# Copyright © 2020 Samsung Electronics
# Copyright © 2017 Amdocs, Bell Canada
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#################################################################
# Global configuration defaults.
#################################################################
global:
nodePortPrefix: 302
nodePortPrefixExt: 304
repository: nexus3.onap.org:10001
readinessRepository: oomk8s
readinessImage: readiness-check:2.0.2
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
aafAgentImage: onap/aaf/aaf_agent:2.1.15
persistence:
mountPath: /dockerdata-nfs
aafEnabled: true
# envsusbt
envsubstImage: dibi/envsubst
mariadbGalera:
#This flag allows SO to instantiate its own mariadb-galera cluster
#If shared instance is used, this chart assumes that DB already exists
localCluster: false
service: mariadb-galera
internalPort: 3306
nameOverride: mariadb-galera
#################################################################
# Secrets metaconfig
#################################################################
secrets:
- uid: db-root-password
name: '{{ include "common.release" . }}-sdnc-db-root-password'
type: password
externalSecret: '{{ .Values.global.mariadbGalera.localCluster |
ternary (default (include "common.mariadb.secret.rootPassSecretName"
(dict "dot" . "chartName"
(index .Values "mariadb-galera" "nameOverride")))
(index .Values "mariadb-galera" "config"
"mariadbRootPasswordExternalSecret"))
(include "common.mariadb.secret.rootPassSecretName"
(dict "dot" . "chartName" .Values.global.mariadbGalera.nameOverride)) }}'
password: '{{ (index .Values "mariadb-galera" "config" "mariadbRootPassword") }}'
- uid: db-secret
name: &dbSecretName '{{ include "common.release" . }}-sdnc-db-secret'
type: basicAuth
# This is a nasty trick that allows you override this secret using external one
# with the same field that is used to pass this to subchart
externalSecret: '{{ ternary "" (tpl (default "" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret")) .) (hasSuffix "sdnc-db-secret" (index .Values "mariadb-galera" "config" "userCredentialsExternalSecret"))}}'
login: '{{ index .Values "mariadb-galera" "config" "userName" }}'
password: '{{ index .Values "mariadb-galera" "config" "userPassword" }}'
- uid: odl-creds
name: &odlCredsSecretName '{{ include "common.release" . }}-sdnc-odl-creds'
type: basicAuth
externalSecret: '{{ .Values.config.odlCredsExternalSecret }}'
login: '{{ .Values.config.odlUser }}'
password: '{{ .Values.config.odlPassword }}'
# For now this is left hardcoded but should be revisited in a future
passwordPolicy: required
- uid: &aaf_secret_uid aaf-creds
type: basicAuth
externalSecret: '{{ ternary (tpl (default "" .Values.aaf_init.aafDeployCredsExternalSecret) .) "aafIsDiabled" .Values.global.aafEnabled }}'
login: '{{ .Values.aaf_init.deploy_fqi }}'
password: '{{ .Values.aaf_init.deploy_pass }}'
passwordPolicy: required
- uid: netbox-apikey
type: password
externalSecret: '{{ .Values.config.netboxApikeyExternalSecret }}'
password: '{{ .Values.config.netboxApikey }}'
passwordPolicy: required
- uid: aai-user-creds
type: basicAuth
externalSecret: '{{ .Values.config.aaiCredsExternalSecret}}'
login: '{{ .Values.config.aaiUser }}'
password: '{{ .Values.config.aaiPassword }}'
passwordPolicy: required
- uid: modeling-user-creds
type: basicAuth
externalSecret: '{{ .Values.config.modelingCredsExternalSecret}}'
login: '{{ .Values.config.modelingUser }}'
password: '{{ .Values.config.modelingPassword }}'
passwordPolicy: required
- uid: restconf-creds
type: basicAuth
externalSecret: '{{ .Values.config.restconfCredsExternalSecret}}'
login: '{{ .Values.config.restconfUser }}'
password: '{{ .Values.config.restconfPassword }}'
passwordPolicy: required
- uid: ansible-creds
name: &ansibleSecretName '{{ include "common.release" . }}-sdnc-ansible-creds'
type: basicAuth
externalSecret: '{{ .Values.config.ansibleCredsExternalSecret}}'
login: '{{ .Values.config.ansibleUser }}'
password: '{{ .Values.config.ansiblePassword }}'
passwordPolicy: required
- uid: scaleout-creds
type: basicAuth
externalSecret: '{{ .Values.config.scaleoutCredsExternalSecret}}'
login: '{{ .Values.config.scaleoutUser }}'
password: '{{ .Values.config.scaleoutPassword }}'
passwordPolicy: required
#################################################################
# Application configuration defaults.
#################################################################
# application images
repository: nexus3.onap.org:10001
pullPolicy: Always
image: onap/sdnc-image:1.8.2
# flag to enable debugging - application support required
debugEnabled: false
# application configuration
config:
odlUid: 100
odlGid: 101
odlUser: admin
odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
# odlCredsExternalSecret: some secret
netboxApikey: onceuponatimeiplayedwithnetbox20180814
# netboxApikeyExternalSecret: some secret
aaiUser: sdnc@sdnc.onap.org
aaiPassword: demo123456!
# aaiCredsExternalSecret: some secret
modelingUser: ccsdkapps
modelingPassword: ccsdkapps
# modelingCredsExternalSecret: some secret
restconfUser: admin
restconfPassword: admin
# restconfCredsExternalSecret: some secret
scaleoutUser: admin
scaleoutPassword: admin
# scaleoutExternalSecret: some secret
ansibleUser: sdnc
ansiblePassword: sdnc
# ansibleCredsExternalSecret: some secret
dbSdnctlDatabase: &sdncDbName sdnctl
enableClustering: true
sdncHome: /opt/onap/sdnc
binDir: /opt/onap/sdnc/bin
etcDir: /opt/onap/sdnc/data
geoEnabled: false
# if geoEnabled is set to true here, mysql.geoEnabled must be set to true
# if geoEnabled is set to true the following 3 values must be set to their proper values
myODLCluster: 127.0.0.1
peerODLCluster: 127.0.0.1
isPrimaryCluster: true
configDir: /opt/onap/sdnc/data/properties
ccsdkConfigDir: /opt/onap/ccsdk/data/properties
dmaapTopic: SUCCESS
dmaapPort: 3904
logstashServiceName: log-ls
logstashPort: 5044
ansibleServiceName: sdnc-ansible-server
ansiblePort: 8000
javaHome: /usr/lib/jvm/java-1.8-openjdk
odl:
etcDir: /opt/opendaylight/etc
binDir: /opt/opendaylight/bin
salConfigDir: /opt/opendaylight/system/org/opendaylight/controller/sal-clustering-config
salConfigVersion: 1.8.2
akka:
seedNodeTimeout: 15s
circuitBreaker:
maxFailures: 10
callTimeout: 90s
resetTimeout: 30s
recoveryEventTimeout: 90s
datastore:
persistentActorRestartMinBackoffInSeconds: 10
persistentActorRestartMaxBackoffInSeconds: 40
persistentActorRestartResetBackoffInSeconds: 20
shardTransactionCommitTimeoutInSeconds: 120
shardIsolatedLeaderCheckIntervalInMillis: 30000
operationTimeoutInSeconds: 120
javaOptions:
maxGCPauseMillis: 100
parallelGCThreads : 3
numberGGLogFiles: 10
# dependency / sub-chart configuration
aafConfig:
addconfig: true
fqdn: "sdnc"
app_ns: "org.osaaf.aaf"
fqi: "sdnc@sdnc.onap.org"
fqi_namespace: org.onap.sdnc
public_fqdn: "sdnc.onap.org"
aafDeployFqi: "deployer@people.osaaf.org"
aafDeployPass: demo123456!
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
secret_uid: *aaf_secret_uid
credsPath: /opt/app/osaaf/local
aaf_init:
agentImage: onap/aaf/aaf_agent:2.1.15
app_ns: "org.osaaf.aaf"
fqi: "sdnc@sdnc.onap.org"
fqdn: "sdnc"
public_fqdn: "sdnc.onap.org"
deploy_fqi: "deployer@people.osaaf.org"
deploy_pass: "demo123456!"
