1 # Copyright © 2018 AT&T USA
2 # Copyright © 2020 Huawei
3 # Copyright © 2021 Orange
4 # Modifications Copyright © 2023 Nordix Foundation
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16 #################################################################
17 # Global configuration defaults.
18 #################################################################
21 nodePortPrefixExt: 304
22 centralizedLoggingEnabled: true
24 nameOverride: mariadb-galera
25 serviceName: mariadb-galera
27 service: mariadb-galera
29 # mariadbRootPassword: secretpassword
30 # rootPasswordExternalSecret: some secret
31 #This flag allows SO to instantiate its own mariadb-galera cluster,
32 #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
35 mountPath: /dockerdata-nfs
36 #This configuration specifies Service and port for SDNC OAM interface
37 sdncOamService: sdnc-oam
39 #This configuration will run the migration. The configurations are for backing up the data
40 #from DB and then restoring it to the present versions preferred DB.
43 dbHost: mariadb-galera
46 dbPassword: secretpassword
47 # dbCredsExternalSecret: some secret
51 auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
52 defaultCloudOwner: onap
57 - '{{ include "common.release" . }}-so-mariadb-config-job'
59 #################################################################
61 #################################################################
64 name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass'
66 externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary
67 .Values.global.mariadbGalera.rootPasswordExternalSecret
68 (default (include "common.mariadb.secret.rootPassSecretName"
69 (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride))
70 .Values.global.mariadbGalera.rootPasswordExternalSecret) }}'
71 password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
72 - uid: db-backup-creds
73 name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
75 externalSecret: '{{ ternary .Values.global.migration.dbCredsExternalSecret "migrationDisabled" .Values.global.migration.enabled }}'
76 login: '{{ ternary .Values.global.migration.dbUser "migrationDisabled" .Values.global.migration.enabled }}'
77 password: '{{ ternary .Values.global.migration.dbPassword "migrationDisabled" .Values.global.migration.enabled }}'
78 passwordPolicy: required
80 helm.sh/hook: pre-upgrade,pre-install
81 helm.sh/hook-weight: '0'
82 helm.sh/hook-delete-policy: before-hook-creation
84 name: &dbUserCredsSecretName '{{ include "common.release" . }}-so-db-user-creds'
86 externalSecret: '{{ .Values.dbCreds.userCredsExternalSecret }}'
87 login: '{{ .Values.dbCreds.userName }}'
88 password: '{{ .Values.dbCreds.userPassword }}'
89 passwordPolicy: generate
91 name: &dbAdminCredsSecretName '{{ include "common.release" . }}-so-db-admin-creds'
93 externalSecret: '{{ .Values.dbCreds.adminCredsExternalSecret }}'
94 login: '{{ .Values.dbCreds.adminName }}'
95 password: '{{ .Values.dbCreds.adminPassword }}'
96 passwordPolicy: generate
98 name: &mso-key '{{ include "common.release" . }}-mso-key'
100 password: '{{ .Values.mso.msoKey }}'
102 name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth'
104 login: '{{ .Values.mso.oof.login }}'
105 password: '{{ .Values.mso.oof.password }}'
106 passwordPolicy: required
107 - uid: server-actuator-creds
108 name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds'
110 externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
111 login: '{{ .Values.server.actuator.username }}'
112 password: '{{ .Values.server.actuator.password }}'
113 passwordPolicy: required
114 - uid: server-bpel-creds
115 name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds'
117 externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}'
118 login: '{{ .Values.server.bpel.username }}'
119 password: '{{ .Values.server.bpel.password }}'
120 passwordPolicy: required
122 name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds'
124 externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
125 login: '{{ .Values.server.aai.username }}'
126 password: '{{ .Values.server.aai.password }}'
127 passwordPolicy: required
129 ##################################################################
130 # Application configuration defaults.
