X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fso%2Fvalues.yaml;h=2338bac7eb19785a82ea576c5f9054c919664823;hb=5b4d13d79e72409c49b893b00ce763591696b104;hp=b2a8b681b375a7c051c219ec6914755c8e9edd37;hpb=a52d0c03906640203429d1b713261028db835eba;p=oom.git

diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml
index b2a8b681b3..2338bac7eb 100755
--- a/kubernetes/so/values.yaml
+++ b/kubernetes/so/values.yaml
@@ -22,6 +22,7 @@ global:
   readinessImage: readiness-check:2.0.2
   loggingRepository: docker.elastic.co
   loggingImage: beats/filebeat:5.5.0
+  soBaseImage: onap/so/base-image:1.0
   mariadbGalera:
     nameOverride: mariadb-galera
     serviceName: mariadb-galera
@@ -33,6 +34,9 @@ global:
     localCluster: false
   persistence:
     mountPath: /dockerdata-nfs
+  #This configuration specifies Service and port for SDNC OAM interface
+  sdncOamService: sdnc-oam
+  sdncOamPort: 8282
   #This configuration will run the migration. The configurations are for backing up the data
   #from DB and then restoring it to the present versions preferred DB.
   migration:
@@ -56,8 +60,8 @@ global:
     defaultCloudOwner: onap
     cadi:
       cadiLoglevel: DEBUG
-      cadiKeyFile: /app/org.onap.so.keyfile
-      cadiTrustStore: /app/org.onap.so.trust.jks
+      cadiKeyFile: /app/client/org.onap.so.keyfile
+      cadiTrustStore: /app/client/org.onap.so.trust.jks
       cadiTruststorePassword: enc:MFpuxKeYK6Eo6QXjDUjtOBbp0FthY7SB4mKSIJm_RWC
       cadiLatitude: 38.4329
       cadiLongitude: -90.43248
@@ -69,8 +73,13 @@ global:
     msoKey: 07a7159d3bf51a0e53be7a8f89699be7
   client:
     certs:
-      trustStorePassword: b25hcDRzbw==
+      truststore: /app/client/org.onap.so.trust.jks
+      keystore: /app/client/org.onap.so.jks
+      trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI
       keyStorePassword: c280b25hcA==
+  certificates:
+    path: /etc/ssl/certs
+    share_path: /usr/local/share/ca-certificates/
 
 #################################################################
 # Secrets metaconfig
@@ -106,6 +115,13 @@ secrets:
     login: '{{ .Values.dbCreds.adminName }}'
     password: '{{ .Values.dbCreds.adminPassword }}'
     passwordPolicy: generate
+  - uid: "so-onap-certs"
+    name: &so-certs '{{ include "common.release" . }}-so-certs'
+    externalSecret: '{{ tpl (default "" .Values.certSecret) . }}'
+    type: generic
+    filePaths:
+      - resources/config/certificates/onap-ca.crt
+      - resources/config/certificates/msb-ca.crt
 
 #################################################################
 # Application configuration defaults.
@@ -121,7 +137,7 @@ dbCreds:
   adminName: so_admin
 
 repository: nexus3.onap.org:10001
-image: onap/so/api-handler-infra:1.5.3
+image: onap/so/api-handler-infra:1.6.4
 pullPolicy: Always
 replicaCount: 1
 minReadySeconds: 10
@@ -141,6 +157,8 @@ updateStrategy:
 # Resource Limit flavor -By Default using small
 flavor: small
 # Segregation for Different environment (Small and Large)
+persistence:
+  certificatesPath: /certificates
 resources:
   small:
     limits:
@@ -174,7 +192,6 @@ config:
   logstashServiceName: log-ls
   logstashPort: 5044
 
-
 #Used only if localCluster is enabled. Instantiates SO's own cassandra cluster
 #helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \
 #                                                       --set so.global.mariadbGalera.localCluster=true \
@@ -194,7 +211,7 @@ mariadb-galera:
 ingress:
   enabled: false
   service:
-    - baseaddr: "so"
+    - baseaddr: "so.api"
       name: "so"
       port: 8080
   config:
@@ -224,6 +241,7 @@ mso:
     auth: basic bXNvX2FkbWlufHBhc3N3b3JkMSQ=
 
 so-bpmn-infra:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   cds:
@@ -259,6 +277,7 @@ so-bpmn-infra:
         auth: Basic dm5mbTpwYXNzd29yZDEk
 
 so-catalog-db-adapter:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   mso:
@@ -272,7 +291,13 @@ so-catalog-db-adapter:
       db:
         auth: Basic YnBlbDpwYXNzd29yZDEk
 
