4 Customizing CNC Console
This section describes about the CNC Console customization.
The CNC Console deployment is customized by overriding the default values of
various configurable parameters in the
occncc_custom_values_<version>.yaml file.
To customize the custom yaml files, perform the following steps:
- Unzip
Custom_Templatesfile available in the extracted documentation release package. For more information on how to download the package from MOS, see Downloading CNC Console package section.The following files are used to customize the deployment parameters during installation:
- M-CNCC IAM custom values file :
occncc_custom_values_<version>.yaml - CNCC IAM Schema file for rollback to previous version :
occncc_rollback_iam_schema_<version>.sql - CNCC Metric Dashboard file :
occncc_metric_dashboard_<version>.json - CNCC Metric Dashboard file for CNE supporting Prometheus HA (CNE 1.9.x
onwards):
occncc_metric_dashboard_promha_<version>.json - CNCC Alert Rules file:
occncc_alertrules_<version>.yaml - CNCC Alert Rules file for CNE supporting Prometheus HA (CNE 1.9.x onwards):
occncc_metric_dashboard_promha_<version>.json - CNCC MIB files:
occncc_mib_<version>.mib, occncc_mib_tc_<version>.mib
- M-CNCC IAM custom values file :
- Customize the appropriate custom value yaml file
- Save the updated files.
Note:
- All parameters mentioned as mandatory must be present in custom-values.yaml file.
- All fixed value parameters listed must be present in the custom values yaml file with the exact values as specified in this section.
Global Configuration Options
This section includes information about the configuration parameters of the Global Configuration section of CNC Console Core:
Table 4-1 Global Configuration Options
| Parameter | Description | Details |
|---|---|---|
global.dockerRegistry |
This is a mandatory parameter. Here user provides the registry that contains cncc-core images. It comprises of the following: <registry-url>:<registry-port> Example: ocspf-registry.us.oracle.com:5000 |
DataType:String Range:It may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. Default Value: ocspf-registry.us.oracle.com:5000 |
global.clusterDomain |
This is a mandatory parameter. Cluster Domain where cncc-core will be deployed example: cluster.local Note: To check cluster domain use the following command:
|
DataType:String Range:It may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. |
global.serviceAccountName |
This is an optional parameter.
Name of service account. If this field is kept empty then a default service account 'cncc-core-service-account' is created. If any value is provided then a service account has to be created manually. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. |
global.customExtension.allResources.labels |
This is an optional parameter. This can be used to add custom label(s) to all k8s resources that will be created by Ingress Gateway helm chart. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.allResources.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all k8s resources that will be created by Ingress Gateway helm chart. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.nonlbStatefulsets.labels |
This is an optional parameter. This can be used to add custom label(s) to all Statefulsets that will be created by Ingress-Gateway helm chart which are associated to a Service which if of Load Balancer Type. | DataType:String Range:Custom Annotations that needs to be added to Ingress Gateway Deployments that are associated to a Service which is of Load Balancer type |
global.customExtension.nonlbStatefulsets.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all Statefulsets that will be created by Ingress-Gateway helm chart which are associated to a Service which if of Load Balancer Type. | DataType:String Range:Custom Annotations that needs to be added to Ingress Gateway Deployments that are associated to a Service which is of Load Balancer type |
global.customExtension.lbServices.labels |
This is an optional parameter. This can be used to add custom label(s) to all Load Balancer Type Services that will be created by Ingress Gateway helm chart. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.lbServices.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all Load Balancer Type Services that will be created by Ingress Gateway helm chart. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.lbDeployments.labels |
This is an optional parameter. This can be used to add custom label(s) to all Deployments that will be created by Ingress Gateway helm chart which are associated to a Service which if of Load Balancer Type. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.lbDeployments.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all Deployments that will be created by Ingress Gateway helm chart which are associated to a Service which if of Load Balancer Type. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.nonlbServices.labels |
This is an optional parameter. This can be used to add custom label(s) to all non-Load Balancer Type Services that will be created by Ingress Gateway helm chart. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.nonlbServices.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all non-Load Balancer Type Services that will be created by Ingress Gateway helm chart. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.nonlbDeployments.labels |
This can be used to add custom label(s) to all Deployments that will be created by Ingress Gateway helm chart which are associated to a Service which if not of Load Balancer Type. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.customExtension.nonlbDeployments.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all Deployments that will be created by Ingress Gateway helm chart which are associated to a Service which if not of Load Balancer Type. | DataType:String Range:Custom Labels that needs to be added to all the Ingress Gateway kubernetes resources |
global.helmTestServiceAccountName |
This is an optional parameter. For helm test execution preference goes to global.helmTestserviceAccountName first, if this is not available then global.serviceAccountName will be referred. If both of these are missing then default service account will be created and used. | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
global.test.nfName |
This is a mandatory parameter. Name of deployment for which helm test is done |
DataType:String Range:NF Name |
global.test.image.name |
This is a mandatory parameter. Image name for the helm test container image |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
global.test.image.tag |
This is a mandatory parameter. Image version tag for helm test |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
global.test.image.imagePullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
global.test.config.logLevel |
This is a mandatory parameter. Log level for helm test pod |
DataType:String Range:WARN, DEBUG, INFO, etc. |
global.test.config.timeout |
This is a mandatory parameter. Timeout value for the helm test operation. If exceeded helm test will be considered as failure. Unit:seconds |
DataType:String Range: 1-300 |
global.test.resources |
This is a mandatory parameter. which ever kubernetes resource are mentioned, will be logged in helm test. |
DataType:<List[String]>
Range:
It takes resources and its version in the form of <resource_name>/<max_version_supportedbyNF> - horizontalpodautoscalers/v1 - deployments/v1 - configmaps/v1 - prometheusrules/v1 - serviceaccounts/v1 - poddisruptionbudgets/v1 - roles/v1 - statefulsets/v1 - persistentvolumeclaims/v1 - services/v1 - rolebindings/v1 |
global.test.complianceEnable |
This is a mandatory parameter. It will enable or disable helm test resource logging |
DataType:Boolean Range:True or False Default Value: True |
global.validationHook.image.name |
This is a mandatory parameter. Image name for validation hook |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
global.validationHook.image.tag |
This is a mandatory parameter. Image version tag for validation hook |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
global.validationHook.image.imagePullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
global.validationHook.config.logLevel.root |
This is a mandatory parameter. Log level for validation hook pod |
DataType:String Range:WARN, DEBUG, INFO, etc. |
global.ephemeralStorage.requests.containersLogStorage |
This is a mandatory parameter. Set value for Ephemeral Storage Requests |
DataType:Integer Range: It can take values in integer and that values are used in MBs. |
global.ephemeralStorage.requests.containersCriticalStorage |
This is a mandatory parameter. Set value for Ephemeral Storage Requests |
DataType:Integer Range: It can take values in integer and that values are used in MBs. Default Value: |
global.ephemeralStorage.limits.containersLogStorage |
This is a mandatory parameter. Set value for Ephemeral Storage Limits |
DataType:Integer Range: It can take values in integer and that values are used in MBs. |
global.ephemeralStorage.limits.containersCriticalStorage |
Set value for Ephemeral Storage Limits | DataType:Integer Range: It can take values in integer and that values are used in MBs. |
global.hookJobResources.limits.cpu |
This is a mandatory parameter. It limits the number of CPUs to be used by the helm test pod. |
DataType:String Range:Valid floating point value between 0 and 1 |
global.hookJobResources.limits.memory |
This is a mandatory parameter. It limits the number of memory to be used by the helm test pod. |
DataType:Integer Range: Valid Integer value followed by Mi/Gi etc. |
global.hookJobResources.limits.logStorage |
This is a mandatory parameter. It limits the logStorage (ephemeral storage) to be used by the helm test pod. |
DataType:Integer Range: Values will be set by global.ephemeralStorage.limits.containersLogStorage Default Value: |
global.hookJobResources.limits.criticalStorage |
This is a mandatory parameter. It limits the criticalStorage (ephemeral storage) to be used by the helm test pod. |
DataType:Integer Range: Values will be set by global.ephemeralStorage.limits.containersCrititcalStorage |
global.hookJobResources.requests.cpu |
This is a mandatory parameter. The minimum amount of CPUs required |
DataType:String Range:Valid floating point value between 0 and 1 |
global.hookJobResources.requests.memory |
This is a mandatory parameter. The minimum amount of CPUs required |
DataType:Integer Range: Valid Integer value followed by Mi/Gi etc. |
global.hookJobResources.requests.logStorage |
This is a mandatory parameter. The minimum amount of logStorage (ephemeral storage) |
DataType:Integer Range: Values will be set by global.ephemeralStorage.requests.containerLogStorage Default Value: |
global.hookJobResources.requests.criticalStorage |
This is a mandatory parameter. The minimum amount of criticalStorage (ephemeral storage) |
DataType:Integer Range: Values will be set by global.ephemeralStorage.requests.containerCrititcalStorage Default Value: |
global.k8sResource.container.prefix |
This is an optional parameter. This value will be used to prefix to all the container names of Ingress-Gateway | DataType:Integer Range: Value that will be prefixed to all the container names of Ingress-Gateway. Default Value: |
global.k8sResource.container.suffix |
This is an optional parameter. This value will be used to suffix to all the container names of Ingress-Gateway. | DataType:Integer Range: Value that will be prefixed to all the container names of Ingress-Gateway. Default Value: |
global.extraContainers |
This is a mandatory parameter. To enable or disable the debug tools container |
DataType:enum Range: DISABLED, ENABLED Default Value: |
global.extraContainersTpl.command |
This is a mandatory parameter. String array used for container command. |
DataType:List[String]
Range: Example: |
global.extraContainersTpl.image |
This is a mandatory parameter. Docker image name |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
global.extraContainersTpl.imagePullPolicy |
This is a mandatory parameter. Image Pull Policy |
DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
