blob: b777a7d388c1da03789396c3abc0d3f748073550 [file] [log] [blame]
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +02001# Copyright © 2020, Nordix Foundation, Orange
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14global:
Sylvain Desbureaux5ee4dd42020-11-21 22:52:46 +010015 mariadbGalera: &mariadbGalera
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020016 #This flag allows EJBCA to instantiate its own mariadb-galera cluster
17 localCluster: false
18 service: mariadb-galera
19 internalPort: 3306
20 nameOverride: mariadb-galera
21
22secrets:
23 - uid: ejbca-db-secret
24 name: &ejbca-db-secret '{{ include "common.release" . }}-ejbca-db-secret'
25 type: basicAuth
26 externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
27 login: '{{ .Values.config.db.userName }}'
28 password: '{{ .Values.config.db.userPassword }}'
29 - uid: ejbca-server-ra-iak
30 name: '{{ include "common.release" . }}-ejbca-ra-iak'
31 type: password
32 password: '{{ .Values.config.ejbca.raIak }}'
33 - uid: ejbca-server-client-iak
34 name: '{{ include "common.release" . }}-ejbca-client-iak'
35 type: password
36 password: '{{ .Values.config.ejbca.clientIak }}'
37
38# application configuration
39config:
40 db:
41 userName: ejbca
42 # userPassword: password
43 # userCredentialsExternalSecret: some-secret
44 ejbca: {}
45 # raIak: mypassword
46 # clientIak: mypassword
47
48mysqlDatabase: &dbName ejbca
49
50#################################################################
51# Application configuration defaults.
52#################################################################
53# application configuration
54replicaCount: 1
55
56ejbca:
Piotr Marcinkiewicz983f2fa2021-05-11 13:07:36 +020057 image: primekey/ejbca-ce:7.4.3.2
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020058pullPolicy: Always
59
60mariadb-galera:
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +010061 db:
62 externalSecret: *ejbca-db-secret
63 name: *dbName
64 nameOverride: &ejbca-galera ejbca-galera
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020065 service:
66 name: ejbca-galera
67 portName: ejbca-galera
68 internalPort: 3306
69 replicaCount: 1
70 persistence:
71 enabled: true
72 mountSubPath: ejbca/maria/data
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +010073 serviceAccount:
74 nameOverride: *ejbca-galera
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020075
76mariadb-init:
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +010077 config:
78 userCredentialsExternalSecret: *ejbca-db-secret
79 mysqlDatabase: *dbName
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020080 nameOverride: ejbca-config
81
82nodeSelector: {}
83
84affinity: {}
85
86# probe configuration parameters
87liveness:
88 path: /ejbca/publicweb/healthcheck/ejbcahealth
Radoslaw Chmiel527662f2022-06-02 19:23:26 +020089 port: 8443
90 initialDelaySeconds: 180
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020091 periodSeconds: 30
92
93readiness:
94 path: /ejbca/publicweb/healthcheck/ejbcahealth
Radoslaw Chmiel527662f2022-06-02 19:23:26 +020095 port: 8443
96 initialDelaySeconds: 180
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +020097 periodSeconds: 30
98
99service:
100 type: ClusterIP
egernug9903d6b2020-05-27 09:02:25 +0100101 both_tls_and_plain: true
Sylvain Desbureauxd1ca1ee2020-04-07 14:52:20 +0200102 ports:
103 - name: api
104 port: 8443
105 plain_port: 8080
106 port_protocol: http
Sylvain Desbureaux15392732020-10-22 09:49:54 +0200107
108# Resource Limit flavor -By Default using small
Radoslaw Chmiel527662f2022-06-02 19:23:26 +0200109flavor: unlimited
Sylvain Desbureaux15392732020-10-22 09:49:54 +0200110# Segregation for Different environment (Small and Large)
111resources:
112 small:
113 limits:
114 cpu: 1500m
115 memory: 1536Mi
116 requests:
117 cpu: 10m
118 memory: 750Mi
119 large:
120 limits:
121 cpu: 2
122 memory: 2Gi
123 requests:
124 cpu: 20m
125 memory: 1Gi
126 unlimited: {}
farida azmye273f782021-10-02 16:04:52 +0200127
128#Pods Service Account
129serviceAccount:
130 nameOverride: ejbca
131 roles:
132 - read