Lathish | 818ee5d | 2020-08-26 13:45:03 +0100 | [diff] [blame] | 1 | ################################################################################ |
| 2 | # Copyright (c) 2020 Nordix Foundation. # |
Konrad Bańka | 52c38b9 | 2020-10-28 16:49:19 +0100 | [diff] [blame] | 3 | # Copyright © 2020 Samsung Electronics, Modifications # |
Lathish | 818ee5d | 2020-08-26 13:45:03 +0100 | [diff] [blame] | 4 | # # |
| 5 | # Licensed under the Apache License, Version 2.0 (the "License"); # |
| 6 | # you may not use this file except in compliance with the License. # |
| 7 | # You may obtain a copy of the License at # |
| 8 | # # |
| 9 | # http://www.apache.org/licenses/LICENSE-2.0 # |
| 10 | # # |
| 11 | # Unless required by applicable law or agreed to in writing, software # |
| 12 | # distributed under the License is distributed on an "AS IS" BASIS, # |
| 13 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # |
| 14 | # See the License for the specific language governing permissions and # |
| 15 | # limitations under the License. # |
| 16 | ################################################################################ |
| 17 | # Default values for Policy Management Service. |
| 18 | # This is a YAML-formatted file. |
| 19 | # Declare variables to be passed into your templates. |
| 20 | |
| 21 | global: |
Sylvain Desbureaux | d4a6afd | 2020-11-21 22:01:15 +0100 | [diff] [blame] | 22 | nodePortPrefix: 302 |
Lathish | 818ee5d | 2020-08-26 13:45:03 +0100 | [diff] [blame] | 23 | |
| 24 | secrets: |
| 25 | - uid: controller-secret |
| 26 | type: basicAuth |
| 27 | externalSecret: '{{ tpl (default "" .Values.a1controller.credsExternalSecret) . }}' |
| 28 | login: '{{ .Values.a1controller.user }}' |
| 29 | password: '{{ .Values.a1controller.password }}' |
| 30 | passwordPolicy: required |
| 31 | |
Sylvain Desbureaux | b5353c9 | 2021-02-15 11:30:29 +0100 | [diff] [blame] | 32 | ################################################################# |
| 33 | # AAF part |
| 34 | ################################################################# |
| 35 | certInitializer: |
| 36 | nameOverride: a1p-cert-initializer |
| 37 | aafDeployFqi: deployer@people.osaaf.org |
| 38 | aafDeployPass: demo123456! |
| 39 | # aafDeployCredsExternalSecret: some secret |
| 40 | fqdn: a1p |
| 41 | fqi: a1p@a1p.onap.org |
| 42 | public_fqdn: a1p.onap.org |
| 43 | cadi_longitude: "0.0" |
| 44 | cadi_latitude: "0.0" |
| 45 | app_ns: org.osaaf.aaf |
| 46 | credsPath: /opt/app/osaaf/local |
| 47 | fqi_namespace: org.onap.a1p |
| 48 | aaf_add_config: | |
| 49 | echo "*** changing them into shell safe ones" |
| 50 | export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| 51 | export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) |
| 52 | cd {{ .Values.credsPath }} |
| 53 | keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ |
| 54 | -storepass "${cadi_keystore_password_p12}" \ |
| 55 | -keystore {{ .Values.fqi_namespace }}.p12 |
| 56 | keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \ |
| 57 | -storepass "${cadi_truststore_password}" \ |
| 58 | -keystore {{ .Values.fqi_namespace }}.trust.jks |
| 59 | echo "*** set key password as same password as keystore password" |
| 60 | keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \ |
| 61 | -keystore {{ .Values.fqi_namespace }}.p12 \ |
| 62 | -keypass "${cadi_keystore_password_p12}" \ |
| 63 | -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }} |
| 64 | echo "*** save the generated passwords" |
| 65 | echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop |
| 66 | echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop |
| 67 | echo "*** change ownership of certificates to targeted user" |
| 68 | chown -R 1000 . |
| 69 | |
Dan Timoney | 9e310e7 | 2021-02-23 11:25:39 -0500 | [diff] [blame] | 70 | image: onap/ccsdk-oran-a1policymanagementservice:1.1.1 |
Konrad Bańka | 52c38b9 | 2020-10-28 16:49:19 +0100 | [diff] [blame] | 71 | userID: 1000 #Should match with image-defined user ID |
| 72 | groupID: 999 #Should match with image-defined group ID |
Lathish | 818ee5d | 2020-08-26 13:45:03 +0100 | [diff] [blame] | 73 | pullPolicy: IfNotPresent |
| 74 | replicaCount: 1 |
| 75 | |
| 76 | service: |
| 77 | type: NodePort |
| 78 | name: a1policymanagement |
| 79 | both_tls_and_plain: true |
| 80 | ports: |
| 81 | - name: api |
| 82 | port: 8433 |
| 83 | plain_port: 8081 |
| 84 | port_protocol: http |
| 85 | nodePort: '94' |
| 86 | |
| 87 | # SDNC Credentials are used here |
| 88 | a1controller: |
| 89 | user: admin |
| 90 | password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U |
| 91 | |
| 92 | sdncLink: https://sdnc.onap:8443 |
RehanRaza | e30f9b9 | 2021-03-25 14:36:53 +0100 | [diff] [blame] | 93 | # The information about A1-Mediator/RICs can be added here. |
| 94 | # The A1 policy management service supports both STD & OSC versions. |
| 95 | # Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD & OSC versions for A1 termination. |
Lathish | 818ee5d | 2020-08-26 13:45:03 +0100 | [diff] [blame] | 96 | # Refer source code & run in docker container : https://gerrit.o-ran-sc.org/r/admin/repos/sim/a1-interface |
RehanRaza | e30f9b9 | 2021-03-25 14:36:53 +0100 | [diff] [blame] | 97 | # Refer it/dep repo for k8s deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep |
| 98 | # Example configuration: |
| 99 | #rics: |
| 100 | # - name: ric1 |
| 101 | # link: http://ric1url.url.com:1111/ |
| 102 | # managedElementIds: |
| 103 | # - kista1 |
| 104 | # - kista2 |
| 105 | # - name: ric2 |
| 106 | # link: http://ric2url.url.com:2222/ |
| 107 | # managedElementIds: |
| 108 | # - kista3 |
| 109 | # - kista4 |
| 110 | rics: |
Lathish | 818ee5d | 2020-08-26 13:45:03 +0100 | [diff] [blame] | 111 | streamPublish: http://message-router:3904/events/A1-POLICY-AGENT-WRITE |
| 112 | streamSubscribe: http://message-router:3904/events/A1-POLICY-AGENT-READ/users/policy-agent?timeout=15000&limit=100 |
| 113 | |
| 114 | liveness: |
| 115 | port: api |
| 116 | initialDelaySeconds: 60 |
| 117 | periodSeconds: 10 |
| 118 | readiness: |
| 119 | port: api |
| 120 | initialDelaySeconds: 60 |
| 121 | periodSeconds: 10 |
| 122 | |
| 123 | #Resource Limit flavor -By Default using small |
| 124 | flavor: small |
| 125 | |
| 126 | resources: |
| 127 | small: |
| 128 | limits: |
| 129 | cpu: 2 |
| 130 | memory: 4Gi |
| 131 | requests: |
| 132 | cpu: 1 |
| 133 | memory: 2Gi |
| 134 | large: |
| 135 | limits: |
| 136 | cpu: 4 |
| 137 | memory: 8Gi |
| 138 | requests: |
| 139 | cpu: 2 |
| 140 | memory: 4Gi |
| 141 | unlimited: {} |