X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fso%2Fvalues.yaml;h=b14c014bc07d276bc93706c065134eac1d3364fd;hb=ad9b376c2c47e46e30590bb0a8fe66fdb7badbab;hp=f7d74a347faf8718b868719a67de3d03e0c87335;hpb=b958d7dead0695adbe86c30c9c656b90634b1262;p=oom.git diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index f7d74a347f..b14c014bc0 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 AT&T USA # Copyright © 2020 Huawei +# Copyright © 2021 Orange # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -56,19 +57,14 @@ global: auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap - client: - certs: - truststore: /app/client/org.onap.so.trust.jks - keystore: /app/client/org.onap.so.jks - trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI - keyStorePassword: c280b25hcA== certificates: path: /etc/ssl/certs share_path: /usr/local/share/ca-certificates/ readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -108,12 +104,6 @@ secrets: login: '{{ .Values.dbCreds.adminName }}' password: '{{ .Values.dbCreds.adminPassword }}' passwordPolicy: generate - - uid: 'so-onap-certs' - name: &so-certs '{{ include "common.release" . }}-so-certs' - externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' - type: generic - filePaths: - - resources/config/certificates/msb-ca.crt - uid: 'mso-key' name: &mso-key '{{ include "common.release" . }}-mso-key' type: password @@ -160,6 +150,24 @@ aafConfig: aaf: trustore: org.onap.so.trust.jks +################################################################# +# AAF part for Ingress +################################################################# +certInitializer: + nameOverride: so-tls-cert + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: so + fqi: so@so.onap.org + public_fqdn: so.onap.org + fqi_namespace: org.onap.so + cadi_longitude: '0.0' + cadi_latitude: '0.0' + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + ingressTlsSecret: '{{ include "common.release" . }}-so-ingress-certs' + ################################################################# # Application configuration defaults. ################################################################# @@ -173,7 +181,7 @@ dbCreds: userName: so_user adminName: so_admin -image: onap/so/api-handler-infra:1.7.11 +image: onap/so/api-handler-infra:1.9.2 server: aaf: @@ -218,7 +226,6 @@ soHelpers: certInitializer: nameOverride: so-apih-cert-init credsPath: /opt/app/osaaf/local - certSecret: *so-certs containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -250,6 +257,8 @@ affinity: {} config: logstashServiceName: log-ls logstashPort: 5044 + # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3 + openStackKeystoneVersion: "KEYSTONE" #Used only if localCluster is enabled. Instantiates SO's own cassandra cluster #helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \ @@ -274,7 +283,8 @@ ingress: name: 'so' port: 8080 config: - ssl: 'none' + tls: + secret: '{{ include "common.release" . }}-so-ingress-certs' mso: adapters: @@ -337,7 +347,7 @@ so-mariadb: userCredsExternalSecret: *dbUserCredsSecretName adminCredsExternalSecret: *dbAdminCredsSecretName -so-monitoring: +so-admin-cockpit: enabled: true db: <<: *dbSecrets @@ -377,15 +387,22 @@ so-sdnc-adapter: enabled: true db: <<: *dbSecrets + mso: + msoKeySecret: *mso-key so-ve-vnfm-adapter: enabled: false -so-vfc-adapter: +so-etsi-sol005-adapter: enabled: true db: <<: *dbSecrets -so-vnfm-adapter: +so-etsi-sol003-adapter: enabled: true +#Pods Service Account +serviceAccount: + nameOverride: so + roles: + - read