diff options
author | jhh <jorge.hernandez-herrero@att.com> | 2019-09-04 07:47:25 -0500 |
---|---|---|
committer | jhh <jorge.hernandez-herrero@att.com> | 2019-09-10 20:17:28 -0500 |
commit | 010965911185b9a1ef2008246fabc37f193baf2b (patch) | |
tree | 729d3078da57fe44f8acd46020871b9887020fe9 /kubernetes/policy/charts | |
parent | 9d407f480e9d40460f6f76ffc6a09f61f1d6b85e (diff) |
refactor drools chart to allow customizations
- move some values out of .conf files to values to avoid
building the chart when deploying policy (drools).
- move credentials to a single secret file, this is precursor
work to deal with confidential info in a better way in
future releases.
- delete unused files.
- generify mounting of configmaps/secrets as volumes to
avoid explicitly having to modify statefulset.yaml.
- update amsterdam controller with latest version in nexus
at container instantiation.
- update to the latest released drools image.
Issue-ID: POLICY-1371
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Change-Id: I1497b61cd210ac4c00b957c2832de5acd01ea4d2
Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'kubernetes/policy/charts')
13 files changed, 177 insertions, 221 deletions
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore Binary files differdeleted file mode 100644 index ab25c3a341..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore +++ /dev/null diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf deleted file mode 100644 index c2ccefe4e3..0000000000 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf +++ /dev/null @@ -1,19 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -CONTROLLER_ARTIFACT_ID=policy-management -CONTROLLER_NAME=policy-management-controller -CONTROLLER_PORT=9696 -RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT -UEB_TOPIC=policyengine-develop diff --git a/kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh b/kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh new file mode 100644 index 0000000000..5949db4dc4 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh @@ -0,0 +1,21 @@ +#!/bin/bash +# ============LICENSE_START======================================================= +# ONAP +# ================================================================================ +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= + + +docker-entrypoint.sh nexus
\ No newline at end of file diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/configmaps/base.conf index e7c6928b0a..ba39b0b5ad 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/configmaps/base.conf @@ -1,4 +1,5 @@ -# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T +# Copyright © 2017-2018 Amdocs, Bell Canada. +# Modifications Copyright (C) 2018-2019 AT&T Intellectual Property. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -14,41 +15,33 @@ # JVM options -JVM_OPTIONS=-server -Xms1024m -Xmx2048m +JVM_OPTIONS={{.Values.server.jvmOpts}} # SYSTEM software configuration POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap/policy/pdpd JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk -KEYSTORE_PASSWD=Pol1cy_0nap -TRUSTSTORE_PASSWD=Pol1cy_0nap # Telemetry credentials TELEMETRY_PORT=9696 TELEMETRY_HOST=0.0.0.0 -TELEMETRY_USER=demo@people.osaaf.org -TELEMETRY_PASSWORD=demo123456! # nexus repository SNAPSHOT_REPOSITORY_ID=policy-nexus-snapshots -SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/ +SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/snapshots/ RELEASE_REPOSITORY_ID=policy-nexus-releases -RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/ -REPOSITORY_USERNAME=admin -REPOSITORY_PASSWORD=admin123 +RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/releases/ # Relational (SQL) DB access SQL_HOST={{.Values.global.mariadb.nameOverride}} -SQL_USER=policy_user -SQL_PASSWORD=policy_user # AAF -AAF=true +AAF={{.Values.aaf.enabled}} AAF_NAMESPACE=org.onap.policy AAF_HOST=aaf-locate.{{.Release.Namespace}} @@ -56,8 +49,6 @@ AAF_HOST=aaf-locate.