X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fpolicy%2Fvalues.yaml;h=47ced8afd8dc14ff35af82ef1f6b9e96141b594f;hb=2d0db7cd17b6690d505b22a2f542149662ebf619;hp=c544467b53a44bb096df08d7d0e59a8157cad26f;hpb=e51f953cc1aaeb5ee25050964abbbf3ba8f83683;p=oom.git diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index c544467b53..47ced8afd8 100755 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -1,6 +1,6 @@ # Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright © 2018-2020 AT&T Intellectual Property -# Modifications Copyright (C) 2021 Nordix Foundation. +# Modifications Copyright (C) 2021-2023 Nordix Foundation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -18,8 +18,8 @@ # Global configuration defaults. ################################################################# global: - aafEnabled: true mariadb: + localCluster: true # '&mariadbConfig' means we "store" the values for later use in the file # with '*mariadbConfig' pointer. config: &mariadbConfig @@ -27,6 +27,24 @@ global: service: &mariadbService name: &policy-mariadb policy-mariadb internalPort: 3306 + prometheusEnabled: false + postgres: + localCluster: false + service: + name: pgset + name2: tcp-pgset-primary + name3: tcp-pgset-replica + container: + name: postgres + #Strimzi Kafka properties + useStrimziKafka: true + # Temporary flag to disable strimzi for pf components - will be removed after native kafka support is added for drools and xacml + useStrimziKafkaPf: false + kafkaBootstrap: strimzi-kafka-bootstrap + policyKafkaUser: policy-kafka-user + kafkaTopics: + acRuntimeTopic: + name: policy.clamp-runtime-acm ################################################################# # Secrets metaconfig @@ -75,62 +93,67 @@ policy-api: db: *dbSecretsHook restServer: apiUserExternalSecret: *policyApiCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-pap: enabled: true db: *dbSecretsHook restServer: papUserExternalSecret: *policyPapCredsSecret apiUserExternalSecret: *policyApiCredsSecret + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-xacml-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-apex-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-drools-pdp: enabled: true db: *dbSecretsHook + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-distribution: enabled: true db: *dbSecretsHook -policy-clamp-be: +policy-clamp-ac-k8s-ppnt: enabled: true - db: *dbSecretsHook - config: - appUserExternalSecret: *policyAppCredsSecret -policy-clamp-fe: - enabled: true -policy-clamp-cl-k8s-ppnt: - enabled: true -policy-clamp-cl-pf-ppnt: +policy-clamp-ac-pf-ppnt: enabled: true restServer: apiUserExternalSecret: *policyApiCredsSecret papUserExternalSecret: *policyPapCredsSecret -policy-clamp-cl-http-ppnt: +policy-clamp-ac-http-ppnt: enabled: true -policy-nexus: - enabled: false -policy-clamp-cl-runtime: +policy-clamp-ac-a1pms-ppnt: + enabled: true +policy-clamp-ac-kserve-ppnt: + enabled: true +policy-clamp-runtime-acm: enabled: true db: *dbSecretsHook config: appUserExternalSecret: *policyAppCredsSecret +policy-nexus: + enabled: false + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' policy-gui: - enabled: true + enabled: false + config: + jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}' ################################################################# # DB configuration defaults. ################################################################# -repository: nexus3.onap.org:10001 -pullPolicy: Always - -mariadb: - image: mariadb:10.5.8 - dbmigrator: - image: onap/policy-db-migrator:2.4.1 + image: onap/policy-db-migrator:3.0.2 schema: policyadmin policy_home: "/opt/app/policy" @@ -162,11 +185,34 @@ readiness: config: policyAppUserName: runtimeUser + useStrimziKafka: true + policyPdpPapTopic: + name: policy-pdp-pap + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyHeartbeatTopic: + name: policy-heartbeat + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + policyNotificationTopic: + name: policy-notification + partitions: 10 + retentionMs: 7200000 + segmentBytes: 1073741824 + consumer: + groupId: policy-group + someConfig: blah mariadb-galera: # mariadb-galera.config and global.mariadb.config must be equals db: - user: policy_user + user: policy-user # password: externalSecret: *dbSecretName name: &mysqlDbName policyadmin @@ -176,12 +222,40 @@ mariadb-galera: # mariadb-galera.service and global.mariadb.service must be equals service: *mariadbService replicaCount: 1 + mariadbOperator: + galera: + enabled: false persistence: enabled: true mountSubPath: policy/maria/data serviceAccount: nameOverride: *policy-mariadb +postgresImage: library/postgres:latest +# application configuration override for postgres +postgres: + nameOverride: &postgresName policy-postgres + service: + name: *postgresName + name2: policy-pg-primary + name3: policy-pg-replica + container: + name: + primary: policy-pg-primary + replica: policy-pg-replica + persistence: + mountSubPath: policy/postgres/data + mountInitPath: policy + config: + pgUserName: policy-user + pgDatabase: policyadmin + pgUserExternalSecret: *dbSecretName + pgRootPasswordExternalSecret: *dbRootPassSecretName + +readinessCheck: + wait_for: + - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}' + restServer: policyPapUserName: policyadmin policyPapUserPassword: zb!XztG34