# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
# Copyright (c) 2020 Nokia Intellectual Property. All rights reserved.
# Copyright (c) 2020-2021 Orange Intellectual Property. All rights reserved.
+# Modifications Copyright © 2023 Nordix Foundation
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Specifies if the connection should be one way ssl, two way ssl or no auth
# will be set to no-auth if tls is disabled
service:
- client: one-way-ssl
+ client: no-auth
# Specifies which translator to use if it has schema-service, then it will
# make a rest request to schema service
translator:
version:
# Current version of the REST API
api:
- default: v24
+ default: v27
# Specifies which version the depth parameter is configurable
depth: v11
# List of all the supported versions of the API
- list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26
+ list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
# Specifies from which version related link should appear
related:
link: v11
# Specifies which clients should always default to realtime graph connection
realtime:
- clients: SDNC,MSO,SO,robot-ete
-
-#################################################################
-# Certificate configuration
-#################################################################
-certInitializer:
- nameOverride: aai-graphadmin-cert-initializer
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- # aafDeployCredsExternalSecret: some secret
- fqdn: aai
- fqi: aai@aai.onap.org
- public_fqdn: aai.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- fqi_namespace: org.onap.aai
- user_id: &user_id 1000
- group_id: &group_id 1000
- aaf_add_config: |
- echo "*** changing them into shell safe ones"
- export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- export KEYSTORE_JKS_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
- cd {{ .Values.credsPath }}
- keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \
- -storepass "${cadi_keystore_password_p12}" \
- -keystore {{ .Values.fqi_namespace }}.p12
- keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \
- -storepass "${cadi_truststore_password}" \
- -keystore {{ .Values.fqi_namespace }}.trust.jks
- keytool -storepasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
- -storepass "${cadi_keystore_password_jks}" \
- -keystore {{ .Values.fqi_namespace }}.jks
- echo "*** set key password as same password as keystore password"
- keytool -keypasswd -new "${KEYSTORE_JKS_PLAIN_PASSWORD}" \
- -keystore {{ .Values.fqi_namespace }}.jks \
- -keypass "${cadi_keystore_password_jks}" \
- -storepass "${KEYSTORE_JKS_PLAIN_PASSWORD}" -alias {{ .Values.fqi }}
- echo "*** writing passwords into prop file"
- echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop
- echo "KEYSTORE_JKS_PLAIN_PASSWORD=${KEYSTORE_JKS_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
- echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop
- echo "*** change ownership of certificates to targeted user"
- chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }}
+ clients: SDNC,-1|MSO,-1|SO,-1|robot-ete,-1
# application image
-image: onap/aai-graphadmin:1.9.4
+image: onap/aai-graphadmin:1.11.2
pullPolicy: Always
restartPolicy: Always
flavor: small
# Specify the profiles for the graphadmin microservice
profiles:
- # one way ssl profile will be set unless tlsEnabled is set to false or serviceMesh is enabled and
- # serviceMesh.tls is set to tru
- active: dmaap #,one-way-ssl"
+
+ active: dmaap
# Specifies the timeout limit for the REST API requests
timeout:
internalPort: 8449
portName2: tcp-5005
internalPort2: 5005
+ portName3: aai-graphadmin-8448
+ internalPort3: 8448
terminationGracePeriodSeconds: 120
ingress:
mountSubPath: aai/aai-graphadmin
mountSubPath1: aai/migration
+# To make logback capping values configurable
+logback:
+ logToFileEnabled: true
+ maxHistory: 7
+ totalSizeCap: 6GB
+ queueSize: 1000
+
+accessLogback:
+ logToFileEnabled: true
+ maxHistory: 7
+ totalSizeCap: 6GB
+
resources:
small:
limits:
memory: 2Gi
unlimited: {}
+metrics:
+ serviceMonitor:
+ enabled: false
+ targetPort: 8448
+ path: /prometheus
+ basicAuth:
+ enabled: false
+
+ selector:
+ app: '{{ include "common.name" . }}'
+ chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
+ release: '{{ include "common.release" . }}'
+ heritage: '{{ .Release.Service }}'
+
+ relabelings: []
+
+ metricRelabelings: []
+
# Not fully used for now
securityContext:
- user_id: *user_id
- group_id: *group_id
+ user_id: 1000
+ group_id: 1000
#Pods Service Account
serviceAccount: