X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-modelloader%2Fvalues.yaml;h=ab3d8646c25bc37c05cbbd33cd4b7465f64c73cf;hb=refs%2Fheads%2Fmaster;hp=3b7d79e4a330ca9e48fb0c0df78ab3a43bb806da;hpb=db31b8313e56aea6907191fba45b6a82504707c0;p=oom.git diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml index 3b7d79e4a3..6d43771660 100644 --- a/kubernetes/aai/components/aai-modelloader/values.yaml +++ b/kubernetes/aai/components/aai-modelloader/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 Amdocs, Bell Canada, AT&T # Modifications Copyright © 2020-2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,88 +19,121 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) + auth: + # users that can authenticate via basic auth + users: + - username: aai@aai.onap.org + password: demo123456! + - username: AAI + password: AAI -################################################################# -# Certificate configuration -################################################################# -certInitializer: - nameOverride: aai-ml-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: aai - fqi: aai@aai.onap.org - public_fqdn: aai.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - appMountPath: /opt/app/model-loader/config/auth/aaf - fqi_namespace: org.onap.aai - user_id: &user_id 1000 - group_id: &group_id 1000 - aaf_add_config: | - echo "*** changing them into shell safe ones" - export KEYSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTSTORE_PLAIN_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PLAIN_PASSWORD}" \ - -storepass "${cadi_keystore_password_p12}" \ - -keystore {{ .Values.fqi_namespace }}.p12 - keytool -storepasswd -new "${TRUSTSTORE_PLAIN_PASSWORD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** writing passwords into prop file" - echo "KEYSTORE_PLAIN_PASSWORD=${KEYSTORE_PLAIN_PASSWORD}" > {{ .Values.credsPath }}/mycreds.prop - echo "TRUSTSTORE_PLAIN_PASSWORD=${TRUSTSTORE_PLAIN_PASSWORD}" >> {{ .Values.credsPath }}/mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R {{ .Values.user_id }}:{{ .Values.group_id }} {{ .Values.credsPath }} # application image -image: onap/model-loader:1.9.4 +image: onap/model-loader:1.14.3 pullPolicy: Always restartPolicy: Always flavor: small -flavorOverride: small -# application configuration -config: {} + +# Strimzi KafkaUser config +kafkaUser: + acls: + - name: aai + type: group + operations: [Read] + - name: SDC-DISTR + type: topic + patternType: prefix + operations: [Read, Write] # default number of instances replicaCount: 1 +# number of ReplicaSets that should be retained for the Deployment +revisionHistoryLimit: 1 + +updateStrategy: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 1 + +# adds jvm args for remote debugging the application +debug: + enabled: false + args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005" + port: 5005 + portName: debug + +# adds jvm args for remote profiling the application +profiling: + enabled: false + args: + - "-Dcom.sun.management.jmxremote" + - "-Dcom.sun.management.jmxremote.ssl=false" + - "-Dcom.sun.management.jmxremote.authenticate=false" + - "-Dcom.sun.management.jmxremote.local.only=false" + - "-Dcom.sun.management.jmxremote.port=9999" + - "-Dcom.sun.management.jmxremote.rmi.port=9999" + - "-Djava.rmi.server.hostname=127.0.0.1" + port: 9999 + portName: jmx + + nodeSelector: {} affinity: {} +service: + # REST API port for the graphadmin microservice + appPortName: http + appPort: 9500 + # probe configuration parameters liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container enabled: true + path: /healthz + periodSeconds: 10 + initialDelaySeconds: 10 readiness: - initialDelaySeconds: 10 + path: /healthz periodSeconds: 10 + initialDelaySeconds: 10 resources: small: limits: - cpu: 2 - memory: 4Gi + cpu: "1" + memory: "4Gi" requests: - cpu: 0.5 - memory: 1Gi + cpu: "500m" + memory: "1Gi" large: limits: - cpu: 4 - memory: 8Gi + cpu: "2" + memory: "8Gi" requests: - cpu: 1 - memory: 1536Mi + cpu: "1" + memory: "2Gi" unlimited: {} +# use this to define service specific overrides +# for the global.tracing.* config keys +tracing: + ignorePatterns: + - /aai/util.* + +metrics: + podMonitor: + enabled: true + port: http + path: /actuator/prometheus + #Pods Service Account serviceAccount: nameOverride: aai-modelloader @@ -108,10 +142,16 @@ serviceAccount: # Not fully used for now securityContext: - user_id: *user_id - group_id: *group_id + user_id: 1000 + group_id: 1000 #Log configuration log: path: /var/log/onap + level: + root: INFO logConfigMapNamePrefix: '{{ include "common.fullname" . }}' + +volumes: + logSizeLimit: 64Mi + tmpSizeLimit: 100Mi