diff options
author | jhh <jorge.hernandez-herrero@att.com> | 2020-08-09 12:08:08 -0500 |
---|---|---|
committer | Jorge Hernandez <jorge.hernandez-herrero@att.com> | 2020-08-27 21:06:19 +0000 |
commit | d425867ae1c52a9b31a06f1dea8810c1c7a0af65 (patch) | |
tree | 15f646c0ab60a2df0916ffd155790b81150b9ff4 /kubernetes/policy/charts/pdp | |
parent | 15c9df97f8bd5d7871b7287a2f525059e3ccb033 (diff) |
[POLICY] certInit support + refactoring
Several changes are including in this patch:
- certInitializer support (POLICY-2615, REQ-361)
- renamed policy objects to start with "policy-"
prefix (POLICY-1000)
- add resources section to components that did not
have or had it incorrectly set up rendering null
(POLICY-2502)
- Removal of legacy policy-engine components (POLICY-2743)
- Miscellaneous refactoring of charts (POLICY-2745)
- update pdp legacy reference to policy-xacml-pdp from
pdp (legacy)
Issue-ID: POLICY-2615
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I8b6984a663bbb14d331a366ec02b6dd38755cde7
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'kubernetes/policy/charts/pdp')
12 files changed, 0 insertions, 741 deletions
diff --git a/kubernetes/policy/charts/pdp/Chart.yaml b/kubernetes/policy/charts/pdp/Chart.yaml deleted file mode 100644 index 25301ee483..0000000000 --- a/kubernetes/policy/charts/pdp/Chart.yaml +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -description: ONAP Policy PDP -name: pdp -version: 6.0.0 diff --git a/kubernetes/policy/charts/pdp/requirements.yaml b/kubernetes/policy/charts/pdp/requirements.yaml deleted file mode 100644 index d3c442d32e..0000000000 --- a/kubernetes/policy/charts/pdp/requirements.yaml +++ /dev/null @@ -1,22 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -dependencies: - - name: common - version: ~6.x-0 - # local reference to common chart, as it is - # a part of this chart's package and will not - # be published independently to a repo (at this point) - repository: '@local' diff --git a/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml deleted file mode 100644 index daa4112e51..0000000000 --- a/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml +++ /dev/null @@ -1,150 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<!-- -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. ---> - -<configuration scan="true" scanPeriod="3 seconds" debug="true"> - <!--<jmxConfigurator /> --> - <!-- specify the base path of the log directory --> - <property name="logDir" value="/var/log/onap" /> - <!-- specify the component name --> - <property name="componentName" value="policy" /> - <!-- specify the sub component name --> - <property name="subComponentName" value="xacml-pdp-rest" /> - <!-- The directories where logs are written --> - <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> - <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" /> - <!-- log file names --> - <property name="errorLogName" value="error" /> - <property name="metricsLogName" value="metrics" /> - <property name="auditLogName" value="audit" /> - <property name="debugLogName" value="debug" /> - <property name="queueSize" value="256" /> - <property name="maxFileSize" value="50MB" /> - <property name="maxHistory" value="30" /> - <property name="totalSizeCap" value="10GB" /> - <!-- Example evaluator filter applied against console appender --> - <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> - <encoder> - <pattern>${pattern}</pattern> - </encoder> - </appender> - <!-- ============================================================================ --> - <!-- EELF Appenders --> - <!-- ============================================================================ --> - <!-- The EELFAppender is used to record events to the general application - log --> - <!-- EELF Audit Appender. This appender is used to record audit engine - related logging events. The audit logger and appender are specializations - of the EELF application root logger and appender. This can be used to segregate - Policy engine events from other components, or it can be eliminated to record - these events as part of the application root