+so-monitoring:
+  certSecret: *so-certs
+  db:
+    <<: *dbSecrets
+
 so-openstack-adapter:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   aaf:
@@ -301,6 +326,7 @@ so-openstack-adapter:
       auth: Basic YnBlbDpwYXNzd29yZDEk
 
 so-request-db-adapter:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   mso:
@@ -315,6 +341,7 @@ so-request-db-adapter:
         auth: Basic YnBlbDpwYXNzd29yZDEk
 
 so-sdc-controller:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   aai:
@@ -335,7 +362,9 @@ so-sdc-controller:
     asdc-connections:
       asdc-controller1:
         password: 76966BDD3C7414A03F7037264FF2E6C8EEC6C28F2B67F2840A1ED857C0260FEE731D73F47F828E5527125D29FD25D3E0DE39EE44C058906BF1657DE77BF897EECA93BDC07FA64F
+
 so-sdnc-adapter:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   org:
@@ -360,7 +389,11 @@ so-sdnc-adapter:
     rest:
       aafEncrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456
 
+so-ve-vnfm-adapter:
+  certSecret: *so-certs
+
 so-vfc-adapter:
+  certSecret: *so-certs
   db:
     <<: *dbSecrets
   mso:
@@ -373,7 +406,31 @@ so-vfc-adapter:
     adapters:
       requestDb:
         auth: Basic YnBlbDpwYXNzd29yZDEk
+
+so-nssmf-adapter:
+  certSecret: *so-certs
+  db:
+    <<: *dbSecrets
+  aaf:
+    auth:
+      username: so@so.onap.org
+      password: 8DB1C939BFC6A35C3832D0E52E452D0E05AE2537AF142CECD125FF827C05A972FDD0F4700547DA
+  aai:
+    auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+  mso:
+    key: 07a7159d3bf51a0e53be7a8f89699be7
+    config:
+      cadi:
+        aafId: so@so.onap.org
+        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
+        apiEnforcement: org.onap.so.nssmfAdapterPerm
+        noAuthn: /manage/health
+    adapters:
+      requestDb:
+        auth: Basic YnBlbDpwYXNzd29yZDEk
+
 so-vnfm-adapter:
+  certSecret: *so-certs
   aaf:
     auth:
       username: so@so.onap.org
@@ -393,9 +450,16 @@ so-vnfm-adapter:
         apiEnforcement: org.onap.so.vnfmAdapterPerm
         noAuthn: /manage/health
 
-so-monitoring:
-  db:
-    <<: *dbSecrets
+so-etsi-nfvo-ns-lcm:
+  certSecret: *so-certs
+  aai:
+    auth: 2A11B07DB6214A839394AA1EC5844695F5114FC407FF5422625FB00175A3DCB8A1FF745F22867EFA72D5369D599BBD88DA8BED4233CF5586
+  mso:
+    key: 07a7159d3bf51a0e53be7a8f89699be7
+  so:
+    sol003:
+      adapter:
+        auth: Basic dm5mbTpwYXNzd29yZDEk
 
 so-mariadb:
   db:
@@ -404,3 +468,35 @@ so-mariadb:
     backupCredsExternalSecret: *dbBackupCredsSecretName
     userCredsExternalSecret: *dbUserCredsSecretName
     adminCredsExternalSecret: *dbAdminCredsSecretName
+so-appc-orchestrator:
+  certSecret: *so-certs
+  db:
+    <<: *dbSecrets
+  mso:
+    basicUser: poBpmn
+    auth: BEA8637716A7EB617DF472BA6552D22F68C1CB17B0D094D77DDA562F4ADAAC4457CAB848E1A4
+    config:
+      cadi:
+        aafId: so@so.onap.org
+        aafPassword: enc:EME-arXn2lx8PO0f2kEtyK7VVGtAGWavXorFoxRmPO9
+        apiEnforcement: org.onap.so.openStackAdapterPerm
+        noAuthn: /manage/health
+  appc:
+    client:
+      topic:
+        read:
+          name: APPC-LCM-WRITE
+          timeout: 360000
+        write: APPC-LCM-READ
+        sdnc:
+          read: SDNC-LCM-WRITE
+          write: SDNC-LCM-READ
+      response:
+        timeout: 3600000
+      key: VIlbtVl6YLhNUrtU
+      secret: 64AG2hF4pYeG2pq7CT6XwUOT
+      service: ueb
+  auth:
+    rest:
+      aaf: Basic c29Ac28ub25hcC5vcmc6ZGVtbzEyMzQ1Ngo=
+      aafEncrypted: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456