dip
/
tenant-catalog
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Repository for dip
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
24 Branches
0 Tags
3.3 MiB
Tag: Branch: Tree: 02f129834c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '02f129834c'
${ noResults }
tenant-catalog/openmetadata/values.yaml

145 lines
3.7 KiB
Raw Blame History

#version: openmetadata, 1.12.1
airflow:
workers:
replicas: 2
resources: {}
scheduler:
resources: {}
webserver:
resources: {}
apiServer:
resources: {}
triggerer:
resources: {}
dags:
persistence:
enabled: true
storageClassName: ""
accessMode: ReadWriteMany
size: 1Gi
logs:
persistence:
enabled: true
storageClassName: ""
size: 1Gi
data:
metadataConnection:
pass: "S9lRQ4qzAce1"
opensearch:
opensearchJavaOpts: "-Xmx1g -Xms1g"
persistence:
size: 30Gi
resources:
requests:
cpu: "100m"
memory: "256M"
limits:
cpu: "2000m"
memory: "2048M"
mysql:
enabled: true
primary:
resources:
requests:
cpu: "500m"
memory: "512Mi"
limits:
cpu: "750m"
memory: "768Mi"
persistence:
size: 50Gi
initdbScripts:
init_openmetadata_db_scripts.sql: |
CREATE DATABASE openmetadata_db;
CREATE USER 'openmetadata_user'@'%' IDENTIFIED BY 'ijbfzS5nJlUI';
GRANT ALL PRIVILEGES ON openmetadata_db.* TO 'openmetadata_user'@'%' WITH GRANT OPTION;
commit;
init_airflow_db_scripts.sql: |
CREATE DATABASE airflow_db CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci;
CREATE USER 'airflow_user'@'%' IDENTIFIED BY 'S9lRQ4qzAce1';
GRANT ALL PRIVILEGES ON airflow_db.* TO 'airflow_user'@'%' WITH GRANT OPTION;
commit;
---
openmetadata:
config:
authorizer:
className: "org.openmetadata.service.security.DefaultAuthorizer"
containerRequestFilter: "org.openmetadata.service.security.JwtFilter"
initialAdmins:
- "admin"
- "dwshin"
- "kkmbal"
- "service-account-service-openmetadata"
principalDomain: "gke.paasup.io"
authentication:
clientType: confidential
provider: "custom-oidc"
publicKeys:
- "https://openmetadata.gke.paasup.io/api/v1/system/config/jwks"
- "https://keycloak.gke.paasup.io/realms/paasup/protocol/openid-connect/certs"
clientId: "open-metadata"
callbackUrl: "https://openmetadata.gke.paasup.io/callback"
jwtPrincipalClaims:
- "email"
- "preferred_username"
- "sub"
oidcConfiguration:
enabled: true
oidcType: "Keycloak"
clientId:
secretRef: oidc-secrets
secretKey: openmetadata-oidc-client-id
clientSecret:
secretRef: oidc-secrets
secretKey: openmetadata-oidc-client-secret
discoveryUri: "https://keycloak.gke.paasup.io/realms/paasup/.well-known/openid-configuration"
serverUrl: "https://openmetadata.gke.paasup.io"
callbackUrl: "https://openmetadata.gke.paasup.io/callback"
tokenValidity: "3600"
sessionExpiry: "604800"
pipelineServiceClientConfig:
metadataApiEndpoint: "http://openmetadata:8585/api"
airflow:
apiEndpoint: "http://openmetadata-api-server:8080"
ingress:
enabled: true
className: "kong"
annotations:
cert-manager.io/cluster-issuer: root-ca-issuer
cert-manager.io/duration: 8760h
cert-manager.io/renew-before: 720h
konghq.com/protocols: https
konghq.com/https-redirect-status-code: "301"
hosts:
- host: "openmetadata.gke.paasup.io"
paths:
- path: /
pathType: ImplementationSpecific
tls:
- secretName: openmetadata-tls
hosts:
- "openmetadata.gke.paasup.io"
extraVolumes:
- name: java-truststore
secret:
secretName: java-truststore
extraVolumeMounts:
- name: java-truststore
mountPath: /etc/ssl/java
readOnly: true
resources: {}
extraEnvs:
- name: LOG_LEVEL
value: "INFO"
- name: "OPENMETADATA_PUBLIC_URL"
value: "https://openmetadata.gke.paasup.io"