Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / 8c66f85d7348b09de54b7479757878d96f1c1cd0 / . / kubernetes / sdnc / values.yaml
blob: 3708bd1cddd50b785860bab8c1fa92a3fbaaabac [file] [log] [blame]
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]1# Copyright © 2020 Samsung Electronics, highstreet technologies GmbH
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]2# Copyright © 2017 Amdocs, Bell Canada
Remigiusz Janeczek42177a12020-12-10 13:10:15 +0100[diff] [blame]3# Copyright © 2021 Nokia
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]17#################################################################
18# Global configuration defaults.
19#################################################################
20global:
21 nodePortPrefix: 302
jmac0e4f7172018-09-07 18:06:43 +0000[diff] [blame]22 nodePortPrefixExt: 304
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]23 persistence:
24 mountPath: /dockerdata-nfs
Maciej Wereski537d71e2021-11-03 13:31:44 +0000[diff] [blame]25 centralizedLoggingEnabled: true
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]26 mariadbGalera:
Andreas Geissler2c1ba292024-01-10 22:20:05 +0100[diff] [blame]27 # flag to enable the DB creation via mariadb-operator
28 useOperator: true
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]29 #This flag allows SO to instantiate its own mariadb-galera cluster
30 #If shared instance is used, this chart assumes that DB already exists
31 localCluster: false
Andreas Geissler576de2d2023-10-24 15:38:01 +0200[diff] [blame]32 service: &mariadbService mariadb-galera
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]33 internalPort: 3306
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]34 nameOverride: &mariadbName mariadb-galera
Andreas Geissler8b948262024-01-19 15:52:06 +0100[diff] [blame]35 # (optional) if localCluster=false and an external secret is used set this variable
36 #userRootSecret: <secretName>
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]37
demskeq83166b222023-04-26 10:27:00 +0200[diff] [blame]38
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]39#################################################################
40# Secrets metaconfig
41#################################################################
42secrets:
43 - uid: db-root-password
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]44 name: &rootDbSecret '{{ include "common.release" . }}-sdnc-db-root-password'
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]45 type: password
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]46 # If we're using shared mariadb, we need to use the secret name (second
47 # part).
48 # If not, we do the same trick than for user db secret hat allows you
49 # override this secret using external one with the same field that is used
50 # to pass this to subchart.
Krzysztof Opasiakab7a6bb2020-03-24 03:30:51 +0100[diff] [blame]51 externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
Andreas Geissler8b948262024-01-19 15:52:06 +0100[diff] [blame]52 ternary (( hasSuffix "sdnc-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
53 ternary
54 ""
55 (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .)
56 )
57 ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
58 ternary
59 .Values.global.mariadbGalera.userRootSecret
60 (include "common.mariadb.secret.rootPassSecretName"
61 (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
62 )
63 ) }}'
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]64 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]65 - uid: db-secret
66 name: &dbSecretName '{{ include "common.release" . }}-sdnc-db-secret'
67 type: basicAuth
68 # This is a nasty trick that allows you override this secret using external one
69 # with the same field that is used to pass this to subchart
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]70 externalSecret: '{{ (hasSuffix "sdnc-db-secret" (index .Values "mariadb-galera" "db" "externalSecret")) |
71 ternary
72 ""
73 (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) }}'
74 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
