Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / ec452b50a4a1ea0aa0e18836bfe80ca1dab20f1b / . / kubernetes / policy / values.yaml
blob: 957ffde2681b509af05d23656f81cf951bea09de [file] [log] [blame]
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]1# Copyright © 2017 Amdocs, Bell Canada
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]2# Modifications Copyright © 2018-2020 AT&T Intellectual Property
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]3# Modifications Copyright (C) 2021-2022 Nordix Foundation.
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]17#################################################################
18# Global configuration defaults.
19#################################################################
20global:
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]21 aafEnabled: true
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]22 mariadb:
23 # '&mariadbConfig' means we "store" the values for later use in the file
24 # with '*mariadbConfig' pointer.
25 config: &mariadbConfig
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]26 mysqlDatabase: policyadmin
27 service: &mariadbService
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]28 name: &policy-mariadb policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]29 internalPort: 3306
Rashmi Pujarec452b52022-04-21 12:29:14 -0400[diff] [blame^]30 prometheusEnabled: false
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]31
32#################################################################
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]33# Secrets metaconfig
34#################################################################
35secrets:
36 - uid: db-root-password
37 name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
38 type: password
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]39 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
40 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]41 policy: generate
42 - uid: db-secret
43 name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
44 type: basicAuth
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]45 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}'
46 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
47 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]48 passwordPolicy: generate
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]49 - uid: policy-app-user-creds
50 name: &policyAppCredsSecret '{{ include "common.release" . }}-policy-app-user-creds'
51 type: basicAuth
52 externalSecret: '{{ tpl (default "" .Values.config.policyAppUserExternalSecret) . }}'
53 login: '{{ .Values.config.policyAppUserName }}'
54 password: '{{ .Values.config.policyAppUserPassword }}'
55 passwordPolicy: generate
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]56 - uid: policy-pap-user-creds
57 name: &policyPapCredsSecret '{{ include "common.release" . }}-policy-pap-user-creds'
58 type: basicAuth
59 externalSecret: '{{ tpl (default "" .Values.restServer.policyPapUserExternalSecret) . }}'
60 login: '{{ .Values.restServer.policyPapUserName }}'
61 password: '{{ .Values.restServer.policyPapUserPassword }}'
62 passwordPolicy: required
63 - uid: policy-api-user-creds
64 name: &policyApiCredsSecret '{{ include "common.release" . }}-policy-api-user-creds'
65 type: basicAuth
66 externalSecret: '{{ tpl (default "" .Values.restServer.policyApiUserExternalSecret) . }}'
67 login: '{{ .Values.restServer.policyApiUserName }}'
68 password: '{{ .Values.restServer.policyApiUserPassword }}'
69 passwordPolicy: required
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]70
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]71db: &dbSecretsHook
72 credsExternalSecret: *dbSecretName
73
74policy-api:
75 enabled: true
76 db: *dbSecretsHook
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]77 restServer:
78 apiUserExternalSecret: *policyApiCredsSecret
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]79policy-pap:
80 enabled: true
81 db: *dbSecretsHook
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]82 restServer:
83 papUserExternalSecret: *policyPapCredsSecret
84 apiUserExternalSecret: *policyApiCredsSecret
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]85policy-xacml-pdp:
86 enabled: true
87 db: *dbSecretsHook
88policy-apex-pdp:
89 enabled: true
90 db: *dbSecretsHook
91policy-drools-pdp:
92 enabled: true
93 db: *dbSecretsHook
94policy-distribution:
95 enabled: true
96 db: *dbSecretsHook
sebdet5c449882021-01-13 11:35:56 +0100[diff] [blame]97policy-clamp-be:
98 enabled: true
99 db: *dbSecretsHook
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]100 config:
101 appUserExternalSecret: *policyAppCredsSecret
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]102policy-clamp-ac-k8s-ppnt:
rameshiyer2701b8cc02021-09-21 15:07:50 +0100[diff] [blame]103 enabled: true
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]104policy-clamp-ac-pf-ppnt:
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]105 enabled: true
106 restServer:
107 apiUserExternalSecret: *policyApiCredsSecret
108 papUserExternalSecret: *policyPapCredsSecret
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]109policy-clamp-ac-http-ppnt:
rameshiyer273c3402d2021-09-21 15:14:39 +0100[diff] [blame]110 enabled: true
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]111policy-nexus:
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]112 enabled: false
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]113policy-clamp-runtime-acm:
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]114 enabled: true
115 db: *dbSecretsHook
116 config:
117 appUserExternalSecret: *policyAppCredsSecret
ktimoneyb3aef7b2021-09-13 08:27:58 +0100[diff] [blame]118policy-gui:
119 enabled: true
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]120
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]121#################################################################
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]122# DB configuration defaults.
