forked from AMRC-FactoryPlus/amrc-connectivity-stack
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvalues.yaml
246 lines (231 loc) · 6.37 KB
/
values.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
acs:
# -- The organisation where ACS is being deployed
organisation: AMRC
# -- The base URL that services will be served from
baseUrl: localhost
# -- Whether or not services should be served over HTTPS
secure: true
# -- The name of the secret holding the wildcard certificate for the above domain.
tlsSecretName: factoryplus-tls
identity:
# -- The Kerberos realm for this Factory+ deployment.
realm: LOCALHOST
identity:
image:
# -- The registry of the Identity component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Identity component
repository: acs-identity
# -- The tag of the Identity component
tag: latest
# @ignore
pullPolicy: IfNotPresent
krbKeysOperator:
image:
# -- The registry of the KerberosKey Operator
registry: ghcr.io/amrc-factoryplus
# -- The repository of the KerberosKey Operator
repository: acs-krb-keys-operator
# -- The tag of the KerberosKey Operator
tag: latest
# @ignore
pullPolicy: IfNotPresent
auth:
image:
# -- The registry of the Authorisation component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Authorisation component
repository: acs-auth
# -- The tag of the Authorisation component
tag: latest
# @ignore
pullPolicy: IfNotPresent
directory:
image:
# -- The registry of the Directory component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Directory component
repository: acs-directory
# -- The tag of the Directory component
tag: latest
# @ignore
pullPolicy: IfNotPresent
configdb:
image:
# -- The registry of the Configuration Store component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Configuration Store component
repository: acs-configdb
# -- The tag of the Configuration Store component
tag: latest
# @ignore
pullPolicy: IfNotPresent
mqtt:
image:
# -- The registry of the MQTT component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the MQTT component
repository: acs-mqtt
# -- The tag of the MQTT component
tag: latest
# @ignore
pullPolicy: IfNotPresent
manager:
image:
# -- The registry of the Manager component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Manager component
repository: acs-manager
# -- The tag of the Manager component
tag: latest
# @ignore
pullPolicy: IfNotPresent
edge:
# -- The registry of the Edge Agent component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Edge Agent component
repository: acs-edge
# -- The tag of the Edge Agent component
tag: latest
meilisearch:
# -- The key that the manager uses to connect to the Meilisearch search engine
key: masterKey
# -- A string used to customise the branding of the manager
name: Factory+ Manager
# -- The environment that the manager is running in
env: production
# -- Whether debug mode is enabled. DO NOT USE THIS IN PRODUCTION.
debug: false
# -- The minimum log level that the manager will log messages at
logLevel: warning
cmdesc:
image:
# -- The registry of the Commands component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Commands component
repository: acs-cmdesc
# -- The tag of the Commands component
tag: latest
# @ignore
pullPolicy: IfNotPresent
# -- Possible values are either 1 to enable all possible debugging, or a comma-separated list of debug tags (the tags printed before the log lines). No logging is specified as an empty string.
verbosity: 1
warehouse:
ingester:
image:
# -- The registry of the Commands component
registry: ghcr.io/amrc-factoryplus
# -- The repository of the Commands component
repository: influxdb-sparkplug-ingester
# -- The tag of the Commands component
tag: latest
# @ignore
pullPolicy: IfNotPresent
minio:
# -- Whether or not to expose the MinIO console outside of the cluster
exposeConsole: false
# @ignore
traefik:
ports:
web:
port: 80
expose: true
exposedPort: 80
protocol: TCP
websecure:
port: 443
expose: true
exposedPort: 443
protocol: TCP
mqtt:
port: 1883
expose: true
exposedPort: 1883
protocol: TCP
mqttsecure:
port: 8883
expose: true
exposedPort: 8883
protocol: TCP
kdc:
port: 8888
expose: true
exposedPort: 88
protocol: TCP
kpasswd:
port: 8464
expose: true
exposedPort: 464
protocol: TCP
kadmin:
port: 8749
expose: true
exposedPort: 749
protocol: TCP
additionalArguments:
- --metrics.prometheus=true
- --entryPoints.mqtt.address=:1883
- --entryPoints.mqttsecure.address=:8883
ingressRoute:
dashboard:
enabled: false
# -- [AZURE] Enable the below section to expose your instance of Factory+/ACS over the internet, replacing the <Value>
# -- tags with the details of your pre-configured load balancer.
#service:
# spec:
# loadBalancerIP: <External IP address here>
# annotations:
# service.beta.kubernetes.io/azure-load-balancer-resource-group: <Load Balancer Resource Group here>
providers:
kubernetesCRD:
allowCrossNamespace: true
logs:
general:
level: DEBUG
# @ignore
loki:
loki:
auth_enabled: false
commonConfig:
replication_factor: 1
storage:
type: filesystem
singleBinary:
replicas: 1
persistence:
size: 10Gi
# @ignore
promtail:
loki:
serviceName: loki
# @ignore
grafana:
persistence:
enabled: true
# @ignore
tenant:
tenant:
name: fplus-minio-core
# Disable TLS on the MinIO level because we terminate TLS at Traefik
certificate:
externalCaCertSecret: { }
externalCertSecret: { }
requestAutoCert: false
certConfig: { }
pools:
- servers: 1
name: pool-0
volumesPerServer: 1
size: 20Gi
## List of bucket names to create during tenant provisioning
buckets:
- name: "device-configurations"
- name: "device-connections"
- name: "edge-agent-configs"
## List of secret names to use for generating MinIO users during tenant provisioning
users:
- name: "manager-minio-secret"
# @ignore
influxdb2:
adminUser:
organization: AMRC