From cc1316b588f2f8cd80544141abb38615990a04bb Mon Sep 17 00:00:00 2001 From: GuangrongFu Date: Wed, 3 Feb 2021 17:29:08 +0800 Subject: [HOLMES] Migrate Holmes from Cloudify to Helm Instead of using cloudify, use helm directly in order to deploy the charts. Change-Id: I6c97862898ab34b63a15b942b1396c0d19179e46 Issue-ID: HOLMES-396 Signed-off-by: GuangrongFu [Adding AAF part and change nodeports] Signed-off-by: Sylvain Desbureaux --- .../holmes/components/holmes-rule-mgmt/values.yaml | 139 +++++++++++++++++++++ 1 file changed, 139 insertions(+) create mode 100644 kubernetes/holmes/components/holmes-rule-mgmt/values.yaml (limited to 'kubernetes/holmes/components/holmes-rule-mgmt/values.yaml') diff --git a/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml new file mode 100644 index 0000000000..4415bc15e7 --- /dev/null +++ b/kubernetes/holmes/components/holmes-rule-mgmt/values.yaml @@ -0,0 +1,139 @@ +#============LICENSE_START======================================================== +# ================================================================================ +# Copyright (c) 2021 ZTE Corporation Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration. +################################################################# +global: + nodePortPrefixExt: 302 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +image: onap/holmes/rule-management:1.3.2 +consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0 + +################################################################# +# AAF part +################################################################# +certInitializer: + nameOverride: holmes-rule-mgmt-cert-initializer + aafDeployFqi: deployer@people.osaaf.org + aafDeployPass: demo123456! + # aafDeployCredsExternalSecret: some secret + fqdn: holmes-rule-mgmt + fqi: holmes-rule-mgmt@holmes-rule-mgmt.onap.org + fqi_namespace: org.onap.holmes-rule-mgmt + public_fqdn: holmes-rule-mgmt.onap.org + cadi_longitude: "0.0" + cadi_latitude: "0.0" + app_ns: org.osaaf.aaf + credsPath: /opt/app/osaaf/local + aaf_add_config: | + echo "*** changing them into shell safe ones" + export KEYSTORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + export TRUSTSORE_PASSWORD=$(tr -cd '[:alnum:]' < /dev/urandom | fold -w64 | head -n1) + cd {{ .Values.credsPath }} + keytool -storepasswd -new "${KEYSTORE_PASSWORD}" \ + -storepass "${cadi_keystore_password_p12}" \ + -keystore {{ .Values.fqi_namespace }}.p12 + keytool -storepasswd -new "${TRUSTSORE_PASSWORD}" \ + -storepass "${cadi_truststore_password}" \ + -keystore {{ .Values.fqi_namespace }}.trust.jks + echo "*** set key password as same password as keystore password" + keytool -keypasswd -new "${KEYSTORE_PASSWORD}" \ + -keystore {{ .Values.fqi_namespace }}.p12 \ + -keypass "${cadi_keystore_password_p12}" \ + -storepass "${KEYSTORE_PASSWORD}" -alias {{ .Values.fqi }} + echo "*** save the generated passwords" + echo "KEYSTORE_PASSWORD=${KEYSTORE_PASSWORD}" > mycreds.prop + echo "TRUSTSORE_PASSWORD=${TRUSTSORE_PASSWORD}" >> mycreds.prop + echo "*** change ownership of certificates to targeted user" + chown -R 1000 . + +################################################################# +# Secrets metaconfig +################################################################# +secrets: +- uid: pg-user-creds + type: basicAuth + externalSecret: '{{ tpl (default "" .Values.config.pgConfig.dbUserCredsExternalSecret) . }}' + login: '{{ .Values.config.pgConfig.dbUser }}' + password: '{{ .Values.config.pgConfig.dbUserPassword }}' + +# application configuration +config: + logstashServiceName: log-ls + logstashPort: 5044 + # Addresses of other ONAP entities + address: + consul: + host: consul-server + port: 8500 + pgConfig: + dbName: defaultName + dbHost: defaultHost + dbPort: 1234 + dbUser: admin + dbUserPassword: admin + # dbUserCredsExternalSecret + +service: + type: NodePort + name: holmes-rule-mgmt + ports: + - name: https-rest + port: &svc_port 9101 + nodePort: 92 + - name: https-ui + port: 9104 + nodePort: 93 + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + port: *svc_port + periodSeconds: 10 + path: /api/holmes-rule-mgmt/v1/healthcheck + enabled: true + scheme: HTTPS + +readiness: + initialDelaySeconds: 30 + port: *svc_port + periodSeconds: 30 + path: /api/holmes-rule-mgmt/v1/healthcheck + scheme: HTTPS + +# Segregation for Different environment (Small and Large) +resources: + small: + limits: + cpu: 250m + memory: 256Mi + requests: + cpu: 250m + memory: 1024Mi + large: + limits: + cpu: 500m + memory: 512Mi + requests: + cpu: 500m + memory: 2Gi + unlimited: {} -- cgit 1.2.3-korg