75 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]76 - uid: odl-creds
77 name: &odlCredsSecretName '{{ include "common.release" . }}-sdnc-odl-creds'
78 type: basicAuth
79 externalSecret: '{{ .Values.config.odlCredsExternalSecret }}'
80 login: '{{ .Values.config.odlUser }}'
81 password: '{{ .Values.config.odlPassword }}'
82 # For now this is left hardcoded but should be revisited in a future
83 passwordPolicy: required
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]84 - uid: netbox-apikey
85 type: password
86 externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}'
87 password: '{{ .Values.config.netboxApikey }}'
88 passwordPolicy: required
Dan Timoney9e310e72021-02-23 11:25:39 -0500[diff] [blame]89 - uid: aai-truststore-password
90 type: password
91 externalSecret: '{{ .Values.config.aaiTruststoreExternalSecret }}'
92 password: '{{ .Values.config.aaiTruststorePassword }}'
93 passwordPolicy: required
94 - uid: ansible-truststore-password
95 type: password
96 externalSecret: '{{ .Values.config.ansibleTruststoreExternalSecret }}'
97 password: '{{ .Values.config.ansibleTruststorePassword }}'
98 passwordPolicy: required
99 - uid: truststore-password
100 type: password
101 externalSecret: '{{ .Values.config.truststoreExternalSecret }}'
102 password: '{{ .Values.config.truststorePassword }}'
103 passwordPolicy: required
104 - uid: keystore-password
105 type: password
106 externalSecret: '{{ .Values.config.keystoreExternalSecret }}'
107 password: '{{ .Values.config.keystorePassword }}'
108 passwordPolicy: required
109 - uid: dmaap-authkey
110 type: password
111 externalSecret: '{{ .Values.config.dmaapAuthKeyExternalSecret }}'
112 password: '{{ .Values.config.dmaapAuthKey }}'
113 passwordPolicy: required
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]114 - uid: aai-user-creds
115 type: basicAuth
116 externalSecret: '{{ .Values.config.aaiCredsExternalSecret}}'
117 login: '{{ .Values.config.aaiUser }}'
118 password: '{{ .Values.config.aaiPassword }}'
119 passwordPolicy: required
Dan Timoney9e310e72021-02-23 11:25:39 -0500[diff] [blame]120 - uid: so-user-creds
121 type: basicAuth
122 externalSecret: '{{ .Values.config.soCredsExternalSecret}}'
123 login: '{{ .Values.config.soUser }}'
124 password: '{{ .Values.config.soPassword }}'
125 passwordPolicy: required
126 - uid: neng-user-creds
127 type: basicAuth
128 externalSecret: '{{ .Values.config.nengCredsExternalSecret}}'
129 login: '{{ .Values.config.nengUser }}'
130 password: '{{ .Values.config.nengPassword }}'
131 passwordPolicy: required
132 - uid: cds-user-creds
133 type: basicAuth
134 externalSecret: '{{ .Values.config.cdsCredsExternalSecret}}'
135 login: '{{ .Values.config.cdsUser }}'
136 password: '{{ .Values.config.cdsPassword }}'
137 passwordPolicy: required
138 - uid: honeycomb-user-creds
139 type: basicAuth
140 externalSecret: '{{ .Values.config.honeycombCredsExternalSecret}}'
141 login: '{{ .Values.config.honeycombUser }}'
142 password: '{{ .Values.config.honeycombPassword }}'
143 passwordPolicy: required
144 - uid: dmaap-user-creds
145 type: basicAuth
146 externalSecret: '{{ .Values.config.dmaapCredsExternalSecret}}'
147 login: '{{ .Values.config.dmaapUser }}'
148 password: '{{ .Values.config.dmaapPassword }}'
149 passwordPolicy: required
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]150 - uid: modeling-user-creds
151 type: basicAuth
152 externalSecret: '{{ .Values.config.modelingCredsExternalSecret}}'
153 login: '{{ .Values.config.modelingUser }}'
154 password: '{{ .Values.config.modelingPassword }}'
155 passwordPolicy: required
156 - uid: restconf-creds
157 type: basicAuth
158 externalSecret: '{{ .Values.config.restconfCredsExternalSecret}}'
159 login: '{{ .Values.config.restconfUser }}'
160 password: '{{ .Values.config.restconfPassword }}'
161 passwordPolicy: required
162 - uid: ansible-creds
163 name: &ansibleSecretName '{{ include "common.release" . }}-sdnc-ansible-creds'
164 type: basicAuth
165 externalSecret: '{{ .Values.config.ansibleCredsExternalSecret}}'
166 login: '{{ .Values.config.ansibleUser }}'
167 password: '{{ .Values.config.ansiblePassword }}'
