# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
+# Modifications Copyright © 2018-2020 AT&T Intellectual Property
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# Global configuration defaults.
#################################################################
global:
- nodePortPrefix: 302
readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
- ubuntuImage: ubuntu:16.04
+ readinessImage: readiness-check:2.0.2
+ aafEnabled: true
mariadb:
- nameOverride: policydb
- pdp:
- nameOverride: pdp
- pap:
- nameOverride: pap
- drools:
- nameOverride: drools
- brmwgw:
- nameOverride: brmsgw
- nexus:
- nameOverride: nexus
+ # '&mariadbConfig' means we "store" the values for later use in the file
+ # with '*mariadbConfig' pointer.
+ config: &mariadbConfig
+ mysqlDatabase: policyadmin
+ service: &mariadbService
+ name: policy-mariadb
+ portName: mysql-policy
+ internalPort: 3306
#################################################################
-# Application configuration defaults.
+# Secrets metaconfig
#################################################################
-# application image
+secrets:
+ - uid: db-root-password
+ name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
+ type: password
+ externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "config" "mariadbRootPasswordExternalSecret"))}}'
+ password: '{{ (index .Values "mariadb-galera" "config" "mariadbRootPassword") }}'
+ policy: generate
+ - uid: db-secret
+ name: &dbSecretName '{{ include "common.release" . }}-policy-db-secret'
+ type: basicAuth
+ externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret")) .) (hasSuffix "policy-db-secret" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret"))}}'
+ login: '{{ index .Values "mariadb-galera" "config" "userName" }}'
+ password: '{{ index .Values "mariadb-galera" "config" "userPassword" }}'
+ passwordPolicy: generate
+
+db: &dbSecretsHook
+ credsExternalSecret: *dbSecretName
+
+policy-api:
+ enabled: true
+ db: *dbSecretsHook
+policy-pap:
+ enabled: true
+ db: *dbSecretsHook
+policy-xacml-pdp:
+ enabled: true
+ db: *dbSecretsHook
+policy-apex-pdp:
+ enabled: true
+ db: *dbSecretsHook
+policy-drools-pdp:
+ enabled: true
+ db: *dbSecretsHook
+policy-distribution:
+ enabled: true
+ db: *dbSecretsHook
+policy-nexus:
+ enabled: true
+
+#################################################################
+# DB configuration defaults.
+#################################################################
+
repository: nexus3.onap.org:10001
-image: onap/policy-pe:1.5.2
+mariadb_image: library/mariadb:10
pullPolicy: Always
subChartsOnly:
enabled: true
-nameOverride: pap
-
-pdp:
- nameOverride: pdp
-mariadb:
- nameOverride: policydb
-drools:
- nameOverride: drools
-brmwgw:
- nameOverride: brmsgw
-nexus:
- nameOverride: nexus
-
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- preloadPolicies: false
- pdpPort: 8081
-
# default number of instances
replicaCount: 1
initialDelaySeconds: 10
periodSeconds: 10
-service:
- type: NodePort
- name: pap
- portName: pap
- internalPort: 8443
- externalPort: 8443
- nodePort: 19
- internalPort2: 9091
- externalPort2: 9091
- nodePort2: 18
-
-ingress:
- enabled: false
+mariadb-galera:
+ # mariadb-galera.config and global.mariadb.config must be equals
+ config:
+ <<: *mariadbConfig
+ userName: policy_user
+ mariadbRootPasswordExternalSecret: *dbRootPassSecretName
+ userCredentialsExternalSecret: *dbSecretName
+ nameOverride: policy-mariadb
+ # mariadb-galera.service and global.mariadb.service must be equals
+ service: *mariadbService
+ replicaCount: 1
+ persistence:
+ enabled: true
+ mountSubPath: policy/maria/data
+ externalConfig: |-
+ [mysqld]
+ lower_case_table_names = 1
-# Resource Limit flavor -By Default using small
-flavor: small
-# Segregation for Different environment (Small and Large)
-resources:
- small:
- limits:
- cpu: 1
- memory: 4Gi
- requests:
- cpu: 10m
- memory: 1Gi
- large:
- limits:
- cpu: 2
- memory: 8Gi
- requests:
- cpu: 20m
- memory: 2Gi
- unlimited: {}
Code Review / oom.git / blobdiff