X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fa1policymanagement%2Fvalues.yaml;h=5c9c32186ae79c15d5324cc73789ae4d779e5310;hb=30ec390479c9b7eeeaa90f036be02162c29ae918;hp=21a86a0fe17d38a676db5214d3cc88f0eaf5956d;hpb=0892b9da788fe97ad4da289b0ecfe32a53b29372;p=oom.git diff --git a/kubernetes/a1policymanagement/values.yaml b/kubernetes/a1policymanagement/values.yaml index 21a86a0fe1..5c9c32186a 100644 --- a/kubernetes/a1policymanagement/values.yaml +++ b/kubernetes/a1policymanagement/values.yaml @@ -1,5 +1,6 @@ ################################################################################ # Copyright (c) 2020 Nordix Foundation. # +# Copyright © 2020 Samsung Electronics, Modifications # # # # Licensed under the Apache License, Version 2.0 (the "License"); # # you may not use this file except in compliance with the License. # @@ -18,8 +19,8 @@ # Declare variables to be passed into your templates. global: - nodePortPrefix: 300 - envsubstImage: dibi/envsubst + nodePortPrefix: 302 + persistence: {} secrets: - uid: controller-secret @@ -29,8 +30,42 @@ secrets: password: '{{ .Values.a1controller.password }}' passwordPolicy: required -repository: nexus3.onap.org:10001 -image: onap/ccsdk-oran-a1policymanagementservice:1.0.1 +################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: a1p-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: a1p + fqi: a1p@a1p.onap.org + public_fqdn: a1p.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + fqi_namespace: org.onap.a1p + aaf_add_config: | + echo "*** changing them into shell safe ones" + export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + cd {{ .Values.credsPath }} + keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ + -storepass "${cadi_keystore_password_p12}" \ + -keystore {{ .Values.fqi_namespace }}.p12 + keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \ + -storepass "${cadi_truststore_password}" \ + -keystore {{ .Values.fqi_namespace }}.trust.jks + echo "*** save the generated passwords" + echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop + echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 . + +image: onap/ccsdk-oran-a1policymanagementservice:1.1.3 +userID: 1000 #Should match with image-defined user ID +groupID: 999 #Should match with image-defined group ID pullPolicy: IfNotPresent replicaCount: 1 @@ -51,11 +86,24 @@ a1controller: password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U sdncLink: https://sdnc.onap:8443 -# Add your own A1 Mediator link. Supports both STD & OSC Version. ex. http://: -# Alternatively you can also use the A1 simulator available in ORAN. It provides STD & OSC Version for A1 termination. +# The information about A1-Mediator/RICs can be added here. +# The A1 policy management service supports both STD & OSC versions. +# Alternatively, the A1 simulator from ORAN-SC can also be used. It provides STD & OSC versions for A1 termination. # Refer source code & run in docker container : https://gerrit.o-ran-sc.org/r/admin/repos/sim/a1-interface -# Refer it/dep repo for k8's deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep -ricLink: +# Refer it/dep repo for k8s deployment: https://gerrit.o-ran-sc.org/r/admin/repos/it/dep +# Example configuration: +#rics: +# - name: ric1 +# link: http://ric1url.url.com:1111/ +# managedElementIds: +# - kista1 +# - kista2 +# - name: ric2 +# link: http://ric2url.url.com:2222/ +# managedElementIds: +# - kista3 +# - kista4 +rics: streamPublish: http://message-router:3904/events/A1-POLICY-AGENT-WRITE streamSubscribe: http://message-router:3904/events/A1-POLICY-AGENT-READ/users/policy-agent?timeout=15000&limit=100 @@ -75,10 +123,10 @@ resources: small: limits: cpu: 2 - memory: 4Gi + memory: 300Mi requests: cpu: 1 - memory: 2Gi + memory: 150Mi large: limits: cpu: 4 @@ -87,3 +135,28 @@ resources: cpu: 2 memory: 4Gi unlimited: {} + +## Persist data to a persistent volume +persistence: + enabled: true + + ## A manually managed Persistent Volume and Claim + ## Requires persistence.enabled: true + ## If defined, PVC must be created manually before volume will be bound + # existingClaim: + volumeReclaimPolicy: Retain + + ## database data Persistent Volume Storage Class + ## If defined, storageClassName: + ## If set to "-", storageClassName: "", which disables dynamic provisioning + ## If undefined (the default) or set to null, no storageClassName spec is + ## set, choosing the default provisioner. (gp2 on AWS, standard on + ## GKE, AWS & OpenStack) + ## + # storageClass: "-" + accessMode: ReadWriteOnce + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: nonrtric/policymanagementservice + +