blob: 118f446b2698179ddde406e491babf93ac595153 [file] [log] [blame]
Sylvain Desbureaux70070412020-11-09 21:58:48 +01001#
2# ============LICENSE_START=======================================================
3# org.onap.aai
4# ================================================================================
5# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
6# Copyright (c) 2020 Nokia Intellectual Property. All rights reserved.
Sylvain Desbureauxc57b58d2021-02-23 18:07:34 +01007# Copyright (c) 2020-2021 Orange Intellectual Property. All rights reserved.
Sylvain Desbureaux70070412020-11-09 21:58:48 +01008# ================================================================================
9# Licensed under the Apache License, Version 2.0 (the "License");
10# you may not use this file except in compliance with the License.
11# You may obtain a copy of the License at
12#
13# http://www.apache.org/licenses/LICENSE-2.0
14#
15# Unless required by applicable law or agreed to in writing, software
16# distributed under the License is distributed on an "AS IS" BASIS,
17# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
18# See the License for the specific language governing permissions and
19# limitations under the License.
20# ============LICENSE_END=========================================================
21
22# Default values for resources.
23# This is a YAML-formatted file.
24# Declare variables to be passed into your templates.
25global: # global defaults
26 nodePortPrefix: 302
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010027 cassandra:
28 #This will instantiate AAI cassandra cluster, default:shared cassandra.
29 localCluster: false
30 initContainers:
31 enabled: true
32 jobs:
33 # When enabled, it will create the schema based on oxm and edge rules
34 createSchema:
35 enabled: true
36 #migration using helm hooks
37 migration:
38 enabled: false
39 config:
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010040
41 # Specifies that the cluster connected to a dynamic
42 # cluster being spinned up by kubernetes deployment
43 cluster:
44 cassandra:
45 dynamic: true
46
47 # Specifies if the basic authorization is enabled
48 basic:
49 auth:
50 enabled: true
51 username: AAI
52 passwd: AAI
53
54 # Notification event specific properties
55 notification:
56 eventType: AAI-EVENT
57 domain: dev
58
59 # Schema specific properties that include supported versions of api
60 schema:
61 # Specifies if the connection should be one way ssl, two way ssl or no auth
osk1146127fd7d82021-06-18 00:51:17 +020062 # will be set to no-auth if tls is disabled
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010063 service:
64 client: one-way-ssl
65 # Specifies which translator to use if it has schema-service, then it will
66 # make a rest request to schema service
67 translator:
68 list: schema-service
69 source:
70 # Specifies which folder to take a look at
71 name: onap
72 uri:
73 # Base URI Path of the application
74 base:
75 path: /aai
76 version:
77 # Current version of the REST API
78 api:
wr148d77086d72021-08-27 16:15:36 -040079 default: v24
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010080 # Specifies which version the depth parameter is configurable
81 depth: v11
82 # List of all the supported versions of the API
wr148d77086d72021-08-27 16:15:36 -040083 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010084 # Specifies from which version related link should appear
85 related:
86 link: v11
87 # Specifies from which version the app root change happened
88 app:
89 root: v11
90 # Specifies from which version the xml namespace changed
91 namespace:
92 change: v12
93 # Specifies from which version the edge label appeared in API
94 edge:
95 label: v12
96
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010097 # Specifies which clients should always default to realtime graph connection
98 realtime:
99 clients: SDNC,MSO,SO,robot-ete
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100100
Sylvain Desbureauxc57b58d2021-02-23 18:07:34 +0100101#################################################################
102# Certificate configuration
103#################################################################
104certInitializer:
105 nameOverride: aai-graphadmin-cert-initializer
106 aafDeployFqi: deployer@people.osaaf.org
107 aafDeployPass: demo123456!
108 # aafDeployCredsExternalSecret: some secret
109 fqdn: aai
110 fqi: aai@aai.onap.org
111 public_fqdn: aai.onap.org
112 cadi_longitude: "0.0"
113 cadi_latitude: "0.0"
114 app_ns: org.osaaf.aaf
115 credsPath: /opt/app/osaaf/local
116 fqi_namespace: org.onap.aai
117 user_id: &user_id 1000
118 group_id: &group_id 1000
119 aaf_add_config: |
120 echo "*** changing them into shell safe ones"
121 export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
122 export KEYSTORE_JKS_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
123 export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
124 cd {{ .Values.credsPath }}
125 keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
126 -storepass "${cadi_keystore_password_p12}" \
127 -keystore {{ .Values.fqi_namespace }}.p12
128 keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
129 -storepass "${cadi_truststore_password}" \
130 -keystore {{ .Values.fqi_namespace }}.trust.jks
131 keytool -storepasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
132 -storepass "${cadi_keystore_password_jks}" \
133 -keystore {{ .Values.fqi_namespace }}.jks
134 echo "*** set key password as same password as keystore password"
