Code Review / oom.git / blob
? search:
summary | shortlog | log | commit | commitdiff | review | tree
history | raw | HEAD
Merge "[AAI] Add model-loader tracing config"
[oom.git] / kubernetes / policy / components / policy-xacml-pdp / values.yaml
1 #  ============LICENSE_START=======================================================
2 #   Copyright (C) 2019-2021 AT&T Intellectual Property. All rights reserved.
3 #  ================================================================================
4 #  Licensed under the Apache License, Version 2.0 (the "License");
5 #  you may not use this file except in compliance with the License.
6 #  You may obtain a copy of the License at
7 #
8 #       http://www.apache.org/licenses/LICENSE-2.0
9 #
10 #  Unless required by applicable law or agreed to in writing, software
11 #  distributed under the License is distributed on an "AS IS" BASIS,
12 #  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 #  See the License for the specific language governing permissions and
14 #  limitations under the License.
15 #
16 #  SPDX-License-Identifier: Apache-2.0
17 #  ============LICENSE_END=========================================================
18
19 #################################################################
20 # Global configuration defaults.
21 #################################################################
22 global:
23   persistence: {}
24
25 #################################################################
26 # Secrets metaconfig
27 #################################################################
28 secrets:
29   - uid: db-secret
30     type: basicAuth
31     externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
32     login: '{{ .Values.db.user }}'
33     password: '{{ .Values.db.password }}'
34     passwordPolicy: required
35   - uid: restserver-creds
36     type: basicAuth
37     externalSecret: '{{ tpl (default "" .Values.restServer.credsExternalSecret) . }}'
38     login: '{{ .Values.restServer.user }}'
39     password: '{{ .Values.restServer.password }}'
40     passwordPolicy: required
41   - uid: api-creds
42     type: basicAuth
43     externalSecret: '{{ tpl (default "" .Values.apiServer.credsExternalSecret) . }}'
44     login: '{{ .Values.apiServer.user }}'
45     password: '{{ .Values.apiServer.password }}'
46     passwordPolicy: required
47
48 #################################################################
49 # Application configuration defaults.
50 #################################################################
51 # application image
52 image: onap/policy-xacml-pdp:3.1.1
53 pullPolicy: Always
54
55 componentName: &componentName policy-xacml-pdp
56
57 # flag to enable debugging - application support required
58 debugEnabled: false
59
60 # application configuration
61
62 db:
63   user: policy-user
64   password: policy_user
65   service:
66     name: policy-mariadb
67     internalPort: 3306
68
69 restServer:
70   user: healthcheck
71   password: zb!XztG34
72
73 apiServer:
74   user: policyadmin
75   password: zb!XztG34
76
77 # default number of instances
78 replicaCount: 1
79
80 nodeSelector: {}
81
82 affinity: {}
83
84 # probe configuration parameters
85 liveness:
86   initialDelaySeconds: 20
87   periodSeconds: 10
88   # necessary to disable liveness probe when setting breakpoints
89   # in debugger so K8s doesn't restart unresponsive container
90   enabled: true
91
92 readiness:
93   initialDelaySeconds: 20
94   periodSeconds: 10
95
96 service:
97   type: ClusterIP
98   name: *componentName
99   internalPort: 6969
100   ports:
101     - name: http
102       port: 6969
103
104 ingress:
105   enabled: false
106
107 serviceMesh:
108   authorizationPolicy:
109     authorizedPrincipals:
110       - serviceAccount: dcae-datafile-collector-read
111       - serviceAccount: dcae-datalake-admin-ui-read
112       - serviceAccount: dcae-datalake-des-read
113       - serviceAccount: dcae-datalake-feeder-read
114       - serviceAccount: dcae-heartbeat-read
115       - serviceAccount: dcae-hv-ves-collector-read
116       - serviceAccount: dcae-kpi-ms-read
117       - serviceAccount: dcae-pm-mapper-read
118       - serviceAccount: dcae-pmsh-read
119       - serviceAccount: dcae-prh-read
120       - serviceAccount: dcae-restconf-collector-read
121       - serviceAccount: dcae-slice-analysis-ms-read
122       - serviceAccount: dcae-snmptrap-collector-read
123       - serviceAccount: dcae-son-handler-read
124       - serviceAccount: dcae-tcagen2-read
125       - serviceAccount: dcae-ves-collector-read
126       - serviceAccount: dcae-ves-mapper-read
127       - serviceAccount: dcae-ves-openapi-manager-read
128       - serviceAccount: strimzi-kafka-read
129       - serviceAccount: oof-read
130       - serviceAccount: sdnc-read
131
132 flavor: small
133 resources:
134   small:
135     limits:
136       cpu: "1"
137       memory: "1Gi"
138     requests:
139       cpu: "0.5"
140       memory: "1Gi"
141   large:
142     limits:
143       cpu: "2"
144       memory: "2Gi"
145     requests:
146       cpu: "1"
147       memory: "2Gi"
148   unlimited: {}
149
150 #Pods Service Account
151 serviceAccount:
152   nameOverride: *componentName
153   roles:
154     - read
155
156 metrics:
157   serviceMonitor:
158     # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
159     # The default operator for prometheus enforces the below label.
160     labels:
161       release: prometheus
162     enabled: true
163     port: policy-xacml-pdp
164     interval: 60s
165     isHttps: false
166     basicAuth:
167       enabled: true
168       externalSecretNameSuffix: policy-xacml-pdp-restserver-creds
169       externalSecretUserKey: login
170       externalSecretPasswordKey: password
171     selector:
172       app: '{{ include "common.name" . }}'
173       chart: '{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}'
174       release: '{{ include "common.release" . }}'
175       heritage: '{{ .Release.Service }}'
176
177 config:
178   # Event consumption (kafka) properties
179   kafka:
180     consumer:
181       groupId: policy-xacml-pdp
182   app:
183     listener:
184       policyPdpPapTopic: policy-pdp-pap
185
186 # Strimzi Kafka config
187 kafkaUser:
188   authenticationType: scram-sha-512
189   acls:
190     - name: policy-xacml-pdp
191       type: group
192       operations: [ Create, Describe, Read, Write ]
193     - name: policy-pdp-pap
194       type: topic
195       patternType: prefix
196       operations: [ Create, Describe, Read, Write ]
197
198
Introduces the ONAP Platform OOM (ONAP Operations Manager) to efficiently Deploy, Manage, Operate the ONAP platform and its components (e.g. MSO, DCAE, SDC, etc.) and infrastructure (VMs, Containers).