+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+# Common VCS dirs
+# Common backup files
+# Various IDEs
+apiVersion: v1
+description: ONAP AAF cassandra
+name: aaf-cs
+version: 2.0.0
+// Table Initialization
+// First make sure the keyspace exists.
+USE authz;
+// CORE Table function
+// Namespace - establish hierarchical authority to modify
+// Permissions and Roles
+// "scope" is flag to determine Policy. Typical important scope
+// is "company" (1)
+ name varchar,
+ scope int, // deprecated 2.0.11
+ description varchar,
+ parent varchar,
+ type int,
+ PRIMARY KEY (name)
+CREATE INDEX ns_parent on ns(parent);
+CREATE TABLE ns_attrib (
+ ns varchar,
+ key varchar,
+ value varchar,
+ PRIMARY KEY (ns,key)
+create index ns_attrib_key on ns_attrib(key);
+// Will be cached
+ ns varchar,
+ name varchar,
+ perms set<varchar>, // Use "Key" of "name|type|action"
+ description varchar,
+ PRIMARY KEY (ns,name)
+CREATE INDEX role_name ON role(name);
+// Will be cached
+ ns varchar,
+ type varchar,
+ instance varchar,
+ action varchar,
+ roles set<varchar>, // Need to find Roles given Permissions
+ description varchar,
+ PRIMARY KEY (ns,type,instance,action)
+// This table is user for Authorization
+CREATE TABLE user_role (
+ user varchar,
+ role varchar, // deprecated: change to ns/rname after 2.0.11
+ ns varchar,
+ rname varchar,
+ expires timestamp,
+ PRIMARY KEY(user,role)
+ );
+CREATE INDEX user_role_ns ON user_role(ns);
+CREATE INDEX user_role_role ON user_role(role);
+// This table is only for the case where return User Credential (MechID) Authentication
+ id varchar,
+ type int,
+ expires timestamp,
+ ns varchar,
+ other int,
+ notes varchar,
+ cred blob,
+ prev blob,
+ PRIMARY KEY (id,type,expires)
+ );
+CREATE INDEX cred_ns ON cred(ns);
+// Certificate Cross Table
+// coordinated with CRED type 2
+ fingerprint blob,
+ id varchar,
+ x500 varchar,
+ expires timestamp,
+ PRIMARY KEY (fingerprint)
+ );
+CREATE INDEX cert_id ON cert(id);
+CREATE INDEX cert_x500 ON cert(x500);
+CREATE TABLE notify (
+ user text,
+ type int,
+ last timestamp,
+ checksum int,
+ PRIMARY KEY (user,type)
+ ca text,
+ serial blob,
+ id text,
+ x500 text,
+ x509 text,
+ PRIMARY KEY (ca,serial)
+CREATE INDEX x509_id ON x509 (id);
+CREATE INDEX x509_x500 ON x509 (x500);
+// Deployment Artifact (for Certman)
+CREATE TABLE artifact (
+ mechid text,
+ machine text,
+ type Set<text>,
+ sponsor text,
+ ca text,
+ dir text,
+ os_user text,
+ ns text,
+ notify text,
+ expires timestamp,
+ renewDays int,
+ sans Set<text>,
+ PRIMARY KEY (mechid,machine)
+CREATE INDEX artifact_machine ON artifact(machine);
+CREATE INDEX artifact_ns ON artifact(ns);
+// Non-Critical Table functions
+// Table Info - for Caching
+ name varchar,
+ seg int, // cache Segment
+ touched timestamp,
+ PRIMARY KEY(name,seg)
+CREATE TABLE history (
+ id timeuuid,
+ yr_mon int,
+ user varchar,
+ action varchar,
+ target varchar, // user, user_role,
+ subject varchar, // field for searching main portion of target key
+ memo varchar, //description of the action
+ reconstruct blob, //serialized form of the target
+ // detail Map<varchar, varchar>, // additional information
+CREATE INDEX history_yr_mon ON history(yr_mon);
+CREATE INDEX history_user ON history(user);
+CREATE INDEX history_subject ON history(subject);
+// A place to hold objects to be created at a future time.
