Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 1 | # Copyright (c) 2018 Amdocs, Bell Canada, AT&T |
| 2 | # Modifications Copyright (c) 2020 Nokia |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 3 | # Modifications Copyright (c) 2021 Orange |
efiacor | d12c167 | 2023-03-23 12:10:50 +0000 | [diff] [blame] | 4 | # Modifications Copyright © 2023 Nordix Foundation |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 5 | # |
| 6 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 7 | # you may not use this file except in compliance with the License. |
| 8 | # You may obtain a copy of the License at |
| 9 | # |
| 10 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 11 | # |
| 12 | # Unless required by applicable law or agreed to in writing, software |
| 13 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 14 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 15 | # See the License for the specific language governing permissions and |
| 16 | # limitations under the License. |
| 17 | |
| 18 | # Default values for traversal. |
| 19 | # This is a YAML-formatted file. |
| 20 | # Declare variables to be passed into your templates. |
| 21 | global: # global defaults |
| 22 | nodePortPrefix: 302 |
Kv | bc2df7b | 2024-05-20 11:31:17 +0530 | [diff] [blame^] | 23 | kafkaBootstrap: strimzi-kafka-bootstrap |
| 24 | aaiTravKafkaUser: aai-trav-kafka-user |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 25 | cassandra: |
| 26 | #Service Name of the cassandra cluster to connect to. |
| 27 | #Override it to aai-cassandra if localCluster is enabled. |
| 28 | serviceName: cassandra |
| 29 | |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 30 | # Specifies a list of jobs to be run |
| 31 | jobs: |
| 32 | # When enabled, it will create the schema based on oxm and edge rules |
| 33 | createSchema: |
| 34 | enabled: true |
| 35 | # When enabled, it will create the widget models via REST API to haproxy |
| 36 | updateQueryData: |
| 37 | enabled: true |
| 38 | #migration using helm hooks |
| 39 | migration: |
| 40 | enabled: false |
| 41 | |
| 42 | # Common configuration for resources traversal and graphadmin |
| 43 | config: |
| 44 | # User information for the admin user in container |
| 45 | userId: 1000 |
| 46 | groupId: 1000 |
| 47 | |
| 48 | # Specifies that the cluster connected to a dynamic |
| 49 | # cluster being spinned up by kubernetes deployment |
| 50 | cluster: |
| 51 | cassandra: |
| 52 | dynamic: true |
| 53 | |
| 54 | # Specifies if the basic authorization is enabled |
| 55 | basic: |
| 56 | auth: |
| 57 | enabled: true |
| 58 | username: AAI |
| 59 | passwd: AAI |
| 60 | |
| 61 | # Active spring profiles for the resources microservice |
| 62 | profiles: |
Kv | bc2df7b | 2024-05-20 11:31:17 +0530 | [diff] [blame^] | 63 | active: production,kafka |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 64 | |
| 65 | # Notification event specific properties |
| 66 | notification: |
| 67 | eventType: AAI-EVENT |
| 68 | domain: dev |
| 69 | |
| 70 | # Schema specific properties that include supported versions of api |
| 71 | schema: |
| 72 | # Specifies if the connection should be one way ssl, two way ssl or no auth |
| 73 | service: |
efiacor | d12c167 | 2023-03-23 12:10:50 +0000 | [diff] [blame] | 74 | client: no-auth |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 75 | # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service |
| 76 | translator: |
| 77 | list: schema-service |
| 78 | source: |
