# ================================ LICENSE_START =============================
# ============================================================================
# Copyright (C) 2021 Nordix Foundation.
+# Copyright (c) 2022-2023 J. F. Lucas. All rights reserved.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
+ centralizedLoggingEnabled: true
#################################################################
# Filebeat Configuration Defaults.
# Secrets Configuration.
#################################################################
secrets:
- - uid: &aafCredsUID aafcreds
- type: basicAuth
- login: '{{ .Values.aafCreds.identity }}'
- password: '{{ .Values.aafCreds.password }}'
- passwordPolicy: required
- uid: &pgUserCredsSecretUid pg-user-creds
name: &pgUserCredsSecretName '{{ include "common.release" . }}-pmsh-pg-user-creds'
type: basicAuth
password: '{{ .Values.postgres.config.pgUserPassword }}'
passwordPolicy: generate
-#################################################################
-# InitContainer Images.
-#################################################################
-tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1
-
#################################################################
# Application Configuration Defaults.
#################################################################
# Application Image
-image: onap/org.onap.dcaegen2.services.pmsh:1.3.2
+image: onap/org.onap.dcaegen2.services.pmsh:2.2.3
pullPolicy: Always
# Log directory where logging sidecar should look for log files
-# if absent, no sidecar will be deployed
-logDirectory: /var/log/ONAP/dcaegen2/services/pmsh
-
-# Directory where TLS certs should be stored
-# if absent, no certs will be retrieved and stored
-certDirectory: /opt/app/pmsh/etc/certs
-
-# TLS role -- set to true if microservice acts as server
-# If true, an init container will retrieve a server cert
-# and key from AAF and mount them in certDirectory.
-tlsServer: true
-
-# Dependencies
-readinessCheck:
- wait_for:
- - dcae-config-binding-service
- - aaf-cm
- - &postgresName dcae-pmsh-postgres
+# if path is set to null sidecar won't be deployed in spite of
+# global.centralizedLoggingEnabled setting.
+log:
+ path: /var/log/ONAP/dcaegen2/services/pmsh
+logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
# Probe Configuration
readiness:
periodSeconds: 15
timeoutSeconds: 1
path: /healthcheck
- scheme: HTTPS
- port: 8443
+ scheme: HTTP
+ port: 8080
# Service Configuration
service:
type: ClusterIP
name: dcae-pmsh
ports:
- - name: https
- port: 8443
+ - name: http
+ port: 8080
+ plain_port: 8080
port_protocol: http
-# AAF Credentials
-aafCreds:
- identity: dcae@dcae.onap.org
- password: demo123456!
-
-credentials:
-- name: AAF_IDENTITY
- uid: *aafCredsUID
- key: login
-- name: AAF_PASSWORD
- uid: *aafCredsUID
- key: password
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ authorizedPrincipalsPostgres:
+ - serviceAccount: dcae-pmsh-read
# Initial Application Configuration
applicationConfig:
- enable_tls: true
- aaf_identity: ${AAF_IDENTITY}
- aaf_password: ${AAF_PASSWORD}
+ enable_tls: false
+ aaf_identity: dummy_value
+ aaf_password: dummy_value
key_path: /opt/app/pmsh/etc/certs/key.pem
cert_path: /opt/app/pmsh/etc/certs/cert.pem
ca_cert_path: /opt/app/pmsh/etc/certs/cacert.pem
policy_pm_publisher:
type: message_router
dmaap_info:
- topic_url: "https://message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT"
+ topic_url: "http://message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT"
streams_subscribes:
policy_pm_subscriber:
type: message_router
dmaap_info:
- topic_url: "https://message-router:3905/events/unauthenticated.PMSH_CL_INPUT"
+ topic_url: "http://message-router:3904/events/unauthenticated.PMSH_CL_INPUT"
aai_subscriber:
type: message_router
dmaap_info:
- topic_url: "https://message-router:3905/events/AAI-EVENT"
+ topic_url: "http://message-router:3904/events/AAI-EVENT"
applicationEnv:
PMSH_PG_URL: &dcaePmshPgPrimary dcae-pmsh-pg-primary
PMSH_PG_PASSWORD:
secretUid: *pgUserCredsSecretUid
key: password
+ PMSH_API_PORT: '8080'
# Resource Limit Flavor -By Default Using Small
flavor: small
resources:
small:
limits:
- cpu: 1
- memory: 1Gi
+ cpu: "1"
+ memory: "1Gi"
requests:
- cpu: 1
- memory: 1Gi
+ cpu: "1"
+ memory: "1Gi"
large:
limits:
- cpu: 2
- memory: 2Gi
+ cpu: "2"
+ memory: "2Gi"
requests:
- cpu: 2
- memory: 2Gi
+ cpu: "2"
+ memory: "2Gi"
unlimited: {}
#################################################################
# Application configuration Overriding Defaults in the Postgres.
#################################################################
postgres:
- nameOverride: *postgresName
+ nameOverride: &postgresName dcae-pmsh-postgres
service:
name: *postgresName
name2: *dcaePmshPgPrimary
pgDatabase: pmsh
pgUserExternalSecret: *pgUserCredsSecretName
+# Dependencies
+readinessCheck:
+ wait_for:
+ services:
+ - '{{ .Values.postgres.service.name2 }}'
+ - message-router
+
#Pods Service Account
serviceAccount:
nameOverride: dcae-pmsh
Code Review / oom.git / blobdiff