Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / ee119102020f1dc6044f686c748a37ff0e7487de / . / kubernetes / policy / values.yaml
blob: f01160fc87955ec9bb9bf3de1c4106bb6d7c72ff [file] [log] [blame]
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]1# Copyright © 2017 Amdocs, Bell Canada
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]2# Modifications Copyright © 2018-2020 AT&T Intellectual Property
efiacorab235f42023-02-15 11:51:52 +0000[diff] [blame]3# Modifications Copyright (C) 2021-2023 Nordix Foundation.
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]17#################################################################
18# Global configuration defaults.
19#################################################################
20global:
Andreas Geisslerfd5b5962024-01-23 11:26:47 +0100[diff] [blame]21 mariadbGalera:
22 # flag to enable the DB creation via mariadb-operator
23 useOperator: true
24 # if useOperator set to "true", set "enableServiceAccount to "false"
25 # as the SA is created by the Operator
26 enableServiceAccount: false
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]27 localCluster: true
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]28 # '&mariadbConfig' means we "store" the values for later use in the file
29 # with '*mariadbConfig' pointer.
30 config: &mariadbConfig
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]31 mysqlDatabase: policyadmin
32 service: &mariadbService
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]33 name: &policy-mariadb policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]34 internalPort: 3306
Andreas Geisslerfd5b5962024-01-23 11:26:47 +0100[diff] [blame]35 nameOverride: *policy-mariadb
36 # (optional) if localCluster=false and an external secret is used set this variable
37 #userRootSecret: <secretName>
Rashmi Pujarec452b52022-04-21 12:29:14 -0400[diff] [blame]38 prometheusEnabled: false
waynedunican368aced2022-02-15 08:27:57 +0000[diff] [blame]39 postgres:
40 localCluster: false
41 service:
42 name: pgset
43 name2: tcp-pgset-primary
44 name3: tcp-pgset-replica
45 container:
46 name: postgres
rameshiyer27bc8a6a42024-03-11 17:18:11 +0000[diff] [blame]47 kafkaBootstrap: strimzi-kafka-bootstrap:9092
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]48 policyKafkaUser: policy-kafka-user
efiacor6910bbe2023-03-03 14:53:16 +0000[diff] [blame]49 kafkaTopics:
50 acRuntimeTopic:
51 name: policy.clamp-runtime-acm
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]52#################################################################
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]53# Secrets metaconfig
54#################################################################
55secrets:
56 - uid: db-root-password
57 name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
58 type: password
Andreas Geisslerfd5b5962024-01-23 11:26:47 +0100[diff] [blame]59 externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
60 ternary (( hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
61 ternary
62 ""
63 (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .)
64 )
65 ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
66 ternary
67 .Values.global.mariadbGalera.userRootSecret
68 (include "common.mariadb.secret.rootPassSecretName"
69 (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
70 )
71 ) }}'
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]72 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]73 policy: generate
74 - uid: db-secret
75 name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
76 type: basicAuth
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]77 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}'
78 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
79 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]80 passwordPolicy: generate
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]81 - uid: policy-app-user-creds
82 name: &policyAppCredsSecret '{{ include "common.release" . }}-policy-app-user-creds'
83 type: basicAuth
84 externalSecret: '{{ tpl (default "" .Values.config.policyAppUserExternalSecret) . }}'
85 login: '{{ .Values.config.policyAppUserName }}'
86 password: '{{ .Values.config.policyAppUserPassword }}'
87 passwordPolicy: generate
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]88 - uid: policy-pap-user-creds
89 name: &policyPapCredsSecret '{{ include "common.release" . }}-policy-pap-user-creds'
90 type: basicAuth
91 externalSecret: '{{ tpl (default "" .Values.restServer.policyPapUserExternalSecret) . }}'
92 login: '{{ .Values.restServer.policyPapUserName }}'
93 password: '{{ .Values.restServer.policyPapUserPassword }}'
94 passwordPolicy: required
95 - uid: policy-api-user-creds