+CREATE TABLE future (
+ id uuid, // uniquify
+ target varchar, // Target Table
+ memo varchar, // Description
+ start timestamp, // When it should take effect
+ expires timestamp, // When not longer valid
+ construct blob, // How to construct this object (like History)
+CREATE INDEX future_idx ON future(target);
+CREATE INDEX future_start_idx ON future(start);
+CREATE TABLE approval (
+ id timeuuid, // unique Key
+ ticket uuid, // Link to Future Record
+ user varchar, // the user who needs to be approved
+ approver varchar, // user approving
+ type varchar, // approver types i.e. Supervisor, Owner
+ status varchar, // approval status. pending, approved, denied
+ memo varchar, // Text for Approval to know what's going on
+ operation varchar, // List operation to perform
+ last_notified timestamp, // Timestamp for the last time approver was notified
+ );
+CREATE INDEX appr_approver_idx ON approval(approver);
+CREATE INDEX appr_user_idx ON approval(user);
+CREATE INDEX appr_ticket_idx ON approval(ticket);
+CREATE INDEX appr_status_idx ON approval(status);
+CREATE TABLE approved (
+ id timeuuid, // unique Key
+ user varchar, // the user who needs to be approved
+ approver varchar, // user approving
+ type varchar, // approver types i.e. Supervisor, Owner
+ status varchar, // approval status. pending, approved, denied
+ memo varchar, // Text for Approval to know what's going on
+ operation varchar, // List operation to perform
+ );
+CREATE INDEX approved_approver_idx ON approved(approver);
+CREATE INDEX approved_user_idx ON approved(user);
+CREATE TABLE delegate (
+ user varchar,
+ delegate varchar,
+ expires timestamp,
+ PRIMARY KEY (user)
+CREATE INDEX delg_delg_idx ON delegate(delegate);
+// OAuth Tokens
+CREATE TABLE oauth_token (
+ id text, // Reference
+ client_id text, // Creating Client ID
+ user text, // User requesting
+ active boolean, // Active or not
+ type int, // Type of Token
+ refresh text, // Refresh Token
+ expires timestamp, // Expiration time/Date (signed long)
+ exp_sec bigint, // Seconds from Jan 1, 1970
+ content text, // Content of Token
+ scopes Set<text>, // Scopes
+ state text, // Context string (Optional)
+ req_ip text, // Requesting IP (for logging purpose)
+) with default_time_to_live = 21600; // 6 hours
+CREATE INDEX oauth_token_user_idx ON oauth_token(user);
+CREATE TABLE locate (
+ name text, // Component/Server name
+ hostname text, // FQDN of Service/Component
+ port int, // Port of Service
+ major int, // Version, Major
+ minor int, // Version, Minor
+ patch int, // Version, Patch
+ pkg int, // Version, Package (if available)
+ latitude float, // Latitude
+ longitude float, // Longitude
+ protocol text, // Protocol (i.e. http https)
+ subprotocol set<text>, // Accepted SubProtocols, ie. TLS1.1 for https
+ port_key uuid, // Key into locate_ports
+ PRIMARY KEY(name,hostname,port)
+) with default_time_to_live = 1200; // 20 mins
+CREATE TABLE locate_ports (
+ id uuid, // Id into locate
+ port int, // SubPort
+ name text, // Name of Other Port
+ protocol text, // Protocol of Other (i.e. JMX, DEBUG)
+ subprotocol set<text>, // Accepted sub protocols or versions
+ PRIMARY KEY(id, port)
+) with default_time_to_live = 1200; // 20 mins;
+// Used by authz-batch processes to ensure only 1 runs at a time
+CREATE TABLE run_lock (
+ class text,
+ host text,
+ start timestamp,
+ PRIMARY KEY ((class))
+// For Developer Machine single instance
+// WITH REPLICATION = {'class' : 'SimpleStrategy','replication_factor':1};
+// Example of Network Topology, with Datacenter dc1 & dc2
+// CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'dc1': '2', 'dc2': '2' };
+// Out of the box Docker Cassandra comes with "datacenter1", one instance
+CREATE KEYSPACE authz WITH replication = { 'class': 'NetworkTopologyStrategy', 'datacenter1': '1' };
+USE authz;
+// Create 'org' root NS
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org','Root Namespace','.',1,1);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','admin',{'org.access|*|*'},'Org Admins');
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org','owner',{'org.access|*|read,approve'},'Org Owners');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','read,approve',{'org.owner'},'Org Read Access');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org','access','*','*',{'org.admin'},'Org Write Access');
+// Create Root pass
+INSERT INTO cred (id,ns,type,cred,expires)
+ VALUES ('initial@osaaf.org','org.osaaf',1,0x008c5926ca861023c1d2a36653fd88e2,'2099-12-31') using TTL 14400;
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('initial@osaaf.org','org.admin','2099-12-31','org','admin') using TTL 14400;
+// Create org.osaaf
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.osaaf','OSAAF Namespace','org',2,2);
+INSERT INTO role(ns, name, perms,description)
+ VALUES('org.osaaf','admin',{'org.osaaf.access|*|*'},'OSAAF Admins');
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('org.osaaf','access','*','*',{'org.osaaf.admin'},'OSAAF Write Access');
+INSERT INTO role(ns, name, perms,description)
+ VALUES('org.osaaf','owner',{'org.osaaf.access|*|read,approve'},'OSAAF Owners');
