#################################################################
global:
nodePortPrefix: 302
- repository: nexus3.onap.org:10001
- readinessRepository: oomk8s
- readinessImage: readiness-check:2.0.0
- loggingRepository: docker.elastic.co
- loggingImage: beats/filebeat:5.5.0
+
+secrets:
+ - uid: pg-root-pass
+ name: &pgRootPassSecretName '{{ include "common.release" . }}-vnfsdk-pg-root-pass'
+ type: password
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "vnfsdk-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
+ password: '{{ .Values.postgres.config.pgRootpassword }}'
+ policy: generate
+ - uid: pg-user-creds
+ name: &pgUserCredsSecretName '{{ include "common.release" . }}-vnfsdk-pg-user-creds'
+ type: basicAuth
+ externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "vnfsdk-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
+ login: '{{ .Values.postgres.config.pgUserName }}'
+ password: '{{ .Values.postgres.config.pgUserPassword }}'
+ passwordPolicy: generate
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+ nameOverride: refrepo-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: refrepo
+ fqi: refrepo@refrepo.onap.org
+ fqi_namespace: org.onap.refrepo
+ public_fqdn: refrepo.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ app_ns: org.osaaf.aaf
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: |
+ echo "*** transform AAF certs into pem files"
+ mkdir -p {{ .Values.credsPath }}/certs
+ echo "keystore password: $$cadi_keystore_password_p12"
+ openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \
+ -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \
+ -passin pass:$cadi_keystore_password_p12 \
+ -passout pass:$cadi_keystore_password_p12
+ echo "*** copy key"
+ cp {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \
+ {{ .Values.credsPath }}/certs/cert.key
+ echo "*** change ownership of certificates to targeted user"
+ chown -R 999 {{ .Values.credsPath }}/certs
+
#################################################################
# Application configuration defaults.
#################################################################
# application image
-repository: nexus3.onap.org:10001
-image: onap/vnfsdk/refrepo:1.1.1
+image: onap/vnfsdk/refrepo:1.6.3
pullPolicy: Always
+# application configuration override for postgres
postgres:
nameOverride: vnfsdk-postgres
service:
name: vnfsdk-dbset
name2: vnfsdk-dbpri
name3: vnfsdk-dbrep
- nfsprovisionerPrefix: vnfsdk
- persistence:
- mountSubPath: vnfsdk/data
- mountInitPath: vnfsdk
- enabled: true
- disableNfsProvisioner: true
container:
name:
primary: vnfsdk-dbpri
replica: vnfsdk-dbrep
+ persistence:
+ mountSubPath: vnfsdk/data
+ mountInitPath: vnfsdk
+ config:
+ pgUserName: postgres
+ pgDatabase: postgres
+ pgUserExternalSecret: *pgUserCredsSecretName
+ pgRootPasswordExternalSecret: *pgRootPassSecretName
# flag to enable debugging - application support required
debugEnabled: false
affinity: {}
+# Resource Limit flavor -By Default using small
+flavor: small
+# Segregation for Different environment (Small and Large)
+resources:
+ small:
+ limits:
+ cpu: 2000m
+ memory: 4Gi
+ requests:
+ cpu: 500m
+ memory: 1Gi
+ large:
+ limits:
+ cpu: 4000m
+ memory: 8Gi
+ requests:
+ cpu: 1000m
+ memory: 2Gi
+ unlimited: {}
+
# probe configuration parameters
liveness:
initialDelaySeconds: 10
enabled: true
readiness:
- initialDelaySeconds: 10
- periodSeconds: 10
+ initialDelaySeconds: 60
+ periodSeconds: 30
service:
type: NodePort
name: refrepo
- portName: refrepo
+ portName: https
nodePort: 97
- internalPort: 8702
+ internalPort: 8703
ingress:
enabled: false
+ service:
+ - baseaddr: "refrepo"
+ name: "refrepo"
+ port: 8703
+ config:
+ ssl: "redirect"
Code Review / oom.git / blobdiff