kubernetes/aai/values.yaml

# Copyright (c) 2017 Amdocs, Bell Canada
# Modifications Copyright (c) 2018 AT&T
# Modifications Copyright (c) 2020 Nokia, Orange
# Modifications Copyright (c) 2021 Orange
# Modifications Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#       http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

# Default values for aai.
# This is a YAML-formatted file.
# Declare variables to be passed into your templates.
global: # global defaults
  nodePortPrefix: 302
  repository: nexus3.onap.org:10001
  dockerhubRepository: docker.io
  busyboxImage: busybox

  readinessImage: onap/oom/readiness:3.0.1

  loggingRepository: docker.elastic.co
  loggingImage: beats/filebeat:5.5.0

  restartPolicy: Always

  msbEnabled: false
  centralizedLoggingEnabled: false

  cassandra:
    #This will instantiate AAI cassandra cluster, default:shared cassandra.
    localCluster: false

    #Service Name of the cassandra cluster to connect to.
    #Override it to aai-cassandra if localCluster is enabled.
    #in case of using k8ssandra-operator in the common cassandra installation
    #the service name is:
    serviceName: cassandra-dc1-service
    #in case of local k8ssandra-operator instance it is
    #serviceName: aai-cassandra-dc1-service
    #in case the older cassandra installation is used:
    #serviceName: cassandra

    #This should be same as shared cassandra instance or if localCluster is enabled
    #then it should be same as aai-cassandra replicaCount
    replicas: 3

    #Cassanara login details
    username: cassandra
    password: cassandra

  aai:
    serviceName: aai
  babel:
    serviceName: aai-babel
  aaiElasticsearch:
    serviceName: aai-elasticsearch
  resources:
    serviceName: aai-resources
  sparkyBe:
    serviceName: aai-sparky-be
  modelloader:
    serviceName: aai-modelloader
  searchData:
    serviceName: aai-search-data
  traversal:
    serviceName: aai-traversal
  graphadmin:
    serviceName: aai-graphadmin

  initContainers:
    enabled: true
  # Specifies a list of jobs to be run
  jobs:
    # When enabled, it will create the schema based on oxm and edge rules
    createSchema:
      enabled: true
    # When enabled, it will create the widget models via REST API to haproxy
    updateQueryData:
      enabled: true
    #migration using helm hooks
    migration:
      enabled: false
      remoteCassandra:
        enabled: false
        storage:
          backend: cassandra
          hostname: 10.10.10.10
          connectionTimeout: 100000
          cacheSize: 1000000
          keyConsistent: true

          #If backend is cql or cassandra it should be keyspace name
          #else backend is hbase it should be hbase table name
          name: aaigraph

       ## CQL driver specific properties for janusgraph
       #  cql:
       #    #Name of the Cassandra Cluster
       #    cluster: someclustername
       #    readConsistency: QUORUM
       #    writeConsistency: QUORUM
       #    replicationFactor: 3
       #    localConsistencyForSysOps: true

       ## Cassandra driver specific properties for janusgraph
          cassandra:
            #Name of the Cassandra Cluster
            clusterName: aai-cluster
            localDataCenter: Pod lab
            readConsistency: LOCAL_QUORUM
            writeConsistency: LOCAL_QUORUM
            replicationFactor: 3

        #storage:
        #  backend: cassandra
        #  hostname: somehost1,somehost2,somehost3
        #  connectionTimeout: 100000
        #  cacheSize: 1000000
        #  clusterName: someClusterName
        #  localDataCenter: someDataCenter
        #  keyConsistent: true
        #  #If backend is cql or cassandra it should be keyspace name
        #  #else backend is hbase it should be hbase table name
        #  name: your_hbase_table_or_keyspace_name

        ## CQL driver specific properties for janusgraph
        #  cql:
        #    #Name of the Cassandra Cluster
        #    cluster: someclustername
        #    readConsistency: QUORUM
        #    writeConsistency: QUORUM
        #    replicationFactor: 3
        #    localConsistencyForSysOps: true

