nodePortPrefixExt: 304
centralizedLoggingEnabled: true
mariadbGalera:
+ # flag to enable the DB creation via mariadb-operator
+ useOperator: true
nameOverride: mariadb-galera
- serviceName: mariadb-galera
servicePort: '3306'
service: mariadb-galera
internalPort: '3306'
- # mariadbRootPassword: secretpassword
- # rootPasswordExternalSecret: some secret
#This flag allows SO to instantiate its own mariadb-galera cluster,
#serviceName and nameOverride should be so-mariadb-galera if this flag is enabled
localCluster: false
auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
defaultCloudOwner: onap
- soSdcListenerKafkaUser: so-sdc-list-user
-
readinessCheck:
wait_for:
jobs:
- uid: db-root-pass
name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass'
type: password
- externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary
- .Values.global.mariadbGalera.rootPasswordExternalSecret
- (default (include "common.mariadb.secret.rootPassSecretName"
- (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride))
- .Values.global.mariadbGalera.rootPasswordExternalSecret) }}'
+ # If we're using shared mariadb, we need to use the secret name (second
+ # part).
+ # If not, we do the same trick than for user db secret hat allows you
+ # override this secret using external one with the same field that is used
+ # to pass this to subchart.
+ externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
+ ternary ((hasSuffix "so-db-root-pass" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
+ ternary
+ ""
+ (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .))
+ (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" .
+ "chartName" .Values.global.mariadbGalera.nameOverride)) }}'
password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
- uid: db-backup-creds
name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
userName: so_user
adminName: so_admin
-image: onap/so/api-handler-infra:1.11.0
+image: onap/so/api-handler-infra:1.12.2
server:
aai:
resources:
small:
limits:
- cpu: 2000m
+ cpu: 1
memory: 4Gi
requests:
- cpu: 500m
+ cpu: 0.5
memory: 1Gi
large:
limits:
- cpu: 4000m
+ cpu: 2
memory: 8Gi
requests:
- cpu: 1000m
+ cpu: 1
memory: 2Gi
unlimited: {}
# --set so.global.mariadbGalera.localCluster=true \
# --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
# --set so.global.mariadbGalera.serviceName=so-mariadb-galera
-mariadb-galera:
+mariadb-galera: &mariadbGalera
rootUser:
externalSecret: *dbRootPassSecretName
nameOverride: &so-mariadb so-mariadb-galera
replicaCount: 1
+ service:
+ name: *so-mariadb
+ portName: *so-mariadb
+ internalPort: 3306
+ mariadbOperator:
+ galera:
+ enabled: false
persistence:
mountSubPath: so/mariadb-galera/data
enabled: true
name: 'so'
port: 8080
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: consul-read
+ - serviceAccount: consul-server-read
+ - serviceAccount: nbi-read
+ - serviceAccount: policy-drools-pdp-read
+ - serviceAccount: so-bpmn-infra-read
+ - serviceAccount: robot-read
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
mso:
adapters:
requestDb:
auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
so-bpmn-infra:
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-catalog-db-adapter:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
so-cnf-adapter:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
server:
so-cnfm-lcm:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
so-etsi-nfvo-ns-lcm:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
so-mariadb:
+ mariadb-galera:
+ <<: *mariadbGalera
db:
rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
- rootPasswordExternalSecret: '{{ ternary .Values.db.rootPasswordExternalSecretLocalDb (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
+ #rootPasswordExternalSecretLocalDb: *dbRootPassSecretName
+ rootPasswordExternalSecret: '{{ ternary (tpl .Values.db.rootPasswordExternalSecretLocalDb .) (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.localCluster }}'
backupCredsExternalSecret: *dbBackupCredsSecretName
userCredsExternalSecret: *dbUserCredsSecretName
adminCredsExternalSecret: *dbAdminCredsSecretName
so-admin-cockpit:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
server:
actuatorCredsExternalSecret: *actuator-secrets
bpelCredsExternalSecret: *bpel-secrets
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
so-oof-adapter:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
mso:
so-openstack-adapter:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-request-db-adapter:
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
so-sdc-controller:
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
- config:
- jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.soSdcListenerKafkaUser }}'
so-sdnc-adapter:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
mso:
so-etsi-sol005-adapter:
enabled: true
+ mariadb-galera:
+ <<: *mariadbGalera
db:
<<: *dbSecrets
Code Review / oom.git / blobdiff