| GuangrongFu | cc1316b | 2021-02-03 17:29:08 +0800 | [diff] [blame] | 1 | #============LICENSE_START======================================================== |
| 2 | # ================================================================================ |
| 3 | # Copyright (c) 2021 ZTE Corporation Intellectual Property. All rights reserved. |
| 4 | # ================================================================================ |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | # you may not use this file except in compliance with the License. |
| 7 | # You may obtain a copy of the License at |
| 8 | # |
| 9 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | # |
| 11 | # Unless required by applicable law or agreed to in writing, software |
| 12 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | # See the License for the specific language governing permissions and |
| 15 | # limitations under the License. |
| 16 | # ============LICENSE_END========================================================= |
| 17 | |
| 18 | ################################################################# |
| 19 | # Global configuration. |
| 20 | ################################################################# |
| 21 | global: |
| 22 | nodePortPrefixExt: 302 |
| 23 | |
| 24 | ################################################################# |
| 25 | # Application configuration defaults. |
| 26 | ################################################################# |
| 27 | # application image |
| 28 | image: onap/holmes/rule-management:1.3.2 |
| 29 | consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 |
| 30 | |
| 31 | ################################################################# |
| 32 | # AAF part |
| 33 | ################################################################# |
| 34 | certInitializer: |
| 35 | nameOverride: holmes-rule-mgmt-cert-initializer |
| 36 | aafDeployFqi: deployer@people.osaaf.org |
| 37 | aafDeployPass: demo123456! |
| 38 | # aafDeployCredsExternalSecret: some secret |
| 39 | fqdn: holmes-rule-mgmt |
| 40 | fqi: holmes-rule-mgmt@holmes-rule-mgmt.onap.org |
| 41 | fqi_namespace: org.onap.holmes-rule-mgmt |
| 42 | public_fqdn: holmes-rule-mgmt.onap.org |
| 43 | cadi_longitude: "0.0" |
| 44 | cadi_latitude: "0.0" |
| 45 | app_ns: org.osaaf.aaf |
| 46 | credsPath: /opt/app/osaaf/local |
| 47 | aaf_add_config: | |
| 48 | echo "*** changing them into shell safe ones" |
| 49 | export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| 50 | export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| 51 | cd {{ .Values.credsPath }} |
| 52 | keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ |
| 53 | -storepass "${cadi_keystore_password_p12}" \ |
| 54 | -keystore {{ .Values.fqi_namespace }}.p12 |
| 55 | keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \ |
| 56 | -storepass "${cadi_truststore_password}" \ |
| 57 | -keystore {{ .Values.fqi_namespace }}.trust.jks |
| 58 | echo "*** set key password as same password as keystore password" |
| 59 | keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \ |
| 60 | -keystore {{ .Values.fqi_namespace }}.p12 \ |
| 61 | -keypass "${cadi_keystore_password_p12}" \ |
| 62 | -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }} |
| 63 | echo "*** save the generated passwords" |
| 64 | echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop |
| 65 | echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop |
| 66 | echo "*** change ownership of certificates to targeted user" |
| 67 | chown -R 1000 . |
| 68 | |
| 69 | ################################################################# |
| 70 | # Secrets metaconfig |
| 71 | ################################################################# |
| 72 | secrets: |
| 73 | - uid: pg-user-creds |
| 74 | type: basicAuth |
| 75 | externalSecret: '{{ tpl (default "" .Values.config.pgConfig.dbUserCredsExternalSecret) . }}' |
| 76 | login: '{{ .Values.config.pgConfig.dbUser }}' |
| 77 | password: '{{ .Values.config.pgConfig.dbUserPassword }}' |
| 78 | |
| 79 | # application configuration |
| 80 | config: |
| 81 | logstashServiceName: log-ls |
| 82 | logstashPort: 5044 |
| 83 | # Addresses of other ONAP entities |
| 84 | address: |
| 85 | consul: |
| 86 | host: consul-server |
| 87 | port: 8500 |
| 88 | pgConfig: |
| 89 | dbName: defaultName |
| 90 | dbHost: defaultHost |
| 91 | dbPort: 1234 |
| 92 | dbUser: admin |
| 93 | dbUserPassword: admin |
| 94 | # dbUserCredsExternalSecret |
| 95 | |
| 96 | service: |
| 97 | type: NodePort |
| 98 | name: holmes-rule-mgmt |
| 99 | ports: |
| 100 | - name: https-rest |
| 101 | port: &svc_port 9101 |
| 102 | nodePort: 92 |
| 103 | - name: https-ui |
| 104 | port: 9104 |
| 105 | nodePort: 93 |
| 106 | |
| 107 | # probe configuration parameters |
| 108 | liveness: |
| 109 | initialDelaySeconds: 10 |
| 110 | port: *svc_port |
| 111 | periodSeconds: 10 |
| 112 | path: /api/holmes-rule-mgmt/v1/healthcheck |
| 113 | enabled: true |
| 114 | scheme: HTTPS |
| 115 | |
| 116 | readiness: |
| 117 | initialDelaySeconds: 30 |
| 118 | port: *svc_port |
| 119 | periodSeconds: 30 |
| 120 | path: /api/holmes-rule-mgmt/v1/healthcheck |
| 121 | scheme: HTTPS |
| 122 | |
| 123 | # Segregation for Different environment (Small and Large) |
| 124 | resources: |
| 125 | small: |
| 126 | limits: |
| 127 | cpu: 250m |
| 128 | memory: 256Mi |
| 129 | requests: |
| 130 | cpu: 250m |
| 131 | memory: 1024Mi |
| 132 | large: |
| 133 | limits: |
| 134 | cpu: 500m |
| 135 | memory: 512Mi |
| 136 | requests: |
| 137 | cpu: 500m |
| 138 | memory: 2Gi |
| 139 | unlimited: {} |