[MARIADB][SO] Connect MariaDB Galera via master node

[oom.git] / kubernetes / so / components / so-sdc-controller / values.yaml

diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml
index dbde748..cab0d44 100755 (executable)
--- a/kubernetes/so/components/so-sdc-controller/values.yaml
+++ b/kubernetes/so/components/so-sdc-controller/values.yaml
@@ -20,7 +20,9 @@ global:
   persistence:
     mountPath: /dockerdata-nfs
   mariadbGalera:
-    serviceName: mariadb-galera
+    # flag to enable the DB creation via mariadb-operator
+    useOperator: true
+    service: mariadb-galera
     servicePort: '3306'
   soSdcListenerKafkaUser: so-sdc-list-user
 
@@ -45,13 +47,6 @@ secrets:
     login: '{{ .Values.db.adminName }}'
     password: '{{ .Values.db.adminPassword }}'
     passwordPolicy: required
-  - uid: so-sdc-kafka-secret
-    externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
-    type: genericKV
-    envs:
-      - name: sasl.jaas.config
-        value: '{{ .Values.config.someConfig }}'
-        policy: generate
 
 #secretsFilePaths: |
 #  - 'my file 1'
@@ -60,9 +55,18 @@ secrets:
 #################################################################
 # Application configuration defaults.
 #################################################################
-image: onap/so/sdc-controller:1.12.0
+image: onap/so/sdc-controller:1.12.2
 pullPolicy: Always
 
+# Local mariadb galera instance default name
+mariadb-galera:
+  nameOverride: so-mariadb-galera
+  service:
+    internalPort: 3306
+  mariadbOperator:
+    galera:
+      enabled: false
+
 db:
   userName: so_user
   userPassword: so_User123
@@ -83,27 +87,19 @@ mso:
   asdc-connections:
     asdc-controller1:
       password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
-config:
-  someConfig: blah
-  kafka:
-    securityProtocol: SASL_PLAINTEXT
-    saslMechanism: SCRAM-SHA-512
-    authType: simple
-    sdcTopic:
-      pattern: SDC-DIST
-      consumerGroup: so
-      clientId: SO-sdc-controller
 
 replicaCount: 1
 minReadySeconds: 10
 containerPort: &containerPort 8085
 logPath: ./logs/sdc/
 app: sdc-controller
+
 service:
   type: ClusterIP
   ports:
     - name: http
       port: *containerPort
+
 updateStrategy:
   type: RollingUpdate
   maxUnavailable: 1
@@ -121,19 +117,20 @@ flavor: small
 resources:
   small:
     limits:
-      memory: 4Gi
-      cpu: 2000m
+      memory: 1.5Gi
+      cpu: 1
     requests:
-      memory: 1Gi
-      cpu: 500m
+      memory: 1.5Gi
+      cpu: 0.5
   large:
     limits:
-      memory: 8Gi
-      cpu: 4000m
+      memory: 3Gi
+      cpu: 2
     requests:
-      memory: 2Gi
-      cpu: 1000m
+      memory: 3Gi
+      cpu: 1
   unlimited: {}
+
 livenessProbe:
   path: /manage/health
   port: 8085
@@ -143,12 +140,31 @@ livenessProbe:
   timeoutSeconds: 10
   successThreshold: 1
   failureThreshold: 3
+
 ingress:
   enabled: false
+
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: robot-read
+      - serviceAccount: so-read
+
 nodeSelector: {}
 tolerations: []
 affinity: {}
 
+# Strimzi KafkaUser config
+kafkaUser:
+  acls:
+    - name: SO
+      type: group
+      operations: [Read]
+    - name: SDC-DISTR
+      type: topic
+      patternType: prefix
+      operations: [Read, Write]
+
 #Pods Service Account
 serviceAccount:
   nameOverride: so-sdc-controller