X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fonap%2Fvalues.yaml;h=62949dba9d49afc14c40a3fc87e17169418ceac0;hb=0b14ba4a20a879ef6b94ae5db64fa08354d2f648;hp=5344a423f3a295a67d0237a8b0612e6c5f1bc6fd;hpb=0f15ec82c3ef94ac510350d43184299564a9fa85;p=oom.git

diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 5344a423f3..2b18288ea3 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -1,4 +1,5 @@
 # Copyright © 2019 Amdocs, Bell Canada
+# Copyright (c) 2020 Nordix Foundation, Modifications
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -24,6 +25,19 @@ global:
   nodePortPrefix: 302
   nodePortPrefixExt: 304
 
+
+  # Install test components
+  # test components are out of the scope of ONAP but allow to have a entire
+  # environment to test the different features of ONAP
+  # Current tests environments provided:
+  #  - netbox (needed for CDS IPAM)
+  #  - AWX (needed for XXX)
+  #  - EJBCA Server (needed for CMPv2 tests)
+  # Today, "contrib" chart that hosting these components must also be enabled
+  # in order to make it work. So `contrib.enabled` must have the same value than
+  # addTestingComponents
+  addTestingComponents: &testing false
+
   # ONAP Repository
   # Uncomment the following to enable the use of a single docker
   # repository but ONLY if your repository mirrors all ONAP
@@ -33,15 +47,34 @@ global:
   repositoryCred:
     user: docker
     password: docker
+  dockerHubRepository: docker.io
+
+  # readiness check
+  readinessImage: onap/oom/readiness:3.0.1
+
+  # curl image
+  curlImage: curlimages/curl:7.69.1
 
-  # readiness check - temporary repo until images migrated to nexus3
-  readinessRepository: oomk8s
   # logging agent - temporary repo until images migrated to nexus3
   loggingRepository: docker.elastic.co
 
+  # dockerHub main repository
+  dockerHubRepository: docker.io
+
+  # busybox repo and image
+  busyboxRepository: docker.io
+  busyboxImage: busybox:1.30
+
+  # kubeclt image
+  kubectlImage: "bitnami/kubectl:1.15"
+
   # image pull policy
   pullPolicy: Always
 
+  # default clusterName
+  # {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }}
+  clusterName: cluster.local
+
   # default mount path root directory referenced
   # by persistent volumes and log files
   persistence:
@@ -57,12 +90,105 @@ global:
   # flag to enable debugging - application support required
   debugEnabled: false
 
+  # default password complexity
+  # available options: phrase, name, pin, basic, short, medium, long, maximum security
+  # More datails: https://masterpassword.app/masterpassword-algorithm.pdf
+  passwordStrength: long
+
+  # configuration to set log level to all components (the one that are using
+  # "common.log.level" to set this)
+  # can be overrided per components by setting logConfiguration.logLevelOverride
+  # to the desired value
+  # logLevel: DEBUG
+
   #Global ingress configuration
   ingress:
     enabled: false
     virtualhost:
         enabled: true
         baseurl: "simpledemo.onap.org"
+
+  # Global Service Mesh configuration
+  # POC Mode, don't use it in production
+  serviceMesh:
+    enabled: false
+    tls: true
+
+  # Disabling AAF
+  # POC Mode, only for use in development environment
+  # Keep it enabled in production
+  aafEnabled: true
+  aafAgentImage: onap/aaf/aaf_agent:2.1.20
+
+  # Enabling CMPv2
+  cmpv2Enabled: true
+  aaf:
+    certServiceClient:
+      image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0
+      secret:
+        name: aaf-cert-service-client-tls-secret
+        mountPath: /etc/onap/aaf/certservice/certs/
+      envVariables:
+        # Certificate related
+        cmpv2Organization: "Linux-Foundation"
+        cmpv2OrganizationalUnit: "ONAP"
+        cmpv2Location: "San-Francisco"
+        cmpv2State: "California"
+        cmpv2Country: "US"
+        # Client configuration related
+        caName: "RA"
+        requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+        requestTimeout: "30000"
+        keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
+        keystorePassword: "secret"
+        truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"
+        truststorePassword: "secret"
+
+  # TLS
+  # Set to false if you want to disable TLS for NodePorts. Be aware that this
+  # will loosen your security.
+  # if set this element will force or not tls even if serviceMesh.tls is set.
+  # tlsEnabled: false
+
+  # Logging
+  # Currently, centralized logging is not in best shape so it's disabled by
+  # default
+  centralizedLoggingEnabled: &centralizedLogging false
+
+
+# Example of specific for the components where you want to disable TLS only for
+# it:
+# if set this element will force or not tls even if global.serviceMesh.tls and
+# global.tlsEnabled is set otherwise.
+# robot:
+#   tlsOverride: false
+
+  # Global storage configuration
+  #    Set to "-" for default, or with the name of the storage class
+  #    Please note that if you use AAF, CDS, SDC, Netbox or Robot, you need a
+  #    storageclass with RWX capabilities (or set specific configuration for these
+  #    components).
+  # persistence:
+  #   storageClass: "-"
+
+# Example of specific for the components which requires RWX:
+# aaf:
+#   persistence:
+#     storageClassOverride: "My_RWX_Storage_Class"
+# contrib:
+#   netbox:
+#     netbox-app:
+#       persistence:
+#         storageClassOverride: "My_RWX_Storage_Class"
+# cds:
+#   cds-blueprints-processor:
+#     persistence:
+#       storageClassOverride: "My_RWX_Storage_Class"
+# sdc:
+#   sdc-onboarding-be:
+#     persistence:
+#       storageClassOverride: "My_RWX_Storage_Class"
+
 #################################################################
 # Enable/disable and configure helm charts (ie. applications)
 # to customize the ONAP deployment.
@@ -91,18 +217,26 @@ cli:
   enabled: false
 consul:
   enabled: false
+# Today, "contrib" chart that hosting these components must also be enabled
+# in order to make it work. So `contrib.enabled` must have the same value than
+# addTestingComponents
 contrib:
-  enabled: false
+  enabled: *testing
 dcaegen2:
   enabled: false
+dcaemod:
+  enabled: false
 pnda:
   enabled: false
 dmaap:
   enabled: false
 esr:
   enabled: false
+# Today, "logging" chart that perform the central part of logging must also be
+# enabled in order to make it work. So `logging.enabled` must have the same
+# value than centralizedLoggingEnabled
 log:
-  enabled: false
+  enabled: *centralizedLogging
 sniro-emulator:
   enabled: false
 oof:
@@ -173,4 +307,6 @@ vid:
 vnfsdk:
   enabled: false
 modeling:
-  enabled: false
\ No newline at end of file
+  enabled: false
+a1policymanagement:
+  enabled: false