CNC Console Configuration Parameters
Following tables provide list of configuration parameters in the Helm file:
Table 4-4 CNC Console Configuration Parameters
| Attribute Name | DataType | Range | Mandatory(M)/ Optional(O)/Conditional(C) | Description |
|---|---|---|---|---|
| cmservice.dockerRegistry | <String> | M | Here user provides the registry that contains cmservice's
container image. It comprises of the following:
<registry-url>:<registry-port>
e.g.:ocspf-registry.us.oracle.com :5000 |
|
| cmservice.image.name | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Name to be used for "cncc-cmservice" micro service |
| cmservice.image.tag | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Tag to be used for "cncc-cmservice" micro service |
| cmservice.image.pullPolicy | <String> | It can take a value from the following: IfNotPresent, Always, Never IfNotPresent is the default pullPolicy | M | Pull Policy decides from where to pull the image. |
| cmservice.resources.limits.cpu | <Float> | Valid floating point value between 0 and 1 | O | It limits the number of CPUs to be used by the "cncc-cmservice" microservice. By default, it is set to '2'. |
| cmservice.resources.limits.memory | <String> | Valid Integer value followed by Mi/Gi etc. | O | It limits the memory utilization by the "cncc-cmservice" microservice. By default, it is set to '2'. |
| cmservice.resources.requests.cpu | <Float> | Valid floating point value between 0 and 1 | O | It provides a given number of CPUs for the "cncc-cmservice" microservice. By default, it is set to '2'. |
| cmservice.resources.requests.memory | <String> | Valid Integer value followed by Mi/Gi etc. | O | It provides a given amount of memory for the "cncc-cmservice" microservice. By default, it is set to '1. |
| cmservice.deployment.apiPrefix | <String> | '/' followed by the NF name | O | The api-prefix which will be pre-pended in the url. It is not application for CNCConsole deployment, API prefix will be empty. |
| cmservice.deployment.envManageNF | <String> | It is the List of NFs E.g. SCP, PCF | M | It is the list of the enabled NFs and the same NFs will be displayed in the GUI |
| cmservice.deployment.nodeSelectorEnabled | <boolean> | It can take either True or False value. By default, it is false. | O | NodeSelector is the simplest recommended form of node selection constraint. NodeSelector is a field of PodSpec. It specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels |
| cmservice.deployment.nodeSelectorKey | <String> | By default, its value is zone. | O | Node Selector Key |
| cmservice.deployment.nodeSelectorValue | <String> | By default, its value is app. | O | Node Selector value |
| cmservice.service.http.port | <Integer> | It can take value in the range: 0-65535 | O | It isthe port number which makes cmservicevisible to other services running within the same K8s cluster |
| cmservice.service.type | <String> | It can take only 'ClusterIP' as the value. | O | It is used to decide where user wants to expose the service from outside the Kubernetes cluster or not. |
| cmservice.commonServices.routes | - name: <String>apiprefix: String>description: <Stirng> | O | It can take a list of Common Services like Grafana, Kibana, Jaeger etc. Example: - name: Grafana apiprefix: /grafana description: 'Grafana allows you to query, visualize, alert on and understand your metrics no matter where they are stored. Create, explore, and share dashboards with your team and foster a data driven culture.' - name: Kibanaapiprefix: /kibanadescription: 'Kibana, lets you visualize your Elasticsearch data and navigate the Elastic Stack so you can do anything from tracking query load to understanding the way requests flow through your apps.' | |
| ingress-gateway.global.dockerRegistry | <String> | It may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. | M | Here user provides the registry that contains CNCConsole's container image. It comprises of the following: <registry-url>:<registry-port>/<repo> e.g.: ocspf-registry.us.oracle.com :5000/cncc |
| ingress-gateway.fullnameOverride | <String> | It may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. | M | It is the name of the ingress-gateway as given by the user. |
| ingress-gateway.image.name | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator | M | It is the image name of the ingress-gateway as provided by the user |
| ingress-gateway.image.tag | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Tag to be used for ingress-gateway. |
| ingress-gateway.image.pullPolicy | <String> | It can take a value from the following: IfNotPresent, Always, Never IfNotPresent is the default pullPolicy | O | Pull Policy decides from where to pull the image. |
| ingress-gateway.publicHttpSignalingPort | <Integer> | It can take value in the range: 0-65535 | O | It is the port on which ingress-gateway service is exposed # If httpsEnabled is false, this Port would be HTTP/2.0 Port (unsecured) publicHttpSignalingPort: 80 |
| ingress-gateway.publicHttpsSignallingPort | <Integer> | It can take value in the range: 0-65535. | O | It is the port on which ingress-gateway service is exposed # If httpsEnabled is true, this Port would be HTTPS/2.0 Port (secured SSL) |
| ingress-gateway.metalLbIpAllocationEnabled | <Boolean> | True/False By default, it is true. | O | This field enables or disables IP Address allocation from Metallb Pool |
| ingress-gateway.metalLbIpAllocationAnnotation | <Stirng> | Valid ASCII and may contain lowercase and uppercase
letters, digits, underscores, periods and dashes. A tag name may not start with
a period or a dash and may contain a maximum of 128 characters Default set to :
metallb.universe.tf/address-pool : signaling" |
It is the address Pool Annotation for Metallb | |
| ingress-gateway.staticIpAddressEnabled | <Boolean> | True/False By default, it is false. | O | If Static load balancer IP needs to be set, then set staticIpAddressEnabled flag to true and provide value for staticIpAddress else random IP will be assigned by the metalLB from its IP Pool |
| ingress-gateway.staticIpAddress | <Stirng> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | O | If Static load balancer IP needs to be set, then set staticIpAddressEnabled flag to true and provide value for staticIpAddress else random IP will be assigned by the metalLB from its IP Pool |
| ingress-gateway.staticNodePortEnabled | <Boolean> | True/False By default, it is true. | O | If Static node port needs to be set, then set staticNodePortEnabled flag to true and provide value for staticNodePort else random node port will be assigned by K8s |
| ingress-gateway.staticHttpNodePort | <Integer> | It can take value in the range: 0-65535. Default value:30075 | O | If Static node port needs to be set, then set staticNodePortEnabled flag to true and provide value for staticNodePort else random node port will be assigned by K8s |
| ingress-gateway.staticHttpsNodePort | <Integer> | It can take value in the range: 0-65535. Default value:30075 | O | If Static node port needs to be set, then set staticNodePortEnabled flag to true and provide value for staticNodePort else random node port will be assigned by K8s |
| ingress-gateway.initContainersImage.name | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Name to be used for "cncc-cmservice" micro service |
| ingress-gateway.initContainersImage.tag | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Tag to be used for "cncc-cmservice" micro service |
| ingress-gateway.initContainersImage.pullPolicy | <String> | It can take a value from the following: IfNotPresent, Always, Never IfNotPresent is the default pullPolicy | O | Pull Policy decides from where to pull the image. |
| ingress-gateway.updateContainersImage.name | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Name to be used for "cncc-cmservice" micro service |
| ingress-gateway.updateContainersImage.tag | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters | M | Image Tag to be used for "cncc-cmservice" micro service |
| ingress-gateway.updateContainersImage.pullPolicy | <String> | It can take a value from the following: IfNotPresent, Always, Never IfNotPresent is the default pullPolicy | O | Pull Policy decides from where to pull the image. |
| ingress-gateway.type | <String> | It can take value LoadBalance/NodePort depending upon one wants to expose the service from outside the Kubernetes cluster or not. | O | It is used to decide where user wants to expose the service from outside the Kubernetes cluster or not. |
| service.ssl. tlsVersion | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator. It is set to TLSv1.2 | O | It is the TLS version |
| ingress-gateway.service.ssl.privateKey.k8SecretName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the name of K8s secret for private key |
| ingress-gateway.service.ssl.privateKey.k8NameSpace | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the namespace where K8s secret for the private key is deployed |
| ingress-gateway.service.ssl.privateKey.rsa.fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the name of RSA file |
