# Copyright (C) 2021 Pantheon.tech, Orange, Bell Canada.
# Modifications Copyright (C) 2022 Bell Canada
-# Modifications Copyright © 2022 Nordix Foundation
+# Modifications Copyright © 2022-2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
login: '{{ .Values.config.dmiPluginUserName }}'
password: '{{ .Values.config.dmiPluginUserPassword }}'
passwordPolicy: generate
- - uid: cps-kafka-user
- externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
- type: genericKV
- envs:
- - name: sasl.jaas.config
- value: '{{ .Values.config.someConfig }}'
- policy: generate
#################################################################
# Global configuration defaults.
container:
name: postgres
-image: onap/cps-and-ncmp:3.1.4
-containerPort: &svc_port 8080
-managementPort: &mgt_port 8081
+image: onap/cps-and-ncmp:3.4.9
service:
type: ClusterIP
+ headless: {}
name: cps-core
+ internalPort: &svc_port 8080
ports:
- name: &port http
port: *svc_port
- - name: http-management
- port: *mgt_port
- targetPort: *mgt_port
+ headlessPorts:
+ - name: tcp-hazelcast
+ port: 5701
prometheus:
enabled: false
metrics:
serviceMonitor:
- port: http-management
+ port: http
## specify target port if name is not given to the port in the service definition
##
# targetPort: 8080
- path: /manage/prometheus
+ path: /actuator/prometheus
interval: 60s
basicAuth:
enabled: false
resources:
small:
limits:
- cpu: 2
- memory: 2Gi
+ cpu: "2"
+ memory: "1.5Gi"
requests:
- cpu: 1
- memory: 1Gi
+ cpu: "1"
+ memory: "1.5Gi"
large:
limits:
- cpu: 4
- memory: 4Gi
+ cpu: "4"
+ memory: "3Gi"
requests:
- cpu: 2
- memory: 2Gi
+ cpu: "2"
+ memory: "3Gi"
unlimited: {}
# probe configuration parameters
liveness:
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
- path: /manage/health
- port: *mgt_port
+ path: /actuator/health
+ port: *svc_port
readiness:
initialDelaySeconds: 15
periodSeconds: 15
- path: /manage/health
- port: *mgt_port
+ path: /actuator/health
+ port: *svc_port
startup:
failureThreshold: 5
periodSeconds: 60
- path: /manage/health
- port: *mgt_port
+ path: /actuator/health
+ port: *svc_port
ingress:
enabled: true
#################################################################
config:
-
- # Set it for pre loading xnfdata, else set to null
+ # Set it for preloading xnfdata, else set to null
liquibaseLabels: xnf-data-preload
# REST API basic authentication credentials (passsword is generated if not provided)
# spring.config.max-size: 200
# spring.config.min-size: 10
-# kafka config
- useStrimziKafka: true
- kafkaBootstrap: strimzi-kafka-bootstrap
-# If targeting a custom kafka cluster, ie useStrimziKakfa: false
-# uncomment below config and target your kafka bootstrap servers,
-# along with any other security config.
-
-# eventPublisher:
-# spring.kafka.bootstrap-servers: <kafka-bootstrap>:9092
-# spring.kafka.security.protocol: SASL_PLAINTEXT
-# spring.kafka.properties.sasl.mechanism: PLAIN
-# spring.kafka.properties.sasl.jaas.config: org.apache.kafka.common.security.plain.PlainLoginModule required username=admin password=admin_secret;
-
additional:
- notification.data-updated.enabled: true
- notification.data-updated.topic: cps.data-updated-events
+ notification.enabled: true
+ notification.data-updated.topic: &dataUpdatedTopic cps.data-updated-events
notification.data-updated.filters.enabled-dataspaces: ""
notification.async.enabled: false
notification.async.executor.core-pool-size: 2
notification.async.executor.wait-for-tasks-to-complete-on-shutdown: true
notification.async.executor.thread-name-prefix: Async-
+# Strimzi KafkaUser and Topic config
+kafkaTopic:
+ - name: &dmiCmEventsTopic dmi-cm-events
+ retentionMs: 7200000
+ segmentBytes: 1073741824
+
+kafkaUser:
+ authenticationType: scram-sha-512
+ acls:
+ - name: cps-core-group
+ type: group
+ operations: [Read]
+ - name: *dataUpdatedTopic
+ type: topic
+ operations: [Write]
+ - name: *dmiCmEventsTopic
+ type: topic
+ operations: [Read]
+ - name: &ncmpAsyncM2MTopic ncmp-async-m2m
+ type: topic
+ operations: [Read]
+ - name: &cmAvcSubscriptionTopic cm-avc-subscription
+ type: topic
+ operations: [Read]
+
+topics:
+ config:
+ app.ncmp.async-m2m.topic: *ncmpAsyncM2MTopic
+ app.ncmp.avc.subscription-topic: *cmAvcSubscriptionTopic
+ app.dmi.cm-events.topic: *dmiCmEventsTopic
+
logging:
level: INFO
path: /tmp
pgDatabase: cpsdb
pgDataPath: data
pgUserExternalSecret: *pgUserCredsSecretName
+ serviceAccount:
+ nameOverride: cps-postgres-init
# pgPrimaryPassword: password
# pgUserPassword: password
readinessCheck:
wait_for:
- - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
+ services:
+ - '{{ .Values.global.postgres.service.name2 }}'
minReadySeconds: 10
updateStrategy:
type: RollingUpdate
maxUnavailable: 0
maxSurge: 1
+
+# Hazlecast custom configurations.
+hazelcast:
+ config:
+ kubernetesDiscovery: true
+ kubernetesServiceName: cps-core-headless
+
+
Code Review / oom.git / blobdiff