X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fso%2Fcomponents%2Fso-sdc-controller%2Fvalues.yaml;h=77b94dde50a69746bcca58b7deb4b8ab8e532c2f;hb=db8167bbf6923c8f316ebadd6cec1dd4891428a1;hp=63a641c3597cd966e23c9239827e2a66be8ce755;hpb=4b53bac100bf20421c782cedd03355c1fd4b759b;p=oom.git diff --git a/kubernetes/so/components/so-sdc-controller/values.yaml b/kubernetes/so/components/so-sdc-controller/values.yaml index 63a641c359..77b94dde50 100755 --- a/kubernetes/so/components/so-sdc-controller/values.yaml +++ b/kubernetes/so/components/so-sdc-controller/values.yaml @@ -19,14 +19,8 @@ global: nodePortPrefixExt: 304 persistence: mountPath: /dockerdata-nfs - security: - aaf: - enabled: false - aaf: - auth: - header: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo= mariadbGalera: - serviceName: mariadb-galera + service: mariadb-galera-primary servicePort: '3306' soSdcListenerKafkaUser: so-sdc-list-user @@ -51,13 +45,6 @@ secrets: login: '{{ .Values.db.adminName }}' password: '{{ .Values.db.adminPassword }}' passwordPolicy: required - - uid: so-sdc-kafka-secret - externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}' - type: genericKV - envs: - - name: sasl.jaas.config - value: '{{ .Values.config.someConfig }}' - policy: generate #secretsFilePaths: | # - 'my file 1' @@ -66,7 +53,7 @@ secrets: ################################################################# # Application configuration defaults. ################################################################# -image: onap/so/sdc-controller:1.12.0 +image: onap/so/sdc-controller:1.12.2 pullPolicy: Always db: @@ -89,42 +76,28 @@ mso: asdc-connections: asdc-controller1: password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F -config: - someConfig: blah - kafka: - securityProtocol: SASL_PLAINTEXT - saslMechanism: SCRAM-SHA-512 - authType: simple - sdcTopic: - pattern: SDC-DIST - consumerGroup: so - clientId: SO-sdc-controller replicaCount: 1 minReadySeconds: 10 containerPort: &containerPort 8085 logPath: ./logs/sdc/ app: sdc-controller + service: - type: ClusterIP - internalPort: *containerPort - externalPort: *containerPort - portName: http + type: ClusterIP + ports: + - name: http + port: *containerPort + updateStrategy: - type: RollingUpdate - maxUnavailable: 1 - maxSurge: 1 + type: RollingUpdate + maxUnavailable: 1 + maxSurge: 1 ################################################################# # soHelpers part ################################################################# soHelpers: - nameOverride: so-sdc-cert-init - certInitializer: - nameOverride: so-sdc-cert-init - credsPath: /opt/app/osaaf/local - cadi: - apiEnforcement: org.onap.so.sdcControllerPerm containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -133,34 +106,54 @@ flavor: small resources: small: limits: - memory: 4Gi - cpu: 2000m + memory: 1.5Gi + cpu: 1 requests: - memory: 1Gi - cpu: 500m + memory: 1.5Gi + cpu: 0.5 large: limits: - memory: 8Gi - cpu: 4000m + memory: 3Gi + cpu: 2 requests: - memory: 2Gi - cpu: 1000m + memory: 3Gi + cpu: 1 unlimited: {} + livenessProbe: - path: /manage/health - port: 8085 - scheme: HTTP - initialDelaySeconds: 600 - periodSeconds: 60 - timeoutSeconds: 10 - successThreshold: 1 - failureThreshold: 3 + path: /manage/health + port: 8085 + scheme: HTTP + initialDelaySeconds: 600 + periodSeconds: 60 + timeoutSeconds: 10 + successThreshold: 1 + failureThreshold: 3 + ingress: enabled: false + +serviceMesh: + authorizationPolicy: + authorizedPrincipals: + - serviceAccount: robot-read + - serviceAccount: so-read + nodeSelector: {} tolerations: [] affinity: {} +# Strimzi KafkaUser config +kafkaUser: + acls: + - name: SO + type: group + operations: [Read] + - name: SDC-DISTR + type: topic + patternType: prefix + operations: [Read, Write] + #Pods Service Account serviceAccount: nameOverride: so-sdc-controller