168 passwordPolicy: required
169 - uid: scaleout-creds
170 type: basicAuth
171 externalSecret: '{{ .Values.config.scaleoutCredsExternalSecret}}'
172 login: '{{ .Values.config.scaleoutUser }}'
173 password: '{{ .Values.config.scaleoutPassword }}'
174 passwordPolicy: required
demskeq8b43e92c2021-02-12 15:43:48 +0100[diff] [blame]175 - uid: oauth-token-secret
176 type: password
177 externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
178 password: '{{ .Values.config.sdnr.oauth.tokenSecret }}'
179 passwordPolicy: required
180 - uid: keycloak-secret
181 type: password
182 externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
183 password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}'
184 passwordPolicy: required
sebdetb205f402021-10-20 12:16:02 +0200[diff] [blame]185 - uid: ves-collector-secret
186 type: basicAuth
187 login: '{{ .Values.config.sdnr.vesCollector.username }}'
188 password: '{{ .Values.config.sdnr.vesCollector.password }}'
demskeq84e1f84c2023-07-04 08:39:43 +0000[diff] [blame]189 - uid: sdnrdb-secret
190 name: &sdnrdbSecretName '{{ include "common.release" . }}-sdnc-sdnrdb-secret'
191 type: basicAuth
192 login: '{{ index .Values "config" "sdnr" "mariadb" "user" }}'
193 password: '{{ index .Values "config" "sdnr" "mariadb" "password" }}'
Jan Malkiewicz0e53c9f2020-12-08 15:08:01 +0100[diff] [blame]194#################################################################
195# Certificates
196#################################################################
197certificates:
Remigiusz Janeczek42177a12020-12-10 13:10:15 +0100[diff] [blame]198 - mountPath: /var/custom-certs
199 commonName: sdnc.simpledemo.onap.org
Jan Malkiewicz0e53c9f2020-12-08 15:08:01 +0100[diff] [blame]200 dnsNames:
201 - sdnc.simpledemo.onap.org
Piotr Marcinkiewicz59571012021-01-12 17:37:08 +0100[diff] [blame]202 keystore:
203 outputType:
204 - jks
Jan Malkiewicz0e53c9f2020-12-08 15:08:01 +0100[diff] [blame]205 passwordSecretRef:
Piotr Marcinkiewicz32672932021-03-26 13:06:35 +0100[diff] [blame]206 create: true
Piotr Marcinkiewicz59571012021-01-12 17:37:08 +0100[diff] [blame]207 name: sdnc-cmpv2-keystore-password
Jan Malkiewicz0e53c9f2020-12-08 15:08:01 +0100[diff] [blame]208 key: password
Piotr Marcinkiewicz59571012021-01-12 17:37:08 +0100[diff] [blame]209 issuer:
210 group: certmanager.onap.org
211 kind: CMPv2Issuer
212 name: cmpv2-issuer-onap
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]213#################################################################
214# Application configuration defaults.
215#################################################################
216# application images
Alexander Dehn238450f2020-10-27 13:03:53 +0000[diff] [blame]217
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]218pullPolicy: Always
Dan Timoney1a925a72024-06-13 08:24:21 -0400[diff] [blame]219image: onap/sdnc-image:2.6.1
Timoney, Dan (dt5972)a3bc1a52019-06-26 16:16:52 -0400[diff] [blame]220
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]221# flag to enable debugging - application support required
222debugEnabled: false
223
224# application configuration
BorislavG5f3b6192018-03-25 18:12:38 +0300[diff] [blame]225config:
Timoney, Dan (dt5972)ba4d2eb2019-05-07 13:32:42 -0400[diff] [blame]226 odlUid: 100
227 odlGid: 101
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]228 odlUser: admin
jmaca68f4cb2018-05-10 22:44:19 +0000[diff] [blame]229 odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]230 # odlCredsExternalSecret: some secret
231 netboxApikey: onceuponatimeiplayedwithnetbox20180814
232 # netboxApikeyExternalSecret: some secret
Dan Timoney9e310e72021-02-23 11:25:39 -0500[diff] [blame]233 aaiTruststorePassword: changeit
234 # aaiTruststoreExternalSecret: some secret
235 ansibleTruststorePassword: changeit
236 # ansibleTruststoreExternalSecret: some secret
237 truststorePassword: adminadmin
238 # truststoreExternalSecret: some secret
239 keystorePassword: adminadmin
240 # keystoreExternalSecret: some secret
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]241 aaiUser: sdnc@sdnc.onap.org
242 aaiPassword: demo123456!