| ingress-gateway.service.ssl.privateKey.ecdsa. fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the name of ECDSA file |
| ingress-gateway.service.ssl.certificate.k8SecretName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the name of K8s secret for the certificate |
| ingress-gateway.service.ssl.certificate.k8NameSpace | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the namespace where K8s secret for the certificate is deployed |
| ingress-gateway.service.ssl.certificate.rsa.fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.ssl.certificate.ecdsa.fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.ssl.caBundle.k8SecretName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.ssl.caBundle.k8NameSpace | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.ssl.caBundle.fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.keyStorePassword.k8SecretName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.keyStorePassword.k8NameSpace | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.keyStorePassword.fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.trustStorePassword.k8SecretName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.trustStorePassword.k8NameSpace | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.trustStorePassword.fileName | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.service.initialAlgorithm | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | |
| ingress-gateway.readinessProbe.initialDelaySeconds | <Integer> | It can take value in the range: 0-65535. Default value:30 | O | It tells the kubelet that it should wait second before performing the first probe |
| ingress-gateway.readinessProbe.timeoutSeconds | <Integer> | It can take value in the range: 0-65535. Default value:3 | O | It is the number of seconds after which the probe times out |
| ingress-gateway.readinessProbe.periodSeconds | <Integer> | It can take value in the range: 0-65535. Default value:10 | O | It specifies that the kubelet should perform a liveness probe every xx seconds |
| ingress-gateway.readinessProbe.successThreshold | <Integer> | It can take value in the range: 0-65535. Default value:1 | O | Minimum consecutive successes for the probe to be considered successful after having failed |
| ingress-gateway.readinessProbe.failureThreshold | <Integer> | It can take value in the range: 0-65535. Default value:3 | O | When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up |
| ingress-gateway.livenessProbe.initialDelaySeconds | <Integer> | It can take value in the range: 0-65535. Default value:30 | O | It tells the kubelet that it should wait second before performing the first probe |
| ingress-gateway.livenessProbe.timeoutSeconds | <Integer> | It can take value in the range: 0-65535. Default value:3 | O | It is the number of seconds after which the probe times out |
| ingress-gateway.livenessProbe.periodSeconds | <Integer> | It can take value in the range: 0-65535. Default value:15 | O | It specifies that the kubelet should perform a liveness probe every xx seconds |
| ingress-gateway.livenessProbe.successThreshold | <Integer> | It can take value in the range: 0-65535. Default value:1 | O | Minimum consecutive successes for the probe to be considered successful after having failed |
| ingress-gateway.livenessProbe.failureThreshold | <Integer> | It can take value in the range: 0-65535. Default value:3 | O | When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up |
| ingress-gateway.minAvailable | <Integer> | It can take value in the range: 0-65535. Default value:1 | O | It is the number of pods that must always be available, even during a disruption. |
| ingress-gateway.minReplicas | <Integer> | It can take value in the range: 0-65535. Default value:1 | O | Min replicas to scale to maintain an average CPU utilization |
| ingress-gateway.maxReplicas | <Integer> | It can take value in the range: 0-65535. Default value:5 | O | Max replicas to scale to maintain an average CPU utilization |
| ingress-gateway.jaegerTracingEnabled | <Boolean> | It can take either True or False value. By default, it is false. | O | It enables/disables jagger tracing |
| ingress-gateway.openTracing.jaeger.udpSender.host | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is the UDP sender host |
| ingress-gateway.openTracing..jaeger.udpSender.port | <Integer> | It can take value in the range: 0-65535. | O | It is the UDP sender host port |
| ingress-gateway.openTracing.jaeger.probabilisticSampler | <Float> | Valid floating point value between 0 and 1 | O | It is jaeger's probabilistic sampler. |
| ingress-gateway.initssl | <Boolean> | It can take either True or False value. By default, it is false. | O | To Initialize SSL related infrastructure in init/update container |
| ingress-gateway.oauthValidatorEnabled | <Boolean> | It can take either True or False value. By default, it is false. | O | To enable OAuth |
| ingress-gateway.enableIncomingHttp | <Boolean> | It can take either True or False value. By default, it is false. | O | Server Configuration for http and https support |
| ingress-gateway.enableIncomingHttps | <Boolean> | It can take either True or False value. By default, it is false. | O | Server Configuration for http and https support |
| ingress-gateway.enableOutgoingHttps | <Boolean> | It can take either True or False value. By default, it is false. | O | Server Configuration for http and https support |
| ingress-gateway.serviceMeshCheck | <Boolean> | It can take either True or False value. By default, it is false. | O | Server Configuration for http and https support |
| ingress-gateway.needClientAuth | <Boolean> | It can take either True or False value. By default, it is false. | O | Flag to enable mutual TLS |
| ingress-gateway.cncoamGatewayEnabled | <Boolean> | It can take either True or False value. By default, it is true. | M | It enables CNC Console ingress-gateway. Enabling will this will enable Identity-Access-Management(IAM) |
| ingress-gateway.identityAccessMgt.uri | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | M | It is the URI of the Identity-Access-Management(IAM) |
| ingress-gateway.identityAccessMgt.path | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | M | It is the base-path of Identity-Access-Management(IAM) |
| ingress-gateway.identityAccessMgt.realm | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | M | It is the realm that is configured in Identity-Access-Management(IAM): |
| ingress-gateway.service.name | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes.A name component may not start or end with a separator | O | It is used to provide the name of the api-gateway service. |
| ingress-gateway.service . staticNodePortEnabled | <boolean> | It can take either True or False value. By default, it is false. | O | It is the flag for enabling/disabling the static Nodeport for api-gateway service. |
| ingress-gateway.ports.containerPort | <Integer> | It can take value in the range: 0-65535. Default value: 8081 | O | It is the http port of the container for the ingress-gateway. |
| ingress-gateway.ports.containersslPort | <Integer> | It can take value in the range: 0-65535. Default value: 8443 | O | It is the https port of the container for the ingress-gateway. |
| ingress-gateway.ports.actuatorPort | <Integer> | It can take value in the range: 0-65535. Default value: 9090 | O | It is the actuator port of the container for the ingress-gateway. |
| ingress-gateway.log.level | <enum> | It can take values like: WARN, DEBUG, INFO, TRACE etc. | O | It is the level at which user wants to see the logs. E.g. WARN |
| ingress-gateway.resources.limits.cpu | <Float> | Valid floating point value between 0 and 1 | O | It limits the number of CPUs to be used by the microservice. |
| ingress-gateway.resources.limits.memory | <String> | Valid Integer value followed by Mi/Gi etc. | O | It limits the memory utilization by the microservice. |
| ingress-gateway.resources.requests.cpu | <Float> | Valid floating point value between 0 and 1 | O | It provides a given number of CPUs for the microservice. |
| ingress-gateway.resources.requests.memory | <String> | Valid Integer value followed by Mi/Gi etc. | O | It provides a given amount of memory for the microservice. |
| ingress-gateway.resources.target.averageCpuUtil | <Integer> | A value in between 0-100 | O | It gives the average CPU utilization percentage. |
| ingress-gateway.routesConfig[].id | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. | M | If SCP route needs to be added to CNC Console ingress-gateway |
| ingress-gateway.routesConfig[].uri | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. | M | If SCP route needs to be added to CNC Console ingress-gateway |
| ingress-gateway.routesConfig[].path | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. | M | If SCP route needs to be added to CNC Console ingress-gateway |
| ingress-gateway.routesConfig[].rewritePath | <String> | Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. | O | If SCP route needs to be added to CNC Console ingress-gateway |
