3 Customizing OCCM
This chapter provides information about customizing OCCM deployment in a cloud native environment.
The OCCM deployment is customized by overriding the default values of
various configurable parameters in the
occm_custom_values_<version>.yaml file.
Perform the following steps to customize the custom yaml files :
- Use the custom values and templates delivered as part of the package. For more information on how to download the package from MOS, see Downloading the OCCM Package section.
- Customize the appropriate custom value file.
- Save the updated files.
Note:
- All parameters mentioned as mandatory must be present in custom-values.yaml file.
- All fixed value parameters listed must be present in the custom values yaml file with the exact values as specified in this section.
- For installing OCCM in an existing NF deployment, see the 'Introducing OCCM in an Existing NF Deployment' section in the Oracle Communications Cloud Native Core, Certificate Management User Guide.
3.1 Configuration Options
Table 3-1 Configuration Options
| Parameter | Description | Details |
|---|---|---|
| global.dockerRegistry |
This is a mandatory parameter. Here user provides the registry that contains OCCM images. It comprises of the following: <registry-url> |
DataType: String Range: It may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. Default Value:cgbu-occm-dev-docker.dockerhub-iad.oci.oraclecorp.com |
| global.serviceAccountName | This is an optional parameter.
Name of service account. If this field is kept empty then a default service account with release name will be auto created. If any value is provided then a custom service account has to be created manually before deployment. |
DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters. |
| global.occmAccessedNamespaces |
This is an optional field. In case of OCCM multiple namespace support namespaces to be listed here for automatic service account creation. |
DataType: <List[String]> Default Value: NA Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
| global.customExtension |
This is an optional field. custom extension to include custom labels and annotation |
DataType: String Default Value: NA Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
| global.customExtension.allResources.labels | This is an optional parameter. This can be used to add custom label(s) to all k8s resources that will be created by OCCM helm chart. | DataType: String Range: Custom Labels that need to be added to all the OCCM kubernetes resources |
| global.customExtension.allResources.annotations | This is an optional parameter. This can be used to add custom annotation(s) to all k8s resources that will be created by OCCM helm chart. | DataType: String Range: Custom Annotations that need to be added to all the OCCM k8s resources |
| global.customExtension.nonlbServices.labels | This is an optional parameter. This can be used to add custom label(s) to all non-Load Balancer Type Services that will be created by OCCM helm chart. | DataType: String Range: Custom Labels that need to be added to OCCM that are considered as not Load Balancer type |
| global.customExtension.nonlbServices.annotations | This is an optional parameter. This can be used to add custom annotation(s) to all non-Load Balancer Type Services that will be created by OCCM helm chart. | DataType: String Range: Custom Annotations that needs to be added to OCCM that are considered as not Load Balancer type |
| global.customExtension.nonlbDeployments.labels | This is an optional parameter. This can be used to add custom label(s) to all Deployments that will be created by OCCM helm chart which are associated to a Service which if not of Load Balancer Type. | DataType: String Range: Custom Labels that need to be added to OCCM Deployments that are associated to a Service which is not of Load Balancer type |
| global.customExtension.nonlbDeployments.annotations | This is an optional parameter.
This can
be used to add custom annotation(s) to all Deployments that will be
created by OCCM helm chart which are associated to a Service which if
not of Load Balancer Type.
Example:
oracle.com/cnc: "true"` oracle.com.cnc/egress-network: oam |
DataType: String Range: Custom Annotations that need to be added to OCCM Deployments that are associated to a Service which is not of Load Balancer type |
| global.ephemeralStorage.limits.containersLogStorage | This is a mandatory parameter. Set value for Ephemeral Storage Limits | DataType: Integer
Range:
It can take values in integer that is further used in MBs Default Value: 1000 |
| global.ephemeralStorage.limits.containersCriticalStorage | This is a mandatory parameter. Set value for Ephemeral Storage Limits | DataType: Integer
Range:
It can take values in integer that is further used in MBs Default Value: 2 |
| global.ephemeralStorage.requests.containersLogStorage | This is a mandatory parameter. Set value for Ephemeral Storage Requests | DataType: Integer
Range:
It can take values in integer that is further used in MBs Default Value: 50 |
| global.ephemeralStorage.requests.containersCriticalStorage | This is a mandatory parameter. Set value for Ephemeral Storage Requests | DataType: Integer
Range:
It can take values in integer that is further used in MBs Default Value: 2 |
| global.hookJobResources.limit.cpu | This is an optional parameter.
