blob: 81d372aded298396e3e939e6d9fff979974c8e25 [file] [log] [blame]
Sylvain Desbureaux70070412020-11-09 21:58:48 +01001# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
2# Modifications Copyright (c) 2020 Nokia
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01003# Modifications Copyright (c) 2021 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +01004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17# Default values for traversal.
18# This is a YAML-formatted file.
19# Declare variables to be passed into your templates.
20global: # global defaults
21 nodePortPrefix: 302
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010022 aafEnabled: true
23
24 cassandra:
25 #Service Name of the cassandra cluster to connect to.
26 #Override it to aai-cassandra if localCluster is enabled.
27 serviceName: cassandra
28
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010029 # Specifies a list of jobs to be run
30 jobs:
31 # When enabled, it will create the schema based on oxm and edge rules
32 createSchema:
33 enabled: true
34 # When enabled, it will create the widget models via REST API to haproxy
35 updateQueryData:
36 enabled: true
37 #migration using helm hooks
38 migration:
39 enabled: false
40
41 # Common configuration for resources traversal and graphadmin
42 config:
43 # User information for the admin user in container
44 userId: 1000
45 groupId: 1000
46
47 # Specifies that the cluster connected to a dynamic
48 # cluster being spinned up by kubernetes deployment
49 cluster:
50 cassandra:
51 dynamic: true
52
53 # Specifies if the basic authorization is enabled
54 basic:
55 auth:
56 enabled: true
57 username: AAI
58 passwd: AAI
59
60 # Active spring profiles for the resources microservice
61 profiles:
osk1146127fd7d82021-06-18 00:51:17 +020062 active: production,dmaap #,aaf-auth ,keycloak
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010063
64 # Notification event specific properties
65 notification:
66 eventType: AAI-EVENT
67 domain: dev
68
69 # Schema specific properties that include supported versions of api
70 schema:
71 # Specifies if the connection should be one way ssl, two way ssl or no auth
72 service:
73 client: one-way-ssl
74 # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
75 translator:
76 list: schema-service
77 source:
78 # Specifies which folder to take a look at
79 name: onap
80 uri:
81 # Base URI Path of the application
82 base:
83 path: /aai
84 version:
85 # Current version of the REST API
86 api:
wr148dcd3e6b72022-08-19 16:17:44 -040087 default: v27
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010088 # Specifies which version the depth parameter is configurable
89 depth: v11
90 # List of all the supported versions of the API
wr148dcd3e6b72022-08-19 16:17:44 -040091 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010092 # Specifies from which version related link should appear
93 related:
94 link: v11
95 # Specifies from which version the app root change happened
96 app:
97 root: v11
98 # Specifies from which version the xml namespace changed
99 namespace:
100 change: v12
101 # Specifies from which version the edge label appeared in API
102 edge:
103 label: v12
104
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100105 # Specifies which clients should always default to realtime graph connection
106 realtime:
107 clients: SDNC,MSO,SO,robot-ete
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100108
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100109#################################################################
110# Certificate configuration
111#################################################################
112certInitializer:
113 nameOverride: aai-traversal-cert-initializer
114 aafDeployFqi: deployer@people.osaaf.org
115 aafDeployPass: demo123456!
116 # aafDeployCredsExternalSecret: some secret
117 fqdn: aai-traversal
118 fqi: aai-traversal@aai-traversal.onap.org
119 public_fqdn: aai-traversal.onap.org
120 cadi_longitude: "0.0"
121 cadi_latitude: "0.0"
122 app_ns: org.osaaf.aaf
123 credsPath: /opt/app/osaaf/local
124 fqi_namespace: org.onap.aai-traversal
125 aaf_add_config: |
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200126 echo "*** changing them into shell safe ones"
127 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
128 export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
129 cd {{ .Values.credsPath }}
130 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
131 -storepass "${cadi_keystore_password_p12}" \
132 -keystore {{ .Values.fqi_namespace }}.p12
133 keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
134 -storepass "${cadi_truststore_password}" \
135 -keystore {{ .Values.fqi_namespace }}.trust.jks
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200136 echo "*** save the generated passwords"
137 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
138 echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
Sylvain Desbureaux6b83dab2021-02-23 16:03:21 +0100139 echo "*** change ownership of certificates to targeted user"
140 chown -R 1000 {{ .Values.credsPath }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100141
142# application image
wr148d702d68a2022-10-20 18:26:54 -0400143image: onap/aai-traversal:1.11.0
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100144pullPolicy: Always
145restartPolicy: Always
146flavor: small
147flavorOverride: small
M.Hosnidokht15fea932021-08-25 09:08:40 -0400148# the minimum number of seconds that a newly created Pod should be ready
149minReadySeconds: 30
150updateStrategy:
151 type: RollingUpdate
152 # The number of pods that can be unavailable during the update process
153 maxUnavailable: 0
154 # The number of pods that can be created above the desired amount of pods during an update
155 maxSurge: 1
Sylvain Desbureaux331f0042021-01-18 11:38:49 +0100156
157api_list:
158 - 11
159 - 12
160 - 13
161 - 14
162 - 15
163 - 16
164 - 17
165 - 18
166 - 19
167
168aai_enpoints:
169 - name: aai-generic-query
170 url: search/generic-query
171 - name: aai-nodes-query
172 url: search/nodes-query
173 - name: aai-nquery
174 url: query
175
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100176# application configuration
177config:
178
Sam Huang56a6dd42021-03-26 13:27:17 -0600179 # configure keycloak according to your environment.
