diff options
author | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-03-17 10:43:40 +0100 |
---|---|---|
committer | Sylvain Desbureaux <sylvain.desbureaux@orange.com> | 2020-04-06 10:30:20 +0200 |
commit | d82050c60d7cf623f28edc103784e0da2fdccb89 (patch) | |
tree | 15698d1ec42b671902934522cd9592758bd0ee14 /kubernetes/nbi/values.yaml | |
parent | bd49e72ac488734ea69861e55520a231d6628122 (diff) |
[NBI] Use AAF init container for certificates
Onboard server certificates for HTTPs via AAF init containers.
Issue-ID: EXTAPI-375
Signed-off-by: Sylvain Desbureaux <sylvain.desbureaux@orange.com>
Change-Id: Icbcf075dd2dd8588aa9f14d23974a122bde38ae7
Diffstat (limited to 'kubernetes/nbi/values.yaml')
-rw-r--r-- | kubernetes/nbi/values.yaml | 44 |
1 files changed, 36 insertions, 8 deletions
diff --git a/kubernetes/nbi/values.yaml b/kubernetes/nbi/values.yaml index 4e22af6494..ceab7fad2a 100644 --- a/kubernetes/nbi/values.yaml +++ b/kubernetes/nbi/values.yaml @@ -28,6 +28,30 @@ global: service: mariadb-galera internalPort: 3306 nameOverride: mariadb-galera + aafAgentImage: onap/aaf/aaf_agent:2.1.15 + aafEnabled: true + busyBoxImage: busybox:1.30 + busyBoxRepository: docker.io + +################################################################# +# AAF part +################################################################# +aafConfig: + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: nbi + fqi: nbi@nbi.onap.org + public_fqdn: nbi.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + credsPath: /opt/app/osaaf/local + app_ns: org.osaaf.aaf + permission_user: 1000 + permission_group: 999 + addconfig: true + secret_uid: &aaf_secret_uid nbi-aaf-deploy-creds + ################################################################# # Secrets metaconfig @@ -39,13 +63,19 @@ secrets: externalSecret: '{{ tpl (default "" .Values.config.db.userCredentialsExternalSecret) . }}' login: '{{ .Values.config.db.userName }}' password: '{{ .Values.config.db.userPassword }}' + - uid: *aaf_secret_uid + type: basicAuth + externalSecret: '{{ ternary (tpl (default "" .Values.aafConfig.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}' + login: '{{ .Values.aafConfig.aafDeployFqi }}' + password: '{{ .Values.aafConfig.aafDeployPass }}' + passwordPolicy: required subChartsOnly: enabled: true # application image repository: nexus3.onap.org:10001 -image: onap/externalapi/nbi:6.0.0 +image: onap/externalapi/nbi:6.0.1 pullPolicy: IfNotPresent sdc_authorization: Basic YWFpOktwOGJKNFNYc3pNMFdYbGhhazNlSGxjc2UyZ0F3ODR2YW9HR21KdlV5MlU= aai_authorization: Basic QUFJOkFBSQ== @@ -109,9 +139,8 @@ affinity: {} # probe configuration parameters liveness: - httpGet: - path: /nbi/api/v4/status - port: 8080 + path: /nbi/api/v4/status + port: 8443 initialDelaySeconds: 180 periodSeconds: 30 # necessary to disable liveness probe when setting breakpoints @@ -119,9 +148,8 @@ liveness: enabled: true readiness: - httpGet: - path: /nbi/api/v4/status - port: 8080 + path: /nbi/api/v4/status + port: 8443 initialDelaySeconds: 185 periodSeconds: 30 @@ -130,7 +158,7 @@ service: portName: api name: nbi nodePort: 74 - internalPort: 8080 + internalPort: 8443 ingress: enabled: false |