CENM Network Map Service Helm Chart

This Helm chart is to configure, deploy, and run the CENM Network Map Service on Kubernetes.

Example usage

In the example below, the default values are used:

helm install nmap nmap

In the example below, the default values are overwritten:

helm install nmap nmap --set shell.password="superDifficultPassword"

Configuration

ParameterDescriptionDefault value
bashDebugDisplay additional information while running bash scripts (useful while investigating issues)false
volumeSizeNmapEtcVolume size for the etc/ directory1Gi
volumeSizeNmapLogsVolume size for the logs/ directory10Gi
volumeSizeNmapH2Volume size for the h2/ directory10Gi
dockerImage.repositoryURL to Network Map Docker image repositoryacrcenm.azurecr.io/networkmap/networkmap
dockerImage.tagDocker image tag1.3
dockerImage.pullPolicyImage pull policy. Ref.: https://kubernetes.io/docs/concepts/containers/images/#updating-imagesAlways
dockerImageCli.repositoryURL to CLI image repositoryacrcenm.azurecr.io/cli/cli
dockerImageCli.tagDocker image tag1.3
dockerImageCli.pullPolicyImage pull policy. Ref.: https://kubernetes.io/docs/concepts/containers/images/#updating-imagesAlways
nmapJar.xmxValue for java -Xmx memory settings1G
nmapJar.pathThe directory where the Network Map Service .jar file is storedbin
nmapJar.configPathThe directory where the Network Map Service configuration is storedetc
database.driverClassNameNetwork Map Service database connection detailsorg.h2.Driver
database.jdbcDriverNetwork Map Service database connection details""
database.urlNetwork Map Service database connection detailsjdbc:h2:file:./h2/networkmap-persistence;DB_CLOSE_ON_EXIT=FALSE;LOCK_TIMEOUT=10000;WRITE_DELAY=0;AUTO_SERVER_PORT=0
database.userNetwork Map Service database connection detailsexample-db-user
database.passwordNetwork Map Service database connection detailsexample-db-password
database.runMigrationNetwork Map Service database connection detailstrue
checkRevocationFlag indicating whether or not the certificate revocation list status check should be performedtrue
sleepTimeAfterErrorSleep time (in seconds) after an error occurred120
authPortAuth Service port8081
networkRootTruststore.pathPath of the network trust store fileDATA/trust-stores/network-root-truststore.jks
networkRootTruststore.passwordPassword of the network trust store filetrust-store-password
rootAliasThe alias for the root certificate within the trust storecordarootca
logsContainersEnabledEnable container displaying live logstrue

For additional information on database connection details refer to the official documentation: database documentation.