X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fonap%2Fvalues.yaml;h=53769409383da510a9244fc16261380a50acc14f;hb=66d9e19d299cb8c08c11676a7cdfc464e4a776db;hp=2791f0fab0997ce71a9dd7fbd76cd43d4798309e;hpb=b339cc457fbffcf5425c36ca0c46c439fba864b5;p=oom.git diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 2791f0fab0..5376940938 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -40,38 +40,80 @@ global: addTestingComponents: &testing false # ONAP Repository - # Uncomment the following to enable the use of a single docker - # repository but ONLY if your repository mirrors all ONAP - # docker images. This includes all images from dockerhub and - # any other repository that hosts images for ONAP components. - #repository: nexus3.onap.org:10001 + # Four different repositories are used + # You can change individually these repositories to ones that will serve the + # right images. If credentials are needed for one of them, see below. + repository: nexus3.onap.org:10001 + dockerHubRepository: &dockerHubRepository docker.io + elasticRepository: &elasticRepository docker.elastic.co + googleK8sRepository: k8s.gcr.io + + + #/!\ DEPRECATED /!\ + # Legacy repositories which will be removed at the end of migration. + # Please don't use + loggingRepository: *elasticRepository + busyboxRepository: *dockerHubRepository + + # Default credentials + # they're optional. If the target repository doesn't need them, comment them repositoryCred: user: docker password: docker - dockerHubRepository: docker.io - - # readiness check - readinessImage: onap/oom/readiness:3.0.1 + # If you want / need authentication on the repositories, please set + # Don't set them if the target repo is the same than others + # so id you've set repository to value `my.private.repo` and same for + # dockerHubRepository, you'll have to configure only repository (exclusive) OR + # dockerHubCred. + # dockerHubCred: + # user: myuser + # password: mypassord + # elasticCred: + # user: myuser + # password: mypassord + # googleK8sCred: + # user: myuser + # password: mypassord + + + # common global images + # Busybox for simple shell manipulation + busyboxImage: busybox:1.32 # curl image curlImage: curlimages/curl:7.69.1 - # logging agent - temporary repo until images migrated to nexus3 - loggingRepository: docker.elastic.co + # env substitution image + envsubstImage: dibi/envsubst:1 + + # generate htpasswd files image + # there's only latest image for htpasswd + htpasswdImage: xmartlabs/htpasswd:latest + + # kubenretes client image + kubectlImage: bitnami/kubectl:1.19 - # dockerHub main repository - dockerHubRepository: docker.io + # logging agent + loggingImage: beats/filebeat:5.5.0 - # busybox repo and image - busyboxRepository: docker.io - busyboxImage: busybox:1.30 + # mariadb client image + mariadbImage: bitnami/mariadb:10.5.8 - # kubeclt image - kubectlImage: "bitnami/kubectl:1.15" + # nginx server image + nginxImage: bitnami/nginx:1.18-debian-10 + + # postgreSQL client and server image + postgresImage: crunchydata/crunchy-postgres:centos7-10.11-4.2.1 + + # readiness check image + readinessImage: onap/oom/readiness:3.0.1 # image pull policy pullPolicy: Always + # default java image + jreImage: onap/integration-java11:7.2.0 + # default clusterName # {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }} clusterName: cluster.local @@ -102,11 +144,10 @@ global: # to the desired value # logLevel: DEBUG - #Global ingress configuration + # Global ingress configuration ingress: enabled: false virtualhost: - enabled: true baseurl: "simpledemo.onap.org" # Global Service Mesh configuration @@ -115,17 +156,53 @@ global: enabled: false tls: true + # metrics part + # If enabled, exporters (for prometheus) will be deployed + # if custom resources set to yes, CRD from prometheus operartor will be + # created + # Not all components have it enabled. + # + metrics: + enabled: true + custom_resources: false + # Disabling AAF # POC Mode, only for use in development environment # Keep it enabled in production aafEnabled: true aafAgentImage: onap/aaf/aaf_agent:2.1.20 + # default values for certificates + certificate: + default: + renewBefore: 8h + subject: + organization: "Linux-Foundation" + country: "US" + locality: "San-Francisco" + province: "California" + organizationalUnit: "ONAP" + issuer: + group: certmanager.onap.org + kind: CMPv2Issuer + name: cmpv2-issuer-onap + p12Keystore: + create: false + passwordSecretRef: + name: "" + key: "" + jksKeystore: + create: false + passwordSecretRef: + name: "" + key: "" + # Enabling CMPv2 cmpv2Enabled: true + CMPv2CertManagerIntegration: false platform: certServiceClient: - image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.3.2 secret: name: oom-cert-service-client-tls-secret mountPath: /etc/onap/oom/certservice/certs/ @@ -146,6 +223,11 @@ global: truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks" truststorePassword: "secret" + # Indicates offline deployment build + # Set to true if you are rendering helm charts for offline deployment + # Otherwise keep it disabled + offlineDeploymentBuild: false + # TLS # Set to false if you want to disable TLS for NodePorts. Be aware that this # will loosen your security. @@ -227,8 +309,6 @@ dcaegen2: enabled: false dcaemod: enabled: false -pnda: - enabled: false dmaap: enabled: false esr: @@ -295,10 +375,11 @@ so: openStackServiceTenantName: "service" openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e" - # configure embedded mariadb - mariadb: - config: - mariadbRootPassword: password + # in order to enable static password for so-monitoring uncomment: + # so-monitoring: + # server: + # monitoring: + # password: demo123456! uui: enabled: false vfc: @@ -316,3 +397,5 @@ a1policymanagement: cert-wrapper: enabled: true +repository-wrapper: + enabled: true