blob: a644698ba36356d025ed3384d1e3e7781628a56c [file] [log] [blame]
Sylvain Desbureaux70070412020-11-09 21:58:48 +01001# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
2# Modifications Copyright (c) 2020 Nokia
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01003# Modifications Copyright (c) 2021 Orange
efiacord12c1672023-03-23 12:10:50 +00004# Modifications Copyright © 2023 Nordix Foundation
Sylvain Desbureaux70070412020-11-09 21:58:48 +01005#
6# Licensed under the Apache License, Version 2.0 (the "License");
7# you may not use this file except in compliance with the License.
8# You may obtain a copy of the License at
9#
10# http://www.apache.org/licenses/LICENSE-2.0
11#
12# Unless required by applicable law or agreed to in writing, software
13# distributed under the License is distributed on an "AS IS" BASIS,
14# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15# See the License for the specific language governing permissions and
16# limitations under the License.
17
18# Default values for traversal.
19# This is a YAML-formatted file.
20# Declare variables to be passed into your templates.
21global: # global defaults
22 nodePortPrefix: 302
Kvbc2df7b2024-05-20 11:31:17 +053023 kafkaBootstrap: strimzi-kafka-bootstrap
24 aaiTravKafkaUser: aai-trav-kafka-user
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010025 cassandra:
26 #Service Name of the cassandra cluster to connect to.
27 #Override it to aai-cassandra if localCluster is enabled.
28 serviceName: cassandra
29
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010030 # Specifies a list of jobs to be run
31 jobs:
32 # When enabled, it will create the schema based on oxm and edge rules
33 createSchema:
34 enabled: true
35 # When enabled, it will create the widget models via REST API to haproxy
36 updateQueryData:
37 enabled: true
38 #migration using helm hooks
39 migration:
40 enabled: false
41
42 # Common configuration for resources traversal and graphadmin
43 config:
44 # User information for the admin user in container
45 userId: 1000
46 groupId: 1000
47
48 # Specifies that the cluster connected to a dynamic
49 # cluster being spinned up by kubernetes deployment
50 cluster:
51 cassandra:
52 dynamic: true
53
54 # Specifies if the basic authorization is enabled
55 basic:
56 auth:
57 enabled: true
58 username: AAI
59 passwd: AAI
60
61 # Active spring profiles for the resources microservice
62 profiles:
Kvbc2df7b2024-05-20 11:31:17 +053063 active: production,kafka
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010064
65 # Notification event specific properties
66 notification:
67 eventType: AAI-EVENT
68 domain: dev
69
70 # Schema specific properties that include supported versions of api
71 schema:
72 # Specifies if the connection should be one way ssl, two way ssl or no auth
73 service:
efiacord12c1672023-03-23 12:10:50 +000074 client: no-auth
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010075 # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
76 translator:
77 list: schema-service
78 source:
79 # Specifies which folder to take a look at
80 name: onap
81 uri:
82 # Base URI Path of the application
83 base:
84 path: /aai
85 version:
86 # Current version of the REST API
87 api:
nandkishorpatke60f33d72023-11-16 15:16:54 +053088 default: v28
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010089 # Specifies which version the depth parameter is configurable
90 depth: v11
91 # List of all the supported versions of the API
nandkishorpatke60f33d72023-11-16 15:16:54 +053092 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27,v28
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010093 # Specifies from which version related link should appear
94 related:
95 link: v11
96 # Specifies from which version the app root change happened
97 app:
98 root: v11
99 # Specifies from which version the xml namespace changed
100 namespace:
101 change: v12
102 # Specifies from which version the edge label appeared in API
103 edge:
104 label: v12
105
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100106 # Specifies which clients should always default to realtime graph connection
107 realtime:
108 clients: SDNC,MSO,SO,robot-ete
Kvbc2df7b2024-05-20 11:31:17 +0530109 kafkaBootstrap: strimzi-kafka-bootstrap
110 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.aaiTravKafkaUser }}'
111 someConfig: random
112 aaiTopic: AAI-EVENT
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100113
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100114# application image
Kvbc2df7b2024-05-20 11:31:17 +0530115image: onap/aai-traversal:1.13.4
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100116pullPolicy: Always
117restartPolicy: Always
118flavor: small
119flavorOverride: small
M.Hosnidokht15fea932021-08-25 09:08:40 -0400120# the minimum number of seconds that a newly created Pod should be ready
121minReadySeconds: 30
122updateStrategy:
123 type: RollingUpdate
124 # The number of pods that can be unavailable during the update process
125 maxUnavailable: 0
126 # The number of pods that can be created above the desired amount of pods during an update
127 maxSurge: 1
Sylvain Desbureaux331f0042021-01-18 11:38:49 +0100128
129api_list:
130 - 11
131 - 12
132 - 13
133 - 14
134 - 15
135 - 16
136 - 17
137 - 18
138 - 19
139
140aai_enpoints:
141 - name: aai-generic-query
142 url: search/generic-query
143 - name: aai-nodes-query
144 url: search/nodes-query
145 - name: aai-nquery
146 url: query
147
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100148# application configuration
149config:
Sam Huang56a6dd42021-03-26 13:27:17 -0600150 # configure keycloak according to your environment.
151 # don't forget to add keycloak in active profiles above (global.config.profiles)
152 keycloak:
153 host: keycloak.your.domain
154 port: 8180
155 # Specifies a set of users, credentials, roles, and groups
156 realm: aai-traversal
157 # Used by any client application for enabling fine-grained authorization for their protected resources
158 resource: aai-traversal-app
159 # If set to true, additional criteria will be added into traversal query to returns all the vertices that match
160 # the data-owner property with the given role to the user in keycloak
161 multiTenancy:
162 enabled: true
Fiete Ostkamp40cbf9b2024-01-08 16:04:02 +0100163 janusgraph:
164 caching:
165 # enable when running read-heavy workloads
166 # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache
167 # modifications to graph done by other services (resources) will only be visible
168 # after time specified in db-cache-time
169 enabled: false
170 # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching
171 dbCacheTime: 180000 # in milliseconds
172 dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running
173 dbCacheCleanWait: 20 # in milliseconds
174
Sam Huang56a6dd42021-03-26 13:27:17 -0600175
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100176 # Specifies timeout information such as application specific and limits
177 timeout:
178 # If set to true application will timeout for queries taking longer than limit
179 enabled: true
180 # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
181 appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
182 # Specifies how long should it wait before timing out the REST request
183 limit: 180000
184
Andreas Geissler2ac422a2023-10-25 14:19:19 +0200185 # environment variables added to the launch of the image in deployment
186 env:
187 MIN_HEAP_SIZE: "512m"
188 MAX_HEAP_SIZE: "1024m"
189 MAX_METASPACE_SIZE: "512m"
190
Fiete Ostkamp21d48642024-01-16 08:33:59 +0100191 # adds jvm args for remote debugging the application
192 debug:
193 enabled: false
194 args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
195
196 # adds jvm args for remote profiling the application
197 profiling:
198 enabled: false
199 args:
200 - "-Dcom.sun.management.jmxremote"
201 - "-Dcom.sun.management.jmxremote.ssl=false"
202 - "-Dcom.sun.management.jmxremote.authenticate=false"
203 - "-Dcom.sun.management.jmxremote.local.only=false"
204 - "-Dcom.sun.management.jmxremote.port=9999"
205 - "-Dcom.sun.management.jmxremote.rmi.port=9999"
206 - "-Djava.rmi.server.hostname=127.0.0.1"
207
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100208 # Disables the updateQueryData script to run as part of traversal
209 disableUpdateQuery: true
210
211 # Override of the DSL Timeout Limit
212 dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA'
213
214 dsl:
215 # Dsl timeout configuration
216 timeout:
217 # Whether or not the dsl is enabled
218 enabled: true
219 # Default time limit of the DSL query
220 limit: 150000
221 # App Specific Timeout Limit for each of the X-FromAppId
222 appspecific:
223 - JUNITTESTAPP1,1
224 - JUNITTESTAPP2,-1
225 - AAI-TOOLS,-1
226 - DCAE-CCS,1200000
227 - DCAES,1200000
228 - VPESAT,-1
229 - AAI-CACHER,-1
230 - VidAaiController,300000
231 - AAI-UI,180000
232
233persistence:
234 mountPath: /dockerdata-nfs
235 mountSubPath: aai/aai-traversal
236
237# default number of instances
238replicaCount: 1
239
240nodeSelector: {}
241
242affinity: {}
243
244# probe configuration parameters
245liveness:
246 initialDelaySeconds: 60
247 periodSeconds: 60
248 # necessary to disable liveness probe when setting breakpoints
249 # in debugger so K8s doesn't restart unresponsive container
250 enabled: false
251
252readiness:
253 initialDelaySeconds: 10
254 periodSeconds: 10
255
256service:
257 type: ClusterIP
osk1146127fd7d82021-06-18 00:51:17 +0200258 portName: http
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100259 internalPort: 8446
osk1146127fd7d82021-06-18 00:51:17 +0200260 portName2: tcp-5005
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100261 internalPort2: 5005
Andreas Geisslerceac2602023-07-17 18:55:54 +0200262 portName3: http-traversal
leila46fb5802022-11-15 11:33:21 -0500263 internalPort3: 8448
M.Hosnidokht15fea932021-08-25 09:08:40 -0400264 terminationGracePeriodSeconds: 120
