blob: 4b478e21e249427258a1ca0d1678a73ad1095709 [file] [log] [blame]
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -05001# Copyright (c) 2019 IBM, Bell Canada
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +01002# Copyright (c) 2020 Samsung Electronics
efiacorecbae132022-03-04 15:01:30 +00003# Modification Copyright © 2022 Nordix Foundation
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -05004#
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -05005# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17#################################################################
18# Global configuration defaults.
19#################################################################
20global:
21 # Change to an unused port prefix range to prevent port conflicts
22 # with other instances running within the same k8s cluster
Oleg Mitsura0197bf12019-05-03 15:03:55 -040023 nodePortPrefixExt: 304
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -050024
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -050025 # image pull policy
26 pullPolicy: Always
27
28 persistence:
29 mountPath: /dockerdata-nfs
30
Andreas Geissler4ee97a92022-04-29 13:01:14 +020031 # This configuration specifies Service and port for SDNC OAM interface
Konrad Bańkae332b242020-04-06 13:30:06 +020032 sdncOamService: sdnc-oam
33 sdncOamPort: 8282
34
Andreas Geissler4ee97a92022-04-29 13:01:14 +020035 # This concerns CDS/AAI communication through HTTP when TLS is not being needed
36 # Port value should match the one in aai/values.yml : service.externalPlainPort
37 aaiData:
38 ExternalPlainPort: 80 # when TLS is not needed
39 ServiceName: aai # domain
40 # http://aai:80 or https://aai:443
41
Abdelmuhaimen Seaudi2b55c442021-09-19 09:02:22 +000042 #AAF is enabled by default
43 #aafEnabled: true
44
45 #enable importCustomCerts to add custom CA to blueprint processor pod
46 #importCustomCertsEnabled: true
47
48 #use below configmap to add custom CA certificates
49 #certificates with *.pem will be added to JAVA truststore $JAVA_HOME/lib/security/cacerts in the pod
50 #certificates with *.crt will be added to /etc/ssl/certs/ca-certificates.crt in the pod
51 #customCertsConfigMap: onap-cds-blueprints-processor-configmap
52
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +010053#################################################################
54# Secrets metaconfig
55#################################################################
56secrets:
57 - uid: 'cds-db-user-creds'
58 type: basicAuth
59 externalSecret: '{{ tpl (default "" .Values.config.cdsDB.dbCredsExternalSecret) . }}'
60 login: '{{ .Values.config.cdsDB.dbUser }}'
61 password: '{{ .Values.config.cdsDB.dbPassword }}'
62 passwordPolicy: required
Konrad Bańka031bdb72020-05-14 16:56:39 +020063 - uid: 'sdnc-db-root-pass'
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +010064 type: password
Konrad Bańka031bdb72020-05-14 16:56:39 +020065 externalSecret: '{{ tpl (default "" .Values.config.sdncDB.dbRootPassExternalSecret) . }}'
66 password: '{{ .Values.config.sdncDB.dbRootPass }}'
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +010067 passwordPolicy: required
efiacorecbae132022-03-04 15:01:30 +000068 - uid: cds-kafka-secret
69 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
70 type: genericKV
71 envs:
72 - name: password
73 value: '{{ .Values.config.someConfig }}'
74 policy: generate
Michal Jagiello2cef5642022-06-27 10:08:41 +000075 - uid: cps-creds
76 type: basicAuth
77 externalSecret: '{{ tpl (default "" .Values.config.cps.cpsUserExternalSecret) . }}'
78 login: '{{ .Values.config.cps.cpsUsername }}'
79 password: '{{ .Values.config.cps.cpsPassword }}'
80 passwordPolicy: required
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +010081
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -050082#################################################################
Abdelmuhaimen Seaudi822eb092021-09-04 11:08:36 +020083# AAF part
84#################################################################
85certInitializer:
Abdelmuhaimen Seaudi2b55c442021-09-19 09:02:22 +000086 nameOverride: cds-blueprints-processor-cert-initializer
Abdelmuhaimen Seaudi822eb092021-09-04 11:08:36 +020087 aafDeployFqi: deployer@people.osaaf.org
88 aafDeployPass: demo123456!
