| # Copyright 2020 Canonical Ltd. |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| # not use this file except in compliance with the License. You may obtain |
| # a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| # License for the specific language governing permissions and limitations |
| # under the License. |
| # |
| # For those usages not covered by the Apache License, Version 2.0 please |
| # contact: legal@canonical.com |
| # |
| # To get in touch with the maintainers, please contact: |
| # osm-charmers@lists.launchpad.net |
| ## |
| |
| options: |
| max_file_size: |
| type: int |
| description: | |
| The maximum file size, in megabytes. If there is a reverse proxy in front |
| of Keystone, it may need to be configured to handle the requested size. |
| Note: if set to 0, there is no limit. |
| default: 0 |
| ingress_class: |
| type: string |
| description: | |
| Ingress class name. This is useful for selecting the ingress to be used |
| in case there are multiple ingresses in the underlying k8s clusters. |
| ingress_whitelist_source_range: |
| type: string |
| description: | |
| A comma-separated list of CIDRs to store in the |
| ingress.kubernetes.io/whitelist-source-range annotation. |
| |
| This can be used to lock down access to |
| Keystone based on source IP address. |
| default: "" |
| tls_secret_name: |
| type: string |
| description: TLS Secret name |
| default: "" |
| site_url: |
| type: string |
| description: Ingress URL |
| default: "" |
| cluster_issuer: |
| type: string |
| description: Name of the cluster issuer for TLS certificates |
| default: "" |
| log_level: |
| description: "Log Level" |
| type: string |
| default: "INFO" |
| database_commonkey: |
| description: Database COMMON KEY |
| type: string |
| default: osm |
| auth_backend: |
| type: string |
| description: Authentication backend ('internal' or 'keystone') |
| default: internal |
| enable_test: |
| type: boolean |
| description: Enable test endpoints of NBI. |
| default: false |
| mongodb_uri: |
| type: string |
| description: MongoDB URI (external database) |
| image_pull_policy: |
| type: string |
| description: | |
| ImagePullPolicy configuration for the pod. |
| Possible values: always, ifnotpresent, never |
| default: always |
| debug_mode: |
| description: | |
| If true, debug mode is activated. It means that the service will not run, |
| and instead, the command for the container will be a `sleep infinity`. |
| Note: If enabled, security_context will be disabled. |
| type: boolean |
| default: false |
| debug_pubkey: |
| description: | |
| Public SSH key that will be injected to the application pod. |
| type: string |
| debug_nbi_local_path: |
| description: | |
| Local full path to the NBI project. |
| |
| The path will be mounted to the docker image, |
| which means changes during the debugging will be saved in your local path. |
| type: string |
| debug_common_local_path: |
| description: | |
| Local full path to the COMMON project. |
| |
| The path will be mounted to the docker image, |
| which means changes during the debugging will be saved in your local path. |
| type: string |
| security_context: |
| description: Enables the security context of the pods |
| type: boolean |
| default: false |