243 # aaiCredsExternalSecret: some secret
Dan Timoney9e310e72021-02-23 11:25:39 -0500[diff] [blame]244 soUser: sdncaBpmn
245 soPassword: password1$
246 # soCredsExternalSecret: some secret
247 nengUser: ccsdkapps
248 nengPassword: ccsdkapps
249 # nengCredsExternalSecret: some secret
250 cdsUser: ccsdkapps
251 cdsPassword: ccsdkapps
252 # cdsCredsExternalSecret: some secret
253 honeycombUser: admin
254 honeycombPassword: admin
255 # honeycombCredsExternalSecret: some secret
256 dmaapUser: admin
257 dmaapPassword: admin
258 dmaapAuthKey: "fs20cKwalJ6ry4kX:7Hqm6BDZK47IKxGRkOPFk33qMYs="
259 # dmaapCredsExternalSecret: some secret
260 # dmaapAuthKeyExternalSecret: some secret
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]261 modelingUser: ccsdkapps
262 modelingPassword: ccsdkapps
263 # modelingCredsExternalSecret: some secret
264 restconfUser: admin
265 restconfPassword: admin
266 # restconfCredsExternalSecret: some secret
267 scaleoutUser: admin
268 scaleoutPassword: admin
269 # scaleoutExternalSecret: some secret
270 ansibleUser: sdnc
271 ansiblePassword: sdnc
272 # ansibleCredsExternalSecret: some secret
sebdetb205f402021-10-20 12:16:02 +0200[diff] [blame]273
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]274 dbSdnctlDatabase: &sdncDbName sdnctl
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]275 enableClustering: true
Timoney, Dan (dt5972)a3bc1a52019-06-26 16:16:52 -0400[diff] [blame]276 sdncHome: /opt/onap/sdnc
jmaca68f4cb2018-05-10 22:44:19 +0000[diff] [blame]277 binDir: /opt/onap/sdnc/bin
Timoney, Dan (dt5972)a3bc1a52019-06-26 16:16:52 -0400[diff] [blame]278 etcDir: /opt/onap/sdnc/data
Trevor Tait567ff1e2018-05-01 16:20:54 -0400[diff] [blame]279 geoEnabled: false
Neha Jain7b0d6c62018-05-17 14:34:49 -0400[diff] [blame]280# if geoEnabled is set to true here, mysql.geoEnabled must be set to true
Trevor Tait567ff1e2018-05-01 16:20:54 -0400[diff] [blame]281# if geoEnabled is set to true the following 3 values must be set to their proper values
282 myODLCluster: 127.0.0.1
283 peerODLCluster: 127.0.0.1
Mohammadreza Pasandidehb642ee52018-06-19 15:19:53 -0400[diff] [blame]284 isPrimaryCluster: true
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]285 configDir: /opt/onap/sdnc/data/properties
Konrad Bańka5ea1db32020-04-06 14:32:46 +0200[diff] [blame]286 ccsdkConfigDir: /opt/onap/ccsdk/data/properties
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]287 dmaapTopic: SUCCESS
jmaca68f4cb2018-05-10 22:44:19 +0000[diff] [blame]288 dmaapPort: 3904
BorislavG5f3b6192018-03-25 18:12:38 +0300[diff] [blame]289 logstashServiceName: log-ls
290 logstashPort: 5044
jmac7c434672018-05-11 20:14:17 +0000[diff] [blame]291 ansibleServiceName: sdnc-ansible-server
292 ansiblePort: 8000
Dan Timoneya98765b2020-09-14 11:57:55 -0400[diff] [blame]293 javaHome: /opt/java/openjdk
jmac7c434672018-05-11 20:14:17 +0000[diff] [blame]294
Timoney, Dan (dt5972)58774772019-08-21 16:50:54 -0400[diff] [blame]295 odl:
296 etcDir: /opt/opendaylight/etc
297 binDir: /opt/opendaylight/bin
Dan Timoneya98765b2020-09-14 11:57:55 -0400[diff] [blame]298 gcLogDir: /opt/opendaylight/data/log
Timoney, Dan (dt5972)58774772019-08-21 16:50:54 -0400[diff] [blame]299 salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config
Dan Timoney9520e7c2021-01-12 11:10:58 -0500[diff] [blame]300 salConfigVersion: 1.10.4
Timoney, Dan (dt5972)58774772019-08-21 16:50:54 -0400[diff] [blame]301 akka:
302 seedNodeTimeout: 15s
303 circuitBreaker:
304 maxFailures: 10
305 callTimeout: 90s
306 resetTimeout: 30s
307 recoveryEventTimeout: 90s
308 datastore:
309 persistentActorRestartMinBackoffInSeconds: 10
310 persistentActorRestartMaxBackoffInSeconds: 40
311 persistentActorRestartResetBackoffInSeconds: 20
312 shardTransactionCommitTimeoutInSeconds: 120
313 shardIsolatedLeaderCheckIntervalInMillis: 30000
314 operationTimeoutInSeconds: 120
315 javaOptions:
316 maxGCPauseMillis: 100
317 parallelGCThreads : 3
Dan Timoneya98765b2020-09-14 11:57:55 -0400[diff] [blame]318 numberGCLogFiles: 10
319 minMemory: 512m
320 maxMemory: 2048m
321 gcLogOptions: ""
322 # Next line enables gc logging
323 # gcLogOptions: "-Xlog:gc=trace:file={{.Values.config.odl.gcLogDir}}/gc-%t.log}:time,level,tags:filecount={{.Values.config.odl.javaOptions.numberGCLogFiles}}"
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]324 # enables sdnr functionality
325 sdnr:
Alexander Dehn5c1105e2020-09-14 20:55:56 +0000[diff] [blame]326 enabled: true
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]327 # mode: web - SDNC contains device manager only plus dedicated webserver service for ODLUX (default),
328 # mode: dm - SDNC contains sdnr device manager + ODLUX components
329 mode: dm
330 # sdnronly: true starts sdnc container with odl and sdnrwt features only
331 sdnronly: false
332 sdnrdbTrustAllCerts: true
demskeq84e1f84c2023-07-04 08:39:43 +0000[diff] [blame]333 elasticsearch:
334 ## for legacy eleasticsearch database
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]335 enabled: &esdbenabled true
336 # enabled: &esdbenabled false
demskeq84e1f84c2023-07-04 08:39:43 +0000[diff] [blame]337 mariadb:
338 ## for legacy eleasticsearch database
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]339 enabled: false
340 # enabled: true
demskeq84e1f84c2023-07-04 08:39:43 +0000[diff] [blame]341 databaseName: sdnrdb
342 user: sdnrdb
343 externalSecret: *sdnrdbSecretName
344 asyncHandling: true
345 asyncPoolSize: 200
demskeq83166b222023-04-26 10:27:00 +0200[diff] [blame]346 kafka:
347 enabled: false
348 consumerGroupPrefix: &consumerGroupPrefix sdnr
349 # Strimzi KafkaUser config see configuration below
350 kafkaUser: &kafkaUser
351 acls:
352 - name: unauthenticated.SEC_
353 type: topic
354 patternType: prefix
355 operations: [Read]
356 - name: unauthenticated.VES_PNFREG_OUTPUT
357 type: topic
358 patternType: literal
359 operations: [Read]
360 - name: *consumerGroupPrefix
361 type: group
362 patternType: prefix
363 operations: [Read]
364 ## set if bootstrap server is not OOM standard
365 # bootstrapServers: []
366 ## set connection parameters if not default
367 # securityProtocol: PLAINTEXT
368 # saslMechanism: SCRAM-SHA-512
369 ## saslJassConfig: provided by secret
370
371
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]372 mountpointStateProviderEnabled: false
demskeq827854662021-04-08 14:49:47 +0200[diff] [blame]373 netconfCallHome:
374 enabled: true
demskeq83166b222023-04-26 10:27:00 +0200[diff] [blame]375
376
demskeq8b43e92c2021-02-12 15:43:48 +0100[diff] [blame]377 oauth:
378 enabled: false
379 tokenIssuer: ONAP SDNC
380 tokenSecret: secret
381 supportOdlusers: true
382 redirectUri: null
383 publicUrl: none
384 odluxRbac:
385 enabled: true
386 # example definition for a oauth provider
387 providersSecrets:
388 keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46
389 providers:
390 - id: keycloak
391 type: KEYCLOAK
392 host: http://keycloak:8080
393 clientId: odlux.app
394 secret: ${KEYCLOAK_SECRET}
395 scope: openid
396 title: ONAP Keycloak Provider
397 roleMapping:
398 mykeycloak: admin
sebdetb205f402021-10-20 12:16:02 +0200[diff] [blame]399 vesCollector:
400 enabled: false
401 tls:
402 enabled: true
403 trustAllCertificates: false
404 username: sample1
405 password: sample1
406 address: dcae-ves-collector.onap
Andreas Geissler2af50792023-03-27 17:11:27 +0200[diff] [blame]407 port: 8080
sebdetb205f402021-10-20 12:16:02 +0200[diff] [blame]408 version: v7
409 reportingEntityName: ONAP SDN-R
410 eventLogMsgDetail: SHORT
Timoney, Dan (dt5972)58774772019-08-21 16:50:54 -0400[diff] [blame]411
demskeq83166b222023-04-26 10:27:00 +0200[diff] [blame]412# Strimzi KafkaUser/Topic config on top level
413kafkaUser: *kafkaUser
414
415
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]416# dependency / sub-chart configuration
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]417network-name-gen:
418 enabled: true
Andreas Geissler4b149052024-04-10 10:45:53 +0200[diff] [blame]419
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]420mariadb-galera: &mariadbGalera
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]421 nameOverride: &sdnc-db sdnc-db
Konrad Bańkaa9d44032020-03-19 18:31:34 +0100[diff] [blame]422 config: &mariadbGaleraConfig
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]423 rootPasswordExternalSecret: *rootDbSecret
