diff options
Diffstat (limited to 'kubernetes/onap')
-rw-r--r-- | kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml | 47 | ||||
-rwxr-xr-x | kubernetes/onap/values.yaml | 21 |
2 files changed, 68 insertions, 0 deletions
diff --git a/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml new file mode 100644 index 0000000000..da00f61e2f --- /dev/null +++ b/kubernetes/onap/resources/overrides/aaf-cert-service-environment.yaml @@ -0,0 +1,47 @@ +# Copyright © 2020 Nordix Foundation +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# +# These overrides will affect all helm charts (ie. applications) +# that are listed below and are 'enabled'. +# +# +# This is specifically for the environments which take time to +# deploy ONAP. This increase in timeouts prevents false restarting of +# the pods during startup configuration. +# +# These timers have been tuned by the ONAP integration team. They +# have been tested and validated in the ONAP integration lab (Intel/Windriver lab). +# They are however indicative and may be adapted to your environment as they +# depend on the performance of the infrastructure you are installing ONAP on. +# +# Please note that these timers must remain reasonable, in other words, if +# your infrastructure is not performant enough, extending the timers to very +# large value may not fix all installation issues on over subscribed hardware. +# +################################################################# +global: + cmpv2Enabled: true + aaf: + certServiceClient: + envVariables: + # Certificate related + cmpv2Organization: "Linux-Foundation" + cmpv2OrganizationalUnit: "ONAP" + cmpv2Location: "San-Francisco" + cmpv2State: "California" + cmpv2Country: "US" + # Client configuration related + caName: "RA" diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml index 3bd23ebaad..e60925f21f 100755 --- a/kubernetes/onap/values.yaml +++ b/kubernetes/onap/values.yaml @@ -111,6 +111,27 @@ global: # Enabling CMPv2 cmpv2Enabled: true + aaf: + certServiceClient: + image: onap/org.onap.aaf.certservice.aaf-certservice-client:1.0.0 + secret: + name: aaf-cert-service-client-tls-secret + mountPath: /etc/onap/aaf/certservice/certs/ + envVariables: + # Certificate related + cmpv2Organization: "Linux-Foundation" + cmpv2OrganizationalUnit: "ONAP" + cmpv2Location: "San-Francisco" + cmpv2State: "California" + cmpv2Country: "US" + # Client configuration related + caName: "RA" + requestURL: "https://aaf-cert-service:8443/v1/certificate/" + requestTimeout: "20000" + keystorePath: "/etc/onap/aaf/certservice/certs/certServiceClient-keystore.jks" + keystorePassword: "secret" + truststorePath: "/etc/onap/aaf/certservice/certs/truststore.jks" + truststorePassword: "secret" # TLS # Set to false if you want to disable TLS for NodePorts. Be aware that this |