+# Copyright © 2020 Samsung Electronics, highstreet technologies GmbH
# Copyright © 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
nodePortPrefix: 302
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.2
+ readinessImage: onap/oom/readiness:3.0.1
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
persistence:
mountPath: /dockerdata-nfs
aafEnabled: true
+ # envsusbt
+ envsubstImage: dibi/envsubst
+ mariadbGalera:
+ #This flag allows SO to instantiate its own mariadb-galera cluster
+ #If shared instance is used, this chart assumes that DB already exists
+ localCluster: false
+ service: mariadb-galera
+ internalPort: 3306
+ nameOverride: mariadb-galera
+ # Enabling CMPv2
+ cmpv2Enabled: true
+ platform:
+ certServiceClient:
+ image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
+ secret:
+ name: oom-cert-service-client-tls-secret
+ mountPath: /etc/onap/oom/certservice/certs/
+ envVariables:
+ # Certificate related
+ cert_path: /var/custom-certs
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
+ common_name: "sdnc.simpledemo.onap.org"
+ requestURL: "https://oom-cert-service:8443/v1/certificate/"
+ requestTimeout: "30000"
+ keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
+ outputType: "P12"
+ keystorePassword: "secret"
+ truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
+ truststorePassword: "secret"
#################################################################
+# Secrets metaconfig
+#################################################################
+secrets:
+ - uid: db-root-password
+ name: '{{ include "common.release" . }}-sdnc-db-root-password'
+ type: password
+ externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
+ ternary (default (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName"
+ (index .Values "mariadb-galera" "nameOverride")))
+ (index .Values "mariadb-galera" "config"
+ "mariadbRootPasswordExternalSecret"))
+ (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) }}'
+ password: '{{ (index .Values "mariadb-galera" "config" "mariadbRootPassword") }}'
+ - uid: db-secret
+ name: &dbSecretName '{{ include "common.release" . }}-sdnc-db-secret'
+ type: basicAuth
+ # This is a nasty trick that allows you override this secret using external one
+ # with the same field that is used to pass this to subchart
+ externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret")) .) (hasSuffix "sdnc-db-secret" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret"))}}'
+ login: '{{ index .Values "mariadb-galera" "config" "userName" }}'
+ password: '{{ index .Values "mariadb-galera" "config" "userPassword" }}'
+ - uid: odl-creds
+ name: &odlCredsSecretName '{{ include "common.release" . }}-sdnc-odl-creds'
+ type: basicAuth
+ externalSecret: '{{ .Values.config.odlCredsExternalSecret }}'
+ login: '{{ .Values.config.odlUser }}'
+ password: '{{ .Values.config.odlPassword }}'
+ # For now this is left hardcoded but should be revisited in a future
+ passwordPolicy: required
+ - uid: netbox-apikey
+ type: password
+ externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}'
+ password: '{{ .Values.config.netboxApikey }}'
+ passwordPolicy: required
+ - uid: aai-user-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.config.aaiCredsExternalSecret}}'
+ login: '{{ .Values.config.aaiUser }}'
+ password: '{{ .Values.config.aaiPassword }}'
+ passwordPolicy: required
+ - uid: modeling-user-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.config.modelingCredsExternalSecret}}'
+ login: '{{ .Values.config.modelingUser }}'
+ password: '{{ .Values.config.modelingPassword }}'
+ passwordPolicy: required
+ - uid: restconf-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.config.restconfCredsExternalSecret}}'
+ login: '{{ .Values.config.restconfUser }}'
+ password: '{{ .Values.config.restconfPassword }}'
+ passwordPolicy: required
+ - uid: ansible-creds
+ name: &ansibleSecretName '{{ include "common.release" . }}-sdnc-ansible-creds'
+ type: basicAuth
+ externalSecret: '{{ .Values.config.ansibleCredsExternalSecret}}'
+ login: '{{ .Values.config.ansibleUser }}'
+ password: '{{ .Values.config.ansiblePassword }}'
+ passwordPolicy: required
+ - uid: scaleout-creds
+ type: basicAuth
+ externalSecret: '{{ .Values.config.scaleoutCredsExternalSecret}}'
+ login: '{{ .Values.config.scaleoutUser }}'
+ password: '{{ .Values.config.scaleoutPassword }}'
+ passwordPolicy: required
+#################################################################
# Application configuration defaults.
#################################################################
# application images
+
repository: nexus3.onap.org:10001
pullPolicy: Always
-image: onap/sdnc-image:1.7.6
-
+image: onap/sdnc-image:2.0.3
+busyboxRepository: docker.io
+busyboxImage: busybox:1.30
# flag to enable debugging - application support required
debugEnabled: false
config:
odlUid: 100
odlGid: 101
+ odlUser: admin
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
- dbRootPassword: secretpassword
- dbSdnctlUser: sdnctl
- dbSdnctlDatabase: sdnctl
- dbSdnctlPassword: gamma
+ # odlCredsExternalSecret: some secret
+ netboxApikey: onceuponatimeiplayedwithnetbox20180814
+ # netboxApikeyExternalSecret: some secret
+ aaiUser: sdnc@sdnc.onap.org
+ aaiPassword: demo123456!
