# Copyright © 2019 Amdocs, Bell Canada
# Copyright (c) 2020 Nordix Foundation, Modifications
# Modifications Copyright © 2020-2021 Nokia
+# Modifications Copyright © 2023 Nordix Foundation
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
nodePortPrefix: 302
nodePortPrefixExt: 304
-
- # Install test components
- # test components are out of the scope of ONAP but allow to have a entire
- # environment to test the different features of ONAP
- # Current tests environments provided:
- # - netbox (needed for CDS IPAM)
- # - AWX (needed for XXX)
- # - EJBCA Server (needed for CMPv2 tests)
- # Today, "contrib" chart that hosting these components must also be enabled
- # in order to make it work. So `contrib.enabled` must have the same value than
- # addTestingComponents
- addTestingComponents: &testing false
-
# ONAP Repository
# Four different repositories are used
# You can change individually these repositories to ones that will serve the
repository: nexus3.onap.org:10001
dockerHubRepository: &dockerHubRepository docker.io
elasticRepository: &elasticRepository docker.elastic.co
+ quayRepository: quay.io
googleK8sRepository: k8s.gcr.io
githubContainerRegistry: ghcr.io
- #/!\ DEPRECATED /!\
- # Legacy repositories which will be removed at the end of migration.
- # Please don't use
- loggingRepository: *elasticRepository
- busyboxRepository: *dockerHubRepository
-
# Default credentials
# they're optional. If the target repository doesn't need them, comment them
repositoryCred:
# user: myuser
# password: mypassord
+ # Default definition of the secret containing the docker image repository
+ # credentials. In the default ONAP deployment the secret is created by the
+ # repository-wrapper component, which uses the secrets defined above.
+ # If this is not wanted or other secrets are created, alternative secret
+ # names can be used
+ # Overrides for specific images can be done, if the "image" entry is used as
+ # a map and the "pullSecrets" is used, e.g.
+ # image:
+ # ...
+ # pullSecrets:
+ # - myRegistryKeySecretName
+ #
+ imagePullSecrets:
+ - '{{ include "common.namespace" . }}-docker-registry-key'
# common global images
# Busybox for simple shell manipulation
postgresImage: crunchydata/crunchy-postgres:centos8-13.2-4.6.1
# readiness check image
- readinessImage: onap/oom/readiness:3.0.1
+ readinessImage: onap/oom/readiness:6.0.3
# image pull policy
pullPolicy: Always
storageclassProvisioner: kubernetes.io/no-provisioner
volumeReclaimPolicy: Retain
+ # Global flag to enable the creation of default roles instead of using
+ # common roles-wrapper
+ createDefaultRoles: false
+
# override default resource limit flavor for all charts
flavor: unlimited
# Global ingress configuration
ingress:
+ # generally enable ingress for ONAP components
enabled: false
+ # enable all component's Ingress interfaces
+ enable_all: false
+
+ # Provider: ingress, istio, gw-api
+ provider: istio
+ # Ingress class (only for provider "ingress"): e.g. nginx, traefik
+ ingressClass:
+ # Ingress Selector (only for provider "istio") to match with the
+ # ingress pod label "istio=ingress"
+ ingressSelector: ingress
+ # optional: common used Gateway (for Istio, GW-API) and listener names
+ commonGateway:
+ name: ""
+ httpListener: ""
+ httpsListener: ""
+
+ # default Ingress base URL and preAddr- and postAddr settings
+ # Ingress URLs result:
+ # <preaddr><component.ingress.service.baseaddr><postaddr>.<baseurl>
virtualhost:
+ # Default Ingress base URL
+ # can be overwritten in component by setting ingress.baseurlOverride
baseurl: "simpledemo.onap.org"
+ # prefix for baseaddr
+ # can be overwritten in component by setting ingress.preaddrOverride
+ preaddr: ""
+ # postfix for baseaddr
+ # can be overwritten in component by setting ingress.postaddrOverride
+ postaddr: ""
+
+ # All http (port 80) requests via ingress will be redirected
+ # to port 443 on Ingress controller
+ # only valid for Istio Gateway (ServiceMesh enabled)
+ config:
+ ssl: "redirect"
+ # you can set an own Secret containing a certificate
+ # only valid for Istio Gateway (ServiceMesh enabled)
+ # tls:
+ # secret: 'my-ingress-cert'
+
+ # optional: Namespace of the Istio IngressGateway or Gateway-API
+ # only valid for Istio Gateway (ServiceMesh enabled)
+ namespace: istio-ingress
# Global Service Mesh configuration
- # POC Mode, don't use it in production
serviceMesh:
enabled: false
tls: true
# be aware that linkerd is not well tested
engine: "istio" # valid value: istio or linkerd
+ # Global Istio Authorization Policy configuration
+ authorizationPolicies:
+ enabled: false
+
# metrics part
# If enabled, exporters (for prometheus) will be deployed
# if custom resources set to yes, CRD from prometheus operartor will be
# Disabling AAF
# POC Mode, only for use in development environment
# Keep it enabled in production
- aafEnabled: true
- aafAgentImage: onap/aaf/aaf_agent:2.1.20
+ aafEnabled: false
# Disabling MSB
# POC Mode, only for use in development environment
name: cmpv2-issuer-onap
# Enabling CMPv2
- cmpv2Enabled: true
+ cmpv2Enabled: false
platform:
certificates:
clientSecretName: oom-cert-service-client-tls-secret
# Set to false if you want to disable TLS for NodePorts. Be aware that this
# will loosen your security.
# if set this element will force or not tls even if serviceMesh.tls is set.
- # tlsEnabled: false
+ tlsEnabled: false
# Logging
# Currently, centralized logging is not in best shape so it's disabled by
# storageClass: "-"
# Example of specific for the components which requires RWX:
-# aaf:
-# persistence:
-# storageClassOverride: "My_RWX_Storage_Class"
-# contrib:
-# netbox:
-# netbox-app:
-# persistence:
-# storageClassOverride: "My_RWX_Storage_Class"
# cds:
# cds-blueprints-processor:
# persistence:
# to customize the ONAP deployment.
#################################################################
-aaf:
- enabled: false
- aaf-sms:
- cps:
- # you must always set the same values as value set in cps.enabled
- enabled: false
aai:
enabled: false
-appc:
- enabled: false
- config:
- openStackType: OpenStackProvider
- openStackName: OpenStack
- openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html
- openStackServiceTenantName: default
- openStackDomain: default
- openStackUserName: admin
- openStackEncryptedPassword: admin
cassandra:
enabled: false
cds:
enabled: false
-clamp:
- enabled: false
cli:
enabled: false
-consul:
- enabled: false
-# Today, "contrib" chart that hosting these components must also be enabled
-# in order to make it work. So `contrib.enabled` must have the same value than
-# addTestingComponents
-contrib:
- enabled: *testing
cps:
enabled: false
dcaegen2-services:
enabled: false
-dcaemod:
- enabled: false
holmes:
enabled: false
dmaap:
enabled: false
-# Today, "logging" chart that perform the central part of logging must also be
-# enabled in order to make it work. So `logging.enabled` must have the same
-# value than centralizedLoggingEnabled
-log:
- enabled: *centralizedLogging
-sniro-emulator:
- enabled: false
+ message-router:
+ enabled: false
+ dmaap-dr-prov:
+ enabled: false
+ dmaap-dr-node:
+ enabled: false
oof:
enabled: false
mariadb-galera:
openStackVNFTenantId: "1234"
policy:
enabled: false
-pomba:
- enabled: false
-portal:
+portal-ng:
enabled: false
robot:
enabled: false
config:
- # openStackEncryptedPasswordHere should match the encrypted string used in SO and APPC and overridden per environment
+ # openStackEncryptedPasswordHere should match the encrypted string used in SO and overridden per environment
openStackEncryptedPasswordHere: "c124921a3a0efbe579782cde8227681e"
sdc:
enabled: false
# server:
# monitoring:
# password: demo123456!
+
strimzi:
enabled: false
+ # Kafka replication & disk storage should be dimensioned
+ # according to each given system use case.
+ replicaCount: 3
+ persistence:
+ kafka:
+ size: 10Gi
+ zookeeper:
+ size: 1Gi
+ # Strimzi kafka bridge is an optional http api towards
+ # kafka provided by https://strimzi.io/docs/bridge/latest/
+ strimzi-kafka-bridge:
+ enabled: false
+
uui:
enabled: false
vfc:
enabled: false
-vid:
- enabled: false
vnfsdk:
enabled: false
modeling:
enabled: false
a1policymanagement:
enabled: false
-
-cert-wrapper:
- enabled: true
repository-wrapper:
enabled: true
roles-wrapper:
Code Review / oom.git / blobdiff