global.extraContainersTpl.name |
This is a mandatory parameter. Name of the container |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
global.extraContainersTpl.resources.limits.ephemeral-storage |
This is a mandatory parameter. The maximum amount of Ephemeral Storage allowed |
DataType:Integer Range: Valid Integer value followed by Mi/Gi etc. Default Value:4Gi |
global.extraContainersTpl.resources.limits.cpu |
The maximum amount of cpu allowed | DataType:String Range:Valid floating point value between 0 and 1 |
global.extraContainersTpl.resources.limits.memory |
This is a mandatory parameter. The maximum amount of memory allowed |
DataType:Integer Range: Valid Integer value followed by Mi/Gi etc. Default Value:2Gi |
global.extraContainersTpl.resources.requests.ephemeral-storage |
This is a mandatory parameter. The minimum amount of Ephemeral Storage required |
DataType:Integer Range: Valid Integer value followed by Mi/Gi etc. Default Value:2Gi |
global.extraContainersTpl.resources.requests.cpu |
This is a mandatory parameter. The minimum amount of cpu limits required |
DataType:String Range:Valid floating point value between 0 and 1 Default Value: |
global.extraContainersTpl.resources.requests.memory |
This is a mandatory parameter. The minimum amount of memory required |
DataType:Integer Range: Valid Integer value followed by Mi/Gi etc. Default Value:1Gi |
global.extraContainersTpl.securityContext.allowPrivilegeEscalation |
This is a mandatory parameter. AllowPrivilegeEscalation controls whether a process can gain more privileges than its parent process. This bool directly controls if the no_new_privs flag will be set on the container process |
DataType:Boolean Range:True or False Default Value: True |
global.extraContainersTpl.securityContext.capabilities.drop |
This is a mandatory parameter. Removed capabilities |
DataType:List[String]
Range: Example: |
global.extraContainersTpl.securityContext.capabilities.add |
This is a mandatory parameter. Added capabilities |
DataType:List[String]
Range: Example: |
global.extraContainersTpl.securityContext.readOnlyRootFilesystem |
This is a mandatory parameter. Whether this container has a read-only root filesystem. Default is false. |
DataType:Boolean Range:True or False Default Value: False |
global.serviceMeshCheck |
This is an optional parameter. This flag needs to set it "true" if Service Mesh would be present where CNCC will be deployed | DataType:Boolean Range:True or False Default Value: False |
global.serviceMeshHttpsEnabled |
This is an optional parameter. If Service Mesh is deployed with TLS/MTLS disabled then set this flag to false | DataType:Boolean Range:True or False Default Value: True |
global.istioSidecarQuitUrl |
This is an optional parameter. This needs to be set with correct url format http://127.0.0.1:<Istio sidecar proxy admin port>/quitquitquit" if Service Mesh would be present where CNCC will be deloyed | DataType:String Range:Valid url |
global.istioSidecarReadyUrl |
This is an optional parameter. This needs to be set with correct url format http://127.0.0.1:<Istio sidecar proxy admin port>/ready" if Service Mesh would be present where CNCC will be deloyed | DataType:String Range:Valid url Default Value: |
global.dbHost |
This is a mandatory parameter. It the hostname for persistence db Example: mysql.default.svc.cluster.local |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
global.dbPort |
This is a mandatory parameter. It is the db port for cncc-core Example: 3306 |
DataType:Integer Range:0-65535. Default Value: |
global.secretName |
It specifies an existing secret to be used for mysql username and password. Example: secretName: &mySqlSecretNameRef cncc-db-secret | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
global.cmServiceHttpPort |
This is a mandatory parameter. It specifies the port number which makes cmservice visible to other services running within the same K8s cluster and the also used by common config client for db creation. |
DataType:Integer Range:0-65535. Default Value: |
global.isMultiClusterDeployment |
This is an optional parameter. This flag indicates single cluster deployment or multi cluster deployment. By default single cluster deployment is configured, flag must be set to true for multi cluster deployment. | DataType:Boolean Range:True or False Default Value: False |
global.cncc-iam.enabled |
This is a mandatory parameter.
This flag indicates manager IAM installation. By default it is set to true for single cluster deployment |
DataType:Boolean Range:True or False Default Value: |
global.mcncc-core.enabled |
This is a mandatory parameter.
This flag indicates manger core installation. By default it is set to true for single cluster deployment Note: Set this flag to false while installing agent core in case of multi cluster deployment |
DataType:Boolean Range:True or False Default Value: True |
global.acncc-core.enabled |
This is a mandatory parameter. This flag indicates agent core installation. By default it is set to true for single cluster deployment Note: Set this flag to false while installing manager core in case of multi cluster deployment |
DataType:Boolean Range:True or False Default Value: True |
global.self.cnccId |
This is a mandatory parameter. It is the ID of deployment in Multi Cluster Multi Instance Cluster |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
global.mCnccIams[] |
This is a mandatory parameter. It is the list of Manager CNCC-IAMsFor further Information Refer CNCConsole 22.2.0 Multi Cluster and Multi Instance Configurations |
DataType:List[String]
Range: Example: |
global.mCnccCores[] |
This is a mandatory parameter. It is the list of Manager CNCC-Cores. For more Information see, CNCConsole Multi Cluster and Multi Instance Configurations. Note: This parameter is not applicable for A-CNCC-Core deployment |
DataType:<List> Range:Default Value: |
global.aCnccs[] |
This is a mandatory parameter. For more Information see, CNCConsole Multi Cluster and Multi Instance Configurations. |
DataType:<List>
Range: Example: Default Value: |
global.instances[] |
This is a mandatory parameter. It is the list of NF Instances and Common Services added on various Agents and Managers. For more Information see, CNCConsole Multi Cluster and Multi Instance Configurations. |
DataType:Integer Range:0-65535. Default Value: 60 |
global.publicHttpSignalingPort |
This is an optional parameter.
It is the port on which Ingress Gateway service is exposed # If httpsEnabled is false, this Port would be HTTP/2.0 Port (unsecured) publicHttpSignalingPort: 80 |
DataType:Integer Range:0-65535. Default Value: |
global.publicHttpsSignallingPort |
This is an optional parameter.
It is the port on which Ingress Gateway service is exposed # If httpsEnabled is true, this Port would be HTTPS/2.0 Port (secured SSL) |
DataType:Integer Range:0-65535. Default Value: |
global.metalLbIpAllocationEnabled |
This is an optional parameter. This field enables or disables IP Address allocation from Metallb Pool | DataType:Boolean Range:True or False Default Value: True |
global.metalLbIpAllocationAnnotation |
It is the address Pool Annotation for Metallb | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: metallb.universe.tf/address-pool: signaling" |
global.staticIpAddressEnabled |
This is an optional parameter. If Static load balancer IP needs to be set, then set staticIpAddressEnabled flag to true and provide value for staticIpAddress else random IP will be assigned by the metalLB from its IP Pool | DataType:Boolean Range:True or False Default Value: False |
global.staticIpAddress |
This is an optional parameter. If Static load balancer IP needs to be set, then set staticIpAddressEnabled flag to true and provide value for staticIpAddress else random IP will be assigned by the metalLB from its IP Pool | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
global.nodeSelector.nodeKey |
This is an optional parameter. global node selector key | DataType:String Range: |
global.nodeSelector.nodeValue |
This is an optional parameter. global node value key | DataType:String Range: |
global.logStorage |
This is a mandatory parameter. Set value for Ephemeral Storage Limits for logStorage |
DataType:Integer Range: It can take values in integer and that values are used in MBs. Default Value: |
global.criticalStorage |
This is a mandatory parameter. Set value for Ephemeral Storage Limits for criticalStorage |
DataType:Integer Range: It can take values in integer and that values are used in MBs. Default Value: |
global.ephemeralStorageLimit |
This is a mandatory parameter. Limits value for Ephemeral Storage. |
DataType:Integer Range: It can take values in integer and that values are used in MBs. Default Value: |
CNC Console IAM Configuration Parameters
This section includes information about the configuration parameters of the CNC Console IAM:
Global Parameters
Table 4-2 Global Parameters
| Parameter | Description | Details |
|---|---|---|
cncc-iam.global.iamServiceHttpPort |
This is a mandatory parameter. This should be same as kc.keycloak.service.httpPort | DataType:Integer Range: 0-65535 Default Value: |
cncc-iam.global.hook.image.name |
This is a mandatory parameter. Image name for the helm hook | DataType:String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: cncc/cncc-iam/hook |
cncc-iam.global.hook.image.tag |
This is a mandatory parameter. Image version tag for helm hook | DataType:String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value:<current version> |
cncc-iam.global.hook.image.imagePullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String
Range:
IfNotPresent, Always, Never Default Value:IfNotPresent |
cncc-iam.global.hook.config.logLevel.root |
This is a mandatory parameter. Root log level for helm hook pod | DataType:String Range:It can take values like: WARN, DEBUG, INFO, etc. Default Value: INFO |
cncc-iam.global.publicHttpSignalingPort |
This is a mandatory parameter.
If https is enabled, this Port would be HTTP/1.0 Port (unsecured) If https is disabled, this Port would be HTTPS/1.0 Port (secured SSL) |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: 8080 |
cncc-iam.global.publicHttpsSignallingPort |
This is a mandatory parameter.
If https is enabled, this Port would be HTTP/1.0 Port (unsecured) If https is disabled, this Port would be HTTPS/1.0 Port (secured SSL) |
DataType:String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: 8443 |
cncc-iam.global.staticIpAddressEnabled |
This is an optional parameter.
If Static load balancer IP needs to be set, then set staticIpAddressEnabled flag to true and provide value for staticIpAddress Else random IP will be assigned by the metalLB from its IP Pool |
DataType:boolean Range: true or false Default Value: false |
cncc-iam.global.staticIpAddress |
This is an optional parameter. It is Static Ip and applicable only when ingress-gateway.cncc-iam.global.staticNodePortEnabled is true. | DataType:String Range: Valid IP address Default Value:10.75.212.60 |
cncc-iam.global.dbName |
This is a mandatory parameter. It is the name of the database used for cncc-iam. User should create DB with the same name as provided here before deploying CNCC-IAM | DataType:String Range:Valid String Default Value: |
cncc-iam.global.httpsEnabled |
This is a mandatory parameter. To enable or disable https support | DataType:Boolean Range:True or False Default Value: False |
cncc-iam.global.enableIncomingHttp |
This is a mandatory parameter. Server Configuration for http and https support | DataType:Boolean Range:True or False Default Value: False |
cncc-iam.global.enableIncomingHttps |
This is a mandatory parameter. Server Configuration for http and https support | DataType:Boolean Range:True or False Default Value: False |
cncc-iam.global.ingressGwCertReloadEnabled |
This is a mandatory parameter. If enabled, then certificates can be updated during run-time without up/restart of the application | DataType:Boolean Range:True or False Default Value: True |
IAM Backend Parameters
Table 4-3 IAM Backend Parameters
| Parameter | Description | Details |
|---|---|---|
cncc-iam.kc.ldaps.enabled |
This is a mandatory parameter.
The flag to enable or disable LDAPS feature. . |
DataType:Boolean Range:True or False Default Value: False |
cncc-iam.kc.ldaps.initContainersImage.name |
This is a mandatory parameter.
Image Name to be used for LDAPS. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value:cncc/apigw-configurationinit |
cncc-iam.kc.ldaps.initContainersImage.tag |
This is a mandatory parameter.
Image version tag for LDAPS. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value:<Current Version> |
cncc-iam.kc.ldaps.initContainersImage.pullPolicy |
This is an optional parameter.
Pull Policy decides from where to pull the image. |
DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
cncc-iam.kc.ldaps.service.customExtension.labels |
This is an optional parameter.
This can be used to add custom label(s) that are specific to service and will be created by cncc-iam helm chart. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value:NA |
cncc-iam.kc.ldaps.service.customExtension.annotations |
This is an optional parameter.
This can be used to add custom label(s) that are specific to service and will be created by cncc-iam helm chart. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value:NA |
cncc-iam.kc.ldaps.service.ssl.tlsVersion |
This is a mandatory parameter.
TLS Version. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: TLSv1.2 |
cncc-iam.kc.ldaps.service.ssl.caBundle.k8SecretName |
This is a mandatory parameter.
Name of the caBundle secret. Example: cncc-iam-kc-root-ca |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc-iam-kc-root-ca |
cncc-iam.kc.ldaps.service.ssl.caBundle.k8NameSpace |
This is a mandatory parameter.
Namespace of caBundle. Example: cncc. |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc |
cncc-iam.kc.ldaps.service.ssl.caBundle.fileName |
This is a mandatory parameter.
rsa caBundle file name. Example: caroot.cer |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:caroot.cer |
cncc-iam.kc.ldaps.service.ssl.trustStorePassword.k8SecretName |
This is a mandatory parameter.
Name of the caBundle secret. Example: cncc-iam-kc-root-ca |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc-iam-kc-root-ca |
cncc-iam.kc.ldaps.service.ssl.trustStorePassword.k8NameSpace |
This is a mandatory parameter.
Namespace of caBundle. Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc |
cncc-iam.kc.ldaps.service.ssl.trustStorePassword.fileName |
This is a mandatory parameter.
rsa caBundle file name. Example: ssl_truststore.txt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:ssl_truststore.txt |
cncc-iam.kc.ldaps.service.ssl.initialAlgorithm |
This is a mandatory parameter.
Name of the initial algorithm. |
DataType:String Range:Default Value:RS256 |
cncc-iam.kc.ldaps.resources.limits.initServiceCpu |
This is a mandatory parameter.
Init Container CPU Limit. |
DataType:String Range:Default Value:1Gi |
cncc-iam.kc.ldaps.resources.limits.initServiceMemory |
This is a mandatory parameter.
Init Container Memory Limit. |
DataType:String Range:Default Value:1Gi |
cncc-iam.kc.ldaps.resources.requests.initServiceCpu |
This is a mandatory parameter.
Init Container CPU Limit. |
DataType:String Range:Default Value:0.5Gi |
cncc-iam.kc.ldaps.resources.requests.initServiceMemory |
This is a mandatory parameter.
Init Container Memory Limit. |
DataType:String Range:Default Value:0.5Gi |
cncc-iam.kc.ldaps.ports.containerPort |
This is a mandatory parameter.
ContainerPort represents a network port in a single container. |
DataType:String Range: 0-65535. Default Value:8086 |
cncc-iam.kc.ldaps.logLevel.initContainer |
This is a mandatory parameter.
Log level for initContainer logs. |
DataType:String Range:WARN, DEBUG, INFO, TRACE Default Value:INFO |
cncc-iam.kc.extraContainers |
This is a mandatory parameter. To enable or disable debug tools container. | DataType:enum Range:DISABLED, ENABLED, USE_GLOBAL_VALUE Default Value: |
cncc-iam.kc.healthcheck.image.name |
This is a mandatory parameter. Image name for the helm healthcheck. | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: cncc/cncc-iam/healthcheck |
cncc-iam.kc.healthcheck.image.tag |
This is a mandatory parameter. Image version tag for helm healthcheck. | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: <Current Version> |
cncc-iam.kc.healthcheck.image.pullpolicy |
This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
cncc-iam.kc.healthcheck.logLevel.root |
This is a mandatory parameter. Root log level for helm healthcheck container. | DataType:String Range:WARN, DEBUG, INFO, etc. Default Value: INFO |
cncc-iam.kc.healthcheck.resources.limits.cpu |
This is a mandatory parameter. It limits the number of CPUs to be used by the helm test container. | DataType:String Range:Valid floating point value between 0 and 1 Default Value: 0.5 |
cncc-iam.kc.healthcheck.resources.limits.memory |
This is a mandatory parameter. It limits the number of memory to be used by the helm test container. | DataType:String Range:Valid Integer value followed by Mi/Gi etc. Default Value: 0.5Gi |
cncc-iam.kc.healthcheck.limits.logStorage |
This is a mandatory parameter. It limits the logStorage (Ephemeral storage) | DataType:Integer Range:Valid Integer value Default Value: |
cncc-iam.kc.healthcheck.limits.criticalStorage |
This is a mandatory parameter. It limits the criticalStorage (Ephemeral storage) | DataType:Integer Range:Valid Integer value Default Value: |
cncc-iam.kc.healthcheck.resources.requests.cpu |
This is a mandatory parameter. The minimum amount of CPUs required. | DataType:String Range:Valid floating point value between 0 and 1 Default Value: 0.3 |
cncc-iam.kc.healthcheck.resources.requests.memory |
This is a mandatory parameter. The minimum amount of memory required. | DataType:String Range:Valid Integer value followed by Mi/Gi etc. Default Value: 0.3Gi |
cncc-iam.kc.healthcheck.limits.logStorage |
This is a mandatory parameter. Minimum memory for logStorage (Ephemeral storage) | DataType:Integer Range:Valid Integer value Default Value: |
cncc-iam.kc.healthcheck.limits.criticalStorage |
This is a mandatory parameter. Minimum memory for criticalStorage (Ephemeral storage) | DataType:Integer Range:Valid Integer value Default Value: |
cncc-iam.kc.service.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) that are specific to service and will be created by cncc-iam helm chart. | DataType:String Range:Default Value: NA |
cncc-iam.kc.service.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotations that are specific to service and will be created by cncc-iam helm chart. | DataType:String Range:Default Value: NA |
cncc-iam.kc.keycloak.image.name |
This is a mandatory parameter. Image Name to be used for cncc-iam micro service. | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: cncc/cncc-iam |
cncc-iam.kc.keycloak.image.tag |
This is a mandatory parameter. Image Tag to be used for cncc-iam micro service. | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: <Current Version> |
cncc-iam.kc.keycloak.image.pullpolicy |
This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
cncc-iam.kc.keycloak.serviceAccount.create |
This is an optional parameter. Flag for creating service account. | DataType:Boolean Range:True or False Default Value: False |
cncc-iam.kc.keycloak.serviceAccount.name |
This is an optional parameter. The name of service account. Applicable only if keycloak.serviceAccount.create is set to 'true'. If keycloak.serviceAccount.name is kept as empty, a default service account with name 'cncc-iam' is created by CNCC, otherwise user has to create the service account and provide its name here. |
DataType:String
Range: values will be set by global.serviceAccountName Default Value: |
cncc-iam.kc.keycloak.username |
This is a mandatory parameter .It is the name of cncc-iam user as given by the user. Example: admin |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Default Value:admin |
cncc-iam.kc.keycloak.existingSecret |
This is a mandatory parameter. It specifies an existing secret name to be used for the admin password. Example: cncc-iam-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: cncc-iam-secret |
cncc-iam.kc.keycloak.existingSecretKey |
This is a mandatory parameter. Applicable only if keycloak.existingSecret is provided. It is the key in the existing secret that stores the password. Example: iamAdminPasswordKey |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: iamAdminPasswordKey |
cncc-iam.kc.keycloak.service.httpPort |
This is an optional parameter. It is the port number which makes cncc-iam service visible to other services running within the same kubernetes cluster. | DataType:String
Range: Values will be set by global.iamServiceHttpPort Default Value: 8285 |
cncc-iam.kc.keycloak.resources.limits.cpu |
This is a mandatory parameter. It limits the number of CPUs to be used by the helm test container. |
DataType:String Range:Valid floating point value between 0 and 1 Default Value: |
cncc-iam.kc.keycloak.resources.limits.memory |
This is a mandatory parameter. It limits the number of memory to be used by the helm test container. |
DataType:String Range:Valid Integer value followed by Mi/Gi etc. Default Value: |
cncc-iam.kc.keycloak.resources.requests.cpu |
This is a mandatory parameter. The minimum amount of CPUs required. |
DataType:String Range:Valid floating point value between 0 and 1. Default Value: |
cncc-iam.kc.keycloak.resources.requests.memory |
This is a mandatory parameter. The minimum amount of memory required. |
DataType:String Range:Valid Integer value followed by Mi/Gi etc. Default Value: |
cncc-iam.kc.keycloak.persistence.dbVendor |
This is a mandatory parameter. It is the database vendor name Example: mysql |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Default Value: mysql |
cncc-iam.kc.keycloak.persistence.dbName |
This is a mandatory parameter. It is the name of the database used for cncc-iam. User should create DB with the same name as provided here before deploying CNCC-IAM Example: cnccdb |
DataType:String
Range: Values will be set by global.dbName Default Value:This values gets read from global variable *mySqlDbRef, no changes needed here. |
cncc-iam.kc.keycloak.persistence.dbHost |
This is a mandatory parameter.
