summaryrefslogtreecommitdiffstats
path: root/kubernetes/common/elasticsearch/values.yaml
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-09 01:43:08 +0200
committerKrzysztof Opasiak <k.opasiak@samsung.com>2020-05-22 19:54:29 +0200
commitc6152ced0f67d3880211929835dacb13f2a7a30c (patch)
treeac2902aa0b5e369e323499be9d276ddead227d7b /kubernetes/common/elasticsearch/values.yaml
parenteac587dc9ace5a5dd587da7de11ae0f239930b59 (diff)
[COMMON] Use common aaf template in elasticsearch
Instead of copy-pasting code around aaf_agent usage let's use a common template that automates this. Issue-ID: AAF-1134 Signed-off-by: Krzysztof Opasiak <k.opasiak@samsung.com> Change-Id: I9b3c7aab73186c0bf1dfaa5fe21cf2f001ca8619
Diffstat (limited to 'kubernetes/common/elasticsearch/values.yaml')
-rw-r--r--kubernetes/common/elasticsearch/values.yaml43
1 files changed, 20 insertions, 23 deletions
diff --git a/kubernetes/common/elasticsearch/values.yaml b/kubernetes/common/elasticsearch/values.yaml
index 3627b2ea97..b1289431a5 100644
--- a/kubernetes/common/elasticsearch/values.yaml
+++ b/kubernetes/common/elasticsearch/values.yaml
@@ -17,7 +17,6 @@
#################################################################
global:
aafEnabled: true
- aafAgentImage: onap/aaf/aaf_agent:2.1.15
nodePortPrefix: 302
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
@@ -275,34 +274,32 @@ service:
# loadBalancerIP:
## Provide functionality to use RBAC
##
+
#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
- - uid: &aaf_secret_uid elasticsearch-aaf-deploy-creds
- type: basicAuth
- externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
- login: '{{ .Values.aafConfig.aafDeployFqi }}'
- password: '{{ .Values.aafConfig.aafDeployPass }}'
- passwordPolicy: required
-#################################################################
-# aaf configuration defaults.
+# Certificate configuration
#################################################################
-aafConfig:
- addconfig: true
+certInitializer:
+ nameOverride: elasticsearch-cert-initializer
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
fqdn: "elastic"
- image: onap/aaf/aaf_agent:2.1.15
app_ns: "org.osaaf.aaf"
- fqi_namespace: org.onap.elastic
+ fqi_namespace: "org.onap.elastic"
fqi: "elastic@elastic.onap.org"
public_fqdn: "aaf.osaaf.org"
- deploy_fqi: "deployer@people.osaaf.org"
- aafDeployFqi: "deployer@people.osaaf.org"
- aafDeployPass: demo123456!
- #aafDeployCredsExternalSecret: some secret
- #cadi_latitude: "52.5"
- #cadi_longitude: "13.4"
- secret_uid: *aaf_secret_uid
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ aaf_add_config: >
+ cd {{ .Values.credsPath }};
+ mkdir -p certs;
+ export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
+ keytool -exportcert -rfc -file certs/cacert.pem -keystore {{ .Values.fqi_namespace }}.trust.jks -alias ca_local_0 -storepass $cadi_truststore_password;
+ openssl pkcs12 -in {{ .Values.fqi_namespace }}.p12 -out certs/cert.pem -passin pass:$cadi_keystore_password_p12 -passout pass:$cadi_keystore_password_p12;
+ cp {{ .Values.fqi_namespace }}.key certs/key.pem;
+ chmod -R 755 certs;
+
#################################################################
# subcharts configuration defaults.
#################################################################