From 0de302ad6212185c842ce7232319e19d994dd520 Mon Sep 17 00:00:00 2001 From: Sylvain Desbureaux Date: Fri, 5 Jun 2020 15:19:22 +0200 Subject: [AAF SMS] Use certInitializer for certificates AAF SMS was hardcoding its certificates in the container. This patch makes use of certInitializer in order to retrieve "fresh" certificates. In order to use certInitiliazer in a sub component, we had to move charts to component and add the right requirements. Issue-ID: AAF-1159 Signed-off-by: Sylvain Desbureaux Change-Id: I6ec55eddffd54dd56b03cea1a6f0b437f8bfa299 --- kubernetes/aaf/components/aaf-hello/values.yaml | 105 ++++++++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 kubernetes/aaf/components/aaf-hello/values.yaml (limited to 'kubernetes/aaf/components/aaf-hello/values.yaml') diff --git a/kubernetes/aaf/components/aaf-hello/values.yaml b/kubernetes/aaf/components/aaf-hello/values.yaml new file mode 100644 index 0000000000..df3abec67c --- /dev/null +++ b/kubernetes/aaf/components/aaf-hello/values.yaml @@ -0,0 +1,105 @@ +# Copyright © 2017 Amdocs, Bell Canada +# Modifications © 2020 AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +global: + aafEnabled: true + +flavor: small + +################################################################# +# Application configuration defaults. +################################################################# +# application image +aaf_init: + # You might want this in your own app. For AAF, we store in global + # replicas: 1 + fqi: aaf@aaf.osaaf.org +# This MUST match what is put in AAF's "Artifact" for Certificates + fqdn: aaf-hello +# What is put in Locator for External Access + public_fqdn: aaf.osaaf.org + cadi_latitude: "38.0" + cadi_longitude: "-72.0" + credsPath: /opt/app/osaaf/local + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + secret_uid: &aaf_secret_uid nbi-aaf-deploy-creds + permission_user: 1000 + permission_group: 999 + +replicaCount: 0 + +image: onap/aaf/aaf_hello:2.1.23 + +service: + name: aaf-hello + type: ClusterIP + ports: + - name: api + protocol: http + port: 8130 + +nodeSelector: {} + +affinity: {} + +secrets: + - uid: *aaf_secret_uid + type: basicAuth + externalSecret: '{{ ternary (tpl (default "" .Values.aaf_init.aafDeployCredsExternalSecret) .) "aafIsDisabled" .Values.global.aafEnabled }}' + login: '{{ .Values.aaf_init.aafDeployFqi }}' + password: '{{ .Values.aaf_init.aafDeployPass }}' + passwordPolicy: required + +# probe configuration parameters +liveness: + initialDelaySeconds: 30 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + port: api + +readiness: + initialDelaySeconds: 5 + periodSeconds: 10 + port: api + +ingress: + enabled: false + service: + - baseaddr: "aafhello" + name: "aaf-hello" + port: 8130 + config: + ssl: "none" + +# Configure resource requests and limits +resources: + small: + limits: + cpu: 200m + memory: 500Mi + requests: + cpu: 10m + memory: 200Mi + large: + limits: + cpu: 400m + memory: 1Gi + requests: + cpu: 20m + memory: 500Mi + unlimited: {} -- cgit 1.2.3-korg