X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-babel%2Fvalues.yaml;h=e058d82e46d94862276930c31f77acb7b8133ffe;hb=refs%2Fheads%2Fmaster;hp=f2dfd2c9c20b915278e9332bc28420f7db9b51c0;hpb=17e5ed5bfc16e0114928aaee93b8f51d72dd4bb7;p=oom.git diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml index f2dfd2c9c2..1ef70b2912 100644 --- a/kubernetes/aai/components/aai-babel/values.yaml +++ b/kubernetes/aai/components/aai-babel/values.yaml @@ -1,6 +1,7 @@ # Copyright © 2018 Amdocs, AT&T # Modifications Copyright © 2018 Bell Canada # Modifications Copyright © 2020, 2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,47 +20,12 @@ ################################################################# global: {} -################################################################# -# Certificate configuration -################################################################# -certInitializer: - nameOverride: aai-babel-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: aai - fqi: aai@aai.onap.org - public_fqdn: aai.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - fqi_namespace: org.onap.aai - aaf_add_config: | - echo "*** changing them into shell safe ones" - export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ - -storepass "${cadi_keystore_password_p12}" \ - -keystore {{ .Values.fqi_namespace }}.p12 - keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** writing passwords into prop file" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop - echo "KEY_STORE_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop - echo "KEY_MANAGER_PASSWORD=${KEYSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop - echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R 1000 {{ .Values.credsPath }} - ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/babel:1.9.2 +image: onap/babel:1.13.1 flavor: small flavorOverride: small @@ -67,6 +33,11 @@ flavorOverride: small # default number of instances replicaCount: 1 +updateStrategy: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 1 + nodeSelector: {} affinity: {} @@ -85,35 +56,43 @@ readiness: service: type: NodePort - portName: http - externalPort: 9516 internalPort: 9516 - nodePort: 79 + ports: + - name: http + port: 9516 + nodePort: 79 ingress: enabled: false service: - - baseaddr: "aaibabel" + - baseaddr: "aai-babel-api" name: "aai-babel" port: 9516 config: ssl: "redirect" +serviceMesh: + authorizationPolicy: + authorizedPrincipals: + - serviceAccount: aai-modelloader-read + - serviceAccount: istio-ingress + namespace: istio-ingress + resources: small: limits: - cpu: 2 - memory: 4Gi + cpu: "1" + memory: "4Gi" requests: - cpu: 0.5 - memory: 1Gi + cpu: "0.5" + memory: "1Gi" large: limits: - cpu: 4 - memory: 8Gi + cpu: "4" + memory: "8Gi" requests: - cpu: 2 - memory: 2Gi + cpu: "2" + memory: "2Gi" unlimited: {} #Pods Service Account @@ -125,4 +104,6 @@ serviceAccount: #Log configuration log: path: /var/log/onap + level: + root: INFO logConfigMapNamePrefix: '{{ include "common.fullname" . }}'