Configuring CHF Standalone Properties
After initial deployment of CHF Standalone, you can customize the configuration.
You can configure CHF Standalone using YAML code that is typically supplied in the Helm values file. To display a
Helm values file, run a command like in the following
example:
helm show values matrixx/chf-standalone --version version_numberhelm template my-release matrixx/chf-standalone --version version_number -n matrixxFor common Helm properties, see the discussion about common Helm chart properties.
This is an example configuration:
matrixx-app:
# Name of the application.
applicationName: "chf-standalone"
namespaceOverride: "matrixx"
# -- Same as nameOverride but for the partOf.
partOfOverride: "MATRIXX"
version: ${version}
globalRegistry: "localhost:32000"
##########################################################
# Deployment
##########################################################
deployment:
enabled: true
# By default deploymentStrategy is set to rollingUpdate with maxSurge of 25% and maxUnavailable of 25%
# Reload deployment if configMap/secret updates
reloadOnChange: true
# Select nodes to deploy which matches the following labels
nodeSelector: {}
# cloud.google.com/gke-nodepool: default-pool
# Init containers which runs before the app container
initContainers:
default-config-sideloader:
image:
repository: matrixx-sideloader
tag: ${mtx-chf.version}
pullPolicy: IfNotPresent
volumeMounts:
default-sideloader-config:
mountPath: /opt/mtx/conf
sideloader-sync-dir:
mountPath: /sync
# Additional label added on pod which is used in Service's Label Selector
podLabels: {}
# Annotations on deployments
annotations: {}
# Additional Pod Annotations added on pod created by this Deployment
additionalPodAnnotations:
kubectl.kubernetes.io/default-container: chf-standalone
kubectl.kubernetes.io/default-logs-container: chf-standalone
# Replicas to be created
replicas: 2
# Secrets used to pull image
imagePullSecrets: ""
# Volumes to be added
volumes:
default-sideloader-config:
configMap:
name: chf-standalone-config
sideloader-sync-dir:
emptyDir: {}
# shared-networkcdr-storage:
# persistentVolumeClaim:
# claimName: shared-networkcdr-storage
# App containers
containers:
chf-standalone:
# Image of the app container
image:
repository: sba-5gc-networkfunctions-chf-standalone
tag: ${mtx-chf.version}
pullPolicy: IfNotPresent
containerSecurityContext:
allowPrivilegeEscalation: false
privileged: false
runAsNonRoot: true
runAsUser: 1000
# Command for primary container
command: [ ]
# Args for primary contaner
args: [ '--no-colors' ]
# Map of ports for the primary container
ports:
9098:
name: http
protocol: TCP
9099:
name: https
protocol: TCP
9097:
name: operations
protocol: TCP
# Environment variables to be passed to the app container
env:
MTX_SBA_LOG_LEVEL:
value: info
nrf.leaderSidecar.enabled:
value: "true"
gateway.externalUri:
value: https://chf-release-name:443
gateway.external.kafka.enabled:
value: "false"
# Startup, Readiness and Liveness probes
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 10
httpGet:
path: /readycheck
port: operations
livenessProbe:
initialDelaySeconds: 10
periodSeconds: 20
httpGet:
path: /healthcheck
port: operations
lifecycle:
preStop:
httpGet:
path: /shutdown
port: operations
# Mount path for Volumes
volumeMounts:
sideloader-sync-dir:
mountPath: /sync
# shared-networkcdr-storage:
# mountPath: /var/events/records
# Resources to be defined for pod
resources:
limits:
cpu: 32
requests:
cpu: 250m
terminationMessagePolicy: FallbackToLogsOnError
chf-standalone-leader-elect:
image:
repository: sba-5gc-networkfunctions-leader-sidecar
tag: ${mtx-chf.version}
pullPolicy: IfNotPresent
containerSecurityContext:
allowPrivilegeEscalation: false
privileged: false
runAsNonRoot: true
runAsUser: 1000
args: [ '--no-colors' ]
ports:
8080:
name: leaderelect
protocol: TCP
9096:
name: operations
protocol: TCP
env:
lock.name:
value: chf-standalone-leader-lock
lock.namespace:
value: matrixx
lock.identity:
valueFrom:
fieldRef:
fieldPath: metadata.name
MTX_SBA_LOG_LEVEL:
value: info
readinessProbe:
initialDelaySeconds: 20
periodSeconds: 10
httpGet:
path: /readycheck
port: operations
livenessProbe:
initialDelaySeconds: 10
periodSeconds: 20
httpGet:
path: /healthcheck
port: operations
terminationMessagePolicy: FallbackToLogsOnError
terminationGracePeriodSeconds: 30
# Role Based Access Control
rbac:
enabled: true
# Service Account to use by pods
serviceAccount:
enabled: true
name: "chf-standalone"
# Additional Labels on service account
additionalLabels: {}
# Annotations on service account
annotations: {}