131 #################################################################
133 dbSecrets: &dbSecrets
134 userCredsExternalSecret: *dbUserCredsSecretName
135 adminCredsExternalSecret: *dbAdminCredsSecretName
137 # unused in this, just to pass to subcharts
142 image: onap/so/api-handler-infra:1.12.1
146 username: aai@aai.onap.org
147 password: demo123456!
148 # aaiCredsExternalSecret: some secret
152 # actuatorCredsExternalSecret: some secret
156 # bpelCredsExternalSecret: some secret
161 containerPort: &containerPort 8080
162 logPath: ./logs/apih/
163 app: api-handler-infra
166 internalPort: *containerPort
172 msb.onap.org/service-info: |
173 {{ if .Values.global.msbEnabled -}}[
177 "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments",
179 "port": "{{ .Values.service.internalPort }}",
181 "lb_policy":"ip_hash"
186 "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/activate",
188 "port": "{{ .Values.service.internalPort }}",
190 "lb_policy":"ip_hash"
195 "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/deactivate",
197 "port": "{{ .Values.service.internalPort }}",
199 "lb_policy":"ip_hash"
204 "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}/{requestId}/unlock",
206 "port": "{{ .Values.service.internalPort }}",
208 "lb_policy":"ip_hash"
213 "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}",
215 "port": "{{ .Values.service.internalPort }}",
217 "lb_policy":"ip_hash"
222 "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}",
224 "port": "{{ .Values.service.internalPort }}",
226 "lb_policy":"ip_hash"
231 "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}",
233 "port": "{{ .Values.service.internalPort }}",
235 "lb_policy":"ip_hash"
240 "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}/unlock",
242 "port": "{{ .Values.service.internalPort }}",
244 "lb_policy":"ip_hash"
249 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances",
251 "port": "{{ .Values.service.internalPort }}",
253 "lb_policy":"ip_hash"
258 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/activate",
260 "port": "{{ .Values.service.internalPort }}",
262 "lb_policy":"ip_hash"
267 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/deactivate",
269 "port": "{{ .Values.service.internalPort }}",
271 "lb_policy":"ip_hash"
276 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}",
278 "port": "{{ .Values.service.internalPort }}",
280 "lb_policy":"ip_hash"
285 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][7]}/serviceInstances/assign",
287 "port": "{{ .Values.service.internalPort }}",
289 "lb_policy":"ip_hash"
294 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/unassign",
296 "port": "{{ .Values.service.internalPort }}",
298 "lb_policy":"ip_hash"
303 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations",
305 "port": "{{ .Values.service.internalPort }}",
307 "lb_policy":"ip_hash"
312 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}",
314 "port": "{{ .Values.service.internalPort }}",
316 "lb_policy":"ip_hash"
321 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/enablePort",
323 "port": "{{ .Values.service.internalPort }}",
325 "lb_policy":"ip_hash"
330 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/disablePort",
332 "port": "{{ .Values.service.internalPort }}",
334 "lb_policy":"ip_hash"
339 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/activate",
341 "port": "{{ .Values.service.internalPort }}",
343 "lb_policy":"ip_hash"
348 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/deactivate",
350 "port": "{{ .Values.service.internalPort }}",
352 "lb_policy":"ip_hash"
357 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/addRelationships",
359 "port": "{{ .Values.service.internalPort }}",
361 "lb_policy":"ip_hash"
366 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/removeRelationships",
368 "port": "{{ .Values.service.internalPort }}",
370 "lb_policy":"ip_hash"
375 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs",
377 "port": "{{ .Values.service.internalPort }}",
379 "lb_policy":"ip_hash"
384 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/replace",
386 "port": "{{ .Values.service.internalPort }}",
388 "lb_policy":"ip_hash"
393 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}",
395 "port": "{{ .Values.service.internalPort }}",
397 "lb_policy":"ip_hash"
402 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/applyUpdatedConfig",
404 "port": "{{ .Values.service.internalPort }}",
406 "lb_policy":"ip_hash"
411 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}",
413 "port": "{{ .Values.service.internalPort }}",
415 "lb_policy":"ip_hash"
