X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdmaap%2Fcomponents%2Fmessage-router%2Fvalues.yaml;h=11daae0de880fca4c46032d84ea40d5cf003dcef;hb=e7d568734785b8b77ec25362aa59fd4eaa5f1be3;hp=78721169d43be3960070c788aeee0d85477fb00b;hpb=5438ebdbe1237a4972feb4146b7a5412bf040044;p=oom.git

diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index 78721169d4..11daae0de8 100644
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -1,5 +1,6 @@
 # Copyright Â© 2017 Amdocs, Bell Canada
 # Modifications Copyright Â© 2018 AT&T
+# Modifications Copyright Â© 2021-2022 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,31 +19,77 @@
 #################################################################
 global:
   nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
-  loggingRepository: docker.elastic.co
-  loggingImage: beats/filebeat:5.5.0
+  kafkaBootstrap: strimzi-kafka-bootstrap
+  saslMechanism: scram-sha-512
+  kafkaInternalPort: 9092
+  zkTunnelService:
+    type: ClusterIP
+    name: zk-tunnel-svc
+    portName: tcp-zk-tunnel
+    internalPort: 2181
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: dmaap-mr-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: dmaap-mr
+  fqi: dmaapmr@mr.dmaap.onap.org
+  public_fqdn: mr.dmaap.onap.org
+  cadi_longitude: "-122.26147"
+  cadi_latitude: "37.78187"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  appMountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops
+  fqi_namespace: org.onap.dmaap.mr
+  aaf_add_config: |
+    cd {{ .Values.credsPath }}
+    echo "*** change jks password into shell safe one"
+    export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
+      -storepass "${cadi_keystore_password_jks}" \
+      -keystore {{ .Values.fqi_namespace }}.jks
+    echo "*** set key password as same password as jks keystore password"
+      keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
+        -keystore {{ .Values.fqi_namespace }}.jks \
+        -keypass "${cadi_keystore_password_jks}" \
+        -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
+    echo "*** store the passwords"
+    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
+    echo "KEYSTORE_PASSWORD_P12=${cadi_keystore_password_p12}" >> mycreds.prop
+    echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> mycreds.prop
+    echo "*** give ownership of files to the user"
+    chown -R 1000 .
 
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.18
+image: onap/dmaap/dmaap-mr:1.3.2
 pullPolicy: Always
 
-kafka:
-  name: message-router-kafka
-  port: 9092
 zookeeper:
-  name: message-router-zookeeper
-  port: 2181
+  entrance:
+    image: scholzj/zoo-entrance:latest
+
+secrets:
+  - uid: mr-kafka-admin-secret
+    externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+    type: genericKV
+    envs:
+      - name: sasl.jaas.config
+        value: '{{ .Values.config.someConfig }}'
+        policy: generate
 
 # flag to enable debugging - application support required
 debugEnabled: false
 
 # application configuration
-config: {}
+config:
+  someConfig: blah
 
 # default number of instances
 replicaCount: 1
@@ -53,18 +100,30 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 70
+  initialDelaySeconds: 10
   periodSeconds: 10
   timeoutSeconds: 1
+  successThreshold: 1
+  failureThreshold: 3
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   port: api
   enabled: true
 
 readiness:
-  initialDelaySeconds: 70
+  initialDelaySeconds: 10
   periodSeconds: 10
   timeoutSeconds: 1
+  successThreshold: 1
+  failureThreshold: 3
+  port: api
+
+startup:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  timeoutSeconds: 1
+  successThreshold: 1
+  failureThreshold: 70
   port: api
 
 service:
@@ -89,12 +148,18 @@ prometheus:
     enabled: false
     image: solsson/kafka-prometheus-jmx-exporter@sha256
     imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
-    imageRepository: docker.io
     port: 5556
     targetPort: 5555
 
 ingress:
   enabled: false
+  service:
+    - baseaddr: "mr.api"
+      name: "message-router"
+      port: 3905
+  config:
+    ssl: "redirect"
+
 
 # Resource Limit flavor -By Default using small
 flavor: small
@@ -115,3 +180,9 @@ resources:
       cpu: 1000m
       memory: 2Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: message-router
+  roles:
+    - read