f70deefaff9a56f52cc18037bf922f6d16b55971
[oom.git] / kubernetes / a1policymanagement / values.yaml
1 ################################################################################
2 #   Copyright (c) 2020 Nordix Foundation.                                      #
3 #   Copyright © 2020 Samsung Electronics, Modifications                        #
4 #                                                                              #
5 #   Licensed under the Apache License, Version 2.0 (the "License");            #
6 #   you may not use this file except in compliance with the License.           #
7 #   You may obtain a copy of the License at                                    #
8 #                                                                              #
9 #       http://www.apache.org/licenses/LICENSE-2.0                             #
10 #                                                                              #
11 #   Unless required by applicable law or agreed to in writing, software        #
12 #   distributed under the License is distributed on an "AS IS" BASIS,          #
13 #   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
14 #   See the License for the specific language governing permissions and        #
15 #   limitations under the License.                                             #
16 ################################################################################
17 # Default values for Policy Management Service.
18 # This is a YAML-formatted file.
19 # Declare variables to be passed into your templates.
20
21 global:
22   nodePortPrefix: 302
23   persistence: {}
24
25 secrets:
26   - uid: controller-secret
27     type: basicAuth
28     externalSecret: '{{ tpl (default "" .Values.a1controller.credsExternalSecret) . }}'
29     login: '{{ .Values.a1controller.user }}'
30     password: '{{ .Values.a1controller.password }}'
31     passwordPolicy: required
32
33 #################################################################
34 # AAF part
35 #################################################################
36 certInitializer:
37   nameOverride: a1p-cert-initializer
38   aafDeployFqi: deployer@people.osaaf.org
39   aafDeployPass: demo123456!
40   # aafDeployCredsExternalSecret: some secret
41   fqdn: a1p
42   fqi: a1p@a1p.onap.org
43   public_fqdn: a1p.onap.org
44   cadi_longitude: "0.0"
45   cadi_latitude: "0.0"
46   app_ns: org.osaaf.aaf
47   credsPath: /opt/app/osaaf/local
48   fqi_namespace: org.onap.a1p
49   aaf_add_config: |
50     echo "*** changing them into shell safe ones"
51     export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
52     export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
53     cd {{ .Values.credsPath }}
54     keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
55       -storepass "${cadi_keystore_password_p12}" \
56       -keystore {{ .Values.fqi_namespace }}.p12
57     keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \
58       -storepass "${cadi_truststore_password}" \
59       -keystore {{ .Values.fqi_namespace }}.trust.jks
60     echo "*** save the generated passwords"
61     echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
62     echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop
63     echo "*** change ownership of certificates to targeted user"
64     chown -R 1000 .
65
66 image: onap/ccsdk-oran-a1policymanagementservice:1.3.0
67 userID: 1000 #Should match with image-defined user ID
68 groupID: 999 #Should match with image-defined group ID
69 pullPolicy: IfNotPresent
70 replicaCount: 1
71
72 service:
73   type: NodePort
74   name: a1policymanagement
75   both_tls_and_plain: true
76   ports:
77     - name: api
78       port: 8433
79       plain_port: 8081
80       port_protocol: http
81       nodePort: '94'
82
83 # SDNC Credentials are used here
84 a1controller:
85   user: admin
86   password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
87
88 sdncLink: https://sdnc.onap:8443
89 # The information about A1-Mediator/RICs can be added here.
90 # The A1 policy management service supports both STD & OSC versions.
91 # Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD  & OSC versions for A1 termination.
92 # Refer source code & run in docker container : https://gerrit.o-ran-sc.org/r/admin/repos/sim/a1-interface
93 # Refer it/dep repo for k8s deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep
94 # Example configuration:
95 #rics:
96 #  - name: ric1
97 #    link: http://ric1url.url.com:1111/
98 #    managedElementIds:
99 #      - kista1
100 #      - kista2
101 #  - name: ric2
102 #    link: http://ric2url.url.com:2222/
103 #    managedElementIds:
104 #      - kista3
105 #      - kista4
106 rics:
107 streamPublish: http://message-router:3904/events/A1-POLICY-AGENT-WRITE
108 streamSubscribe: http://message-router:3904/events/A1-POLICY-AGENT-READ/users/policy-agent?timeout=15000&limit=100
109
110 liveness:
111   port: api
112   initialDelaySeconds: 60
113   periodSeconds: 10
114 readiness:
115   port: api
116   initialDelaySeconds: 60
117   periodSeconds: 10
118
119 #Resource Limit flavor -By Default using small
120 flavor: small
121
122 resources:
123   small:
124     limits:
125       cpu: 2
126       memory: 300Mi
127     requests:
128       cpu: 1
129       memory: 150Mi
130   large:
131     limits:
132       cpu: 4
133       memory: 8Gi
134     requests:
135       cpu: 2
136       memory: 4Gi
137   unlimited: {}
138
139 ## Persist data to a persistent volume
140 persistence:
141   enabled: true
142
143   ## A manually managed Persistent Volume and Claim
144   ## Requires persistence.enabled: true
145   ## If defined, PVC must be created manually before volume will be bound
146   # existingClaim:
147   volumeReclaimPolicy: Retain
148
149   ## database data Persistent Volume Storage Class
150   ## If defined, storageClassName: <storageClass>
151   ## If set to "-", storageClassName: "", which disables dynamic provisioning
152   ## If undefined (the default) or set to null, no storageClassName spec is
153   ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
154   ##   GKE, AWS & OpenStack)
155   ##
156   # storageClass: "-"
157   accessMode: ReadWriteOnce
158   size: 2Gi
159   mountPath: /dockerdata-nfs
160   mountSubPath: nonrtric/policymanagementservice
161
162 #Pods Service Account
163 serviceAccount:
164   nameOverride: a1policymanagement
165   roles:
166     - read