global:
nodePortPrefix: 302
persistence: {}
+ useStrimziKafkaPf: set-via-parent-chart-global-value
#################################################################
# Secrets metaconfig
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-apex-pdp:2.9.1
+ image: onap/policy-apex-pdp:2.9.2
pullPolicy: Always
# flag to enable debugging - application support required
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# Resource Limit flavor -By Default using small
# Segregation for Different environment (Small and Large)
flavor: small
# application configuration
config:
# Event consumption (kafka) properties
- useStrimziKafka: true
+ useStrimziKafkaPf: true
kafkaBootstrap: strimzi-kafka-bootstrap
kafka:
consumer:
- groupId: policy-group
+ groupId: policy-apex
app:
listener:
policyPdpPapTopic: policy-pdp-pap
#
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format instead of yaml.
+ kafkaUser:
+ authenticationType: scram-sha-512
+ acls:
+ - name: policy-apex
+ type: group
+ operations: [Create, Describe, Read, Write]
+ - name: policy-pdp-pap
+ type: topic
+ patternType: prefix
+ operations: [Create, Describe, Read, Write]
+ - name: policy-heartbeat
+ type: topic
+ patternType: prefix
+ operations: [Create, Describe, Read, Write]
+
+ readinessCheck:
+ wait_for:
+ - message-router
global:
nodePortPrefix: 304
persistence: {}
+ postgres:
+ localCluster: false
#################################################################
# Secrets metaconfig
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-api:2.8.1
+ image: onap/policy-api:2.8.2
pullPolicy: Always
# flag to enable debugging - application support required
password: policy_user
service:
name: policy-mariadb
+ pgName: policy-pg-primary
internalPort: 3306
+ internalPgPort: 5432
restServer:
user: policyadmin
- name: http
port: 6969
-
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: policy-pap-read
+
flavor: small
resources:
small:
limits:
cpu: 1
- memory: 4Gi
+ memory: 6Gi
requests:
- cpu: 100m
+ cpu: 150m
memory: 1Gi
large:
limits:
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-clamp-ac-a1pms-ppnt:6.4.1
+ image: onap/policy-clamp-ac-a1pms-ppnt:6.4.2
pullPolicy: Always
componentName: &componentName policy-clamp-ac-a1pms-ppnt
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# probe configuration parameters
liveness:
initialDelaySeconds: 20
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-clamp-ac-http-ppnt:6.4.1
+ image: onap/policy-clamp-ac-http-ppnt:6.4.2
pullPolicy: Always
componentName: &componentName policy-clamp-ac-http-ppnt
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# probe configuration parameters
liveness:
initialDelaySeconds: 20
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-clamp-ac-k8s-ppnt:6.4.1
+ image: onap/policy-clamp-ac-k8s-ppnt:6.4.2
pullPolicy: Always
componentName: &componentName policy-clamp-ac-k8s-ppnt
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
flavor: small
resources:
small:
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-clamp-ac-kserve-ppnt:6.4.1
+ image: onap/policy-clamp-ac-kserve-ppnt:6.4.2
pullPolicy: Always
componentName: &componentName policy-clamp-ac-kserve-ppnt
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# probe configuration parameters
liveness:
initialDelaySeconds: 20
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-clamp-ac-pf-ppnt:6.4.1
+ image: onap/policy-clamp-ac-pf-ppnt:6.4.2
pullPolicy: Always
componentName: &componentName policy-clamp-ac-pf-ppnt
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
# probe configuration parameters
liveness:
initialDelaySeconds: 20
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-clamp-runtime-acm:6.4.1
+ image: onap/policy-clamp-runtime-acm:6.4.2
pullPolicy: Always
componentName: &componentName policy-clamp-runtime-acm
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ - serviceAccount: policy-gui-read
+
flavor: small
resources:
small:
limits:
cpu: 1
- memory: 4Gi
+ memory: 6Gi
requests:
- cpu: 100m
- memory: 1Gi
+ cpu: 200m
+ memory: 2Gi
large:
limits:
cpu: 2
memory: 8Gi
requests:
- cpu: 200m
- memory: 2Gi
+ cpu: 400m
+ memory: 4Gi
unlimited: {}
#Pods Service Account
wait_for_job_container:
containers:
- - '{{ include "common.release" . }}-policy-galera-config'
+ - '{{ include "common.release" . }}-policy-galera-config'
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-distribution:2.9.1
+ image: onap/policy-distribution:2.9.2
pullPolicy: Always
# flag to enable debugging - application support required
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: policy-pap-read
+
flavor: small
resources:
small:
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-pdpd-cl:1.12.1
+ image: onap/policy-pdpd-cl:1.12.2
pullPolicy: Always
# flag to enable debugging - application support required
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+
server:
jvmOpts: -server -XshowSettings:vm
flavor: small
# application image
- image: onap/policy-gui:2.4.1
+ image: onap/policy-gui:2.4.2
pullPolicy: Always
# flag to enable debugging - application support required
config:
ssl: "redirect"
-#resources: {}
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: istio-ingress
+ namespace: istio-ingress
+
+ #resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
global:
nodePortPrefixExt: 304
persistence: {}
+ useStrimziKafkaPf: set-via-parent-chart-global-value
+ postgres:
+ localCluster: false
#################################################################
# Secrets metaconfig
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-pap:2.8.1
+ image: onap/policy-pap:2.8.2
pullPolicy: Always
# flag to enable debugging - application support required
password: policy_user
service:
name: policy-mariadb
+ pgName: policy-pg-primary
internalPort: 3306
+ internalPgPort: 5432
restServer:
user: policyadmin
ports:
- name: http-api
port: 6969
+ - name: debug-port
+ port: 5005
+ protocol: TCP
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: message-router-read
+ - serviceAccount: portal-app-read
+
flavor: small
resources:
small:
limits:
- cpu: 1
- memory: 4Gi
+ cpu: 2
+ memory: 6Gi
requests:
- cpu: 100m
- memory: 1Gi
+ cpu: 200m
+ memory: 2Gi
large:
limits:
- cpu: 2
+ cpu: 4
memory: 8Gi
requests:
- cpu: 200m
- memory: 2Gi
+ cpu: 400m
+ memory: 4Gi
unlimited: {}
#Pods Service Account
# application configuration
config:
# Event consumption (kafka) properties
- useStrimziKafka: true
+ useStrimziKafkaPf: true
kafkaBootstrap: strimzi-kafka-bootstrap
kafka:
+ topics:
+ policyHeartbeat: policy-heartbeat
+ policyNotification: policy-notification
+ policyPdpPap: policy-pdp-pap
consumer:
- groupId: policy-group
+ groupId: policy-pap
app:
listener:
policyPdpPapTopic: policy-pdp-pap
+
+ dmaap:
+ topics:
+ policyHeartbeat: POLICY-HEARTBEAT
+ policyNotification: POLICY-NOTIFICATION
+ policyPdpPap: POLICY-PDP-PAP
# If targeting a custom kafka cluster, ie useStrimziKakfa: false
# uncomment below config and target your kafka bootstrap servers,
# along with any other security config.
#
# Any new property can be added in the env by setting in overrides in the format mentioned below
# All the added properties must be in "key: value" format instead of yaml.
+ kafkaUser:
+ authenticationType: scram-sha-512
+ acls:
+ - name: policy-pap
+ type: group
+ operations: [Create, Describe, Read, Write]
+ - name: policy-pdp-pap
+ type: topic
+ patternType: prefix
+ operations: [Create, Describe, Read, Write]
+ - name: policy-heartbeat
+ type: topic
+ patternType: prefix
+ operations: [Create, Describe, Read, Write]
+ - name: policy-notification
+ type: topic
+ patternType: prefix
+ operations: [Create, Describe, Read, Write]
+
+ readinessCheck:
+ wait_for:
+ - message-router
# Application configuration defaults.
#################################################################
# application image
- image: onap/policy-xacml-pdp:2.8.1
+ image: onap/policy-xacml-pdp:2.8.2
pullPolicy: Always
# flag to enable debugging - application support required
ingress:
enabled: false
+serviceMesh:
+ authorizationPolicy:
+ authorizedPrincipals:
+ - serviceAccount: dcae-datafile-collector-read
+ - serviceAccount: dcae-datalake-admin-ui-read
+ - serviceAccount: dcae-datalake-des-read
+ - serviceAccount: dcae-datalake-feeder-read
+ - serviceAccount: dcae-heartbeat-read
+ - serviceAccount: dcae-hv-ves-collector-read
+ - serviceAccount: dcae-kpi-ms-read
+ - serviceAccount: dcae-pm-mapper-read
+ - serviceAccount: dcae-pmsh-read
+ - serviceAccount: dcae-prh-read
+ - serviceAccount: dcae-restconf-collector-read
+ - serviceAccount: dcae-slice-analysis-ms-read
+ - serviceAccount: dcae-snmptrap-collector-read
+ - serviceAccount: dcae-son-handler-read
+ - serviceAccount: dcae-tcagen2-read
+ - serviceAccount: dcae-ves-collector-read
+ - serviceAccount: dcae-ves-mapper-read
+ - serviceAccount: dcae-ves-openapi-manager-read
+ - serviceAccount: message-router-read
+ - serviceAccount: oof-read
+ - serviceAccount: sdnc-read
+
flavor: small
resources:
small:
limits:
- cpu: 1
- memory: 4Gi
+ cpu: 2
+ memory: 6Gi
requests:
- cpu: 100m
- memory: 1Gi
+ cpu: 200m
+ memory: 2Gi
large:
limits:
cpu: 2
memory: 8Gi
requests:
cpu: 200m
- memory: 2Gi
+ memory: 4Gi
unlimited: {}
#Pods Service Account