X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fsdnc%2Fvalues.yaml;h=9f6118051bfc4b92404faf31fe2198339ecf60e5;hb=21349802fd5b6aea04b66630f108b3603930c7c4;hp=4354fe4a23d67aeab5396b97dbc9b108fa5c6288;hpb=42177a154d827dd1fddea3a451597c7708b65b6e;p=oom.git diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml index 4354fe4a23..9f6118051b 100644 --- a/kubernetes/sdnc/values.yaml +++ b/kubernetes/sdnc/values.yaml @@ -73,17 +73,80 @@ secrets: password: '{{ .Values.config.odlPassword }}' # For now this is left hardcoded but should be revisited in a future passwordPolicy: required + - uid: dmaap-proxy-creds + name: &dmaapProxyCredsSecretName '{{ include "common.release" . }}-sdnc-dmaap-proxy-creds' + type: basicAuth + externalSecret: '{{ .Values.config.dmaapProxyCredsExternalSecret }}' + login: '{{ .Values.config.sdnr.dmaapProxy.user }}' + password: '{{ .Values.config.sdnr.dmaapProxy.password }}' + # For now this is left hardcoded but should be revisited in a future + passwordPolicy: required - uid: netbox-apikey type: password externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}' password: '{{ .Values.config.netboxApikey }}' passwordPolicy: required + - uid: aai-truststore-password + type: password + externalSecret: '{{ .Values.config.aaiTruststoreExternalSecret }}' + password: '{{ .Values.config.aaiTruststorePassword }}' + passwordPolicy: required + - uid: ansible-truststore-password + type: password + externalSecret: '{{ .Values.config.ansibleTruststoreExternalSecret }}' + password: '{{ .Values.config.ansibleTruststorePassword }}' + passwordPolicy: required + - uid: truststore-password + type: password + externalSecret: '{{ .Values.config.truststoreExternalSecret }}' + password: '{{ .Values.config.truststorePassword }}' + passwordPolicy: required + - uid: keystore-password + type: password + externalSecret: '{{ .Values.config.keystoreExternalSecret }}' + password: '{{ .Values.config.keystorePassword }}' + passwordPolicy: required + - uid: dmaap-authkey + type: password + externalSecret: '{{ .Values.config.dmaapAuthKeyExternalSecret }}' + password: '{{ .Values.config.dmaapAuthKey }}' + passwordPolicy: required - uid: aai-user-creds type: basicAuth externalSecret: '{{ .Values.config.aaiCredsExternalSecret}}' login: '{{ .Values.config.aaiUser }}' password: '{{ .Values.config.aaiPassword }}' passwordPolicy: required + - uid: so-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.soCredsExternalSecret}}' + login: '{{ .Values.config.soUser }}' + password: '{{ .Values.config.soPassword }}' + passwordPolicy: required + - uid: neng-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.nengCredsExternalSecret}}' + login: '{{ .Values.config.nengUser }}' + password: '{{ .Values.config.nengPassword }}' + passwordPolicy: required + - uid: cds-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.cdsCredsExternalSecret}}' + login: '{{ .Values.config.cdsUser }}' + password: '{{ .Values.config.cdsPassword }}' + passwordPolicy: required + - uid: honeycomb-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.honeycombCredsExternalSecret}}' + login: '{{ .Values.config.honeycombUser }}' + password: '{{ .Values.config.honeycombPassword }}' + passwordPolicy: required + - uid: dmaap-user-creds + type: basicAuth + externalSecret: '{{ .Values.config.dmaapCredsExternalSecret}}' + login: '{{ .Values.config.dmaapUser }}' + password: '{{ .Values.config.dmaapPassword }}' + passwordPolicy: required - uid: modeling-user-creds type: basicAuth externalSecret: '{{ .Values.config.modelingCredsExternalSecret}}' @@ -109,10 +172,17 @@ secrets: login: '{{ .Values.config.scaleoutUser }}' password: '{{ .Values.config.scaleoutPassword }}' passwordPolicy: required - - uid: keystore-password + - uid: oauth-token-secret type: password - password: secret + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.tokenExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.tokenSecret }}' passwordPolicy: required + - uid: keycloak-secret + type: password + externalSecret: '{{ ternary (tpl (default "" .Values.config.sdnr.oauth.providersSecrets.keycloakExternalSecret) .) "oauth-disabled" .Values.config.sdnr.oauth.enabled }}' + password: '{{ .Values.config.sdnr.oauth.providersSecrets.keycloak }}' + passwordPolicy: required + ################################################################# # Certificates ################################################################# @@ -121,23 +191,24 @@ certificates: commonName: sdnc.simpledemo.onap.org dnsNames: - sdnc.simpledemo.onap.org - p12Keystore: - create: true - passwordSecretRef: - name: keystore-password - key: password - jksKeystore: - create: true + keystore: + outputType: + - jks passwordSecretRef: - name: keystore-password + create: true + name: sdnc-cmpv2-keystore-password key: password + issuer: + group: certmanager.onap.org + kind: CMPv2Issuer + name: cmpv2-issuer-onap ################################################################# # Application configuration defaults. ################################################################# # application images pullPolicy: Always -image: onap/sdnc-image:2.0.5 +image: onap/sdnc-image:2.1.5 # flag to enable debugging - application support required debugEnabled: false @@ -151,9 +222,34 @@ config: # odlCredsExternalSecret: some secret netboxApikey: onceuponatimeiplayedwithnetbox20180814 # netboxApikeyExternalSecret: some secret + aaiTruststorePassword: changeit + # aaiTruststoreExternalSecret: some secret + ansibleTruststorePassword: changeit + # ansibleTruststoreExternalSecret: some secret + truststorePassword: adminadmin + # truststoreExternalSecret: some secret + keystorePassword: adminadmin + # keystoreExternalSecret: some secret aaiUser: sdnc@sdnc.onap.org aaiPassword: demo123456! # aaiCredsExternalSecret: some secret + soUser: sdncaBpmn + soPassword: password1$ + # soCredsExternalSecret: some secret + nengUser: ccsdkapps + nengPassword: ccsdkapps + # nengCredsExternalSecret: some secret + cdsUser: ccsdkapps + cdsPassword: ccsdkapps + # cdsCredsExternalSecret: some secret + honeycombUser: admin + honeycombPassword: admin + # honeycombCredsExternalSecret: some secret + dmaapUser: admin + dmaapPassword: admin + dmaapAuthKey: "fs20cKwalJ6ry4kX:7Hqm6BDZK47IKxGRkOPFk33qMYs=" + # dmaapCredsExternalSecret: some secret + # dmaapAuthKeyExternalSecret: some secret modelingUser: ccsdkapps modelingPassword: ccsdkapps # modelingCredsExternalSecret: some secret @@ -227,8 +323,38 @@ config: sdnrdbTrustAllCerts: true mountpointRegistrarEnabled: false mountpointStateProviderEnabled: false - - + netconfCallHome: + enabled: true + # + # enable and set dmaap-proxy for mountpointRegistrar + dmaapProxy: + enabled: false + usepwd: true + user: addUserHere + password: addPasswordHere + url: addProxyUrlHere + oauth: + enabled: false + tokenIssuer: ONAP SDNC + tokenSecret: secret + supportOdlusers: true + redirectUri: null + publicUrl: none + odluxRbac: + enabled: true + # example definition for a oauth provider + providersSecrets: + keycloak: d8d7ed52-0691-4353-9ac6-5383e72e9c46 + providers: + - id: keycloak + type: KEYCLOAK + host: http://keycloak:8080 + clientId: odlux.app + secret: ${KEYCLOAK_SECRET} + scope: openid + title: ONAP Keycloak Provider + roleMapping: + mykeycloak: admin # dependency / sub-chart configuration certInitializer: @@ -373,7 +499,7 @@ elasticsearch: # handles master and data node functionality dedicatednode: "no" nameOverride: *elasticSearchName - cluster_name: *elasticSearchName + cluster_name: sdnrdb-cluster # enable sdnc-web: enabled: true @@ -426,6 +552,9 @@ service: geoNodePort5: 65 geoNodePort6: 66 + callHomePort: 6666 + callHomeNodePort: 66 + ## Persist data to a persitent volume persistence: enabled: true @@ -447,7 +576,7 @@ persistence: mountPath: /dockerdata-nfs mountSubPath: sdnc/mdsal mdsalPath: /opt/opendaylight/mdsal - daeximPath: /opt/opendaylight/daexim + daeximPath: /opt/opendaylight/mdsal/daexim journalPath: /opt/opendaylight/journal snapshotsPath: /opt/opendaylight/snapshots