aboutsummaryrefslogtreecommitdiffstats
path: root/tutorials/vFWDT/policies
diff options
context:
space:
mode:
authorLukasz Rajewski <lukasz.rajewski@orange.com>2019-09-10 13:30:53 +0200
committerMarco Platania <platania@research.att.com>2019-09-13 16:21:28 +0000
commitd0d957e94bf17d53ae758a9aa6f732dbd78a98ff (patch)
treebdcd6b8bebca68abd47346e6cc8ab487aa2c4d64 /tutorials/vFWDT/policies
parent1dfe955fc03f86fe0fea055d624da1338c5830bb (diff)
vFW DT tutorial improvements
- Improvements in the workflow script to use OSDF request - policy types added - policy rules added - script to upload policies added Change-Id: I61e2bf3bbb10ca45088e989bbd801ec9ca439ae3 Signed-off-by: Lukasz Rajewski <lukasz.rajewski@orange.com> Issue-ID: INT-751
Diffstat (limited to 'tutorials/vFWDT/policies')
-rw-r--r--tutorials/vFWDT/policies/rules/QueryPolicy_vFW_TD.json32
-rw-r--r--tutorials/vFWDT/policies/rules/affinity_vFW_TD.json29
-rwxr-xr-xtutorials/vFWDT/policies/rules/uploadPolicies.sh58
-rw-r--r--tutorials/vFWDT/policies/rules/vnfPolicy_vFW_TD.json41
-rw-r--r--tutorials/vFWDT/policies/rules/vnfPolicy_vPGN_TD.json41
-rw-r--r--tutorials/vFWDT/policies/types/affinityPolicy-v20181031.yml58
-rw-r--r--tutorials/vFWDT/policies/types/queryPolicy-v20181031.yml43
-rw-r--r--tutorials/vFWDT/policies/types/vnfPolicy-v20181031.yml68
8 files changed, 370 insertions, 0 deletions
diff --git a/tutorials/vFWDT/policies/rules/QueryPolicy_vFW_TD.json b/tutorials/vFWDT/policies/rules/QueryPolicy_vFW_TD.json
new file mode 100644
index 00000000..300ac99d
--- /dev/null
+++ b/tutorials/vFWDT/policies/rules/QueryPolicy_vFW_TD.json
@@ -0,0 +1,32 @@
+{
+ "service": "queryPolicy",
+ "policyName": "OSDF_DUBLIN.QueryPolicy_vFW_TD",
+ "description": "Query policy for vFW TD",
+ "templateVersion": "OpenSource.version.1",
+ "version": "OpenSource.version.1",
+ "priority": "3",
+ "riskType": "test",
+ "riskLevel": "2",
+ "guard": "False",
+ "content": {
+ "queryProperties": [
+ {"attribute":"customerLatitude", "attribute_location": "customerLatitude", "value": 1.1},
+ {"attribute":"customerLongitude", "attribute_location": "customerLongitude", "value": 2.2},
+ {"attribute":"chosen_region", "attribute_location": "chosenRegion"},
+ {"attribute":"chosen_customer_id", "attribute_location": "chosenCustomerId"}
+ ],
+ "policyScope": [
+ "td",
+ "us",
+ "vFW-SINK",
+ "vPGN"
+ ],
+ "policyType": "request_param_query",
+ "serviceName": "vFW_TD",
+ "identity": "vFW_TD_Query_Policy",
+ "resources": [
+ "vFW-SINK",
+ "vPGN"
+ ]
+ }
+}
diff --git a/tutorials/vFWDT/policies/rules/affinity_vFW_TD.json b/tutorials/vFWDT/policies/rules/affinity_vFW_TD.json
new file mode 100644
index 00000000..590de1c9
--- /dev/null
+++ b/tutorials/vFWDT/policies/rules/affinity_vFW_TD.json
@@ -0,0 +1,29 @@
+{
+ "service": "affinityPolicy",
+ "policyName": "OSDF_DUBLIN.Affinity_vFW_TD",
+ "description": "Affinity policy for vPGN Anchor and vFW destination point",
+ "templateVersion": "OpenSource.version.1",
+ "version": "OpenSource.version.1",
+ "priority": "3",
+ "riskType": "test",
+ "riskLevel": "2",
+ "guard": "False",
+ "content": {
+ "identity": "affinity_vFW_TD",
+ "policyScope": [
+ "td",
+ "us",
+ "vFW-SINK",
+ "vPGN"
+ ],
+ "affinityProperty": {
+ "qualifier": "same",
+ "category": "region"
+ },
+ "policyType": "zone",
+ "resources": [
+ "vFW-SINK",
+ "vPGN"
+ ]
+ }
+}
diff --git a/tutorials/vFWDT/policies/rules/uploadPolicies.sh b/tutorials/vFWDT/policies/rules/uploadPolicies.sh
new file mode 100755
index 00000000..3200ba94
--- /dev/null
+++ b/tutorials/vFWDT/policies/rules/uploadPolicies.sh
@@ -0,0 +1,58 @@
+#!/bin/bash
+
+`./yq > /dev/null 2>&1`
+
+if [ $? -ne 0 ]; then
+ echo "Install yq"
+ wget -cO yq https://github.com/mikefarah/yq/releases/download/2.4.0/yq_linux_amd64
+ chmod 755 yq
+fi
+
+`jo -p n=1 > /dev/null 2>&1`
+
+if [ $? -ne 0 ]; then
+ echo "Install jo"
+ sudo add-apt-repository -y ppa:duggan/jo
+ sudo apt update
+ sudo apt install jo -y
+fi
+
+echo "Uploading policies"
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+PDP=`kubectl get pods -o go-template --template '{{range .items}}{{.metadata.name}}{{"\n"}}{{end}}' | grep policy-pdp`
+
+echo $PDP
+CMD='createPolicy'
+MODE=$1
+
+if [[ $MODE == "U" ]]; then
+ CMD='updatePolicy'
+fi
+
+echo $CMD
+SCRIPT="dt-policies.sh"
+echo "#!/bin/bash" > $SCRIPT
+
+for f in $DIR/*.json; do
+ NAME=`./yq r $f policyName`
+ SCOPE="$(cut -d'.' -f1 <<< $NAME )"
+ RULE=`cat $f`
+ BODY="\"$RULE\""
+ echo "Processing $NAME rule..";
+ echo "echo \"$NAME Policy\"" >> $SCRIPT
+ BODY=`jo -p configBody="$BODY" -p policyName=$NAME -p policyConfigType=MicroService -p onapName=SampleDemo -p policyScope=$SCOPE`
+ LINK="curl -k -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '$BODY' 'https://localhost:8081/pdp/api/$CMD'"
+ LINK="${LINK/\"\\\"{\\n/\"{}"
+ LINK="${LINK/\\\"\"/\"}"
+ LINK="${LINK//\\n/ }"
+ echo "$LINK" >> $SCRIPT
+ BODY=`jo -p policyType=MicroService -p pdpGroup=default -p policyName=$NAME`
+ LINK="curl -k -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '$BODY' 'https://localhost:8081/pdp/api/pushPolicy'"
+ echo "$LINK" >> $SCRIPT
+done
+
+`kubectl cp $SCRIPT onap/$PDP:/tmp/policy-install`
+`kubectl exec $PDP -- chmod 755 $SCRIPT`
+`kubectl exec $PDP -- ./$SCRIPT`
+
diff --git a/tutorials/vFWDT/policies/rules/vnfPolicy_vFW_TD.json b/tutorials/vFWDT/policies/rules/vnfPolicy_vFW_TD.json
new file mode 100644
index 00000000..8df45e33
--- /dev/null
+++ b/tutorials/vFWDT/policies/rules/vnfPolicy_vFW_TD.json
@@ -0,0 +1,41 @@
+{
+ "service": "vnfPolicy",
+ "policyName": "OSDF_DUBLIN.vnfPolicy_vFW_TD",
+ "description": "vnfPolicy",
+ "templateVersion": "OpenSource.version.1",
+ "version": "OpenSource.version.1",
+ "priority": "6",
+ "riskType": "test",
+ "riskLevel": "3",
+ "guard": "False",
+ "content": {
+ "identity": "vnf_vFW_TD",
+ "policyScope": [
+ "td",
+ "us",
+ "vFW-SINK"
+ ],
+ "policyType": "vnfPolicy",
+ "resources": ["vFW-SINK"],
+ "applicableResources": "any",
+ "vnfProperties": [{
+ "inventoryProvider": "aai",
+ "serviceType": "",
+ "inventoryType": "vfmodule",
+ "customerId": {
+ "get_param": "chosen_customer_id"
+ },
+ "equipmentRole": "",
+ "attributes": {
+ "orchestrationStatus": ["active"],
+ "provStatus": "ACTIVE",
+ "cloudRegionId": {
+ "get_param": "chosen_region"
+ },
+ "service_instance_id": {
+ "get_param": "service_id"
+ }
+ }
+ }]
+ }
+}
diff --git a/tutorials/vFWDT/policies/rules/vnfPolicy_vPGN_TD.json b/tutorials/vFWDT/policies/rules/vnfPolicy_vPGN_TD.json
new file mode 100644
index 00000000..452fdb63
--- /dev/null
+++ b/tutorials/vFWDT/policies/rules/vnfPolicy_vPGN_TD.json
@@ -0,0 +1,41 @@
+{
+ "service": "vnfPolicy",
+ "policyName": "OSDF_DUBLIN.vnfPolicy_vPGN_TD",
+ "description": "vnfPolicy",
+ "templateVersion": "OpenSource.version.1",
+ "version": "OpenSource.version.1",
+ "priority": "6",
+ "riskType": "test",
+ "riskLevel": "3",
+ "guard": "False",
+ "content": {
+ "identity": "vnf_vPGN_TD",
+ "policyScope": [
+ "td",
+ "us",
+ "vPGN"
+ ],
+ "policyType": "vnfPolicy",
+ "resources": ["vPGN"],
+ "applicableResources": "any",
+ "vnfProperties": [{
+ "inventoryProvider": "aai",
+ "serviceType": "",
+ "inventoryType": "vfmodule",
+ "customerId": {
+ "get_param": "chosen_customer_id"
+ },
+ "equipmentRole": "",
+ "attributes": {
+ "orchestrationStatus": ["active"],
+ "provStatus": "ACTIVE",
+ "cloudRegionId": {
+ "get_param": "chosen_region"
+ },
+ "service_instance_id": {
+ "get_param": "service_id"
+ }
+ }
+ }]
+ }
+}
diff --git a/tutorials/vFWDT/policies/types/affinityPolicy-v20181031.yml b/tutorials/vFWDT/policies/types/affinityPolicy-v20181031.yml
new file mode 100644
