summaryrefslogtreecommitdiffstats
path: root/kubernetes/nbi/values.yaml
diff options
context:
space:
mode:
authorSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-03-17 10:43:40 +0100
committerSylvain Desbureaux <sylvain.desbureaux@orange.com>2020-04-06 10:30:20 +0200
commitd82050c60d7cf623f28edc103784e0da2fdccb89 (patch)
tree15698d1ec42b671902934522cd9592758bd0ee14 /kubernetes/nbi/values.yaml
parentbd49e72ac488734ea69861e55520a231d6628122 (diff)
[NBI] Use AAF init container for certificates
Onboard server certificates for HTTPs via AAF init containers. Issue-ID: EXTAPI-375 Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com> Change-Id: Icbcf075dd2dd8588aa9f14d23974a122bde38ae7
Diffstat (limited to 'kubernetes/nbi/values.yaml')
-rw-r--r--kubernetes/nbi/values.yaml44
1 files changed, 36 insertions, 8 deletions
diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml
index 4e22af6494..ceab7fad2a 100644
--- a/kubernetes/nbi/values.yaml
+++ b/kubernetes/nbi/values.yaml
@@ -28,6 +28,30 @@ global:
service: mariadb-galera
internalPort: 3306
nameOverride: mariadb-galera
+ aafAgentImage: onap/aaf/aaf_agent:2.1.15
+ aafEnabled: true
+ busyBoxImage: busybox:1.30
+ busyBoxRepository: docker.io
+
+#################################################################
+# AAF part
+#################################################################
+aafConfig:
+ aafDeployFqi: deployer@people.osaaf.org
+ aafDeployPass: demo123456!
+ # aafDeployCredsExternalSecret: some secret
+ fqdn: nbi
+ fqi: nbi@nbi.onap.org
+ public_fqdn: nbi.onap.org
+ cadi_longitude: "0.0"
+ cadi_latitude: "0.0"
+ credsPath: /opt/app/osaaf/local
+ app_ns: org.osaaf.aaf
+ permission_user: 1000
+ permission_group: 999
+ addconfig: true
+ secret_uid: &aaf_secret_uid nbi-aaf-deploy-creds
+
#################################################################
# Secrets metaconfig
@@ -39,13 +63,19 @@ secrets:
externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}'
login: '{{ .Values.config.db.userName }}'
password: '{{ .Values.config.db.userPassword }}'
+ - uid: *aaf_secret_uid
+ type: basicAuth
+ externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}'
+ login: '{{ .Values.aafConfig.aafDeployFqi }}'
+ password: '{{ .Values.aafConfig.aafDeployPass }}'
+ passwordPolicy: required
subChartsOnly:
enabled: true
# application image
repository: nexus3.onap.org:10001
-image: onap/externalapi/nbi:6.0.0
+image: onap/externalapi/nbi:6.0.1
pullPolicy: IfNotPresent
sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU=
aai_authorization: Basic QUFJOkFBSQ==
@@ -109,9 +139,8 @@ affinity: {}
# probe configuration parameters
liveness:
- httpGet:
- path: /nbi/api/v4/status
- port: 8080
+ path: /nbi/api/v4/status
+ port: 8443
initialDelaySeconds: 180
periodSeconds: 30
# necessary to disable liveness probe when setting breakpoints
@@ -119,9 +148,8 @@ liveness:
enabled: true
readiness:
- httpGet:
- path: /nbi/api/v4/status
- port: 8080
+ path: /nbi/api/v4/status
+ port: 8443
initialDelaySeconds: 185
periodSeconds: 30
@@ -130,7 +158,7 @@ service:
portName: api
name: nbi
nodePort: 74
- internalPort: 8080
+ internalPort: 8443
ingress:
enabled: false