X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Faai%2Fvalues.yaml;h=c19f193736aeced73a7e425e0da196c2e705b5f9;hb=d135f78a03e72c3072e9498a500d3d9f91a6c941;hp=1e509bd48da76627b50dd4aa3e4ce03bb6f400e2;hpb=cce7fa63c498e51a0327378e87d253f5cf17ca05;p=oom.git diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index 1e509bd48d..c19f193736 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -33,6 +33,7 @@ global: # global defaults aafEnabled: true msbEnabled: true + centralizedLoggingEnabled: true cassandra: #This will instantiate AAI cassandra cluster, default:shared cassandra. @@ -202,8 +203,9 @@ global: # global defaults passwd: AAI # Active spring profiles for the resources microservice + # aaf-auth profile will be automatically set if aaf enabled is set to true profiles: - active: production,dmaap,aaf-auth + active: production,dmaap #,aaf-auth # Notification event specific properties notification: @@ -213,6 +215,7 @@ global: # global defaults # Schema specific properties that include supported versions of api schema: # Specifies if the connection should be one way ssl, two way ssl or no auth + # will be set to no-auth if tls is disabled service: client: one-way-ssl # Specifies which translator to use if it has schema-service, then it will make a rest request to schema service @@ -228,11 +231,11 @@ global: # global defaults version: # Current version of the REST API api: - default: v23 + default: v26 # Specifies which version the depth parameter is configurable depth: v11 # List of all the supported versions of the API - list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23 + list: v11,v12,v13,v14,v15,v16,v17,v18,v19,v20,v21,v22,v23,v24,v25,v26 # Specifies from which version related link should appear related: link: v11 @@ -249,12 +252,12 @@ global: # global defaults # Keystore configuration password and filename keystore: filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 + passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit # Truststore configuration password and filename truststore: filename: aai_keystore - passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 + passwd: OBF:1vn21ugu1saj1v9i1v941sar1ugw1vo0 # changeit # Specifies a list of files to be included in auth volume auth: @@ -274,6 +277,21 @@ global: # global defaults # since when this is enabled, it prints a lot of information to console enabled: false +aai-babel: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' +aai-graphadmin: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' +aai-modelloader: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' +aai-resources: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' +aai-schema-service: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' +aai-sparky-be: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' +aai-traversal: + logConfigMapNamePrefix: '{{ include "common.release" . }}-aai' + ################################################################# # Certificate configuration ################################################################# @@ -291,10 +309,6 @@ certInitializer: cadi_latitude: "0.0" credsPath: /opt/app/osaaf/local aaf_add_config: | - echo "*** retrieving passwords from AAF" - /opt/app/aaf_config/bin/agent.sh local showpass \ - {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop - export $(grep '^c' {{ .Values.credsPath }}/mycreds.prop | xargs -0) echo "*** transform AAF certs into pem files" mkdir -p {{ .Values.credsPath }}/certs keytool -exportcert -rfc -file {{ .Values.credsPath }}/certs/cacert.pem \ @@ -314,7 +328,7 @@ certInitializer: # application image dockerhubRepository: registry.hub.docker.com -image: aaionap/haproxy:1.4.2 +image: onap/aai-haproxy:1.9.6 pullPolicy: Always flavor: small @@ -331,10 +345,28 @@ config: # default number of instances replicaCount: 1 +updateStrategy: + type: RollingUpdate + maxUnavailable: 0 + maxSurge: 1 + nodeSelector: {} affinity: {} +# HAProxy configuration to block HTTP requests to AAI based on configurable URL patterns +haproxy: + initContainers: + resources: + memory: 100Mi + cpu: 50m + requestBlocking: + enabled: false + customConfigs: [] + replicas: + aaiResources: 1 + aaiTraversal: 1 + # probe configuration parameters liveness: initialDelaySeconds: 10 @@ -350,6 +382,8 @@ liveness: # --set aai.global.cassandra.serviceName=aai-cassandra cassandra: nameOverride: aai-cassandra + serviceAccount: + nameOverride: aai-cassandra replicaCount: 3 service: name: aai-cassandra @@ -363,13 +397,42 @@ readiness: service: type: NodePort - portName: aai-ssl + portName: http externalPort: 8443 internalPort: 8443 nodePort: 33 # POLICY hotfix - Note this must be temporary # See https://jira.onap.org/browse/POLICY-510 aaiServiceClusterIp: + externalPlainPort: 80 + internalPlainPort: 8080 + nodeport: 33 + aaiServiceClusterIp: + sessionAffinity: None + +metricsService: + type: ClusterIP + portName: prometheus + externalPort: 8448 + internalPort: 8448 + +metrics: + serviceMonitor: + enabled: false + targetPort: 8448 + path: /metrics + basicAuth: + enabled: false + + selector: + app: '{{ include "common.name" . }}-metrics' + chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}' + release: '{{ include "common.release" . }}' + heritage: '{{ .Release.Service }}' + + relabelings: [] + + metricRelabelings: [] ingress: enabled: false @@ -377,8 +440,8 @@ ingress: - baseaddr: "aai.api" name: "aai" port: 8443 - config: - ssl: "redirect" + config: + ssl: "redirect" resources: small: @@ -396,3 +459,9 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: aai + roles: + - read