airship
/
deckhand
Code Issues Proposed changes
deckhand/charts/deckhand/values.yaml

354 lines
8.4 KiB
YAML
Raw Blame History

# Copyright (c) 2017 AT&T Intellectual Property. All rights reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
# This file provides defaults for deckhand
labels:
node_selector_key: ucp-control-plane
node_selector_value: enabled
images:
tags:
deckhand: quay.io/attcomdev/deckhand:latest
dep_check: "quay.io/stackanetes/kubernetes-entrypoint:v0.3.1"
db_init: docker.io/postgres:9.5
db_sync: quay.io/attcomdev/deckhand:latest
ks_endpoints: docker.io/openstackhelm/heat:newton
ks_service: docker.io/openstackhelm/heat:newton
ks_user: docker.io/openstackhelm/heat:newton
pull_policy: "IfNotPresent"
release_group: null
network:
ingress:
public: true
port: 9000
node_port: 31902
enable_node_port: false
dependencies:
db_init:
services:
- service: postgresql
endpoint: internal
db_sync:
jobs:
- deckhand-db-init
services:
- service: postgresql
endpoint: internal
ks_user:
services:
- service: identity
endpoint: internal
ks_service:
services:
- service: identity
endpoint: internal
ks_endpoints:
jobs:
- deckhand-ks-service
services:
- service: identity
endpoint: internal
deckhand:
jobs:
- deckhand-ks-endpoints
- deckhand-ks-user
- deckhand-ks-endpoints
services:
- service: identity
endpoint: internal
- service: key_manager
endpoint: internal
# typically overridden by environmental
# values, but should include all endpoints
# required by this chart
endpoints:
cluster_domain_suffix: cluster.local
identity:
name: keystone
auth:
user:
region_name: RegionOne
role: admin
project_name: service
project_domain_name: default
user_domain_name: default
username: deckhand
password: password
admin:
region_name: RegionOne
project_name: admin
password: password
username: admin
user_domain_name: default
project_domain_name: default
hosts:
default: keystone-api
public: keystone
path:
default: /v3
scheme:
default: http
port:
admin:
default: 35357
api:
default: 80
host_fqdn_override:
default: null
deckhand:
name: deckhand
hosts:
default: deckhand-int
public: deckhand-api
port:
api:
default: 9000
public: 80
path:
default: /api/v1.0
scheme:
default: http
host_fqdn_override:
default: null
postgresql:
name: postgresql
auth:
admin:
username: postgres
password: password
user:
username: deckhand
password: password
database: deckhand
hosts:
default: postgresql
path: /deckhand
scheme: postgresql+psycopg2
port:
postgresql:
default: 5432
host_fqdn_override:
default: null
key_manager:
name: barbican
hosts:
default: barbican-api
public: barbican
host_fqdn_override:
default: null
path:
default: /v1
scheme:
default: http
port:
api:
default: 9311
public: 80
oslo_cache:
hosts:
default: memcached
host_fqdn_override:
default: null
port:
memcache:
default: 11211
secrets:
identity:
admin: deckhand-keystone-admin
user: deckhand-keystone-user
postgresql:
admin: deckhand-db-admin
user: deckhand-db-user
conf:
uwsgi:
# NOTE(fmontei): Deckhand's database is not configured to work with
# multiprocessing. Currently there is a data race on acquiring shared
# SQLAlchemy engine pooled connection strings when workers > 1. As a
# workaround, we use multiple threads but only 1 worker. For more
# information, see: https://github.com/att-comdev/deckhand/issues/20
threads: 4
workers: 1
policy:
admin_api: role:admin
deckhand:create_cleartext_documents: rule:admin_api
deckhand:create_encrypted_documents: rule:admin_api
deckhand:list_cleartext_documents: rule:admin_api
deckhand:list_encrypted_documents: rule:admin_api
deckhand:show_revision: rule:admin_api
deckhand:list_revisions: rule:admin_api
deckhand:delete_revisions: rule:admin_api
deckhand:show_revision_diff: rule:admin_api
deckhand:create_tag: rule:admin_api
deckhand:show_tag: rule:admin_api
deckhand:list_tags: rule:admin_api
deckhand:delete_tag: rule:admin_api
deckhand:delete_tags: rule:admin_api
paste:
filter:authtoken:
paste.filter_factory: keystonemiddleware.auth_token:filter_factory
filter:debug:
use: egg:oslo.middleware#debug
filter:cors:
paste.filter_factory: oslo_middleware.cors:filter_factory
oslo_config_project: deckhand
filter:request_id:
paste.filter_factory: oslo_middleware:RequestId.factory
app:api:
paste.app_factory: deckhand.service:deckhand_app_factory
pipeline:deckhand_api:
pipeline: authtoken api
deckhand:
DEFAULT:
debug: true
use_stderr: true
use_syslog: true
profiler: false
database:
connection:
keystone_authtoken:
delay_auth_decision: true
auth_type: password
auth_version: v3
memcache_security_strategy: ENCRYPT
oslo_policy:
policy_file: policy.yaml
policy_default_rule: default
policy_dirs: policy.d
barbican:
api_endpoint:
logging:
loggers:
keys: 'root, deckhand, error'
handlers:
keys: 'null, stderr, stdout, syslog'
formatters:
keys: 'simple, context'
logger_deckhand:
level: DEBUG
handlers: stdout
qualname: deckhand
logger_error:
level: ERROR
handlers: stderr
qualname: deckhand
logger_root:
level: WARNING
handlers: null
handler_null:
class: 'logging.NullHandler'
formatter: context
args: '()'
handler_stderr:
class: StreamHandler
args: '(sys.stderr,)'
formatter: context
handler_stdout:
class: StreamHandler
args: '(sys.stdout,)'
formatter: context
handler_syslog:
class: 'handlers.SysLogHandler'
level: ERROR
args: "('/dev/log', handlers.SysLogHandler.LOG_USER)"
formatter_context:
class: 'oslo_log.formatters.ContextFormatter'
formatter_simple:
format: "%(asctime)s.%(msecs)03d %(process)d %(levelname)s: %(message)s"
pod:
mounts:
deckhand_db_init:
init_container: null
deckhand_db_init:
deckhand_db_sync:
init_container: null
deckhand_db_sync:
deckhand:
init_container: null
deckhand:
lifecycle:
upgrades:
deployments:
revision_history: 3
pod_replacement_strategy: RollingUpdate
rolling_update:
max_unavailable: 1
max_surge: 3
termination_grace_period:
deckhand:
timeout: 30
replicas:
deckhand: 1
resources:
enabled: false
api:
limits:
memory: "128Mi"
cpu: "100m"
requests:
memory: "128Mi"
cpu: "100m"
jobs:
ks_user:
limits:
memory: "128Mi"
cpu: "100m"
requests:
memory: "128Mi"
cpu: "100m"
ks_service:
limits:
memory: "128Mi"
cpu: "100m"
requests:
memory: "128Mi"
cpu: "100m"
ks_endpoints:
limits:
memory: "128Mi"
cpu: "100m"
requests:
memory: "128Mi"
cpu: "100m"
test:
deckhand:
limits:
memory: "128Mi"
cpu: "100m"
requests:
memory: "128Mi"
cpu: "100m"
manifests:
configmap_bin: true
configmap_etc: true
deployment: true
job_db_init: true
job_db_sync: true
job_ks_endpoints: true
job_ks_service: true
job_ks_user: true
secret_db: true
secret_keystone: true
service_api: true
ingress_api: true
service: true
service_ingress: true
test_deckhand_api: true
View Git Blame Copy Permalink