180 # don't forget to add keycloak in active profiles above (global.config.profiles)
181 keycloak:
182 host: keycloak.your.domain
183 port: 8180
184 # Specifies a set of users, credentials, roles, and groups
185 realm: aai-traversal
186 # Used by any client application for enabling fine-grained authorization for their protected resources
187 resource: aai-traversal-app
188 # If set to true, additional criteria will be added into traversal query to returns all the vertices that match
189 # the data-owner property with the given role to the user in keycloak
190 multiTenancy:
191 enabled: true
192
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100193 # Specifies timeout information such as application specific and limits
194 timeout:
195 # If set to true application will timeout for queries taking longer than limit
196 enabled: true
197 # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
198 appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
199 # Specifies how long should it wait before timing out the REST request
200 limit: 180000
201
202 # Disables the updateQueryData script to run as part of traversal
203 disableUpdateQuery: true
204
205 # Override of the DSL Timeout Limit
206 dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA'
207
208 dsl:
209 # Dsl timeout configuration
210 timeout:
211 # Whether or not the dsl is enabled
212 enabled: true
213 # Default time limit of the DSL query
214 limit: 150000
215 # App Specific Timeout Limit for each of the X-FromAppId
216 appspecific:
217 - JUNITTESTAPP1,1
218 - JUNITTESTAPP2,-1
219 - AAI-TOOLS,-1
220 - DCAE-CCS,1200000
221 - DCAES,1200000
222 - VPESAT,-1
223 - AAI-CACHER,-1
224 - VidAaiController,300000
225 - AAI-UI,180000
226
227persistence:
228 mountPath: /dockerdata-nfs
229 mountSubPath: aai/aai-traversal
230
231# default number of instances
232replicaCount: 1
233
234nodeSelector: {}
235
236affinity: {}
237
238# probe configuration parameters
239liveness:
240 initialDelaySeconds: 60
241 periodSeconds: 60
242 # necessary to disable liveness probe when setting breakpoints
243 # in debugger so K8s doesn't restart unresponsive container
244 enabled: false
245
246readiness:
247 initialDelaySeconds: 10
248 periodSeconds: 10
249
250service:
251 type: ClusterIP
osk1146127fd7d82021-06-18 00:51:17 +0200252 portName: http
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100253 internalPort: 8446
osk1146127fd7d82021-06-18 00:51:17 +0200254 portName2: tcp-5005
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100255 internalPort2: 5005
M.Hosnidokht15fea932021-08-25 09:08:40 -0400256 terminationGracePeriodSeconds: 120
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100257
258ingress:
259 enabled: false
260
261# Configure resource requests and limits
262# ref: http://kubernetes.io/docs/user-guide/compute-resources/
263resources:
264 small:
265 limits:
266 cpu: 2
267 memory: 4Gi
268 requests:
269 cpu: 1
270 memory: 3Gi
271 large:
272 limits:
273 cpu: 4
274 memory: 8Gi
275 requests:
276 cpu: 2
277 memory: 4Gi
278 unlimited: {}
farida azmyd8937332021-03-09 12:20:42 +0200279
280#Pods Service Account
281serviceAccount:
282 nameOverride: aai-traversal
283 roles:
284 - read
Maciej Wereskid523d122021-09-21 11:22:13 +0200285
286#Log configuration
287log:
288 path: /var/log/onap
289logConfigMapNamePrefix: '{{ include "common.fullname" . }}'