+ # aaiCredsExternalSecret: some secret
+ modelingUser: ccsdkapps
+ modelingPassword: ccsdkapps
+ # modelingCredsExternalSecret: some secret
+ restconfUser: admin
+ restconfPassword: admin
+ # restconfCredsExternalSecret: some secret
+ scaleoutUser: admin
+ scaleoutPassword: admin
+ # scaleoutExternalSecret: some secret
+ ansibleUser: sdnc
+ ansiblePassword: sdnc
+ # ansibleCredsExternalSecret: some secret
+ dbSdnctlDatabase: &sdncDbName sdnctl
enableClustering: true
sdncHome: /opt/onap/sdnc
binDir: /opt/onap/sdnc/bin
peerODLCluster: 127.0.0.1
isPrimaryCluster: true
configDir: /opt/onap/sdnc/data/properties
+ ccsdkConfigDir: /opt/onap/ccsdk/data/properties
dmaapTopic: SUCCESS
dmaapPort: 3904
logstashServiceName: log-ls
logstashPort: 5044
ansibleServiceName: sdnc-ansible-server
ansiblePort: 8000
- javaHome: /usr/lib/jvm/java-1.8-openjdk
+ javaHome: /opt/java/openjdk
odl:
etcDir: /opt/opendaylight/etc
binDir: /opt/opendaylight/bin
+ gcLogDir: /opt/opendaylight/data/log
salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config
- salConfigVersion: 1.8.2
+ salConfigVersion: 1.9.1
akka:
seedNodeTimeout: 15s
circuitBreaker:
javaOptions:
maxGCPauseMillis: 100
parallelGCThreads : 3
- numberGGLogFiles: 10
-
-
+ numberGCLogFiles: 10
+ minMemory: 512m
+ maxMemory: 2048m
+ gcLogOptions: ""
+ # Next line enables gc logging
+ # gcLogOptions: "-Xlog:gc=trace:file={{.Values.config.odl.gcLogDir}}/gc-%t.log}:time,level,tags:filecount={{.Values.config.odl.javaOptions.numberGCLogFiles}}"
+ # enables sdnr functionality
+ sdnr:
+ enabled: true
+ # mode: web - SDNC contains device manager only plus dedicated webserver service for ODLUX (default),
+ # mode: dm - SDNC contains sdnr device manager + ODLUX components
+ mode: dm
+ # sdnronly: true starts sdnc container with odl and sdnrwt features only
+ sdnronly: false
+ sdnrdbTrustAllCerts: true
+ mountpointRegistrarEnabled: false
+ mountpointStateProviderEnabled: false
- #local Mariadb-galera cluster
- localDBCluster: false
- #Shared mariadb-galera details
- mariadbGalera:
- chartName: mariadb-galera
- serviceName: mariadb-galera
- internalPort: 3306
# dependency / sub-chart configuration
-aaf_init:
- agentImage: onap/aaf/aaf_agent:2.1.15
+certInitializer:
+ nameOverride: sdnc-cert-initializer
+ truststoreMountpath: /opt/onap/sdnc/data/stores
+ fqdn: "sdnc"
app_ns: "org.osaaf.aaf"
fqi: "sdnc@sdnc.onap.org"
- fqdn: "sdnc"
+ fqi_namespace: org.onap.sdnc
public_fqdn: "sdnc.onap.org"
- deploy_fqi: "deployer@people.osaaf.org"
- deploy_pass: "demo123456!"
+ aafDeployFqi: "deployer@people.osaaf.org"
+ aafDeployPass: demo123456!