424 userName: &dbUser sdnctl
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]425 userCredentialsExternalSecret: *dbSecretName
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]426 rootUser:
427 externalSecret: *rootDbSecret
428 db:
Andreas Geissler72caf092023-12-14 13:37:39 +0100[diff] [blame]429 name: *sdncDbName
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]430 user: *dbUser
431 externalSecret: *dbSecretName
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]432 service:
demskeq84e1f84c2023-07-04 08:39:43 +0000[diff] [blame]433 name: sdnc-db
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]434 sdnctlPrefix: sdnc
435 persistence:
Mahendra Raghuwanshib76cb282019-04-09 10:13:07 +0000[diff] [blame]436 mountSubPath: sdnc/mariadb-galera
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]437 enabled: true
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]438 replicaCount: 1
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]439 mariadbOperator:
440 galera:
441 enabled: false
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]442 serviceAccount:
443 nameOverride: *sdnc-db
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]444
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]445cds:
446 enabled: false
447
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]448ueb-listener:
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]449 enabled: true
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]450 mariadb-galera:
Konrad Bańkaa9d44032020-03-19 18:31:34 +0100[diff] [blame]451 <<: *mariadbGalera
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]452 config:
Konrad Bańkaa9d44032020-03-19 18:31:34 +0100[diff] [blame]453 <<: *mariadbGaleraConfig
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]454 mysqlDatabase: *sdncDbName
455 nameOverride: sdnc-ueb-listener
456 config:
457 sdncPort: 8282
458 sdncChartName: sdnc
459 configDir: /opt/onap/sdnc/data/properties
460 odlCredsExternalSecret: *odlCredsSecretName
461
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]462sdnc-ansible-server:
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]463 enabled: true
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]464 config:
465 restCredsExternalSecret: *ansibleSecretName
466 mariadb-galera:
Konrad Bańkaa9d44032020-03-19 18:31:34 +0100[diff] [blame]467 <<: *mariadbGalera
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]468 config:
Konrad Bańkaa9d44032020-03-19 18:31:34 +0100[diff] [blame]469 <<: *mariadbGaleraConfig
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]470 mysqlDatabase: ansible
471 service:
472 name: sdnc-ansible-server
473 internalPort: 8000
474
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]475dgbuilder:
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]476 enabled: true
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]477 nameOverride: sdnc-dgbuilder
478 config:
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]479 db:
480 dbName: *sdncDbName
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]481 rootPasswordExternalSecret: '{{ .Values.global.mariadbGalera.localCluster |
482 ternary
483 (printf "%s-sdnc-db-root-password" (include "common.release" .))
484 (include "common.mariadb.secret.rootPassSecretName"
485 (dict "dot" . "chartName" "mariadb-galera")) }}'
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]486 userCredentialsExternalSecret: *dbSecretName
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]487 dbPodName: *mariadbName
488 dbServiceName: *mariadbService
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]489 # This should be revisited and changed to plain text
jmac70863e12018-05-16 14:53:03 +0000[diff] [blame]490 dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
farida azmydc9aef02021-04-07 17:07:09 +0200[diff] [blame]491 serviceAccount:
492 nameOverride: sdnc-dgbuilder
Krzysztof Opasiakcc97c732020-02-25 23:31:20 +0100[diff] [blame]493 mariadb-galera:
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]494 service:
BorislavG1ffbd992018-04-24 07:56:27 +0000[diff] [blame]495 name: sdnc-dgbuilder
Andreas Geissler2af50792023-03-27 17:11:27 +0200[diff] [blame]496 ports:
