# Copyright © 2019 Amdocs, Bell Canada
+# Copyright (c) 2020 Nordix Foundation, Modifications
+# Modifications Copyright © 2020 Nokia
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
nodePortPrefix: 302
nodePortPrefixExt: 304
+
+ # Install test components
+ # test components are out of the scope of ONAP but allow to have a entire
+ # environment to test the different features of ONAP
+ # Current tests environments provided:
+ # - netbox (needed for CDS IPAM)
+ # - AWX (needed for XXX)
+ # - EJBCA Server (needed for CMPv2 tests)
+ # Today, "contrib" chart that hosting these components must also be enabled
+ # in order to make it work. So `contrib.enabled` must have the same value than
+ # addTestingComponents
+ addTestingComponents: &testing false
+
# ONAP Repository
# Uncomment the following to enable the use of a single docker
# repository but ONLY if your repository mirrors all ONAP
repositoryCred:
user: docker
password: docker
+ dockerHubRepository: docker.io
+
+ # readiness check
+ readinessImage: onap/oom/readiness:3.0.1
+
+ # curl image
+ curlImage: curlimages/curl:7.69.1
- # readiness check - temporary repo until images migrated to nexus3
- readinessRepository: oomk8s
# logging agent - temporary repo until images migrated to nexus3
loggingRepository: docker.elastic.co
+ # dockerHub main repository
+ dockerHubRepository: docker.io
+
+ # busybox repo and image
+ busyboxRepository: docker.io
+ busyboxImage: busybox:1.30
+
+ # kubeclt image
+ kubectlImage: "bitnami/kubectl:1.15"
+
# image pull policy
pullPolicy: Always
+ # default clusterName
+ # {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }}
+ clusterName: cluster.local
+
# default mount path root directory referenced
# by persistent volumes and log files
persistence:
# flag to enable debugging - application support required
debugEnabled: false
+ # default password complexity
+ # available options: phrase, name, pin, basic, short, medium, long, maximum security
+ # More datails: https://masterpassword.app/masterpassword-algorithm.pdf
+ passwordStrength: long
+
+ # configuration to set log level to all components (the one that are using
+ # "common.log.level" to set this)
+ # can be overrided per components by setting logConfiguration.logLevelOverride
+ # to the desired value
+ # logLevel: DEBUG
+
#Global ingress configuration
ingress:
enabled: false
virtualhost:
- enabled: true
- baseurl: "simpledemo.onap.org"
+ enabled: true
+ baseurl: "simpledemo.onap.org"
# Global Service Mesh configuration
# POC Mode, don't use it in production
aafEnabled: true
aafAgentImage: onap/aaf/aaf_agent:2.1.20
+ # Enabling CMPv2
+ cmpv2Enabled: true
+ platform:
+ certServiceClient:
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
+ secret:
+ name: oom-cert-service-client-tls-secret
+ mountPath: /etc/onap/oom/certservice/certs/
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
+ requestURL: "https://oom-cert-service:8443/v1/certificate/"
+ requestTimeout: "30000"
+ keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
+ outputType: "P12"
+ keystorePassword: "secret"
+ truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
+ truststorePassword: "secret"
+
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this
# will loosen your security.
# if set this element will force or not tls even if serviceMesh.tls is set.
# tlsEnabled: false
+ # Logging
+ # Currently, centralized logging is not in best shape so it's disabled by
+ # default
+ centralizedLoggingEnabled: ¢ralizedLogging false
-# Example of specific for the components where you want to disable TLS only for
-# it:
-# if set this element will force or not tls even if global.serviceMesh.tls and
-# global.tlsEnabled is set otherwise.
-# robot:
-# tlsOverride: false
+ # Example of specific for the components where you want to disable TLS only for
+ # it:
+ # if set this element will force or not tls even if global.serviceMesh.tls and
+ # global.tlsEnabled is set otherwise.
+ # robot:
+ # tlsOverride: false
# Global storage configuration
# Set to "-" for default, or with the name of the storage class
# to customize the ONAP deployment.
#################################################################
aaf:
- enabled: true
+ enabled: false
aai:
enabled: false
appc:
enabled: false
consul:
enabled: false
+# Today, "contrib" chart that hosting these components must also be enabled
+# in order to make it work. So `contrib.enabled` must have the same value than
+# addTestingComponents
contrib:
- enabled: false
+ enabled: *testing
dcaegen2:
enabled: false
dcaemod:
enabled: false
-pnda:
- enabled: false
dmaap:
enabled: false
esr:
enabled: false
+# Today, "logging" chart that perform the central part of logging must also be
+# enabled in order to make it work. So `logging.enabled` must have the same
+# value than centralizedLoggingEnabled
log:
- enabled: false
+ enabled: *centralizedLogging
sniro-emulator:
enabled: false
oof:
openStackServiceTenantName: "service"
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
+ # in order to enable static password for so-monitoring uncomment:
+ # so-monitoring:
+ # server:
+ # monitoring:
+ # password: demo123456!
+
# configure embedded mariadb
mariadb:
config:
enabled: false
modeling:
enabled: false
+platform:
+ enabled: false
+a1policymanagement:
+ enabled: false
+
+cert-wrapper:
+ enabled: true
Code Review / oom.git / blobdiff