Customizing Unified Data Repository

The Unified Data Repository deployment could be customized by overriding the default values of various configurable parameters.

In Deploying Cloud Native Unified Data Repository, the MySQL host is customized.

A values.yaml file could be prepared by hand to customize the parameters.

Following is an example of Unified Data Repository customization file. 

# Copyright 2019 (C), Oracle and/or its affiliates. All rights reserved.
​
global:
  mysql:
    dbServiceName: "udrdbservice"    #This is a read only parameter. Use the default value.
    port: "3306"
    dbname: "udrdb"
    dsusername: "udruser"
    dspassword: "udrpasswd"
  udrdbservice:
    primaryhost: "10.75.173.213"
    secondaryhost: "10.75.173.217"
    port: "3306"
    targetPort: "3306"
  jaeger:
    service:
     name: "occne-tracer-jaeger-collector.occne-infra"
     port: 9411
  hikari:
    poolsize: "25"
  dbenc:
    passphrase: "My secret passphrase"
    shavalue: 256
​
nudr-drservice:
  image:
    repository: udr-dev-bastion-1:5000/ocudr/nudr_datarepository_service
    tag: 1.5.0
    pullPolicy: IfNotPresent
​
  service:
    http2enabled: "true"
    type: ClusterIP
    port:
      http: 5001
      https: 5002
      management: 9000
​
  notify:
    port:
      http: 5001
      https: 5002
​
  deployment:
    replicaCount: 1
​
  logging:
    level:
      root: "WARN"
​
  subscriber:
    autocreate: "true"
​
  validate:
    smdata: "true"
 
  resources:
    limits:
      cpu: 3
      memory: 4Gi
    requests:
      cpu: 3
      memory: 4Gi
    target:
      averageCpuUtil: 80
  
  minReplicas: 1
  maxReplicas: 4
​
nudr-notify-service:
  image:
    repository: udr-dev-bastion-1:5000/ocudr/nudr_notify_service
    tag: 1.5.0
    pullPolicy: IfNotPresent
​
  service:
    http2enabled: "true"
    type: ClusterIP
    port:
      http: 5001
      https: 5002
      management: 9000
​
  deployment:
    replicaCount: 1
  
  notification:
    retrycount: "3"
    retryinterval: "5"
    retryerrorcodes: "400,429,500,503"
​
  logging:
    level:
      root: "WARN"
​
  resources:
    limits:
      cpu: 3
      memory: 4Gi
    requests:
      cpu: 3
      memory: 4Gi
    target:
      averageCpuUtil: 80
  
  minReplicas: 1
  maxReplicas: 4
​
nudr-nrf-client-service:
  host:
    baseurl: "http://ocnrf-endpoint.mynrf.svc.cluster.local/nnrf-nfm/v1/nf-instances"
    proxy: 
  ssl: "false"
  logging:
    level:
      root: "WARN"
  image:
    repository: udr-dev-bastion-1:5000/ocudr/nrf_client_service
    tag: 1.5.0
    pullPolicy: IfNotPresent
  heartBeatTimer: "90"
  groupId: "udr-1"
  capacityMultiplier: "500"
  supirange: "[{\"start\": \"10000000000\", \"end\": \"20000000000\"}]"
  priority: "10"
​
 # The below 2 configuration will change based on site k8s name resolution settings, Also note the changes with namespace used for udr installation
  livenessProbeUrl: "http://nudr-notify-service.myudr.svc.cluster.local:9000/actuator/health,http://nudr-drservice.myudr.svc.cluster.local:9000/actuator/health,http://ocudr-endpoint.myudr.svc.cluster.local:9000/actuator/health"
  fqdn: "ocudr-endpoint.myudr.svc.cluster.local"
​
ingress-gateway: 
 global:
   # Docker registry name
   dockerRegistry: udr-dev-bastion-1:5000/ocudr
​
  # Specify type of service - Possible values are :- ClusterIP, NodePort, LoadBalancer and ExternalName
   type: LoadBalancer
​
   # Enable or disable IP Address allocation from Metallb Pool
   metalLbIpAllocationEnabled: true
​
   # Address Pool Annotation for Metallb
   metalLbIpAllocationAnnotation: "metallb.universe.tf/address-pool: signaling"
​
   # If Static node port needs to be set, then set staticNodePortEnabled flag to true and provide value for staticNodePort
   #   # Else random node port will be assigned by K8
   staticNodePortEnabled: false
   staticHttpNodePort: 30075
   staticHttpsNodePort: 30043 
  