497 - name: http
498 port: 3100
demskeq895bf73a2023-05-09 12:31:07 +0000[diff] [blame]499 nodePort: "03"
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]500
Sylvain Desbureauxe54644e2020-05-04 11:45:16 +0200[diff] [blame]501 ingress:
502 enabled: false
503 service:
Andreas Geissler51900a92022-08-03 13:10:35 +0200[diff] [blame]504 - baseaddr: "sdnc-dgbuilder-ui"
Sylvain Desbureauxe54644e2020-05-04 11:45:16 +0200[diff] [blame]505 name: "sdnc-dgbuilder"
Andreas Geissler1b174e52023-04-13 16:50:23 +0200[diff] [blame]506 port: 3100
Sylvain Desbureauxe54644e2020-05-04 11:45:16 +0200[diff] [blame]507 config:
508 ssl: "redirect"
509
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]510
511
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]512# local elasticsearch cluster
513localElasticCluster: true
514elasticsearch:
demskeq84e1f84c2023-07-04 08:39:43 +0000[diff] [blame]515 enabled: *esdbenabled
Sylvain Desbureaux829344b2020-11-19 17:07:26 +0100[diff] [blame]516 nameOverride: &elasticSearchName sdnrdb
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]517 name: sdnrdb-cluster
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]518 service:
Sylvain Desbureaux829344b2020-11-19 17:07:26 +0100[diff] [blame]519 name: *elasticSearchName
Alexander Dehnab86ec12020-02-05 14:38:54 +0000[diff] [blame]520 master:
521 replicaCount: 3
522 # dedicatednode: "yes"
523 # working as master node only, in this case increase replicaCount for elasticsearch-data
524 # dedicatednode: "no"
525 # handles master and data node functionality
526 dedicatednode: "no"
Sylvain Desbureaux829344b2020-11-19 17:07:26 +0100[diff] [blame]527 nameOverride: *elasticSearchName
demskeq8eb56da72021-02-19 12:11:48 +0100[diff] [blame]528 cluster_name: sdnrdb-cluster
sebdetb205f402021-10-20 12:16:02 +0200[diff] [blame]529
Alexander Dehn9b797d62020-04-21 09:53:50 +0000[diff] [blame]530# enable
531sdnc-web:
Alexander Dehn8789a722020-10-16 14:29:05 +0000[diff] [blame]532 enabled: true
demskeq895bf73a2023-05-09 12:31:07 +0000[diff] [blame]533 ## set if web socket port should not be default
534 # sdnrWebsocketPort: *sdnrWebsocketPort
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]535# default number of instances
536replicaCount: 1
537
538nodeSelector: {}
539
540affinity: {}
541
542# probe configuration parameters
543liveness:
544 initialDelaySeconds: 10
545 periodSeconds: 10
546 # necessary to disable liveness probe when setting breakpoints
547 # in debugger so K8s doesn't restart unresponsive container
548 enabled: true
549
550readiness:
551 initialDelaySeconds: 10
552 periodSeconds: 10
553
554service:
555 type: NodePort
556 name: sdnc
Radoslaw Chmiel58662a32022-06-02 19:37:35 +0200[diff] [blame]557 portName: http
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]558 internalPort: 8181
559 internalPort2: 8101
560 internalPort3: 8080
Mohammadreza Pasandidehb756fb72018-04-03 10:06:45 -0400[diff] [blame]561
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]562 #port
563 externalPort: 8282
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]564
565 externalPort2: 8202
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]566
567 externalPort3: 8280
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]568
jmaca68f4cb2018-05-10 22:44:19 +0000[diff] [blame]569 nodePort4: 67
570
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]571 clusterPort: 2550
Mohammadreza Pasandidehb756fb72018-04-03 10:06:45 -0400[diff] [blame]572 clusterPort2: 2650
573 clusterPort3: 2681
574
575 geoNodePort1: 61
576 geoNodePort2: 62
577 geoNodePort3: 63
578 geoNodePort4: 64
579 geoNodePort5: 65
580 geoNodePort6: 66
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]581
Andreas Geissler2af50792023-03-27 17:11:27 +0200[diff] [blame]582 callHomePort: &chport 4334
demskeq827854662021-04-08 14:49:47 +0200[diff] [blame]583 callHomeNodePort: 66
demskeq895bf73a2023-05-09 12:31:07 +0000[diff] [blame]584 ## set if web socket port should not be default
585 ## change in sdnc-web section as well
586 # sdnrWebsocketPort: &sdnrWebsocketPort 8182
587
demskeq827854662021-04-08 14:49:47 +0200[diff] [blame]588