+INSERT INTO perm(ns, type, instance, action, roles,description)
+ VALUES ('org.osaaf','access','*','read,appove',{'org.osaaf.owner'},'OSAAF Read Access');
+// Create org.osaaf.aaf
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.osaaf.aaf','Application Authorization Framework','org.osaaf',3,3);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.osaaf.aaf','admin',{'org.osaaf.aaf.access|*|*'},'AAF Admins');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.osaaf.aaf','access','*','*',{'org.osaaf.aaf.admin'},'AAF Write Access');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.osaaf.aaf','access','*','read,approve',{'org.osaaf.aaf.owner'},'AAF Read Access');
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.osaaf.aaf','owner',{'org.osaaf.aaf.access|*|read,approve'},'AAF Owners');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('initial@osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') using TTL 14400;
+// ONAP Specific Entities
+// ONAP initial env Namespace
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap','ONAP','org',2,2);
+INSERT INTO ns (name,description,parent,scope,type)
+ VALUES('org.onap.portal','ONAP Portal','org.onap.portal',3,3);
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','read',{
+ 'org.onap.portal.owner','org.onap.portal.designer','org.onap.portal.tester','org.onap.portal.ops','org.onap.portal.governor'
+ },'Portal Read Access');
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','owner',{'org.onap.portal.access|*|read'},'Portal Owner');
+INSERT INTO perm(ns, type, instance, action, roles, description)
+ VALUES ('org.onap.portal','access','*','*',{'org.onap.portal.admin'},'Portal Write Access');
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','admin',{'org.onap.portal.access|*|*'},'Portal Admins');
+insert into cred (id,type,expires,cred,notes,ns,other) values('demo@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+insert into cred (id,type,expires,cred,notes,ns,other) values('jh0003@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jh0003@people.osaaf.org','org.onap.portal.admin','2018-10-31','org.onap.portal','admin');
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('cs0008@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','designer',{'org.onap.portal.access|*|read'},'Portal Designer');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('cs0008@people.osaaf.org','org.onap.portal.designer','2018-10-31','org.onap.portal','designer');
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('jm0007@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','tester',{'org.onap.portal.access|*|read'},'Portal Tester');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('jm0007@people.osaaf.org','org.onap.portal.tester','2018-10-31','org.onap.portal','tester');
+// OPS
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('op0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','ops',{'org.onap.portal.access|*|read'},'Portal Operations');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('op0001@people.osaaf.org','org.onap.portal.ops','2018-10-31','org.onap.portal','ops');
+INSERT INTO cred (id,type,expires,cred,notes,ns,other) values('gv0001@people.osaaf.org',2,'2019-05-01',0xd993c5617486296f1b99d04de31633332b8ba1a550038e23860f9dbf0b2fcf95,'Initial ID','org.osaaf.people',53344);
+INSERT INTO role(ns, name, perms, description)
+ VALUES('org.onap.portal','governor',{'org.onap.portal.access|*|read'},'Portal Governor');
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('gv0001@people.osaaf.org','org.onap.portal.governor','2018-10-31','org.onap.portal','governor');
+USE authz;
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.admin','2099-12-31','org','admin') ;
+INSERT INTO user_role(user,role,expires,ns,rname)
+ VALUES ('demo@people.osaaf.org','org.osaaf.aaf.admin','2099-12-31','org.osaaf.aaf','admin') ;
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+ http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+ export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+ export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+ echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+ NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+ You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+ export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+ echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+ export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+ echo "Visit to use your application"
+ kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
Copyright © 2017 Amdocs, Bell Canada
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: extensions/v1beta1
+kind: Deployment
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+ replicas: {{ .Values.replicaCount }}
+ template:
+ metadata:
+ labels:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ spec:
+ hostname: {{ include "common.name" . }}
+ containers:
+ - args:
+ image: "{{ include "common.repository" . }}/{{ .Values.image }}"
+ imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+ name: {{ include "common.name" . }}
+ ports:
+ - containerPort: {{ .Values.service.externalPort }}
+ - containerPort: {{ .Values.service.externalPort2 }}