| 79 | # Specifies which folder to take a look at |
| 80 | name: onap |
| 81 | uri: |
| 82 | # Base URI Path of the application |
| 83 | base: |
| 84 | path: /aai |
| 85 | version: |
| 86 | # Current version of the REST API |
| 87 | api: |
nandkishorpatke | 60f33d7 | 2023-11-16 15:16:54 +0530 | [diff] [blame] | 88 | default: v28 |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 89 | # Specifies which version the depth parameter is configurable |
| 90 | depth: v11 |
| 91 | # List of all the supported versions of the API |
nandkishorpatke | 60f33d7 | 2023-11-16 15:16:54 +0530 | [diff] [blame] | 92 | list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27,v28 |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 93 | # Specifies from which version related link should appear |
| 94 | related: |
| 95 | link: v11 |
| 96 | # Specifies from which version the app root change happened |
| 97 | app: |
| 98 | root: v11 |
| 99 | # Specifies from which version the xml namespace changed |
| 100 | namespace: |
| 101 | change: v12 |
| 102 | # Specifies from which version the edge label appeared in API |
| 103 | edge: |
| 104 | label: v12 |
| 105 | |
Sylvain Desbureaux | 5b65132 | 2020-12-07 15:34:15 +0100 | [diff] [blame] | 106 | # Specifies which clients should always default to realtime graph connection |
| 107 | realtime: |
| 108 | clients: SDNC,MSO,SO,robot-ete |
Kv | bc2df7b | 2024-05-20 11:31:17 +0530 | [diff] [blame^] | 109 | kafkaBootstrap: strimzi-kafka-bootstrap |
| 110 | jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.aaiTravKafkaUser }}' |
| 111 | someConfig: random |
| 112 | aaiTopic: AAI-EVENT |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 113 | |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 114 | # application image |
Kv | bc2df7b | 2024-05-20 11:31:17 +0530 | [diff] [blame^] | 115 | image: onap/aai-traversal:1.13.4 |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 116 | pullPolicy: Always |
| 117 | restartPolicy: Always |
| 118 | flavor: small |
| 119 | flavorOverride: small |
M.Hosnidokht | 15fea93 | 2021-08-25 09:08:40 -0400 | [diff] [blame] | 120 | # the minimum number of seconds that a newly created Pod should be ready |
| 121 | minReadySeconds: 30 |
| 122 | updateStrategy: |
| 123 | type: RollingUpdate |
| 124 | # The number of pods that can be unavailable during the update process |
| 125 | maxUnavailable: 0 |
| 126 | # The number of pods that can be created above the desired amount of pods during an update |
| 127 | maxSurge: 1 |
Sylvain Desbureaux | 331f004 | 2021-01-18 11:38:49 +0100 | [diff] [blame] | 128 | |
| 129 | api_list: |
| 130 | - 11 |
| 131 | - 12 |
| 132 | - 13 |
| 133 | - 14 |
| 134 | - 15 |
| 135 | - 16 |
| 136 | - 17 |
| 137 | - 18 |
| 138 | - 19 |
| 139 | |
| 140 | aai_enpoints: |
| 141 | - name: aai-generic-query |
| 142 | url: search/generic-query |
| 143 | - name: aai-nodes-query |
| 144 | url: search/nodes-query |
| 145 | - name: aai-nquery |
| 146 | url: query |
| 147 | |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 148 | # application configuration |
| 149 | config: |
Sam Huang | 56a6dd4 | 2021-03-26 13:27:17 -0600 | [diff] [blame] | 150 | # configure keycloak according to your environment. |
| 151 | # don't forget to add keycloak in active profiles above (global.config.profiles) |
| 152 | keycloak: |
| 153 | host: keycloak.your.domain |
| 154 | port: 8180 |
| 155 | # Specifies a set of users, credentials, roles, and groups |
| 156 | realm: aai-traversal |
| 157 | # Used by any client application for enabling fine-grained authorization for their protected resources |
| 158 | resource: aai-traversal-app |
| 159 | # If set to true, additional criteria will be added into traversal query to returns all the vertices that match |
| 160 | # the data-owner property with the given role to the user in keycloak |
| 161 | multiTenancy: |
| 162 | enabled: true |
Fiete Ostkamp | 40cbf9b | 2024-01-08 16:04:02 +0100 | [diff] [blame] | 163 | janusgraph: |
| 164 | caching: |
| 165 | # enable when running read-heavy workloads |
| 166 | # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache |
| 167 | # modifications to graph done by other services (resources) will only be visible |
| 168 | # after time specified in db-cache-time |
| 169 | enabled: false |
| 170 | # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching |
| 171 | dbCacheTime: 180000 # in milliseconds |
| 172 | dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running |
| 173 | dbCacheCleanWait: 20 # in milliseconds |
| 174 | |
Sam Huang | 56a6dd4 | 2021-03-26 13:27:17 -0600 | [diff] [blame] | 175 | |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 176 | # Specifies timeout information such as application specific and limits |
| 177 | timeout: |
| 178 | # If set to true application will timeout for queries taking longer than limit |
| 179 | enabled: true |
| 180 | # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout |
| 181 | appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1 |
| 182 | # Specifies how long should it wait before timing out the REST request |
| 183 | limit: 180000 |
| 184 | |
Andreas Geissler | 2ac422a | 2023-10-25 14:19:19 +0200 | [diff] [blame] | 185 | # environment variables added to the launch of the image in deployment |
| 186 | env: |
| 187 | MIN_HEAP_SIZE: "512m" |
| 188 | MAX_HEAP_SIZE: "1024m" |
| 189 | MAX_METASPACE_SIZE: "512m" |
| 190 | |
Fiete Ostkamp | 21d4864 | 2024-01-16 08:33:59 +0100 | [diff] [blame] | 191 | # adds jvm args for remote debugging the application |
| 192 | debug: |
| 193 | enabled: false |
| 194 | args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005" |
| 195 | |
| 196 | # adds jvm args for remote profiling the application |
| 197 | profiling: |
| 198 | enabled: false |
| 199 | args: |
| 200 | - "-Dcom.sun.management.jmxremote" |
| 201 | - "-Dcom.sun.management.jmxremote.ssl=false" |
| 202 | - "-Dcom.sun.management.jmxremote.authenticate=false" |
| 203 | - "-Dcom.sun.management.jmxremote.local.only=false" |
| 204 | - "-Dcom.sun.management.jmxremote.port=9999" |
| 205 | - "-Dcom.sun.management.jmxremote.rmi.port=9999" |
| 206 | - "-Djava.rmi.server.hostname=127.0.0.1" |
| 207 | |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 208 | # Disables the updateQueryData script to run as part of traversal |
| 209 | disableUpdateQuery: true |
| 210 | |
| 211 | # Override of the DSL Timeout Limit |
| 212 | dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA' |
| 213 | |
| 214 | dsl: |
| 215 | # Dsl timeout configuration |
| 216 | timeout: |
| 217 | # Whether or not the dsl is enabled |
| 218 | enabled: true |
| 219 | # Default time limit of the DSL query |
| 220 | limit: 150000 |
| 221 | # App Specific Timeout Limit for each of the X-FromAppId |
| 222 | appspecific: |
| 223 | - JUNITTESTAPP1,1 |
| 224 | - JUNITTESTAPP2,-1 |
| 225 | - AAI-TOOLS,-1 |
| 226 | - DCAE-CCS,1200000 |
| 227 | - DCAES,1200000 |
| 228 | - VPESAT,-1 |
| 229 | - AAI-CACHER,-1 |
| 230 | - VidAaiController,300000 |
