blob: 297de153089655fa393a1bdcf9446dd6abf7303d [file] [log] [blame]
Sylvain Desbureaux70070412020-11-09 21:58:48 +01001# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
2# Modifications Copyright (c) 2020 Nokia
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01003# Modifications Copyright (c) 2021 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +01004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17# Default values for traversal.
18# This is a YAML-formatted file.
19# Declare variables to be passed into your templates.
20global: # global defaults
21 nodePortPrefix: 302
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010022 aafEnabled: true
23
24 cassandra:
25 #Service Name of the cassandra cluster to connect to.
26 #Override it to aai-cassandra if localCluster is enabled.
27 serviceName: cassandra
28
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010029 # Specifies a list of jobs to be run
30 jobs:
31 # When enabled, it will create the schema based on oxm and edge rules
32 createSchema:
33 enabled: true
34 # When enabled, it will create the widget models via REST API to haproxy
35 updateQueryData:
36 enabled: true
37 #migration using helm hooks
38 migration:
39 enabled: false
40
41 # Common configuration for resources traversal and graphadmin
42 config:
43 # User information for the admin user in container
44 userId: 1000
45 groupId: 1000
46
47 # Specifies that the cluster connected to a dynamic
48 # cluster being spinned up by kubernetes deployment
49 cluster:
50 cassandra:
51 dynamic: true
52
53 # Specifies if the basic authorization is enabled
54 basic:
55 auth:
56 enabled: true
57 username: AAI
58 passwd: AAI
59
60 # Active spring profiles for the resources microservice
61 profiles:
Sam Huang56a6dd42021-03-26 13:27:17 -060062 active: production,dmaap,aaf-auth #,keycloak
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010063
64 # Notification event specific properties
65 notification:
66 eventType: AAI-EVENT
67 domain: dev
68
69 # Schema specific properties that include supported versions of api
70 schema:
71 # Specifies if the connection should be one way ssl, two way ssl or no auth
72 service:
73 client: one-way-ssl
74 # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
75 translator:
76 list: schema-service
77 source:
78 # Specifies which folder to take a look at
79 name: onap
80 uri:
81 # Base URI Path of the application
82 base:
83 path: /aai
84 version:
85 # Current version of the REST API
86 api:
87 default: v21
88 # Specifies which version the depth parameter is configurable
89 depth: v11
90 # List of all the supported versions of the API
91 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21
92 # Specifies from which version related link should appear
93 related:
94 link: v11
95 # Specifies from which version the app root change happened
96 app:
97 root: v11
98 # Specifies from which version the xml namespace changed
99 namespace:
100 change: v12
101 # Specifies from which version the edge label appeared in API
102 edge:
103 label: v12
104
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100105 # Specifies which clients should always default to realtime graph connection
106 realtime:
107 clients: SDNC,MSO,SO,robot-ete
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100108
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100109#################################################################
110# Certificate configuration
111#################################################################
112certInitializer:
113 nameOverride: aai-traversal-cert-initializer
114 aafDeployFqi: deployer@people.osaaf.org
115 aafDeployPass: demo123456!