It the hostname for persistence db Example: mysql-sds.default.svc.cluster.local. |
DataType:String
Range: Values will be set by global.dbHost Default Value:This values gets read from global variable *mySqlHostRef, no changes needed here. |
cncc-iam.kc.keycloak.persistence.dbPort |
This is a mandatory parameter. It is the db port for cncc-iam. Example: 3306 |
DataType:Integer
Range: Values will be set by global.dbPort Default Value:This values gets read from global variable *mySqlPortRef, no changes needed here. |
cncc-iam.kc.keycloak.persistence.existingSecret |
This is a mandatory parameter. It specifies an existing secret to be used for mysql username and password Example: cncc-db-secret |
DataType:String
Range: Values will be set by global.secretName Default Value: This values gets read from global variable *mySqlSecretNameRef, no changes needed here. |
cncc-iam.kc.keycloak.persistence.existingSecretPasswordKey |
This is a mandatory parameter. It is the key in the existing secret that stores the password Example: dbPasswordKey |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: dbPasswordKey |
cncc-iam.kc.keycloak.persistence.existingSecretUsernameKey |
This is an optional parameter. It is the key in the existing secret that stores the username Example:
|
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: dbUserNameKey |
cncc-iam.kc.keycloak.nodeselector |
This is an optional parameter. Node selector key specific to chart (note this will be looked first and then if not present global node key will be picked) | DataType:String Range:Default Value: NA |
Ingress Gateway Parameters
Table 4-4 Ingress Gateway Parameters
| Parameter | Description | Details |
|---|---|---|
cncc-iam.ingress-gateway.extraContainers |
This is a mandatory parameter. To enable or disable debug tools container | DataType:enum Range:DISABLED, ENABLED, USE_GLOBAL_VALUE Default Value: USE_GLOBAL_VALUE |
cncc-iam.ingress-gateway.prefix |
This is a mandatory parameter. Metrics Instance Identifier to uniquely identify both Manager CNCC Core and Agent CNCC IAM metrics | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value:'cncc-iam' |
cncc-iam.ingress-gateway.image.name |
This is a mandatory parameter. Image Name to be used for "cncc-iam.ingress-gateway" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: cncc/cncc-apigateway |
cncc-iam.ingress-gateway.image.tag |
This is a mandatory parameter. Image Tag to be used for "cncc-iam.ingress-gateway" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: <Current Version> |
cncc-iam.ingress-gateway.image.pullPolicy |
This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value:IfNotPresent |
cncc-iam.ingress-gateway.initContainersImage.name |
This is a mandatory parameter. Image Name to be used for init container | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: cncc/apigw-configurationinit |
cncc-iam.ingress-gateway.initContainersImage.tag |
This is a mandatory parameter. Image tag to be used for init container | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value:<Current Version> |
cncc-iam.ingress-gateway.initContainersImage.pullPolicy |
This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
cncc-iam.ingress-gateway.updateContainersImage.name |
This is a mandatory parameter. Image Name to be used for update container | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: cncc/apigw-configurationupdate |
cncc-iam.ingress-gateway.updateContainersImage.tag |
This is a mandatory parameter. Image tag to be used for update container | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters. Default Value: <Current Version> |
cncc-iam.ingress-gateway.updateContainersImage.pullPolicy |
This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
cncc-iam.ingress-gateway.service.ssl.tlsVersion |
This is a mandatory parameter. TLS Version | DataType:String Range:Default Value: TLSv1.2 |
cncc-iam.ingress-gateway.service.ssl.privateKey.k8SecretName |
This is a mandatory parameter. Name of the privatekey secret Example: cncc-iam-cncc-iam.ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc-iam-cncc-iam.ingress-secret |
cncc-iam.ingress-gateway.service.ssl.privateKey.k8NameSpace |
This is a mandatory parameter. Namespace of privatekey Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc |
cncc-iam.ingress-gateway.service.ssl.privateKey.rsa.fileName |
This is a mandatory parameter. rsa private key file name Example: rsa_private_key_pkcs1.pem |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: rsa_private_key_pkcs1.pem |
cncc-iam.ingress-gateway.service.ssl.privateKey.ecdsa.fileName |
This is a mandatory parameter. ecdsa private key file name Example: ssl_ecdsa_private_key.pem |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_ecdsa_private_key.pem |
cncc-iam.ingress-gateway.service.ssl.certificate.k8SecretName |
This is a mandatory parameter. Name of the certificate secret Example: cncc-iam-cncc-iam.ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc-iam-cncc-iam.ingress-secret |
cncc-iam.ingress-gateway.service.ssl.certificate.k8NameSpace |
This is a mandatory parameter. Namespace of certificate Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
cncc-iam.ingress-gateway.service.ssl.certificate.rsa.fileName |
This is a mandatory parameter. rsa certificate file name Example: ssl_rsa_certificate.crt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_rsa_certificate.crt |
cncc-iam.ingress-gateway.service.ssl.certificate.ecdsa.fileName |
This is a mandatory parameter. ecdsa certificate file name Example: ssl_ecdsa_certificate.crt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_ecdsa_certificate.crt |
cncc-iam.ingress-gateway.service.ssl.caBundle.k8SecretName |
This is a mandatory parameter. Name of the caBundle secret Example: cncc-iam-cncc-iam.ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ncc-iam-cncc-iam.ingress-secret |
cncc-iam.ingress-gateway.service.ssl.caBundle.k8NameSpace |
This is a mandatory parameter. Namespace of caBundle Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
cncc-iam.ingress-gateway.service.ssl.caBundle.fileName |
This is a mandatory parameter. rsa caBundle file name Example: caroot.cer |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value:caroot.cer |
cncc-iam.ingress-gateway.service.ssl.initialAlgorithm |
This is a mandatory parameter.
This
is initial Algorithm
Example: RSA256 |
DataType:String Range:Default Value: RS256 |
cncc-iam.ingress-gateway.service.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) to cncc-iam.ingress-gateway Service. | DataType:String Range:Custom Labels that needs to be added to cncc-iam.ingress-gateway specific Service. Default Value:{} |
cncc-iam.ingress-gateway.service.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to cncc-iam.ingress-gateway Service. | DataType:String Range:Custom Annotations that needs to be added to cncc-iam.ingress-gateway specific Services. Default Value:{} |
cncc-iam.ingress-gateway.deployment.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) to cncc-iam.ingress-gateway Deployment. | DataType:String Range:Custom Labels that needs to be added to cncc-iam.ingress-gateway specific Deployment. Default Value: {} |
cncc-iam.ingress-gateway.deployment.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to cncc-iam.ingress-gateway Deployment. | DataType:String Range:Custom Annotations that needs to be added to cncc-iam.ingress-gateway specific Deployment. Default Value:{} |
cncc-iam.ingress-gateway.ports.containerPort |
This is a mandatory parameter. ContainerPort represents a network port in a single container | DataType:String Range:0-65535. Default Value:8081 |
cncc-iam.ingress-gateway.ports.containersslPort |
This is a mandatory parameter. This is container ssl port | DataType:String Range:Default Value:8443 |
cncc-iam.ingress-gateway.ports.actuatorPort |
This is a mandatory parameter. This is actuator Port | DataType:String Range:Default Value: 9090 |
cncc-iam.ingress-gateway.log.level.root |
This is a mandatory parameter. It is the level at which user wants to see the logs. E.g. WARN |
DataType:String Range: WARN, DEBUG, INFO, TRACE etc. Default Value: WARN |
cncc-iam.ingress-gateway.log.level.cncc-iam.ingress |
This is a mandatory parameter. Log level for cncc-iam.ingress logs |
DataType:String Range:WARN, DEBUG, INFO, TRACE etc. Default Value: INFO |
cncc-iam.ingress-gateway.log.level.cncc.security |
This is a mandatory parameter. Log level for cncc security logs | DataType:String
Range: WARN, DEBUG, INFO, TRACE etc. Default Value: INFO |
cncc-iam.ingress-gateway.log.level.cncc.root |
This is a mandatory parameter.
