X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fpolicy%2Fvalues.yaml;h=47ced8afd8dc14ff35af82ef1f6b9e96141b594f;hb=2d0db7cd17b6690d505b22a2f542149662ebf619;hp=1ee31c2c7c98c19d6fa53cfec10bdaa0ccb8d24c;hpb=e869752183872dce54670f600bd5f007b2fe7b12;p=oom.git diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 1ee31c2c7c..47ced8afd8 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -1,6 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018-2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021-2022 Nordix Foundation. +# Modifications Copyright (C) 2021-2023 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,8 +18,8 @@ # Global configuration defaults. ################################################################# global: - aafEnabled: true mariadb: + localCluster: true # '&mariadbConfig' means we "store" the values for later use in the file # with '*mariadbConfig' pointer. config: &mariadbConfig @@ -36,9 +36,15 @@ global: name3: tcp-pgset-replica container: name: postgres + #Strimzi Kafka properties + useStrimziKafka: true + # Temporary flag to disable strimzi for pf components - will be removed after native kafka support is added for drools and xacml + useStrimziKafkaPf: false kafkaBootstrap: strimzi-kafka-bootstrap policyKafkaUser: policy-kafka-user - policyDistKafkaUser: policy-dist-kafka-user + kafkaTopics: + acRuntimeTopic: + name: policy.clamp-runtime-acm ################################################################# # Secrets metaconfig @@ -78,19 +84,6 @@ secrets: login: '{{ .Values.restServer.policyApiUserName }}' password: '{{ .Values.restServer.policyApiUserPassword }}' passwordPolicy: required - - uid: pg-root-pass - name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass' - type: password - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}' - password: '{{ .Values.postgres.config.pgRootpassword }}' - policy: generate - - uid: pg-user-creds - name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds' - type: basicAuth - externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}' - login: '{{ .Values.postgres.config.pgUserName }}' - password: '{{ .Values.postgres.config.pgUserPassword }}' - passwordPolicy: generate db: &dbSecretsHook credsExternalSecret: *dbSecretName @@ -128,36 +121,27 @@ policy-drools-pdp: policy-distribution: enabled: true db: *dbSecretsHook - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyDistKafkaUser }}' policy-clamp-ac-k8s-ppnt: enabled: true - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-pf-ppnt: enabled: true restServer: apiUserExternalSecret: *policyApiCredsSecret papUserExternalSecret: *policyPapCredsSecret - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-http-ppnt: enabled: true - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-clamp-ac-a1pms-ppnt: enabled: true - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' -policy-nexus: - enabled: false - config: - jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' +policy-clamp-ac-kserve-ppnt: + enabled: true policy-clamp-runtime-acm: enabled: true db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret +policy-nexus: + enabled: false + config: jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-gui: enabled: false @@ -169,7 +153,7 @@ policy-gui: ################################################################# dbmigrator: - image: onap/policy-db-migrator:2.5.1 + image: onap/policy-db-migrator:3.0.2 schema: policyadmin policy_home: "/opt/app/policy" @@ -202,13 +186,6 @@ readiness: config: policyAppUserName: runtimeUser useStrimziKafka: true - acRuntimeTopic: - name: policy-acruntime-participant - partitions: 10 - retentionMs: 7200000 - segmentBytes: 1073741824 - consumer: - groupId: policy-group policyPdpPapTopic: name: policy-pdp-pap partitions: 10 @@ -235,7 +212,7 @@ config: mariadb-galera: # mariadb-galera.config and global.mariadb.config must be equals db: - user: policy_user + user: policy-user # password: externalSecret: *dbSecretName name: &mysqlDbName policyadmin @@ -245,6 +222,9 @@ mariadb-galera: # mariadb-galera.service and global.mariadb.service must be equals service: *mariadbService replicaCount: 1 + mariadbOperator: + galera: + enabled: false persistence: enabled: true mountSubPath: policy/maria/data @@ -267,10 +247,10 @@ postgres: mountSubPath: policy/postgres/data mountInitPath: policy config: - pgUserName: policy_user + pgUserName: policy-user pgDatabase: policyadmin - pgUserExternalSecret: *pgUserCredsSecretName - pgRootPasswordExternalSecret: *pgRootPassSecretName + pgUserExternalSecret: *dbSecretName + pgRootPasswordExternalSecret: *dbRootPassSecretName readinessCheck: wait_for: