summaryrefslogtreecommitdiffstats
path: root/kubernetes/onap
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/onap')
-rw-r--r--kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml47
-rwxr-xr-xkubernetes/onap/values.yaml21
2 files changed, 68 insertions, 0 deletions
diff --git a/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml
new file mode 100644
index 0000000000..da00f61e2f
--- /dev/null
+++ b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml
@@ -0,0 +1,47 @@
+# Copyright © 2020 Nordix Foundation
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+#
+# These overrides will affect all helm charts (ie. applications)
+# that are listed below and are 'enabled'.
+#
+#
+# This is specifically for the environments which take time to
+# deploy ONAP. This increase in timeouts prevents false restarting of
+# the pods during startup configuration.
+#
+# These timers have been tuned by the ONAP integration team. They
+# have been tested and validated in the ONAP integration lab (Intel/Windriver lab).
+# They are however indicative and may be adapted to your environment as they
+# depend on the performance of the infrastructure you are installing ONAP on.
+#
+# Please note that these timers must remain reasonable, in other words, if
+# your infrastructure is not performant enough, extending the timers to very
+# large value may not fix all installation issues on over subscribed hardware.
+#
+#################################################################
+global:
+ cmpv2Enabled: true
+ aaf:
+ certServiceClient:
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 3bd23ebaad..e60925f21f 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -111,6 +111,27 @@ global:
# Enabling CMPv2
cmpv2Enabled: true
+ aaf:
+ certServiceClient:
+ image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.0.0
+ secret:
+ name: aaf-cert-service-client-tls-secret
+ mountPath: /etc/onap/aaf/certservice/certs/
+ envVariables:
+ # Certificate related
+ cmpv2Organization: "Linux-Foundation"
+ cmpv2OrganizationalUnit: "ONAP"
+ cmpv2Location: "San-Francisco"
+ cmpv2State: "California"
+ cmpv2Country: "US"
+ # Client configuration related
+ caName: "RA"
+ requestURL: "https://aaf-cert-service:8443/v1/certificate/"
+ requestTimeout: "20000"
+ keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks"
+ keystorePassword: "secret"
+ truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks"
+ truststorePassword: "secret"
# TLS
# Set to false if you want to disable TLS for NodePorts. Be aware that this