1 # Copyright © 2018 AT&T USA
2 # Copyright © 2020 Huawei
3 # Copyright © 2021 Orange
4 # Modifications Copyright © 2023 Nordix Foundation
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
16 #################################################################
17 # Global configuration defaults.
18 #################################################################
21 nodePortPrefixExt: 304
22 centralizedLoggingEnabled: true
24 nameOverride: mariadb-galera
26 service: mariadb-galera-primary
28 # mariadbRootPassword: secretpassword
29 # rootPasswordExternalSecret: some secret
30 #This flag allows SO to instantiate its own mariadb-galera cluster,
31 #serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
34 mountPath: /dockerdata-nfs
35 #This configuration specifies Service and port for SDNC OAM interface
36 sdncOamService: sdnc-oam
38 #This configuration will run the migration. The configurations are for backing up the data
39 #from DB and then restoring it to the present versions preferred DB.
42 dbHost: mariadb-galera
45 dbPassword: secretpassword
46 # dbCredsExternalSecret: some secret
50 auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
51 defaultCloudOwner: onap
56 - '{{ include "common.release" . }}-so-mariadb-config-job'
58 #################################################################
60 #################################################################
63 name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass'
65 externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary
66 .Values.global.mariadbGalera.rootPasswordExternalSecret
67 (default (include "common.mariadb.secret.rootPassSecretName"
68 (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride))
69 .Values.global.mariadbGalera.rootPasswordExternalSecret) }}'
70 password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
71 - uid: db-backup-creds
72 name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
74 externalSecret: '{{ ternary .Values.global.migration.dbCredsExternalSecret "migrationDisabled" .Values.global.migration.enabled }}'
75 login: '{{ ternary .Values.global.migration.dbUser "migrationDisabled" .Values.global.migration.enabled }}'
76 password: '{{ ternary .Values.global.migration.dbPassword "migrationDisabled" .Values.global.migration.enabled }}'
77 passwordPolicy: required
79 helm.sh/hook: pre-upgrade,pre-install
80 helm.sh/hook-weight: '0'
81 helm.sh/hook-delete-policy: before-hook-creation
83 name: &dbUserCredsSecretName '{{ include "common.release" . }}-so-db-user-creds'
85 externalSecret: '{{ .Values.dbCreds.userCredsExternalSecret }}'
86 login: '{{ .Values.dbCreds.userName }}'
87 password: '{{ .Values.dbCreds.userPassword }}'
88 passwordPolicy: generate
90 name: &dbAdminCredsSecretName '{{ include "common.release" . }}-so-db-admin-creds'
92 externalSecret: '{{ .Values.dbCreds.adminCredsExternalSecret }}'
93 login: '{{ .Values.dbCreds.adminName }}'
94 password: '{{ .Values.dbCreds.adminPassword }}'
95 passwordPolicy: generate
97 name: &mso-key '{{ include "common.release" . }}-mso-key'
99 password: '{{ .Values.mso.msoKey }}'
101 name: &mso-oof-auth '{{ include "common.release" . }}-mso-oof-auth'
103 login: '{{ .Values.mso.oof.login }}'
104 password: '{{ .Values.mso.oof.password }}'
105 passwordPolicy: required
106 - uid: server-actuator-creds
107 name: &actuator-secrets '{{ include "common.release" . }}-so-server-actuator-creds'
109 externalSecret: '{{ tpl (default "" .Values.server.actuatorCredsExternalSecret) . }}'
110 login: '{{ .Values.server.actuator.username }}'
111 password: '{{ .Values.server.actuator.password }}'
112 passwordPolicy: required
113 - uid: server-bpel-creds
114 name: &bpel-secrets '{{ include "common.release" . }}-so-server-bpel-creds'
116 externalSecret: '{{ tpl (default "" .Values.server.bpelCredsExternalSecret) . }}'
117 login: '{{ .Values.server.bpel.username }}'
118 password: '{{ .Values.server.bpel.password }}'
119 passwordPolicy: required
121 name: &aai-secrets '{{ include "common.release" . }}-so-server-aai-creds'
123 externalSecret: '{{ tpl (default "" .Values.server.aaiCredsExternalSecret) . }}'
124 login: '{{ .Values.server.aai.username }}'
125 password: '{{ .Values.server.aai.password }}'
126 passwordPolicy: required
128 ##################################################################
129 # Application configuration defaults.
130 #################################################################
132 dbSecrets: &dbSecrets
133 userCredsExternalSecret: *dbUserCredsSecretName
134 adminCredsExternalSecret: *dbAdminCredsSecretName
136 # unused in this, just to pass to subcharts
141 image: onap/so/api-handler-infra:1.12.2
145 username: aai@aai.onap.org
146 password: demo123456!
147 # aaiCredsExternalSecret: some secret
151 # actuatorCredsExternalSecret: some secret
155 # bpelCredsExternalSecret: some secret
160 containerPort: &containerPort 8080
161 logPath: ./logs/apih/
162 app: api-handler-infra
165 internalPort: *containerPort
171 msb.onap.org/service-info: |
172 {{ if .Values.global.msbEnabled -}}[
176 "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments",
178 "port": "{{ .Values.service.internalPort }}",
180 "lb_policy":"ip_hash"
185 "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/activate",
187 "port": "{{ .Values.service.internalPort }}",
189 "lb_policy":"ip_hash"
194 "url": "/onap/so/infra/cloudResources/{version:[vV][1]}/operationalEnvironments/{operationalEnvironmentId}/deactivate",
196 "port": "{{ .Values.service.internalPort }}",
198 "lb_policy":"ip_hash"
203 "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}/{requestId}/unlock",
205 "port": "{{ .Values.service.internalPort }}",
207 "lb_policy":"ip_hash"
212 "url": "/onap/so/infra/cloudResourcesRequests/{version:[vV][1]}",
214 "port": "{{ .Values.service.internalPort }}",
216 "lb_policy":"ip_hash"
221 "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}",
223 "port": "{{ .Values.service.internalPort }}",
225 "lb_policy":"ip_hash"
230 "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}",
232 "port": "{{ .Values.service.internalPort }}",
234 "lb_policy":"ip_hash"
239 "url": "/onap/so/infra/orchestrationRequests/{version:[vV][4-7]}/{requestId}/unlock",
241 "port": "{{ .Values.service.internalPort }}",
243 "lb_policy":"ip_hash"
248 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances",
250 "port": "{{ .Values.service.internalPort }}",
252 "lb_policy":"ip_hash"
257 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/activate",
259 "port": "{{ .Values.service.internalPort }}",
261 "lb_policy":"ip_hash"
266 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/deactivate",
268 "port": "{{ .Values.service.internalPort }}",
270 "lb_policy":"ip_hash"
275 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}",
277 "port": "{{ .Values.service.internalPort }}",
279 "lb_policy":"ip_hash"
284 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][7]}/serviceInstances/assign",
286 "port": "{{ .Values.service.internalPort }}",
288 "lb_policy":"ip_hash"
293 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/unassign",
295 "port": "{{ .Values.service.internalPort }}",
297 "lb_policy":"ip_hash"
302 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations",
304 "port": "{{ .Values.service.internalPort }}",
306 "lb_policy":"ip_hash"
311 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}",
313 "port": "{{ .Values.service.internalPort }}",
315 "lb_policy":"ip_hash"
320 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/enablePort",
322 "port": "{{ .Values.service.internalPort }}",
324 "lb_policy":"ip_hash"
329 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/disablePort",
331 "port": "{{ .Values.service.internalPort }}",
333 "lb_policy":"ip_hash"
338 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/activate",
340 "port": "{{ .Values.service.internalPort }}",
342 "lb_policy":"ip_hash"
347 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/configurations/{configurationInstanceId}/deactivate",
349 "port": "{{ .Values.service.internalPort }}",
351 "lb_policy":"ip_hash"
356 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/addRelationships",
358 "port": "{{ .Values.service.internalPort }}",
360 "lb_policy":"ip_hash"
365 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/removeRelationships",
367 "port": "{{ .Values.service.internalPort }}",
369 "lb_policy":"ip_hash"
374 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs",
376 "port": "{{ .Values.service.internalPort }}",
378 "lb_policy":"ip_hash"
383 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/replace",
385 "port": "{{ .Values.service.internalPort }}",
387 "lb_policy":"ip_hash"
392 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}",
394 "port": "{{ .Values.service.internalPort }}",
396 "lb_policy":"ip_hash"
401 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/applyUpdatedConfig",
403 "port": "{{ .Values.service.internalPort }}",
405 "lb_policy":"ip_hash"
410 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}",
412 "port": "{{ .Values.service.internalPort }}",
414 "lb_policy":"ip_hash"
419 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules",
421 "port": "{{ .Values.service.internalPort }}",