index 00000000..89a3e9d5
--- /dev/null
+++ b/tutorials/vFWDT/policies/types/affinityPolicy-v20181031.yml
@@ -0,0 +1,58 @@
+tosca_definitions_version: tosca_simple_yaml_1_0_0
+node_types:
+ policy.nodes.affinityPolicy:
+ derived_from: policy.nodes.Root
+ properties:
+ policyScope:
+ type: list
+ description: scope where the policy is applicable
+ required: true
+ matchable: true
+ entry_schema:
+ type: string
+ policyType:
+ type: list
+ description: type of a policy
+ required: true
+ matchable: true
+ entry_schema:
+ type: string
+ consraints:
+ - valid_values:
+ - zone
+ identity:
+ type: string
+ required: true
+ applicableResources:
+ type: list
+ required: true
+ entry_schema:
+ type: string
+ constraints:
+ - valid_values:
+ - any
+ - all
+ affinityProperties:
+ type: policy.data.affinityProperties_properties
+ required: true
+ resources:
+ type: list
+ required: true
+ entry_schema:
+ type: string
+data_types:
+ policy.data.affinityProperties_properties:
+ derived_from: tosca.nodes.Root
+ properties:
+ qualifier:
+ type: list
+ required: true
+ entry_schema:
+ type: string
+ constraints:
+ - valid_values:
+ - same
+ - different
+ category:
+ type: string
+ required: true
diff --git a/tutorials/vFWDT/policies/types/queryPolicy-v20181031.yml b/tutorials/vFWDT/policies/types/queryPolicy-v20181031.yml
new file mode 100644
index 00000000..09824db9
--- /dev/null
+++ b/tutorials/vFWDT/policies/types/queryPolicy-v20181031.yml
@@ -0,0 +1,43 @@
+tosca_definitions_version: tosca_simple_yaml_1_0_0
+node_types:
+ policy.nodes.queryPolicy:
+ derived_from: policy.nodes.Root
+ properties:
+ policyScope:
+ type: list
+ description: scope where the policy is applicable
+ required: true
+ matchable: true
+ entry_schema:
+ type: string
+ policyType:
+ type: list
+ description: type of a policy
+ required: true
+ matchable: true
+ entry_schema:
+ type: string
+ consraints:
+ - valid_values:
+ - request_param_query
+ identity:
+ type: string
+ required: true
+ queryProperties:
+ type: list
+ required: true
+ entry_schema:
+ type:policy.data.queryProperties_properties
+data_types:
+ policy.data.queryProperties_properties:
+ derived_from: tosca.nodes.Root
+ properties:
+ attribute:
+ type: string
+ required: true
+ value:
+ type: string
+ required: true
+ attribute_location:
+ type: string
+ required: true
diff --git a/tutorials/vFWDT/policies/types/vnfPolicy-v20181031.yml b/tutorials/vFWDT/policies/types/vnfPolicy-v20181031.yml
new file mode 100644
index 00000000..4ce3b9fb
--- /dev/null
+++ b/tutorials/vFWDT/policies/types/vnfPolicy-v20181031.yml
@@ -0,0 +1,68 @@
+tosca_definitions_version: tosca_simple_yaml_1_0_0
+node_types:
+ policy.nodes.vnfPolicy:
+ derived_from: policy.nodes.Root
+ properties:
+ policyScope:
+ type: list
+ description: scope where the policy is applicable
+ required: true
+ matchable: true
+ entry_schema:
+ type: string
+ policyType:
+ type: list
+ description: type of a policy
+ required: true
+ matchable: true
+ entry_schema:
+ type: string
+ consraints:
+ - valid_values:
+ - vnfPolicy
+ identity:
+ type: string
+ required: true
+ resources:
+ type: list
+ required: true
+ entry_schema:
+ type: string
+ applicableResources:
+ type: list
+ required: true
+ entry_schema:
+ type: string
+ constraints:
+ - valid_values:
+ - any
+ - all
+ vnfProperties:
+ type: list
+ required: true
+ entry_schema:
+ type:policy.data.vnfProperties_properties
+data_types:
+ policy.data.vnfProperties_properties:
+ derived_from: tosca.nodes.Root
+ properties:
+ inventoryProvider:
+ type: string
+ required: true
+ serviceType:
+ type: string
+ required: true
+ inventoryType:
+ type: list
+ required: true
+ entry_schema:
+ type: string
+ constraints:
+ - valid_values:
+ - serviceInstanceId
+ - vnfName
+ - cloudRegionId
+ - vimId
+ customerId:
+ type: string
+ required: true