10 files changed, 764 insertions, 0 deletions
diff --git a/datarouter-prov/src/main/resources/misc/doaction b/datarouter-prov/src/main/resources/misc/doaction
new file mode 100644
index 00000000..43193324
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/doaction
@@ -0,0 +1,53 @@
+#!/bin/bash
+
+cd /opt/app/datartr/etc
+for action in "$@"
+do
+case "$action" in
+'stop')
+	/opt/app/platform/init.d/drtrprov stop
+	;;
+'start')
+	/opt/app/platform/init.d/drtrprov start || exit 1
+	;;
+'backup')
+	cp log4j.properties log4j.properties.save 2>/dev/null
+	cp provserver.properties provserver.properties.save 2>/dev/null
+	cp mail.properties mail.properties.save 2>/dev/null
+	cp havecert havecert.save 2>/dev/null
+	cp mysql_init_0001 mysql_init_0001.save 2>/dev/null
+	;;
+'restore')
+	cp log4j.properties.save log4j.properties 2>/dev/null
+	cp provserver.properties.save provserver.properties 2>/dev/null
+	cp mail.properties.save mail.properties 2>/dev/null
+	cp havecert.save havecert 2>/dev/null
+	cp mysql_init_0001.save mysql_init_0001 2>/dev/null
+	;;
+'config')
+	/bin/bash log4j.properties.tmpl >log4j.properties
+	/bin/bash provserver.properties.tmpl >provserver.properties
+	/bin/bash mail.properties.tmpl >mail.properties
+	/bin/bash havecert.tmpl >havecert
+	/bin/bash mysql_init_0001.tmpl >mysql_init_0001
+	echo "$AFTSWM_ACTION_NEW_VERSION" >VERSION.prov
+	chmod +x havecert
+	rm -f /opt/app/platform/rc.d/K90zdrtrprov /opt/app/platform/rc.d/S99zdrtrprov
+	ln -s ../init.d/drtrprov /opt/app/platform/rc.d/K90zdrtrprov
+	ln -s ../init.d/drtrprov /opt/app/platform/rc.d/S99zdrtrprov
+	;;
+'clean')
+	rm -f log4j.properties log4j.properties.save
+	rm -f provserver.properties provserver.properties.save
+	rm -f mail.properties mail.properties.save
+	rm -f havecert havecert.properties.save
+	rm -f mysql_init_0001 mysql_init_0001.save
+	rm -f VERSION.prov
+	rm -f /opt/app/platform/rc.d/K90zdrtrprov /opt/app/platform/rc.d/S99zdrtrprov
+	;;
+*)
+	exit 1
+	;;
+esac
+done
+exit 0
diff --git a/datarouter-prov/src/main/resources/misc/dr-route b/datarouter-prov/src/main/resources/misc/dr-route
new file mode 100644
index 00000000..77c6c180
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/dr-route
@@ -0,0 +1,26 @@
+#!/bin/bash
+#
+#                        AT&T - PROPRIETARY
+#          THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+#        AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+#             ACCORDANCE WITH APPLICABLE AGREEMENTS.
+#
+#          Copyright (c) 2013 AT&T Knowledge Ventures
+#              Unpublished and Not for Publication
+#                     All Rights Reserved
+#
+#  dr-route -- A script to interact with a provisioning server to manage the DR routing tables.
+#
+#  $Id: dr-route,v 1.2 2013/11/06 16:23:54 eby Exp $
+#
+
+JAVA_HOME=/opt/java/jdk/jdk180
+JAVA_OPTS="-Xms1G -Xmx1G"
+TZ=GMT0
+PATH=$JAVA_HOME/bin:/bin:/usr/bin
+CLASSPATH=`echo /opt/app/datartr/etc /opt/app/datartr/lib/*.jar | tr ' ' ':'`
+export CLASSPATH JAVA_HOME JAVA_OPTS TZ PATH
+
+$JAVA_HOME/bin/java \
+	-Dlog4j.configuration=file:///opt/app/datartr/etc/log4j.drroute.properties \
+	com.att.research.datarouter.provisioning.utils.DRRouteCLI $*
diff --git a/datarouter-prov/src/main/resources/misc/drtrprov b/datarouter-prov/src/main/resources/misc/drtrprov
new file mode 100644
index 00000000..c801ce04
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/drtrprov
@@ -0,0 +1,131 @@
+#!/bin/bash
+#
+#                        AT&T - PROPRIETARY
+#          THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+#        AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+#             ACCORDANCE WITH APPLICABLE AGREEMENTS.
+#
+#          Copyright (c) 2013 AT&T Knowledge Ventures
+#              Unpublished and Not for Publication
+#                     All Rights Reserved
+#
+#  This is the startup/shutdown script for the AT&T Data Router Provisioning Server.
+#
+#  $Id: drtrprov,v 1.3 2013/10/29 16:57:57 eby Exp $
+#
+
+umask 0022
+
+JAVA_HOME=/opt/java/jdk/jdk180
+JAVA_OPTS="-Xms2G -Xmx8G"
+TZ=GMT0
+PATH=$JAVA_HOME/bin:/bin:/usr/bin
+CLASSPATH=`echo /opt/app/datartr/etc /opt/app/datartr/lib/*.jar | tr ' ' ':'`
+export CLASSPATH JAVA_HOME JAVA_OPTS TZ PATH
+
+pids() {
+	pgrep -u datartr -f provisioning.Main
+}
+
+start() {
+	ID=`id -n -u`
+	GRP=`id -n -g`
+	if [ "$ID" != "root" ]
+	then
+		echo drtrprov must be started as user datartr not $ID
+		exit 1
+	fi
+#  if [ "$GRP" != "datartr" ]
+# 	then
+# 		echo drtrprov must be started as group datartr not $GRP
+# 		exit 1
+# 	fi  
+# 	cd /opt/app/datartr
+# 	if etc/havecert
+# 	then
+# 		echo >/dev/null
+# 	else
+# 		echo No certificate file available.  Cannot start
+# 		exit 0
+# 	fi
+	if [ "`pgrep -u mysql mysqld`" = "" ]
+	then
+		echo MySQL is not running.  It must be started before drtrprov
+		exit 0
+	fi
+	PIDS=`pids`
+	if [ "$PIDS" != "" ]
+	then
+		echo drtrprov already running
+		exit 0
+	fi
+	echo '0 1 * * * /opt/app/datartr/bin/runreports' | crontab
+	nohup java $JAVA_OPTS com.att.research.datarouter.provisioning.Main </dev/null &
+	sleep 5
+	PIDS=`pids`
+	if [ "$PIDS" = "" ]
+	then
+		echo drtrprov startup failed
+	else
+		echo drtrprov started
+	fi
+}
+
+stop() {
+	ID=`id -n -u`
+	GRP=`id -n -g`
+	if [ "$ID" != "datartr" ]
+	then
+		echo drtrprov must be stopped as user datartr not $ID
+		exit 1
+	fi
+	if [ "$GRP" != "datartr" ]
+	then
+		echo drtrprov must be stopped as group datartr not $GRP
+		exit 1
+	fi
+	/usr/bin/curl http://127.0.0.1:8080/internal/halt
+	sleep 5
+	PIDS=`pids`
+	if [ "$PIDS" != "" ]
+	then
+		sleep 5
+		kill -9 $PIDS
+		sleep 5
+		echo drtrprov stopped
+	else
+		echo drtrprov not running
+	fi
+}
+
+status() {
+	PIDS=`pids`
+	if [ "$PIDS" != "" ]
+	then
+		echo drtrprov running
+	else
+		echo drtrprov not running
+	fi
+}
+
+case "$1" in
+'start')
+	start
+	;;
+'stop')
+	stop
+	;;
+'restart')
+	stop
+	sleep 20
+	start
+	;;
+'status')
+	status
+	;;
+*)
+	echo "Usage: $0 { start | stop | restart | status }"
+	exit 1
+	;;
+esac
+exit 0
diff --git a/datarouter-prov/src/main/resources/misc/havecert.tmpl b/datarouter-prov/src/main/resources/misc/havecert.tmpl
new file mode 100644
index 00000000..e2389868
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/havecert.tmpl
@@ -0,0 +1,11 @@
+#!/bin/bash
+cat <<!EOF
+TZ=GMT0
+cd /opt/app/datartr;
+if [ -f ${DRTR_PROV_KSTOREFILE:-etc/keystore} ]
+then
+	exit 0
+fi
+echo `date '+%F %T,000'` WARN Certificate file "${DRTR_PROV_KSTOREFILE:-etc/keystore}" is missing >>${DRTR_PROV_LOGS:-logs}/provint.log
+exit 1
+!EOF
diff --git a/datarouter-prov/src/main/resources/misc/log4j.drroute.properties b/datarouter-prov/src/main/resources/misc/log4j.drroute.properties
new file mode 100644
index 00000000..4ff4278c
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/log4j.drroute.properties
@@ -0,0 +1,41 @@
+#-------------------------------------------------------------------------------
+# ============LICENSE_START==================================================
+# * org.onap.dmaap
+# * ===========================================================================
+# * Copyright � 2017 AT&T Intellectual Property. All rights reserved.
+# * ===========================================================================
+# * Licensed under the Apache License, Version 2.0 (the "License");
+# * you may not use this file except in compliance with the License.
+# * You may obtain a copy of the License at
+# * 
+#  *      http://www.apache.org/licenses/LICENSE-2.0
+# * 
+#  * Unless required by applicable law or agreed to in writing, software
+# * distributed under the License is distributed on an "AS IS" BASIS,
+# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# * See the License for the specific language governing permissions and
+# * limitations under the License.
+# * ============LICENSE_END====================================================
+# *
+# * ECOMP is a trademark and service mark of AT&T Intellectual Property.
+# *
+#-------------------------------------------------------------------------------
+#
+#                        AT&T - PROPRIETARY
+#          THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+#        AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+#             ACCORDANCE WITH APPLICABLE AGREEMENTS.
+#
+#          Copyright (c) 2013 AT&T Knowledge Ventures
+#              Unpublished and Not for Publication
+#                     All Rights Reserved
+#
+# CVS: $Id: log4j.drroute.properties,v 1.1 2013/11/06 16:23:54 eby Exp $
+#	This log4j properties file is used only by dr-route
+#
+
+log4j.rootLogger=INFO, stdout
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.Target=System.out
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
diff --git a/datarouter-prov/src/main/resources/misc/log4j.properties.tmpl b/datarouter-prov/src/main/resources/misc/log4j.properties.tmpl
new file mode 100644
index 00000000..ed1d7fab
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/log4j.properties.tmpl
@@ -0,0 +1,68 @@
+cat <<!EOF
+#
+#                        AT&T - PROPRIETARY
+#          THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+#        AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+#             ACCORDANCE WITH APPLICABLE AGREEMENTS.
+#
+#          Copyright (c) 2013 AT&T Knowledge Ventures
+#              Unpublished and Not for Publication
+#                     All Rights Reserved
+#
+# CVS: $Id: log4j.properties.tmpl,v 1.4 2014/01/13 19:44:57 eby Exp $
+#
+
+log4j.rootLogger=info
+
+#
+# Logger used for provisioning events
+#
+log4j.logger.com.att.research.datarouter.provisioning.events=info, eventlog
+log4j.additivity.com.att.research.datarouter.provisioning.events=false
+
+log4j.appender.eventlog=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.eventlog.file=${DRTR_PROV_LOGS:-/opt/app/datartr/logs}/provevent.log
+log4j.appender.eventlog.datePattern='.'yyyyMMdd
+log4j.appender.eventlog.append=true
+log4j.appender.eventlog.layout=org.apache.log4j.PatternLayout
+log4j.appender.eventlog.layout.ConversionPattern=%d %-5p [%t] - %m%n
+
+#
+# Logger used for internal provisioning server events
+#
+log4j.logger.com.att.research.datarouter.provisioning.internal=debug, intlog
+log4j.additivity.com.att.research.datarouter.provisioning.internal=false
+
+log4j.appender.intlog=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.intlog.file=${DRTR_PROV_LOGS:-/opt/app/datartr/logs}/provint.log
+log4j.appender.intlog.datePattern='.'yyyyMMdd
+log4j.appender.intlog.append=true
+log4j.appender.intlog.layout=org.apache.log4j.PatternLayout
+log4j.appender.intlog.layout.ConversionPattern=%d %-5p [%t] - %m%n
+
+#
+# Logger used for policy engine
+#
+log4j.logger.com.att.research.datarouter.authz.impl.ProvAuthorizer=debug, pelog
+log4j.additivity.com.att.research.datarouter.authz.impl.ProvAuthorizer=false
+
+log4j.appender.pelog=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.pelog.file=${DRTR_PROV_LOGS:-/opt/app/datartr/logs}/policyengine.log
+log4j.appender.pelog.datePattern='.'yyyyMMdd
+log4j.appender.pelog.append=true
+log4j.appender.pelog.layout=org.apache.log4j.PatternLayout
+log4j.appender.pelog.layout.ConversionPattern=%d %-5p [%t] - %m%n
+
+#
+# Logger used for Jetty server
+#
+log4j.logger.org.eclipse.jetty=info, jetty
+log4j.additivity.org.eclipse.jetty.server.Server=false
+
+log4j.appender.jetty=org.apache.log4j.DailyRollingFileAppender
+log4j.appender.jetty.file=${DRTR_PROV_LOGS:-/opt/app/datartr/logs}/jetty.log
+log4j.appender.jetty.datePattern='.'yyyyMMdd
+log4j.appender.jetty.append=true
+log4j.appender.jetty.layout=org.apache.log4j.PatternLayout
+log4j.appender.jetty.layout.ConversionPattern=%d %-5p [%t] - %m%n
+!EOF
diff --git a/datarouter-prov/src/main/resources/misc/mysql_dr_schema.sql b/datarouter-prov/src/main/resources/misc/mysql_dr_schema.sql
new file mode 100644
index 00000000..837030c3
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/mysql_dr_schema.sql
@@ -0,0 +1,139 @@
+create database datarouter;
+
+use datarouter;
+
+CREATE TABLE FEEDS (
+    FEEDID         INT UNSIGNED NOT NULL PRIMARY KEY,
+    NAME           VARCHAR(20) NOT NULL,
+    VERSION        VARCHAR(20) NOT NULL,
+    DESCRIPTION    VARCHAR(256),
+    AUTH_CLASS     VARCHAR(32) NOT NULL,
+    PUBLISHER      VARCHAR(8) NOT NULL,
+    SELF_LINK      VARCHAR(256),
+    PUBLISH_LINK   VARCHAR(256),
+    SUBSCRIBE_LINK VARCHAR(256),
+    LOG_LINK       VARCHAR(256),
+    DELETED        BOOLEAN DEFAULT FALSE,
+    LAST_MOD       TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE FEED_ENDPOINT_IDS (
+    FEEDID        INT UNSIGNED NOT NULL,
+    USERID        VARCHAR(20) NOT NULL,
+    PASSWORD      VARCHAR(32) NOT NULL
+);
+
+CREATE TABLE FEED_ENDPOINT_ADDRS (
+    FEEDID        INT UNSIGNED NOT NULL,
+    ADDR          VARCHAR(44) NOT NULL
+);
+
+CREATE TABLE SUBSCRIPTIONS (
+    SUBID              INT UNSIGNED NOT NULL PRIMARY KEY,
+    FEEDID             INT UNSIGNED NOT NULL,
+    DELIVERY_URL       VARCHAR(256),
+    DELIVERY_USER      VARCHAR(20),
+    DELIVERY_PASSWORD  VARCHAR(32),
+    DELIVERY_USE100    BOOLEAN DEFAULT FALSE,
+    METADATA_ONLY      BOOLEAN DEFAULT FALSE,
+    SUBSCRIBER         VARCHAR(8) NOT NULL,
+    SELF_LINK          VARCHAR(256),
+    LOG_LINK           VARCHAR(256),
+    LAST_MOD           TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+CREATE TABLE PARAMETERS (
+    KEYNAME        VARCHAR(32) NOT NULL PRIMARY KEY,
+    VALUE          VARCHAR(4096) NOT NULL
+);
+
+CREATE TABLE LOG_RECORDS (
+    TYPE	   ENUM('pub', 'del', 'exp') NOT NULL,
+    EVENT_TIME     BIGINT NOT NULL,           /* time of the publish request */
+    PUBLISH_ID     VARCHAR(64) NOT NULL,      /* unique ID assigned to this publish attempt */
+    FEEDID         INT UNSIGNED NOT NULL,     /* pointer to feed in FEEDS */
+    REQURI         VARCHAR(256) NOT NULL,     /* request URI */
