1 # Copyright © 2020 Samsung Electronics, highstreet technologies GmbH
2 # Copyright © 2017 Amdocs, Bell Canada
4 # Licensed under the Apache License, Version 2.0 (the "License");
5 # you may not use this file except in compliance with the License.
6 # You may obtain a copy of the License at
8 # http://www.apache.org/licenses/LICENSE-2.0
10 # Unless required by applicable law or agreed to in writing, software
11 # distributed under the License is distributed on an "AS IS" BASIS,
12 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 # See the License for the specific language governing permissions and
14 # limitations under the License.
16 #################################################################
17 # Global configuration defaults.
18 #################################################################
21 nodePortPrefixExt: 304
23 mountPath: /dockerdata-nfs
26 #This flag allows SO to instantiate its own mariadb-galera cluster
27 #If shared instance is used, this chart assumes that DB already exists
29 service: mariadb-galera
31 nameOverride: mariadb-galera
32 service: mariadb-galera
35 CMPv2CertManagerIntegration: false
38 image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2
40 name: oom-cert-service-client-tls-secret
41 mountPath: /etc/onap/oom/certservice/certs/
44 cert_path: /var/custom-certs
45 cmpv2Organization: "Linux-Foundation"
46 cmpv2OrganizationalUnit: "ONAP"
47 cmpv2Location: "San-Francisco"
49 # Client configuration related
51 common_name: "sdnc.simpledemo.onap.org"
52 requestURL: "https://oom-cert-service:8443/v1/certificate/"
53 requestTimeout: "30000"
54 keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
56 keystorePassword: "secret"
57 truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
58 truststorePassword: "secret"
60 #################################################################
62 #################################################################
64 - uid: db-root-password
65 name: &rootDbSecret '{{ include "common.release" . }}-sdnc-db-root-password'
67 # If we're using shared mariadb, we need to use the secret name (second
69 # If not, we do the same trick than for user db secret hat allows you
70 # override this secret using external one with the same field that is used
71 # to pass this to subchart.
72 externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
73 ternary ((hasSuffix "sdnc-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
76 (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .))
77 (include "common.mariadb.secret.rootPassSecretName"
79 "chartName" .Values.global.mariadbGalera.nameOverride)) }}'
80 password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
82 name: &dbSecretName '{{ include "common.release" . }}-sdnc-db-secret'
84 # This is a nasty trick that allows you override this secret using external one
85 # with the same field that is used to pass this to subchart
86 externalSecret: '{{ (hasSuffix "sdnc-db-secret" (index .Values "mariadb-galera" "db" "externalSecret")) |
89 (tpl (default "" (index .Values "mariadb-galera" "db" "externalSecret")) .) }}'
90 login: '{{ index .Values "mariadb-galera" "db" "user" }}'
91 password: '{{ index .Values "mariadb-galera" "db" "password" }}'
93 name: &odlCredsSecretName '{{ include "common.release" . }}-sdnc-odl-creds'
95 externalSecret: '{{ .Values.config.odlCredsExternalSecret }}'
96 login: '{{ .Values.config.odlUser }}'
97 password: '{{ .Values.config.odlPassword }}'
98 # For now this is left hardcoded but should be revisited in a future
99 passwordPolicy: required
100 - uid: dmaap-proxy-creds
101 name: &dmaapProxyCredsSecretName '{{ include "common.release" . }}-sdnc-dmaap-proxy-creds'
103 externalSecret: '{{ .Values.config.dmaapProxyCredsExternalSecret }}'
104 login: '{{ .Values.config.sdnr.dmaapProxy.user }}'
105 password: '{{ .Values.config.sdnr.dmaapProxy.password }}'
106 # For now this is left hardcoded but should be revisited in a future
107 passwordPolicy: required
110 externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}'
111 password: '{{ .Values.config.netboxApikey }}'
112 passwordPolicy: required
113 - uid: aai-user-creds
115 externalSecret: '{{ .Values.config.aaiCredsExternalSecret}}'
116 login: '{{ .Values.config.aaiUser }}'
117 password: '{{ .Values.config.aaiPassword }}'
118 passwordPolicy: required
119 - uid: modeling-user-creds
121 externalSecret: '{{ .Values.config.modelingCredsExternalSecret}}'
122 login: '{{ .Values.config.modelingUser }}'
123 password: '{{ .Values.config.modelingPassword }}'
124 passwordPolicy: required
125 - uid: restconf-creds
127 externalSecret: '{{ .Values.config.restconfCredsExternalSecret}}'
128 login: '{{ .Values.config.restconfUser }}'
129 password: '{{ .Values.config.restconfPassword }}'
130 passwordPolicy: required
132 name: &ansibleSecretName '{{ include "common.release" . }}-sdnc-ansible-creds'
134 externalSecret: '{{ .Values.config.ansibleCredsExternalSecret}}'
135 login: '{{ .Values.config.ansibleUser }}'
136 password: '{{ .Values.config.ansiblePassword }}'
137 passwordPolicy: required
138 - uid: scaleout-creds
140 externalSecret: '{{ .Values.config.scaleoutCredsExternalSecret}}'
141 login: '{{ .Values.config.scaleoutUser }}'
142 password: '{{ .Values.config.scaleoutPassword }}'
143 passwordPolicy: required
144 - uid: keystore-password
147 passwordPolicy: required
148 #################################################################
150 #################################################################
152 - name: onap-sdnc-certificate
153 secretName: onap-sdnc-certificate
154 commonName: sdnc.simpledemo.onap.org
156 - sdnc.simpledemo.onap.org
160 name: keystore-password
165 name: keystore-password
167 #################################################################
168 # Application configuration defaults.