89 # aafDeployCredsExternalSecret: some secret
90 fqdn: sdnc-cds
91 fqi: sdnc-cds@sdnc-cds.onap.org
92 public_fqdn: sdnc-cds.onap.org
93 cadi_longitude: "0.0"
94 cadi_latitude: "0.0"
95 app_ns: org.osaaf.aaf
96 credsPath: /opt/app/osaaf/local
97 fqi_namespace: org.onap.sdnc-cds
Abdelmuhaimen Seaudi2b55c442021-09-19 09:02:22 +000098 #enable below if we need custom CA to be added to blueprint processor pod
99 #importCustomCertsEnabled: true
100 #truststoreMountpath: /opt/onap/cds
101 #truststoreOutputFileName: truststoreONAPall.jks
Abdelmuhaimen Seaudi822eb092021-09-04 11:08:36 +0200102 aaf_add_config: >
103 /opt/app/aaf_config/bin/agent.sh;
104 /opt/app/aaf_config/bin/agent.sh local showpass
105 {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop
106
107#################################################################
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500108# Application configuration defaults.
109#################################################################
110# application image
Timoney, Dan (dt5972)51c00d62022-09-28 09:42:07 -0400111image: onap/ccsdk-blueprintsprocessor:1.4.0
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500112pullPolicy: Always
113
114# flag to enable debugging - application support required
115debugEnabled: false
116
117# application configuration
118config:
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500119 appConfigDir: /opt/app/onap/config
Konrad Bańka031bdb72020-05-14 16:56:39 +0200120 sdncDB:
121 dbService: mariadb-galera
122 dbPort: 3306
123 dbName: sdnctl
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200124 # dbRootPass: Custom root password
Konrad Bańka031bdb72020-05-14 16:56:39 +0200125 dbRootPassExternalSecret: '{{ include "common.mariadb.secret.rootPassSecretName" ( dict "dot" . "chartName" .Values.config.sdncDB.dbService ) }}'
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +0100126 cdsDB:
127 dbServer: cds-db
128 dbPort: 3306
129 dbName: sdnctl
Sylvain Desbureaux503b2292020-11-21 22:29:17 +0100130 dbUser: sdnctl
131 dbPassword: sdnctl
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +0100132 # dbCredsExternalSecret: <some secret name>
133 # dbRootPassword: password
134 # dbRootPassExternalSecret
efiacorecbae132022-03-04 15:01:30 +0000135 someConfig: blah
Michal Jagiello2cef5642022-06-27 10:08:41 +0000136 cps:
137 cpsUsername: ''
138 cpsPassword: ''
139 cpsUserExternalSecret: '{{ include "common.release" . }}-cps-core-app-user-creds'
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500140
141# default number of instances
Jozsef Csongvai08515b72021-04-28 17:04:57 -0400142replicaCount: 1
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500143
144nodeSelector: {}
145
146affinity: {}
147
efiacorecbae132022-03-04 15:01:30 +0000148# If useStrimziKafka is true, the following also applies:
149# strimzi will create an associated kafka user and the topics defined for Request and Audit elements below.
150# The connection type must be kafka-scram-plain-text-auth
151# The bootstrapServers will target the strimzi kafka cluster by default
152useStrimziKafka: false
153cdsKafkaUser: cds-kafka-user
Prathamesh Morde93da1272019-06-24 10:36:15 -0400154
efiacorecbae132022-03-04 15:01:30 +0000155kafkaRequestConsumer:
156 enabled: false
157 type: kafka-scram-plain-text-auth
158 bootstrapServers: host:port
159 groupId: cds-consumer
160 topic: cds.blueprint-processor.self-service-api.request
161 clientId: request-receiver-client-id
162 pollMillSec: 1000
163kafkaRequestProducer:
164 type: kafka-scram-plain-text-auth
165 bootstrapServers: host:port
166 clientId: request-producer-client-id
167 topic: cds.blueprint-processor.self-service-api.response
168 enableIdempotence: false
169kafkaAuditRequest:
170 enabled: false
171 type: kafka-scram-plain-text-auth
172 bootstrapServers: host:port
173 clientId: audit-request-producer-client-id
174 topic: cds.blueprint-processor.self-service-api.audit.request
175 enableIdempotence: false
176kafkaAuditResponse:
177 type: kafka-scram-plain-text-auth
178 bootstrapServers: host:port
179 clientId: audit-response-producer-client-id
180 topic: cds.blueprint-processor.self-service-api.audit.response