jmac8d6dc962018-04-26 14:26:55 +0000[diff] [blame]589## Persist data to a persitent volume
590persistence:
591 enabled: true
592
593 ## A manually managed Persistent Volume and Claim
594 ## Requires persistence.enabled: true
595 ## If defined, PVC must be created manually before volume will be bound
596 # existingClaim:
597 volumeReclaimPolicy: Retain
598
599 ## database data Persistent Volume Storage Class
600 ## If defined, storageClassName: <storageClass>
601 ## If set to "-", storageClassName: "", which disables dynamic provisioning
602 ## If undefined (the default) or set to null, no storageClassName spec is
603 ## set, choosing the default provisioner. (gp2 on AWS, standard on
604 ## GKE, AWS & OpenStack)
605 accessMode: ReadWriteOnce
606 size: 1Gi
607 mountPath: /dockerdata-nfs
608 mountSubPath: sdnc/mdsal
Dan Timoney2ee28a52021-01-15 16:39:50 -0500[diff] [blame]609 mdsalPath: /opt/opendaylight/mdsal
demskeq8a86300a2021-02-10 09:53:33 +0100[diff] [blame]610 daeximPath: /opt/opendaylight/mdsal/daexim
Satoshi Fujii31b8b432021-08-28 12:12:36 +0000[diff] [blame]611 journalPath: /opt/opendaylight/segmented-journal
Dan Timoney2ee28a52021-01-15 16:39:50 -0500[diff] [blame]612 snapshotsPath: /opt/opendaylight/snapshots
jmac8d6dc962018-04-26 14:26:55 +0000[diff] [blame]613
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]614ingress:
615 enabled: false
Lucjan Bryndza08448402019-11-27 14:26:54 +0100[diff] [blame]616 service:
Andreas Geissler2af50792023-03-27 17:11:27 +0200[diff] [blame]617 - baseaddr: "sdnc-api"
618 name: "sdnc"
619 port: 8282
620 - baseaddr: "sdnc-callhome"
Andreas Geissler1b174e52023-04-13 16:50:23 +0200[diff] [blame]621 name: "sdnc-callhome"
Andreas Geissler2af50792023-03-27 17:11:27 +0200[diff] [blame]622 port: *chport
623 protocol: tcp
624 exposedPort: *chport
625 exposedProtocol: TCP
Lucjan Bryndza08448402019-11-27 14:26:54 +0100[diff] [blame]626 config:
627 ssl: "redirect"
jmac065e2ce2018-03-29 01:18:02 +0000[diff] [blame]628
AndrewLamb7709c172023-05-12 15:37:14 +0100[diff] [blame]629serviceMesh:
630 authorizationPolicy:
631 authorizedPrincipals:
632 - serviceAccount: a1policymanagement-read
633 - serviceAccount: cds-blueprints-processor-read
634 - serviceAccount: consul-read
635 - serviceAccount: ncmp-dmi-plugin-read
636 - serviceAccount: policy-drools-pdp-read
637 - serviceAccount: robot-read
638 - serviceAccount: sdnc-ansible-server-read
639 - serviceAccount: sdnc-dmaap-listener-read
640 - serviceAccount: sdnc-prom-read
641 - serviceAccount: sdnc-ueb-listener-read
642 - serviceAccount: sdnc-web-read
643 - serviceAccount: so-sdnc-adapter-read
644 - serviceAccount: istio-ingress
645 namespace: istio-ingress
646 authorizedPrincipalsSdnHosts:
647 - serviceAccount: sdnc-read
648
toshrajbhardwaj72b5f0f2018-09-13 02:45:22 +0000[diff] [blame]649#Resource Limit flavor -By Default using small
650flavor: small
651#segregation for different envionment (Small and Large)
652
653resources:
Mandeep Khindade045712018-09-19 18:11:57 +0000[diff] [blame]654 small:
655 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]656 cpu: "2"
657 memory: "4.7Gi"
Mandeep Khindade045712018-09-19 18:11:57 +0000[diff] [blame]658 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]659 cpu: "1"
660 memory: "4.7Gi"
Mandeep Khindade045712018-09-19 18:11:57 +0000[diff] [blame]661 large:
662 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]663 cpu: "4"
664 memory: "9.4Gi"
Mandeep Khindade045712018-09-19 18:11:57 +0000[diff] [blame]665 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]666 cpu: "2"
667 memory: "9.4Gi"
Mandeep Khinda60d36d42018-09-24 15:15:48 +0000[diff] [blame]668 unlimited: {}
farida azmy32c5ed82021-08-04 14:46:09 +0200[diff] [blame]669
670#Pods Service Account
671serviceAccount:
672 nameOverride: sdnc
673 roles:
674 - read
Maciej Wereski537d71e2021-11-03 13:31:44 +0000[diff] [blame]675
676#Log configuration
677log:
678 path: /var/log/onap
Andreas Geissler060bc372024-03-11 17:26:53 +0100[diff] [blame]679
680readinessCheck:
Andreas Geissleree119102024-04-11 13:53:39 +0200[diff] [blame]681 wait_for:
682 services:
683 - '{{ include "common.mariadbService" . }}'