X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=blobdiff_plain;f=ric-infra%2F30-Kong%2Fhelm%2Fkong%2Fcharts%2Fkong%2Fvalues.yaml;fp=ric-infra%2F30-Kong%2Fhelm%2Fkong%2Fcharts%2Fkong%2Fvalues.yaml;h=56474ebbbb2849eb320bc7fafd7a439b9a272879;hb=adbdd09e7300845d14107f67034d817286519a40;hp=0000000000000000000000000000000000000000;hpb=67e464c5c70457e37681d96baa79c36b4b26eb3d;p=it%2Fdep.git diff --git a/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml b/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml new file mode 100755 index 00000000..56474ebb --- /dev/null +++ b/ric-infra/30-Kong/helm/kong/charts/kong/values.yaml @@ -0,0 +1,386 @@ +# Default values for kong. +# Declare variables to be passed into your templates. + +image: + repository: kong + # repository: kong-docker-kong-enterprise-edition-docker.bintray.io/kong-enterprise-edition + tag: 1.2 + pullPolicy: IfNotPresent + ## Optionally specify an array of imagePullSecrets. + ## Secrets must be manually created in the namespace. + ## If using the official Kong Enterprise registry above, you MUST provide a secret. + ## ref: https://kubernetes.io/docs/tasks/configure-pod-container/pull-image-private-registry/ + ## + # pullSecrets: + # - myRegistrKeySecretName + +waitImage: + repository: busybox + tag: latest + +# Specify Kong admin and proxy services configurations +admin: + # If you want to specify annotations for the admin service, uncomment the following + # line, add additional or adjust as needed, and remove the curly braces after 'annotations:'. + annotations: {} + # service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" + + # HTTPS traffic on the admin port + # if set to false also set readinessProbe and livenessProbe httpGet scheme's to 'HTTP' + useTLS: true + servicePort: 8444 + containerPort: 8444 + # Kong admin service type + type: NodePort + # Set a nodePort which is available + # nodePort: 32444 + # Kong admin ingress settings. + ingress: + # Enable/disable exposure using ingress. + enabled: false + # TLS secret name. + # tls: kong-admin.example.com-tls + # Array of ingress hosts. + hosts: [] + # Map of ingress annotations. + annotations: {} + # Ingress path. + path: / + +proxy: + # If you want to specify annotations for the proxy service, uncomment the following + # line, add additional or adjust as needed, and remove the curly braces after 'annotations:'. + annotations: {} + # service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" + + # HTTP plain-text traffic + http: + enabled: true + servicePort: 80 + containerPort: 8000 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32080 + + tls: + enabled: true + servicePort: 443 + containerPort: 8443 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32443 + + type: NodePort + + # Kong proxy ingress settings. + ingress: + # Enable/disable exposure using ingress. + enabled: false + # TLS secret name. + # tls: kong-proxy.example.com-tls + # Array of ingress hosts. + hosts: [] + # Map of ingress annotations. + annotations: {} + # Ingress path. + path: / + + externalIPs: [] + +manager: + # If you want to specify annotations for the Manager service, uncomment the following + # line, add additional or adjust as needed, and remove the curly braces after 'annotations:'. + annotations: {} + # service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" + + # HTTP plain-text traffic + http: + enabled: true + servicePort: 8002 + containerPort: 8002 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32080 + + tls: + enabled: true + servicePort: 8445 + containerPort: 8445 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32443 + + type: NodePort + + # Kong proxy ingress settings. + ingress: + # Enable/disable exposure using ingress. + enabled: false + # TLS secret name. + # tls: kong-proxy.example.com-tls + # Array of ingress hosts. + hosts: [] + # Map of ingress annotations. + annotations: {} + # Ingress path. + path: / + + externalIPs: [] + +portal: + # If you want to specify annotations for the Portal service, uncomment the following + # line, add additional or adjust as needed, and remove the curly braces after 'annotations:'. + annotations: {} + # service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" + + # HTTP plain-text traffic + http: + enabled: true + servicePort: 8003 + containerPort: 8003 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32080 + + tls: + enabled: true + servicePort: 8446 + containerPort: 8446 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32443 + + type: NodePort + + # Kong proxy ingress settings. + ingress: + # Enable/disable exposure using ingress. + enabled: false + # TLS secret name. + # tls: kong-proxy.example.com-tls + # Array of ingress hosts. + hosts: [] + # Map of ingress annotations. + annotations: {} + # Ingress path. + path: / + + externalIPs: [] + +portalapi: + # If you want to specify annotations for the Portal API service, uncomment the following + # line, add additional or adjust as needed, and remove the curly braces after 'annotations:'. + annotations: {} + # service.beta.kubernetes.io/aws-load-balancer-proxy-protocol: "*" + + # HTTP plain-text traffic + http: + enabled: true + servicePort: 8004 + containerPort: 8004 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32080 + + tls: + enabled: true + servicePort: 8447 + containerPort: 8447 + # Set a nodePort which is available if service type is NodePort + # nodePort: 32443 + + type: NodePort + + # Kong proxy ingress settings. + ingress: + # Enable/disable exposure using ingress. + enabled: false + # TLS secret name. + # tls: kong-proxy.example.com-tls + # Array of ingress hosts. + hosts: [] + # Map of ingress annotations. + annotations: {} + # Ingress path. + path: / + + externalIPs: [] + +# Toggle Kong Enterprise features on or off +# RBAC and SMTP configuration have additional options that must all be