mirror of
https://github.com/Telecominfraproject/wlan-cloud-owprov.git
synced 2026-01-27 02:22:46 +00:00
273 lines
7.5 KiB
YAML
273 lines
7.5 KiB
YAML
# System
|
|
replicaCount: 1
|
|
strategyType: Recreate
|
|
revisionHistoryLimit: 2
|
|
|
|
nameOverride: ""
|
|
fullnameOverride: ""
|
|
|
|
images:
|
|
owprov:
|
|
repository: tip-tip-wlan-cloud-ucentral.jfrog.io/owprov
|
|
tag: main
|
|
pullPolicy: Always
|
|
# regcred:
|
|
# registry: tip-tip-wlan-cloud-ucentral.jfrog.io
|
|
# username: username
|
|
# password: password
|
|
dockerize:
|
|
repository: tip-tip-wlan-cloud-ucentral.jfrog.io/dockerize
|
|
tag: 0.16.0
|
|
pullPolicy: IfNotPresent
|
|
|
|
services:
|
|
owprov:
|
|
type: ClusterIP
|
|
ports:
|
|
restapi:
|
|
servicePort: 16005
|
|
targetPort: 16005
|
|
protocol: TCP
|
|
restapiinternal:
|
|
servicePort: 17005
|
|
targetPort: 17005
|
|
protocol: TCP
|
|
|
|
checks:
|
|
owprov:
|
|
liveness:
|
|
httpGet:
|
|
path: /
|
|
port: 16105
|
|
readiness:
|
|
exec:
|
|
command:
|
|
- /readiness_check
|
|
|
|
ingresses:
|
|
restapi:
|
|
enabled: false
|
|
annotations: {}
|
|
# kubernetes.io/ingress.class: nginx
|
|
# kubernetes.io/tls-acme: "true"
|
|
hosts:
|
|
- restapi.chart-example.local
|
|
paths:
|
|
- path: /
|
|
pathType: ImplementationSpecific
|
|
serviceName: owprov
|
|
servicePort: restapi
|
|
|
|
volumes:
|
|
owprov:
|
|
- name: config
|
|
mountPath: /owprov-data/owprov.properties
|
|
subPath: owprov.properties
|
|
# Template below will be rendered in template
|
|
volumeDefinition: |
|
|
secret:
|
|
secretName: {{ include "owprov.fullname" . }}-config
|
|
- name: certs
|
|
mountPath: /owprov-data/certs
|
|
volumeDefinition: |
|
|
secret:
|
|
secretName: {{ if .Values.existingCertsSecret }}{{ .Values.existingCertsSecret }}{{ else }}{{ include "owprov.fullname" . }}-certs{{ end }}
|
|
# Change this if you want to use another volume type
|
|
- name: persist
|
|
mountPath: /owprov-data/persist
|
|
volumeDefinition: |
|
|
persistentVolumeClaim:
|
|
claimName: {{ template "owprov.fullname" . }}-pvc
|
|
|
|
resources: {}
|
|
# We usually recommend not to specify default resources and to leave this as a conscious
|
|
# choice for the user. This also increases chances charts run on environments with little
|
|
# resources, such as Minikube. If you do want to specify resources, uncomment the following
|
|
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
|
|
# requests:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
# limits:
|
|
# cpu: 100m
|
|
# memory: 128Mi
|
|
|
|
securityContext:
|
|
fsGroup: 1000
|
|
|
|
nodeSelector: {}
|
|
|
|
tolerations: []
|
|
|
|
affinity: {}
|
|
|
|
podAnnotations: {}
|
|
|
|
persistence:
|
|
enabled: true
|
|
# storageClassName: "-"
|
|
accessModes:
|
|
- ReadWriteOnce
|
|
size: 10Gi
|
|
annotations: {}
|
|
|
|
# Application
|
|
public_env_variables:
|
|
OWPROV_ROOT: /owprov-data
|
|
OWPROV_CONFIG: /owprov-data
|
|
# Environment variables required for the readiness checks using script
|
|
FLAGS: "-s --connect-timeout 3"
|
|
# NOTE in order for readiness check to use system info you need to set READINESS_METHOD to "systeminfo" and set OWSEC to the OWSEC's REST API endpoint
|
|
#READINESS_METHOD: systeminfo
|
|
#OWSEC: gw-qa01.cicd.lab.wlan.tip.build:16001
|
|
|
|
secret_env_variables:
|
|
# NOTE in order for readiness check to use system info method you need to override these values to the real OWSEC credentials
|
|
OWSEC_USERNAME: tip@ucentral.com
|
|
OWSEC_PASSWORD: openwifi
|
|
|
|
configProperties:
|
|
# -> Public part
|
|
# REST API
|
|
openwifi.restapi.host.0.backlog: 100
|
|
openwifi.restapi.host.0.security: relaxed
|
|
openwifi.restapi.host.0.rootca: $OWPROV_ROOT/certs/restapi-ca.pem
|
|
openwifi.restapi.host.0.address: "*"
|
|
openwifi.restapi.host.0.port: 16005
|
|
openwifi.restapi.host.0.cert: $OWPROV_ROOT/certs/restapi-cert.pem
|
|
openwifi.restapi.host.0.key: $OWPROV_ROOT/certs/restapi-key.pem
|
|
openwifi.internal.restapi.host.0.backlog: 100
|
|
openwifi.internal.restapi.host.0.security: relaxed
|
|