log. --> - <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${auditLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> - <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> - <maxFileSize>${maxFileSize}</maxFileSize> - </timeBasedFileNamingAndTriggeringPolicy> - <maxHistory>${maxHistory}</maxHistory> - <totalSizeCap>${totalSizeCap}</totalSizeCap> - </rollingPolicy> - <encoder> - <pattern>${pattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFAudit" /> - </appender> - <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${metricsLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> - <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> - <maxFileSize>${maxFileSize}</maxFileSize> - </timeBasedFileNamingAndTriggeringPolicy> - <maxHistory>${maxHistory}</maxHistory> - <totalSizeCap>${totalSizeCap}</totalSizeCap> - </rollingPolicy> - <encoder> - <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - - %msg%n"</pattern> --> - <pattern>${pattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFMetrics" /> - </appender> - <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${errorLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> - <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> - <maxFileSize>${maxFileSize}</maxFileSize> - </timeBasedFileNamingAndTriggeringPolicy> - <maxHistory>${maxHistory}</maxHistory> - <totalSizeCap>${totalSizeCap}</totalSizeCap> - </rollingPolicy> - <encoder> - <pattern>${pattern}</pattern> - </encoder> - <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> - <level>INFO</level> - </filter> - </appender> - <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFError" /> - </appender> - <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> - <file>${logDirectory}/${debugLogName}.log</file> - <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> - <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> - <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> - <maxFileSize>${maxFileSize}</maxFileSize> - </timeBasedFileNamingAndTriggeringPolicy> - <maxHistory>${maxHistory}</maxHistory> - <totalSizeCap>${totalSizeCap}</totalSizeCap> - </rollingPolicy> - <encoder> - <pattern>${pattern}</pattern> - </encoder> - </appender> - <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> - <queueSize>${queueSize}</queueSize> - <appender-ref ref="EELFDebug" /> - <includeCallerData>true</includeCallerData> - </appender> - <!-- ============================================================================ --> - <!-- EELF loggers --> - <!-- ============================================================================ --> - <logger name="com.att.eelf.audit" level="info" additivity="false"> - <appender-ref ref="asyncEELFAudit" /> - </logger> - <logger name="com.att.eelf.metrics" level="info" additivity="false"> - <appender-ref ref="asyncEELFMetrics" /> - </logger> - <logger name="com.att.eelf.error" level="info" additivity="false"> - <appender-ref ref="asyncEELFError" /> - </logger> - <logger name="com.att.eelf.debug" level="debug" additivity="false"> - <appender-ref ref="asyncEELFDebug" /> - </logger> - <root level="INFO"> - <appender-ref ref="asyncEELFDebug" /> - </root> -</configuration> diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh deleted file mode 100644 index 6060fe9b6f..0000000000 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh +++ /dev/null @@ -1,16 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#! /bin/bash - diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf deleted file mode 100644 index bb12880ca7..0000000000 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf +++ /dev/null @@ -1,70 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# pdp component installation configuration parameters - -# tomcat specific parameters - -TOMCAT_JMX_PORT=9991 -TOMCAT_SHUTDOWN_PORT=8087 -SSL_HTTP_CONNECTOR_PORT=8081 -SSL_AJP_CONNECTOR_PORT=8381 -SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 - -TOMCAT_X_MS_MB=1024 -TOMCAT_X_MX_MB=1024 - -# pdp properties - -UEB_CLUSTER=message-router - -REST_PAP_URL=https://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ -REST_PDP_ID=https://${{"{{"}}FQDN{{"}}"}}:{{.Values.service.externalPort}}/pdp/ -REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config -REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps -REST_PDP_REGISTER=true -REST_PDP_REGISTER_SLEEP=15 -REST_PDP_REGISTER_RETRIES=-1 -REST_PDP_MAXCONTENT=999999999 - -# PDP related properties -PDP_HTTP_USER_ID=${PDP_HTTP_USER_ID} -PDP_HTTP_PASSWORD=${PDP_HTTP_PASSWORD} -PDP_PAP_PDP_HTTP_USER_ID=${PDP_PAP_PDP_HTTP_USER_ID} -PDP_PAP_PDP_HTTP_PASSWORD=${PDP_PAP_PDP_HTTP_PASSWORD} - -node_type=pdp_xacml -resource_name=pdp_1 -dependency_groups=brmsgw_1 -test_via_jmx=true - -# -# Notification