{{.Release.Namespace}} PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION PDPD_CONFIGURATION_SERVERS=message-router -PDPD_CONFIGURATION_API_KEY= -PDPD_CONFIGURATION_API_SECRET= PDPD_CONFIGURATION_CONSUMER_GROUP= PDPD_CONFIGURATION_CONSUMER_INSTANCE= PDPD_CONFIGURATION_PARTITION_KEY= @@ -65,23 +56,14 @@ PDPD_CONFIGURATION_PARTITION_KEY= # PAP-PDP configuration channel POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP -POLICY_PDP_PAP_API_KEY= -POLICY_PDP_PAP_API_SECRET= # PAP PAP_HOST=policy-pap -PAP_USERNAME=healthcheck -PAP_PASSWORD=zb!XztG34 # PDP-X PDP_HOST=policy-xacml-pdp -PDP_USERNAME=healthcheck -PDP_PASSWORD=zb!XztG34 -PDP_CLIENT_USERNAME=python -PDP_CLIENT_PASSWORD=test -PDP_ENVIRONMENT=TEST # DCAE DMaaP @@ -96,23 +78,15 @@ DMAAP_SERVERS=message-router # AAI AAI_URL=https://aai.{{.Release.Namespace}}:8443 -AAI_USERNAME=policy@policy.onap.org -AAI_PASSWORD=demo123456! # MSO SO_URL=http://so.{{.Release.Namespace}}:8080/onap/so/infra -SO_USERNAME=InfraPortalClient -SO_PASSWORD=password1$ # VFC VFC_URL= -VFC_USERNAME= -VFC_PASSWORD= # SDNC SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations -SDNC_USERNAME=admin -SDNC_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf b/kubernetes/policy/charts/drools/resources/configmaps/feature-pooling-dmaap.conf index 7b95e79b4d..44d0bf18ce 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf +++ b/kubernetes/policy/charts/drools/resources/configmaps/feature-pooling-dmaap.conf @@ -1,5 +1,5 @@ -# Copyright 2018 AT&T Intellectual Property. All rights reserved -# Modifications Copyright © 2018 Amdocs, Bell Canada +# Copyright 2018-2019 AT&T Intellectual Property. All rights reserved. +# Modifications Copyright © 2018 Amdocs, Bell Canada. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/charts/drools/resources/configmaps/status.post.sh index 20d8298472..e2d7381689 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf +++ b/kubernetes/policy/charts/drools/resources/configmaps/status.post.sh @@ -1,16 +1,20 @@ -# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T -# +#!/bin/bash +# ============LICENSE_START======================================================= +# ONAP +# ================================================================================ +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. +# ============LICENSE_END========================================================= -HEALTHCHECK_USER=demo@people.osaaf.org -HEALTHCHECK_PASSWORD=demo123456! +policy status diff --git a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh deleted file mode 100644 index ff7a64bdb9..0000000000 --- a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh +++ /dev/null @@ -1,107 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada, AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#!/bin/bash - -if [ "$#" -ne 4 ]; then - echo "Usage: $(basename $0) <k8s-host> <policy-pdp-node-port> <policy-drools-node-port> <resource-id>" - exit 1 -fi - -K8S_HOST=$1 -POLICY_PDP_PORT=$2 -POLICY_DROOLS_PORT=$3 -RESOURCE_ID=$4 - -echo -echo -echo "Removing the vFW Policy from PDP.." -echo -echo - -curl -v -k -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyComponent" : "PDP", - "policyName": "com.BRMSParamvFirewall", - "policyType": "BRMS_Param" -}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy - -sleep 20 - -echo - -echo -echo "Updating vFW Operational Policy .." -echo - -curl -v -k -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "policyConfigType": "BRMS_PARAM", - "policyName": "com.BRMSParamvFirewall", - "policyDescription": "BRMS Param vFirewall policy", - "policyScope": "com", - "attributes": { - "MATCHING": { - "controller": "amsterdam" - }, - "RULE": { - "templateName": "ClosedLoopControlName", - "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a", - "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+'${RESOURCE_ID}'%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" - } - } -}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy - -sleep 5 - -echo -echo -echo "Pushing the vFW Policy .." -echo -echo - -curl -v -k --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "com.BRMSParamvFirewall", - "policyType": "BRMS_Param" -}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy - -sleep 20 - -echo -echo -echo "Restarting PDP-D .." -echo -echo - -POD=$(kubectl --namespace {{ include "common.namespace" . }} get pods | sed 's/ .