cadi_latitude: "38.0"
cadi_longitude: "-72.0"
mariadb-galera: &mariadbGalera
nameOverride: sdnc-db
config: &mariadbGaleraConfig
rootPasswordExternalSecret: '{{ ternary (include "common.release" .)-sdnc-db-root-password "" .Values.global.mariadbGalera.localCluster }}'
userName: sdnctl
userCredentialsExternalSecret: *dbSecretName
service:
name: sdnc-dbhost
internalPort: 3306
sdnctlPrefix: sdnc
persistence:
mountSubPath: sdnc/mariadb-galera
enabled: true
replicaCount: 1
cds:
enabled: false
dmaap-listener:
nameOverride: sdnc-dmaap-listener
mariadb-galera:
<<: *mariadbGalera
config:
<<: *mariadbGaleraConfig
mysqlDatabase: *sdncDbName
config:
sdncChartName: sdnc
dmaapPort: 3904
sdncPort: 8282
configDir: /opt/onap/sdnc/data/properties
odlCredsExternalSecret: *odlCredsSecretName
ueb-listener:
mariadb-galera:
<<: *mariadbGalera
config:
<<: *mariadbGaleraConfig
mysqlDatabase: *sdncDbName
nameOverride: sdnc-ueb-listener
config:
sdncPort: 8282
sdncChartName: sdnc
configDir: /opt/onap/sdnc/data/properties
odlCredsExternalSecret: *odlCredsSecretName
sdnc-portal:
mariadb-galera:
<<: *mariadbGalera
config:
<<: *mariadbGaleraConfig
mysqlDatabase: *sdncDbName
config:
sdncChartName: sdnc
configDir: /opt/onap/sdnc/data/properties
odlCredsExternalSecret: *odlCredsSecretName
sdnc-ansible-server:
config:
restCredsExternalSecret: *ansibleSecretName
mariadb-galera:
<<: *mariadbGalera
config:
<<: *mariadbGaleraConfig
mysqlDatabase: ansible
service:
name: sdnc-ansible-server
internalPort: 8000
dgbuilder:
nameOverride: sdnc-dgbuilder
config:
db:
dbName: *sdncDbName
rootPasswordExternalSecret: '{{ ternary (printf "%s-sdnc-db-root-password" (include "common.release" .)) (include "common.mariadb.secret.rootPassSecretName" (dict "dot" . "chartName" "mariadb-galera")) .Values.global.mariadbGalera.localCluster }}'
userCredentialsExternalSecret: *dbSecretName
dbPodName: mariadb-galera
dbServiceName: mariadb-galera
# This should be revisited and changed to plain text
dgUserPassword: cc03e747a6afbbcbf8be7668acfebee5
mariadb-galera:
service:
name: sdnc-dgbuilder
nodePort: "03"
ingress:
enabled: false
service:
- baseaddr: "sdnc-dgbuilder"
name: "sdnc-dgbuilder"
port: 3000
config:
ssl: "redirect"
# local elasticsearch cluster
localElasticCluster: true
elasticsearch:
nameOverride: sdnrdb
name: sdnrdb-cluster
aafConfig:
fqdn: "sdnc"
fqi_namespace: org.onap.sdnc
fqi: "sdnc@sdnc.onap.org"
service:
name: sdnrdb
master:
replicaCount: 3
# dedicatednode: "yes"
# working as master node only, in this case increase replicaCount for elasticsearch-data
# dedicatednode: "no"
# handles master and data node functionality
dedicatednode: "no"
nameOverride: sdnrdb
curator:
enabled: true
nameOverride: sdnrdb
data:
enabled: true
replicaCount: 1
nameOverride: sdnrdb
# default number of instances
replicaCount: 1
nodeSelector: {}
affinity: {}
# probe configuration parameters
liveness:
initialDelaySeconds: 10
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
enabled: true
readiness:
initialDelaySeconds: 10
periodSeconds: 10
service:
type: NodePort
name: sdnc
portName: sdnc
internalPort: 8181
internalPort2: 8101
internalPort3: 8080
internalPort4: 8443
#port
externalPort: 8282
externalPort2: 8202
externalPort3: 8280
externalPort4: 8443
nodePort4: 67
clusterPort: 2550
clusterPort2: 2650
clusterPort3: 2681
geoNodePort1: 61
geoNodePort2: 62
geoNodePort3: 63
geoNodePort4: 64
geoNodePort5: 65
geoNodePort6: 66
## Persist data to a persitent volume
persistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
volumeReclaimPolicy: Retain
## database data Persistent Volume Storage Class
## If defined, storageClassName: <storageClass>
## If set to "-", storageClassName: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClassName spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
accessMode: ReadWriteOnce
size: 1Gi
mountPath: /dockerdata-nfs
mountSubPath: sdnc/mdsal
mdsalPath: /opt/opendaylight/current/daexim
certpersistence:
enabled: true
## A manually managed Persistent Volume and Claim
## Requires persistence.enabled: true
## If defined, PVC must be created manually before volume will be bound
# existingClaim:
volumeReclaimPolicy: Retain
accessMode: ReadWriteOnce
size: 50Mi
mountPath: /dockerdata-nfs
mountSubPath: sdnc/certs
certPath: /opt/app/osaaf
##storageClass: "manual"
ingress:
enabled: false
service:
- baseaddr: "sdnc.api"
name: "sdnc"
port: 8443
config:
ssl: "redirect"
#Resource Limit flavor -By Default using small
flavor: small
#segregation for different envionment (Small and Large)
resources:
small:
limits:
cpu: 2
memory: 4Gi
requests:
cpu: 1
memory: 2Gi
large:
limits:
cpu: 4
memory: 8Gi
requests:
cpu: 2
memory: 4Gi
unlimited: {}