diff options
author | Jorge Hernandez <jh1730@att.com> | 2018-04-30 19:53:29 -0500 |
---|---|---|
committer | Jorge Hernandez <jh1730@att.com> | 2018-05-06 22:26:03 -0500 |
commit | 823691fb0dbf7538b5d3319c1b3afdb051c001dd (patch) | |
tree | 9810cac402a2149022b2b5c35d9e7fbee99c4686 /kubernetes/policy/resources/config | |
parent | f4eea37ac0a03de52c254707887b69626aa9df78 (diff) |
oom tweaks in pap configuration for pdp-x pooling
paplp_1 process is unused and causes intermittent bad
behavior when issuing healthchecks. Since it provides
no apparent benefit integrity monitor usage has been
disabled.
preloading policies apis are executed when the PAP come up.
The PDP-Xs take longer to come up, therefore the
push-policies script causes bad interactions. This operation
has to be triggered after all the PDP-Xs are up and properly
running, which is difficult to predict. Therefore, it is moved
to a manual step execution. In the future, we could think of'how
perhaps execute autonomously by some other means. It does not
currently work as is, so it is disabled, at least temporarily,
there were a couple problems with pap.conf, first the pdps hostname
need to be explicitly provided, as PAP keeps a white list of pdp hosts
that can connect to it and be served policies. Another limitation
is the format, note the change to ";" to separate pdps, instead of ",".
Further the automatic configuration sequence is only made for 1 PDP-X,
does not work well when multiple PDP-Xs are provided, so for the first
PDP-X, the credentials need to be explicitly added, otherwise, it
denies access to PDP-Xs.
Change-Id: I5d4a9a39822c036db26e97edb594ecaaa27f80d8
Issue-ID: POLICY-768
Signed-off-by: Jorge Hernandez <jh1730@att.com>
Diffstat (limited to 'kubernetes/policy/resources/config')
-rw-r--r-- | kubernetes/policy/resources/config/pe/pap.conf | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf index 39199d7f1a..ae9d47c491 100644 --- a/kubernetes/policy/resources/config/pe/pap.conf +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -39,7 +39,7 @@ REST_ADMIN_REPOSITORY=repository REST_ADMIN_WORKSPACE=workspace # PDP related properties -PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/,http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/ +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/ PAP_PDP_HTTP_USER_ID=testpdp PAP_PDP_HTTP_PASSWORD=alpha123 |