*//'| grep drools) -kubectl --namespace {{ include "common.namespace" . }} exec -it ${POD} -- bash -c "source /opt/app/policy/etc/profile.d/env.sh && policy stop && sleep 5 && policy start" - -sleep 20 - -echo -echo -echo "PDP-D amsterdam maven coordinates .." -echo -echo - -curl -vvv -k --silent --user "demo@people.osaaf.org:demo123456!" -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool - - -echo -echo -echo "PDP-D control loop updated .." -echo -echo - -curl -v -k --silent --user "demo@people.osaaf.org:demo123456!" -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf new file mode 100644 index 0000000000..36d3c3b376 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf @@ -0,0 +1,56 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +KEYSTORE_PASSWD={{.Values.keystore.password}} +TRUSTSTORE_PASSWD={{.Values.truststore.password}} + +TELEMETRY_USER={{.Values.telemetry.user}} +TELEMETRY_PASSWORD={{.Values.telemetry.password}} + +REPOSITORY_USERNAME={{.Values.nexus.user}} +REPOSITORY_PASSWORD={{.Values.nexus.password}} + +SQL_USER={{.Values.db.user}} +SQL_PASSWORD={{.Values.db.password}} + +PDPD_CONFIGURATION_API_KEY={{.Values.dmaap.brmsgw.key}} +PDPD_CONFIGURATION_API_SECRET={{.Values.dmaap.brmsgw.secret}} + +POLICY_PDP_PAP_API_KEY={{.Values.dmaap.pap.key}} +POLICY_PDP_PAP_API_SECRET={{.Values.dmaap.pap.secret}} + +PAP_USERNAME={{.Values.pap.user}} +PAP_PASSWORD={{.Values.pap.password}} + +PDP_USERNAME={{.Values.pdp.user}} +PDP_PASSWORD={{.Values.pdp.password}} + +AAI_USERNAME={{.Values.aai.user}} +AAI_PASSWORD={{.Values.aai.password}} + +SO_USERNAME={{.Values.so.user}} +SO_PASSWORD={{.Values.so.password}} + +VFC_USERNAME={{.Values.vfc.user}} +VFC_PASSWORD={{.Values.vfc.password}} + +SDNC_USERNAME={{.Values.sdnc.user}} +SDNC_PASSWORD={{.Values.sdnc.password}} + +HEALTHCHECK_USER={{.Values.telemetry.user}} +HEALTHCHECK_PASSWORD={{.Values.telemetry.password}} diff --git a/kubernetes/policy/charts/drools/templates/NOTES.txt b/kubernetes/policy/charts/drools/templates/NOTES.txt deleted file mode 100644 index fa0aa7d258..0000000000 --- a/kubernetes/policy/charts/drools/templates/NOTES.txt +++ /dev/null @@ -1,33 +0,0 @@ -# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -1. Get the application URL by running these commands: -{{- if .Values.ingress.enabled }} -{{- range .Values.ingress.hosts }} - http://{{ . }} -{{- end }} -{{- else if contains "NodePort" .Values.service.type }} - export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) - export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") - echo http://$NODE_IP:$NODE_PORT -{{- else if contains "LoadBalancer" .Values.service.type }} - NOTE: It may take a few minutes for the LoadBalancer IP to be available. - You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' - export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') - echo http://$SERVICE_IP:{{ .Values.service.externalPort }} -{{- else if contains "ClusterIP" .Values.service.type }} - export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") - echo "Visit http://127.0.0.1:8080 to use your application" - kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} -{{- end }} diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 1f9503130c..7daf473db2 100644 --- a/kubernetes/policy/charts/drools/templates/configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -19,4 +19,4 @@ metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/configmaps/*").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/drools/templates/secrets.