96 name: &policyApiCredsSecret '{{ include "common.release" . }}-policy-api-user-creds'
97 type: basicAuth
98 externalSecret: '{{ tpl (default "" .Values.restServer.policyApiUserExternalSecret) . }}'
99 login: '{{ .Values.restServer.policyApiUserName }}'
100 password: '{{ .Values.restServer.policyApiUserPassword }}'
101 passwordPolicy: required
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]102
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]103db: &dbSecretsHook
104 credsExternalSecret: *dbSecretName
105
106policy-api:
107 enabled: true
108 db: *dbSecretsHook
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]109 restServer:
110 apiUserExternalSecret: *policyApiCredsSecret
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]111 config:
112 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]113policy-pap:
114 enabled: true
115 db: *dbSecretsHook
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]116 restServer:
117 papUserExternalSecret: *policyPapCredsSecret
118 apiUserExternalSecret: *policyApiCredsSecret
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]119 config:
120 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]121policy-xacml-pdp:
122 enabled: true
123 db: *dbSecretsHook
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]124 config:
125 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]126policy-apex-pdp:
127 enabled: true
128 db: *dbSecretsHook
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]129 config:
130 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]131policy-drools-pdp:
rameshiyer27bc8a6a42024-03-11 17:18:11 +0000[diff] [blame]132 enabled: false
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]133 db: *dbSecretsHook
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]134 config:
135 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]136policy-distribution:
137 enabled: true
138 db: *dbSecretsHook
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]139policy-clamp-ac-k8s-ppnt:
rameshiyer2701b8cc02021-09-21 15:07:50 +0100[diff] [blame]140 enabled: true
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]141policy-clamp-ac-pf-ppnt:
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]142 enabled: true
143 restServer:
144 apiUserExternalSecret: *policyApiCredsSecret
145 papUserExternalSecret: *policyPapCredsSecret
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]146policy-clamp-ac-http-ppnt:
rameshiyer273c3402d2021-09-21 15:14:39 +0100[diff] [blame]147 enabled: true
aravind.est8d728302022-12-07 12:26:28 +0000[diff] [blame]148policy-clamp-ac-a1pms-ppnt:
149 enabled: true
aravind.est0879dfc2023-02-22 09:05:50 +0000[diff] [blame]150policy-clamp-ac-kserve-ppnt:
151 enabled: true
FrancescoFioraEst9c79e262022-02-22 13:12:19 +0000[diff] [blame]152policy-clamp-runtime-acm:
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]153 enabled: true
154 db: *dbSecretsHook
155 config:
156 appUserExternalSecret: *policyAppCredsSecret
efiacor6910bbe2023-03-03 14:53:16 +0000[diff] [blame]157policy-nexus:
158 enabled: false
159 config:
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]160 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
ktimoneyb3aef7b2021-09-13 08:27:58 +0100[diff] [blame]161policy-gui:
amatthews736bf372021-12-14 16:04:15 +0000[diff] [blame]162 enabled: false
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]163 config:
164 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]165
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]166#################################################################
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]167# DB configuration defaults.
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]168#################################################################
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]169
jhhd74fe9f2021-04-15 11:04:39 -0500[diff] [blame]170dbmigrator:
saul.gill99649272023-12-12 16:14:52 +0000[diff] [blame]171 image: onap/policy-db-migrator:3.1.0
jhhd74fe9f2021-04-15 11:04:39 -0500[diff] [blame]172 schema: policyadmin
173 policy_home: "/opt/app/policy"
174
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]175subChartsOnly:
176 enabled: true
BorislavG5f3b6192018-03-25 18:12:38 +0300[diff] [blame]177
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]178# flag to enable debugging - application support required
179debugEnabled: false
180
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]181# default number of instances
182replicaCount: 1
183
184nodeSelector: {}
185
186affinity: {}
187
188# probe configuration parameters
189liveness:
190 initialDelaySeconds: 10
191 periodSeconds: 10
192 # necessary to disable liveness probe when setting breakpoints
193 # in debugger so K8s doesn't restart unresponsive container
