blob: b5d99fdbda3ba5e8a2b6a32a8efe2fc7c86ecfe7 [file] [log] [blame]
Sylvain Desbureaux70070412020-11-09 21:58:48 +01001# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
2# Modifications Copyright (c) 2020 Nokia
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01003# Modifications Copyright (c) 2021 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +01004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17# Default values for traversal.
18# This is a YAML-formatted file.
19# Declare variables to be passed into your templates.
20global: # global defaults
21 nodePortPrefix: 302
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010022 aafEnabled: true
23
24 cassandra:
25 #Service Name of the cassandra cluster to connect to.
26 #Override it to aai-cassandra if localCluster is enabled.
27 serviceName: cassandra
28
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010029 # Specifies a list of jobs to be run
30 jobs:
31 # When enabled, it will create the schema based on oxm and edge rules
32 createSchema:
33 enabled: true
34 # When enabled, it will create the widget models via REST API to haproxy
35 updateQueryData:
36 enabled: true
37 #migration using helm hooks
38 migration:
39 enabled: false
40
41 # Common configuration for resources traversal and graphadmin
42 config:
43 # User information for the admin user in container
44 userId: 1000
45 groupId: 1000
46
47 # Specifies that the cluster connected to a dynamic
48 # cluster being spinned up by kubernetes deployment
49 cluster:
50 cassandra:
51 dynamic: true
52
53 # Specifies if the basic authorization is enabled
54 basic:
55 auth:
56 enabled: true
57 username: AAI
58 passwd: AAI
59
60 # Active spring profiles for the resources microservice
61 profiles:
osk1146127fd7d82021-06-18 00:51:17 +020062 active: production,dmaap #,aaf-auth ,keycloak
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010063
64 # Notification event specific properties
65 notification:
66 eventType: AAI-EVENT
67 domain: dev
68
69 # Schema specific properties that include supported versions of api
70 schema:
71 # Specifies if the connection should be one way ssl, two way ssl or no auth
72 service:
73 client: one-way-ssl
74 # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
75 translator:
76 list: schema-service
77 source:
78 # Specifies which folder to take a look at
79 name: onap
80 uri:
81 # Base URI Path of the application
82 base:
83 path: /aai
84 version:
85 # Current version of the REST API
86 api:
wr148dcd3e6b72022-08-19 16:17:44 -040087 default: v27
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010088 # Specifies which version the depth parameter is configurable
89 depth: v11
90 # List of all the supported versions of the API
wr148dcd3e6b72022-08-19 16:17:44 -040091 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010092 # Specifies from which version related link should appear
93 related:
94 link: v11
95 # Specifies from which version the app root change happened
96 app:
97 root: v11
98 # Specifies from which version the xml namespace changed
99 namespace:
100 change: v12
101 # Specifies from which version the edge label appeared in API
102 edge:
103 label: v12
104
Sylvain Desbureaux5b651322020-12-07 15:34:15 +0100105 # Specifies which clients should always default to realtime graph connection
106 realtime:
107 clients: SDNC,MSO,SO,robot-ete
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100108
Sylvain Desbureauxa41dfc02021-02-15 10:14:22 +0100109#################################################################
110# Certificate configuration
111#################################################################
112certInitializer:
113 nameOverride: aai-traversal-cert-initializer
114 aafDeployFqi: deployer@people.osaaf.org
115 aafDeployPass: demo123456!
116 # aafDeployCredsExternalSecret: some secret
117 fqdn: aai-traversal
118 fqi: aai-traversal@aai-traversal.onap.org
119 public_fqdn: aai-traversal.onap.org
120 cadi_longitude: "0.0"
121 cadi_latitude: "0.0"
122 app_ns: org.osaaf.aaf
123 credsPath: /opt/app/osaaf/local
124 fqi_namespace: org.onap.aai-traversal
125 aaf_add_config: |
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200126 echo "*** changing them into shell safe ones"
127 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
128 export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
129 cd {{ .Values.credsPath }}
130 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
131 -storepass "${cadi_keystore_password_p12}" \
132 -keystore {{ .Values.fqi_namespace }}.p12
133 keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
134 -storepass "${cadi_truststore_password}" \
135 -keystore {{ .Values.fqi_namespace }}.trust.jks
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200136 echo "*** save the generated passwords"
137 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
138 echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
Sylvain Desbureaux6b83dab2021-02-23 16:03:21 +0100139 echo "*** change ownership of certificates to targeted user"
140 chown -R 1000 {{ .Values.credsPath }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100141
142# application image
leilab3bfd4d2022-11-10 14:27:16 -0500143image: onap/aai-traversal:1.11.1
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100144pullPolicy: Always
145restartPolicy: Always
146flavor: small
147flavorOverride: small
M.Hosnidokht15fea932021-08-25 09:08:40 -0400148# the minimum number of seconds that a newly created Pod should be ready
149minReadySeconds: 30
150updateStrategy:
151 type: RollingUpdate
152 # The number of pods that can be unavailable during the update process
153 maxUnavailable: 0
154 # The number of pods that can be created above the desired amount of pods during an update
155 maxSurge: 1
Sylvain Desbureaux331f0042021-01-18 11:38:49 +0100156
157api_list:
158 - 11
159 - 12
160 - 13
161 - 14
162 - 15
163 - 16
164 - 17
165 - 18
166 - 19
167
168aai_enpoints:
169 - name: aai-generic-query
170 url: search/generic-query
171 - name: aai-nodes-query
172 url: search/nodes-query
173 - name: aai-nquery
174 url: query
175
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100176# application configuration
177config:
178
Sam Huang56a6dd42021-03-26 13:27:17 -0600179 # configure keycloak according to your environment.