set together +# Other settings should be added to the "env" settings below +enterprise: + enabled: false + # Kong Enterprise license secret name + # This secret must contain a single 'license' key, containing your base64-encoded license data + # The license secret is required for all Kong Enterprise deployments + license_secret: you-must-create-a-kong-license-secret + # Session configuration secret + # The session conf secret is required if using RBAC or the Portal + vitals: + enabled: true + portal: + enabled: false + # portal_auth here sets the default authentication mechanism for the Portal + # FIXME This can be changed per-workspace, but must currently default to + # basic-auth to work around limitations with session configuration + portal_auth: basic-auth + # If the Portal is enabled and any workspace's Portal uses authentication, + # this Secret must contain an portal_session_conf key + # The key value must be a secret configuration, following the example at https://docs.konghq.com/enterprise/0.35-x/kong-manager/authentication/sessions/ + session_conf_secret: you-must-create-a-portal-session-conf-secret + rbac: + enabled: false + admin_gui_auth: basic-auth + # If RBAC is enabled, this Secret must contain an admin_gui_session_conf key + # The key value must be a secret configuration, following the example at https://docs.konghq.com/enterprise/0.35-x/kong-manager/authentication/sessions/ + session_conf_secret: you-must-create-an-rbac-session-conf-secret + # Set to the appropriate plugin config JSON if not using basic-auth + # admin_gui_auth_conf: '' + smtp: + enabled: false + portal_emails_from: none@example.com + portal_emails_reply_to: none@example.com + admin_emails_from: none@example.com + admin_emails_reply_to: none@example.com + smtp_admin_emails: none@example.com + smtp_host: smtp.example.com + smtp_port: 587 + smtp_starttls: true + auth: + # If your SMTP server does not require authentication, this section can + # be left as-is. If smtp_username is set to anything other than an empty + # string, you must create a Secret with an smtp_password key containing + # your SMTP password and specify its name here. + smtp_username: '' # e.g. postmaster@example.com + smtp_password_secret: you-must-create-an-smtp-password + +# Set runMigrations to run Kong migrations +runMigrations: true + +# Specify Kong configurations +# Kong configurations guide https://getkong.org/docs/latest/configuration/ +env: + database: postgres + proxy_access_log: /dev/stdout + admin_access_log: /dev/stdout + admin_gui_access_log: /dev/stdout + portal_api_access_log: /dev/stdout + proxy_error_log: /dev/stderr + admin_error_log: /dev/stderr + admin_gui_error_log: /dev/stderr + portal_api_error_log: /dev/stderr + +# If you want to specify resources, uncomment the following +# lines, adjust them as necessary, and remove the curly braces after 'resources:'. +resources: {} + # limits: + # cpu: 100m + # memory: 128Mi + # requests: + # cpu: 100m + # memory: 128Mi + +# readinessProbe for Kong pods +# If using Kong Enterprise with RBAC, you must add a Kong-Admin-Token header +readinessProbe: + httpGet: + path: "/status" + port: admin + scheme: HTTPS + initialDelaySeconds: 30 + timeoutSeconds: 1 + periodSeconds: 10 + successThreshold: 1 + failureThreshold: 5 + +# livenessProbe for Kong pods +# If using Kong Enterprise with RBAC, you must add a Kong-Admin-Token header +livenessProbe: + httpGet: + path: "/status" + port: admin + scheme: HTTPS + initialDelaySeconds: 30 + timeoutSeconds: 5 + periodSeconds: 30 + successThreshold: 1 + failureThreshold: 5 + +# Affinity for pod assignment +# Ref: https://kubernetes.io/docs/concepts/configuration/assign-pod-node/#affinity-and-anti-affinity +# affinity: {} + +# Tolerations for pod assignment +# Ref: https://kubernetes.io/docs/concepts/configuration/taint-and-toleration/ +tolerations: [] + +# Node labels for pod assignment +# Ref: https://kubernetes.io/docs/user-guide/node-selection/ +nodeSelector: {} + +# Annotation to be added to Kong pods +podAnnotations: {} + +# Kong pod count +replicaCount: 1 + +# Kong has a choice of either Postgres or Cassandra as a backend datatstore. +# This chart allows you to choose either of them with the `database.type` +# parameter. Postgres is chosen by default. + +# Additionally, this chart allows you to use your own database or spin up a new +# instance by using the `postgres.enabled` or `cassandra.enabled` parameters. +# Enabling both will create both databases in your cluster, but only one +# will be used by Kong based on the `env.database` parameter. +# Postgres is enabled by default. + +# Cassandra chart configs +cassandra: + enabled: false + +# PostgreSQL chart configs +postgresql: + enabled: true + postgresqlUsername: kong + postgresqlDatabase: kong + service: + port: 5432 + +# Kong Ingress Controller's primary purpose is to satisfy Ingress resources +# created in k8s. It uses CRDs for more fine grained control over routing and +# for Kong specific configuration. +ingressController: + enabled: false + image: + repository: kong-docker-kubernetes-ingress-controller.bintray.io/kong-ingress-controller + tag: 0.4.0 + replicaCount: 1 + livenessProbe: + failureThreshold: 3 + httpGet: + path: "/healthz" + port: 10254 + scheme: HTTP + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + readinessProbe: + failureThreshold: 3 + httpGet: + path: "/healthz" + port: 10254 + scheme: HTTP + initialDelaySeconds: 30 + periodSeconds: 10 + successThreshold: 1 + timeoutSeconds: 5 + + installCRDs: true + + rbac: + # Specifies whether RBAC resources should be created + create: true + + serviceAccount: + # Specifies whether a ServiceAccount should be created + create: true + # The name of the ServiceAccount to use. + # If not set and create is true, a name is generated using the fullname template + name: + + ingressClass: kong