X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdcaegen2-services%2Fcomponents%2Fdcae-ves-collector%2Fvalues.yaml;h=8e83cf6b04c9273f420d6024756916b36cfc8c33;hb=4753743f0743a6b22f69e718c3cdb4ba8843cea6;hp=9e9750a56fed9270344bcd148375a0a409047804;hpb=d91dacc25d7d9c01242aaac57384d2a32cedddad;p=oom.git diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index 9e9750a56f..8e83cf6b04 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -1,8 +1,9 @@ #============LICENSE_START======================================================== # ================================================================================ # Copyright (c) 2021-2022 Nokia. All rights reserved. -# Copyright (c) 2021-2022 J. F. Lucas. All rights reserved. +# Copyright (c) 2021-2023 J. F. Lucas. All rights reserved. # Copyright (c) 2022 AT&T Intellectual Property. All rights reserved. +# Copyright (c) 2024 Deutsche Telekom Intellectual Property. All rights reserved. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -35,14 +36,13 @@ filebeatConfig: ################################################################# # initContainer images. ################################################################# -tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 certPostProcessorImage: onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.5.0 ################################################################# # Application configuration defaults. ################################################################# # application image -image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.11.1 +image: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.12.4 pullPolicy: Always # log directory where logging sidecar should look for log files @@ -56,11 +56,6 @@ logConfigMapNamePrefix: '{{ include "common.fullname" . }}' # if absent, no certs will be retrieved and stored certDirectory: /opt/app/dcae-certificate -# TLS role -- set to true if microservice acts as server -# If true, an init container will retrieve a server cert -# and key from AAF and mount them in certDirectory. -tlsServer: false - # CMPv2 certificate # It is used only when: # - certDirectory is set @@ -117,10 +112,87 @@ ingress: config: ssl: "redirect" +serviceMesh: + authorizationPolicy: + authorizedPrincipals: + - serviceAccount: istio-ingress + namespace: istio-ingress + # application environments applicationEnv: CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' LOG4J_FORMAT_MSG_NO_LOOKUPS: 'true' + BOOTSTRAP_SERVERS: '{{ include "common.release" . }}-strimzi-kafka-bootstrap:9092' + JAAS_CONFIG: + externalSecret: true + externalSecretUid: '{{ include "common.name" . }}-ku' + key: sasl.jaas.config + +# Strimzi Kafka config +kafkaUser: + acls: + - name: unauthenticated.VES_PNFREG_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.VES_NOTIFICATION_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_HEARTBEAT_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_OTHER_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_FAULT_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.VES_MEASUREMENT_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + - name: unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT + type: topic + patternType: literal + operations: [Write, DescribeConfigs] + +kafkaTopic: + - name: unauthenticated.VES_PNFREG_OUTPUT + strimziTopicName: unauthenticated.ves-pnfreg-output + - name: unauthenticated.VES_NOTIFICATION_OUTPUT + strimziTopicName: unauthenticated.ves-notification-output + - name: unauthenticated.SEC_HEARTBEAT_OUTPUT + strimziTopicName: unauthenticated.sec-heartbeat-output + - name: unauthenticated.SEC_OTHER_OUTPUT + strimziTopicName: unauthenticated.sec-other-output + - name: unauthenticated.SEC_FAULT_OUTPUT + strimziTopicName: unauthenticated.sec-fault-output + - name: unauthenticated.VES_MEASUREMENT_OUTPUT + strimziTopicName: unauthenticated.ves-measurment-output + - name: unauthenticated.SEC_3GPP_FAULTSUPERVISION_OUTPUT + strimziTopicName: unauthenticated.sec-3gpp-faultsupervision-output + - name: unauthenticated.SEC_3GPP_PROVISIONING_OUTPUT + strimziTopicName: unauthenticated.sec-3gpp-provisioning-output + - name: unauthenticated.SEC_3GPP_HEARTBEAT_OUTPUT + strimziTopicName: unauthenticated.sec-3gpp-heartbeat-output + - name: unauthenticated.SEC_3GPP_PERFORMANCEASSURANCE_OUTPUT + strimziTopicName: unauthenticated.sec-3gpp-performanceassurance-output # initial application configuration applicationConfig: @@ -201,18 +273,18 @@ flavor: small resources: small: limits: - cpu: 2 - memory: 2Gi + cpu: "2" + memory: "1.5Gi" requests: - cpu: 1 - memory: 1Gi + cpu: "1" + memory: "1.5Gi" large: limits: - cpu: 4 - memory: 4Gi + cpu: "4" + memory: "3Gi" requests: - cpu: 2 - memory: 2Gi + cpu: "2" + memory: "3Gi" unlimited: {} #Pods Service Account