X-Git-Url: https://gerrit.onap.org/r/gitweb?p=oom.git;a=blobdiff_plain;f=kubernetes%2Fpolicy%2Fvalues.yaml;h=d1527ab6b8f83c56c255983717b64ea4dc3446fd;hp=7abd75d83246bf3230b715130e2b79b321f4094e;hb=refs%2Fheads%2Fmaster;hpb=2f85c74720eaeb1a95403d227cb7d9bf548bffb4

diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 7abd75d832..0291a0652d 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -18,14 +18,22 @@
 # Global configuration defaults.
 #################################################################
 global:
-  mariadb:
+  mariadbGalera:
+    # flag to enable the DB creation via mariadb-operator
+    useOperator: true
+    # if useOperator set to "true", set "enableServiceAccount to "false"
+    # as the SA is created by the Operator
+    enableServiceAccount: false
+    localCluster: true
     # '&mariadbConfig' means we "store" the values for  later use in the file
     # with '*mariadbConfig' pointer.
     config: &mariadbConfig
       mysqlDatabase: policyadmin
-    service: &mariadbService
-      name: &policy-mariadb policy-mariadb
-      internalPort: 3306
+    service: &mariadbService policy-mariadb
+    internalPort: 3306
+    nameOverride: *mariadbService
+    # (optional) if localCluster=false and an external secret is used set this variable
+    #userRootSecret: <secretName>
   prometheusEnabled: false
   postgres:
     localCluster: false
@@ -35,14 +43,11 @@ global:
       name3: tcp-pgset-replica
     container:
       name: postgres
-  #Strimzi Kafka properties
-  useStrimziKafka: true
-  kafkaBootstrap: strimzi-kafka-bootstrap
+  kafkaBootstrap: strimzi-kafka-bootstrap:9092
   policyKafkaUser: policy-kafka-user
   kafkaTopics:
     acRuntimeTopic:
       name: policy.clamp-runtime-acm
-
 #################################################################
 # Secrets metaconfig
 #################################################################
@@ -50,7 +55,19 @@ secrets:
   - uid: db-root-password
     name: &dbRootPassSecretName '{{ include "common.release" . }}-policy-db-root-password'
     type: password
-    externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .) (hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret"))}}'
+    externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
+      ternary (( hasSuffix "policy-db-root-password" (index .Values "mariadb-galera" "rootUser" "externalSecret")) |
+               ternary
+                  ""
+                  (tpl (default "" (index .Values "mariadb-galera" "rootUser" "externalSecret")) .)
+               )
+               ( (not (empty (default "" .Values.global.mariadbGalera.userRootSecret))) |
+                 ternary
+                   .Values.global.mariadbGalera.userRootSecret
+                   (include "common.mariadb.secret.rootPassSecretName"
+                     (dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)
+                   )
+               ) }}'
     password: '{{ (index .Values "mariadb-galera" "rootUser" "password") }}'
     policy: generate
   - uid: db-secret
@@ -81,19 +98,6 @@ secrets:
     login: '{{ .Values.restServer.policyApiUserName }}'
     password: '{{ .Values.restServer.policyApiUserPassword }}'
     passwordPolicy: required
-  - uid: pg-root-pass
-    name: &pgRootPassSecretName '{{ include "common.release" . }}-policy-pg-root-pass'
-    type: password
-    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgRootPasswordExternalSecret) .) (hasSuffix "policy-pg-root-pass" .Values.postgres.config.pgRootPasswordExternalSecret) }}'
-    password: '{{ .Values.postgres.config.pgRootpassword }}'
-    policy: generate
-  - uid: pg-user-creds
-    name: &pgUserCredsSecretName '{{ include "common.release" . }}-policy-pg-user-creds'
-    type: basicAuth
-    externalSecret: '{{ ternary "" (tpl (default "" .Values.postgres.config.pgUserExternalSecret) .) (hasSuffix "policy-pg-user-creds" .Values.postgres.config.pgUserExternalSecret) }}'
-    login: '{{ .Values.postgres.config.pgUserName }}'
-    password: '{{ .Values.postgres.config.pgUserPassword }}'
-    passwordPolicy: generate
 
 db: &dbSecretsHook
   credsExternalSecret: *dbSecretName
@@ -124,7 +128,7 @@ policy-apex-pdp:
   config:
     jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
 policy-drools-pdp:
-  enabled: true
+  enabled: false
   db: *dbSecretsHook
   config:
     jaasConfExternalSecret: '{{ include "common.release" . }}-{{ .Values.global.policyKafkaUser }}'
@@ -163,7 +167,7 @@ policy-gui:
 #################################################################
 
 dbmigrator:
-  image: onap/policy-db-migrator:2.6.1
+  image: onap/policy-db-migrator:3.1.2
   schema: policyadmin
   policy_home: "/opt/app/policy"
 
@@ -195,7 +199,6 @@ readiness:
 
 config:
   policyAppUserName: runtimeUser
-  useStrimziKafka: true
   policyPdpPapTopic:
     name: policy-pdp-pap
     partitions: 10
@@ -220,23 +223,27 @@ config:
   someConfig: blah
 
 mariadb-galera:
-  # mariadb-galera.config and global.mariadb.config must be equals
+  # mariadb-galera.config and global.mariadbGalera.config must be equals
   db:
-    user: policy_user
+    user: policy-user
     # password:
     externalSecret: *dbSecretName
     name: &mysqlDbName policyadmin
   rootUser:
     externalSecret: *dbRootPassSecretName
-  nameOverride: *policy-mariadb
-  # mariadb-galera.service and global.mariadb.service must be equals
-  service: *mariadbService
+  nameOverride: *mariadbService
+  # mariadb-galera.service and global.mariadbGalera.service must be equals
+  service:
+    name: *mariadbService
   replicaCount: 1
+  mariadbOperator:
+    galera:
+      enabled: false
   persistence:
     enabled: true
     mountSubPath: policy/maria/data
   serviceAccount:
-    nameOverride: *policy-mariadb
+    nameOverride: *mariadbService
 
 postgresImage: library/postgres:latest
 # application configuration override for postgres
@@ -254,14 +261,18 @@ postgres:
     mountSubPath: policy/postgres/data
     mountInitPath: policy
   config:
-    pgUserName: policy_user
+    pgUserName: policy-user
     pgDatabase: policyadmin
-    pgUserExternalSecret: *pgUserCredsSecretName
-    pgRootPasswordExternalSecret: *pgRootPassSecretName
+    pgUserExternalSecret: *dbSecretName
+    pgRootPasswordExternalSecret: *dbRootPassSecretName
 
 readinessCheck:
-  wait_for:
-    - '{{ ternary .Values.postgres.service.name "postgres" .Values.global.postgres.localCluster }}'
+  wait_for_postgres:
+    services:
+      - '{{ .Values.global.postgres.service.name2 }}'
+  wait_for_mariadb:
+    services:
+      - '{{ include "common.mariadbService" . }}'
 
 restServer:
   policyPapUserName: policyadmin
@@ -275,18 +286,18 @@ flavor: small
 resources:
   small:
     limits:
-      cpu: 1
-      memory: 4Gi
+      cpu: "1"
+      memory: "4Gi"
     requests:
-      cpu: 100m
-      memory: 1Gi
+      cpu: "100m"
+      memory: "1Gi"
   large:
     limits:
-      cpu: 2
-      memory: 8Gi
+      cpu: "2"
+      memory: "8Gi"
     requests:
-      cpu: 200m
-      memory: 2Gi
+      cpu: "200m"
+      memory: "2Gi"
   unlimited: {}
 
 #Pods Service Account