423 "lb_policy":"ip_hash"
428 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/replace",
430 "port": "{{ .Values.service.internalPort }}",
432 "lb_policy":"ip_hash"
437 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}",
439 "port": "{{ .Values.service.internalPort }}",
441 "lb_policy":"ip_hash"
446 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][6-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/inPlaceSoftwareUpdate",
448 "port": "{{ .Values.service.internalPort }}",
450 "lb_policy":"ip_hash"
455 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}",
457 "port": "{{ .Values.service.internalPort }}",
459 "lb_policy":"ip_hash"
464 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/{vfmoduleInstanceId}/deactivateAndCloudDelete",
466 "port": "{{ .Values.service.internalPort }}",
468 "lb_policy":"ip_hash"
473 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/vfModules/scaleOut",
475 "port": "{{ .Values.service.internalPort }}",
477 "lb_policy":"ip_hash"
482 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups",
484 "port": "{{ .Values.service.internalPort }}",
486 "lb_policy":"ip_hash"
491 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}",
493 "port": "{{ .Values.service.internalPort }}",
495 "lb_policy":"ip_hash"
500 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/vnfs/{vnfInstanceId}/volumeGroups/{volumeGroupInstanceId}",
502 "port": "{{ .Values.service.internalPort }}",
504 "lb_policy":"ip_hash"
509 "url": "/onap/so/infra/serviceInstantiation/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks",
511 "port": "{{ .Values.service.internalPort }}",
513 "lb_policy":"ip_hash"
518 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}",
520 "port": "{{ .Values.service.internalPort }}",
522 "lb_policy":"ip_hash"
527 "url": "/onap/so/infra/serviceInstantiationRequests/{version:[vV][5-7]}/serviceInstances/{serviceInstanceId}/networks/{networkInstanceId}",
529 "port": "{{ .Values.service.internalPort }}",
531 "lb_policy":"ip_hash"
540 ################################################################
542 #################################################################
544 containerPort: *containerPort
546 # Resource Limit flavor -By Default using small
548 # Segregation for Different environment (Small and Large)
569 # application configuration
571 logstashServiceName: log-ls
573 # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3
574 openStackKeystoneVersion: "KEYSTONE"
576 #Used only if localCluster is enabled. Instantiates SO's own cassandra cluster
577 #helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \
578 # --set so.global.mariadbGalera.localCluster=true \
579 # --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
580 # --set so.global.mariadbGalera.serviceName=so-mariadb-galera
583 externalSecret: *dbRootPassSecretName
584 nameOverride: &so-mariadb so-mariadb-galera
590 mountSubPath: so/mariadb-galera/data
593 nameOverride: *so-mariadb
604 authorizedPrincipals:
605 - serviceAccount: consul-read
606 - serviceAccount: consul-server-read
607 - serviceAccount: nbi-read
608 - serviceAccount: policy-drools-pdp-read
609 - serviceAccount: so-bpmn-infra-read
610 - serviceAccount: robot-read
611 - serviceAccount: istio-ingress
612 namespace: istio-ingress
617 auth: Basic YnBlbDpwYXNzd29yZDEk
618 camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
619 msoKey: 07a7159d3bf51a0e53be7a8f89699be7
622 auth: 878785F4F31BC9CFA5AB52A172008212D8845ED2DE08AD5E56AF114720A4E49768B8F95CDA2EB971765D28EDCDAA24
624 auth: 6E081E10B1CA43A843E303733A74D9B23B601A6E22A21C7EF2C7F15A42F81A1A4E85E65268C2661F71321052C7F3E55B96A8E1E951F8BF6F
631 auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
633 auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
638 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
640 so-catalog-db-adapter:
650 aaiCredsExternalSecret: *aai-secrets
651 actuatorCredsExternalSecret: *actuator-secrets
653 msoKeySecret: *mso-key
667 rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
668 rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
669 backupCredsExternalSecret: *dbBackupCredsSecretName
670 userCredsExternalSecret: *dbUserCredsSecretName
671 adminCredsExternalSecret: *dbAdminCredsSecretName
681 actuatorCredsExternalSecret: *actuator-secrets
682 bpelCredsExternalSecret: *bpel-secrets
691 msoKeySecret: *mso-key
692 camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
694 authSecret: *mso-oof-auth
695 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
697 so-openstack-adapter:
701 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
703 so-request-db-adapter:
710 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
717 msoKeySecret: *mso-key
718 logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
723 so-etsi-sol005-adapter:
728 so-etsi-sol003-adapter:
731 #Pods Service Account