X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-traversal%2Fvalues.yaml;h=a1c383e5225c828ac2a718d8fc2c5ab59358f060;hb=21d48641d6344e9f00523ca15d49d44fcdb277b3;hp=e532384ccc748884b5e36eada20a429ebfe0d1ab;hpb=46fb5809d4aa57c10c57ee6b828b72b9a80ccd9b;p=oom.git

diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml
index e532384ccc..a1c383e522 100644
--- a/kubernetes/aai/components/aai-traversal/values.yaml
+++ b/kubernetes/aai/components/aai-traversal/values.yaml
@@ -1,6 +1,7 @@
 # Copyright (c) 2018 Amdocs, Bell Canada, AT&T
 # Modifications Copyright (c) 2020 Nokia
 # Modifications Copyright (c) 2021 Orange
+# Modifications Copyright © 2023 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -19,7 +20,6 @@
 # Declare variables to be passed into your templates.
 global: # global defaults
   nodePortPrefix: 302
-  aafEnabled: true
 
   cassandra:
     #Service Name of the cassandra cluster to connect to.
@@ -59,7 +59,7 @@ global: # global defaults
 
     # Active spring profiles for the resources microservice
     profiles:
-      active: production,dmaap #,aaf-auth ,keycloak
+      active: production,dmaap
 
     # Notification event specific properties
     notification:
@@ -70,7 +70,7 @@ global: # global defaults
     schema:
       # Specifies if the connection should be one way ssl, two way ssl or no auth
       service:
-        client: one-way-ssl
+        client: no-auth
       # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service
       translator:
         list: schema-service
@@ -84,11 +84,11 @@ global: # global defaults
       version:
         # Current version of the REST API
         api:
-          default: v27
+          default: v28
         # Specifies which version the depth parameter is configurable
         depth: v11
         # List of all the supported versions of the API
-        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27
+        list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27,v28
         # Specifies from which version related link should appear
         related:
           link: v11
@@ -106,41 +106,8 @@ global: # global defaults
     realtime:
       clients: SDNC,MSO,SO,robot-ete
 
-#################################################################
-# Certificate configuration
-#################################################################
-certInitializer:
-  nameOverride: aai-traversal-cert-initializer
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  # aafDeployCredsExternalSecret: some secret
-  fqdn: aai-traversal
-  fqi: aai-traversal@aai-traversal.onap.org
-  public_fqdn: aai-traversal.onap.org
-  cadi_longitude: "0.0"
-  cadi_latitude: "0.0"
-  app_ns: org.osaaf.aaf
-  credsPath: /opt/app/osaaf/local
-  fqi_namespace: org.onap.aai-traversal
-  aaf_add_config: |
-    echo "*** changing them into shell safe ones"
-    export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
-    export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
-    cd {{ .Values.credsPath }}
-    keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \
-      -storepass "${cadi_keystore_password_p12}" \
-      -keystore {{ .Values.fqi_namespace }}.p12
-    keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \
-      -storepass "${cadi_truststore_password}" \
-      -keystore {{ .Values.fqi_namespace }}.trust.jks
-    echo "*** save the generated passwords"
-    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop
-    echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop
-    echo "*** change ownership of certificates to targeted user"
-    chown -R 1000 {{ .Values.credsPath }}
-
 # application image
-image: onap/aai-traversal:1.11.1
+image: onap/aai-traversal:1.12.3
 pullPolicy: Always
 restartPolicy: Always
 flavor: small
@@ -175,7 +142,6 @@ aai_enpoints:
 
 # application configuration
 config:
-
   # configure keycloak according to your environment.
   # don't forget to add keycloak in active profiles above (global.config.profiles)
   keycloak:
@@ -189,6 +155,18 @@ config:
     # the data-owner property with the given role to the user in keycloak
     multiTenancy:
       enabled: true
+  janusgraph:
+    caching:
+      # enable when running read-heavy workloads
+      # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache
+      # modifications to graph done by other services (resources) will only be visible
+      # after time specified in db-cache-time
+      enabled: false
+      # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching
+      dbCacheTime: 180000 # in milliseconds
+      dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running
+      dbCacheCleanWait: 20 # in milliseconds
+
 
   # Specifies timeout information such as application specific and limits
   timeout:
@@ -199,6 +177,29 @@ config:
     # Specifies how long should it wait before timing out the REST request
     limit: 180000
 
+  # environment variables added to the launch of the image in deployment
+  env:
+    MIN_HEAP_SIZE: "512m"
+    MAX_HEAP_SIZE: "1024m"
+    MAX_METASPACE_SIZE: "512m"
+
+  # adds jvm args for remote debugging the application
+  debug:
+    enabled: false
+    args: "-agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=5005"
+
+  # adds jvm args for remote profiling the application
+  profiling:
+    enabled: false
+    args:
+      - "-Dcom.sun.management.jmxremote"
+      - "-Dcom.sun.management.jmxremote.ssl=false"
+      - "-Dcom.sun.management.jmxremote.authenticate=false"
+      - "-Dcom.sun.management.jmxremote.local.only=false"
+      - "-Dcom.sun.management.jmxremote.port=9999"
+      - "-Dcom.sun.management.jmxremote.rmi.port=9999"
+      - "-Djava.rmi.server.hostname=127.0.0.1"
+
   # Disables the updateQueryData script to run as part of traversal
   disableUpdateQuery: true
 
@@ -253,7 +254,7 @@ service:
   internalPort: 8446
   portName2: tcp-5005
   internalPort2: 5005
-  portName3: aai-traversal-8448
+  portName3: http-traversal
   internalPort3: 8448
   terminationGracePeriodSeconds: 120
   sessionAffinity: None
@@ -261,15 +262,22 @@ service:
 ingress:
   enabled: false
 
+serviceMesh:
+  authorizationPolicy:
+    authorizedPrincipals:
+      - serviceAccount: aai-read
+      - serviceAccount: consul-read
+
 # To make logback capping values configurable
 logback:
-  logToFileEnabled: true
+  logToFileEnabled: false
   maxHistory: 7
   totalSizeCap: 6GB
   queueSize: 1000
 
 accessLogback:
-  logToFileEnabled: true
+  livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
+  logToFileEnabled: false
   maxHistory: 7
   totalSizeCap: 6GB
 
@@ -292,11 +300,18 @@ resources:
       memory: 4Gi
   unlimited: {}
 
+endpoints:
+  enabled: true
+  health:
+    enabled: true
+  info:
+    enabled: true
+
 metrics:
   serviceMonitor:
     enabled: false
     targetPort: 8448
-    path: /prometheus
+    path: /actuator/prometheus
     basicAuth:
       enabled: false
       externalSecretName: mysecretname