X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fonap%2Fvalues.yaml;h=9f6d5fe35d5c000fcabc097b6720fda912c63879;hb=07efa9bb787a6a04dfb9771a3940b3461d247d20;hp=2791f0fab0997ce71a9dd7fbd76cd43d4798309e;hpb=363961b877f92ccd6b67829a17fd743846099dca;p=oom.git

diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 2791f0fab0..028b43aef2 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -1,6 +1,6 @@
 # Copyright Â© 2019 Amdocs, Bell Canada
 # Copyright (c) 2020 Nordix Foundation, Modifications
-# Modifications Copyright Â© 2020 Nokia
+# Modifications Copyright Â© 2020-2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -40,38 +40,80 @@ global:
   addTestingComponents: &testing false
 
   # ONAP Repository
-  # Uncomment the following to enable the use of a single docker
-  # repository but ONLY if your repository mirrors all ONAP
-  # docker images. This includes all images from dockerhub and
-  # any other repository that hosts images for ONAP components.
-  #repository: nexus3.onap.org:10001
+  # Four different repositories are used
+  # You can change individually these repositories to ones that will serve the
+  # right images. If credentials are needed for one of them, see below.
+  repository: nexus3.onap.org:10001
+  dockerHubRepository: &dockerHubRepository docker.io
+  elasticRepository: &elasticRepository docker.elastic.co
+  googleK8sRepository: k8s.gcr.io
+  githubContainerRegistry: ghcr.io
+
+  #/!\ DEPRECATED /!\
+  # Legacy repositories which will be removed at the end of migration.
+  # Please don't use
+  loggingRepository: *elasticRepository
+  busyboxRepository: *dockerHubRepository
+
+  # Default credentials
+  # they're optional. If the target repository doesn't need them, comment them
   repositoryCred:
     user: docker
     password: docker
-  dockerHubRepository: docker.io
-
-  # readiness check
-  readinessImage: onap/oom/readiness:3.0.1
+  # If you want / need authentication on the repositories, please set
+  # Don't set them if the target repo is the same than others
+  # so id you've set repository to value `my.private.repo` and same for
+  # dockerHubRepository, you'll have to configure only repository (exclusive) OR
+  # dockerHubCred.
+  # dockerHubCred:
+  #   user: myuser
+  #   password: mypassord
+  # elasticCred:
+  #   user: myuser
+  #   password: mypassord
+  # googleK8sCred:
+  #   user: myuser
+  #   password: mypassord
+
+
+  # common global images
+  # Busybox for simple shell manipulation
+  busyboxImage: busybox:1.32
 
   # curl image
   curlImage: curlimages/curl:7.69.1
 
-  # logging agent - temporary repo until images migrated to nexus3
-  loggingRepository: docker.elastic.co
+  # env substitution image
+  envsubstImage: dibi/envsubst:1
+
+  # generate htpasswd files image
+  # there's only latest image for htpasswd
+  htpasswdImage: xmartlabs/htpasswd:latest
+
+  # kubenretes client image
+  kubectlImage: bitnami/kubectl:1.19
 
-  # dockerHub main repository
-  dockerHubRepository: docker.io
+  # logging agent
+  loggingImage: beats/filebeat:5.5.0
 
-  # busybox repo and image
-  busyboxRepository: docker.io
-  busyboxImage: busybox:1.30
+  # mariadb client image
+  mariadbImage: bitnami/mariadb:10.5.8
 
-  # kubeclt image
-  kubectlImage: "bitnami/kubectl:1.15"
+  # nginx server image
+  nginxImage: bitnami/nginx:1.18-debian-10
+
+  # postgreSQL client and server image
+  postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
+
+  # readiness check image
+  readinessImage: onap/oom/readiness:3.0.1
 
   # image pull policy
   pullPolicy: Always
 
+  # default java image
+  jreImage: onap/integration-java11:7.2.0
+
   # default clusterName
   # {{ template "common.fullname" . }}.{{ template "common.namespace" . }}.svc.{{ .Values.global.clusterName }}
   clusterName: cluster.local
@@ -102,11 +144,10 @@ global:
   # to the desired value
   # logLevel: DEBUG
 