 image:
   # image name
   name: ocingress_gateway
   # tag name of image
   tag: 1.5.0
   # Pull Policy - Possible Values are:- Always, IfNotPresent, Never
   pullPolicy: Always
  
 initContainersImage:
   # inint Containers image name
   name: configurationinit
   # tag name of init Container image
   tag: 0.1.0
   # Pull Policy - Possible Values are:- Always, IfNotPresent, Never
   pullPolicy: Always
    
 updateContainersImage:
   # update Containers image name
   name: configurationupdate
   # tag name of update Container image
   tag: 0.1.0
   # Pull Policy - Possible Values are:- Always, IfNotPresent, Never
   pullPolicy: Always
  
 service:
   ssl:
     tlsVersion: TLSv1.2
      
     privateKey:
       k8SecretName: ocegress-secret
       k8NameSpace: ocegress
       rsa:
         fileName: rsa_private_key_pkcs1.pem
       ecdsa:
         fileName: ssl_ecdsa_private_key.pem
  
     certificate:
       k8SecretName: ocegress-secret
       k8NameSpace: ocegress
       rsa:
         fileName: tmp.cer
       ecdsa:
         fileName: ssl_ecdsa_certificate.crt
  
     caBundle:
       k8SecretName: ocegress-secret
       k8NameSpace: ocegress
       fileName: caroot.cer
  
     keyStorePassword:
       k8SecretName: ocegress-secret
       k8NameSpace: ocegress
       fileName: key.txt
  
     trustStorePassword:
       k8SecretName: ocegress-secret
       k8NameSpace: ocegress
       fileName: trust.txt
  
     initialAlgorithm: RSA256
  
 # Resource details
 resources:
   limits:
     cpu: 3
     memory: 4Gi
   requests:
     cpu: 3
     memory: 4Gi
   target:
     averageCpuUtil: 80
     
 log:
  level: INFO
   
 # label to override name of api-gateway micro-service name
 fullnameOverride: endpoint
  
 # To Initialize SSL related infrastructure in init/update container
 initssl: false
  
 # Cipher suites to be enabled on server side
 ciphersuites:
   - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
   - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
   - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
   - TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
   - TLS_DHE_RSA_WITH_AES_256_CCM
   - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
   - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 
 #OAUTH CONFIGURATION
 oauthValidatorEnabled: false
 nfType: SMF
 nfInstanceId: 6faf1bbc-6e4a-4454-a507-a14ef8e1bc11
 producerScope: nsmf-pdusession,nsmf-event-exposure
 allowedClockSkewSeconds: 0
 nrfPublicKeyKubeSecret: nrfpublickeysecret
 nrfPublicKeyKubeNamespace: ingress
 validationType: strict
 producerPlmnMNC: 123
 producerPlmnMCC: 346
  
 #Server Configuration for http and https support
 #Server side http support
 enableIncomingHttp: true
 #Server side https support
 enableIncomingHttps: false
 #Client side https support
 enableOutgoingHttps: false
 
 maxConnectionsQueuedPerDestination: 5000
 maxConnectionsPerIp: 10
​
  
 #Service Mesh (Istio) to take care of load-balancing
 serviceMeshCheck: false
 # configuring routes
 routesConfig:
 - id: traffic_mapping_http
   uri: http://{{ .Release.Name }}-nudr-drservice:5001
   path: /nudr-dr/**
 - id: traffic_mapping_http_prov
   uri: http://{{ .Release.Name }}-nudr-drservice:5001
   path: /nudr-dr-prov/**
 - id: traffic_mapping_http_mgmt
   uri: http://{{ .Release.Name }}-nudr-drservice:5001
   path: /nudr-dr-mgm/**
 - id: traffic_mapping_http_udsf
   uri: http://{{ .Release.Name }}-nudr-drservice:5001
   path: /nudsf-dr/**
 - id: traffic_mapping_http_group
   uri: http://{{ .Release.Name }}-nudr-drservice:5001
   path: /nudr-group-id-map/**
 - id: traffic_mapping_http_group_prov
   uri: http://{{ .Release.Name }}-nudr-drservice:5001
   path: /nudr-group-id-map-prov/**
Previous
Previous 		Next
Next
Go To Table Of Contents
Contents