vaibhav_16dec | e04b2fe | 2018-03-22 09:07:12 +0000 | [diff] [blame] | 1 | # Copyright © 2017 Amdocs, Bell Canada |
Krzysztof Opasiak | 4a4703b | 2020-02-08 01:04:48 +0100 | [diff] [blame] | 2 | # Copyright © 2020 Samsung Electronics |
Sylvain Desbureaux | cc3141d | 2021-02-08 15:59:33 +0100 | [diff] [blame] | 3 | # Copyright © 2021 Orange |
vaibhav_16dec | e04b2fe | 2018-03-22 09:07:12 +0000 | [diff] [blame] | 4 | # |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 6 | # you may not use this file except in compliance with the License. |
| 7 | # You may obtain a copy of the License at |
| 8 | # |
| 9 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | # |
| 11 | # Unless required by applicable law or agreed to in writing, software |
| 12 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | # See the License for the specific language governing permissions and |
| 15 | # limitations under the License. |
| 16 | |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 17 | # Default values for vid. |
| 18 | # This is a YAML-formatted file. |
| 19 | # Declare variables to be passed into your templates. |
| 20 | global: |
| 21 | nodePortPrefix: 302 |
RPMishra | e4ee7f1 | 2020-10-07 12:09:01 +0530 | [diff] [blame] | 22 | mariadbGalera: &mariadbGalera |
| 23 | #This flag allows VID to instantiate its own mariadb-galera cluster |
| 24 | localCluster: false |
| 25 | service: mariadb-galera |
| 26 | internalPort: 3306 |
| 27 | nameOverride: mariadb-galera |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 28 | |
Krzysztof Opasiak | 4a4703b | 2020-02-08 01:04:48 +0100 | [diff] [blame] | 29 | ################################################################# |
| 30 | # Secrets metaconfig |
| 31 | ################################################################# |
| 32 | secrets: |
| 33 | - uid: vid-db-user-secret |
Sylvain Desbureaux | 93a5b49 | 2020-11-27 11:07:42 +0100 | [diff] [blame] | 34 | name: &dbUserSecretName '{{ include "common.release" . }}-vid-db-user-secret' |
Krzysztof Opasiak | 4a4703b | 2020-02-08 01:04:48 +0100 | [diff] [blame] | 35 | type: basicAuth |
| 36 | externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' |
| 37 | login: '{{ .Values.config.db.userName }}' |
| 38 | password: '{{ .Values.config.db.userPassword }}' |
| 39 | |
Sylvain Desbureaux | cc3141d | 2021-02-08 15:59:33 +0100 | [diff] [blame] | 40 | ################################################################# |
| 41 | # AAF part |
| 42 | ################################################################# |
| 43 | certInitializer: |
| 44 | nameOverride: vid-cert-initializer |
| 45 | aafDeployFqi: deployer@people.osaaf.org |
| 46 | aafDeployPass: demo123456! |
| 47 | # aafDeployCredsExternalSecret: some secret |
| 48 | fqdn: vid |
| 49 | fqi: vid@vid.onap.org |
| 50 | public_fqdn: vid.onap.org |
| 51 | fqi_namespace: "org.onap.vid" |
| 52 | cadi_longitude: "0.0" |
| 53 | cadi_latitude: "0.0" |
| 54 | app_ns: org.osaaf.aaf |
| 55 | credsPath: /opt/app/osaaf/local |
| 56 | aaf_add_config: | |
| 57 | echo "*** retrieving password for keystore and trustore" |
| 58 | export $(/opt/app/aaf_config/bin/agent.sh local showpass \ |
| 59 | {{.Values.fqi}} {{ .Values.fqdn }} | grep '^c' | xargs -0) |
| 60 | if [ -z "$cadi_keystore_password" ] |
| 61 | then |
| 62 | echo " /!\ certificates retrieval failed" |
| 63 | exit 1 |
| 64 | else |
| 65 | echo "*** changing them into shell safe ones" |
| 66 | export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
Krzysztof Opasiak | d189f0f | 2021-03-16 18:19:51 +0100 | [diff] [blame^] | 67 | export TRUSTORE_PASSWD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U |
Sylvain Desbureaux | cc3141d | 2021-02-08 15:59:33 +0100 | [diff] [blame] | 68 | cd {{ .Values.credsPath }} |
| 69 | keytool -storepasswd -new "${KEYSTORE_PASSWD}" \ |
| 70 | -storepass "${cadi_keystore_password_jks}" \ |
| 71 | -keystore {{ .Values.fqi_namespace }}.jks |
| 72 | keytool -storepasswd -new "${TRUSTORE_PASSWD}" \ |
| 73 | -storepass "${cadi_truststore_password}" \ |
| 74 | -keystore {{ .Values.fqi_namespace }}.trust.jks |
| 75 | echo "*** set key password as same password as keystore password" |
| 76 | keytool -keypasswd -new "${KEYSTORE_PASSWD}" \ |
| 77 | -keystore {{ .Values.fqi_namespace }}.jks \ |
| 78 | -keypass "${cadi_keystore_password_jks}" \ |
| 79 | -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }} |
| 80 | echo "*** save the generated passwords" |
| 81 | echo "VID_KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop |
Krzysztof Opasiak | d189f0f | 2021-03-16 18:19:51 +0100 | [diff] [blame^] | 82 | echo "VID_TRUSTSTORE_PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp" >> mycreds.prop |
Sylvain Desbureaux | cc3141d | 2021-02-08 15:59:33 +0100 | [diff] [blame] | 83 | echo "*** change ownership of certificates to targeted user" |
| 84 | chown -R 1000 . |
| 85 | fi |
| 86 | |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 87 | subChartsOnly: |
| 88 | enabled: true |
| 89 | |
| 90 | # application image |
Ikramullah, Ikram (fi241c) | 07e91ee | 2020-10-08 14:56:42 -0400 | [diff] [blame] | 91 | image: onap/vid:7.0.0 |
yuryn | d0707be | 2017-09-27 14:54:18 +0300 | [diff] [blame] | 92 | pullPolicy: Always |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 93 | |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 94 | # application configuration |
BorislavG | 5f3b619 | 2018-03-25 18:12:38 +0300 | [diff] [blame] | 95 | config: |
Krzysztof Opasiak | 4a4703b | 2020-02-08 01:04:48 +0100 | [diff] [blame] | 96 | db: |
| 97 | userName: vidadmin |
| 98 | # userCredentialsExternalSecret: some secret |
| 99 | # userPassword: password |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 100 | asdcclientrestauth: "Basic dmlkOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=" |
k.kedron | c784bbd | 2019-09-05 18:28:16 +0200 | [diff] [blame] | 101 | asdcclientrestport: "8443" |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 102 | vidaaiport: "8443" |
Sonsino, Ofir (os0695) | c9a6edf | 2018-10-18 11:26:03 +0300 | [diff] [blame] | 103 | onapport: "30225" |
| 104 | onapportrest: "8443" |
| 105 | portalhost: "portal.api.simpledemo.onap.org" |
Alexis de Talhouët | 6c9efc6 | 2018-09-20 11:54:03 -0400 | [diff] [blame] | 106 | msoport: "8080" |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 107 | vidmsopass: OBF:1ih71i271vny1yf41ymf1ylz1yf21vn41hzj1icz |
| 108 | msodme2serverurl: http://localhost:8081 |
| 109 | vidcontactuslink: https://todo_contact_us_link.com |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 110 | vidmysqlmaxconnections: "5" |
BorislavG | 5f3b619 | 2018-03-25 18:12:38 +0300 | [diff] [blame] | 111 | logstashServiceName: log-ls |
| 112 | logstashPort: 5044 |
Sonsino, Ofir (os0695) | c9a6edf | 2018-10-18 11:26:03 +0300 | [diff] [blame] | 113 | roleaccesscentralized: remote |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 114 | |
Sylvain Desbureaux | 6383c44 | 2019-11-14 09:28:12 +0100 | [diff] [blame] | 115 | mariadb-galera: |
Sylvain Desbureaux | 93a5b49 | 2020-11-27 11:07:42 +0100 | [diff] [blame] | 116 | db: |
Sylvain Desbureaux | 93a5b49 | 2020-11-27 11:07:42 +0100 | [diff] [blame] | 117 | # password: |
| 118 | externalSecret: *dbUserSecretName |
| 119 | name: &mysqlDbName vid_openecomp_epsdk |
| 120 | nameOverride: &vid-galera vid-galera |
Sylvain Desbureaux | 6383c44 | 2019-11-14 09:28:12 +0100 | [diff] [blame] | 121 | replicaCount: 3 |
| 122 | persistence: |
| 123 | enabled: true |
| 124 | mountSubPath: vid/maria/data |
| 125 | externalConfig: |- |
Brian Freeman | 8a1d314 | 2019-12-06 12:44:53 -0500 | [diff] [blame] | 126 | [mysqld] |
Sylvain Desbureaux | 6383c44 | 2019-11-14 09:28:12 +0100 | [diff] [blame] | 127 | lower_case_table_names = 1 |
Sylvain Desbureaux | 93a5b49 | 2020-11-27 11:07:42 +0100 | [diff] [blame] | 128 | serviceAccount: |