It limits the number of CPUs to be used by the helm test pod. |
DataType: Integer
Range:
Valid Integer value allowed. Default Value: 0.5 |
| global.hookJobResources.limit.memory | This is an optional parameter. It limits the memory to be used by the helm test pod. | DataType: Integer
Range:
Valid Integer value followed by Mi/Gi etc. Default Value: 0.5Gi |
| global.hookJobResources.limit.logStorage | This is an optional parameter. It limits the logStorage (ephemeral storage) to be used by the helm test pod. | DataType: Integer
Range:
Values will be set by global.ephemeralStorage.requests.containerLogStorage Default Value: 50Mi |
| global.hookJobResources.limit.criticlStorage | This is an optional parameter. It limits the criticlStorage (ephemeral storage) to be used by the helm test pod. | DataType: Integer
Range:
Values will be set by global.ephemeralStorage.limits.containersCrititcalStorage Default Value: 2 |
| global.hookJobResources.request.cpu | This is an optional parameter. It requests the number of CPUs to be used by the helm test pod. | DataType: Integer
Range:
Valid Integer value allowed.
Default Value: 0.5 |
| global.hookJobResources.request.memory | This is an optional parameter. It requests the memory to be used by the helm test pod. | DataType: Integer
Range:
Valid Integer value followed by Mi/Gi etc.
Default Value: 0.5Gi |
| global.hookJobResources.request.logStorage | This is an optional parameter. It requests the logStorage (ephemeral storage) to be used by the helm test pod. | DataType: Integer
Range:
Values will be set by
global.ephemeralStorage.requests.containerLogStorage
Default Value: 50Mi |
| global.hookJobResources.request.criticlStorage | This is an optional parameter. It requests the criticlStorage (ephemeral storage) to be used by the helm test pod. | DataType: Integer
Range:
Values will be set by
global.ephemeralStorage.limits.containersCrititcalStorage
Default Value: 2 |
| global.k8sResource.container.prefix | This is an optional parameter. This value will be used to prefix to all the container names of OCCM. | DataType: String Range: Value that will be prefixed to all the container names of Ingress Gateway. |
| global.k8sResource.container.suffix | This is an optional parameter. This value will be used to suffix to all the container names of OCCM. | DataType: String Range: Value that will be suffixed to all the container names of Ingress Gateway. |
| global.helmTestServiceAccountName | This is an optional parameter. For helm test execution preference goes to global.helmTestServiceAccountName first, if this is not available then global.serviceAccountName will be referred. If both of these are missing then default service account will be created and used. | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
| global.test.nfName | This is a mandatory parameter. Name of deployment for which helm test is done | DataType: String
Range: NF
Name
Default Value: OCCM |
| global.test.image.name | This is a mandatory parameter. Image name for the helm test container image | DataType: String
Range:
Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters Default Value: OCCM |
| global.test.image.tag | This is a mandatory parameter. Image version tag for helm test. | DataType: String Range: Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. An image name may not start with a period or a dash and may contain a maximum of 128 characters |
| global.test.image.imagePullPolicy | This is an optional parameter. Pull Policy decides from where to pull the image. | DataType: String
Range: It can take a value from the following: IfNotPresent, Always, Never IfNotPresent is the default pullPolicy |
| global.test.config.logLevel | This is a mandatory parameter. Pull Policy decides from where to pull the image. | DataType: String
Range:
WARN, DEBUG, INFO, etc.
Default Value: Info |
| global.test.config.timeout | This is a mandatory parameter. Timeout value for the helm test operation. If exceeded helm test will be considered as failure | DataType: String
Range:
1-300 seconds
Default Value: 240 |
| global.test.resources | This is a mandatory parameter. which ever kubernetes resource are mentioned, will be logged in helm test. | DataType:(List) String
Range:
t takes resources and its version in the form of <resource_name>/<max_version_supportedbyNF> - horizontalpodautoscalers/v1 - deployments/v1 - serviceaccounts/v1 - roles/v1 - services/v1 - rolebindings/v1 |
| global.test.complianceEnable | This is a mandatory parameter. It will enable or disable helm test resource logging | DataType: Boolean
Range:
True or False
Default Value: True |
| global.extraContainers | This is a mandatory parameter. To enable or disable the debug tools container. | DataType: enum
Range:DISABLED, ENABLED
Default Value: DISABLED |
| global.debugToolContainerMemoryLimit | This is a mandatory parameter. Debug tool container memory limit | DataType: String
Range:
Valid Integer value followed by Mi/Gi etc.
Default Value: debug-tools-dir |
| global.extraContainersVolumesTpl | This is a mandatory parameter. Debug tool extra container volume details | DataType: String
Range: It
may contain lowercase letters, digits, and separators. A separator is
defined as a period, one or two underscores, or one or more dashes.
Default Value: 4Gi |
| global.extraContainersTpl | This is a mandatory parameter. Debug tool extra container command details | DataType: String Range: It may contain lowercase letters, digits, and separators. A separator is defined as a period, one or two underscores, or one or more dashes. |
| image.tag | This is a mandatory parameter. Image Tag to be used for OCCM | DataType: enum
Range:Valid
ASCII and may contain lowercase and uppercase letters, digits,
underscores, periods and dashes. A tag name may not start with a period
or a dash and may contain a maximum of 128 characters
Default Value: DISABLED |
| image.name | This is a mandatory parameter. It is the image name of the OCCM | DataType: String Range:Valid ASCII and may contain lowercase and uppercase letters, digits, underscores, periods and dashes. A tag name may not start with a period or a dash and may contain a maximum of 128 characters |
| image.pullPolicy | This is an optional parameter. Pull Policy decides from where to pull the image. | DataType: String
Range: It can take a value from the following: IfNotPresent, Always, Never IfNotPresent is the default pullPolicy |
| ports.containerPort | This is a mandatory parameter. It is the http port of the container for the OCCM | DataType: Integer
Range:
0-65535.
