1 # Copyright (c) 2018 Amdocs, Bell Canada, AT&T
2 # Modifications Copyright (c) 2020 Nokia
3 # Modifications Copyright (c) 2021 Orange
4 # Modifications Copyright © 2023 Nordix Foundation
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
18 # Default values for traversal.
19 # This is a YAML-formatted file.
20 # Declare variables to be passed into your templates.
21 global: # global defaults
23 kafkaBootstrap: strimzi-kafka-bootstrap
24 aaiTravKafkaUser: aai-trav-kafka-user
26 #Service Name of the cassandra cluster to connect to.
27 #Override it to aai-cassandra if localCluster is enabled.
28 serviceName: cassandra
30 # Specifies a list of jobs to be run
32 # When enabled, it will create the schema based on oxm and edge rules
35 # When enabled, it will create the widget models via REST API to haproxy
38 #migration using helm hooks
42 # Common configuration for resources traversal and graphadmin
44 # User information for the admin user in container
48 # Specifies that the cluster connected to a dynamic
49 # cluster being spinned up by kubernetes deployment
54 # Specifies if the basic authorization is enabled
61 # Active spring profiles for the resources microservice
63 active: production,kafka
65 # Notification event specific properties
70 # Schema specific properties that include supported versions of api
72 # Specifies if the connection should be one way ssl, two way ssl or no auth
75 # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
79 # Specifies which folder to take a look at
82 # Base URI Path of the application
86 # Current version of the REST API
89 # Specifies which version the depth parameter is configurable
91 # List of all the supported versions of the API
92 list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27,v28
93 # Specifies from which version related link should appear
96 # Specifies from which version the app root change happened
99 # Specifies from which version the xml namespace changed
102 # Specifies from which version the edge label appeared in API
106 # Specifies which clients should always default to realtime graph connection
108 clients: SDNC,MSO,SO,robot-ete
109 kafkaBootstrap: strimzi-kafka-bootstrap
110 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.aaiTravKafkaUser }}'
115 image: onap/aai-traversal:1.13.4
117 restartPolicy: Always
119 flavorOverride: small
120 # the minimum number of seconds that a newly created Pod should be ready
124 # The number of pods that can be unavailable during the update process
126 # The number of pods that can be created above the desired amount of pods during an update
141 - name: aai-generic-query
142 url: search/generic-query
143 - name: aai-nodes-query
144 url: search/nodes-query
148 # application configuration
150 # configure keycloak according to your environment.
151 # don't forget to add keycloak in active profiles above (global.config.profiles)
153 host: keycloak.your.domain
155 # Specifies a set of users, credentials, roles, and groups
157 # Used by any client application for enabling fine-grained authorization for their protected resources
158 resource: aai-traversal-app
159 # If set to true, additional criteria will be added into traversal query to returns all the vertices that match
160 # the data-owner property with the given role to the user in keycloak
165 # enable when running read-heavy workloads
166 # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache
167 # modifications to graph done by other services (resources) will only be visible
168 # after time specified in db-cache-time
170 # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching
171 dbCacheTime: 180000 # in milliseconds
172 dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running
173 dbCacheCleanWait: 20 # in milliseconds
176 # Specifies timeout information such as application specific and limits
178 # If set to true application will timeout for queries taking longer than limit
180 # Specifies which apps (X-FromAppId) header should get overridden and (-1) no timeout
181 appspecific: JUNITTESTAPP1,1|JUNITTESTAPP2,-1|DCAE-CCS,-1|DCAES,-1|AAI-FILEGEN-GFPIP,-1
182 # Specifies how long should it wait before timing out the REST request
185 # environment variables added to the launch of the image in deployment
187 MIN_HEAP_SIZE: "512m"
188 MAX_HEAP_SIZE: "1024m"
189 MAX_METASPACE_SIZE: "512m"
191 # adds jvm args for remote debugging the application
194 args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
196 # adds jvm args for remote profiling the application
200 - "-Dcom.sun.management.jmxremote"
201 - "-Dcom.sun.management.jmxremote.ssl=false"
202 - "-Dcom.sun.management.jmxremote.authenticate=false"
203 - "-Dcom.sun.management.jmxremote.local.only=false"
204 - "-Dcom.sun.management.jmxremote.port=9999"
205 - "-Dcom.sun.management.jmxremote.rmi.port=9999"
206 - "-Djava.rmi.server.hostname=127.0.0.1"
208 # Disables the updateQueryData script to run as part of traversal
209 disableUpdateQuery: true
211 # Override of the DSL Timeout Limit
212 dslOverride: 'ZV4V7E3N77SKIB6MR9MHQ6M4P6Q99Z7M76RBODA'
215 # Dsl timeout configuration
217 # Whether or not the dsl is enabled
219 # Default time limit of the DSL query
221 # App Specific Timeout Limit for each of the X-FromAppId
230 - VidAaiController,300000
234 mountPath: /dockerdata-nfs
235 mountSubPath: aai/aai-traversal
237 # default number of instances
244 # probe configuration parameters
246 initialDelaySeconds: 60
248 # necessary to disable liveness probe when setting breakpoints
249 # in debugger so K8s doesn't restart unresponsive container
253 initialDelaySeconds: 10
262 portName3: http-traversal
264 terminationGracePeriodSeconds: 120
265 sessionAffinity: None
272 authorizedPrincipals:
273 - serviceAccount: aai-read
274 - serviceAccount: consul-read
276 # To make logback capping values configurable
278 logToFileEnabled: false
284 livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
285 logToFileEnabled: false
289 # Configure resource requests and limits
290 # ref: http://kubernetes.io/docs/user-guide/compute-resources/
319 path: /actuator/prometheus
322 externalSecretName: mysecretname
323 externalSecretUserKey: login
324 externalSecretPasswordKey: password
326 ## Namespace in which Prometheus is running
328 # namespace: monitoring
330 ## Interval at which metrics should be scraped.
331 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
335 ## Timeout after which the scrape is ended
336 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#endpoint
340 ## ServiceMonitor selector labels
341 ## ref: https://github.com/bitnami/charts/tree/master/bitnami/prometheus-operator#prometheus-configuration
344 app: '{{ include "common.name" . }}'
345 chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
346 release: '{{ include "common.release" . }}'
347 heritage: '{{ .Release.Service }}'
349 ## RelabelConfigs to apply to samples before scraping
350 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
351 ## Value is evalued as a template
355 ## MetricRelabelConfigs to apply to samples before ingestion
356 ## ref: https://github.com/coreos/prometheus-operator/blob/master/Documentation/api.md#relabelconfig
357 ## Value is evalued as a template
359 metricRelabelings: []
362 # targetLabel: "__name__"
365 # replacement: 'example_prefix_$1'
367 #Pods Service Account
369 nameOverride: aai-traversal
378 base: DEBUG # base package (org.onap.aai)
379 logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
380 #################################################################
382 #################################################################
384 - uid: aai-trav-kafka-user
385 externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
388 - name: sasl.jaas.config
389 value: '{{ .Values.config.someConfig }}'
392 authenticationType: scram-sha-512
396 operations: [Read, Write]