# key: value
# Create Roles (Namespaced)
roles:
leader-elector:
rules:
- apiGroups:
- ""
- extensions
resources:
- endpoints
verbs:
- create
- delete
- get
- patch
- update
##########################################################
# Add Storage volumes to the pods
##########################################################
persistence:
enabled: false
volumes:
shared-networkcdr-storage:
hostPath: "/home/data/matrixx-shared-networkcdr-storage"
accessMode: ReadWriteMany
## If defined, storageClass: <storageClass>
## If set to "-", storageClass: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClass spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
storageClass: "-"
additionalLabels: {}
annotations: {}
# "helm.sh/resource-policy": keep
storageSize: 10Gi
volumeName: "matrixx-networkcdr-storage"
##########################################################
# Service object for servicing pods
##########################################################
service:
enabled: true
ports:
80:
name: http
protocol: TCP
targetPort: http
443:
name: https
protocol: TCP
targetPort: https
9097:
name: operations
protocol: TCP
targetPort: operations
type: ClusterIP
##########################################################
# Additional ConfigMaps
##########################################################
configMap:
enabled: false
annotations: {}
##########################################################
# Ingress object for exposing services
##########################################################
ingress:
enabled: false
# Name of the ingress class
ingressClassName: ''
# Map of host addresses to be exposed by this Ingress
hosts:
microk8s1:
paths:
default:
path: /
serviceName: chf-standalone
pathType: ImplementationSpecific
servicePort: 80
# Additional labels for this Ingress
additionalLabels: {}
# Add annotations to this Ingress
annotations: {}
# kubernetes.io/ingress.class: external-ingress
# ingress.kubernetes.io/rewrite-target: /
# ingress.kubernetes.io/force-ssl-redirect: true
# TLS details for this Ingress
tls: []
# Secrets must be manually created in the namespace.
# - secretName: chart-example-tls
# hosts:
# - chart-example.local
##########################################################
# Job
##########################################################
job:
enabled: true
name: cleanup-job
# Secrets used to pull image
imagePullSecrets: ""
# Volumes to be added to the pod
annotations:
helm.sh/hook: pre-delete
helm.sh/hook-delete-policy: before-hook-creation,hook-succeeded
containers:
# Image of the job container
image:
repository: sba-5gc-networkfunctions-chf
tag: ${mtx-chf.version}
pullPolicy: IfNotPresent
env:
MTX_SBA_LOG_LEVEL:
value: info
nrf.deregisterMode:
value: "true"
backstop.enabled:
value: "false"
gateway.kubernetes.namespace:
valueFrom:
fieldRef:
fieldPath: metadata.namespace
gateway.kubernetes.endpointFieldSelector:
value: chf-standalone
# Resources to be defined for job
resources:
limits:
cpu: 4
requests:
cpu: 250m
# Security Context for the pod
securityContext: { }
# Role Based Access Control
rbac:
enabled: true
# Service Account to use by pods
serviceAccount:
enabled: true
name: "chf-standalone-hook-runner"
# Additional Labels on service account
additionalLabels: {}
# Annotations on service account
annotations: {}
# key: value
# Create Roles (Namespaced)
roles:
cleanup-job:
rules:
- apiGroups:
- ""
- extensions
resources:
- endpoints
verbs:
- get
- list
##########################################################
# autoscaling is used for horizonal pod autoscaling
##########################################################
autoscaling:
# enabled is a boolean flag for enabling or disabling autoscaling
enabled: false
minReplicas: 1
# maxReplicas sets the maximum number of replicas
maxReplicas: 100
# metrics is the list of metrics used for hpa
metrics:
- type: Resource
resource:
name: cpu
target:
type: Utilization
averageUtilization: 80
- type: Resource
resource:
name: memory
target:
type: Utilization
averageUtilization: 80
##########################################################
# Service Monitor to collect Prometheus metrices
##########################################################
serviceMonitor:
enabled: false
# Additional labels
additionalLabels: {}
# key: value
# Additional annotations
annotations: {}
# key: value
# List of the endpoints of service from which prometheus will scrape data
endpoints:
- honorLabels: true
interval: 10s
path: /metrics
port: operations
relabelings:
- action: replace
sourceLabels:
- __meta_kubernetes_pod_node_name
targetLabel: node_name
- action: replace
sourceLabels:
- __meta_kubernetes_pod_host_ip
targetLabel: node_ip