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml index e21084fe5d..31ba543c0e 100644 --- a/kubernetes/policy/charts/drools/templates/secrets.yaml +++ b/kubernetes/policy/charts/drools/templates/secrets.yaml @@ -1,5 +1,5 @@ # Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2018 AT&T +# Modifications Copyright © 2018-2019 AT&T # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -23,6 +23,8 @@ metadata: chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} release: {{ .Release.Name }} heritage: {{ .Release.Service }} -data: -{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }} type: Opaque +data: +{{- range $path, $bytes := .Files.Glob "resources/secrets/*" }} + {{ base $path }}: {{ tpl ($.Files.Get $path) $ | b64enc | quote }} +{{- end }} diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml index beacbabd06..bb21ae14aa 100644 --- a/kubernetes/policy/charts/drools/templates/statefulset.yaml +++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml @@ -78,15 +78,16 @@ spec: - mountPath: /etc/localtime name: localtime readOnly: true - - mountPath: /tmp/policy-install/config/feature-healthcheck.conf + {{- range $path, $bytes := .Files.Glob "resources/secrets/*" }} + - mountPath: /tmp/policy-install/config/{{ base $path }} name: drools-secret - subPath: feature-healthcheck.conf - - mountPath: /tmp/policy-install/config/feature-pooling-dmaap.conf - name: drools-config - subPath: feature-pooling-dmaap.conf - - mountPath: /tmp/policy-install/config/base.conf + subPath: {{ base $path }} + {{- end }} + {{- range $path, $bytes := .Files.Glob "resources/configmaps/*" }} + - mountPath: /tmp/policy-install/config/{{ base $path }} name: drools-config - subPath: base.conf + subPath: {{ base $path }} + {{- end }} - mountPath: /var/log/onap name: policy-logs resources: @@ -125,18 +126,19 @@ spec: configMap: name: {{ include "common.fullname" . }}-configmap items: - - key: base.conf - path: base.conf - mode: 0755 - - key: feature-pooling-dmaap.conf - path: feature-pooling-dmaap.conf + {{- range $path, $bytes := .Files.Glob "resources/configmaps/*" }} + - key: {{ base $path }} + path: {{ base $path }} mode: 0755 + {{- end }} - name: drools-secret secret: secretName: {{ include "common.fullname" . }}-secret items: - - key: feature-healthcheck.conf - path: feature-healthcheck.conf + {{- range $path, $bytes := .Files.Glob "resources/secrets/*" }} + - key: {{ base $path }} + path: {{ base $path }} mode: 0644 + {{- end }} imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml index 21f9169462..74e0fe8e1c 100644 --- a/kubernetes/policy/charts/drools/values.yaml +++ b/kubernetes/policy/charts/drools/values.yaml @@ -23,21 +23,18 @@ global: loggingRepository: docker.elastic.co loggingImage: beats/filebeat:5.5.0 ubuntuImage: ubuntu:16.04 + ################################################################# # Application configuration defaults. ################################################################# # application image repository: nexus3.onap.org:10001 -image: onap/policy-pdpd-cl:1.5.1 +image: onap/policy-pdpd-cl:1.5.2 pullPolicy: Always # flag to enable debugging - application support required debugEnabled: false -# application configuration -config: - nexusPort: 8081 - # default number of instances replicaCount: 1 @@ -71,6 +68,65 @@ service: ingress: enabled: false +# Default installation values to be overridden + +server: + jvmOpts: -server -Xms1024m -Xmx2048m + +aaf: + enabled: "true" + +keystore: + password: Pol1cy_0nap + +truststore: + password: Pol1cy_0nap + +telemetry: + user: demo@people.osaaf.org + password: demo123456! + +nexus: + nexus: admin + password: admin123 + port: 8081 + +db: + user: policy_user + password: policy_user + +pap: + user: healthcheck + password: zb!XztG34 + +pdp: + user: healthcheck + password: zb!XztG34 + +aai: + user: policy@policy.onap.org + password: demo123456! + +so: + user: InfraPortalClient + password: password1$ + +vfc: + user: + password: + +sdnc: + user: admin + password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + +dmaap: + brmsgw: + key: + password: + pap: + key: + password: + # Resource Limit flavor -By Default using small flavor: small # Segregation for Different environment (Small and Large) |