diff options
author | Jorge Hernandez <jh1730@att.com> | 2018-04-30 19:53:29 -0500 |
---|---|---|
committer | Jorge Hernandez <jh1730@att.com> | 2018-05-06 22:26:03 -0500 |
commit | 823691fb0dbf7538b5d3319c1b3afdb051c001dd (patch) | |
tree | 9810cac402a2149022b2b5c35d9e7fbee99c4686 | |
parent | f4eea37ac0a03de52c254707887b69626aa9df78 (diff) |
oom tweaks in pap configuration for pdp-x pooling
paplp_1 process is unused and causes intermittent bad
behavior when issuing healthchecks. Since it provides
no apparent benefit integrity monitor usage has been
disabled.
preloading policies apis are executed when the PAP come up.
The PDP-Xs take longer to come up, therefore the
push-policies script causes bad interactions. This operation
has to be triggered after all the PDP-Xs are up and properly
running, which is difficult to predict. Therefore, it is moved
to a manual step execution. In the future, we could think of'how
perhaps execute autonomously by some other means. It does not
currently work as is, so it is disabled, at least temporarily,
there were a couple problems with pap.conf, first the pdps hostname
need to be explicitly provided, as PAP keeps a white list of pdp hosts
that can connect to it and be served policies. Another limitation
is the format, note the change to ";" to separate pdps, instead of ",".
Further the automatic configuration sequence is only made for 1 PDP-X,
does not work well when multiple PDP-Xs are provided, so for the first
PDP-X, the credentials need to be explicitly added, otherwise, it
denies access to PDP-Xs.
Change-Id: I5d4a9a39822c036db26e97edb594ecaaa27f80d8
Issue-ID: POLICY-768
Signed-off-by: Jorge Hernandez <jh1730@att.com>
-rw-r--r-- | kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf | 4 | ||||
-rw-r--r-- | kubernetes/policy/resources/config/pe/pap.conf | 2 | ||||
-rw-r--r-- | kubernetes/policy/values.yaml | 2 |
3 files changed, 4 insertions, 4 deletions
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf index 7b13116e34..8e0b88213d 100644 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf @@ -30,7 +30,7 @@ TOMCAT_X_MX_MB=1024 UEB_CLUSTER=message-router REST_PAP_URL=http://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ -REST_PDP_ID=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/ +REST_PDP_ID=http://${{"{{"}}FQDN{{"}}"}}:{{.Values.service.externalPort}}/pdp/ REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps REST_PDP_REGISTER=true @@ -46,7 +46,7 @@ PDP_PAP_PDP_HTTP_PASSWORD=alpha123 node_type=pdp_xacml resource_name=pdp_1 -dependency_groups=pdplp_1;brmsgw_1 +dependency_groups=brmsgw_1 test_via_jmx=true # diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf index 39199d7f1a..ae9d47c491 100644 --- a/kubernetes/policy/resources/config/pe/pap.conf +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -39,7 +39,7 @@ REST_ADMIN_REPOSITORY=repository REST_ADMIN_WORKSPACE=workspace # PDP related properties -PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/,http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/ +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/ PAP_PDP_HTTP_USER_ID=testpdp PAP_PDP_HTTP_PASSWORD=alpha123 diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 4ab6e11ec7..c2c9747747 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -65,7 +65,7 @@ debugEnabled: false # application configuration config: - preloadPolicies: true + preloadPolicies: false pdpPort: 8081 # default number of instances |