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ cd /opt/app/osaaf/local;
+ /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1
+
+# dependency / sub-chart configuration
+network-name-gen:
+ enabled: true
+mariadb-galera: &mariadbGalera
+ nameOverride: sdnc-db
+ config: &mariadbGaleraConfig
+ rootPasswordExternalSecret: '{{ ternary (include "common.release" .)-sdnc-db-root-password "" .Values.global.mariadbGalera.localCluster }}'
+ userName: sdnctl
+ userCredentialsExternalSecret: *dbSecretName
+ service:
+ name: sdnc-dbhost
+ internalPort: 3306
+ sdnctlPrefix: sdnc
+ persistence:
+ mountSubPath: sdnc/mariadb-galera
+ enabled: true
+ replicaCount: 1
cds:
enabled: false
dmaap-listener:
+ enabled: true
nameOverride: sdnc-dmaap-listener
+ mariadb-galera:
+ <<: *mariadbGalera
+ config:
+ <<: *mariadbGaleraConfig
+ mysqlDatabase: *sdncDbName
config:
sdncChartName: sdnc
- mysqlChartName: mariadb-galera
dmaapPort: 3904
sdncPort: 8282
configDir: /opt/onap/sdnc/data/properties
- odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ odlCredsExternalSecret: *odlCredsSecretName
ueb-listener:
+ enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
+ config:
+ <<: *mariadbGaleraConfig
+ mysqlDatabase: *sdncDbName
nameOverride: sdnc-ueb-listener
config:
sdncPort: 8282
sdncChartName: sdnc
- mysqlChartName: mariadb-galera
- configDir: /opt/onap/sdnc/data/properties
- odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
-
-sdnc-portal:
- config:
- sdncChartName: sdnc
- mysqlChartName: mariadb-galera
configDir: /opt/onap/sdnc/data/properties
- dbRootPassword: secretpassword
- dbSdnctlPassword: gamma
- odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+ odlCredsExternalSecret: *odlCredsSecretName
sdnc-ansible-server:
+ enabled: true
+ config:
+ restCredsExternalSecret: *ansibleSecretName
+ mariadb-galera:
+ <<: *mariadbGalera
+ config:
+ <<: *mariadbGaleraConfig
+ mysqlDatabase: ansible
service:
name: sdnc-ansible-server
internalPort: 8000
- config:
- mysqlServiceName: mariadb-galera
-
-mariadb-galera:
- nameOverride: sdnc-db
- service:
- name: sdnc-dbhost
- internalPort: 3306
- sdnctlPrefix: sdnc
- persistence:
- mountSubPath: sdnc/mariadb-galera
- enabled: true
- replicaCount: 1
dgbuilder:
+ enabled: true
nameOverride: sdnc-dgbuilder
+ certInitializer:
+ nameOverride: sdnc-dgbuilder-cert-initializer
config:
+ db:
+ dbName: *sdncDbName
+ rootPasswordExternalSecret: '{{ ternary (printf "%s-sdnc-db-root-password" (include "common.release" .)) (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" "mariadb-galera")) .Values.global.mariadbGalera.localCluster }}'
+ userCredentialsExternalSecret: *dbSecretName
dbPodName: mariadb-galera
dbServiceName: mariadb-galera
- dbRootPassword: secretpassword
- dbSdnctlPassword: gamma
+ # This should be revisited and changed to plain text
dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
+ mariadb-galera:
service:
name: sdnc-dgbuilder
nodePort: "03"
+ ingress:
+ enabled: false
+ service:
+ - baseaddr: "sdnc-dgbuilder"
+ name: "sdnc-dgbuilder"
+ port: 3000
+ - baseaddr: "sdnc-web-service"
+ name: "sdnc-web-service"
+ port: 8443
+ config:
+ ssl: "redirect"
+
+
+
+# local elasticsearch cluster
+localElasticCluster: true
+elasticsearch:
+ nameOverride: sdnrdb
+ name: sdnrdb-cluster
+ certInitializer:
+ fqdn: "sdnc"
+ fqi_namespace: org.onap.sdnc
+ fqi: "sdnc@sdnc.onap.org"
+ service:
+ name: sdnrdb
+ master:
+ replicaCount: 3
+ # dedicatednode: "yes"
+ # working as master node only, in this case increase replicaCount for elasticsearch-data
+ # dedicatednode: "no"
+ # handles master and data node functionality
+ dedicatednode: "no"
+ nameOverride: sdnrdb
+# enable
+sdnc-web:
+ enabled: false
# default number of instances
replicaCount: 1
#port
externalPort: 8282
- nodePort: "02"
externalPort2: 8202
- nodePort2: "08"
externalPort3: 8280
- nodePort3: 46
externalPort4: 8443
nodePort4: 67
ingress:
enabled: false
service:
- - baseaddr: "sdnc"
+ - baseaddr: "sdnc.api"
name: "sdnc"
port: 8443
config: