# Copyright © 2017 Amdocs, Bell Canada
# Modifications Copyright © 2018 AT&T, ZTE
+# Modifications Copyright © 2025 Deutsche Telekom
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#################################################################
global:
nodePortPrefix: 302
- aafEnabled: true
persistence: {}
sdc_cassandra:
#This flag allows SDC to instantiate its own cluster, serviceName
clusterName: cassandra
dataCenter: Pod
-#################################################################
-# AAF Part
-#################################################################
-certInitializer:
- nameOverride: sdc-onboarding-be-cert-init
- aafDeployFqi: deployer@people.osaaf.org
- aafDeployPass: demo123456!
- fqdn: sdc
- fqi: sdc@sdc.onap.org
- public_fqdn: sdc.onap.org
- cadi_longitude: "0.0"
- cadi_latitude: "0.0"
- app_ns: org.osaaf.aaf
- credsPath: /opt/app/osaaf/local
- addconfig: true
- keystoreFile: "org.onap.sdc.p12"
- truststoreFile: "org.onap.sdc.trust.jks"
- permission_user: 352070
- permission_group: 35953
- aaf_add_config: |
- echo "cadi_keystore_password_p12=$cadi_keystore_password_p12" > {{ .Values.credsPath }}/mycreds.prop
- echo "cadi_truststore_password=$cadi_truststore_password" >> {{ .Values.credsPath }}/mycreds.prop
-
#################################################################
# Application configuration defaults.
#################################################################
# application image
-image: onap/sdc-onboard-backend:1.11.4
-onboardingInitImage: onap/sdc-onboard-cassandra-init:1.11.4
+image: onap/sdc-onboard-backend:1.14.1
+onboardingInitImage: onap/sdc-onboard-cassandra-init:1.14.1
pullPolicy: Always
# flag to enable debugging - application support required
# probe configuration parameters
liveness:
+ path: /onboarding-api/v1.0/healthcheck
initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 15
enabled: true
readiness:
+ path: /onboarding-api/v1.0/healthcheck
initialDelaySeconds: 1
periodSeconds: 10
timeoutSeconds: 15
failureThreshold: 3
startup:
+ path: /onboarding-api/v1.0/healthcheck
initialDelaySeconds: 10
periodSeconds: 10
timeoutSeconds: 15
service:
type: ClusterIP
name: sdc-onboarding-be
- portName: http
- internalPort: 8445
- externalPort: 8445
+ internalPort: 8081
+ jobPort: 8080
+ ports:
+ - name: http
+ port: 8081
- internalPort2: 8081
- externalPort2: 8081
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: sdc-be-read
## Persist data to a persitent volume
persistence:
mountPath: /dockerdata-nfs
mountSubPath: /sdc/sdc-cs/CS
-##Certificate storage persistence
-##This is temporary solution for SDC-1980
-cert:
- certDir: /app/jetty/cert
- persistence:
- enabled: true
- size: 10Mi
- accessMode: ReadWriteOnce
- volumeReclaimPolicy: Retain
- mountSubPath: /sdc/onbaording/cert
-
-securityContext:
- fsGroup: 35953
- runAsUser: 352070
-
ingress:
enabled: false
resources:
small:
limits:
- cpu: 500m
- memory: 2Gi
+ cpu: "2"
+ memory: "2Gi"
requests:
- cpu: 40m
- memory: 1Gi
+ cpu: "0.5"
+ memory: "1.5Gi"
large:
limits:
- cpu: 1
- memory: 4Gi
+ cpu: "2"
+ memory: "3Gi"
requests:
- cpu: 80m
- memory: 2Gi
+ cpu: "1"
+ memory: "3Gi"
unlimited: {}
#Pods Service Account
containers:
- '{{ include "common.name" . }}-job'
+readinessCheck:
+ wait_for:
+ timeout: 25
+ jobs:
+ - '{{ include "common.release" . }}-sdc-onboarding-be'
+ job_wait_for:
+ timeout: 20
+ jobs:
+ - '{{ include "common.release" . }}-sdc-cs'
+
#Log configuration
log:
path: /var/log/onap
logConfigMapNamePrefix: '{{ include "common.fullname" . }}'
+
+securityContext:
+ user_id: 1000
+ group_id: 101
+
+volumes:
+ logSizeLimit: 300Mi
+ jettySizeLimit: 400Mi
+ tmpSizeLimit: 500Mi
+
+resources_initContainer:
+ limits:
+ cpu: "100m"
+ memory: "500Mi"
+ requests:
+ cpu: "3m"
+ memory: "20Mi"
+
+jobPodSecurityContext:
+ fsGroup: 1000
+ runAsGroup: 1000
+ runAsNonRoot: true
+ runAsUser: 1000
+ seccompProfile:
+ type: RuntimeDefault
+
+#################################################################
+# Settings from Default.rb
+#################################################################
+ONBOARDING_BE:
+ http_port: 8081
+ https_port: 8445
+ catalog_notification_url: "%s://%s:%s/sdc2/rest/v1/catalog/notif/vsp/"
+FE:
+ http_port: 8181
+ https_port: 9443
+disableHttp: true
+cassandra:
+ truststore_password: Aa123456
+ cassandra_port: 9042
+ datacenter_name: DC-
+ cluster_name: SDC-CS-
+ socket_read_timeout: 20000
+ socket_connect_timeout: 20000
+ janusgraph_connection_timeout: 10000
+ cassandra_user: asdc_user
+ cassandra_password: Aa1234%^!
+sdcHelmValidator:
+ enabled: true
+ helmVersion: 3.5.2
+ deployable: true
+ lintable: false
+ strictLintable: false
+ url: http://sdc-helm-validator:8080/validate
+VnfRepo:
+ vnfRepoPort: 8703
+ vnfRepoHost: refrepo
+jetty:
+ trustStorePassword: "z+KEj;t+,KN^iimSiS89e#p0"
+ keyManagerPassword: "?(kP!Yur![*!Y5!E^f(ZKc31"
+ keyStorePassword: "?(kP!Yur![*!Y5!E^f(ZKc31"
+basic_auth:
+ enabled: true
+ user_name: testName
+ user_pass: testPass
+ excludedUrls: /v1.0/healthcheck
+
+EXTTEST:
+ ep1_config: vtp,VTP,true,http://refrepo:8702/onapapi/vnfsdk-marketplace,onap.*
+ ep2_config: repository,Repository,false,,.*
+
+#Addiding extra Envs
+permittedAncestors: ""
+JETTY_BASE: "/app/jetty"
+http_option: http_option
+
+autoscaling:
+ enabled: true
+ minReplicas: 1
+ maxReplicas: 3
+ targetCPUUtilizationPercentage: 75
+
+# number of ReplicaSets that should be retained for the Deployment
+revisionHistoryLimit: 1
+
+# the minimum number of seconds that a newly created Pod should be ready
+minReadySeconds: 30
+updateStrategy:
+ type: RollingUpdate
+ # The number of pods that can be unavailable during the update process
+ maxUnavailable: 0
+ # The number of pods that can be created above the desired amount of pods during an update
+ maxSurge: 1
+
+metrics:
+ serviceMonitor:
+ enabled: true
+ targetPort: 8081
+ path: /onboarding-api/v1.0/actuator/prometheus
+ basicAuth:
+ enabled: false
+
+logback:
+ rootLogLevel: INFO
+
+# Annotations to control the execution and deletion of the job
+# Can be used to delete a job before an Upgrade
+#
+# jobAnnotations:
+# # In case of an ArgoCD deployment this Hook deletes the job before syncing
+# argocd.argoproj.io/hook: Sync
+# argocd.argoproj.io/hook-delete-policy: BeforeHookCreation
+#
+# # In case of an Helm/Flux deployment this Hook deletes the job
+# # This is what defines this resource as a hook. Without this line, the
+# # job is considered part of the release.
+# "helm.sh/hook": "pre-upgrade,pre-rollback,post-install"
+# "helm.sh/hook-delete-policy": "before-hook-creation"
+# "helm.sh/hook-weight": "1"