-  #Global ingress configuration
+  # Global ingress configuration
   ingress:
     enabled: false
     virtualhost:
-      enabled: true
       baseurl: "simpledemo.onap.org"
 
   # Global Service Mesh configuration
@@ -115,36 +156,58 @@ global:
     enabled: false
     tls: true
 
+  # metrics part
+  # If enabled, exporters (for prometheus) will be deployed
+  # if custom resources set to yes, CRD from prometheus operartor will be
+  # created
+  # Not all components have it enabled.
+  #
+  metrics:
+    enabled: true
+    custom_resources: false
+
   # Disabling AAF
   # POC Mode, only for use in development environment
   # Keep it enabled in production
   aafEnabled: true
   aafAgentImage: onap/aaf/aaf_agent:2.1.20
 
+  # Disabling MSB
+  # POC Mode, only for use in development environment
+  msbEnabled: true
+
+  # default values for certificates
+  certificate:
+    default:
+      renewBefore: 720h #30 days
+      duration:    8760h #365 days
+      subject:
+        organization: "Linux-Foundation"
+        country: "US"
+        locality: "San-Francisco"
+        province: "California"
+        organizationalUnit: "ONAP"
+      issuer:
+        group: certmanager.onap.org
+        kind: CMPv2Issuer
+        name: cmpv2-issuer-onap
+
   # Enabling CMPv2
   cmpv2Enabled: true
   platform:
-    certServiceClient:
-      image: onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
-      secret:
-        name: oom-cert-service-client-tls-secret
-        mountPath: /etc/onap/oom/certservice/certs/
-      envVariables:
-        # Certificate related
-        cmpv2Organization: "Linux-Foundation"
-        cmpv2OrganizationalUnit: "ONAP"
-        cmpv2Location: "San-Francisco"
-        cmpv2State: "California"
-        cmpv2Country: "US"
-        # Client configuration related
-        caName: "RA"
-        requestURL: "https://oom-cert-service:8443/v1/certificate/"
-        requestTimeout: "30000"
-        keystorePath: "/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks"
-        outputType: "P12"
-        keystorePassword: "secret"
-        truststorePath: "/etc/onap/oom/certservice/certs/truststore.jks"
-        truststorePassword: "secret"
+    certificates:
+      clientSecretName: oom-cert-service-client-tls-secret
+      keystoreKeyRef: keystore.jks
+      truststoreKeyRef: truststore.jks
+      keystorePasswordSecretName: oom-cert-service-certificates-password
+      keystorePasswordSecretKey: password
+      truststorePasswordSecretName: oom-cert-service-certificates-password
+      truststorePasswordSecretKey: password
+
+  # Indicates offline deployment build
+  # Set to true if you are rendering helm charts for offline deployment
+  # Otherwise keep it disabled
+  offlineDeploymentBuild: false
 
   # TLS
   # Set to false if you want to disable TLS for NodePorts. Be aware that this
@@ -223,11 +286,15 @@ consul:
 # addTestingComponents
 contrib:
   enabled: *testing
+cps:
+  enabled: false
 dcaegen2:
   enabled: false
+dcaegen2-services:
+  enabled: false
 dcaemod:
   enabled: false
-pnda:
+holmes:
   enabled: false
 dmaap:
   enabled: false
@@ -295,10 +362,11 @@ so:
     openStackServiceTenantName: "service"
     openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
 
-  # configure embedded mariadb
-  mariadb:
-    config:
-      mariadbRootPassword: password
+  # in order to enable static password for so-monitoring uncomment:
+  # so-monitoring:
+  #   server:
+  #     monitoring:
+  #       password: demo123456!
 uui:
   enabled: false
 vfc:
@@ -316,3 +384,7 @@ a1policymanagement:
 
 cert-wrapper:
   enabled: true
+repository-wrapper:
+  enabled: true
+roles-wrapper:
+  enabled: true