X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdcaegen2-services%2Fcomponents%2Fdcae-pmsh%2Fvalues.yaml;h=0f7289cc07a62c2594441ed7ccac33ec53e08ce2;hb=refs%2Fheads%2Fmaster;hp=80014e752889195597c8322c884642cd327f00aa;hpb=a95892917fa78ff4c8d4bd0a6094b99b9225bf19;p=oom.git diff --git a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml index 80014e7528..0f7289cc07 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pmsh/values.yaml @@ -1,6 +1,7 @@ # ================================ LICENSE_START ============================= # ============================================================================ # Copyright (C) 2021 Nordix Foundation. +# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved. # ============================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -34,11 +35,6 @@ filebeatConfig: # Secrets Configuration. ################################################################# secrets: - - uid: &aafCredsUID aafcreds - type: basicAuth - login: '{{ .Values.aafCreds.identity }}' - password: '{{ .Values.aafCreds.password }}' - passwordPolicy: required - uid: &pgUserCredsSecretUid pg-user-creds name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds' type: basicAuth @@ -47,17 +43,11 @@ secrets: password: '{{ .Values.postgres.config.pgUserPassword }}' passwordPolicy: generate -################################################################# -# InitContainer Images. -################################################################# -tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 -consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 - ################################################################# # Application Configuration Defaults. ################################################################# # Application Image -image: onap/org.onap.dcaegen2.services.pmsh:2.0.0 +image: onap/org.onap.dcaegen2.services.pmsh:2.2.3 pullPolicy: Always # Log directory where logging sidecar should look for log files @@ -67,57 +57,37 @@ log: path: /var/log/ONAP/dcaegen2/services/pmsh logConfigMapNamePrefix: '{{ include "common.fullname" . }}' -# Directory where TLS certs should be stored -# if absent, no certs will be retrieved and stored -certDirectory: /opt/app/pmsh/etc/certs - -# TLS role -- set to true if microservice acts as server -# If true, an init container will retrieve a server cert -# and key from AAF and mount them in certDirectory. -tlsServer: true - -# Dependencies -readinessCheck: - wait_for: - - aaf-cm - - &postgresName dcae-pmsh-postgres - # Probe Configuration readiness: initialDelaySeconds: 10 periodSeconds: 15 timeoutSeconds: 1 path: /healthcheck - scheme: HTTPS - port: 8443 + scheme: HTTP + port: 8080 # Service Configuration service: type: ClusterIP name: dcae-pmsh ports: - - name: https - port: 8443 + - name: http + port: 8080 + plain_port: 8080 port_protocol: http -# AAF Credentials -aafCreds: - identity: dcae@dcae.onap.org - password: demo123456! - -credentials: -- name: AAF_IDENTITY - uid: *aafCredsUID - key: login -- name: AAF_PASSWORD - uid: *aafCredsUID - key: password +serviceMesh: + authorizationPolicy: + authorizedPrincipals: + - serviceAccount: message-router-read + authorizedPrincipalsPostgres: + - serviceAccount: dcae-pmsh-read # Initial Application Configuration applicationConfig: - enable_tls: true - aaf_identity: ${AAF_IDENTITY} - aaf_password: ${AAF_PASSWORD} + enable_tls: false + aaf_identity: dummy_value + aaf_password: dummy_value key_path: /opt/app/pmsh/etc/certs/key.pem cert_path: /opt/app/pmsh/etc/certs/cert.pem ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem @@ -135,16 +105,16 @@ applicationConfig: policy_pm_publisher: type: message_router dmaap_info: - topic_url: "https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT" + topic_url: "http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT" streams_subscribes: policy_pm_subscriber: type: message_router dmaap_info: - topic_url: "https://message-router:3905/events/unauthenticated.PMSH_CL_INPUT" + topic_url: "http://message-router:3904/events/unauthenticated.PMSH_CL_INPUT" aai_subscriber: type: message_router dmaap_info: - topic_url: "https://message-router:3905/events/AAI-EVENT" + topic_url: "http://message-router:3904/events/AAI-EVENT" applicationEnv: PMSH_PG_URL: &dcaePmshPgPrimary dcae-pmsh-pg-primary @@ -154,6 +124,7 @@ applicationEnv: PMSH_PG_PASSWORD: secretUid: *pgUserCredsSecretUid key: password + PMSH_API_PORT: '8080' # Resource Limit Flavor -By Default Using Small flavor: small @@ -162,25 +133,25 @@ flavor: small resources: small: limits: - cpu: 1 - memory: 1Gi + cpu: "1" + memory: "1Gi" requests: - cpu: 1 - memory: 1Gi + cpu: "1" + memory: "1Gi" large: limits: - cpu: 2 - memory: 2Gi + cpu: "2" + memory: "2Gi" requests: - cpu: 2 - memory: 2Gi + cpu: "2" + memory: "2Gi" unlimited: {} ################################################################# # Application configuration Overriding Defaults in the Postgres. ################################################################# postgres: - nameOverride: *postgresName + nameOverride: &postgresName dcae-pmsh-postgres service: name: *postgresName name2: *dcaePmshPgPrimary @@ -197,6 +168,13 @@ postgres: pgDatabase: pmsh pgUserExternalSecret: *pgUserCredsSecretName +# Dependencies +readinessCheck: + wait_for: + services: + - '{{ .Values.postgres.service.name2 }}' + - message-router + #Pods Service Account serviceAccount: nameOverride: dcae-pmsh