180 # don't forget to add keycloak in active profiles above (global.config.profiles)
181 keycloak:
182 host: keycloak.your.domain
183 port: 8180
184 # Specifies a set of users, credentials, roles, and groups
185 realm: aai-traversal
186 # Used by any client application for enabling fine-grained authorization for their protected resources
187 resource: aai-traversal-app
188 # If set to true, additional criteria will be added into traversal query to returns all the vertices that match
189 # the data-owner property with the given role to the user in keycloak
190 multiTenancy:
191 enabled: true
192
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100193 # Specifies timeout information such as application specific and limits
194 timeout:
195 # If set to true application will timeout for queries taking longer than limit
196 enabled: true
197 # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
198 appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
199 # Specifies how long should it wait before timing out the REST request
200 limit: 180000
201
202 # Disables the updateQueryData script to run as part of traversal
203 disableUpdateQuery: true
204
205 # Override of the DSL Timeout Limit
206 dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA'
207
208 dsl:
209 # Dsl timeout configuration
210 timeout:
211 # Whether or not the dsl is enabled
212 enabled: true
213 # Default time limit of the DSL query
214 limit: 150000
215 # App Specific Timeout Limit for each of the X-FromAppId
216 appspecific:
217 - JUNITTESTAPP1,1
218 - JUNITTESTAPP2,-1
219 - AAI-TOOLS,-1
220 - DCAE-CCS,1200000
221 - DCAES,1200000
222 - VPESAT,-1
223 - AAI-CACHER,-1
224 - VidAaiController,300000
225 - AAI-UI,180000
226
227persistence:
228 mountPath: /dockerdata-nfs
229 mountSubPath: aai/aai-traversal
230
231# default number of instances
232replicaCount: 1
233
Rommel Pawar63db7162022-11-16 10:11:24 -0800234minReadySeconds: 10
235updateStrategy:
236 type: RollingUpdate
237 maxUnavailable: 0
238 maxSurge: 1
239
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100240nodeSelector: {}
241
242affinity: {}
243
244# probe configuration parameters
245liveness:
246 initialDelaySeconds: 60
247 periodSeconds: 60
248 # necessary to disable liveness probe when setting breakpoints
249 # in debugger so K8s doesn't restart unresponsive container
250 enabled: false
251
252readiness:
253 initialDelaySeconds: 10
254 periodSeconds: 10
255
256service:
257 type: ClusterIP
osk1146127fd7d82021-06-18 00:51:17 +0200258 portName: http
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100259 internalPort: 8446
osk1146127fd7d82021-06-18 00:51:17 +0200260 portName2: tcp-5005
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100261 internalPort2: 5005
leila46fb5802022-11-15 11:33:21 -0500262 portName3: aai-traversal-8448
263 internalPort3: 8448
M.Hosnidokht15fea932021-08-25 09:08:40 -0400264 terminationGracePeriodSeconds: 120
leila46fb5802022-11-15 11:33:21 -0500265 sessionAffinity: None
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100266
267ingress:
268 enabled: false
269
leilab3bfd4d2022-11-10 14:27:16 -0500270# To make logback capping values configurable
271logback:
272 logToFileEnabled: true
273 maxHistory: 7
274 totalSizeCap: 6GB
275 queueSize: 1000
276
277accessLogback:
278 logToFileEnabled: true
279 maxHistory: 7
280 totalSizeCap: 6GB
281
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100282# Configure resource requests and limits
283# ref: http://kubernetes.io/docs/user-guide/compute-resources/
284resources:
285 small:
286 limits:
287 cpu: 2
288 memory: 4Gi
289 requests:
290 cpu: 1
291 memory: 3Gi
292 large:
293 limits:
294 cpu: 4
295 memory: 8Gi
296 requests:
297 cpu: 2
298 memory: 4Gi
299 unlimited: {}
farida azmyd8937332021-03-09 12:20:42 +0200300
leila46fb5802022-11-15 11:33:21 -0500301metrics:
302 serviceMonitor:
303 enabled: false
304 targetPort: 8448
305 path: /prometheus
306 basicAuth:
307 enabled: false
308 externalSecretName: mysecretname
309 externalSecretUserKey: login
310 externalSecretPasswordKey: password
311
312 ## Namespace in which Prometheus is running
313 ##
314 # namespace: monitoring
315
316 ## Interval at which metrics should be scraped.
317 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
318 ##
319 #interval: 30s
320
321 ## Timeout after which the scrape is ended
322 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
323 ##
324 # scrapeTimeout: 10s
325
326 ## ServiceMonitor selector labels
327 ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
328 ##
329 selector:
330 app: '{{ include "common.name" . }}'
331 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
332 release: '{{ include "common.release" . }}'
333 heritage: '{{ .Release.Service }}'
334
335 ## RelabelConfigs to apply to samples before scraping
336 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
337 ## Value is evalued as a template
338 ##
339 relabelings: []
340
341 ## MetricRelabelConfigs to apply to samples before ingestion
342 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
343 ## Value is evalued as a template
344 ##
345 metricRelabelings: []
346 # - sourceLabels:
347 # - "__name__"
348 # targetLabel: "__name__"
349 # action: replace
350 # regex: '(.*)'
351 # replacement: 'example_prefix_$1'
352
farida azmyd8937332021-03-09 12:20:42 +0200353#Pods Service Account
354serviceAccount:
355 nameOverride: aai-traversal
356 roles:
357 - read
Maciej Wereskid523d122021-09-21 11:22:13 +0200358
359#Log configuration
360log:
361 path: /var/log/onap
362logConfigMapNamePrefix: '{{ include "common.fullname" . }}'