| 231 | - AAI-UI,180000 |
| 232 | |
| 233 | persistence: |
| 234 | mountPath: /dockerdata-nfs |
| 235 | mountSubPath: aai/aai-traversal |
| 236 | |
| 237 | # default number of instances |
| 238 | replicaCount: 1 |
| 239 | |
| 240 | nodeSelector: {} |
| 241 | |
| 242 | affinity: {} |
| 243 | |
| 244 | # probe configuration parameters |
| 245 | liveness: |
| 246 | initialDelaySeconds: 60 |
| 247 | periodSeconds: 60 |
| 248 | # necessary to disable liveness probe when setting breakpoints |
| 249 | # in debugger so K8s doesn't restart unresponsive container |
| 250 | enabled: false |
| 251 | |
| 252 | readiness: |
| 253 | initialDelaySeconds: 10 |
| 254 | periodSeconds: 10 |
| 255 | |
| 256 | service: |
| 257 | type: ClusterIP |
osk11461 | 27fd7d8 | 2021-06-18 00:51:17 +0200 | [diff] [blame] | 258 | portName: http |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 259 | internalPort: 8446 |
osk11461 | 27fd7d8 | 2021-06-18 00:51:17 +0200 | [diff] [blame] | 260 | portName2: tcp-5005 |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 261 | internalPort2: 5005 |
Andreas Geissler | ceac260 | 2023-07-17 18:55:54 +0200 | [diff] [blame] | 262 | portName3: http-traversal |
leila | 46fb580 | 2022-11-15 11:33:21 -0500 | [diff] [blame] | 263 | internalPort3: 8448 |
M.Hosnidokht | 15fea93 | 2021-08-25 09:08:40 -0400 | [diff] [blame] | 264 | terminationGracePeriodSeconds: 120 |
leila | 46fb580 | 2022-11-15 11:33:21 -0500 | [diff] [blame] | 265 | sessionAffinity: None |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 266 | |
| 267 | ingress: |
| 268 | enabled: false |
| 269 | |
AndrewLamb | 0e7c7fe | 2023-05-17 14:13:54 +0100 | [diff] [blame] | 270 | serviceMesh: |
| 271 | authorizationPolicy: |
| 272 | authorizedPrincipals: |
| 273 | - serviceAccount: aai-read |
| 274 | - serviceAccount: consul-read |
| 275 | |
leila | b3bfd4d | 2022-11-10 14:27:16 -0500 | [diff] [blame] | 276 | # To make logback capping values configurable |
| 277 | logback: |
Fiete Ostkamp | 49a40b2 | 2023-11-14 10:35:03 +0100 | [diff] [blame] | 278 | logToFileEnabled: false |
leila | b3bfd4d | 2022-11-10 14:27:16 -0500 | [diff] [blame] | 279 | maxHistory: 7 |
| 280 | totalSizeCap: 6GB |
| 281 | queueSize: 1000 |
| 282 | |
| 283 | accessLogback: |
Fiete Ostkamp | 42de546 | 2024-01-04 13:56:15 +0100 | [diff] [blame] | 284 | livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes |
Fiete Ostkamp | 49a40b2 | 2023-11-14 10:35:03 +0100 | [diff] [blame] | 285 | logToFileEnabled: false |
leila | b3bfd4d | 2022-11-10 14:27:16 -0500 | [diff] [blame] | 286 | maxHistory: 7 |
| 287 | totalSizeCap: 6GB |
| 288 | |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 289 | # Configure resource requests and limits |
| 290 | # ref: http://kubernetes.io/docs/user-guide/compute-resources/ |
| 291 | resources: |
| 292 | small: |
| 293 | limits: |
Andreas Geissler | 4753743 | 2024-02-27 08:55:23 +0100 | [diff] [blame] | 294 | cpu: "2" |
| 295 | memory: "4Gi" |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 296 | requests: |
Andreas Geissler | 4753743 | 2024-02-27 08:55:23 +0100 | [diff] [blame] | 297 | cpu: "1" |
| 298 | memory: "3Gi" |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 299 | large: |
| 300 | limits: |
Andreas Geissler | 4753743 | 2024-02-27 08:55:23 +0100 | [diff] [blame] | 301 | cpu: "4" |
| 302 | memory: "8Gi" |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 303 | requests: |
Andreas Geissler | 4753743 | 2024-02-27 08:55:23 +0100 | [diff] [blame] | 304 | cpu: "2" |
