X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdmaap%2Fcomponents%2Fdmaap-bc%2Fvalues.yaml;h=bc8325a6dd86799bc3f2ffe1ef69618bf533c31c;hb=0d5c917c02b40b335251a39952bb46f70bcb73ce;hp=046f64d9a8c6e608e37335b5d7955b3a8be7f27e;hpb=72d5d13247c5b924ffde2cd449bd0715a117cf98;p=oom.git diff --git a/kubernetes/dmaap/components/dmaap-bc/values.yaml b/kubernetes/dmaap/components/dmaap-bc/values.yaml index 046f64d9a8..bc8325a6dd 100644 --- a/kubernetes/dmaap/components/dmaap-bc/values.yaml +++ b/kubernetes/dmaap/components/dmaap-bc/values.yaml @@ -18,10 +18,21 @@ ################################################################# global: nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.0 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 + +secrets: + - uid: pg-root-pass + name: &pgRootPassSecretName '{{ include "common.release" . }}-dmaap-bc-pg-root-pass' + type: password + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "dmaap-bc-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' + password: '{{ .Values.postgres.config.pgRootpassword }}' + policy: generate + - uid: pg-user-creds + name: &pgUserCredsSecretName '{{ include "common.release" . }}-dmaap-bc-pg-user-creds' + type: basicAuth + externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "dmaap-bc-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' + login: '{{ .Values.postgres.config.pgUserName }}' + password: '{{ .Values.postgres.config.pgUserPassword }}' + passwordPolicy: generate ################################################################# # Application configuration defaults. @@ -29,8 +40,7 @@ global: pullPolicy: Always # application images -repository: nexus3.onap.org:10001 -image: onap/dmaap/dmaap-bc:2.0.3 +image: onap/dmaap/dmaap-bc:2.0.8 # application configuration @@ -47,18 +57,24 @@ topicMgrPwd: demo123456! adminUser: aaf_admin@people.osaaf.org adminPwd: demo123456! -#AAF local config -aafConfig: - aafDeployFqi: dmaap-bc@dmaap-bc.onap.org +################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: dmaap-bc-cert-initializer + aafDeployFqi: deployer@people.osaaf.org aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret fqdn: dmaap-bc fqi: dmaap-bc@dmaap-bc.onap.org publicFqdn: dmaap-bc.onap.org cadiLatitude: 0.0 cadiLongitude: 0.0 + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local persistence: - aafCredsPath: /opt/app/osaaf/local + aafCredsPath: /opt/app/osaaf/local/ # for Casablanca default deployment, leave this true to # get a topic namespace that matches MR. When set to false, @@ -79,24 +95,24 @@ liveness: periodSeconds: 10 # necessary to disable liveness probe when setting breakpoints # in debugger so K8s doesn't restart unresponsive container - enabled: false + port: api + enabled: true readiness: initialDelaySeconds: 10 periodSeconds: 10 + port: api service: type: NodePort name: dmaap-bc - portName: dmaap-bc - portName2: dmaap-bc - externalPort: 8080 - internalPort: 8080 - externalPort2: 8443 - internalPort2: 8443 - nodePort: 41 - nodePort2: 42 + ports: + - name: api + port: 8443 + plain_port: 8080 + port_protocol: http + nodePort: 42 # application configuration override for postgres @@ -113,9 +129,8 @@ postgres: config: pgUserName: dmaap_admin pgDatabase: dmaap - pgPrimaryPassword: onapdemodb - pgUserPassword: onapdemodb - pgRootPassword: onapdemodb + pgUserExternalSecret: *pgUserCredsSecretName + pgRootPasswordExternalSecret: *pgRootPassSecretName persistence: mountSubPath: dbc/data mountInitPath: dbc @@ -131,6 +146,11 @@ ingress: # Resource Limit flavor -By Default using small flavor: small + +securityContext: + user_id: 1000 + group_id: 101 + # Segregation for Different environment (Small and Large) resources: small: @@ -148,3 +168,14 @@ resources: cpu: 2 memory: 2Gi unlimited: {} + +#Pods Service Account +serviceAccount: + nameOverride: dmaap-bc + roles: + - read + +wait_for_job_container: + containers: + - 'dmaap-provisioning-job' +