169 #################################################################
173 image: onap/sdnc-image:2.0.4
175 # flag to enable debugging - application support required
178 # application configuration
183 odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
184 # odlCredsExternalSecret: some secret
185 netboxApikey: onceuponatimeiplayedwithnetbox20180814
186 # netboxApikeyExternalSecret: some secret
187 aaiUser: sdnc@sdnc.onap.org
188 aaiPassword: demo123456!
189 # aaiCredsExternalSecret: some secret
190 modelingUser: ccsdkapps
191 modelingPassword: ccsdkapps
192 # modelingCredsExternalSecret: some secret
194 restconfPassword: admin
195 # restconfCredsExternalSecret: some secret
197 scaleoutPassword: admin
198 # scaleoutExternalSecret: some secret
200 ansiblePassword: sdnc
201 # ansibleCredsExternalSecret: some secret
202 dbSdnctlDatabase: &sdncDbName sdnctl
203 enableClustering: true
204 sdncHome: /opt/onap/sdnc
205 binDir: /opt/onap/sdnc/bin
206 etcDir: /opt/onap/sdnc/data
208 # if geoEnabled is set to true here, mysql.geoEnabled must be set to true
209 # if geoEnabled is set to true the following 3 values must be set to their proper values
210 myODLCluster: 127.0.0.1
211 peerODLCluster: 127.0.0.1
212 isPrimaryCluster: true
213 configDir: /opt/onap/sdnc/data/properties
214 ccsdkConfigDir: /opt/onap/ccsdk/data/properties
217 logstashServiceName: log-ls
219 ansibleServiceName: sdnc-ansible-server
221 javaHome: /opt/java/openjdk
224 etcDir: /opt/opendaylight/etc
225 binDir: /opt/opendaylight/bin
226 gcLogDir: /opt/opendaylight/data/log
227 salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config
228 salConfigVersion: 1.9.1
235 recoveryEventTimeout: 90s
237 persistentActorRestartMinBackoffInSeconds: 10
238 persistentActorRestartMaxBackoffInSeconds: 40
239 persistentActorRestartResetBackoffInSeconds: 20
240 shardTransactionCommitTimeoutInSeconds: 120
241 shardIsolatedLeaderCheckIntervalInMillis: 30000
242 operationTimeoutInSeconds: 120
244 maxGCPauseMillis: 100
245 parallelGCThreads : 3
250 # Next line enables gc logging
251 # gcLogOptions: "-Xlog:gc=trace:file={{.Values.config.odl.gcLogDir}}/gc-%t.log}:time,level,tags:filecount={{.Values.config.odl.javaOptions.numberGCLogFiles}}"
252 # enables sdnr functionality
255 # mode: web - SDNC contains device manager only plus dedicated webserver service for ODLUX (default),
256 # mode: dm - SDNC contains sdnr device manager + ODLUX components
258 # sdnronly: true starts sdnc container with odl and sdnrwt features only
260 sdnrdbTrustAllCerts: true
261 mountpointRegistrarEnabled: false
262 mountpointStateProviderEnabled: false
263 # enable and set dmaap-proxy for mountpointRegistrar
268 password: addPasswordHere
275 # dependency / sub-chart configuration
277 nameOverride: sdnc-cert-initializer
278 truststoreMountpath: /opt/onap/sdnc/data/stores
280 app_ns: "org.osaaf.aaf"
281 fqi: "sdnc@sdnc.onap.org"
282 fqi_namespace: org.onap.sdnc
283 public_fqdn: "sdnc.onap.org"
284 aafDeployFqi: "deployer@people.osaaf.org"
285 aafDeployPass: demo123456!