        ## Cassandra driver specific properties for janusgraph
        #  cassandra:
        #    #Name of the Cassandra Cluster
        #    cluster: someclustername
        #    readConsistency: LOCAL_QUORUM
        #    writeConsistency: LOCAL_QUORUM
        #    replicationFactor: 3


  # Common configuration for resources traversal and graphadmin
  config:
    # User information for the admin user in container
    userId: 1000
    groupId: 1000

    # Specifies that the cluster connected to a dynamic
    # cluster being spinned up by kubernetes deployment
    cluster:
      cassandra:
        dynamic: true

    # If cluster.cassandra.dynamic is set to false
    # Then the following configuration should be uncommented
    # This is if you are planning to connect to a existing
    # Cassandra cluster instead of doing the deployment
    #storage:
    #  backend: cassandra
    #  hostname: somehost1,somehost2,somehost3
    #  connectionTimeout: 100000
    #  cacheSize: 1000000
    #  clusterName: someClusterName
    #  localDataCenter: someDataCenter
    #  keyConsistent: true
    #  # If backend is cql or cassandra it should be keyspace name
    #  # else backend is hbase it should be hbase table name
    #  name: your_hbase_table_or_keyspace_name

    #  # CQL driver specific properties for janusgraph
    #  cql:
    #    # Name of the Cassandra Cluster
    #    cluster: someclustername
    #    readConsistency: QUORUM
    #    writeConsistency: QUORUM
    #    replicationFactor: 3
    #    localConsistencyForSysOps: true

    #  # Cassandra driver specific properties for janusgraph
    #  cassandra:
    #    # Name of the Cassandra Cluster
    #    cluster: someclustername
    #    readConsistency: LOCAL_QUORUM
    #    writeConsistency: LOCAL_QUORUM
    #    replicationFactor: 3

    # Specifies if the basic authorization is enabled
    basic:
      auth:
        enabled: true
        username: AAI
        passwd: AAI

    # Active spring profiles for the resources microservice
    # aaf-auth profile will be automatically set if aaf enabled is set to true
    profiles:
      active: production,dmaap #,aaf-auth

    # Notification event specific properties
    notification:
      eventType: AAI-EVENT
      domain: dev

    # Schema specific properties that include supported versions of api
    schema:
      # Specifies if the connection should be one way ssl, two way ssl or no auth
      # will be set to no-auth if tls is disabled
      service:
        client: no-auth
      # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
      translator:
        list: schema-service
      source:
        # Specifies which folder to take a look at
        name: onap
      uri:
        # Base URI Path of the application
        base:
          path: /aai
      version:
        # Current version of the REST API
        api:
          default: v27
        # Specifies which version the depth parameter is configurable
        depth: v11
        # List of all the supported versions of the API
        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
        # Specifies from which version related link should appear
        related:
          link: v11
        # Specifies from which version the app root change happened
        app:
          root: v11
        # Specifies from which version the xml namespace changed
        namespace:
          change: v12
        # Specifies from which version the edge label appeared in API
        edge:
          label: v12

    # Keystore configuration password and filename
    keystore:
      filename: aai_keystore
      passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit

    # Truststore configuration password and filename
    truststore:
      filename: aai_keystore
      passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit

    # Specifies a list of files to be included in auth volume
    auth:
      files:
        - aai_keystore

    # Specifies which clients should always default to realtime graph connection
    realtime:
      clients: SDNC,MSO,SO,robot-ete

    # Logback debug enabled
    logback:
      console:
        # If enabled, container will print all logback to standard output
        # This will make debugging much easier but it should only be done
        # when debugging the issue and changed back as it can affect performance
        # since when this is enabled, it prints a lot of information to console
        enabled: false

aai-babel:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-graphadmin:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-modelloader:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-resources:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-schema-service:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-sparky-be:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'
aai-traversal:
  logConfigMapNamePrefix: '{{ include "common.release" . }}-aai'

