X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fso%2Fvalues.yaml;h=d1d3873cedd8ade358840687699e46c3b9671c93;hb=8ed35dfae17231f6d09fc36161a2ce44620a4200;hp=4f64dac032740cdc6e8aaca2e19cbef60cfc25b6;hpb=3a2483fa7d23ad0a057808a0d42d4c7956ce8aa3;p=oom.git diff --git a/kubernetes/so/values.yaml b/kubernetes/so/values.yaml index 4f64dac032..553de8c2d9 100755 --- a/kubernetes/so/values.yaml +++ b/kubernetes/so/values.yaml @@ -1,5 +1,6 @@ # Copyright © 2018 AT&T USA # Copyright © 2020 Huawei +# Copyright © 2021 Orange # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at @@ -17,12 +18,8 @@ global: nodePortPrefix: 302 nodePortPrefixExt: 304 - repository: nexus3.onap.org:10001 - readinessImage: onap/oom/readiness:3.0.1 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - soBaseImage: onap/so/base-image:1.0 aafAgentImage: onap/aaf/aaf_agent:2.1.20 + centralizedLoggingEnabled: true mariadbGalera: nameOverride: mariadb-galera serviceName: mariadb-galera @@ -60,19 +57,15 @@ global: siteName: onapheat auth: 3EDC974C5CD7FE54C47C7490AF4D3B474CDD7D0FFA35A7ACDE3E209631E45F428976EAC0858874F17390A13149E63C90281DD8D20456 defaultCloudOwner: onap - client: - certs: - truststore: /app/client/org.onap.so.trust.jks - keystore: /app/client/org.onap.so.jks - trustStorePassword: LHN4Iy5DKlcpXXdWZ0pDNmNjRkhJIzpI - keyStorePassword: c280b25hcA== + certificates: path: /etc/ssl/certs share_path: /usr/local/share/ca-certificates/ readinessCheck: wait_for: - - so-mariadb-config + jobs: + - '{{ include "common.release" . }}-so-mariadb-config-job' ################################################################# # Secrets metaconfig @@ -81,7 +74,11 @@ secrets: - uid: db-root-pass name: &dbRootPassSecretName '{{ include "common.release" . }}-so-db-root-pass' type: password - externalSecret: '{{ ternary .Values.global.mariadbGalera.rootPasswordExternalSecret (default (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) .Values.global.mariadbGalera.rootPasswordExternalSecret) .Values.global.mariadbGalera.localCluster }}' + externalSecret: '{{ .Values.global.mariadbGalera.localCluster | ternary + .Values.global.mariadbGalera.rootPasswordExternalSecret + (default (include "common.mariadb.secret.rootPassSecretName" + (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) + .Values.global.mariadbGalera.rootPasswordExternalSecret) }}' password: '{{ .Values.global.mariadbGalera.mariadbRootpassword }}' - uid: db-backup-creds name: &dbBackupCredsSecretName '{{ include "common.release" . }}-so-db-backup-creds' @@ -108,12 +105,6 @@ secrets: login: '{{ .Values.dbCreds.adminName }}' password: '{{ .Values.dbCreds.adminPassword }}' passwordPolicy: generate - - uid: 'so-onap-certs' - name: &so-certs '{{ include "common.release" . }}-so-certs' - externalSecret: '{{ tpl (default "" .Values.certSecret) . }}' - type: generic - filePaths: - - resources/config/certificates/msb-ca.crt - uid: 'mso-key' name: &mso-key '{{ include "common.release" . }}-mso-key' type: password @@ -160,6 +151,24 @@ aafConfig: aaf: trustore: org.onap.so.trust.jks +################################################################# +# AAF part for Ingress +################################################################# +certInitializer: + nameOverride: so-tls-cert + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: so + fqi: so@so.onap.org + public_fqdn: so.onap.org + fqi_namespace: org.onap.so + cadi_longitude: '0.0' + cadi_latitude: '0.0' + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + ingressTlsSecret: '{{ include "common.release" . }}-so-ingress-certs' + ################################################################# # Application configuration defaults. ################################################################# @@ -173,6 +182,8 @@ dbCreds: userName: so_user adminName: so_admin +image: onap/so/api-handler-infra:1.10.0 + server: aaf: username: so@so.onap.org @@ -191,26 +202,18 @@ server: password: password1$ # bpelCredsExternalSecret: some secret -repository: nexus3.onap.org:10001 -image: onap/so/api-handler-infra:1.6.4 pullPolicy: Always - replicaCount: 1 minReadySeconds: 10 - containerPort: &containerPort 8080 - logPath: ./logs/apih/ - app: api-handler-infra - service: type: NodePort nodePort: 77 internalPort: *containerPort externalPort: *containerPort - portName: so-apih-port - + portName: http updateStrategy: type: RollingUpdate maxUnavailable: 1 @@ -224,7 +227,6 @@ soHelpers: certInitializer: nameOverride: so-apih-cert-init credsPath: /opt/app/osaaf/local - certSecret: *so-certs containerPort: *containerPort # Resource Limit flavor -By Default using small @@ -256,6 +258,8 @@ affinity: {} config: logstashServiceName: log-ls logstashPort: 5044 + # "KEYSTONE" for keystone v2, "KEYSTONE_V3" for keystone v3 + openStackKeystoneVersion: "KEYSTONE" #Used only if localCluster is enabled. Instantiates SO's own cassandra cluster #helm deploy demo local/onap --namespace onap --verbose --set so.enabled=true \ @@ -263,15 +267,15 @@ config: # --set so.global.mariadbGalera.nameOverride=so-mariadb-galera \ # --set so.global.mariadbGalera.serviceName=so-mariadb-galera mariadb-galera: - config: - mariadbRootPasswordExternalSecret: *dbRootPassSecretName - nameOverride: so-mariadb-galera + rootUser: + externalSecret: *dbRootPassSecretName + nameOverride: &so-mariadb so-mariadb-galera replicaCount: 1 - service: - name: so-mariadb-galera persistence: mountSubPath: so/mariadb-galera/data enabled: true + serviceAccount: + nameOverride: *so-mariadb ingress: enabled: false @@ -280,7 +284,8 @@ ingress: name: 'so' port: 8080 config: - ssl: 'none' + tls: + secret: '{{ include "common.release" . }}-so-ingress-certs' mso: adapters: @@ -313,6 +318,7 @@ so-appc-orchestrator: so-bpmn-infra: db: <<: *dbSecrets + logConfigMapNamePrefix: '{{ include "common.release" . }}-so' so-catalog-db-adapter: enabled: true @@ -321,6 +327,8 @@ so-catalog-db-adapter: so-cnf-adapter: enabled: true + db: + <<: *dbSecrets server: aafCredsExternalSecret: *aaf-secrets aaiCredsExternalSecret: *aai-secrets @@ -341,7 +349,7 @@ so-mariadb: userCredsExternalSecret: *dbUserCredsSecretName adminCredsExternalSecret: *dbAdminCredsSecretName -so-monitoring: +so-admin-cockpit: enabled: true db: <<: *dbSecrets @@ -363,11 +371,13 @@ so-oof-adapter: camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A oof: authSecret: *mso-oof-auth + logConfigMapNamePrefix: '{{ include "common.release" . }}-so' so-openstack-adapter: enabled: true db: <<: *dbSecrets + logConfigMapNamePrefix: '{{ include "common.release" . }}-so' so-request-db-adapter: db: @@ -376,19 +386,33 @@ so-request-db-adapter: so-sdc-controller: db: <<: *dbSecrets + logConfigMapNamePrefix: '{{ include "common.release" . }}-so' so-sdnc-adapter: enabled: true db: <<: *dbSecrets + mso: + msoKeySecret: *mso-key + logConfigMapNamePrefix: '{{ include "common.release" . }}-so' so-ve-vnfm-adapter: - enabled: true + enabled: false -so-vfc-adapter: +so-etsi-sol005-adapter: enabled: true db: <<: *dbSecrets -so-vnfm-adapter: +so-etsi-sol003-adapter: enabled: true + +#Pods Service Account +serviceAccount: + nameOverride: so + roles: + - read + +#Log configuration +log: + path: /var/log/onap