# Copyright © 2017 Amdocs, Bell Canada # Modifications Copyright (C) 2022-23 Nordix Foundation # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. # Default values for mariadb. # This is a YAML-formatted file. # Declare variables to be passed into your templates. ################################################################# # Global configuration defaults. ################################################################# global: nodePortPrefix: 302 nodePortPrefixExt: 304 repository: nexus3.onap.org:10001 readinessImage: onap/oom/readiness:6.1.1 ubuntuInitRepository: docker.io mariadbGalera: # flag to enable the DB creation via mariadb-operator useOperator: true nameOverride: mariadb-galera service: mariadb-galera servicePort: "3306" migration: enabled: false dbHost: mariadb-galera dbPort: 3306 dbUser: root dbPassword: secretpassword ################################################################# # Secrets metaconfig ################################################################# secrets: - uid: db-root-pass name: '{{ include "common.release" . }}-so-mariadb-root-pass' type: password externalSecret: '{{ tpl (default "" .Values.db.rootPasswordExternalSecret) . }}' password: '{{ .Values.db.rootPassword }}' passwordPolicy: required - uid: db-backup-creds name: '{{ include "common.release" . }}-so-mariadb-backup-creds' type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.backupCredsExternalSecret) . }}' login: '{{ .Values.db.backupUser }}' password: '{{ .Values.db.backupPassword }}' passwordPolicy: required annotations: helm.sh/hook: pre-upgrade,pre-install helm.sh/hook-weight: "0" helm.sh/hook-delete-policy: before-hook-creation - uid: db-user-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}' login: '{{ .Values.db.userName }}' password: '{{ .Values.db.userPassword }}' - uid: db-admin-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.adminCredsExternalSecret) . }}' login: '{{ .Values.db.adminName }}' password: '{{ .Values.db.adminPassword }}' - uid: camunda-db-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.camunda.dbCredsExternalSecret) . }}' login: '{{ .Values.db.camunda.userName }}' password: '{{ .Values.db.camunda.password }}' - uid: request-db-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.request.dbCredsExternalSecret) . }}' login: '{{ .Values.db.request.userName }}' password: '{{ .Values.db.request.password }}' - uid: catalog-db-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.catalog.dbCredsExternalSecret) . }}' login: '{{ .Values.db.catalog.userName }}' password: '{{ .Values.db.catalog.password }}' - uid: nfvo-db-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.nfvo.dbCredsExternalSecret) . }}' login: '{{ .Values.db.nfvo.userName }}' password: '{{ .Values.db.nfvo.password }}' - uid: cnfm-db-creds type: basicAuth externalSecret: '{{ tpl (default "" .Values.db.cnfm.dbCredsExternalSecret) . }}' login: '{{ .Values.db.cnfm.userName }}' password: '{{ .Values.db.cnfm.password }}' ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 image: mariadb:10.1.38 pullPolicy: Always ubuntuInitImage: oomk8s/ubuntu-init:2.0.0 # Local mariadb galera instance default name mariadb-galera: nameOverride: so-mariadb-galera service: internalPort: 3306 mariadbOperator: galera: enabled: false # db config db: rootPassword: secretpassword # rootPasswordExternalSecret: some secret backupPassword: secretpassword backupUser: root # backupCredsExternalSecret: some secret userName: so_user userPassword: so_User123 # userCredsExternalSecret: some secret adminName: so_admin adminPassword: so_Admin123 # adminCredsExternalSecret: some secret camunda: userName: camundauser password: camunda123 # dbCredsExternalSecret: some secret request: userName: requestuser password: request123 # dbCredsExternalSecret: some secret catalog: userName: cataloguser password: catalog123 # dbCredsExternalSecret: some secret nfvo: userName: nfvouser # dbCredsExternalSecret: some secret cnfm: userName: cnfmuser # dbCredsExternalSecret: some secret # application configuration config: # gerrit branch where the latest heat code is checked in gerritBranch: master # gerrit project where the latest heat code is checked in gerritProject: http://gerrit.onap.org/r/so/docker-config.git # default number of instances nodeSelector: {} affinity: {} ingress: enabled: false # Resource Limit flavor flavor: small resources: small: limits: cpu: "2" memory: "4Gi" requests: cpu: "1" memory: "2Gi" large: limits: cpu: "4" memory: "8Gi" requests: cpu: "2" memory: "4Gi" unlimited: {} persistence: enabled: true ## A manually managed Persistent Volume and Claim ## Requires persistence.enabled: true ## If defined, PVC must be created manually before volume will be bound # existingClaim: volumeReclaimPolicy: Retain ## database data Persistent Volume Storage Class ## If defined, storageClassName: ## If set to "-", storageClassName: "", which disables dynamic provisioning ## If undefined (the default) or set to null, no storageClassName spec is ## set, choosing the default provisioner. (gp2 on AWS, standard on ## GKE, AWS & OpenStack) ## # storageClass: "-" accessMode: ReadWriteMany size: 2Gi mountPath: /dockerdata-nfs mountSubPath: so/migration #Pods Service Account serviceAccount: nameOverride: so-mariadb roles: - read wait_for_job_container: containers: - '{{ include "common.name" . }}-config' readinessCheck: wait_for: services: - '{{ include "common.mariadbService" . }}' # Annotations to control the execution and deletion of the job # Can be used to delete a job before an Upgrade # # jobAnnotations: # # In case of an ArgoCD deployment this Hook deletes the job before syncing # argocd.argoproj.io/hook: Sync # argocd.argoproj.io/hook-delete-policy: BeforeHookCreation # # # In case of an Helm/Flux deployment this Hook deletes the job # # This is what defines this resource as a hook. Without this line, the # # job is considered part of the release. # "helm.sh/hook": "pre-upgrade,pre-rollback,post-install" # "helm.sh/hook-delete-policy": "before-hook-creation" # "helm.sh/hook-weight": "1"