135 keytool -keypasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
136 -keystore {{ .Values.fqi_namespace }}.jks \
137 -keypass "${cadi_keystore_password_jks}" \
138 -storepass "${KEYSTORE_JKS_PLAIN_PASSWORD}" -alias {{ .Values.fqi }}
139 echo "*** writing passwords into prop file"
140 echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
141 echo "KEYSTORE_JKS_PLAIN_PASSWORD=${KEYSTORE_JKS_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
142 echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
143 echo "*** change ownership of certificates to targeted user"
144 chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100145
146# application image
wr148df63b16e2022-01-31 12:47:12 -0500147image: onap/aai-graphadmin:1.9.2
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100148pullPolicy: Always
149restartPolicy: Always
150flavor: small
151flavorOverride: small
152# default number of instances
153replicaCount: 1
M.Hosnidokht6c806532021-08-25 09:19:41 -0400154# the minimum number of seconds that a newly created Pod should be ready
155minReadySeconds: 30
156updateStrategy:
157 type: RollingUpdate
158 # The number of pods that can be unavailable during the update process
159 maxUnavailable: 0
160 # The number of pods that can be created above the desired amount of pods during an update
161 maxSurge: 1
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100162
163# Configuration for the graphadmin deployment
164config:
165
166 # Specify the profiles for the graphadmin microservice
167 profiles:
osk1146127fd7d82021-06-18 00:51:17 +0200168 # one way ssl profile will be set unless tlsEnabled is set to false or serviceMesh is enabled and
169 # serviceMesh.tls is set to tru
170 active: dmaap #,one-way-ssl"
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100171
172 # Specifies the timeout limit for the REST API requests
173 timeout:
174 enabled: true
175 limit: 180000
176
177 # Default maximum records to fix for the data grooming and dupeTool
178 maxFix:
179 dataGrooming: 150
180 dupeTool: 25
181
182 # Default number of sleep minutes for dataGrooming and dupeTool
183 sleepMinutes:
184 dataGrooming: 7
185 dupeTool: 7
186
187 # Cron specific attributes to be triggered for the graphadmin spring cron tasks
188 cron:
189 # Specifies that the data grooming tool which runs duplicates should be enabled
190 dataGrooming:
191 enabled: true
192 # Specifies that the data snapshot which takes a graphson snapshot should be enabled
193 dataSnapshot:
194 enabled: true
195 params: JUST_TAKE_SNAPSHOT
196
197 # Data cleanup which zips snapshots older than x days and deletes older than y days
198 dataCleanup:
199
200 dataGrooming:
201 enabled: true
202 # Zips up the dataGrooming files older than 5 days
203 ageZip: 5
204 # Deletes the dataGrooming files older than 30 days
205 ageDelete: 30
206
207 dataSnapshot:
208 enabled: true
209 # Zips up the dataSnapshot graphson files older than 5 days
210 ageZip: 5
211 # Deletes the dataSnapshot graphson files older than 30 days
212 ageDelete: 30
213 # Concurrency lock control flag
214 aai:
215 lock:
216 uri:
217 enabled: false
218
219
220nodeSelector: {}
221
222affinity: {}
223
224# probe configuration parameters
225liveness:
226 initialDelaySeconds: 60
227 periodSeconds: 60
228 # necessary to disable liveness probe when setting breakpoints
229 # in debugger so K8s doesn't restart unresponsive container
230 enabled: false
231
232readiness:
233 initialDelaySeconds: 60
234 periodSeconds: 10
235
236service:
237 type: ClusterIP
238 # REST API port for the graphadmin microservice
osk1146127fd7d82021-06-18 00:51:17 +0200239 portName: http
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100240 internalPort: 8449
osk1146127fd7d82021-06-18 00:51:17 +0200241 portName2: tcp-5005
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100242 internalPort2: 5005
M.Hosnidokht6c806532021-08-25 09:19:41 -0400243 terminationGracePeriodSeconds: 120
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100244
245ingress:
246 enabled: false
247
248persistence:
249 enabled: true
250 ## A manually managed Persistent Volume and Claim
251 ## Requires persistence.enabled: true
252 ## If defined, PVC must be created manually before volume will be bound
253 # existingClaim:
254 volumeReclaimPolicy: Retain
255 ## database data Persistent Volume Storage Class
256 ## If defined, storageClassName: <storageClass>
257 ## If set to "-", storageClassName: "", which disables dynamic provisioning
258 ## If undefined (the default) or set to null, no storageClassName spec is
259 ## set, choosing the default provisioner. (gp2 on AWS, standard on
260 ## GKE, AWS & OpenStack)
261 ##
262 # storageClass: "-"
263 accessMode: ReadWriteMany
264 size: 2Gi
265
266 mountPath: /dockerdata-nfs
267 mountSubPath: aai/aai-graphadmin
268 mountSubPath1: aai/migration
269
270resources:
271 small:
272 limits:
273 cpu: 2
274 memory: 4Gi
275 requests:
276 cpu: 0.5
277 memory: 1536Mi
278 large:
279 limits:
280 cpu: 4
281 memory: 8Gi
282 requests:
283 cpu: 1
284 memory: 2Gi
285 unlimited: {}
farida azmyd8937332021-03-09 12:20:42 +0200286
Sylvain Desbureauxc57b58d2021-02-23 18:07:34 +0100287# Not fully used for now
288securityContext:
289 user_id: *user_id
290 group_id: *group_id
291
farida azmyd8937332021-03-09 12:20:42 +0200292#Pods Service Account
293serviceAccount:
294 nameOverride: aai-graphadmin
295 roles:
296 - read
Maciej Wereskid523d122021-09-21 11:22:13 +0200297#Log configuration
298log:
299 path: /var/log/onap
300logConfigMapNamePrefix: '{{ include "common.fullname" . }}'