420 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules",
422 "port": "{{ .Values.service.internalPort }}",
424 "lb_policy":"ip_hash"
429 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/replace",
431 "port": "{{ .Values.service.internalPort }}",
433 "lb_policy":"ip_hash"
438 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}",
440 "port": "{{ .Values.service.internalPort }}",
442 "lb_policy":"ip_hash"
447 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/inPlaceSoftwareUpdate",
449 "port": "{{ .Values.service.internalPort }}",
451 "lb_policy":"ip_hash"
456 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}",
458 "port": "{{ .Values.service.internalPort }}",
460 "lb_policy":"ip_hash"
465 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/deactivateAndCloudDelete",
467 "port": "{{ .Values.service.internalPort }}",
469 "lb_policy":"ip_hash"
474 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/scaleOut",
476 "port": "{{ .Values.service.internalPort }}",
478 "lb_policy":"ip_hash"
483 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups",
485 "port": "{{ .Values.service.internalPort }}",
487 "lb_policy":"ip_hash"
492 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}",
494 "port": "{{ .Values.service.internalPort }}",
496 "lb_policy":"ip_hash"
501 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}",
503 "port": "{{ .Values.service.internalPort }}",
505 "lb_policy":"ip_hash"
510 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks",
512 "port": "{{ .Values.service.internalPort }}",
514 "lb_policy":"ip_hash"
519 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}",
521 "port": "{{ .Values.service.internalPort }}",
523 "lb_policy":"ip_hash"
528 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}",
530 "port": "{{ .Values.service.internalPort }}",
532 "lb_policy":"ip_hash"
541 ################################################################
543 #################################################################
545 containerPort: *containerPort
547 # Resource Limit flavor -By Default using small
549 # Segregation for Different environment (Small and Large)
570 # application configuration
572 logstashServiceName: log-ls
574 # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3
575 openStackKeystoneVersion: "KEYSTONE"
577 #Used only if localCluster is enabled. Instantiates SO's own cassandra cluster
578 #helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \
579 # --set so.global.mariadbGalera.localCluster=true \
580 # --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
581 # --set so.global.mariadbGalera.serviceName=so-mariadb-galera
584 externalSecret: *dbRootPassSecretName
585 nameOverride: &so-mariadb so-mariadb-galera
588 mountSubPath: so/mariadb-galera/data
591 nameOverride: *so-mariadb
602 authorizedPrincipals:
603 - serviceAccount: consul-read
604 - serviceAccount: consul-server-read
605 - serviceAccount: nbi-read
606 - serviceAccount: policy-drools-pdp-read
607 - serviceAccount: so-bpmn-infra-read
608 - serviceAccount: robot-read
609 - serviceAccount: istio-ingress
610 namespace: istio-ingress
615 auth: Basic YnBlbDpwYXNzd29yZDEk
616 camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
617 msoKey: 07a7159d3bf51a0e53be7a8f89699be7
620 auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24
622 auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F
629 auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
631 auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
636 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
638 so-catalog-db-adapter:
648 aaiCredsExternalSecret: *aai-secrets
649 actuatorCredsExternalSecret: *actuator-secrets
651 msoKeySecret: *mso-key
665 rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
666 rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
667 backupCredsExternalSecret: *dbBackupCredsSecretName
668 userCredsExternalSecret: *dbUserCredsSecretName
669 adminCredsExternalSecret: *dbAdminCredsSecretName
679 actuatorCredsExternalSecret: *actuator-secrets
680 bpelCredsExternalSecret: *bpel-secrets
689 msoKeySecret: *mso-key
690 camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
692 authSecret: *mso-oof-auth
693 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
695 so-openstack-adapter:
699 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
701 so-request-db-adapter:
708 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
715 msoKeySecret: *mso-key
716 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
721 so-etsi-sol005-adapter:
726 so-etsi-sol003-adapter:
729 #Pods Service Account