+ - containerPort: {{ .Values.service.externalPort3 }}
+ - containerPort: {{ .Values.service.externalPort4 }}
+ volumeMounts:
+ - mountPath: /data
+ name: aaf-cs-data
+ - mountPath: /etc/localtime
+ name: localtime
+ readOnly: true
+ # disable liveness probe when breakpoints set in debugger
+ # so K8s doesn't restart unresponsive container
+ {{- if eq .Values.liveness.enabled true }}
+ livenessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort3 }}
+ initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.liveness.periodSeconds }}
+ {{ end -}}
+ readinessProbe:
+ tcpSocket:
+ port: {{ .Values.service.internalPort3 }}
+ initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+ periodSeconds: {{ .Values.readiness.periodSeconds }}
+ lifecycle:
+ postStart:
+ exec:
+ command:
+ - /bin/sh
+ - -c
+ - >
+ /bin/sleep 30;
+ cd /data/;
+ cqlsh -u root -p root -f keyspace.cql ;
+ cqlsh -u root -p root -f init.cql ;
+ cqlsh -u root -p root -f osaaf.cql ;
+ cqlsh -u root -p root -f temp_identity.cql
+ resources:
+{{ toYaml .Values.resources | indent 12 }}
+ {{- if .Values.nodeSelector }}
+ nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+ {{- end -}}
+ {{- if .Values.affinity }}
+ affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+ {{- end }}
+ volumes:
+ - name: localtime
+ hostPath:
+ path: /etc/localtime
+ - name: aaf-cs-data
+ secret:
+ secretName: {{ include "common.fullname" . }}
+ imagePullSecrets:
+ - name: "{{ include "common.namespace" . }}-docker-registry-key"
Copyright © 2017 Amdocs, Bell Canada
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: Secret
+ name: {{ include "common.fullname" . }}
+ namespace: {{ include "common.namespace" . }}
+type: Opaque
+{{ (.Files.Glob "resources/config/aaf-cs-data/*").AsSecrets | indent 2 }}
Copyright © 2017 Amdocs, Bell Canada
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+apiVersion: v1
+kind: Service
+ name: {{ include "common.servicename" . }}
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ .Release.Name }}
+ heritage: {{ .Release.Service }}
+# annotations:
+# service.alpha.kubernetes.io/tolerate-unready-endpoints: "true"
+ type: {{ .Values.service.type }}
+ ports:
+ {{if eq .Values.service.type "NodePort" -}}
+ - port: {{ .Values.service.externalPort }}
+ #Example internal target port if required
+ #targetPort: {{ .Values.service.internalPort }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.externalPort2 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+ name: {{ .Values.service.portName }}2
+ - port: {{ .Values.service.externalPort3 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort3 }}
+ name: {{ .Values.service.portName }}3
+ - port: {{ .Values.service.externalPort4 }}
+ nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort4 }}
+ name: {{ .Values.service.portName }}4
+ {{- else -}}
+ - port: {{ .Values.service.externalPort }}
+ targetPort: {{ .Values.service.internalPort }}
+ name: {{ .Values.service.portName }}
+ - port: {{ .Values.service.externalPort2 }}
+ targetPort: {{ .Values.service.internalPort2 }}
+ name: {{ .Values.service.portName }}2
+ - port: {{ .Values.service.externalPort3 }}
+ targetPort: {{ .Values.service.internalPort3 }}
+ name: {{ .Values.service.portName }}3
+ - port: {{ .Values.service.externalPort4 }}
+ targetPort: {{ .Values.service.internalPort4 }}
+ name: {{ .Values.service.portName }}4
+ {{- end}}
+ selector:
+ app: {{ include "common.name" . }}
+ release: {{ .Release.Name }}
+ clusterIP: None
Copyright © 2017 Amdocs, Bell Canada
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# Global configuration defaults.
+ nodePortPrefix: 302
+# Application configuration defaults.
+# application image
+repository: nexus3.onap.org:10001
+image: library/cassandra:3.11
+pullPolicy: Always
+# flag to enable debugging - application support required
+debugEnabled: false
+# application configuration
+config: {}
+# default number of instances
+replicaCount: 1
+nodeSelector: {}
+affinity: {}
+# probe configuration parameters
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ # necessary to disable liveness probe when setting breakpoints
+ # in debugger so K8s doesn't restart unresponsive container
+ enabled: true
+ initialDelaySeconds: 10
+ periodSeconds: 10
+ name: aaf-cass
+ type: ClusterIP
+ portName: aaf-cs
+ #targetPort
+ internalPort: 7000
+ #port
+ externalPort: 7000
+ internalPort2: 7001
+ externalPort2: 7001
+ internalPort3: 9042
+ externalPort3: 9042
+ internalPort4: 9160
+ externalPort4: 9160
+ enabled: false
+resources: {}
+ # We usually recommend not to specify default resources and to leave this as a conscious
+ # choice for the user. This also increases chances charts run on environments with little
+ # resources, such as Minikube. If you do want to specify resources, uncomment the following
+ # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+ #
+ # Example:
+ # Configure resource requests and limits
+ # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+ # Minimum memory for development is 2 CPU cores and 4GB memory
+ # Minimum memory for production is 4 CPU cores and 8GB memory
+# limits:
+# cpu: 2
+# memory: 4Gi
+# requests:
+# cpu: 2
+# memory: 4Gi