286 cadi_latitude: "38.0"
287 cadi_longitude: "-72.0"
288 credsPath: /opt/app/osaaf/local
290 cd /opt/app/osaaf/local;
291 /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1
293 # dependency / sub-chart configuration
296 mariadb-galera: &mariadbGalera
297 nameOverride: &sdnc-db sdnc-db
298 config: &mariadbGaleraConfig
299 rootPasswordExternalSecret: *rootDbSecret
300 userName: &dbUser sdnctl
301 userCredentialsExternalSecret: *dbSecretName
303 externalSecret: *rootDbSecret
306 externalSecret: *dbSecretName
311 mountSubPath: sdnc/mariadb-galera
315 nameOverride: *sdnc-db
322 nameOverride: sdnc-dmaap-listener
326 <<: *mariadbGaleraConfig
327 mysqlDatabase: *sdncDbName
332 configDir: /opt/onap/sdnc/data/properties
333 odlCredsExternalSecret: *odlCredsSecretName
340 <<: *mariadbGaleraConfig
341 mysqlDatabase: *sdncDbName
342 nameOverride: sdnc-ueb-listener
346 configDir: /opt/onap/sdnc/data/properties
347 odlCredsExternalSecret: *odlCredsSecretName
352 restCredsExternalSecret: *ansibleSecretName
356 <<: *mariadbGaleraConfig
357 mysqlDatabase: ansible
359 name: sdnc-ansible-server
364 nameOverride: sdnc-dgbuilder
366 nameOverride: sdnc-dgbuilder-cert-initializer
370 rootPasswordExternalSecret: '{{ .Values.global.mariadbGalera.localCluster |
372 (printf "%s-sdnc-db-root-password" (include "common.release" .))
373 (include "common.mariadb.secret.rootPassSecretName"
374 (dict "dot" . "chartName" "mariadb-galera")) }}'
375 userCredentialsExternalSecret: *dbSecretName
376 dbPodName: mariadb-galera
377 dbServiceName: mariadb-galera
378 # This should be revisited and changed to plain text
379 dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
388 - baseaddr: "sdnc-dgbuilder"
389 name: "sdnc-dgbuilder"
391 - baseaddr: "sdnc-web-service"
392 name: "sdnc-web-service"
399 # local elasticsearch cluster
400 localElasticCluster: true
402 nameOverride: &elasticSearchName sdnrdb
406 fqi_namespace: org.onap.sdnc
407 fqi: "sdnc@sdnc.onap.org"
409 name: *elasticSearchName
412 # dedicatednode: "yes"
413 # working as master node only, in this case increase replicaCount for elasticsearch-data
414 # dedicatednode: "no"
415 # handles master and data node functionality
417 nameOverride: *elasticSearchName
418 cluster_name: *elasticSearchName
422 # default number of instances
429 # probe configuration parameters
431 initialDelaySeconds: 10
433 # necessary to disable liveness probe when setting breakpoints
434 # in debugger so K8s doesn't restart unresponsive container
438 initialDelaySeconds: 10
471 ## Persist data to a persitent volume
475 ## A manually managed Persistent Volume and Claim
476 ## Requires persistence.enabled: true
477 ## If defined, PVC must be created manually before volume will be bound
479 volumeReclaimPolicy: Retain
481 ## database data Persistent Volume Storage Class
482 ## If defined, storageClassName: <storageClass>
483 ## If set to "-", storageClassName: "", which disables dynamic provisioning
484 ## If undefined (the default) or set to null, no storageClassName spec is
485 ## set, choosing the default provisioner. (gp2 on AWS, standard on
486 ## GKE, AWS & OpenStack)
487 accessMode: ReadWriteOnce
489 mountPath: /dockerdata-nfs
490 mountSubPath: sdnc/mdsal
491 mdsalPath: /opt/opendaylight/current/daexim
496 ## A manually managed Persistent Volume and Claim
497 ## Requires persistence.enabled: true
498 ## If defined, PVC must be created manually before volume will be bound
501 volumeReclaimPolicy: Retain
502 accessMode: ReadWriteOnce
504 mountPath: /dockerdata-nfs
505 mountSubPath: sdnc/certs
506 certPath: /opt/app/osaaf
507 ##storageClass: "manual"
512 - baseaddr: "sdnc.api"
518 #Resource Limit flavor -By Default using small
520 #segregation for different envionment (Small and Large)