1 # Copyright © 2020 Samsung Electronics
2 # Copyright © 2019 Orange, Bell Canada
3 # Copyright © 2017 Amdocs, Bell Canada
4 # Modification Copyright © 2022 Nordix Foundation
6 # Licensed under the Apache License, Version 2.0 (the "License");
7 # you may not use this file except in compliance with the License.
8 # You may obtain a copy of the License at
10 # http://www.apache.org/licenses/LICENSE-2.0
12 # Unless required by applicable law or agreed to in writing, software
13 # distributed under the License is distributed on an "AS IS" BASIS,
14 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15 # See the License for the specific language governing permissions and
16 # limitations under the License.
18 #################################################################
19 # Global configuration defaults.
20 #################################################################
23 nodePortPrefixExt: 304
25 mountPath: /dockerdata-nfs
26 cdsKafkaUser: cds-kafka-user
28 #################################################################
30 #################################################################
32 - name: &dbUserSecretName '{{ include "common.release" . }}-cds-db-secret'
35 externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) (hasSuffix "cds-db-secret" (index .Values "mariadb-galera" "db" "externalSecret"))}}'
36 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
37 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
39 #################################################################
40 # Application configuration defaults.
41 #################################################################
49 # flag to enable debugging - application support required
52 # default number of instances
59 # probe configuration parameters
61 initialDelaySeconds: 20
64 # necessary to disable liveness probe when setting breakpoints
65 # in debugger so K8s doesn't restart unresponsive container
69 initialDelaySeconds: 10
79 externalSecret: *dbUserSecretName
80 name: &mysqlDbName sdnctl
81 nameOverride: &dbServer cds-db
85 mountSubPath: cds/data
87 nameOverride: *dbServer
89 mariadbConfiguration: |-
92 socket=/opt/bitnami/mariadb/tmp/mysql.sock
93 plugin_dir=/opt/bitnami/mariadb/plugin
96 lower_case_table_names = 1
97 default_storage_engine=InnoDB
98 basedir=/opt/bitnami/mariadb
99 datadir=/bitnami/mariadb/data
100 plugin_dir=/opt/bitnami/mariadb/plugin
101 tmpdir=/opt/bitnami/mariadb/tmp
102 socket=/opt/bitnami/mariadb/tmp/mysql.sock
103 pid_file=/opt/bitnami/mariadb/tmp/mysqld.pid
107 collation_server=utf8_unicode_ci
108 init_connect='SET NAMES utf8'
109 character_set_server=utf8
113 myisam_recover_options=FORCE,BACKUP
118 max_allowed_packet=16M
119 max_connect_errors=1000000
120 sql_mode=STRICT_TRANS_TABLES,ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_AUTO_VALUE_ON_ZERO,NO_ENGINE_SUBSTITUTION,NO_ZERO_DATE,NO_ZERO_IN_DATE,ONLY_FULL_GROUP_BY
126 # Disabling for performance per http://severalnines.com/blog/9-tips-going-production-galera-cluster-mysql
128 # Required for Galera
133 max_heap_table_size=32M
134 # Re-enabling as now works with Maria 10.1.2
137 query_cache_size=256M
140 open_files_limit=65535
141 table_definition_cache=4096
142 table_open_cache=4096
147 # Mandatory per https://github.com/codership/documentation/issues/25
148 innodb_autoinc_lock_mode=2
149 # Per https://www.percona.com/blog/2006/08/04/innodb-double-write/
151 innodb_flush_method=O_DIRECT
152 innodb_log_files_in_group=2
153 innodb_log_file_size=128M
154 innodb_flush_log_at_trx_commit=1
155 innodb_file_per_table=1
156 # 80% Memory is default reco.
157 # Need to re-evaluate when DB size grows
158 innodb_buffer_pool_size=2G
159 innodb_file_format=Barracuda
162 log_error=/opt/bitnami/mariadb/logs/mysqld.log
163 slow_query_log_file=/opt/bitnami/mariadb/logs/mysqld.log
164 log_queries_not_using_indexes=1
168 ## Use extraVolumes and extraVolumeMounts to mount /certs filesystem
169 # ssl_ca=/certs/ca.pem
170 # ssl_cert=/certs/server-cert.pem
171 # ssl_key=/certs/server-key.pem
175 wsrep_provider=/opt/bitnami/mariadb/lib/libgalera_smm.so
176 wsrep_sst_method=mariabackup
177 wsrep_slave_threads=4
178 wsrep_cluster_address=gcomm://
179 wsrep_cluster_name=galera
180 wsrep_sst_auth="root:"
181 # Enabled for performance per https://mariadb.com/kb/en/innodb-system-variables/#innodb_flush_log_at_trx_commit
182 innodb_flush_log_at_trx_commit=2
183 # MYISAM REPLICATION SUPPORT #
184 wsrep_replicate_myisam=ON
187 plugin_load_add=auth_pam
189 ## Data-at-Rest Encryption
190 ## Use extraVolumes and extraVolumeMounts to mount /encryption filesystem
191 # plugin_load_add=file_key_management
192 # file_key_management_filename=/encryption/keyfile.enc
193 # file_key_management_filekey=FILE:/encryption/keyfile.key
194 # file_key_management_encryption_algorithm=AES_CTR
196 # encrypt_tmp_files=ON
198 ## InnoDB/XtraDB Encryption
199 # innodb_encrypt_tables=ON
200 # innodb_encrypt_temporary_tables=ON
201 # innodb_encrypt_log=ON
202 # innodb_encryption_threads=4
203 # innodb_encryption_rotate_key_age=1
206 # aria_encrypt_tables=ON
207 # encrypt_tmp_disk_tables=ON
209 cds-blueprints-processor:
216 dbCredsExternalSecret: *dbUserSecretName
217 jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.kafkaUser }}'
219 cds-command-executor:
232 #Resource Limit flavor -By Default using small
234 #segregation for different envionment (Small and Large)