+    METHOD         ENUM('DELETE', 'GET', 'HEAD', 'OPTIONS', 'PUT', 'POST', 'TRACE') NOT NULL, /* HTTP method */
+    CONTENT_TYPE   VARCHAR(256) NOT NULL,     /* content type of published file */
+    CONTENT_LENGTH BIGINT UNSIGNED NOT NULL,  /* content length of published file */
+
+    FEED_FILEID    VARCHAR(128),		/* file ID of published file */
+    REMOTE_ADDR    VARCHAR(40),			/* IP address of publishing endpoint */
+    USER           VARCHAR(20),			/* user name of publishing endpoint */
+    STATUS         SMALLINT,			/* status code returned to delivering agent */
+
+    DELIVERY_SUBID INT UNSIGNED,		/* pointer to subscription in SUBSCRIPTIONS */
+    DELIVERY_FILEID  VARCHAR(128),		/* file ID of file being delivered */
+    RESULT         SMALLINT,			/* result received from subscribing agent */
+
+    ATTEMPTS       INT,				/* deliveries attempted */
+    REASON         ENUM('notRetryable', 'retriesExhausted'),
+
+    RECORD_ID      BIGINT UNSIGNED NOT NULL PRIMARY KEY, /* unique ID for this record */
+
+    INDEX (FEEDID) USING BTREE,
+    INDEX (DELIVERY_SUBID) USING BTREE,
+    INDEX (RECORD_ID) USING BTREE
+) ENGINE = MyISAM;
+
+CREATE TABLE INGRESS_ROUTES (
+    SEQUENCE  INT UNSIGNED NOT NULL,
+    FEEDID    INT UNSIGNED NOT NULL,
+    USERID    VARCHAR(20),
+    SUBNET    VARCHAR(44),
+    NODESET   INT UNSIGNED NOT NULL
+);
+
+CREATE TABLE EGRESS_ROUTES (
+    SUBID    INT UNSIGNED NOT NULL PRIMARY KEY,
+    NODEID   INT UNSIGNED NOT NULL
+);
+
+CREATE TABLE NETWORK_ROUTES (
+    FROMNODE INT UNSIGNED NOT NULL,
+    TONODE   INT UNSIGNED NOT NULL,
+    VIANODE  INT UNSIGNED NOT NULL
+);
+
+CREATE TABLE NODESETS (
+    SETID   INT UNSIGNED NOT NULL,
+    NODEID  INT UNSIGNED NOT NULL
+);
+
+CREATE TABLE NODES (
+    NODEID  INT UNSIGNED NOT NULL PRIMARY KEY,
+    NAME    VARCHAR(255) NOT NULL,
+    ACTIVE  BOOLEAN DEFAULT TRUE
+);
+
+CREATE TABLE GROUPS (
+    GROUPID  INT UNSIGNED NOT NULL PRIMARY KEY,
+    AUTHID    VARCHAR(100) NOT NULL,
+    NAME    VARCHAR(50) NOT NULL,
+    DESCRIPTION    VARCHAR(255),
+    CLASSIFICATION    VARCHAR(20) NOT NULL,
+    MEMBERS    TINYTEXT,
+    LAST_MOD       TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+);
+
+-- 'PROV_AUTH_ADDRESSES', '192.168.56.1' ipv4 address of provision server
+INSERT INTO PARAMETERS VALUES
+	('ACTIVE_POD',  '127.0.0.1'),
+	('PROV_ACTIVE_NAME',  '${PROV_ACTIVE_NAME}'),
+	('STANDBY_POD', '${DRTR_PROV_STANDBYPOD}'),
+	('PROV_NAME',   'ALCDTL47TJ6015:6080'),
+	('NODES',       '127.0.0.1:8080'),
+	('PROV_DOMAIN', '127.0.0.1'),
+	('DELIVERY_INIT_RETRY_INTERVAL', '10'),
+	('DELIVERY_MAX_AGE', '86400'),
+	('DELIVERY_MAX_RETRY_INTERVAL', '3600'),
+	('DELIVERY_RETRY_RATIO', '2'),
+	('LOGROLL_INTERVAL', '300'),
+	('PROV_AUTH_ADDRESSES', '192.168.56.1'), 
+	('PROV_AUTH_SUBJECTS', ''),
+	('PROV_MAXFEED_COUNT',	'10000'),
+	('PROV_MAXSUB_COUNT',	'100000'),
+	('PROV_REQUIRE_CERT', 'false'),
+	('PROV_REQUIRE_SECURE', 'false'),
+	('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE')
+	;
+\ No newline at end of file
diff --git a/datarouter-prov/src/main/resources/misc/notes b/datarouter-prov/src/main/resources/misc/notes
new file mode 100644
index 00000000..e3f872e7
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/notes
@@ -0,0 +1,78 @@
+Package notes for com.att.dmaap.datarouter:prov
+
+This component is for the Data Router Provisioning Server software.