| 305 | memory: "4Gi" |
Sylvain Desbureaux | 7007041 | 2020-11-09 21:58:48 +0100 | [diff] [blame] | 306 | unlimited: {} |
farida azmy | d893733 | 2021-03-09 12:20:42 +0200 | [diff] [blame] | 307 | |
Fiete Ostkamp | 40cbf9b | 2024-01-08 16:04:02 +0100 | [diff] [blame] | 308 | endpoints: |
| 309 | enabled: true |
| 310 | health: |
| 311 | enabled: true |
| 312 | info: |
| 313 | enabled: true |
| 314 | |
leila | 46fb580 | 2022-11-15 11:33:21 -0500 | [diff] [blame] | 315 | metrics: |
| 316 | serviceMonitor: |
| 317 | enabled: false |
| 318 | targetPort: 8448 |
Fiete Ostkamp | 63f8bfd | 2024-01-10 16:11:43 +0100 | [diff] [blame] | 319 | path: /actuator/prometheus |
leila | 46fb580 | 2022-11-15 11:33:21 -0500 | [diff] [blame] | 320 | basicAuth: |
| 321 | enabled: false |
| 322 | externalSecretName: mysecretname |
| 323 | externalSecretUserKey: login |
| 324 | externalSecretPasswordKey: password |
| 325 | |
| 326 | ## Namespace in which Prometheus is running |
| 327 | ## |
| 328 | # namespace: monitoring |
| 329 | |
| 330 | ## Interval at which metrics should be scraped. |
| 331 | ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint |
| 332 | ## |
| 333 | #interval: 30s |
| 334 | |
| 335 | ## Timeout after which the scrape is ended |
| 336 | ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint |
| 337 | ## |
| 338 | # scrapeTimeout: 10s |
| 339 | |
| 340 | ## ServiceMonitor selector labels |
| 341 | ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration |
| 342 | ## |
| 343 | selector: |
| 344 | app: '{{ include "common.name" . }}' |
| 345 | chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' |
| 346 | release: '{{ include "common.release" . }}' |
| 347 | heritage: '{{ .Release.Service }}' |
| 348 | |
| 349 | ## RelabelConfigs to apply to samples before scraping |
| 350 | ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig |
| 351 | ## Value is evalued as a template |
| 352 | ## |
| 353 | relabelings: [] |
| 354 | |
| 355 | ## MetricRelabelConfigs to apply to samples before ingestion |
| 356 | ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig |
| 357 | ## Value is evalued as a template |
| 358 | ## |
| 359 | metricRelabelings: [] |
| 360 | # - sourceLabels: |
| 361 | # - "__name__" |
| 362 | # targetLabel: "__name__" |
| 363 | # action: replace |
| 364 | # regex: '(.*)' |
| 365 | # replacement: 'example_prefix_$1' |
| 366 | |
farida azmy | d893733 | 2021-03-09 12:20:42 +0200 | [diff] [blame] | 367 | #Pods Service Account |
| 368 | serviceAccount: |
| 369 | nameOverride: aai-traversal |
| 370 | roles: |
| 371 | - read |
Maciej Wereski | d523d12 | 2021-09-21 11:22:13 +0200 | [diff] [blame] | 372 | |
| 373 | #Log configuration |
| 374 | log: |
| 375 | path: /var/log/onap |
| 376 | logConfigMapNamePrefix: '{{ include "common.fullname" . }}' |
Kv | bc2df7b | 2024-05-20 11:31:17 +0530 | [diff] [blame^] | 377 | ################################################################# |
| 378 | # Secrets metaconfig |
| 379 | ################################################################# |
| 380 | secrets: |
| 381 | - uid: aai-trav-kafka-user |
| 382 | externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' |
| 383 | type: genericKV |
| 384 | envs: |
| 385 | - name: sasl.jaas.config |
| 386 | value: '{{ .Values.config.someConfig }}' |
| 387 | policy: generate |
| 388 | kafkaUser: |
| 389 | authenticationType: scram-sha-512 |
| 390 | acls: |
| 391 | - name: AAI-EVENT |
| 392 | type: topic |
| 393 | operations: [Read, Write] |