Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 4753743f0743a6b22f69e718c3cdb4ba8843cea6 / . / kubernetes / policy / components / policy-pap / values.yaml
blob: 9e05c47bdf3029ad783e0b04a225f027de44015e [file] [log] [blame]
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]1# ============LICENSE_START=======================================================
2# Copyright (C) 2019 Nordix Foundation.
jhh999c2242021-02-24 12:10:02 -0600[diff] [blame]3# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]4# Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved.
Sirisha_Manchikantib402a592022-09-09 12:01:20 +0100[diff] [blame]5# Modifications Copyright © 2022 Nordix Foundation
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]6# ================================================================================
7# Licensed under the Apache License, Version 2.0 (the "License");
8# you may not use this file except in compliance with the License.
9# You may obtain a copy of the License at
10#
11# http://www.apache.org/licenses/LICENSE-2.0
12#
13# Unless required by applicable law or agreed to in writing, software
14# distributed under the License is distributed on an "AS IS" BASIS,
15# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16# See the License for the specific language governing permissions and
17# limitations under the License.
18#
19# SPDX-License-Identifier: Apache-2.0
20# ============LICENSE_END=========================================================
21
22#################################################################
23# Global configuration defaults.
24#################################################################
25global:
Bruno Sakoto425d5be2020-05-20 07:25:41 -0400[diff] [blame]26 nodePortPrefixExt: 304
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]27 persistence: {}
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]28 useStrimziKafkaPf: set-via-parent-chart-global-value
29 postgres:
30 localCluster: false
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +0200[diff] [blame]31
32#################################################################
33# Secrets metaconfig
34#################################################################
35secrets:
36 - uid: db-secret
37 type: basicAuth
38 externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
39 login: '{{ .Values.db.user }}'
40 password: '{{ .Values.db.password }}'
41 passwordPolicy: required
Dominik Mizyn389fca12020-04-09 22:37:00 +0200[diff] [blame]42 - uid: restserver-secret
43 type: basicAuth
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]44 externalSecret: '{{ tpl (default "" .Values.restServer.papUserExternalSecret) . }}'
Dominik Mizyn389fca12020-04-09 22:37:00 +0200[diff] [blame]45 login: '{{ .Values.restServer.user }}'
46 password: '{{ .Values.restServer.password }}'
47 passwordPolicy: required
48 - uid: api-secret
49 type: basicAuth
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]50 externalSecret: '{{ tpl (default "" .Values.restServer.apiUserExternalSecret) . }}'
Dominik Mizyn389fca12020-04-09 22:37:00 +0200[diff] [blame]51 login: '{{ .Values.healthCheckRestClient.api.user }}'
52 password: '{{ .Values.healthCheckRestClient.api.password }}'
53 passwordPolicy: required
54 - uid: distribution-secret
55 type: basicAuth
56 externalSecret: '{{ tpl (default "" .Values.healthCheckRestClient.distribution.credsExternalSecret) . }}'
57 login: '{{ .Values.healthCheckRestClient.distribution.user }}'
58 password: '{{ .Values.healthCheckRestClient.distribution.password }}'
59 passwordPolicy: required
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]60 - uid: policy-kafka-user
61 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
62 type: genericKV
63 envs:
64 - name: sasl.jaas.config
65 value: '{{ .Values.config.someConfig }}'
66 policy: generate
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]67
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]68#################################################################
69# Application configuration defaults.
70#################################################################
71# application image
liamfallon2d0db7c2023-11-14 14:07:33 +0100[diff] [blame]72image: onap/policy-pap:3.0.2
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]73pullPolicy: Always
74
75# flag to enable debugging - application support required
76debugEnabled: false
77
78# application configuration
79
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +0200[diff] [blame]80db:
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]81 user: policy-user
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +0200[diff] [blame]82 password: policy_user
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]83 service:
84 name: policy-mariadb
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]85 pgName: policy-pg-primary
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]86 internalPort: 3306
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]87 internalPgPort: 5432
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]88
Dominik Mizyn389fca12020-04-09 22:37:00 +0200[diff] [blame]89restServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]90 user: policyadmin
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]91 password: zb!XztG34
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]92
Dominik Mizyn389fca12020-04-09 22:37:00 +0200[diff] [blame]93healthCheckRestClient:
94 api:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]95 user: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]96 password: none
Dominik Mizyn389fca12020-04-09 22:37:00 +0200[diff] [blame]97 distribution:
98 user: healthcheck
99 password: zb!XztG34
Krzysztof Opasiak3d9dc8b2020-03-31 23:05:16 +0200[diff] [blame]100
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]101# default number of instances
102replicaCount: 1
103
104nodeSelector: {}
105
106affinity: {}
107
108# probe configuration parameters
109liveness:
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]110 initialDelaySeconds: 60
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]111 periodSeconds: 10
112 # necessary to disable liveness probe when setting breakpoints
113 # in debugger so K8s doesn't restart unresponsive container
114 enabled: true
Bruno Sakoto0644c262020-05-22 16:56:35 -0400[diff] [blame]115 port: http-api
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]116
117readiness:
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]118 initialDelaySeconds: 10
119 periodSeconds: 120
Bruno Sakoto0644c262020-05-22 16:56:35 -0400[diff] [blame]120 port: http-api
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]121 api: /policy/pap/v1/healthcheck
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]122 successThreshold: 1
123 failureThreshold: 3
124 timeout: 60
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]125
126service:
127 type: ClusterIP
128 name: policy-pap
Bruno Sakoto0644c262020-05-22 16:56:35 -0400[diff] [blame]129 ports:
130 - name: http-api
131 port: 6969
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]132 - name: debug-port
133 port: 5005
134 protocol: TCP
ramverma1a3b8ad2019-02-25 12:45:11 +0000[diff] [blame]135
136ingress:
137 enabled: false
138
AndrewLamb7ef78ae2023-04-20 16:24:13 +0100[diff] [blame]139serviceMesh:
140 authorizationPolicy:
141 authorizedPrincipals:
142 - serviceAccount: message-router-read
143 - serviceAccount: portal-app-read
144
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]145flavor: small
146resources:
147 small:
148 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame^]149 cpu: "1"
150 memory: "1Gi"
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]151 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame^]152 cpu: "0.5"
153 memory: "1Gi"
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]154 large:
155 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame^]156 cpu: "2"
157 memory: "2Gi"
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]158 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame^]159 cpu: "1"
160 memory: "2Gi"
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]161 unlimited: {}
farida azmyc1178372021-04-11 12:55:33 +0200[diff] [blame]162
163#Pods Service Account
164serviceAccount:
165 nameOverride: policy-pap
166 roles:
167 - read
Rashmi Pujara8b09262022-03-15 21:58:57 -0400[diff] [blame]168
Rashmi Pujara8b09262022-03-15 21:58:57 -0400[diff] [blame]169metrics:
170 serviceMonitor:
171 # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
172 # The default operator for prometheus enforces the below label.
173 labels:
174 release: prometheus
175 enabled: true
176 port: http-api
177 interval: 60s
Andreas Geisslerf10c5552023-03-21 18:09:46 +0100[diff] [blame]178 isHttps: false
Rashmi Pujara8b09262022-03-15 21:58:57 -0400[diff] [blame]179 basicAuth:
180 enabled: true
181 externalSecretNameSuffix: policy-pap-user-creds
182 externalSecretUserKey: login
183 externalSecretPasswordKey: password
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]184
185# application configuration
186config:
187# Event consumption (kafka) properties
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]188 useStrimziKafkaPf: true
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]189 kafkaBootstrap: strimzi-kafka-bootstrap
190 kafka:
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]191 topics:
192 policyHeartbeat: policy-heartbeat
193 policyNotification: policy-notification
194 policyPdpPap: policy-pdp-pap
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]195 consumer:
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]196 groupId: policy-pap
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]197 app:
198 listener:
199 policyPdpPapTopic: policy-pdp-pap
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]200
201dmaap:
202 topics:
203 policyHeartbeat: POLICY-HEARTBEAT
204 policyNotification: POLICY-NOTIFICATION
205 policyPdpPap: POLICY-PDP-PAP
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]206# If targeting a custom kafka cluster, ie useStrimziKakfa: false
207# uncomment below config and target your kafka bootstrap servers,
208# along with any other security config.
209#
210# eventConsumption:
211# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
212# spring.kafka.security.protocol: PLAINTEXT
213# spring.kafka.consumer.group-id: policy-group
214#
215# Any new property can be added in the env by setting in overrides in the format mentioned below
216# All the added properties must be in "key: value" format instead of yaml.
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]217kafkaUser:
218 authenticationType: scram-sha-512
219 acls:
220 - name: policy-pap
221 type: group
222 operations: [Create, Describe, Read, Write]
223 - name: policy-pdp-pap
224 type: topic
225 patternType: prefix
226 operations: [Create, Describe, Read, Write]
227 - name: policy-heartbeat
228 type: topic
229 patternType: prefix
230 operations: [Create, Describe, Read, Write]
231 - name: policy-notification
232 type: topic
233 patternType: prefix
234 operations: [Create, Describe, Read, Write]
235
236readinessCheck:
237 wait_for:
238 - message-router