blob: 2ec78c57c4ccc280ed56550aec5fbe024ee797a3 [file] [log] [blame]
Sylvain Desbureaux70070412020-11-09 21:58:48 +01001# Copyright (c) 2018 Amdocs, Bell Canada, AT&T
Sylvain Desbureaux5b651322020-12-07 15:34:15 +01002# Copyright (c) 2020 Nokia, Orange
Sylvain Desbureaux331f0042021-01-18 11:38:49 +01003# Modifications Copyright (c) 2021 Orange
Sylvain Desbureaux70070412020-11-09 21:58:48 +01004#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
17# Default values for resources.
18# This is a YAML-formatted file.
19# Declare variables to be passed into your templates.
20global: # global defaults
21 nodePortPrefix: 302
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010022 cassandra:
23 #Service Name of the cassandra cluster to connect to.
24 #Override it to aai-cassandra if localCluster is enabled.
25 serviceName: cassandra
26
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010027 # Specifies a list of jobs to be run
28 jobs:
29 # When enabled, it will create the schema based on oxm and edge rules
30 createSchema:
31 enabled: true
32 #migration using helm hooks
33 migration:
34 enabled: false
35
36 config:
37 # Specifies that the cluster connected to a dynamic
38 # cluster being spinned up by kubernetes deployment
39 cluster:
40 cassandra:
41 dynamic: true
42
43 # Specifies if the basic authorization is enabled
44 basic:
45 auth:
46 enabled: true
47 username: AAI
48 passwd: AAI
49
50 # Active spring profiles for the resources microservice
51 profiles:
roger yuana08006e2021-04-20 09:20:38 -060052 active: production,dmaap,aaf-auth #,keycloak
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010053
54 # Notification event specific properties
55 notification:
56 eventType: AAI-EVENT
57 domain: dev
58
59 # Schema specific properties that include supported versions of api
60 schema:
61 # Specifies if the connection should be one way ssl, two way ssl or no auth
62 service:
63 client: one-way-ssl
64 # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
65 translator:
66 list: schema-service
67 source:
68 # Specifies which folder to take a look at
69 name: onap
70 uri:
71 # Base URI Path of the application
72 base:
73 path: /aai
74 version:
75 # Current version of the REST API
76 api:
77 default: v21
78 # Specifies which version the depth parameter is configurable
79 depth: v11
80 # List of all the supported versions of the API
81 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21
82 # Specifies from which version related link should appear
83 related:
84 link: v11
85 # Specifies from which version the app root change happened
86 app:
87 root: v11
88 # Specifies from which version the xml namespace changed
89 namespace:
90 change: v12
91 # Specifies from which version the edge label appeared in API
92 edge:
93 label: v12
94
Sylvain Desbureaux5b651322020-12-07 15:34:15 +010095 # Specifies which clients should always default to realtime graph connection
96 realtime:
97 clients: SDNC,MSO,SO,robot-ete
Sylvain Desbureaux70070412020-11-09 21:58:48 +010098
Sylvain Desbureaux331f0042021-01-18 11:38:49 +010099api_list:
100 - 11
101 - 12
102 - 13
103 - 14
104 - 15
105 - 16
106 - 17
107 - 18
108 - 19
109
110aai_enpoints:
111 - name: aai-cloudInfrastructure
112 url: cloud-infrastructure
113 - name: aai-business
114 url: business
115 - name: aai-actions
116 url: actions
117 - name: aai-service-design-and-creation
118 url: service-design-and-creation
119 - name: aai-network
120 url: network
121 - name: aai-externalSystem
122 url: external-system
Sylvain Desbureauxb4e038d2020-12-15 12:00:26 +0100123#################################################################
124# Certificate configuration
125#################################################################
126certInitializer:
127 nameOverride: aai-resources-cert-initializer
128 aafDeployFqi: deployer@people.osaaf.org
129 aafDeployPass: demo123456!
