Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 38491152b004fa3eb0db01dfb985d78e0d681fd2 / . / kubernetes / common / elasticsearch / values.yaml
blob: 31edcabfa1c1f57445faf81eacfc8953c026787d [file] [log] [blame]
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]1# Copyright © 2020 Bitnami, AT&T, Amdocs, Bell Canada, highstreet technologies
2#
3# Licensed under the Apache License, Version 2.0 (the "License");
4# you may not use this file except in compliance with the License.
5# You may obtain a copy of the License at
6#
7# http://www.apache.org/licenses/LICENSE-2.0
8#
9# Unless required by applicable law or agreed to in writing, software
10# distributed under the License is distributed on an "AS IS" BASIS,
11# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12# See the License for the specific language governing permissions and
13# limitations under the License.
14
15#################################################################
16# Global configuration defaults.
17#################################################################
18global:
19 aafEnabled: true
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]20 nodePortPrefix: 302
Sylvain Desbureaux1694e1d2020-08-21 09:58:25 +0200[diff] [blame]21 readinessImage: onap/oom/readiness:3.0.1
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]22 loggingRepository: docker.elastic.co
23 loggingImage: beats/filebeat:5.5.0
24 busyboxRepository: registry.hub.docker.com
25 busyboxImage: library/busybox:latest
26 clusterName: cluster.local
27
28persistence:
29 mountPath: /dockerdata-nfs
30 backup:
31 mountPath: /dockerdata-nfs/backup
32 storageClass:
33repositoryOverride: docker.io
34
35#################################################################
36# Application configuration defaults.
37#################################################################
38## Init containers parameters:
39sysctlImage:
40 enabled: true
41
42# application image
Alexander Dehn7af5a2a2020-09-28 14:01:46 +0000[diff] [blame]43image: bitnami/elasticsearch:7.6.1
Alexander Dehnc2a36862020-09-02 11:48:20 +0000[diff] [blame]44## Specify a imagePullPolicy
45## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
46## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
47##
48pullPolicy: IfNotPresent
49## Optionally specify an array of imagePullSecrets.
50## Secrets must be manually created in the namespace.
51## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
52##
53# pullSecrets:
54# - myRegistryKeySecretName
55## Set to true if you would like to see extra information on logs
56## ref: https://github.com/bitnami/minideb-extras/#turn-on-bash-debugging
57##
58debug: false
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]59
60## String to partially override common.fullname template (will maintain the release name)
61##
62# nameOverride:
63
64## String to fully override common.fullname template
65##
66# fullnameOverride:
67## updateStrategy for ElasticSearch coordinating deployment
68## ref: https://kubernetes.io/docs/concepts/workloads/controllers/deployment/#strategy
69##
70updateStrategy:
71 type: RollingUpdate
72heapSize: 128m
73## Provide annotations for the coordinating-only pods.
74##
75podAnnotations: {}
76## Pod Security Context for coordinating-only pods.
77## ref: https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
78##
79securityContext:
80 enabled: true
81 fsGroup: 1001
82 runAsUser: 1001
83## Affinity for pod assignment.
84## Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity
85##
86affinity: {}
87## Node labels for pod assignment. Evaluated as a template.
88## Ref: https://kubernetes.io/docs/user-guide/node-selection/
89##
90nodeSelector: {}
91## Tolerations for pod assignment. Evaluated as a template.
92## Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/
93##
94tolerations: []
95## Elasticsearch coordinating-only container's resource requests and limits
96## ref: http://kubernetes.io/docs/user-guide/compute-resources/
97##
98resources:
99 ## We usually recommend not to specify default resources and to leave this as a conscious
100 ## choice for the user. This also increases chances charts run on environments with little
101 ## resources, such as Minikube.
102 limits: {}
103 # cpu: 100m
104 # memory: 128Mi
105 requests:
106 cpu: 25m
107 memory: 256Mi
108## Elasticsearch coordinating-only container's liveness and readiness probes
109## ref: https://kubernetes.io/docs/concepts/workloads/pods/pod-lifecycle/#container-probes
110##
111livenessProbe:
112 enabled: false
113# initialDelaySeconds: 90
114# periodSeconds: 10
115# timeoutSeconds: 5
116# successThreshold: 1
117# failureThreshold: 5
118readinessProbe:
119 enabled: false
120# initialDelaySeconds: 90
121# periodSeconds: 10
122# timeoutSeconds: 5
123# successThreshold: 1
124# failureThreshold: 5
125## Service parameters for coordinating-only node(s)
126##
127serviceAccount:
128 ## Specifies whether a ServiceAccount should be created for the coordinating node
129 ##
130 create: false
131 ## The name of the ServiceAccount to use.
132 ## If not set and create is true, a name is generated using the fullname template
133 ##
134 # name:
135
136## Bitnami Minideb image version
137## ref: https://hub.docker.com/r/bitnami/minideb/tags/
138##
139sysctlImage:
140 enabled: true
141 imageName: bitnami/minideb
142 tag: stretch
143 ## Specify a imagePullPolicy
144 ## Defaults to 'Always' if image tag is 'latest', else set to 'IfNotPresent'
145 ## ref: http://kubernetes.io/docs/user-guide/images/#pre-pulling-images
146 ##
147 pullPolicy: Always
148 ## Optionally specify an array of imagePullSecrets.
149 ## Secrets must be manually created in the namespace.