Log level for cncc root logs |
DataType:String
Range: WARN, DEBUG, INFO, TRACE etc. Default Value:WARN |
cncc-iam.ingress-gateway.readinessProbe.initialDelaySeconds |
This is a mandatory parameter. It tells the kubelet that it should wait the mentioned seconds before performing the first probe | DataType:String Range:0-65535 Default Value: 30 |
cncc-iam.ingress-gateway.readinessProbe.timeoutSeconds |
This is a mandatory parameter. It is the number of seconds after which the probe times out | DataType:String Range:0-65535 Default Value:3 |
cncc-iam.ingress-gateway.readinessProbe.periodSeconds |
This is a mandatory parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType:String Range: 0-65535 Default Value: 10 |
cncc-iam.ingress-gateway.readinessProbe.successThreshold |
This is a mandatory parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType:String Range:0-65535. Default Value: 1 |
cncc-iam.ingress-gateway.readinessProbe.failureThreshold |
This is a mandatory parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType:String Range:0-65535. Default Value: 3 |
cncc-iam.ingress-gateway.livenessProbe.initialDelaySeconds |
This is a mandatory parameter. It tells the kubelet that it should wait the mentioned seconds before performing the first probe | DataType:String Range:0-65535. Default Value: 30 |
cncc-iam.ingress-gateway.livenessProbe.timeoutSeconds |
This is a mandatory parameter. It is the number of seconds after which the probe times out | DataType:String Range:0-65535. Default Value: 3 |
cncc-iam.ingress-gateway.livenessProbe.periodSeconds |
This is a mandatory parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType:String Range:0-65535. Default Value: 15 |
cncc-iam.ingress-gateway.livenessProbe.successThreshold |
This is a mandatory parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType:String Range:0-65535. Default Value: 1 |
cncc-iam.ingress-gateway.livenessProbe.failureThreshold |
This is a mandatory parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType:String Range:0-65535. Default Value: 3 |
cncc-iam.ingress-gateway.resources.limits.cpu |
This is a mandatory parameter. It limits the number of CPUs to be used by the microservice. | DataType:String Range:Valid floating point value between 0 and 1 Default Value: |
cncc-iam.ingress-gateway.resources.limits.initServiceCpu |
This is a mandatory parameter. Init Container CPU Limit | DataType:String Range:Default Value: 1 |
cncc-iam.ingress-gateway.resources.limits.updateServiceCpu |
This is a mandatory parameter. Update Container CPU Limit | DataType:String Range:Default Value: 1 |
cncc-iam.ingress-gateway.resources.limits.memory |
This is a mandatory parameter. It limits the memory utilization by the "cncc-cmservice" microservice. By default, it is set to '2'. | DataType:String Range:Valid Integer value followed by Mi/Gi etc Default Value: 2Gi |
cncc-iam.ingress-gateway.resources.limits.updateServiceMemory |
This is a mandatory parameter. Update Container Memory Limit | DataType:String Range:Default Value: 1Gi |
cncc-iam.ingress-gateway.resources.limits.initServiceMemory |
This is a mandatory parameter. Init Container Memory Limit | DataType:String Range:Default Value: 1Gi |
cncc-iam.ingress-gateway.resources.requests.cpu |
This is a mandatory parameter. It limits the number of CPUs to be used by the "cncc-cmservice" microservice. By default, it is set to '2'. | DataType:String Range:Valid floating point value between 0 and 1 Default Value: 1 |
cncc-iam.ingress-gateway.resources.requests.initServiceCpu |
This is a mandatory parameter. Init Container CPU Limit | DataType:String Range:Default Value: 1 |
cncc-iam.ingress-gateway.resources.requests.updateServiceCpu |
This is a mandatory parameter. Update Container CPU for requests | DataType:String Range:Default Value: 1 |
cncc-iam.ingress-gateway.resources.requests.memory |
This is a mandatory parameter. It limits the memory utilization by the "cncc-cmservice" microservice. By default, it is set to '2'. | DataType:String Range:Valid Integer value followed by Mi/Gi etc. Default Value: 1Gi |
cncc-iam.ingress-gateway.resources.requests.updateServiceMemory |
This is a mandatory parameter. Update Container Memory for requests | DataType:String Range:Default Value: 1Gi |
cncc-iam.ingress-gateway.resources.requests.initServiceMemory |
This is a mandatory parameter. Init Container Memory for requests | DataType:String Range:Default Value: 1Gi |
cncc-iam.ingress-gateway.resources.target.averageCpuUtil |
This is a mandatory parameter. It gives the average CPU utilization percentage. | DataType:String Range:A value in between 0-100 Default Value:80 |
cncc-iam.ingress-gateway.service.ssl.keyStorePassword.k8SecretName |
This is a mandatory parameter. Name of the keyStorePassword secret Example: cncc-iam-cncc-iam.ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc-iam-cncc-iam.ingress-secret |
cncc-iam.ingress-gateway.service.ssl.keyStorePassword.k8NameSpace |
This is a mandatory parameter. Namespace of keyStorePassword Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
cncc-iam.ingress-gateway.service.ssl.keyStorePassword.fileName |
This is a mandatory parameter. File name that has password for keyStore Example: ssl_keystore.txt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:ssl_keystore.txt |
cncc-iam.ingress-gateway.service.ssl.trustStorePassword.k8SecretName |
This is a mandatory parameter. Name of the trustStorePassword secret Example: cncc-iam-cncc-iam.ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc-iam-cncc-iam.ingress-secret |
cncc-iam.ingress-gateway.service.ssl.trustStorePassword.k8NameSpace |
This is a mandatory parameter. Namespace of trustStorePassword Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc |
cncc-iam.ingress-gateway.service.ssl.trustStorePassword.fileName |
This is a mandatory parameter. File name that has password for trustStore Example: ssl_truststore.txt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: ssl_truststore.txt |
cncc-iam.ingress-gateway.cipherSuites |
This is a mandatory parameter (if cncc-iam.ingressgateway.enableIncomingHttps is true). Allowed CipherSuites for TLS1.2 | DataType:List[String]
Range: TLS_ECDHE_ ECDSA_WIT H_AES_256_ GCM_SHA38 4 TLS_ECDHE_ RSA_WITH_ AES_256_GC M_SHA384 TLS_ECDHE_ RSA_WITH_ CHACHA20_ POLY1305_S HA256 TLS_DHE_RS A_WITH_AE S_256_GCM_ SHA384 TLS_ECDHE_ ECDSA_WIT H_AES_128_ GCM_SHA25 6 TLS_ECDHE_ RSA_WITH_ AES_128_GC M_SHA256 Default Value: |
cncc-iam.ingress-gateway.initssl |
This is a mandatory parameter. To Initialize SSL related infrastructure in init/update container | DataType:String
Range:
Values will be set by global.httpsEnabled Default Value: NA |
cncc-iam.ingress-gateway.enableIncomingHttp |
This is a mandatory parameter. Server Configuration for http and https support. | DataType:String
Range:
Values will be set by global.enableIncomingHttp Default Value: |
cncc-iam.ingress-gateway.enableIncomingHttps |
This is a mandatory parameter. Server Configuration for http and https support. | DataType:String
Range:
Values will be set by global.enableIncomingHttps Default Value: |
cncc-iam.ingress-gateway.needClientAuth |
This is a mandatory parameter.
This must be true if client certificate identity is required in the header x-custom-cncc-iam.ingress-client-identity Note: This parameter will be set to true only in case of ACNCC-CORE deployment |
DataType:Boolean
Range:
Values will be set by global.needClientAuth Default Value: |
cncc-iam.ingress-gateway.cncc-iam.ingressGwCertReloadEnabled |
This is a mandatory parameter.
If enabled, then certificates can be updated during run-time without up/restart of the application |
DataType:Boolean
Range:
True or False
Default Value: Values will be set by global.cncc-iam.ingressGwCertReloadEnabled |
cncc-iam.ingress-gateway.clusterDomain |
This is a mandatory parameter.
Cluster Domain where cncc-iam will be deployed. |
DataType:string
Range:Default Value:
Values will be set by global.clusterDomain |
cncc-iam.ingress-gateway.cncc.securitylogEnabled |
This is a mandatory parameter. This flag is to enable/disable security logs for cncc. | DataType:Boolean Range: True or False Default Value: True |
cncc-iam.ingress-gateway.cncc.iam.port |
This is a mandatory parameter.
This should be same as kc.keycloak.service.httpPort |
DataType:Integer
Range: Values will be set by global.iamServiceHttpPort Default Value: |
M-CNCC Core and A-CNCC Core Configuration Options
This section includes information about the configuration parameters of the A-CNCC Core and M-CNCC Core.
Note:
The following tables are common for mcncc-core and acncc-core section in occncc_custom_values_<version>.yaml file.
The options mentioned in the following tables can be read as mcncc-core.<field Name> or acncc-core.<field Name>.
Example: The global.dbName can be read as mcncc-core.global.dbName or acncc-core.global.dbName.
Global Parameters
This section includes information about the global parameters of the CNC Console Core:
Table 4-5 Global Parameters
| Parameter | Description | Details |
|---|---|---|
global.publicHttpSignalingPort |
This is an optional parameter.
It is the port on which Ingress Gateway service is exposed # If httpsEnabled is false, this Port would be HTTP/2.0 Port (unsecured) publicHttpSignalingPort: 80 |
DataType:Integer Range:0-65535. Default Value:80 |
global.publicHttpsSignallingPort |
This is an optional parameter.
It is the port on which Ingress Gateway service is exposed # If httpsEnabled is true, this Port would be HTTPS/2.0 Port (secured SSL) |
DataType:Integer Range:0-65535. Default Value:443 |
global.metalLbIpAllocationEnabled |
This is an optional parameter. This field enables or disables IP Address allocation from Metallb Pool | DataType:Boolean Range:True or False Default Value: False |
global.staticIpAddress |
This is an optional parameter. If Static load balancer IP needs to be set, then set staticIpAddressEnabled flag to true and provide value for staticIpAddress else random IP will be assigned by the metalLB from its IP Pool | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
global.dbName |
This is a mandatory parameter. It is the name of the database used for M-CNCC OR A-CNCC Core, user should create DB with unique name before deploying M-CNCC OR A-CNCC Core |
DataType:String
Range:Valid string
Default Value:
|
global.httpsEnabled |
This is an optional parameter. To Initialize SSL related infrastructure in init/update container | DataType:Boolean Range:True or False Default Value: False |
global.enableIncomingHttp |
This is an optional parameter. Server Configuration for http and https support. |
DataType:Boolean Range:True or False Default Value: False |
global.enableIncomingHttps |
This is an optional parameter. Server Configuration for http and https support. | DataType:Boolean Range:True or False Default Value: False |
global.needClientAuth |
This must be true if client certificate identity is required in the header x-custom-ingress-client-identity Note: This parameter will be set to true only in case of ACNCC-CORE deployment. |
DataType:Boolean Range:True or False Default Value: False |
global.ingressGwCertReloadEnabled |
This is an optional parameter. If enabled, then certificates can be updated during run-time without up/restart of the application. | DataType:Boolean Range:True or False Default Value: False |
Core Backend Parameters
This section includes information about the core backend parameters of the CNC Console Core.
Table 4-6 Core Backend Parameters
| Attribute Name | Description | Details |
|---|---|---|
cmservice.envLoggingLevelApp |
This is an optional parameter. It is the level at which user wants to see the logs. Example: WARN |
DataType:String Range:WARN, DEBUG, INFO, TRACE Default Value: WARN |
cmservice.image.name |
This is a mandatory parameter. Image Name to be used for "cncc-cmservice" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: cncc/cncc-cmservice |
cmservice.image.tag |
This is a mandatory parameter. Image Tag to be used for "cncc-cmservice" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: <Current Version> |
cmservice.image.pullPolicy |
This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
cmservice.persistence.dbName |
This is an optional parameter.
It is the name of the database used for cncc-core. User should create DB with the same name as provided here before deploying CNCC-Core This values gets read from global variable *mySqlDbRef, no changes needed here Example: cncccommonconfig |
DataType:String Range:Valid String Default Value: |
cmservice.persistence.dbHost |
This is an optional parameter.
