nodePortPrefixExt: 304
persistence:
mountPath: /dockerdata-nfs
- aafEnabled: true
centralizedLoggingEnabled: true
mariadbGalera:
#This flag allows SO to instantiate its own mariadb-galera cluster
externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}'
password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}'
passwordPolicy: required
-
+ - uid: ves-collector-secret
+ type: basicAuth
+ login: '{{ .Values.config.sdnr.vesCollector.username }}'
+ password: '{{ .Values.config.sdnr.vesCollector.password }}'
#################################################################
# Certificates
#################################################################
# application images
pullPolicy: Always
-image: onap/sdnc-image:2.2.2
+image: onap/sdnc-image:2.4.2
# flag to enable debugging - application support required
debugEnabled: false
ansibleUser: sdnc
ansiblePassword: sdnc
# ansibleCredsExternalSecret: some secret
+
dbSdnctlDatabase: &sdncDbName sdnctl
enableClustering: true
sdncHome: /opt/onap/sdnc
title: ONAP Keycloak Provider
roleMapping:
mykeycloak: admin
-
-# dependency / sub-chart configuration
-certInitializer:
- nameOverride: sdnc-cert-initializer
- truststoreMountpath: /opt/onap/sdnc/data/stores
- fqdn: "sdnc"
- app_ns: "org.osaaf.aaf"
- fqi: "sdnc@sdnc.onap.org"
- fqi_namespace: org.onap.sdnc
- public_fqdn: "sdnc.onap.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- cadi_latitude: "38.0"
- cadi_longitude: "-72.0"
- credsPath: /opt/app/osaaf/local
- aaf_add_config: >
- cd /opt/app/osaaf/local;
- /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} | grep cadi_keystore_password= | cut -d= -f 2 > {{ .Values.credsPath }}/.pass 2>&1
+ vesCollector:
+ enabled: false
+ tls:
+ enabled: true
+ trustAllCertificates: false
+ username: sample1
+ password: sample1
+ address: dcae-ves-collector.onap
+ port: 8080
+ version: v7
+ reportingEntityName: ONAP SDN-R
+ eventLogMsgDetail: SHORT
# dependency / sub-chart configuration
network-name-gen:
dgbuilder:
enabled: true
nameOverride: sdnc-dgbuilder
- certInitializer:
- nameOverride: sdnc-dgbuilder-cert-initializer
config:
db:
dbName: *sdncDbName
mariadb-galera:
service:
name: sdnc-dgbuilder
- nodePort: "03"
+ ports:
+ - name: http
+ port: 3100
+ nodePort: 03
ingress:
enabled: false
service:
- - baseaddr: "sdnc-dgbuilder"
+ - baseaddr: "sdnc-dgbuilder-ui"
name: "sdnc-dgbuilder"
- port: 3000
- - baseaddr: "sdnc-web-service"
- name: "sdnc-web-service"
- port: 8443
+ port: 3100
config:
ssl: "redirect"
elasticsearch:
nameOverride: &elasticSearchName sdnrdb
name: sdnrdb-cluster
- certInitializer:
- fqdn: "sdnc"
- fqi_namespace: org.onap.sdnc
- fqi: "sdnc@sdnc.onap.org"
service:
name: *elasticSearchName
master:
dedicatednode: "no"
nameOverride: *elasticSearchName
cluster_name: sdnrdb-cluster
+
# enable
sdnc-web:
enabled: true
service:
type: NodePort
name: sdnc
- portName: sdnc
+ portName: http
internalPort: 8181
internalPort2: 8101
internalPort3: 8080
- internalPort4: 8443
#port
externalPort: 8282
externalPort3: 8280
- externalPort4: 8443
nodePort4: 67
clusterPort: 2550
geoNodePort5: 65
geoNodePort6: 66
- callHomePort: 6666
+ callHomePort: &chport 4334
callHomeNodePort: 66
## Persist data to a persitent volume
journalPath: /opt/opendaylight/segmented-journal
snapshotsPath: /opt/opendaylight/snapshots
-certpersistence:
- enabled: true
-
- ## A manually managed Persistent Volume and Claim
- ## Requires persistence.enabled: true
- ## If defined, PVC must be created manually before volume will be bound
- # existingClaim:
-
- volumeReclaimPolicy: Retain
- accessMode: ReadWriteOnce
- size: 50Mi
- mountPath: /dockerdata-nfs
- mountSubPath: sdnc/certs
- certPath: /opt/app/osaaf
- ##storageClass: "manual"
-
ingress:
enabled: false
service:
- - baseaddr: "sdnc.api"
- name: "sdnc"
- port: 8443
+ - baseaddr: "sdnc-api"
+ name: "sdnc"
+ port: 8282
+ - baseaddr: "sdnc-callhome"
+ name: "sdnc-callhome"
+ port: *chport
+ protocol: tcp
+ exposedPort: *chport
+ exposedProtocol: TCP
config:
ssl: "redirect"
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: a1policymanagement-read
+ - serviceAccount: cds-blueprints-processor-read
+ - serviceAccount: consul-read
+ - serviceAccount: ncmp-dmi-plugin-read
+ - serviceAccount: policy-drools-pdp-read
+ - serviceAccount: robot-read
+ - serviceAccount: sdnc-ansible-server-read
+ - serviceAccount: sdnc-dmaap-listener-read
+ - serviceAccount: sdnc-prom-read
+ - serviceAccount: sdnc-ueb-listener-read
+ - serviceAccount: sdnc-web-read
+ - serviceAccount: so-sdnc-adapter-read
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+ authorizedPrincipalsSdnHosts:
+ - serviceAccount: sdnc-read
+
#Resource Limit flavor -By Default using small
flavor: small
#segregation for different envionment (Small and Large)
Code Review / oom.git / blobdiff