[DMAAP] Update Kohn versions

[oom.git] / kubernetes / dmaap / components / message-router / values.yaml

diff --git a/kubernetes/dmaap/components/message-router/values.yaml b/kubernetes/dmaap/components/message-router/values.yaml
index aca2fc4..63c62ca 100644 (file)
--- a/kubernetes/dmaap/components/message-router/values.yaml
+++ b/kubernetes/dmaap/components/message-router/values.yaml
@@ -1,5 +1,6 @@
 # Copyright © 2017 Amdocs, Bell Canada
 # Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2021-2022 Nordix Foundation
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -18,31 +19,77 @@
 #################################################################
 global:
   nodePortPrefix: 302
-  readinessRepository: oomk8s
-  readinessImage: readiness-check:2.0.0
-  loggingRepository: docker.elastic.co
-  loggingImage: beats/filebeat:5.5.0
+  kafkaBootstrap: strimzi-kafka-bootstrap
+  saslMechanism: scram-sha-512
+  kafkaInternalPort: 9092
+  zkTunnelService:
+    type: ClusterIP
+    name: zk-tunnel-svc
+    portName: tcp-zk-tunnel
+    internalPort: 2181
+
+#################################################################
+# AAF part
+#################################################################
+certInitializer:
+  nameOverride: dmaap-mr-cert-initializer
+  aafDeployFqi: deployer@people.osaaf.org
+  aafDeployPass: demo123456!
+  # aafDeployCredsExternalSecret: some secret
+  fqdn: dmaap-mr
+  fqi: dmaapmr@mr.dmaap.onap.org
+  public_fqdn: mr.dmaap.onap.org
+  cadi_longitude: "-122.26147"
+  cadi_latitude: "37.78187"
+  app_ns: org.osaaf.aaf
+  credsPath: /opt/app/osaaf/local
+  appMountPath: /appl/dmaapMR1/bundleconfig/etc/sysprops
+  fqi_namespace: org.onap.dmaap.mr
+  aaf_add_config: |
+    cd {{ .Values.credsPath }}
+    echo "*** change jks password into shell safe one"
+    export KEYSTORE_PASSWD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1)
+    keytool -storepasswd -new "${KEYSTORE_PASSWD}" \
+      -storepass "${cadi_keystore_password_jks}" \
+      -keystore {{ .Values.fqi_namespace }}.jks
+    echo "*** set key password as same password as jks keystore password"
+      keytool -keypasswd -new "${KEYSTORE_PASSWD}" \
+        -keystore {{ .Values.fqi_namespace }}.jks \
+        -keypass "${cadi_keystore_password_jks}" \
+        -storepass "${KEYSTORE_PASSWD}" -alias {{ .Values.fqi }}
+    echo "*** store the passwords"
+    echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWD}" > mycreds.prop
+    echo "KEYSTORE_PASSWORD_P12=${cadi_keystore_password_p12}" >> mycreds.prop
+    echo "TRUSTSTORE_PASSWORD=${cadi_truststore_password}" >> mycreds.prop
+    echo "*** give ownership of files to the user"
+    chown -R 1000 .
 
 #################################################################
 # Application configuration defaults.
 #################################################################
 # application image
-repository: nexus3.onap.org:10001
-image: onap/dmaap/dmaap-mr:1.1.18
+image: onap/dmaap/dmaap-mr:1.4.3
 pullPolicy: Always
 
-kafka:
-  name: message-router-kafka
-  port: 9092
 zookeeper:
-  name: message-router-zookeeper
-  port: 2181
+  entrance:
+    image: scholzj/zoo-entrance:latest
+
+secrets:
+  - uid: mr-kafka-admin-secret
+    externalSecret: '{{ tpl (default "" .Values.config.jaasConfExternalSecret) . }}'
+    type: genericKV
+    envs:
+      - name: sasl.jaas.config
+        value: '{{ .Values.config.someConfig }}'
+        policy: generate
 
 # flag to enable debugging - application support required
 debugEnabled: false
 
 # application configuration
-config: {}
+config:
+  someConfig: blah
 
 # default number of instances
 replicaCount: 1
@@ -53,18 +100,30 @@ affinity: {}
 
 # probe configuration parameters
 liveness:
-  initialDelaySeconds: 70
+  initialDelaySeconds: 10
   periodSeconds: 10
   timeoutSeconds: 1
+  successThreshold: 1
+  failureThreshold: 3
   # necessary to disable liveness probe when setting breakpoints
   # in debugger so K8s doesn't restart unresponsive container
   port: api
   enabled: true
 
 readiness:
-  initialDelaySeconds: 70
+  initialDelaySeconds: 10
   periodSeconds: 10
   timeoutSeconds: 1
+  successThreshold: 1
+  failureThreshold: 3
+  port: api
+
+startup:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  timeoutSeconds: 1
+  successThreshold: 1
+  failureThreshold: 70
   port: api
 
 service:
@@ -89,7 +148,6 @@ prometheus:
     enabled: false
     image: solsson/kafka-prometheus-jmx-exporter@sha256
     imageTag: 6f82e2b0464f50da8104acd7363fb9b995001ddff77d248379f8788e78946143
-    imageRepository: docker.io
     port: 5556
     targetPort: 5555
 
@@ -100,7 +158,7 @@ ingress:
       name: "message-router"
       port: 3905
   config:
-    ssl: "none"
+    ssl: "redirect"
 
 
 # Resource Limit flavor -By Default using small
@@ -122,3 +180,9 @@ resources:
       cpu: 1000m
       memory: 2Gi
   unlimited: {}
+
+#Pods Service Account
+serviceAccount:
+  nameOverride: message-router
+  roles:
+    - read