leila46fb5802022-11-15 11:33:21 -0500265 sessionAffinity: None
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100266
267ingress:
268 enabled: false
269
AndrewLamb0e7c7fe2023-05-17 14:13:54 +0100270serviceMesh:
271 authorizationPolicy:
272 authorizedPrincipals:
273 - serviceAccount: aai-read
274 - serviceAccount: consul-read
275
leilab3bfd4d2022-11-10 14:27:16 -0500276# To make logback capping values configurable
277logback:
Fiete Ostkamp49a40b22023-11-14 10:35:03 +0100278 logToFileEnabled: false
leilab3bfd4d2022-11-10 14:27:16 -0500279 maxHistory: 7
280 totalSizeCap: 6GB
281 queueSize: 1000
282
283accessLogback:
Fiete Ostkamp42de5462024-01-04 13:56:15 +0100284 livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
Fiete Ostkamp49a40b22023-11-14 10:35:03 +0100285 logToFileEnabled: false
leilab3bfd4d2022-11-10 14:27:16 -0500286 maxHistory: 7
287 totalSizeCap: 6GB
288
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100289# Configure resource requests and limits
290# ref: http://kubernetes.io/docs/user-guide/compute-resources/
291resources:
292 small:
293 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100294 cpu: "2"
295 memory: "4Gi"
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100296 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100297 cpu: "1"
298 memory: "3Gi"
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100299 large:
300 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100301 cpu: "4"
302 memory: "8Gi"
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100303 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100304 cpu: "2"
305 memory: "4Gi"
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100306 unlimited: {}
farida azmyd8937332021-03-09 12:20:42 +0200307
Fiete Ostkamp40cbf9b2024-01-08 16:04:02 +0100308endpoints:
309 enabled: true
310 health:
311 enabled: true
312 info:
313 enabled: true
314
leila46fb5802022-11-15 11:33:21 -0500315metrics:
316 serviceMonitor:
317 enabled: false
318 targetPort: 8448
Fiete Ostkamp63f8bfd2024-01-10 16:11:43 +0100319 path: /actuator/prometheus
leila46fb5802022-11-15 11:33:21 -0500320 basicAuth:
321 enabled: false
322 externalSecretName: mysecretname
323 externalSecretUserKey: login
324 externalSecretPasswordKey: password
325
326 ## Namespace in which Prometheus is running
327 ##
328 # namespace: monitoring
329
330 ## Interval at which metrics should be scraped.
331 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
332 ##
333 #interval: 30s
334
335 ## Timeout after which the scrape is ended
336 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
337 ##
338 # scrapeTimeout: 10s
339
340 ## ServiceMonitor selector labels
341 ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
342 ##
343 selector:
344 app: '{{ include "common.name" . }}'
345 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
346 release: '{{ include "common.release" . }}'
347 heritage: '{{ .Release.Service }}'
348
349 ## RelabelConfigs to apply to samples before scraping
350 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
351 ## Value is evalued as a template
352 ##
353 relabelings: []
354
355 ## MetricRelabelConfigs to apply to samples before ingestion
356 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
357 ## Value is evalued as a template
358 ##
359 metricRelabelings: []
360 # - sourceLabels:
361 # - "__name__"
362 # targetLabel: "__name__"
363 # action: replace
364 # regex: '(.*)'
365 # replacement: 'example_prefix_$1'
366
farida azmyd8937332021-03-09 12:20:42 +0200367#Pods Service Account
368serviceAccount:
369 nameOverride: aai-traversal
370 roles:
371 - read
Maciej Wereskid523d122021-09-21 11:22:13 +0200372
373#Log configuration
374log:
375 path: /var/log/onap
376logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
Kvbc2df7b2024-05-20 11:31:17 +0530377#################################################################
378# Secrets metaconfig
379#################################################################
380secrets:
381 - uid: aai-trav-kafka-user
382 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
383 type: genericKV
384 envs:
385 - name: sasl.jaas.config
386 value: '{{ .Values.config.someConfig }}'
387 policy: generate
388kafkaUser:
389 authenticationType: scram-sha-512
390 acls:
391 - name: AAI-EVENT
392 type: topic
393 operations: [Read, Write]