+
+The following pre-requisite components should already be present:
+	com.att.aft.swm:swm-cli
+	com.att.aft.swm:swm-node
+	- SWM Variables: AFTSWM_AUTOLINK_PARENTS=/opt/app:/opt/app/workload,/opt/app/aft:/opt/app/workload/aft
+	com.att.platform:uam-auto
+	com.att.java:jdk8lin
+	com.att.platform:initd
+	com.att.platform:port-fwd
+	- SWM Variables: PLATFORM_PORT_FWD=80,8080|443,8443
+	mysql:mysql
+	mysql:mysql-config
+	- SWM Variables: MYSQL_CONFIG_SIZE=small
+		MYSQL_DB_DATABASES=datarouter
+		MYSQL_DB_datarouter_USERS=datarouter,tier2
+		MYSQL_DB_datarouter_USERS_datarouter_LEVEL=RW
+		MYSQL_DB_datarouter_USERS_datarouter_PASSWORD=datarouter
+		MYSQL_DB_datarouter_USERS_tier2_LEVEL=RO
+		MYSQL_DB_datarouter_USERS_tier2_PASSWORD=<password>
+		MYSQL_MAX_ALLOWED_PACKET=32M
+		MYSQL_MAX_CONNECTIONS=300
+		MYSQL_PASSWORD=datarouter
+		MYSQL_PORT=3306
+
+
+In a production environment, the SWM variables that MUST be overwridden are:
+	DRTR_PROV_ACTIVEPOD, DRTR_PROV_STANDBYPOD, DRTR_PROV_NODES
+In addition, in a non-production environment, the DRTR_PROV_CNAME SWM variable
+must also be overwridden.
+
+The SWM variables that can be set to control the provisioning server are:
+
+DRTR_PROV_ACTIVEPOD
+	The FQDN of the active POD
+DRTR_PROV_STANDBYPOD
+	The FQDN of the standby POD
+DRTR_PROV_CNAME (default feeds-drtr.web.att.com)
+	The DNS CNAME used for the prov server in this environment.
+DRTR_PROV_NODES
+	Pipe-delimited list of DR nodes to init the DB with.
+DRTR_PROV_DOMAIN (default web.att.com)
+	Domain to use for non-FQDN node names
+
+DRTR_PROV_INTHTTPPORT (default 8080)
+	The TCP/IP port number the component should listen on for "go fetch"
+	requests from the provisioning server
+DRTR_PROV_INTHTTPSPORT (default 8443)
+	The TCP/IP port number the component should listen on for publish
+	requests from feed publishers and other nodes
+DRTR_PROV_LOGS (default /opt/app/datartr/logs)
+	The directory where log files should be kept
+DRTR_PROV_SPOOL (default /opt/app/datartr/spool)
+	The directory where logfiles from the DR nodes are spooled before being
+	imported into the DB.
+
+DRTR_PROV_KEYMGRPASS (default changeit)
+	The password for the key manager
+DRTR_PROV_KSTOREFILE (default /opt/app/datartr/etc/keystore)
+	The java keystore file containing the server certificate and private key
+	for this server
+DRTR_PROV_KSTOREPASS (default changeit)
+	The password for the keystore file
+DRTR_PROV_TSTOREFILE (by default, use the truststore from the Java JDK)
+	The java keystore file containing the trusted certificate authority
+	certificates
+DRTR_PROV_TSTOREPASS (default changeit)
+	The password for the trust store file.  Only applies if a trust store
+	file is specified.
+
+DRTR_PROV_DBLOGIN (default datarouter)
+	The login used to access MySQL
+DRTR_PROV_DBPASS (default datarouter)
+	The password used to access MySQL
+DRTR_PROV_DBSCRIPTS (default /opt/app/datartr/etc)
+	The directory containing DB initialization scripts
diff --git a/datarouter-prov/src/main/resources/misc/provcmd b/datarouter-prov/src/main/resources/misc/provcmd
new file mode 100644
index 00000000..63efa543
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/provcmd
@@ -0,0 +1,163 @@
+#!/bin/bash
+#
+#                        AT&T - PROPRIETARY
+#          THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+#        AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+#             ACCORDANCE WITH APPLICABLE AGREEMENTS.
