# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2021-2022 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#################################################################
global:
nodePortPrefix: 302
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+ kafkaBootstrap: strimzi-kafka-bootstrap
+ saslMechanism: scram-sha-512
+ kafkaInternalPort: 9092
+ zkTunnelService:
+ type: ClusterIP
+ name: zk-tunnel-svc
+ portName: tcp-zk-tunnel
+ internalPort: 2181
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: dmaap-mr-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: dmaap-mr
+ fqi: dmaapmr@mr.dmaap.onap.org
+ public_fqdn: mr.dmaap.onap.org
+ cadi_longitude: "-122.26147"
+ cadi_latitude: "37.78187"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ appMountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops
+ fqi_namespace: org.onap.dmaap.mr
+ aaf_add_config: |
+ cd {{ .Values.credsPath }}
+ echo "*** change jks password into shell safe one"
+ export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+ keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
+ -storepass "${cadi_keystore_password_jks}" \
+ -keystore {{ .Values.fqi_namespace }}.jks
+ echo "*** set key password as same password as jks keystore password"
+ keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
+ -keystore {{ .Values.fqi_namespace }}.jks \
+ -keypass "${cadi_keystore_password_jks}" \
+ -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
+ echo "*** store the passwords"
+ echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
+ echo "KEYSTORE_PASSWORD_P12=${cadi_keystore_password_p12}" >> mycreds.prop
+ echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> mycreds.prop
+ echo "*** give ownership of files to the user"
+ chown -R 1000 .
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.18
+image: onap/dmaap/dmaap-mr:1.3.2
pullPolicy: Always
-kafka:
- name: message-router-kafka
- port: 9092
-zookeeper:
- name: message-router-zookeeper
- port: 2181
+secrets:
+ - uid: mr-kafka-admin-secret
+ externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+ type: genericKV
+ envs:
+ - name: sasl.jaas.config
+ value: '{{ .Values.config.someConfig }}'
+ policy: generate
# flag to enable debugging - application support required
debugEnabled: false
# application configuration
-config: {}
+config:
+ someConfig: blah
# default number of instances
replicaCount: 1
# probe configuration parameters
liveness:
- initialDelaySeconds: 70
+ initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
+ successThreshold: 1
+ failureThreshold: 3
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
port: api
enabled: true
readiness:
- initialDelaySeconds: 70
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ timeoutSeconds: 1
+ successThreshold: 1
+ failureThreshold: 3
+ port: api
+
+startup:
+ initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 1
+ successThreshold: 1
+ failureThreshold: 70
port: api
service:
enabled: false
image: solsson/kafka-prometheus-jmx-exporter@sha256
imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
- imageRepository: docker.io
port: 5556
targetPort: 5555
ingress:
enabled: false
+ service:
+ - baseaddr: "mr.api"
+ name: "message-router"
+ port: 3905
+ config:
+ ssl: "redirect"
+
# Resource Limit flavor -By Default using small
flavor: small
cpu: 1000m
memory: 2Gi
unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: message-router
+ roles:
+ - read