It the hostname for persistence db This values gets read from global variable *mySqlHostRef, no changes needed here Example: mysql-sds.default.svc.cluster.local |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Default Value: |
cmservice.persistence.dbPort |
This is an optional parameter.
It is the db port for cncc-core This values gets read from global variable *mySqlPortRef, no changes needed here Example: 3306 |
DataType:Integer Range:0-65535 Default Value: |
cmservice.persistence.existingSecret |
This is an optional parameter.
It specifies an existing secret to be used for mysql username and password This values gets read from global variable *mySqlSecretNameRef, no changes needed here Example: cncc-db-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: |
cmservice.persistence.existingSecretPasswordKey |
This is an optional parameter.
It is the key in the existing secret that stores the password Example: dbPasswordKey |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: dbPasswordKey |
cmservice.persistence.existingSecretUsernameKey |
This is an optional parameter.
It is the key in the existing secret that stores the username Example:
|
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: dbUserNameKey |
cmservice.resources.limits.cpu |
This is an optional parameter. It limits the number of CPUs to be used by the "cncc-cmservice" microservice. By default, it is set to '2'. | DataType:Float Range:Valid floating point value between 0 and 1 Default Value: |
cmservice.resources.limits.memory |
This is an optional parameter. It limits the memory utilization by the "cncc-cmservice" microservice. By default, it is set to '2'. | DataType:String Range:Valid Integer value followed by Mi/Gi Default Value: 2Gi |
cmservice.resources.limits.logStorage |
This is an optional parameter. It limits the logStorage (ephemeral storage) to be used by the helm test pod. | DataType:Integer Range:Values will be set by global.ephemeralStorage.limits.containerLogStorage Default Value: 2Gi |
cmservice.resources.limits.criticalStorage |
This is an optional parameter. It limits the criticalStorage (ephemeral storage) to be used by the helm test pod. | DataType:Integer Range:Values will be set by global.ephemeralStorage.limits.containerCrititcalStorage Default Value: 2Gi |
cmservice.resources.requests.cpu |
This is an optional parameter. It provides a given number of CPUs for the "cncc-cmservice" microservice. | DataType:Float Range:Valid floating point value between 0 and 1 Default Value:1 |
cmservice.resources.requests.memory |
This is an optional parameter. It provides a given amount of memory for the "cncc-cmservice" microservice. By default, it is set to '1. | DataType:String
Range:Valid Integer value followed by Mi/Gi
Default Value: 1 |
cmservice.resources.requests.logStorage |
This is an optional parameter. he minimum amount of logStorage (ephemeral storage) | DataType:Integer Range:Values will be set by global.ephemeralStorage.requests.containerLogStorage |
cmservice.resources.requests.criticalStorage |
This is an optional parameter. The minimum amount of criticalStorage (ephemeral storage) | DataType:Integer Range:Values will be set by global.ephemeralStorage.requests.containerCrititcalStorage |
cmservice.extraContainers |
This is a mandatory parameter. To enable or disable debug tools container | DataType:enum Range: DISABLED, ENABLED, USE_GLOBAL_VALUE Default Value: USE_GLOBAL_VALUE |
cmservice.deployment.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) to all kubernetes resources that will be created by cmservice helm chart. | DataType:String Range:Custom Labels that needs to be added to all the cmservice kubernetes resources |
cmservice.deployment.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all kubernetes resources that will be created by cmservice helm chart. | DataType:String Range:Custom Annotations that needs to be added to all the cmservice kubernetes resources |
cmservice.deployment.envSystemName |
This is a mandatory parameter.
This is the name of product which appears as brand name and can be used to mention site name as well. Example: envSystemName: CNCC |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: |
cmservice.deployment.envNFVersion |
This is a mandatory parameter.
This is the version of product which appears with brand name. Example: envNFVersion: 22.3.0 |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: <Current Version> |
cmservice.deployment.cmWindowName |
This is the name of the window that appears on the browser tab. Example: cmWindowName: CNCC |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: CNCC |
cmservice.deployment.nodeSelectorEnabled |
This is an optional parameter. NodeSelector is the simplest recommended form of node selection constraint. NodeSelector is a field of PodSpec. It specifies a map of key-value pairs. For the pod to be eligible to run on a node, the node must have each of the indicated key-value pairs as labels | DataType:Boolean Range:True or False Default Value:False |
cmservice.deployment.nodeSelectorKey |
This is an optional parameter. Node Selector Key | DataType:Integer Range:Default Value: zone. |
cmservice.deployment.nodeSelectorValue |
This is an optional parameter. Node Selector value | DataType:Integer Range:Default Value: app |
cmservice.deployment.livenessProbe.initialDelaySeconds |
This is an optional parameter. It tells the kubelet that it should wait second before performing the first probe | DataType:Integer Range:0-65535. Default Value: 60 |
cmservice.deployment.livenessProbe.periodSeconds |
This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType:Integer Range:0-65535. Default Value: 3 |
cmservice.deployment.livenessProbe.timeoutSeconds |
This is an optional parameter. It is the number of seconds after which the probe times out | DataType:Integer Range: 0-65535. Default Value: 15 |
cmservice.deployment.livenessProbe.successThreshold |
This is an optional parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType:Integer Range:0-65535. Default Value: 1 |
cmservice.deployment.livenessProbe.failureThreshold |
This is an optional parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType:Integer Range:0-65535. Default Value: 3 |
cmservice.deployment.readinessProbe.initialDelaySeconds |
This is an optional parameter. It tells the kubelet that it should wait second before performing the first probe | DataType:Integer Range: 0-65535. Default Value: 20 |
cmservice.deployment.readinessProbe.timeoutSeconds |
This is an optional parameter. It is the number of seconds after which the probe times out | DataType:Integer Range: 0-65535. Default Value: 3 |
cmservice.deployment.readinessProbe.periodSeconds |
This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType:Integer Range:0-65535. Default Value: 10 |
cmservice.deployment.readinessProbe.successThreshold |
This is an optional parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType:Integer Range:0-65535. Default Value: 1 |
cmservice.deployment.readinessProbe.failureThreshold |
This is an optional parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType:Integer Range: 0-65535. Default Value: 3 |
cmservice.deployment.dependenciesLogging[].name |
This is an optional parameter.
Name of the package that for which log level is to be set. Eg: logging.level.org.springframework |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: |
cmservice.deployment.dependenciesLogging[].value |
This is an optional parameter.
It is the level at which user wants to see the logs. Example: WARN |
DataType:String Range:WARN, DEBUG, INFO, TRACE Default Value: |
cmservice.service.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) to all kubernetes resources that will be created by cmservice helm chart. | DataType:String Range:Custom Labels that needs to be added to all the cmservice kubernetes resources |
cmservice.service.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to all kubernetes resources that will be created by cmservice helm chart. | DataType:String Range:Custom Annotations that needs to be added to all the cmservice kubernetes resources |
cmservice.service.type |
This is an optional parameter. It is used to decide where user wants to expose the service from outside the Kubernetes cluster or not. | DataType:String Range:Default Value: ClusterIP |
cmservice.servicePorts.cmServiceHttp |
This is an optional parameter. It is the port number which makes cmservice visible to other services running within the same kubernetes cluster | DataType:Integer Range:0-65535 |
cmservice.containerPorts.monitoringHttp |
This is an optional parameter. It is the monitoring container port for cm service. | DataType:Integer Range:0-65535 Default Value: |
cmservice.containerPorts.cmServiceHttp |
This is an optional parameter. It is the container port for cm service. | DataType:Integer Range:0-65535 Default Value: |
Ingress Gateway Parameters
This section includes information about the Ingress Gateway parameters of the CNC Console Core.
Table 4-7 Ingress Gateway Parameters
| Attribute Name | Description | Details |
|---|---|---|
ingress-gateway.extraContainers |
This is a mandatory parameter. To enable or disable debug tools container | DataType:enum Range:DISABLED, ENABLED, USE_GLOBAL_VALUE Default Value: USE_GLOBAL_VALUE |
ingress-gateway.prefix |
This is a mandatory parameter. Metrics Instance Identifier to uniquely identify CNCC Core metrics | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: /grafana |
ingress-gateway.image.name |
This is a mandatory parameter. It is the image name of the Ingress Gateway as provided by the user | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc/cncc-apigateway |
ingress-gateway.image.tag |
This is a mandatory parameter. Image Tag to be used for Ingress Gateway. | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: <Current Version> |
ingress-gateway.image.pullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
ingress-gateway.initContainersImage.name |
This is a mandatory parameter. Image Name to be used for "cncc-cmservice" microservice | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc/apigw-configurationinit |
ingress-gateway.initContainersImage.tag |
This is a mandatory parameter. Image Tag to be used for "cncc-cmservice" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: <Current Version> |
ingress-gateway.initContainersImage.pullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value: IfNotPresent |
ingress-gateway.updateContainersImage.name |
This is a mandatory parameter. Image Name to be used for "cncc-cmservice" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc/apigw-configurationupdate |
ingress-gateway.updateContainersImage.tag |
This is a mandatory parameter. Image Tag to be used for "cncc-cmservice" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: <Current Version> |
ingress-gateway.updateContainersImage.pullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always, Never Default Value:IfNotPresent |
ingress-gateway.service.ssl.tlsVersion |
This is an optional parameter. It is the TLS version | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value:TLSv1.2 |
ingress-gateway.service.ssl.privateKey.k8SecretName |
This is an optional parameter. Name of the privatekey secret Example: cncc-core-ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc-core-ingress-secret |
ingress-gateway.service.ssl.privateKey.k8NameSpace |
This is an optional parameter. Namespace of privatekey Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
ingress-gateway.service.ssl.privateKey.rsa.fileName |
This is an optional parameter. rsa private key file name Example: rsa_private_key_pkcs1.pem |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: rsa_private_key_pkcs1.pem |
ingress-gateway.service.ssl.privateKey.ecdsa.fileName |
This is an optional parameter. ecdsa private key file name Example: ssl_ecdsa_private_key.pem |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_ecdsa_private_key.pem |
ingress-gateway.service.ssl.certificate.k8SecretName |
This is an optional parameter. Name of the certificate secret Example: cncc-core-ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value:cncc-core-ingress-secret |
ingress-gateway.service.ssl.certificate.k8NameSpace |
This is an optional parameter. Namespace of certificate Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
ingress-gateway.service.ssl.certificate.rsa.fileName |
This is an optional parameter. rsa certificate file name Example: ssl_rsa_certificate.crt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_rsa_certificate.crt |
ingress-gateway.service.ssl.certificate.ecdsa.fileName |
This is an optional parameter. ecdsa certificate file name Example: ssl_ecdsa_certificate.crt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_ecdsa_certificate.crt |
ingress-gateway.service.ssl.caBundle.k8SecretName |
This is an optional parameter. Name of the caBundle secret Example: cncc-core-ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator Default Value: cncc-core-ingress-secret |
ingress-gateway.service.ssl.caBundle.k8NameSpace |
This is an optional parameter. Namespace of caBundle Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
ingress-gateway.service.ssl.caBundle.fileName |
This is an optional parameter. rsa caBundle file name Example: caroot.cer |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: caroot.cer |
ingress-gateway.service.ssl.keyStorePassword.k8SecretName |
This is an optional parameter. Name of the keyStorePassword secret Example: cncc-core-ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc-core-ingress-secret |
ingress-gateway.service.ssl.keyStorePassword.k8NameSpace |
This is an optional parameter. Namespace of keyStorePassword Example: cncc |
DataType:String Range:VValid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
ingress-gateway.service.ssl.keyStorePassword.fileName |
This is an optional parameter. File name that has password for keyStore Example: ssl_keystore.txt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_keystore.txt |
ingress-gateway.service.ssl.trustStorePassword.k8SecretName |
This is an optional parameter. Name of the trustStorePassword secret Example: cncc-core-ingress-secret |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc-core-ingress-secret |
ingress-gateway.service.ssl.trustStorePassword.k8NameSpace |
This is an optional parameter. Namespace of trustStorePassword Example: cncc |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: cncc |
ingress-gateway.service.ssl.trustStorePassword.fileName |
This is an optional parameter. File name that has password for trustStore Example: ssl_truststore.txt |
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: ssl_truststore.txt |
ingress-gateway.service.ssl.initialAlgorithm |
This is an optional parameter. Default values is RSA256 | DataType:String Range:VValid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A name component may not start or end with a separator. Default Value: RS256 |
ingress-gateway.service.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) to ingress-gateway Service. | DataType:String Range:Custom Labels that needs to be added to ingress gateway specific Service. Default Value: NA |
ingress-gateway.service.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to ingress-gateway Service. | DataType:String Range:VCustom Labels that needs to be added to ingress gateway specific Service. Default Value: NA |
ingress-gateway.deployment.customExtension.labels |
This is an optional parameter. This can be used to add custom label(s) to ingress-gateway Deployment. | DataType:String Range:Custom Labels that needs to be added to ingress gateway specific Service. Default Value: NA |
ingress-gateway.deployment.customExtension.annotations |
This is an optional parameter. This can be used to add custom annotation(s) to ingress-gateway Deployment. | DataType:String Range:Custom Annotations that needs to be added to ingress gateway specific Deployment. Default Value: NA |
ingress-gateway.ports.containerPort |
This is an optional parameter. It is the http port of the container for the ingress-gateway. | DataType:Integer Range:0-65535 Default Value: 8081 |
ingress-gateway.ports.containersslPort |
This is an optional parameter. It is the https port of the container for the ingress-gateway. | DataType:Integer Range:0-65535 Default Value: 8443 |
ingress-gateway.ports.actuatorPort |
This is an optional parameter. It is the actuator port of the container for the ingress-gateway. | DataType:Integer Range:0-65535 Default Value: 9090 |
ingress-gateway.log.level.root |
This is an optional parameter. It is the level at which user wants to see the logs. Example: WARN |
DataType:String Range:WARN, DEBUG, INFO, TRACE etc. Default Value: INFO |
ingress-gateway.log.level.ingress |
This is an optional parameter. Log level for ingress logs | DataType:String Range:WARN, DEBUG, INFO, TRACE etc. Default Value: INFO |
ingress-gateway.log.level.cncc.root |
This is a mandatory parameter.
Log level for cncc root logs |
DataType:String
Range: WARN, DEBUG, INFO, TRACE etc. Default Value:WARN |
ingress-gateway.log.level.cncc.audit |
This is a mandatory parameter.
Log level for cncc audit logs |
DataType:String
Range: WARN, DEBUG, INFO, TRACE etc. Default Value: INFO |
ingress-gateway.log.level.cncc.security |
This is an optional parameter. Log level for cncc security logs | DataType:String Range:WARN, DEBUG, INFO, TRACE etc. Default Value: INFO |
ingress-gateway.readinessProbe.initialDelaySeconds |
This is an optional parameter. It tells the kubelet that it should wait second before performing the first probe | DataType:Integer Range:0-65535. Default Value: 30 |
ingress-gateway.readinessProbe.timeoutSeconds |
This is an optional parameter. It is the number of seconds after which the probe times out |
DataType:Integer Range:0-65535. Default Value: 3 |
ingress-gateway.readinessProbe.periodSeconds |
This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType:Integer Range:0-65535. Default Value: 10 |
ingress-gateway.readinessProbe.successThreshold |
This is an optional parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType:Integer Range:0-65535. Default Value: 1 |
ingress-gateway.readinessProbe.failureThreshold |
This is an optional parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType:Integer Range:0-65535. Default Value: 3 |
ingress-gateway.livenessProbe.initialDelaySeconds |
This is an optional parameter. It tells the kubelet that it should wait second before performing the first probe | DataType:Integer Range:0-65535. Default Value: 30 |
ingress-gateway.livenessProbe.timeoutSeconds |
This is an optional parameter. It is the number of seconds after which the probe times out | DataType:Integer Range:0-65535. Default Value: 3 |
ingress-gateway.livenessProbe.periodSeconds |
This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType:Integer Range:0-65535. Default Value: 15 |
ingress-gateway.livenessProbe.successThreshold |
This is an optional parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType:Integer Range:0-65535. Default Value: 1 |
ingress-gateway.livenessProbe.failureThreshold |
This is an optional parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType:Integer Range:0-65535. Default Value: 3 |
ingress-gateway.resources.limits.cpu |
This is an optional parameter. It limits the number of CPUs to be used by the microservice. | DataType:Float Range:Valid floating point value between 0 and 1 Default Value: |
ingress-gateway.resources.limits.initServiceCpu |
This is an optional parameter. Init Container CPU Limit | DataType:String Default Value:1 |
ingress-gateway.resources.limits.updateServiceCpu |
This is an optional parameter. Update Container CPU Limit | DataType:String Default Value: 1 |
ingress-gateway.resources.limits.commonHooksCpu |
This is an optional parameter. common Hooks Cpu limit | DataType:String Range:Default Value: 1 |
ingress-gateway.resources.limits.memory |
This is an optional parameter. It limits the memory utilization by the microservice. | DataType:String Range:Valid Integer value followed by Mi/Gi etc. Default Value: |
ingress-gateway.resources.limits.updateServiceMemory |
This is an optional parameter. Update Container Memory Limit | DataType:String Default Value: 1Gi |
ingress-gateway.resources.limits.initServiceMemory |
This is an optional parameter. Init Container Memory Limit | DataType:String Range:Default Value: 1Gi |
ingress-gateway.resources.limits.commonHooksMemory |
This is an optional parameter. common Hook Container Memory Limit | DataType:String Default Value: 1Gi |
ingress-gateway.resources.requests.cpu |
This is an optional parameter. It provides a given number of CPUs for the microservice. | DataType:Float Range:Valid floating point value between 0 and 1 Default Value: |
ingress-gateway.resources.requests.initServiceCpu |
This is an optional parameter. Init Container CPU Limit | DataType:String Range:Default Value:0.5 |
ingress-gateway.resources.requests.updateServiceCpu |
This is an optional parameter. Update Container CPU for requests | DataType:String Default Value: 0.5 |
ingress-gateway.resources.requests.commonHooksCpu |
This is an optional parameter. Common Hook Container CPU for requests | DataType:String Default Value: 0.5 |
ingress-gateway.resources.requests.memory |
This is an optional parameter. It provides a given amount of memory for the microservice. | DataType:String Range:Valid Integer value followed by Mi/Gi etc. |
ingress-gateway.resources.requests.updateServiceMemory |
This is an optional parameter. Update Container Memory for requests | DataType:String Default Value: 0.5Gi |
ingress-gateway.resources.requests.initServiceMemory |
This is an optional parameter. Init Container Memory for requests | DataType:String Range:Default Value: 0.5Gi |
ingress-gateway.resources.requests.commonHooksMemory |
This is an optional parameter. Common Hook Container Memory for requests | DataType:String Default Value:0.5Gi |
ingress-gateway.resources.target.averageCpuUtil |
This is an optional parameter. It gives the average CPU utilization percentage. | DataType:String Range:A value in between 0-100 Default Value: |
ingress-gateway.cipherSuites |
Allowed CipherSuites for TLS1.2, if ingressgateway.enableIncomingHttps is true | DataType:List[String]
Range: TLS_ECDHE_ ECDSA_WIT H_AES_256_ GCM_SHA38 4 TLS_ECDHE_ RSA_WITH_ AES_256_GC M_SHA384 TLS_ECDHE_ RSA_WITH_ CHACHA20_ POLY1305_S HA256 TLS_DHE_RS A_WITH_AE S_256_GCM_ SHA384 TLS_ECDHE_ ECDSA_WIT H_AES_128_ GCM_SHA25 6 TLS_ECDHE_ RSA_WITH_ AES_128_GC M_SHA256 Default Value: |
ingress-gateway.initssl |
This is an optional parameter. To Initialize SSL related infrastructure in init/update container | DataType:Boolean
Range:True or False
Default
Value: Values will be set by mcncc-core.global.httpsEnabled acncc-core.global.httpsEnabled |
ingress-gateway.enableIncomingHttp |
This is an optional parameter. Server Configuration for http and https support | DataType:Boolean
Range:True or False
Default
Value: Values will be set by mcncc-core.global.enableIncomingHttp acncc-core.global.enableIncomingHttp q |
ingress-gateway.enableIncomingHttps |
This is an optional parameter. Server Configuration for http and https support | DataType:Boolean
Range:True or False
Default
Value: Values will be set by mcncc-core.global.enableIncomingHttps acncc-core.global.enableIncomingHttps |
ingress-gateway.needClientAuth |
This is an optional parameter.
