1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
# ONAP DCAE policy-handler
See [wiki for DCAE gen2 architecture of policy-handling by DCAE-controller](https://wiki.onap.org/display/DW/DCAE+gen2+architecture+of+policy-handling+by+DCAE-controller)
## web-service for policies to be used by DCAE-Controller
- GET `/policy_latest/<policy_id>` -- get the latest policy from policy-engine that is identified by `policy_id`
- POST `/policies_latest` -- gets the latest policies that match to the **policy-filter** provided in the body of the request. The policy-filter mimics the body of the /getConfig on policy-engine.
sample request - policy-filter
```json
{
"configAttributes": { "key1":"value1" },
"configName": "alex_config_name",
"onapName": "DCAE",
"policyName": "DCAE_alex.Config_alex_.*",
"unique": false
}
```
- GET `/healthcheck` - returns 200 OK and current run stats
- **web-socket** to **policy-engine**
- receives the **push notifications** of the changed and removed policies from the policy-engine,
- matches the policy-updates to policies and policy-filters found in deployment-handler,
- retrieves the full policy-bodies of the matched policies,
- delivers the policy-updates to deployment-handler
## manual http API
- GET `/policies_latest` -- get all the latest policies from policy-engine that either have the policy_id or match to the policy-filter found in deployment-handler deployments
- GET `/catch_up` -- catch up with the latest state of the policy-engine
- GET `/shutdown` -- shutdown the server
----------
## standalone installation
`virtualenv policy_venv`
`cd policy_venv`
`source bin/activate`
`cd ../policy_handler`
`pip install -r requirements.txt`
----------
## preparation to run
`cd policy_venv`
`source bin/activate`
`cd ../policy_handler`
----------
## local configure
local config file `policy_handler/etc/config.json` contains:
```json
{
"wservice_port" : 25577,
"consul_url" : "http://consul:8500",
"policy_handler" : {
"system" : "policy_handler",
"tls" : {
"cert_directory" : "etc/tls/certs/",
"cacert" : "cacert.pem",
"private_key" : "key.pem",
"server_cert" : "cert.pem",
"server_ca_chain" : "ca_chain.pem"
}
},
"logging" : {...}
}
```
Field descriptions
- `wservice_port` - port of the policy-hanlder web-service
- `consul_url` - optional url for the consul agent
- `policy_handler` - local config for policy-handler application
- `system` - general system name of the policy-handler
- `tls` - tls settings for the https clients and server - required to enable tls
- `cert_directory` - relative path pointing to the folder with certificates
- `cacert` - file name for the ca-cert or ca-bundle file in pem format in cert_directory -- used by https clients
- `private_key` - file name for the private key in cert_directory -- used by https server
- `server_cert` - file name for the https server certificate file in pem format in cert_directory
- `server_ca_chain` - file name for the optional https server ca-chain certificates file in pem format in cert_directory -- used when the ca-chain is not included in the server_cert file
- `logging` - logging config for general logging
----------
## run
in folder `policy_handler`:
`./run_policy.sh`
----------
## customization per company
### ```etc_customize/``` folder
- company is expected to place any company specific files required to be in the docker image in the folder ```etc_customize/```
- change the ```etc_customize/customize.sh``` script to perform company specific actions during docker image build
- ```etc_customize/customize.sh``` script is expected to be overridden by company to customize docker image build
### ```policyhandler/customize/``` folder
contains ```CustomizerBase``` and ```Customizer``` classes
- ```CustomizerBase``` defines the interface and the default=ONAP behavior
- ```CustomizerBase``` is owned by ONAP and should not be changed by the company
- ```Customizer``` inherits ```CustomizerBase```
- policy-handler instantiates ```Customizer``` to get the customized behavior
- ```Customizer``` is owned by the company and should be changed by the company
- ONAP is not going to change ```Customizer```
- the methods of ```Customizer``` are expected to be overridden by the company to change the behavior of the policy-handler
- samples are provided for methods in ```Customizer``` class as the commented out lines
- Company is allowed to add more files to customize/ folder if that is required for better structuring of their code as soon as it is invoked by the methods of ```Customizer```
here is an example of ```customizer.py```
```python
"""contains the Customizer class with method overrides per company specification"""
from .customizer_base import CustomizerBase
class Customizer(CustomizerBase):
"""
the Customizer class inherits CustomizerBase that is owned by ONAP
:Customizer: class is owned by the company that needs to customize the policy-handler
:override: any method defined in the CustomizerBase class to customize the behavior of the policy-handler
"""
def __init__(self):
"""class that contains the customization"""
super().__init__()
def get_service_url(self, audit, service_name, service):
"""
returns the service url when called from DiscoveryClient
this is just a sample code - replace it with the real customization
"""
service_url = super().get_service_url(audit, service_name, service)
audit.info("TODO: customization for service_url on {0}".format(service_name))
return service_url
```
----------
|