150 ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/
151 ##
152 # pullSecrets:
153 # - myRegistryKeySecretName
154
155# nginx image
156nginx:
157 imageName: bitnami/nginx
158 tag: 1.16-debian-9
159 pullPolicy: IfNotPresent
160 service:
161 name: nginx
162 ports:
163 - name: elasticsearch
164 port: 8080
165## Custom server block to be added to NGINX configuration
166## PHP-FPM example server block:
167 serverBlock:
168 https: |-
169 server {
170 listen 9200 ssl;
171 #server_name ;
172 # auth_basic "server auth";
173 # auth_basic_user_file /etc/nginx/passwords;
174 ssl_certificate /opt/app/osaaf/local/certs/cert.pem;
175 ssl_certificate_key /opt/app/osaaf/local/certs/key.pem;
176 location / {
177 # deny node shutdown api
178 if ($request_filename ~ "_shutdown") {
179 return 403;
180 break;
181 }
182
183 proxy_pass http://localhost:9000;
184 proxy_http_version 1.1;
185 proxy_set_header Connection "Keep-Alive";
186 proxy_set_header Proxy-Connection "Keep-Alive";
187 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
188 proxy_set_header X-Forwarded-Proto $scheme;
189 proxy_set_header X-Real-IP $remote_addr;
190 proxy_set_header Host $http_host;
191 proxy_redirect off;
192 }
193
194 location = / {
195 proxy_pass http://localhost:9000;
196 proxy_http_version 1.1;
197 proxy_set_header Connection "Keep-Alive";
198 proxy_set_header Proxy-Connection "Keep-Alive";
199 proxy_redirect off;
200 auth_basic "off";
201 }
202 }
203 http: |-
204 server {
205 listen 9200 ;
206 #server_name ;
207 location / {
208 # deny node shutdown api
209 if ($request_filename ~ "_shutdown") {
210 return 403;
211 break;
212 }
213
214 proxy_pass http://localhost:9000;
215 proxy_http_version 1.1;
216 proxy_set_header Connection "Keep-Alive";
217 proxy_set_header Proxy-Connection "Keep-Alive";
218 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
219 proxy_set_header X-Forwarded-Proto $scheme;
220 proxy_set_header X-Real-IP $remote_addr;
221 proxy_set_header Host $http_host;
222 proxy_redirect off;
223 }
224
225 location = / {
226 proxy_pass http://localhost:9000;
227 proxy_http_version 1.1;
228 proxy_set_header Connection "Keep-Alive";
229 proxy_set_header Proxy-Connection "Keep-Alive";
230 proxy_redirect off;
231 auth_basic "off";
232 }
233 }
234#################################################################
235# coordinating service configuration defaults.
236#################################################################
237
238service:
239 name: ""
240 suffix: ""
241 ## coordinating-only service type
242 ##
243 type: ClusterIP
244 headlessPorts:
245 - name: http-transport
246 port: 9300
247 headless:
248 suffix: discovery
249 annotations:
250 service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
251 publishNotReadyAddresses: true
252 ## Elasticsearch tREST API port
253 ##
254 ports:
255 - name: elasticsearch
256 port: 9200
257
258
259 ## Specify the nodePort value for the LoadBalancer and NodePort service types.
260 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#type-nodeport
261 ##
262 # nodePort:
263 ## Provide any additional annotations which may be required. This can be used to
264 ## set the LoadBalancer service type to internal only.
265 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
266 ##
267 annotations: {}
268 ## Set the LoadBalancer service type to internal only.
269 ## ref: https://kubernetes.io/docs/concepts/services-networking/service/#internal-load-balancer
270 ##
271 # loadBalancerIP:
272 ## Provide functionality to use RBAC
273 ##
Krzysztof Opasiakc6152ce2020-05-09 01:43:08 +0200[diff] [blame]274
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]275#################################################################
Krzysztof Opasiakc6152ce2020-05-09 01:43:08 +0200[diff] [blame]276# Certificate configuration
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]277#################################################################
Krzysztof Opasiakc6152ce2020-05-09 01:43:08 +0200[diff] [blame]278certInitializer:
279 nameOverride: elasticsearch-cert-initializer
280 aafDeployFqi: deployer@people.osaaf.org
281 aafDeployPass: demo123456!
282 # aafDeployCredsExternalSecret: some secret
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]283 fqdn: "elastic"
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]284 app_ns: "org.osaaf.aaf"
Krzysztof Opasiakc6152ce2020-05-09 01:43:08 +0200[diff] [blame]285 fqi_namespace: "org.onap.elastic"
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]286 fqi: "elastic@elastic.onap.org"
287 public_fqdn: "aaf.osaaf.org"
Krzysztof Opasiakc6152ce2020-05-09 01:43:08 +0200[diff] [blame]288 cadi_longitude: "0.0"
289 cadi_latitude: "0.0"
290 credsPath: /opt/app/osaaf/local
291 aaf_add_config: >
292 cd {{ .Values.credsPath }};
293 mkdir -p certs;
294 export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
295 keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password;
296 openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12;
297 cp {{ .Values.fqi_namespace }}.key certs/key.pem;
298 chmod -R 755 certs;
299
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]300#################################################################
301# subcharts configuration defaults.
302#################################################################
303
304
305#data:
306# enabled: false
307
308#curator:
309# enabled: false
310
311## Change nameOverride to be consistent accross all elasticsearch (sub)-charts
312
313master:
314 replicaCount: 3
315 # dedicatednode: "yes"
316 # working as master node only, in this case increase replicaCount for elasticsearch-data
317 # dedicatednode: "no"
318 # handles master and data node functionality
319 dedicatednode: "no"
320data:
321 enabled: false
322curator:
323 enabled: false