This must be true if client certificate identity is required in the header x-custom-ingress-client-identity. Note: This parameter will be set to true only in case of ACNCC-Core deployment |
DataType:Boolean
Range:True or False
Default Value:
Values will be set by acncc-core.global.needClientAuth |
ingress-gateway.ingressGwCertReloadEnabled |
This is a mandatory parameter.
If enabled, then certificates can be updated during run-time without up/restart of the application |
DataType:Boolean
Range:True or False
Default
Value: Values will be set by mcncc-core.global.ingressGwCertReloadEnabled acncc-core.global.ingressGwCertReloadEnabled |
ingress-gateway.nodeSelector.nodeKey |
This is an optional parameter. node selector key specific to chart (Note: This will be looked first and then, if not present global node key will be picked) | DataType:String Range:Default Value: |
ingress-gateway.nodeSelector.nodeValue |
This is an optional parameter. node selector value specific to chart (Note: This will be looked first and then, if not present global node value will be picked) | DataType:String Range:Default Value: |
ingress-gateway.commonCfgClient.enabled |
This is an optional parameter. If set to true Common Config Client would create tables in cncccommonconfig | DataType:Boolean Range:True or False Default Value:True |
ingress-gateway.commonCfgServer.port |
This is an optional parameter. It specifies the port number which makes cmservice visible to other services running within the same K8s cluster and the also used by common config client for db creation. | DataType:Integer
Default Value:
Values will be set by global.cmServiceHttpPort |
ingress-gateway.dbConfig.dbHost |
This is an optional parameter.
It the hostname for persistence db Example: mysql.default.svc.cluster.local |
DataType:String
Range:Valid String
Default Value:
Values will be set by global.dbHost |
ingress-gateway.dbConfig.dbPort |
This is an optional parameter.
It is the db port for cncc-core Example: 3306 |
DataType:Integer
Range:0-65535.
Default Value:
Values will be set by global.dbPort |
ingress-gateway.dbConfig.secretName |
This is an optional parameter. It specifies an existing secret to be used for mysql username and password Example: secretName: &mySqlSecretNameRef cncc-db-secret |
DataType:String
Range:Valid String
Default Value:
Values will be set by global.secretName |
ingress-gateway.dbConfig.dbName |
This is an optional parameter.
|
DataType:String
Range:Valid String
Default Value:
Values will be set by mcncc-core.global.dbName in case of mcncc-core acncc-core.global.dbName in case of acncc-core |
ingress-gateway.dbConfig.dbUNameLiteral |
This is an optional parameter. It is the key in the existing secret that stores the password Example:
|
DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: NA |
ingress-gateway.dbConfig.dbPwdLiteral |
This is an optional parameter. It is the key in the existing secret that stores the username Example:
|
DataType:String Range:VValid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. It may not start with a period or a dash and may contain a maximum of 128 characters Default Value: NA |
ingress-gateway.dbHookImage.name |
This is an optional parameter. Image Name to be used for "ingress-gateway db hook" micro service | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 charactersDefault Value: cncc/apigw-common-config-hook |
ingress-gateway.dbHookImage.tag |
This is an optional parameter. Image Tag to be used for "ingress-gateway db hook" | DataType:String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: <Current Version> |
ingress-gateway.dbHookImage.pullPolicy |
This is an optional parameter. Pull Policy decides from where to pull the image. | DataType:String Range:IfNotPresent, Always,Never Default Value:IfNotPresent |
ingress-gateway.cncc.securitylogEnabled |
This is an optional parameter. This flag is to enable and disable security logs for cncc. | DataType:Boolean Range:True or False Default Value:True |
ingress-gateway.cncc.core.sessionTimeout |
This is a mandatory parameter. It takes the timeout value for CNCC Session in seconds. Default: 1800 Minimum: 300 Maximum: 7200 |
DataType:Integer Range:0-65535 Default Value:1800 |
CNCC Instances Configurations
This section explains about the CNCC instances configurations.
Note:
- Instance id must be globally unique as it will be used for routing, recommendation for id name <owner>-<instance name>
- Type values are case sensitive, supported type values are POLICY, NRF, SCP, NSSF, SEPP,UDR-PROV, UDR-CONFIG, BSF, CS
- apiPrefix is must for type CS (OCCNE Common Services)
- Supported common services are grafana, kibana, jaeger, prometheus, alertmanager
CNC Console Supported OCCNE Common Services with expected apiPrefix format
Table 4-8 CNC Console Supported OCCNE Common Services with expected apiPrefix format
| Common Service | apiPrefix format | Example |
|---|---|---|
| Grafana | /$OCCNE_CLUSTER/grafana | /mycne-cluster/grafana |
| Kibana | /$OCCNE_CLUSTER/kibana | /mycne-cluster/kibana |
| Jaeger | /$OCCNE_CLUSTER/jaeger | /mycne-cluster/jaeger |
| Prometheus | /$OCCNE_CLUSTER/prometheus | /mycne-cluster/prometheus |
| Alertmanager | /$OCCNE_CLUSTER/alertmanager | /mycne-cluster/alertmanager |
CNC Console supports common services only if its api prefix is globally unique like defined in above table.
For the CNCC Core Instances Configuration examples of all supported NFs, see CNC Console Instances Configuration ExamplesCNC Console Instances Configuration Examples in appendix.
CNC Console Instances Configuration Options
This section describes the parameters that are configured in the CNCC Instances configuration section in custom values.yaml file.
| Attribute Name | SubType | Description | Details |
|---|---|---|---|
| global.self.cnccId | NA | This is a mandatory parameter.
ID to uniquely identify the deployment. Its also called as owner or site name. Ex: cnccId: Clsuter1 |
DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 40 characters |
| global.mCnccIams.[] | id | This is a mandatory parameter. ID to uniquely identify the M-CNCC IAM | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 40 characters |
| fqdn | This is a mandatory parameter (if ip is not provided). M-CNCC IAM URI FQDN | DataType: String | |
| ip | This is a mandatory parameter (if ip is not provided). M-CNCC IAM URI IP | DataType: String | |
| port | This is an optional parameter. M-CNCC IAM URI port | DataType: String
Range:
It can take value in the range: 0-65535 Default value is 80 |
|
| scheme | This is an optional parameter. M-CNCC IAM URI scheme | DataType: String
Range:
It can take either http or https value. By default, it is http. |
|
| global.mCnccCores.[] | id | This is a mandatory parameter (for M-CNCC Deployment). ID to uniquely identify the M-CNCC Core., usually its value will be same as global.mCnccIams.id value. | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 40 characters |
| fqdn | This is a mandatory parameter (if ip is not provided). M-CNCC Core URI FQDN | DataType: String | |
| ip | This is a mandatory parameter (if fqdn is not provided). M-CNCC Core URI IP | DataType: String | |
| port | This is an optional parameter. M-CNCC Core URI Port | DataType: String
Range:
It can take value in the range: 0-65535 Default value is 80 |
|
| scheme | This is an optional parameter. M-CNCC Core URI scheme | DataType: String
Range:
It can take either http or https value. By default, it is http. |
|
| role | This is an optional parameter. It is an option to override M-CNCC site role. By default role value will be set as id value. | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 40 characters | |
| global.aCnccs.[] | id | This is a mandatory parameter. ID to uniquely identify the A-CNCC | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 40 characters |
| fqdn | This is a mandatory parameter (if ip is not provided). A-CNCC URI FQDN | DataType: String | |
| ip | This is a mandatory parameter (if fqdn is not provided). A-CNCC URI IP | DataType: String | |
| port | This is an optional parameter. A-CNCC URI Port | DataType: String
Range:
It can take value in the range: 0-65535 Default value is 80 |
|
| scheme | This is an optional parameter. A-CNCC URI scheme | DataType: String
Range:
It can take either http or https value. By default, it is http. |
|
| role | This is an optional parameter. It is an option to override A-CNCC site role. By default role value will be set as id value. | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 40 characters | |
| global.instances.[] | id | This is a mandatory parameter. ID to uniquely identify the NF Instance or OC-CNE Common Service Instance. | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. Id may not start with a period or a dash and may contain a maximum of 80 characters |
| type | This is a mandatory parameter. Type values are case sensitive, supported type values are BSF, NRF, NSSF, POLICY, SCP, SEPP, UDR-CONFIG, UDR-PROV, CS. | DataType: String Range:It can take one of these values: BSF, NRF, NSSF, POLICY, SCP, SEPP, UDR-CONFIG, UDR-PROV, CS. | |
| fqdn | This is a mandatory parameter (if ip is not provided). FQDN of NF Instance or OC-CNE Common Service Instance | DataType: String | |
| ip | This is a mandatory parameter (if fqdn is not provided). IP of NF Instance or OCCNE Common Service Instance | DataType: String | |
| port | This is an optional parameter. Port of NF Instance or OCCNE Common Service Instance | DataType: String
Range:
It can take value in the range: 0-65535 Default value is 80 |
|
| scheme | This is an optional parameter. Scheme of NF Instance or OC-CNE Common Service Instance | DataType: String
Range:
It can take either http or https value. By default, it is http. |
|
| owner | This is a mandatory parameter. Owner of NF Instance or OC-CNE Common Service Instance. | DataType: String Range: It takes the name of deployment that owns the Instance | |
| apiPrefix | This is an optional parameter.
ApiPrefix used for routing OCCNE Common Service instance and used for routing OCCNE Common Service instance. Note: ApiPrefix is not required in case of NF instances Example : /<Cluster Prefix>/grafana |
DataType: String |