181 enableIdempotence: false
Krzysztof Opasiak32f9aaa2020-02-06 23:05:15 +0100182
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500183# probe configuration parameters
Jozsef Csongvai08515b72021-04-28 17:04:57 -0400184startup:
185 initialDelaySeconds: 10
186 failureThreshold: 30
187 periodSeconds: 10
188
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500189liveness:
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200190 initialDelaySeconds: 1
Oleg Mitsura3a621182019-10-09 12:40:11 -0400191 periodSeconds: 20
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200192 timeoutSeconds: 30
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500193 # necessary to disable liveness probe when setting breakpoints
194 # in debugger so K8s doesn't restart unresponsive container
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200195 enabled: false
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500196
197readiness:
Yang Xu435062b2019-06-17 01:19:37 -0400198 initialDelaySeconds: 120
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500199 periodSeconds: 10
Oleg Mitsura3a621182019-10-09 12:40:11 -0400200 timeoutSeconds: 20
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500201
202service:
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500203 http:
gummarc7bd0e22020-03-05 18:57:12 +0000204 type: ClusterIP
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200205 portName: http
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500206 internalPort: 8080
207 externalPort: 8080
208 grpc:
Oleg Mitsura0197bf12019-05-03 15:03:55 -0400209 type: ClusterIP
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200210 portName: grpc
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500211 internalPort: 9111
212 externalPort: 9111
Sebastien Premont-Tendlandb679d7b2020-02-17 11:32:15 -0500213 cluster:
214 type: ClusterIP
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200215 portName: tcp-cluster
Sebastien Premont-Tendlandb679d7b2020-02-17 11:32:15 -0500216 internalPort: 5701
217 externalPort: 5701
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500218
219persistence:
Alexis de Talhouët108e28f2019-04-14 18:54:56 -0400220 volumeReclaimPolicy: Retain
221 accessMode: ReadWriteMany
222 size: 2Gi
223 enabled: true
224 mountSubPath: cds/blueprints/deploy
225 deployedBlueprint: /opt/app/onap/blueprints/deploy
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500226
Sebastien Premont-Tendlandb679d7b2020-02-17 11:32:15 -0500227cluster:
228 # Cannot have cluster enabled if the replicaCount is not at least 3
Jozsef Csongvai08515b72021-04-28 17:04:57 -0400229 enabled: false
Sebastien Premont-Tendlandb679d7b2020-02-17 11:32:15 -0500230
231 clusterName: cds-cluster
232
233 # Defines the number of node to be part of the CP subsystem/raft algorithm. This value should be
234 # between 3 and 7 only.
235 groupSize: 3
236
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500237ingress:
238 enabled: false
Lucjan Bryndza33315d42019-11-27 14:07:58 +0100239 service:
Andreas Geissler51900a92022-08-03 13:10:35 +0200240 - baseaddr: "cds-blueprintsprocessor-api"
Lucjan Bryndza6174db42020-07-09 09:00:20 +0000241 name: "cds-blueprints-processor-http"
Lucjan Bryndza33315d42019-11-27 14:07:58 +0100242 port: 8080
Andreas Geissler4ee97a92022-04-29 13:01:14 +0200243 config:
244 ssl: "none"
Steve Alphonse Siania1b6b0e2019-01-25 15:23:58 -0500245
Dominik Mizyndd285d32020-08-21 13:10:11 +0200246logback:
247 rootLogLevel: INFO
248 logger:
249 springframework: INFO
250 springframeworkWeb: INFO
251 springframeworkSecurityWebauthentication: INFO
252 hibernate: INFO
253 onapCcsdkCds: INFO
254
Dan Timoney6cc07e02020-09-23 08:52:47 -0400255flavor: small
256
257resources:
258 small:
259 limits:
260 cpu: 2
261 memory: 4Gi
262 requests:
263 cpu: 1
264 memory: 1Gi
265 large:
266 limits:
267 cpu: 4
268 memory: 8Gi
269 requests:
270 cpu: 2
271 memory: 4Gi
272 unlimited: {}
farida azmyffad0322021-04-09 14:18:14 +0200273
274#Pods Service Account
275serviceAccount:
276 nameOverride: cds-blueprints-processor
277 roles:
278 - read
Kavitha P1a78f2f2021-08-25 16:40:38 +0530279
280# workflow store flag
281workflow:
282 storeEnabled: false