openwifi.internal.restapi.host.0.rootca: $OWPROV_ROOT/certs/restapi-ca.pem
|
|
openwifi.internal.restapi.host.0.address: "*"
|
|
openwifi.internal.restapi.host.0.port: 17005
|
|
openwifi.internal.restapi.host.0.cert: $OWPROV_ROOT/certs/restapi-cert.pem
|
|
openwifi.internal.restapi.host.0.key: $OWPROV_ROOT/certs/restapi-key.pem
|
|
# ALB
|
|
alb.enable: "true"
|
|
alb.port: 16105
|
|
# Kafka
|
|
openwifi.kafka.enable: "false"
|
|
openwifi.kafka.group.id: prov
|
|
openwifi.kafka.client.id: prov1
|
|
openwifi.kafka.brokerlist: localhost:9092
|
|
openwifi.kafka.auto.commit: false
|
|
openwifi.kafka.queue.buffering.max.ms: 50
|
|
openwifi.kafka.ssl.ca.location: ""
|
|
openwifi.kafka.ssl.certificate.location: ""
|
|
openwifi.kafka.ssl.key.location: ""
|
|
openwifi.kafka.ssl.key.password: ""
|
|
# Storage
|
|
storage.type: sqlite # (sqlite|postgresql|mysql|odbc)
|
|
## SQLite
|
|
storage.type.sqlite.db: prov.db
|
|
storage.type.sqlite.idletime: 120
|
|
storage.type.sqlite.maxsessions: 128
|
|
## PostgreSQL
|
|
storage.type.postgresql.maxsessions: 64
|
|
storage.type.postgresql.idletime: 60
|
|
storage.type.postgresql.host: localhost
|
|
storage.type.postgresql.database: owprov
|
|
storage.type.postgresql.port: 5432
|
|
storage.type.postgresql.connectiontimeout: 60
|
|
## MySQL
|
|
storage.type.mysql.maxsessions: 64
|
|
storage.type.mysql.idletime: 60
|
|
storage.type.mysql.host: localhost
|
|
storage.type.mysql.database: owprov
|
|
storage.type.mysql.port: 3306
|
|
storage.type.mysql.connectiontimeout: 60
|
|
# System
|
|
openwifi.service.key: $OWPROV_ROOT/certs/restapi-key.pem
|
|
openwifi.system.data: $OWPROV_ROOT/persist
|
|
openwifi.system.debug: "true"
|
|
openwifi.system.uri.private: https://localhost:17005
|
|
openwifi.system.uri.public: https://localhost:16005
|
|
openwifi.system.uri.ui: https://localhost
|
|
openwifi.system.commandchannel: /tmp/app_owprov
|
|
iptocountry.provider: ipinfo
|
|
# Logging
|
|
logging.type: console
|
|
logging.path: $OWPROV_ROOT/logs
|
|
logging.level: debug
|
|
|
|
# -> Secret part
|
|
# REST API
|
|
openwifi.restapi.host.0.key.password: mypassword
|
|
openwifi.internal.restapi.host.0.key.password: mypassword
|
|
# Storage
|
|
## PostgreSQL
|
|
storage.type.postgresql.username: stephb
|
|
storage.type.postgresql.password: snoopy99
|
|
## MySQL
|
|
storage.type.mysql.username: stephb
|
|
storage.type.mysql.password: snoopy99
|
|
|
|
# NOTE: List of required certificates may be found in "certs" key. Alternative way to pass required certificates is to create external secret with all required certificates and set secret name in "existingCertsSecret" key. Details may be found in https://github.com/Telecominfraproject/wlan-cloud-ucentral-deploy/tree/main/chart#tldr
|
|
existingCertsSecret: ""
|
|
|
|
certs:
|
|
# restapi-ca.pem: ""
|
|
# restapi-cert.pem: ""
|
|
# restapi-key.pem: ""
|
|
|
|
# PostgreSQL (https://github.com/bitnami/charts/tree/master/bitnami/postgresql)
|
|
postgresql:
|
|
enabled: false
|
|
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/postgresql
|
|
tag: 11.13.0-debian-10-r0
|
|
|
|
postgresqlPostgresPassword: ""
|
|
postgresqlUsername: postgres
|
|
postgresqlPassword: ""
|
|
postgresqlDatabase: ""
|
|
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ""
|
|
size: 8Gi
|
|
|
|
# MySQL (https://github.com/bitnami/charts/tree/master/bitnami/mysql)
|
|
mysql:
|
|
enabled: false
|
|
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/mysql
|
|
tag: 8.0.26-debian-10-r10
|
|
|
|
auth:
|
|
rootPassword: ""
|
|
database: my_database
|
|
username: ""
|
|
password: ""
|
|
|
|
primary:
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ""
|
|
size: 8Gi
|
|
|
|
# MariaDB (https://github.com/bitnami/charts/tree/master/bitnami/mariadb)
|
|
mariadb:
|
|
enabled: false
|
|
|
|
image:
|
|
registry: docker.io
|
|
repository: bitnami/mariadb
|
|
tag: 10.5.12-debian-10-r0
|
|
|
|
auth:
|
|
rootPassword: ""
|
|
database: my_database
|
|
username: ""
|
|
password: ""
|
|
|
|
primary:
|
|
persistence:
|
|
enabled: true
|
|
storageClass: ""
|
|
size: 8Gi
|