Gitiles
Code Review Sign In
gerrit.nordix.org / onap / oom / ad7cb4231c63130064eb174e419a300478041721 / . / kubernetes / policy / values.yaml
blob: 29603690b89129fffe3612808a6ff1d1b384408f [file] [log] [blame]
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]1# Copyright © 2017 Amdocs, Bell Canada
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]2# Modifications Copyright © 2018-2020 AT&T Intellectual Property
jhhd74fe9f2021-04-15 11:04:39 -0500[diff] [blame]3# Modifications Copyright (C) 2021 Nordix Foundation.
vaibhav_16dece04b2fe2018-03-22 09:07:12 +0000[diff] [blame]4#
5# Licensed under the Apache License, Version 2.0 (the "License");
6# you may not use this file except in compliance with the License.
7# You may obtain a copy of the License at
8#
9# http://www.apache.org/licenses/LICENSE-2.0
10#
11# Unless required by applicable law or agreed to in writing, software
12# distributed under the License is distributed on an "AS IS" BASIS,
13# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14# See the License for the specific language governing permissions and
15# limitations under the License.
16
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]17#################################################################
18# Global configuration defaults.
19#################################################################
20global:
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]21 aafEnabled: true
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]22 mariadb:
23 # '&mariadbConfig' means we "store" the values for later use in the file
24 # with '*mariadbConfig' pointer.
25 config: &mariadbConfig
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]26 mysqlDatabase: policyadmin
27 service: &mariadbService
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]28 name: &policy-mariadb policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]29 internalPort: 3306
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]30
31#################################################################
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]32# Secrets metaconfig
33#################################################################
34secrets:
35 - uid: db-root-password
36 name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
37 type: password
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]38 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
39 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]40 policy: generate
41 - uid: db-secret
42 name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
43 type: basicAuth
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]44 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}'
45 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
46 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]47 passwordPolicy: generate
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]48 - uid: policy-app-user-creds
49 name: &policyAppCredsSecret '{{ include "common.release" . }}-policy-app-user-creds'
50 type: basicAuth
51 externalSecret: '{{ tpl (default "" .Values.config.policyAppUserExternalSecret) . }}'
52 login: '{{ .Values.config.policyAppUserName }}'
53 password: '{{ .Values.config.policyAppUserPassword }}'
54 passwordPolicy: generate
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]55
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]56db: &dbSecretsHook
57 credsExternalSecret: *dbSecretName
58
59policy-api:
60 enabled: true
61 db: *dbSecretsHook
62policy-pap:
63 enabled: true
64 db: *dbSecretsHook
65policy-xacml-pdp:
66 enabled: true
67 db: *dbSecretsHook
68policy-apex-pdp:
69 enabled: true
70 db: *dbSecretsHook
71policy-drools-pdp:
72 enabled: true
73 db: *dbSecretsHook
74policy-distribution:
75 enabled: true
76 db: *dbSecretsHook
sebdet5c449882021-01-13 11:35:56 +0100[diff] [blame]77policy-clamp-be:
78 enabled: true
79 db: *dbSecretsHook
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]80 config:
81 appUserExternalSecret: *policyAppCredsSecret
sebdet5c449882021-01-13 11:35:56 +0100[diff] [blame]82policy-clamp-fe:
83 enabled: true
rameshiyer2701b8cc02021-09-21 15:07:50 +0100[diff] [blame]84policy-clamp-cl-k8s-ppnt:
85 enabled: true
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]86policy-nexus:
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]87 enabled: false
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]88policy-clamp-cl-runtime:
89 enabled: true
90 db: *dbSecretsHook
91 config:
92 appUserExternalSecret: *policyAppCredsSecret
ktimoneyb3aef7b2021-09-13 08:27:58 +0100[diff] [blame]93policy-gui:
94 enabled: true
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]95
Krzysztof Opasiak98a79cc2020-04-01 22:33:58 +0200[diff] [blame]96#################################################################
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]97# DB configuration defaults.
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]98#################################################################
jhhd4258672020-08-09 12:08:08 -0500[diff] [blame]99
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]100repository: nexus3.onap.org:10001
kerenj3b697f62017-08-23 11:21:21 +0000[diff] [blame]101pullPolicy: Always
Alexis de Talhouëtdf4db0b2017-12-11 08:36:25 -0500[diff] [blame]102
Sylvain Desbureaux7c8c6862020-11-19 18:02:37 +0100[diff] [blame]103mariadb:
104 image: mariadb:10.5.8
105
jhhd74fe9f2021-04-15 11:04:39 -0500[diff] [blame]106dbmigrator:
107 image: onap/policy-db-migrator:2.3.0
108 schema: policyadmin
109 policy_home: "/opt/app/policy"
110
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]111subChartsOnly:
112 enabled: true
BorislavG5f3b6192018-03-25 18:12:38 +0300[diff] [blame]113
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]114# flag to enable debugging - application support required
115debugEnabled: false
116
mayankg2703ced85142018-03-20 05:42:53 +0000[diff] [blame]117# default number of instances
118replicaCount: 1
119
120nodeSelector: {}
121
122affinity: {}
123
124# probe configuration parameters
125liveness:
126 initialDelaySeconds: 10
127 periodSeconds: 10
128 # necessary to disable liveness probe when setting breakpoints
129 # in debugger so K8s doesn't restart unresponsive container
130 enabled: true
131
132readiness:
133 initialDelaySeconds: 10
134 periodSeconds: 10
135
saul.gill7124a4b2021-09-09 12:02:49 +0100[diff] [blame]136
137config:
138 policyAppUserName: runtimeUser
139
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]140mariadb-galera:
141 # mariadb-galera.config and global.mariadb.config must be equals
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]142 db:
143 user: policy_user
144 # password:
145 externalSecret: *dbSecretName
146 name: &mysqlDbName policyadmin
147 rootUser:
148 externalSecret: *dbRootPassSecretName
149 nameOverride: *policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]150 # mariadb-galera.service and global.mariadb.service must be equals
151 service: *mariadbService
152 replicaCount: 1
153 persistence:
154 enabled: true
155 mountSubPath: policy/maria/data
Sylvain Desbureaux93a5b492020-11-27 11:07:42 +0100[diff] [blame]156 serviceAccount:
157 nameOverride: *policy-mariadb
Sylvain Desbureaux4898dc02019-11-14 13:35:13 +0100[diff] [blame]158
jhhbf8d8a92020-09-10 14:01:49 -0500[diff] [blame]159# Resource Limit flavor -By Default using small
160# Segregation for Different environment (small, large, or unlimited)
161flavor: small
162resources:
163 small:
164 limits:
165 cpu: 1
166 memory: 4Gi
167 requests:
168 cpu: 100m
169 memory: 1Gi
170 large:
171 limits:
172 cpu: 2
173 memory: 8Gi
174 requests:
175 cpu: 200m
176 memory: 2Gi
177 unlimited: {}
178
farida azmyc1178372021-04-11 12:55:33 +0200[diff] [blame]179#Pods Service Account
180serviceAccount:
181 nameOverride: policy
182 roles:
183 - read