Default value: 8989 |
| ports.actuatorPort | This is a mandatory parameter. It is the actuator port of the container for the OCCM. | DataType: Integer
Range:0-65535
Default value: 9000 |
| ports.servicePort | This is a mandatory parameter. It is the service port of the container for the OCCM. | DataType: Integer
Range:0-65535
Default value: 8989 |
| deployment.livenessProbe.initialDelaySeconds | This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType: Integer
Range:0-65535
Default value: 60 |
| deployment.livenessProbe.periodSeconds | This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType: Integer
Range:0-65535
Default value: 3 |
| deployment.livenessProbe.timeoutSeconds | This is an optional parameter. It is the number of seconds after which the probe times out | DataType: Integer
Range:0-65535
Default value: 15 |
| deployment.livenessProbe.successThreshold | This is an optional parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType: Integer
Range:0-65535
Default value: 1 |
| deployment.livenessProbe.failureThreshold | This is an optional parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType: Integer
Range:0-65535
Default value: 3 |
| deployment.readinessProbe.initialDelaySeconds | This is an optional parameter. It tells the kubelet that it should wait second before performing the first probe | DataType: Integer
Range:0-65535
Default value: 20 |
| deployment.readinessProbe.timeoutSeconds | This is an optional parameter. It is the number of seconds after which the probe times out | DataType: Integer
Range:0-65535
Default value: 3 |
| deployment.readinessProbe.periodSeconds | This is an optional parameter. It specifies that the kubelet should perform a liveness probe every xx seconds | DataType: Integer
Range:0-65535
Default value: 10 |
| deployment.readinessProbe.successThreshold | This is an optional parameter. Minimum consecutive successes for the probe to be considered successful after having failed | DataType: Integer
Range:0-65535
Default value: 1 |
| deployment.readinessProbe.failureThreshold | This is an optional parameter. When a Pod starts and the probe fails, Kubernetes will try failureThreshold times before giving up | DataType: Integer
Range:0-65535
Default value: 3 |
| resources.limits.cpu | This is an optional parameter.
It limits the number of CPUs to be used by the OCCM. |
DataType: Float Range:Valid floating point
value between 0 and 1
Default Value: 2 |
| resources.limits.memory | This is an optional parameter. It limits the memory utilization by the microservice. | DataType: String
Range:Valid Integer value followed by Mi/Gi etc.
Default value: 2Gi |
| resources.limits.logStorage | This is a mandatory parameter.
It limits the logStorage (ephemeral storage) to be used by the helm test pod. |
DataType: Integer
Range:Values will be set by
global.ephemeralStorage.limits.containersLogStorage
Default value: 1000 |
| resources.limits.criticalStorage | This is a mandatory parameter. It limits the criticalStorage (ephemeral storage) to be used by the helm test pod. | DataType: Integer
Range:Values will be set by
global.ephemeralStorage.limits.containersCrititcalStorage
Default value: 2 |
| resources.requests.cpu | This is a mandatory parameter. The minimum amount of CPUs required | DataType: String
Range:Valid floating point value between 0 and 1
Default value: 1 |
| resources.requests.memory | This is a mandatory parameter. The minimum amount of memory required | DataType: String
Range:
Valid Integer value followed by Mi/Gi etc.
Default value: 1Gi |
| resources.requests.logStorage | This is a mandatory parameter. The minimum amount of logStorage (ephemeral storage) | DataType: Integer
Range:Values will be set by
global.ephemeralStorage.requests.containerLogStorage
Default value: 50 |
| resources.requests.criticalStorage | This is a mandatory parameter. The minimum amount of criticalStorage (ephemeral storage) | DataType: Integer
Range:Values will be set by
global.ephemeralStorage.requests.containerCrititcalStorage
Default value: 2 |
| log.level.occm | This is a mandatory parameter.
It is the level at which user wants to see the logs. |
DataType: String
Range:
WARN, DEBUG, INFO, TRACE etc.
Default value: INFO |
| occmConfig.cmp.config.useKurOldCertMode | This field when set true specifies that OCCM key and cert will be used to sign the CMP request message. When set to false, old certificate is used as the signer cert. |
DataType: boolean Default Value: false Range:Either true or false |
| occmConfig.cmp.config.extractCertChainFromCmpResponse | This field when set true specifies that certficate chain will be extracted from CA's CMP response message. In case, the CA doesn't send the chain, operator has the flexibility to manually configure it after setting the field to false. |
DataType: boolean Default Value: true Range:Either true or false |