116 # aafDeployCredsExternalSecret: some secret
117 fqdn: aai-traversal
118 fqi: aai-traversal@aai-traversal.onap.org
119 public_fqdn: aai-traversal.onap.org
120 cadi_longitude: "0.0"
121 cadi_latitude: "0.0"
122 app_ns: org.osaaf.aaf
123 credsPath: /opt/app/osaaf/local
124 fqi_namespace: org.onap.aai-traversal
125 aaf_add_config: |
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200126 echo "*** changing them into shell safe ones"
127 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
128 export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
129 cd {{ .Values.credsPath }}
130 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
131 -storepass "${cadi_keystore_password_p12}" \
132 -keystore {{ .Values.fqi_namespace }}.p12
133 keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
134 -storepass "${cadi_truststore_password}" \
135 -keystore {{ .Values.fqi_namespace }}.trust.jks
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200136 echo "*** save the generated passwords"
137 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
138 echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
Sylvain Desbureaux6b83dab2021-02-23 16:03:21 +0100139 echo "*** change ownership of certificates to targeted user"
140 chown -R 1000 {{ .Values.credsPath }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100141
142# application image
Harish Venkata Kajur12091182021-02-25 13:21:54 -0500143image: onap/aai-traversal:1.8.0
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100144pullPolicy: Always
145restartPolicy: Always
146flavor: small
147flavorOverride: small
Sylvain Desbureaux331f0042021-01-18 11:38:49 +0100148
149api_list:
150 - 11
151 - 12
152 - 13
153 - 14
154 - 15
155 - 16
156 - 17
157 - 18
158 - 19
159
160aai_enpoints:
161 - name: aai-generic-query
162 url: search/generic-query
163 - name: aai-nodes-query
164 url: search/nodes-query
165 - name: aai-nquery
166 url: query
167
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100168# application configuration
169config:
170
Sam Huang56a6dd42021-03-26 13:27:17 -0600171 # configure keycloak according to your environment.
172 # don't forget to add keycloak in active profiles above (global.config.profiles)
173 keycloak:
174 host: keycloak.your.domain
175 port: 8180
176 # Specifies a set of users, credentials, roles, and groups
177 realm: aai-traversal
178 # Used by any client application for enabling fine-grained authorization for their protected resources
179 resource: aai-traversal-app
180 # If set to true, additional criteria will be added into traversal query to returns all the vertices that match
181 # the data-owner property with the given role to the user in keycloak
182 multiTenancy:
183 enabled: true
184
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100185 # Specifies timeout information such as application specific and limits
186 timeout:
187 # If set to true application will timeout for queries taking longer than limit
188 enabled: true
189 # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
190 appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
191 # Specifies how long should it wait before timing out the REST request
192 limit: 180000
193
194 # Disables the updateQueryData script to run as part of traversal
195 disableUpdateQuery: true
196
197 # Override of the DSL Timeout Limit
198 dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA'
199
200 dsl:
201 # Dsl timeout configuration
202 timeout:
203 # Whether or not the dsl is enabled
204 enabled: true
205 # Default time limit of the DSL query
206 limit: 150000
207 # App Specific Timeout Limit for each of the X-FromAppId
208 appspecific:
209 - JUNITTESTAPP1,1
210 - JUNITTESTAPP2,-1
211 - AAI-TOOLS,-1
212 - DCAE-CCS,1200000
213 - DCAES,1200000
214 - VPESAT,-1
215 - AAI-CACHER,-1
216 - VidAaiController,300000
217 - AAI-UI,180000
218
219persistence:
220 mountPath: /dockerdata-nfs
221 mountSubPath: aai/aai-traversal
222
223# default number of instances
224replicaCount: 1
225
226nodeSelector: {}
227
228affinity: {}
229
230# probe configuration parameters
231liveness:
232 initialDelaySeconds: 60
233 periodSeconds: 60
234 # necessary to disable liveness probe when setting breakpoints
235 # in debugger so K8s doesn't restart unresponsive container
236 enabled: false
237
238readiness:
239 initialDelaySeconds: 10
240 periodSeconds: 10
241
242service:
243 type: ClusterIP
244 portName: aai-traversal-8446
245 internalPort: 8446
246 portName2: aai-traversal-5005
247 internalPort2: 5005
248
249ingress:
250 enabled: false
251
252# Configure resource requests and limits
253# ref: http://kubernetes.io/docs/user-guide/compute-resources/
254resources:
255 small:
256 limits:
257 cpu: 2
258 memory: 4Gi
259 requests:
260 cpu: 1
261 memory: 3Gi
262 large:
263 limits:
264 cpu: 4
265 memory: 8Gi
266 requests:
267 cpu: 2
268 memory: 4Gi
269 unlimited: {}
farida azmyd8937332021-03-09 12:20:42 +0200270
271#Pods Service Account
272serviceAccount:
273 nameOverride: aai-traversal
274 roles:
275 - read