X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fcomponents%2Faai-traversal%2Fvalues.yaml;h=fb4453f766b3ecbb13b43732799f35ef4bf2ecbb;hb=49a40b21008be7220eb26b3f5784e756359e82c0;hp=b5d99fdbda3ba5e8a2b6a32a8efe2fc7c86ecfe7;hpb=9e0814551cf6e87a553d9066c18854e02c71cea5;p=oom.git diff --git a/kubernetes/aai/components/aai-traversal/values.yaml b/kubernetes/aai/components/aai-traversal/values.yaml index b5d99fdbda..fb4453f766 100644 --- a/kubernetes/aai/components/aai-traversal/values.yaml +++ b/kubernetes/aai/components/aai-traversal/values.yaml @@ -1,6 +1,7 @@ # Copyright (c) 2018 Amdocs, Bell Canada, AT&T # Modifications Copyright (c) 2020 Nokia # Modifications Copyright (c) 2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,7 +20,6 @@ # Declare variables to be passed into your templates. global: # global defaults nodePortPrefix: 302 - aafEnabled: true cassandra: #Service Name of the cassandra cluster to connect to. @@ -59,7 +59,7 @@ global: # global defaults # Active spring profiles for the resources microservice profiles: - active: production,dmaap #,aaf-auth ,keycloak + active: production,dmaap # Notification event specific properties notification: @@ -70,7 +70,7 @@ global: # global defaults schema: # Specifies if the connection should be one way ssl, two way ssl or no auth service: - client: one-way-ssl + client: no-auth # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service translator: list: schema-service @@ -106,41 +106,8 @@ global: # global defaults realtime: clients: SDNC,MSO,SO,robot-ete -################################################################# -# Certificate configuration -################################################################# -certInitializer: - nameOverride: aai-traversal-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: aai-traversal - fqi: aai-traversal@aai-traversal.onap.org - public_fqdn: aai-traversal.onap.org - cadi_longitude: "0.0" - cadi_latitude: "0.0" - app_ns: org.osaaf.aaf - credsPath: /opt/app/osaaf/local - fqi_namespace: org.onap.aai-traversal - aaf_add_config: | - echo "*** changing them into shell safe ones" - export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - export TRUSTSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) - cd {{ .Values.credsPath }} - keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ - -storepass "${cadi_keystore_password_p12}" \ - -keystore {{ .Values.fqi_namespace }}.p12 - keytool -storepasswd -new "${TRUSTSTORE_PASSWORD}" \ - -storepass "${cadi_truststore_password}" \ - -keystore {{ .Values.fqi_namespace }}.trust.jks - echo "*** save the generated passwords" - echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop - echo "TRUSTSTORE_PASSWORD=${TRUSTSTORE_PASSWORD}" >> mycreds.prop - echo "*** change ownership of certificates to targeted user" - chown -R 1000 {{ .Values.credsPath }} - # application image -image: onap/aai-traversal:1.11.1 +image: onap/aai-traversal:1.11.2 pullPolicy: Always restartPolicy: Always flavor: small @@ -231,12 +198,6 @@ persistence: # default number of instances replicaCount: 1 -minReadySeconds: 10 -updateStrategy: - type: RollingUpdate - maxUnavailable: 0 - maxSurge: 1 - nodeSelector: {} affinity: {} @@ -259,7 +220,7 @@ service: internalPort: 8446 portName2: tcp-5005 internalPort2: 5005 - portName3: aai-traversal-8448 + portName3: http-traversal internalPort3: 8448 terminationGracePeriodSeconds: 120 sessionAffinity: None @@ -267,15 +228,21 @@ service: ingress: enabled: false +serviceMesh: + authorizationPolicy: + authorizedPrincipals: + - serviceAccount: aai-read + - serviceAccount: consul-read + # To make logback capping values configurable logback: - logToFileEnabled: true + logToFileEnabled: false maxHistory: 7 totalSizeCap: 6GB queueSize: 1000 accessLogback: - logToFileEnabled: true + logToFileEnabled: false maxHistory: 7 totalSizeCap: 6GB