Properties -# Notification type: websocket, ueb or dmaap... if left blank websocket is the default -PDP_NOTIFICATION_TYPE=websocket -PDP_UEB_CLUSTER= -PDP_UEB_TOPIC= -PDP_UEB_DELAY= -PDP_UEB_API_KEY= -PDP_UEB_API_SECRET= -PDP_DMAAP_AAF_LOGIN= -PDP_DMAAP_AAF_PASSWORD= - -#AAF Policy Name space -#Required only, when we use AAF -POLICY_AAF_NAMESPACE= -POLICY_AAF_RESOURCE= - -# Indeterminate resolution -DECISION_INDETERMINATE_RESPONSE=PERMIT diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf deleted file mode 100644 index e7171c280e..0000000000 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf +++ /dev/null @@ -1,26 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -# JVM specific parameters -LOGPARSER_JMX_PORT=9997 -LOGPARSER_X_MS_MB=1024 -LOGPARSER_X_MX_MB=1024 - -SERVER=https://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/ -LOGPATH=/var/log/onap/policy/pdpx/pdp-rest.log -PARSERLOGPATH=/opt/app/policy/servers/pdplp/bin/IntegrityMonitor.log - -node_type=logparser -# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase -resource_name=pdplp_1 diff --git a/kubernetes/policy/charts/pdp/templates/NOTES.txt b/kubernetes/policy/charts/pdp/templates/NOTES.txt deleted file mode 100644 index 868bb33d2b..0000000000 --- a/kubernetes/policy/charts/pdp/templates/NOTES.txt +++ /dev/null @@ -1,34 +0,0 @@ - -# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/policy/charts/pdp/templates/configmap.yaml b/kubernetes/policy/charts/pdp/templates/configmap.yaml deleted file mode 100644 index 79c4d38c68..0000000000 --- a/kubernetes/policy/charts/pdp/templates/configmap.yaml +++ /dev/null @@ -1,30 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-log-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/logback.xml").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-pe-configmap - namespace: {{ include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/pdp/templates/secrets.yaml b/kubernetes/policy/charts/pdp/templates/secrets.yaml deleted file mode 100644 index bd7eb8ea40..0000000000 --- a/kubernetes/policy/charts/pdp/templates/secrets.yaml +++ /dev/null @@ -1,15 +0,0 @@ -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -{{ include "common.secretFast" . }} diff --git a/kubernetes/policy/charts/pdp/templates/service.yaml b/kubernetes/policy/charts/pdp/templates/service.yaml deleted file mode 100644 index 864676ad6f..0000000000 --- a/kubernetes/policy/charts/pdp/templates/service.yaml +++ /dev/null @@ -1,53 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "{{ include "common.servicename" . }}", - "version": "v1", - "url": "/pdp", - "protocol": "REST", - "port": "{{ .Values.service.externalPort }}", - "visualRange":"1" - }, - ]' -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.portName }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.portName }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - sessionAffinity: None - clusterIP: None diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml deleted file mode 100644 index 7e99b1bac0..0000000000 --- a/kubernetes/policy/charts/pdp/templates/statefulset.yaml +++ /dev/null @@ -1,184 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -apiVersion: apps/v1 -kind: StatefulSet -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - serviceName: {{ include "common.servicename" . }} - replicas: {{ .Values.replicaCount }} - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - command: - - sh - args: - - -c - - "cd /config-input && for PFILE in `find . -not -type d | grep -v -F ..`; do envsubst <${PFILE} >/config/${PFILE}; chmod 0755 /config/${PFILE}; done" - env: - - name: JDBC_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - - name: JDBC_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} - - name: PDP_HTTP_USER_ID - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "login") | indent 10 }} - - name: PDP_HTTP_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pdp-http-creds" "key" "password") | indent 10 }} - - name: PDP_PAP_PDP_HTTP_USER_ID - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "login") | indent 10 }} - - name: PDP_PAP_PDP_HTTP_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "pap-http-creds" "key" "password") | indent 10 }} - volumeMounts: - - mountPath: /config-input/pe - name: pe-input - - mountPath: /config-input/pe-pdp - name: pe-pdp-input - - mountPath: /config/pe - name: pe - - mountPath: /config/pe-pdp - name: pe-pdp - image: "{{ .Values.global.envsubstImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-update-config - - command: - - /root/ready.py - args: - - --container-name - - {{ .Values.global.pap.nameOverride }} - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: {{ include "common.name" . }}-readiness - containers: - - command: - - /bin/bash - - ./do-start.sh - - pdp - name: {{ include "common.name" . }} - image: "{{ include "common.repository" . }}/{{ .Values.image }}" - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - env: - - name: JDBC_USER - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 10 }} - - name: JDBC_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 10 }} - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.externalPort }} - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.externalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{- end }} - readinessProbe: - tcpSocket: - port: {{ .Values.service.externalPort }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config/base.conf - name: pe - subPath: base.conf - - mountPath: /tmp/policy-install/config/pdp-tweaks.sh - name: pe-pdp-input - subPath: pdp-tweaks.sh - - mountPath: /tmp/policy-install/config/pdplp.conf - name: pe-pdp - subPath: pdplp.conf - - mountPath: /tmp/policy-install/config/pdp.conf - name: pe-pdp - subPath: pdp.conf - - mountPath: /tmp/policy-install/do-start.sh - name: pe-scripts - subPath: do-start.sh - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: {{ include "common.release" . }}-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: {{ include "common.fullname" . }}-log-configmap - - name: pe-input - configMap: - name: {{ include "common.release" . }}-pe-configmap - defaultMode: 0755 - - name: pe-scripts - configMap: - name: {{ include "common.release" . }}-pe-scripts-configmap - defaultMode: 0777 - - name: pe-pdp-input - configMap: - name: {{ include "common.fullname" . }}-pe-configmap - defaultMode: 0755 - - name: pe - emptyDir: - medium: Memory - - name: pe-pdp - emptyDir: - medium: Memory - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml deleted file mode 100644 index 8921eabf81..0000000000 --- a/kubernetes/policy/charts/pdp/values.yaml +++ /dev/null @@ -1,122 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018,2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - readinessRepository: oomk8s - readinessImage: readiness-check:2.0.2 - loggingRepository: docker.elastic.co - loggingImage: beats/filebeat:5.5.0 - -################################################################# -# Secrets metaconfig -################################################################# -secrets: - - uid: db-secret - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}' - login: '{{ .Values.db.user }}' - password: '{{ .Values.db.password }}' - passwordPolicy: required - - uid: pdp-http-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.pdp.pdpCredsExternalSecret) . }}' - login: '{{ .Values.pdp.pdphttpuserid }}' - password: '{{ .Values.pdp.pdphttppassword }}' - passwordPolicy: required - - uid: pap-http-creds - type: basicAuth - externalSecret: '{{ tpl (default "" .Values.pap.papCredsExternalSecret) . }}' - login: '{{ .Values.pap.pdppappdphttpuserid }}' - password: '{{ .Values.pap.pdppappdphttppassword }}' - passwordPolicy: required - -################################################################# -# Application configuration defaults. -################################################################# -# application image -repository: nexus3.onap.org:10001 -image: onap/policy-pe:1.6.4 -pullPolicy: Always - -# flag to enable debugging - application support required -debugEnabled: false - -# application configuration - -db: - user: policy_user - password: policy_user -pdp: - pdphttpuserid: testpdp - pdphttppassword: alpha123 -pap: - pdppappdphttpuserid: testpap - pdppappdphttppassword: alpha123 - -config: - papPort: 9091 - -# default number of instances -replicaCount: 1 - -nodeSelector: {} - -affinity: {} - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - enabled: true - -readiness: - initialDelaySeconds: 10 - periodSeconds: 10 - -service: - type: ClusterIP - name: pdp - portName: pdp - internalPort: 8081 - externalPort: 8081 - -ingress: - enabled: false - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 1 - memory: 4Gi - requests: - cpu: 10m - memory: 1Gi - large: - limits: - cpu: 2 - memory: 8Gi - requests: - cpu: 20m - memory: 2Gi - unlimited: {} |