194 enabled: true
195
196readiness:
197 initialDelaySeconds: 10
198 periodSeconds: 10
199
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]200
201config:
202 policyAppUserName: runtimeUser
Sirisha_Manchikanti73c5f002022-07-25 17:04:45 +0100[diff] [blame]203 policyPdpPapTopic:
204 name: policy-pdp-pap
205 partitions: 10
206 retentionMs: 7200000
207 segmentBytes: 1073741824
208 consumer:
209 groupId: policy-group
210 policyHeartbeatTopic:
211 name: policy-heartbeat
212 partitions: 10
213 retentionMs: 7200000
214 segmentBytes: 1073741824
215 consumer:
216 groupId: policy-group
217 policyNotificationTopic:
218 name: policy-notification
219 partitions: 10
220 retentionMs: 7200000
221 segmentBytes: 1073741824
222 consumer:
223 groupId: policy-group
Sirisha_Manchikantib402a592022-09-09 12:01:20 +0100[diff] [blame]224 someConfig: blah
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]225
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]226mariadb-galera:
Andreas Geisslerfd5b5962024-01-23 11:26:47 +0100[diff] [blame]227 # mariadb-galera.config and global.mariadbGalera.config must be equals
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]228 db:
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]229 user: policy-user
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]230 # password:
231 externalSecret: *dbSecretName
232 name: &mysqlDbName policyadmin
233 rootUser:
234 externalSecret: *dbRootPassSecretName
235 nameOverride: *policy-mariadb
Andreas Geisslerfd5b5962024-01-23 11:26:47 +0100[diff] [blame]236 # mariadb-galera.service and global.mariadbGalera.service must be equals
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]237 service: *mariadbService
238 replicaCount: 1
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]239 mariadbOperator:
240 galera:
241 enabled: false
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]242 persistence:
243 enabled: true
244 mountSubPath: policy/maria/data
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]245 serviceAccount:
246 nameOverride: *policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]247
waynedunican368aced2022-02-15 08:27:57 +0000[diff] [blame]248postgresImage: library/postgres:latest
249# application configuration override for postgres
250postgres:
251 nameOverride: &postgresName policy-postgres
252 service:
253 name: *postgresName
254 name2: policy-pg-primary
255 name3: policy-pg-replica
256 container:
257 name:
258 primary: policy-pg-primary
259 replica: policy-pg-replica
260 persistence:
261 mountSubPath: policy/postgres/data
262 mountInitPath: policy
263 config:
Andreas Geisslercfd84342023-08-16 17:18:49 +0200[diff] [blame]264 pgUserName: policy-user
waynedunican368aced2022-02-15 08:27:57 +0000[diff] [blame]265 pgDatabase: policyadmin
saul.gillef208b02023-04-26 16:16:05 +0100[diff] [blame]266 pgUserExternalSecret: *dbSecretName
267 pgRootPasswordExternalSecret: *dbRootPassSecretName
waynedunican368aced2022-02-15 08:27:57 +0000[diff] [blame]268
269readinessCheck:
Andreas Geissleree119102024-04-11 13:53:39 +0200[diff] [blame^]270 wait_for_postgres:
271 services:
272 - '{{ .Values.global.postgres.service.name2 }}'
273 wait_for_mariadb:
274 services:
275 - '{{ include "common.mariadbService" . }}'
waynedunican368aced2022-02-15 08:27:57 +0000[diff] [blame]276
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]277restServer:
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]278 policyPapUserName: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]279 policyPapUserPassword: zb!XztG34
adheli.tavaresf3656cd2021-11-10 14:54:32 +0000[diff] [blame]280 policyApiUserName: policyadmin
rameshiyer27ff176652021-09-21 15:19:05 +0100[diff] [blame]281 policyApiUserPassword: zb!XztG34
282
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]283# Resource Limit flavor -By Default using small
284# Segregation for Different environment (small, large, or unlimited)
285flavor: small
286resources:
287 small:
288 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]289 cpu: "1"
290 memory: "4Gi"
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]291 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]292 cpu: "100m"
293 memory: "1Gi"
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]294 large:
295 limits:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]296 cpu: "2"
297 memory: "8Gi"
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]298 requests:
Andreas Geissler47537432024-02-27 08:55:23 +0100[diff] [blame]299 cpu: "200m"
300 memory: "2Gi"
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]301 unlimited: {}
302
farida azmyc1178372021-04-11 12:55:33 +0200[diff] [blame]303#Pods Service Account
304serviceAccount:
305 nameOverride: policy
306 roles:
307 - read