+#
+#          Copyright (c) 2013 AT&T Knowledge Ventures
+#              Unpublished and Not for Publication
+#                     All Rights Reserved
+#
+#  provcmd -- A script to interact with a provisioning server to manage the provisioning parameters.
+#     Set $VERBOSE to a non-empty string to see the curl commands as they are executed.
+#
+#  $Id: provcmd,v 1.6 2014/03/31 13:23:33 eby Exp $
+#
+
+PATH=/opt/app/datartr/bin:/bin:/usr/bin:$PATH
+PROVCMD="$0"
+export PATH PROVSRVR PROVCMD NOPROXY
+
+if [ ! -x /usr/bin/curl ]
+then
+	echo provcmd: curl is required for this tool.
+	exit 1
+fi
+optloop=
+while [ -z "$optloop" ]
+do
+	if [ "$1" == '-s' ]
+	then
+		shift
+		PROVSRVR="$1"
+		shift
+	elif [ "$1" == '-v' ]
+	then
+		shift
+		VERBOSE=x
+	elif [ "$1" == '-N' ]
+	then
+		shift
+		NOPROXY='?noproxy=1'
+	else
+		optloop=1
+	fi
+done
+if [ -z "$PROVSRVR" ]
+then
+	echo "provcmd: you need to specify the server, either via the -s option"
+	echo "         or by setting and exporting PROVSRVR"
+	exit 1
+fi
+
+CMD="$1"
+shift
+if [ "$CMD" == 'delete' ]
+then
+	if [ $# -gt 0 ]
+	then
+		for i
+		do
+			[ -n "$VERBOSE" ] && echo curl -4 -k -X DELETE "https://$PROVSRVR/internal/api/$1$NOPROXY"
+			curl -4 -k -X DELETE "https://$PROVSRVR/internal/api/$1$NOPROXY"
+		done
+		exit 0
+	fi
+elif [ "$CMD" == 'create' ]
+then
+	if [ $# -eq 2 ]
+	then
+		# create (with POST), then set the value
+		[ -n "$VERBOSE" ] && echo curl -4 -k -X POST --data '' "https://$PROVSRVR/internal/api/$1$NOPROXY"
+		curl -4 -k -X POST --data '' "https://$PROVSRVR/internal/api/$1$NOPROXY"
+		$PROVCMD set "$1" "$2"
+		exit 0
+	fi
+elif [ "$CMD" == 'get' ]
+then
+	if [ $# -eq 1 ]
+	then
+		# get
+		[ -n "$VERBOSE" ] && echo curl -4 -k "https://$PROVSRVR/internal/api/$1$NOPROXY"
+		curl -4 -k "https://$PROVSRVR/internal/api/$1$NOPROXY" 2>/dev/null | tr '|' '\012' | sort
+		exit 0
+	fi
+elif [ "$CMD" == 'set' ]
+then
+	if [ $# -ge 2 ]
+	then
+		p="$1"
+		shift
+		v=""
+		for i; do [ -n "$v" ] && v="$v|"; v="$v$i"; done
+		# set (with PUT)
+		ue=`urlencode "$v"`
+		NOPROXY=`echo $NOPROXY | tr '?' '&'`
+		[ -n "$VERBOSE" ] && echo curl -4 -k -X PUT "https://$PROVSRVR/internal/api/$p?val=$ue$NOPROXY"
+		curl -4 -k -X PUT "https://$PROVSRVR/internal/api/$p?val=$ue$NOPROXY"
+		exit 0
+	fi
+elif [ "$CMD" == 'append' ]
+then
+	if [ $# -ge 2 ]
+	then
+		p="$1"
+		shift
+		tmp=`curl -4 -k "https://$PROVSRVR/internal/api/$p$NOPROXY" 2>/dev/null`
+		$PROVCMD set "$p" "$tmp" "$@"
+		exit 0
+	fi
+elif [ "$CMD" == 'remove' ]
+then
+	if [ $# -eq 2 ]
+	then
+		p="$1"
+		rm="$2"
+		$PROVCMD get "$p" | grep -v "^$rm\$" > /tmp/pc$$
+		IFS=$'\r\n'
+		$PROVCMD set "$p" `cat /tmp/pc$$`
+		rm /tmp/pc$$
+		exit 0
+	fi
+fi
+
+# Some error somewhere - display usage
+cat <<'EOF'
+usage: provcmd [ -s server ] delete name1 [ name2 ... ]
+       provcmd [ -s server ] get name
+       provcmd [ -s server ] create name value
+       provcmd [ -s server ] set name value1 [ value2 ... ]
+       provcmd [ -s server ] append name value1 [ value2 ... ]
+       provcmd [ -s server ] remove name value
+
+delete - remove the parameters named name1, name2 ...