130 # aafDeployCredsExternalSecret: some secret
131 fqdn: aai-resources
132 fqi: aai-resources@aai-resources.onap.org
133 public_fqdn: aai-resources.onap.org
134 cadi_longitude: "0.0"
135 cadi_latitude: "0.0"
136 app_ns: org.osaaf.aaf
137 credsPath: /opt/app/osaaf/local
138 fqi_namespace: org.onap.aai-resources
139 aaf_add_config: |
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200140 echo "*** changing them into shell safe ones"
141 export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
142 export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
143 cd {{ .Values.credsPath }}
144 keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
145 -storepass "${cadi_keystore_password_p12}" \
146 -keystore {{ .Values.fqi_namespace }}.p12
147 keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
148 -storepass "${cadi_truststore_password}" \
149 -keystore {{ .Values.fqi_namespace }}.trust.jks
Krzysztof Opasiak58807942021-04-02 08:56:15 +0200150 echo "*** save the generated passwords"
151 echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
152 echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
Sylvain Desbureaux6b83dab2021-02-23 16:03:21 +0100153 echo "*** change ownership of certificates to targeted user"
154 chown -R 1000 {{ .Values.credsPath }}
Sylvain Desbureaux331f0042021-01-18 11:38:49 +0100155
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100156# application image
Harish Venkata Kajur12091182021-02-25 13:21:54 -0500157image: onap/aai-resources:1.8.2
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100158pullPolicy: Always
159restartPolicy: Always
160flavor: small
161flavorOverride: small
162# default number of instances
163replicaCount: 1
M.Hosnidokht09523be2021-08-24 09:00:42 -0400164# the minimum number of seconds that a newly created Pod should be ready
165minReadySeconds: 30
166updateStrategy:
167 type: RollingUpdate
168 # The number of pods that can be unavailable during the update process
169 maxUnavailable: 0
170 # The number of pods that can be created above the desired amount of pods during an update
171 maxSurge: 1
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100172
173# Configuration for the resources deployment
174config:
roger yuana08006e2021-04-20 09:20:38 -0600175 # configure keycloak according to your environment.
176 # don't forget to add keycloak in active profiles above (global.config.profiles)
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100177 keycloak:
roger yuana08006e2021-04-20 09:20:38 -0600178 host: keycloak.your.domain
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100179 port: 8180
roger yuana08006e2021-04-20 09:20:38 -0600180 # Specifies a set of users, credentials, roles, and groups
181 realm: aai-resources
182 # Used by any client application for enabling fine-grained authorization for their protected resources
183 resource: aai-resources-app
184 # If set to true, additional criteria will be added that match the data-owner property with the given role
185 # to the user in keycloak
186 multiTenancy:
187 enabled: true
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100188
189 # Specifies crud related operation timeouts and overrides
190 crud:
191 timeout:
192 # Specifies if the timeout for REST GET calls should be enabled
193 enabled: true
194 # Specifies the timeout values for application specific
195 # Its a pipe seperated list where each element before comma represents
196 # the X-FromAppId and the comma after specifies the timeout limit in ms
197 # If the timeout limit is -1 then it means for these apps no timeout
198 appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAIRctFeed,-1|NewvceCreator,-1|IANewvceCreator,-1|AAI-CSIOVALS,-1
199 # Specifies what is the maximum timeout limit in milliseconds
200 limit: 100000
201
202 # Specifies configuration for bulk apis
203 bulk:
204 # Specifies for a bulk payload how many transactions in total allowed
205 limit: 30
206 # Specifies if the bulk can be override and if it can the value
207 override: false
208
209nodeSelector: {}
210
211affinity: {}
212
213# probe configuration parameters
214liveness:
215 initialDelaySeconds: 60
216 periodSeconds: 60
217 # necessary to disable liveness probe when setting breakpoints
218 # in debugger so K8s doesn't restart unresponsive container
219 enabled: false
220
221readiness:
222 initialDelaySeconds: 60
223 periodSeconds: 10
224
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100225service:
226 type: ClusterIP
227 portName: aai-resources-8447
228 internalPort: 8447
229 portName2: aai-resources-5005
230 internalPort2: 5005
M.Hosnidokht09523be2021-08-24 09:00:42 -0400231 terminationGracePeriodSeconds: 120
Sylvain Desbureaux70070412020-11-09 21:58:48 +0100232
233ingress:
234 enabled: false
235
236 # We usually recommend not to specify default resources and to leave this as a conscious
237 # choice for the user. This also increases chances charts run on environments with little
238 # resources, such as Minikube. If you do want to specify resources, uncomment the following
239 # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
240 #
241 # Example:
242 # Configure resource requests and limits
243 # ref: http://kubernetes.io/docs/user-guide/compute-resources/
244 # Minimum memory for development is 2 CPU cores and 4GB memory
245 # Minimum memory for production is 4 CPU cores and 8GB memory
246#resources:
247# limits:
248# cpu: 2
249# memory: 4Gi
250# requests:
251# cpu: 2
252# memory: 4Gi
253resources:
254 small:
255 limits:
256 cpu: 2
257 memory: 4Gi
258 requests:
259 cpu: 1
260 memory: 3Gi
261 large:
262 limits:
263 cpu: 4
264 memory: 8Gi
265 requests:
266 cpu: 2
267 memory: 4Gi
268 unlimited: {}
farida azmyd8937332021-03-09 12:20:42 +0200269
270#Pods Service Account
271serviceAccount:
272 nameOverride: aai-resources
273 roles:
274 - read