| 129 | nameOverride: *vid-galera |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 130 | |
RPMishra | e4ee7f1 | 2020-10-07 12:09:01 +0530 | [diff] [blame] | 131 | mariadb-init: |
Sylvain Desbureaux | 93a5b49 | 2020-11-27 11:07:42 +0100 | [diff] [blame] | 132 | config: |
| 133 | userCredentialsExternalSecret: *dbUserSecretName |
| 134 | mysqlDatabase: *mysqlDbName |
RPMishra | e4ee7f1 | 2020-10-07 12:09:01 +0530 | [diff] [blame] | 135 | nameOverride: vid-mariadb-init |
| 136 | # A configMap of same name is created. It points to file that will be run after |
| 137 | # The DB has been created. |
| 138 | dbScriptConfigMap: '{{ include "common.release" . }}-vid-db-init' |
| 139 | |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 140 | # default number of instances |
| 141 | replicaCount: 1 |
| 142 | |
| 143 | nodeSelector: {} |
| 144 | |
| 145 | affinity: {} |
| 146 | |
| 147 | # probe configuration parameters |
| 148 | liveness: |
Mandeep Khinda | cef0e3c | 2018-09-21 03:59:17 +0000 | [diff] [blame] | 149 | initialDelaySeconds: 120 |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 150 | periodSeconds: 10 |
| 151 | # necessary to disable liveness probe when setting breakpoints |
| 152 | # in debugger so K8s doesn't restart unresponsive container |
| 153 | enabled: true |
| 154 | |
| 155 | readiness: |
| 156 | initialDelaySeconds: 10 |
| 157 | periodSeconds: 10 |
| 158 | |
| 159 | service: |
| 160 | type: NodePort |
| 161 | name: vid |
BorislavG | 1ffbd99 | 2018-04-24 07:56:27 +0000 | [diff] [blame] | 162 | portName: vid |
Piotr Darosz | d9dc219 | 2018-09-10 10:40:26 +0200 | [diff] [blame] | 163 | externalPort: 8443 |
Piotr Darosz | aca7aa5 | 2018-08-29 14:27:02 +0200 | [diff] [blame] | 164 | internalPort: 8443 |
Piotr Darosz | d9dc219 | 2018-09-10 10:40:26 +0200 | [diff] [blame] | 165 | nodePort: "00" |
Ittay Stern | 9409470 | 2019-08-04 14:00:22 +0300 | [diff] [blame] | 166 | externalHttpPort: 8080 |
| 167 | internalHttpPort: 8080 |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 168 | |
| 169 | ingress: |
| 170 | enabled: false |
Lucjan Bryndza | a9a362f | 2019-08-14 09:53:04 +0200 | [diff] [blame] | 171 | service: |
Sylvain Desbureaux | ab116a5 | 2020-11-19 17:27:59 +0100 | [diff] [blame] | 172 | - baseaddr: "vid.api" |
| 173 | name: "vid-http" |
| 174 | port: 8443 |
Lucjan Bryndza | a9a362f | 2019-08-14 09:53:04 +0200 | [diff] [blame] | 175 | config: |
Sylvain Desbureaux | ab116a5 | 2020-11-19 17:27:59 +0100 | [diff] [blame] | 176 | ssl: "redirect" |
Priyanka | 5fdca02 | 2018-03-13 12:53:06 +0000 | [diff] [blame] | 177 | |
Mandeep Khinda | 60d36d4 | 2018-09-24 15:15:48 +0000 | [diff] [blame] | 178 | # Resource Limit flavor -By Default using small |
vaibhavjayas | afb925d | 2018-09-19 09:33:41 +0000 | [diff] [blame] | 179 | flavor: small |
| 180 | # Segregation for Different environment (Small and Large) |
| 181 | resources: |
| 182 | small: |
| 183 | limits: |
Mandeep Khinda | cef0e3c | 2018-09-21 03:59:17 +0000 | [diff] [blame] | 184 | cpu: 200m |
vaibhavjayas | afb925d | 2018-09-19 09:33:41 +0000 | [diff] [blame] | 185 | memory: 2Gi |
| 186 | requests: |
Mandeep Khinda | cef0e3c | 2018-09-21 03:59:17 +0000 | [diff] [blame] | 187 | cpu: 100m |
Mandeep Khinda | 3c13425 | 2018-09-19 23:56:37 +0000 | [diff] [blame] | 188 | memory: 1Gi |
vaibhavjayas | afb925d | 2018-09-19 09:33:41 +0000 | [diff] [blame] | 189 | large: |
| 190 | limits: |
Mandeep Khinda | cef0e3c | 2018-09-21 03:59:17 +0000 | [diff] [blame] | 191 | cpu: 400m |
vaibhavjayas | afb925d | 2018-09-19 09:33:41 +0000 | [diff] [blame] | 192 | memory: 4Gi |
| 193 | requests: |
Mandeep Khinda | cef0e3c | 2018-09-21 03:59:17 +0000 | [diff] [blame] | 194 | cpu: 200m |
Mandeep Khinda | 60d36d4 | 2018-09-24 15:15:48 +0000 | [diff] [blame] | 195 | memory: 2Gi |
Ittay Stern | 9175127 | 2019-05-05 12:11:47 +0300 | [diff] [blame] | 196 | unlimited: {} |