1 # Copyright © 2019 Amdocs, Bell Canada
2 # Copyright (c) 2020 Nordix Foundation, Modifications
3 # Modifications Copyright © 2020-2021 Nokia
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 #################################################################
18 # Global configuration overrides.
20 # These overrides will affect all helm charts (ie. applications)
21 # that are listed below and are 'enabled'.
22 #################################################################
24 # Change to an unused port prefix range to prevent port conflicts
25 # with other instances running within the same k8s cluster
27 nodePortPrefixExt: 304
30 # Install test components
31 # test components are out of the scope of ONAP but allow to have a entire
32 # environment to test the different features of ONAP
33 # Current tests environments provided:
34 # - netbox (needed for CDS IPAM)
35 # - AWX (needed for XXX)
36 # - EJBCA Server (needed for CMPv2 tests)
37 # Today, "contrib" chart that hosting these components must also be enabled
38 # in order to make it work. So `contrib.enabled` must have the same value than
39 # addTestingComponents
40 addTestingComponents: &testing false
43 # Four different repositories are used
44 # You can change individually these repositories to ones that will serve the
45 # right images. If credentials are needed for one of them, see below.
46 repository: nexus3.onap.org:10001
47 dockerHubRepository: &dockerHubRepository docker.io
48 elasticRepository: &elasticRepository docker.elastic.co
49 googleK8sRepository: k8s.gcr.io
50 githubContainerRegistry: ghcr.io
53 # Legacy repositories which will be removed at the end of migration.
55 loggingRepository: *elasticRepository
56 busyboxRepository: *dockerHubRepository
59 # they're optional. If the target repository doesn't need them, comment them
63 # If you want / need authentication on the repositories, please set
64 # Don't set them if the target repo is the same than others
65 # so id you've set repository to value `my.private.repo` and same for
66 # dockerHubRepository, you'll have to configure only repository (exclusive) OR
79 # common global images
80 # Busybox for simple shell manipulation
81 busyboxImage: busybox:1.34.1
84 curlImage: curlimages/curl:7.80.0
86 # env substitution image
87 envsubstImage: dibi/envsubst:1
89 # generate htpasswd files image
90 # there's only latest image for htpasswd
91 htpasswdImage: xmartlabs/htpasswd:latest
93 # kubenretes client image
94 kubectlImage: bitnami/kubectl:1.22.4
97 loggingImage: beats/filebeat:5.5.0
99 # mariadb client image
100 mariadbImage: bitnami/mariadb:10.6.5-debian-10-r28
103 nginxImage: bitnami/nginx:1.21.4
105 # postgreSQL client and server image
106 postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
108 # readiness check image
109 readinessImage: onap/oom/readiness:3.0.1
115 jreImage: onap/integration-java11:10.0.0
117 # default clusterName
118 # {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }}
119 clusterName: cluster.local
121 # default mount path root directory referenced
122 # by persistent volumes and log files
124 mountPath: /dockerdata-nfs
125 enableDefaultStorageclass: false
127 storageclassProvisioner: kubernetes.io/no-provisioner
128 volumeReclaimPolicy: Retain
130 # override default resource limit flavor for all charts
133 # flag to enable debugging - application support required
136 # default password complexity
137 # available options: phrase, name, pin, basic, short, medium, long, maximum security
138 # More datails: https://www.masterpasswordapp.com/masterpassword-algorithm.pdf
139 passwordStrength: long
141 # configuration to set log level to all components (the one that are using
142 # "common.log.level" to set this)
143 # can be overrided per components by setting logConfiguration.logLevelOverride
144 # to the desired value
147 # Global ingress configuration
151 baseurl: "simpledemo.onap.org"
153 # Global Service Mesh configuration
154 # POC Mode, don't use it in production
158 # be aware that linkerd is not well tested
159 engine: "istio" # valid value: istio or linkerd
162 # If enabled, exporters (for prometheus) will be deployed
163 # if custom resources set to yes, CRD from prometheus operartor will be
165 # Not all components have it enabled.
169 custom_resources: false
172 # POC Mode, only for use in development environment
173 # Keep it enabled in production
175 aafAgentImage: onap/aaf/aaf_agent:2.1.20
178 # POC Mode, only for use in development environment
181 # default values for certificates
184 renewBefore: 720h #30 days
185 duration: 8760h #365 days
187 organization: "Linux-Foundation"
189 locality: "San-Francisco"
190 province: "California"
191 organizationalUnit: "ONAP"
193 group: certmanager.onap.org
195 name: cmpv2-issuer-onap
201 clientSecretName: oom-cert-service-client-tls-secret
202 keystoreKeyRef: keystore.jks
203 truststoreKeyRef: truststore.jks
204 keystorePasswordSecretName: oom-cert-service-certificates-password
205 keystorePasswordSecretKey: password
206 truststorePasswordSecretName: oom-cert-service-certificates-password
207 truststorePasswordSecretKey: password
209 # Indicates offline deployment build
210 # Set to true if you are rendering helm charts for offline deployment
211 # Otherwise keep it disabled
212 offlineDeploymentBuild: false
215 # Set to false if you want to disable TLS for NodePorts. Be aware that this
216 # will loosen your security.
217 # if set this element will force or not tls even if serviceMesh.tls is set.
221 # Currently, centralized logging is not in best shape so it's disabled by
223 centralizedLoggingEnabled: ¢ralizedLogging false
225 # Example of specific for the components where you want to disable TLS only for
227 # if set this element will force or not tls even if global.serviceMesh.tls and
228 # global.tlsEnabled is set otherwise.
232 # Global storage configuration
233 # Set to "-" for default, or with the name of the storage class
234 # Please note that if you use AAF, CDS, SDC, Netbox or Robot, you need a
235 # storageclass with RWX capabilities (or set specific configuration for these
240 # Example of specific for the components which requires RWX:
243 # storageClassOverride: "My_RWX_Storage_Class"
248 # storageClassOverride: "My_RWX_Storage_Class"
250 # cds-blueprints-processor:
252 # storageClassOverride: "My_RWX_Storage_Class"
256 # storageClassOverride: "My_RWX_Storage_Class"
258 #################################################################
259 # Enable/disable and configure helm charts (ie. applications)
260 # to customize the ONAP deployment.
261 #################################################################
267 # you must always set the same values as value set in cps.enabled
274 openStackType: OpenStackProvider
275 openStackName: OpenStack
276 openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html
277 openStackServiceTenantName: default
278 openStackDomain: default
279 openStackUserName: admin
280 openStackEncryptedPassword: admin
291 # Today, "contrib" chart that hosting these components must also be enabled
292 # in order to make it work. So `contrib.enabled` must have the same value than
293 # addTestingComponents
308 # Today, "logging" chart that perform the central part of logging must also be
309 # enabled in order to make it work. So `logging.enabled` must have the same
310 # value than centralizedLoggingEnabled
312 enabled: *centralizedLogging
326 # openstack configuration
327 openStackRegion: "Yolo"
328 openStackVNFTenantId: "1234"
338 # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
339 openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
355 # necessary to disable liveness probe when setting breakpoints
356 # in debugger so K8s doesn't restart unresponsive container
359 # so server configuration
361 # message router configuration
363 # openstack configuration
364 openStackUserName: "vnf_user"
365 openStackRegion: "RegionOne"
366 openStackKeyStoneUrl: "http://1.2.3.4:5000"
367 openStackServiceTenantName: "service"
368 openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
370 # in order to enable static password for so-monitoring uncomment:
374 # password: demo123456!