# application image
dockerhubRepository: registry.hub.docker.com
image: onap/aai-haproxy:1.11.0
pullPolicy: Always

flavor: small
flavorOverride: small

# flag to enable debugging - application support required
debugEnabled: false

# application configuration
config:
  logstashServiceName: log-ls
  logstashPort: 5044

# default number of instances
replicaCount: 1

updateStrategy:
  type: RollingUpdate
  maxUnavailable: 0
  maxSurge: 1

nodeSelector: {}

affinity: {}

# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns
haproxy:
  initContainers:
    resources:
      memory: 100Mi
      cpu: 50m
  requestBlocking:
    enabled: false
    customConfigs: []
  replicas:
    aaiResources: 1
    aaiTraversal: 1

# probe configuration parameters
liveness:
  initialDelaySeconds: 10
  periodSeconds: 10
  # necessary to disable liveness probe when setting breakpoints
  # in debugger so K8s doesn't restart unresponsive container
  enabled: true

#This section is used when localCluster is enabled. AAI will create its own cassandra cluster for its specific use.
#Below command will instantiate the aai cassandra instances:
#helm deploy demo local/onap --version=4.0.0 --namespace onap --set aai.enabled=true \
#                            --set aai.global.cassandra.localCluster=true \
#                            --set aai.global.cassandra.serviceName=aai-cassandra
cassandra:
  nameOverride: aai-cassandra
  serviceAccount:
    nameOverride: aai-cassandra
  replicaCount: 3
  service:
    name: aai-cassandra
  persistence:
    mountSubPath: aai/cassandra
    enabled: true
  k8ssandraOperator:
    enabled: false
    config:
      clusterName: aai-cassandra

readiness:
  initialDelaySeconds: 10
  periodSeconds: 10

service:
  type: NodePort
  portName: http
  externalPort: 80
  internalPort: 8080
  nodePort: 33
  sessionAffinity: None

metricsService:
  type: ClusterIP
  portName: http-pro
  externalPort: 8448
  internalPort: 8448

metrics:
  serviceMonitor:
    enabled: false
    targetPort: 8448
    path: /metrics
    basicAuth:
      enabled: false

    selector:
      app: '{{ include "common.name" . }}-metrics'
      chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
      release: '{{ include "common.release" . }}'
      heritage: '{{ .Release.Service }}'

    relabelings: []

    metricRelabelings: []

ingress:
  enabled: false
  service:
    - baseaddr: "aai-api"
      name: "aai"
      port: 80
      config:
       ssl: "redirect"

serviceMesh:
  authorizationPolicy:
    authorizedPrincipalsMetrics: []
    authorizedPrincipals:
      - serviceAccount: aai-graphadmin-read
      - serviceAccount: aai-modelloader-read
      - serviceAccount: aai-resources-read
      - serviceAccount: aai-schema-service-read
      - serviceAccount: aai-traversal-read
      - serviceAccount: cds-blueprints-processor-read
      - serviceAccount: consul-read
      - serviceAccount: dcae-prh-read
      - serviceAccount: dcae-slice-analysis-ms-read
      - serviceAccount: dcae-tcagen2
      - serviceAccount: nbi-read
      - serviceAccount: sdnc-read
      - serviceAccount: so-read
      - serviceAccount: so-bpmn-infra-read
      - serviceAccount: so-cnf-adapter-read
      - serviceAccount: so-nssmf-adapter-read
      - serviceAccount: so-etsi-nfvo-ns-lcm-read
      - serviceAccount: so-etsi-sol003-adapter-read
      - serviceAccount: so-openstack-adapter-read
      - serviceAccount: so-sdc-controller-read
      - serviceAccount: so-ve-vnfm-adapter
      - serviceAccount: istio-ingress
        namespace: istio-ingress

resources:
  small:
    limits:
      cpu: 999
      memory: 4Gi
    requests:
      cpu: 1
      memory: 1.2Gi
  large:
    limits:
      cpu: 999
      memory: 8Gi
    requests:
      cpu: 2
      memory: 2.4Gi
  unlimited: {}

#Pods Service Account
serviceAccount:
  nameOverride: aai
  roles:
    - read