+get    - displays the parameters' value
+create - creates a new parameter
+set    - sets the value of an existing parameter
+append - appends the value to a list-based parameter
+remove - removes a value from a list based parameter
+
+server - the provisioning server FQDN (feeds-drtr.web.att.com for production)
+
+Standard Parameters Names:
+------------------------------
+ACTIVE_POD
+DELIVERY_INIT_RETRY_INTERVAL
+DELIVERY_MAX_AGE
+DELIVERY_MAX_RETRY_INTERVAL
+DELIVERY_RETRY_RATIO
+LOGROLL_INTERVAL
+NODES
+PROV_ACTIVE_NAME
+PROV_AUTH_ADDRESSES
+PROV_AUTH_SUBJECTS
+PROV_DOMAIN
+PROV_MAXFEED_COUNT
+PROV_MAXSUB_COUNT
+PROV_NAME
+PROV_REQUIRE_CERT
+PROV_REQUIRE_SECURE
+STANDBY_POD
+EOF
+exit 1
diff --git a/datarouter-prov/src/main/resources/misc/runreports b/datarouter-prov/src/main/resources/misc/runreports
new file mode 100644
index 00000000..009b7496
--- /dev/null
+++ b/datarouter-prov/src/main/resources/misc/runreports
@@ -0,0 +1,54 @@
+#!/bin/bash
+#
+#                        AT&T - PROPRIETARY
+#          THIS FILE CONTAINS PROPRIETARY INFORMATION OF
+#        AT&T AND IS NOT TO BE DISCLOSED OR USED EXCEPT IN
+#             ACCORDANCE WITH APPLICABLE AGREEMENTS.
+#
+#          Copyright (c) 2013 AT&T Knowledge Ventures
+#              Unpublished and Not for Publication
+#                     All Rights Reserved
+#
+#  This script runs daily to generate reports files in the logs directory.
+#
+#  $Id: runreports,v 1.2 2013/11/06 16:23:54 eby Exp $
+#
+
+umask 0022
+
+JAVA_HOME=/opt/java/jdk/jdk180
+JAVA_OPTS="-Xms1G -Xmx4G"
+JAVA_CLASS=com.att.research.datarouter.reports.Report
+TZ=GMT0
+PATH=$JAVA_HOME/bin:/bin:/usr/bin
+CLASSPATH=`echo /opt/app/datartr/etc /opt/app/datartr/lib/*.jar | tr ' ' ':'`
+LOGDIR=/opt/app/datartr/logs
+YESTERDAY=`/bin/date --date=yesterday '+%Y%m%d'`
+
+export CLASSPATH JAVA_HOME JAVA_OPTS TZ PATH
+
+ID=`id -n -u`
+GRP=`id -n -g`
+if [ "$ID" != "datartr" ]
+then
+	echo runreports must be started as user datartr not $ID
+	exit 1
+fi
+if [ "$GRP" != "datartr" ]
+then
+	echo runreports must be started as group datartr not $GRP
+	exit 1
+fi
+if [ "`pgrep -u mysql mysqld`" = "" ]
+then
+	echo MySQL is not running.  It must be started before runreports
+	exit 1
+fi
+
+# Volume report
+java $JAVA_OPTS $JAVA_CLASS -t volume -o $LOGDIR/volume.csv.$YESTERDAY yesterday </dev/null >/dev/null
+
+# Subscriber report
+java $JAVA_OPTS $JAVA_CLASS -t subscriber -o $LOGDIR/subscriber.csv.$YESTERDAY yesterday </dev/null >/dev/null
+
+exit 0