# Copyright © 2018 AT&T USA
# Copyright © 2020 Huawei
+# Copyright © 2021 Orange
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
- repository: nexus3.onap.org:10001
- readinessImage: onap/oom/readiness:3.0.1
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
- soBaseImage: onap/so/base-image:1.0
aafAgentImage: onap/aaf/aaf_agent:2.1.20
+ centralizedLoggingEnabled: true
mariadbGalera:
nameOverride: mariadb-galera
serviceName: mariadb-galera
siteName: onapheat
auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
defaultCloudOwner: onap
- client:
- certs:
- truststore: /app/client/org.onap.so.trust.jks
- keystore: /app/client/org.onap.so.jks
- trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI
- keyStorePassword: c280b25hcA==
+
certificates:
path: /etc/ssl/certs
share_path: /usr/local/share/ca-certificates/
+readinessCheck:
+ wait_for:
+ jobs:
+ - '{{ include "common.release" . }}-so-mariadb-config-job'
+
#################################################################
# Secrets metaconfig
#################################################################
- uid: db-root-pass
name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass'
type: password
- externalSecret: '{{ ternary .Values.global.mariadbGalera.rootPasswordExternalSecret (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.rootPasswordExternalSecret) .Values.global.mariadbGalera.localCluster }}'
+ externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary
+ .Values.global.mariadbGalera.rootPasswordExternalSecret
+ (default (include "common.mariadb.secret.rootPassSecretName"
+ (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride))
+ .Values.global.mariadbGalera.rootPasswordExternalSecret) }}'
password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}'
- uid: db-backup-creds
name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds'
login: '{{ .Values.dbCreds.adminName }}'
password: '{{ .Values.dbCreds.adminPassword }}'
passwordPolicy: generate
- - uid: 'so-onap-certs'
- name: &so-certs '{{ include "common.release" . }}-so-certs'
- externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
- type: generic
- filePaths:
- - resources/config/certificates/msb-ca.crt
- uid: 'mso-key'
name: &mso-key '{{ include "common.release" . }}-mso-key'
type: password
aaf:
trustore: org.onap.so.trust.jks
+#################################################################
+# AAF part for Ingress
+#################################################################
+certInitializer:
+ nameOverride: so-tls-cert
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: so
+ fqi: so@so.onap.org
+ public_fqdn: so.onap.org
+ fqi_namespace: org.onap.so
+ cadi_longitude: '0.0'
+ cadi_latitude: '0.0'
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ ingressTlsSecret: '{{ include "common.release" . }}-so-ingress-certs'
+
#################################################################
# Application configuration defaults.
#################################################################
userName: so_user
adminName: so_admin
+image: onap/so/api-handler-infra:1.11.0
+
server:
aaf:
username: so@so.onap.org
password: password1$
# bpelCredsExternalSecret: some secret
-repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.7.9
pullPolicy: Always
-
replicaCount: 1
minReadySeconds: 10
-
containerPort: &containerPort 8080
-
logPath: ./logs/apih/
-
app: api-handler-infra
-
service:
type: NodePort
nodePort: 77
internalPort: *containerPort
externalPort: *containerPort
- portName: so-apih-port
-
+ portName: http
updateStrategy:
type: RollingUpdate
maxUnavailable: 1
certInitializer:
nameOverride: so-apih-cert-init
credsPath: /opt/app/osaaf/local
- certSecret: *so-certs
containerPort: *containerPort
# Resource Limit flavor -By Default using small
config:
logstashServiceName: log-ls
logstashPort: 5044
+ # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3
+ openStackKeystoneVersion: "KEYSTONE"
#Used only if localCluster is enabled. Instantiates SO's own cassandra cluster
#helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \
# --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \
# --set so.global.mariadbGalera.serviceName=so-mariadb-galera
mariadb-galera:
- config:
- mariadbRootPasswordExternalSecret: *dbRootPassSecretName
- nameOverride: so-mariadb-galera
+ rootUser:
+ externalSecret: *dbRootPassSecretName
+ nameOverride: &so-mariadb so-mariadb-galera
replicaCount: 1
- service:
- name: so-mariadb-galera
persistence:
mountSubPath: so/mariadb-galera/data
enabled: true
+ serviceAccount:
+ nameOverride: *so-mariadb
ingress:
enabled: false
service:
- - baseaddr: 'so.api'
+ - baseaddr: 'so-api'
name: 'so'
port: 8080
config:
- ssl: 'none'
+ tls:
+ secret: '{{ include "common.release" . }}-so-ingress-certs'
mso:
adapters:
auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
so-appc-orchestrator:
- enabled: true
+ enabled: false
server:
actuatorCredsExternalSecret: *actuator-secrets
db:
so-bpmn-infra:
db:
<<: *dbSecrets
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-catalog-db-adapter:
enabled: true
so-cnf-adapter:
enabled: true
+ db:
+ <<: *dbSecrets
server:
aafCredsExternalSecret: *aaf-secrets
aaiCredsExternalSecret: *aai-secrets
userCredsExternalSecret: *dbUserCredsSecretName
adminCredsExternalSecret: *dbAdminCredsSecretName
-so-monitoring:
+so-admin-cockpit:
enabled: true
db:
<<: *dbSecrets
camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
oof:
authSecret: *mso-oof-auth
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-openstack-adapter:
enabled: true
db:
<<: *dbSecrets
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-request-db-adapter:
db:
so-sdc-controller:
db:
<<: *dbSecrets
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-sdnc-adapter:
enabled: true
db:
<<: *dbSecrets
+ mso:
+ msoKeySecret: *mso-key
+ logConfigMapNamePrefix: '{{ include "common.release" . }}-so'
so-ve-vnfm-adapter:
- enabled: true
+ enabled: false
-so-vfc-adapter:
+so-etsi-sol005-adapter:
enabled: true
db:
<<: *dbSecrets
-so-vnfm-adapter:
+so-etsi-sol003-adapter:
enabled: true
+
+#Pods Service Account
+serviceAccount:
+ nameOverride: so
+ roles:
+ - read
+
+#Log configuration
+log:
+ path: /var/log/onap
Code Review / oom.git / blobdiff