X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fvalues.yaml;h=b023a8b0c3213a31e5864b19b7f7807036b30056;hb=d12c16773174e0cdd1fcdd861c7b93ae05de1bc9;hp=aa0e376b29a5981d17e7855df014607d0f19e68f;hpb=0fa70e83be577f2127ac5047ebb7607acb186477;p=oom.git diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index aa0e376b29..b023a8b0c3 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -2,6 +2,7 @@ # Modifications Copyright (c) 2018 AT&T # Modifications Copyright (c) 2020 Nokia, Orange # Modifications Copyright (c) 2021 Orange +# Modifications Copyright © 2023 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -31,9 +32,9 @@ global: # global defaults restartPolicy: Always - aafEnabled: true - msbEnabled: true - centralizedLoggingEnabled: true + aafEnabled: false + msbEnabled: false + centralizedLoggingEnabled: false cassandra: #This will instantiate AAI cassandra cluster, default:shared cassandra. @@ -61,10 +62,6 @@ global: # global defaults serviceName: aai-resources sparkyBe: serviceName: aai-sparky-be - dataRouter: - serviceName: aai-data-router - gizmo: - serviceName: aai-gizmo modelloader: serviceName: aai-modelloader searchData: @@ -73,8 +70,6 @@ global: # global defaults serviceName: aai-traversal graphadmin: serviceName: aai-graphadmin - spike: - serviceName: aai-spike initContainers: enabled: true @@ -217,7 +212,7 @@ global: # global defaults # Specifies if the connection should be one way ssl, two way ssl or no auth # will be set to no-auth if tls is disabled service: - client: one-way-ssl + client: no-auth # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service translator: list: schema-service @@ -231,11 +226,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v24 + default: v27 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26,v27 # Specifies from which version related link should appear related: link: v11 @@ -292,43 +287,9 @@ aai-sparky-be: aai-traversal: logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' -################################################################# -# Certificate configuration -################################################################# -certInitializer: - nameOverride: aai-cert-initializer - aafDeployFqi: deployer@people.osaaf.org - aafDeployPass: demo123456! - # aafDeployCredsExternalSecret: some secret - fqdn: "aai" - app_ns: "org.osaaf.aaf" - fqi_namespace: "org.onap.aai" - fqi: "aai@aai.onap.org" - public_fqdn: "aaf.osaaf.org" - cadi_longitude: "0.0" - cadi_latitude: "0.0" - credsPath: /opt/app/osaaf/local - aaf_add_config: | - echo "*** transform AAF certs into pem files" - mkdir -p {{ .Values.credsPath }}/certs - keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \ - -keystore {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.trust.jks \ - -alias ca_local_0 \ - -storepass $cadi_truststore_password - openssl pkcs12 -in {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.p12 \ - -nokeys -out {{ .Values.credsPath }}/certs/cert.pem \ - -passin pass:$cadi_keystore_password_p12 \ - -passout pass:$cadi_keystore_password_p12 - echo "*** generating needed file" - cat {{ .Values.credsPath }}/certs/cert.pem \ - {{ .Values.credsPath }}/certs/cacert.pem \ - {{ .Values.credsPath }}/{{ .Values.fqi_namespace }}.key \ - > {{ .Values.credsPath }}/certs/fullchain.pem; - chown 1001 {{ .Values.credsPath }}/certs/* - # application image dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.4.2 +image: onap/aai-haproxy:1.11.0 pullPolicy: Always flavor: small @@ -345,15 +306,27 @@ config: # default number of instances replicaCount: 1 +updateStrategy: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 1 + nodeSelector: {} affinity: {} # HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns haproxy: + initContainers: + resources: + memory: 100Mi + cpu: 50m requestBlocking: enabled: false customConfigs: [] + replicas: + aaiResources: 1 + aaiTraversal: 1 # probe configuration parameters liveness: @@ -389,19 +362,43 @@ service: externalPort: 8443 internalPort: 8443 nodePort: 33 - # POLICY hotfix - Note this must be temporary - # See https://jira.onap.org/browse/POLICY-510 - aaiServiceClusterIp: externalPlainPort: 80 internalPlainPort: 8080 nodeport: 33 + aaiServiceClusterIp: + sessionAffinity: None + +metricsService: + type: ClusterIP + portName: prometheus + externalPort: 8448 + internalPort: 8448 + +metrics: + serviceMonitor: + enabled: false + targetPort: 8448 + path: /metrics + basicAuth: + enabled: false + + selector: + app: '{{ include "common.name" . }}-metrics' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' + + relabelings: [] + + metricRelabelings: [] ingress: enabled: false service: - - baseaddr: "aai.api" + - baseaddr: "aai-api" name: "aai" port: 8443 + plain_port: 80 config: ssl: "redirect"