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]123#################################################################
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]124
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]125repository: nexus3.onap.org:10001
kerenj3b697f62017-08-23 11:21:21 +0000[diff] [blame]126pullPolicy: Always
Alexis de Talhouëtdf4db0b2017-12-11 08:36:25 -0500[diff] [blame]127
Sylvain Desbureaux7c8c6862020-11-19 18:02:37 +0100[diff] [blame]128mariadb:
129 image: mariadb:10.5.8
130
jhhd74fe9f2021-04-15 11:04:39 -0500[diff] [blame]131dbmigrator:
a.sreekumar2f377362022-02-09 12:40:57 +0000[diff] [blame]132 image: onap/policy-db-migrator:2.4.1
jhhd74fe9f2021-04-15 11:04:39 -0500[diff] [blame]133 schema: policyadmin
134 policy_home: "/opt/app/policy"
135
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]136subChartsOnly:
137 enabled: true
BorislavG5f3b6192018-03-25 18:12:38 +0300[diff] [blame]138
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]139# flag to enable debugging - application support required
140debugEnabled: false
141
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]142# default number of instances
143replicaCount: 1
144
145nodeSelector: {}
146
147affinity: {}
148
149# probe configuration parameters
150liveness:
151 initialDelaySeconds: 10
152 periodSeconds: 10
153 # necessary to disable liveness probe when setting breakpoints
154 # in debugger so K8s doesn't restart unresponsive container
155 enabled: true
156
157readiness:
158 initialDelaySeconds: 10
159 periodSeconds: 10
160
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]161
162config:
163 policyAppUserName: runtimeUser
164
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]165mariadb-galera:
166 # mariadb-galera.config and global.mariadb.config must be equals
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]167 db:
168 user: policy_user
169 # password:
170 externalSecret: *dbSecretName
171 name: &mysqlDbName policyadmin
172 rootUser:
173 externalSecret: *dbRootPassSecretName
174 nameOverride: *policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]175 # mariadb-galera.service and global.mariadb.service must be equals
176 service: *mariadbService
177 replicaCount: 1
178 persistence:
179 enabled: true
180 mountSubPath: policy/maria/data
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]181 serviceAccount:
182 nameOverride: *policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]183
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]184restServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]185 policyPapUserName: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]186 policyPapUserPassword: zb!XztG34
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]187 policyApiUserName: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]188 policyApiUserPassword: zb!XztG34
189
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]190# Resource Limit flavor -By Default using small
191# Segregation for Different environment (small, large, or unlimited)
192flavor: small
193resources:
194 small:
195 limits:
196 cpu: 1
197 memory: 4Gi
198 requests:
199 cpu: 100m
200 memory: 1Gi
201 large:
202 limits:
203 cpu: 2
204 memory: 8Gi
205 requests:
206 cpu: 200m
207 memory: 2Gi
208 unlimited: {}
209
farida azmyc1178372021-04-11 12:55:33 +0200[diff] [blame]210#Pods Service Account
211serviceAccount:
212 nameOverride: policy
213 roles:
214 - read