
| portalAppRoles: ui_view |
| cadiFileLocation: /opt/app/sparky/config/portal/cadi.properties |
| cookieDecryptorClass: org.onap.aai.sparky.security.BaseCookieDecryptor |
| |
| # ONAP Cookie Processing - During initial development, the following flag, if true, will |
| # prevent the portal interface's login processing from searching for a user |
| # specific cookie, and will instead allow passage if a valid session cookie is discovered. |
| portalOnapEnabled: true |
| # |
| |
| # override chart name (sparky-be) to share a common namespace |
| # suffix with parent chart (aai) |
| nsSuffix: aai |
| |
| |
| # default number of instances |
| replicaCount: 1 |
| |
| updateStrategy: |
| type: RollingUpdate |
| maxUnavailable: 0 |
| maxSurge: 1 |
| |
| nodeSelector: {} |
| |
| affinity: {} |
| |
| # probe configuration parameters |
| liveness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| # necessary to disable liveness probe when setting breakpoints |
| # in debugger so K8s doesn't restart unresponsive container |
| enabled: true |
| |
| readiness: |
| initialDelaySeconds: 10 |
| periodSeconds: 10 |
| |
| service: |
| type: NodePort |
| portName: http |
| internalPort: 8000 |
| nodePort: 20 |
| |
| ingress: |
| enabled: false |
| service: |
| - baseaddr: "aai-sparkybe-api" |
| name: "aai-sparky-be" |
| port: 8000 |
| config: |
| ssl: "redirect" |
| |
| # Configure resource requests and limits |
| # ref: http://kubernetes.io/docs/user-guide/compute-resources/ |
| resources: |
| small: |
| limits: |
| cpu: 2 |
| memory: 4Gi |
| requests: |
| cpu: 0.25 |
| memory: 1Gi |
| large: |
| limits: |
| cpu: 4 |
| memory: 8Gi |
| requests: |
| cpu: 0.5 |
| memory: 2Gi |
| unlimited: {} |
| |
| #Pods Service Account |
| serviceAccount: |
| nameOverride: aai-sparky-be |
| roles: |
| - read |
| |
| #Log configuration |
| log: |
| path: /var/log/onap |
| logConfigMapNamePrefix: '{{ include "common.fullname" . }}' |