X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fonap%2Fvalues.yaml;h=5f48a5e2ede0a64c71c5469041e0ac163b1b8ca0;hb=HEAD;hp=0456ce5a960a148ee59f2e5bef1c4413558c9936;hpb=7fe86d27e6770eaee842f7ca41238ab343cef577;p=oom.git diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 0456ce5a96..089e65a2c5 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -37,6 +37,7 @@ global: quayRepository: quay.io googleK8sRepository: k8s.gcr.io githubContainerRegistry: ghcr.io + mariadbContainerRegistry: docker-registry3.mariadb.com # Default credentials # they're optional. If the target repository doesn't need them, comment them @@ -58,38 +59,55 @@ global: # user: myuser # password: mypassord + # Default definition of the secret containing the docker image repository + # credentials. In the default ONAP deployment the secret is created by the + # repository-wrapper component, which uses the secrets defined above. + # If this is not wanted or other secrets are created, alternative secret + # names can be used + # Overrides for specific images can be done, if the "image" entry is used as + # a map and the "pullSecrets" is used, e.g. + # image: + # ... + # pullSecrets: + # - myRegistryKeySecretName + # + imagePullSecrets: + - '{{ include "common.namespace" . }}-docker-registry-key' # common global images # Busybox for simple shell manipulation - busyboxImage: busybox:1.34.1 + busyboxImage: busybox:1.37.0 # curl image - curlImage: curlimages/curl:7.80.0 + curlImage: curlimages/curl:8.14.1 # env substitution image - envsubstImage: dibi/envsubst:1 + envsubstImage: dibi/envsubst:latest # generate htpasswd files image # there's only latest image for htpasswd htpasswdImage: xmartlabs/htpasswd:latest # kubenretes client image - kubectlImage: bitnami/kubectl:1.22.4 + kubectlImage: bitnami/kubectl:1.22.16 # logging agent loggingImage: beats/filebeat:5.5.0 # mariadb client image - mariadbImage: bitnami/mariadb:10.5.8 + mariadbImage: mariadb:11.7.2 + + # mongodb server image + mongodbImage: percona/percona-server-mongodb:7.0.16-10 # nginx server image - nginxImage: bitnami/nginx:1.21.4 + nginxImage: bitnami/nginx:1.29.0 # postgreSQL client and server image postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1 # readiness check image - readinessImage: onap/oom/readiness:3.0.1 + readinessImage: onap/oom/readiness:6.2.0 # image pull policy pullPolicy: Always @@ -101,6 +119,14 @@ global: # {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }} clusterName: cluster.local + # enable this if you have deployed Jaeger alongside ONAP + tracing: + enabled: false + collector: + baseUrl: http://jaeger-collector.istio-config:9411 + sampling: + probability: 1.0 # percentage of requests that are sampled (between 0-1/0%-100%) + # default mount path root directory referenced # by persistent volumes and log files persistence: @@ -110,6 +136,10 @@ global: storageclassProvisioner: kubernetes.io/no-provisioner volumeReclaimPolicy: Retain + # Global flag to enable the creation of default roles instead of using + # common roles-wrapper + createDefaultRoles: false + # override default resource limit flavor for all charts flavor: unlimited @@ -134,6 +164,19 @@ global: # enable all component's Ingress interfaces enable_all: false + # Provider: ingress, istio, gw-api + provider: istio + # Ingress class (only for provider "ingress"): e.g. nginx, traefik + ingressClass: + # Ingress Selector (only for provider "istio") to match with the + # ingress pod label "istio=ingress" + ingressSelector: ingress + # optional: common used Gateway (for Istio, GW-API) and listener names + commonGateway: + name: "" + httpListener: "" + httpsListener: "" + # default Ingress base URL and preAddr- and postAddr settings # Ingress URLs result: # . @@ -158,7 +201,7 @@ global: # tls: # secret: 'my-ingress-cert' - # optional: Namespace of the Istio IngressGateway + # optional: Namespace of the Istio IngressGateway or Gateway-API # only valid for Istio Gateway (ServiceMesh enabled) namespace: istio-ingress @@ -168,6 +211,9 @@ global: tls: true # be aware that linkerd is not well tested engine: "istio" # valid value: istio or linkerd + # if nativeSidecars are enabled in Istio, this value can be set to "true" + # and will disable the deployment of sidecar killer containers in jobs + nativeSidecars: false # Global Istio Authorization Policy configuration authorizationPolicies: @@ -266,6 +312,8 @@ global: # to customize the ONAP deployment. ################################################################# +authentication: + enabled: false aai: enabled: false cassandra: @@ -284,8 +332,6 @@ dmaap: enabled: false message-router: enabled: false - dmaap-bc: - enabled: false dmaap-dr-prov: enabled: false dmaap-dr-node: @@ -306,6 +352,8 @@ nbi: openStackVNFTenantId: "1234" policy: enabled: false +portal-ng: + enabled: false robot: enabled: false config: @@ -374,8 +422,6 @@ platform: enabled: false a1policymanagement: enabled: false -cert-wrapper: - enabled: true repository-wrapper: enabled: true roles-wrapper: