aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/platform/cookbook.rst139
-rw-r--r--docs/platform/swarch_srm.rst10
2 files changed, 122 insertions, 27 deletions
diff --git a/docs/platform/cookbook.rst b/docs/platform/cookbook.rst
index fee191358..c4a2c7cf3 100644
--- a/docs/platform/cookbook.rst
+++ b/docs/platform/cookbook.rst
@@ -6,11 +6,11 @@
Policy Cookbook
***************
-Policy VM/Docker Recipes
-^^^^^^^^^^^^^^^^^^^^^^^^
+Openstack Heat Installation - Policy VM/Docker Recipes
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.. code-block:: bash
- :caption: Get latest images in an already setup policy VM
+ :caption: Get the latest images in an already setup policy VM
:linenos:
/opt/policy_vm_init.sh
@@ -31,60 +31,106 @@ Policy VM/Docker Recipes
# This is the current default mode of instantiation.
# These operations are unnecessary unless PRELOAD_POLICIES
# was previously set to true
-
+
echo "PRELOAD_POLICIES=true" > /opt/policy/.env
/opt/policy_vm_init.sh
.. code-block:: bash
- :caption: Access the PDP-D container as a policy user
+ :caption: Access the PDP-D container as the policy user
:linenos:
docker exec -it drools bash
.. code-block:: bash
- :caption: Access the PDP-X container as a policy user
+ :caption: Access the PDP-X container as the policy user
:linenos:
docker exec -it -u 0 pdp su - policy
.. code-block:: bash
- :caption: Access the BRMSGW container as a policy user
+ :caption: Access the BRMSGW container as the policy user
:linenos:
docker exec -it -u 0 brmsgw su - policy
.. code-block:: bash
- :caption: Access PAP container as a policy user
+ :caption: Access PAP container as the policy user
:linenos:
docker exec -it -u 0 pap su - policy
.. code-block:: bash
- :caption: Access the CONSOLE container as a policy user
+ :caption: Access the CONSOLE container the a policy user
:linenos:
docker exec -it -u 0 console su - policy
.. code-block:: bash
- :caption: Manual Healthcheck invokation
+ :caption: Command line Healthcheck invokation
:linenos:
- # Assuming the healthcheck service credentials have not been changed
- # post-installation within the drools container
-
source /opt/app/policy/config/feature-healthcheck.conf.environment
- curl --silent --user "${HEALTHCHECK_USER}:${HEALTHCHECK_PASSWORD}"
- -X GET http://localhost:6969/healthcheck | python -m json.tool
+ curl --silent --user "${HEALTHCHECK_USER}:${HEALTHCHECK_PASSWORD}"
+ -X GET https://localhost:6969/healthcheck | python -m json.tool
+
+
+OOM Installation - Policy Kubernetes Recipes
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+ .. code-block:: bash
+ :caption: List the policy pods
+ :linenos:
+
+ kubectl get pods -n onap -o wide | grep policy
+
+
+ .. code-block:: bash
+ :caption: Access the PAP container
+ :linenos:
+
+ kubectl exec -it <pap-pod> -c pap -n onap bash
+
+
+ .. code-block:: bash
+ :caption: Access a PDPD-D container
+ :linenos:
+
+ # <policy-deployment-prefix> depends on the deployment configuration
+
+ kubectl exec -it <policy-deployment-prefix>-drools-0 -c drools -n onap bash
+
+
+ .. code-block:: bash
+ :caption: Access the PDP container
+ :linenos:
+
+ # <policy-deployment-prefix> depends on the deployment configuration
+
+ kubectl exec -it <policy-deployment-prefix>-pdp-0 -c drools -n onap bash
+
+
+ .. code-block:: bash
+ :caption: Push Default Policies
+ :linenos:
+
+ kubectl exec -it <pap-pod> -c pap -n onap -- bash -c "export PRELOAD_POLICIES=true; /tmp/policy-install/config/push-policies.sh"
+
+
+ .. code-block:: bash
+ :caption: Standalone Policy Web UI URL access
+ :linenos:
+ http://<pap-vm>:30219/onap/login.htm
-PDP-D Recipes ("drools" container)
-^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+PDP-D Recipes (inside the "drools" container)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
.. code-block:: bash
:caption: Stop the PDP-D
@@ -104,12 +150,61 @@ PDP-D Recipes ("drools" container)
:caption: Manual Healthcheck Invokation
:linenos:
- # Assuming the healthcheck service credentials have not been changed
- # post-installation within the drools container
-
source ${POLICY_HOME}/config/feature-healthcheck.conf
- curl --silent --user "${HEALTHCHECK_USER}:${HEALTHCHECK_PASSWORD}"
- -X GET http://localhost:6969/healthcheck | python -m json.tool
+ curl --silent --user "${HEALTHCHECK_USER}:${HEALTHCHECK_PASSWORD}"
+ -X GET https://localhost:6969/healthcheck | python -m json.tool
+
+
+ .. code-block:: bash
+ :caption: Start a telemetry shell
+ :linenos:
+
+ telemetry
+
+
+ .. code-block:: bash
+ :caption: See all the configured loggers
+ :linenos:
+
+ curl -k --silent --user "${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}"
+ https://localhost:9696/policy/pdp/engine/tools/loggers
+
+
+ .. code-block:: bash
+ :caption: See the logging level for a given logger (for example the network logger):
+ :linenos:
+
+ curl -k --silent --user"${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}"
+ https://localhost:9696/policy/pdp/engine/tools/loggers/network
+
+
+ .. code-block:: bash
+ :caption: Modify the logging level for a given logger (for example the network logger):
+ :linenos:
+
+ curl -k --silent --user"${ENGINE_MANAGEMENT_USER}:${ENGINE_MANAGEMENT_PASSWORD}"
+ -X PUT https://localhost:9696/policy/pdp/engine/tools/loggers/network/WARN
+
+
+PAP Recipes (inside the "pap" container)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+ .. code-block:: bash
+ :caption: Bypass Portal Authentication with the Policy Web UI
+ :linenos:
+
+ edit: /opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/portal.properties
+ comment out: #role_access_centralized = remote
+ restart pap: policy.sh stop; policy.sh start;
+
+
+ .. code-block:: bash
+ :caption: Access the Policy Web UI without going through the Portal UI
+ :linenos:
+
+ https://<pap-vm>:8443/onap/login.htm (Heat)
+ https://<pap-vm>:30219/onap/login.htm (Kubernetes)
+
End of Document
diff --git a/docs/platform/swarch_srm.rst b/docs/platform/swarch_srm.rst
index 1483eb24e..af9eca33b 100644
--- a/docs/platform/swarch_srm.rst
+++ b/docs/platform/swarch_srm.rst
@@ -79,7 +79,7 @@ A policy healthcheck (with more detailed output) can be done directly by invokin
# please modify configuration pre-installation at:
# oom/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
- curl --silent --user 'healthcheck:zb!XztG34' -X GET http://localhost:30217/healthcheck | python -m json.tool
+ curl --silent --user 'demo@people.osaaf.org:demo123456!' -X GET http://localhost:30217/healthcheck | python -m json.tool
{
"details": [
{
@@ -135,7 +135,7 @@ The following command can be issued on each of the PDP-D replicas IPs:
# oom/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
- curl --silent --user '@1b3rt:31nst31n' -X GET http://<drools-replica-ip>:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
+ curl --silent --user 'demo@people.osaaf.org:demo123456!' -X GET http://<drools-replica-ip>:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
{
"alive": false,
"artifactId": "NO-ARTIFACT-ID",
@@ -260,7 +260,7 @@ The following command can be used for verifying each replica:
# please modify configuration pre-installation at:
# oom/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
- curl --silent --user '@1b3rt:31nst31n' -X GET http://<replica-ip>:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
+ curl --silent --user 'demo@people.osaaf.org:demo123456!' -X GET http://<replica-ip>:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
{
"alive": true,
@@ -521,7 +521,7 @@ Verification that the restarted PDP-D 0 comes up with the appropriate policy loa
.. code-block:: bash
:caption: Verifying restarted PDP-D points to policies pre-failure.
- ubuntu@k8sx:~$ curl --silent --user '@1b3rt:31nst31n' -X GET http://10.42.10.21:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
+ ubuntu@k8sx:~$ curl --silent --user 'demo@people.osaaf.org:demo123456!' -X GET http://10.42.10.21:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
{
"alive": true,
"artifactId": "policy-amsterdam-rules",
@@ -911,7 +911,7 @@ Verify that the new PDP-D comes up with the latest policy coordinates:
.. code-block:: bash
:caption: Verify new PDP-D 2 comes up with policies loaded
- ubuntu@k8sx:~$ curl --silent --user '@1b3rt:31nst31n' -X GET http://10.42.172.88:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
+ ubuntu@k8sx:~$ curl --silent --user 'demo@people.osaaf.org:demo123456!' -X GET http://10.42.172.88:9696/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
{
"alive": true,
"artifactId": "policy-amsterdam-rules",