aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/policy
diff options
context:
space:
mode:
authorjhh <jorge.hernandez-herrero@att.com>2019-09-04 07:47:25 -0500
committerjhh <jorge.hernandez-herrero@att.com>2019-09-10 20:17:28 -0500
commit010965911185b9a1ef2008246fabc37f193baf2b (patch)
tree729d3078da57fe44f8acd46020871b9887020fe9 /kubernetes/policy
parent9d407f480e9d40460f6f76ffc6a09f61f1d6b85e (diff)
refactor drools chart to allow customizations
- move some values out of .conf files to values to avoid building the chart when deploying policy (drools). - move credentials to a single secret file, this is precursor work to deal with confidential info in a better way in future releases. - delete unused files. - generify mounting of configmaps/secrets as volumes to avoid explicitly having to modify statefulset.yaml. - update amsterdam controller with latest version in nexus at container instantiation. - update to the latest released drools image. Issue-ID: POLICY-1371 Signed-off-by: jhh <jorge.hernandez-herrero@att.com> Change-Id: I1497b61cd210ac4c00b957c2832de5acd01ea4d2 Signed-off-by: jhh <jorge.hernandez-herrero@att.com>
Diffstat (limited to 'kubernetes/policy')
-rw-r--r--kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystorebin5640 -> 0 bytes
-rw-r--r--kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf19
-rw-r--r--kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh21
-rw-r--r--kubernetes/policy/charts/drools/resources/configmaps/base.conf (renamed from kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf)38
-rw-r--r--kubernetes/policy/charts/drools/resources/configmaps/feature-pooling-dmaap.conf (renamed from kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf)4
-rw-r--r--kubernetes/policy/charts/drools/resources/configmaps/status.post.sh (renamed from kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf)14
-rw-r--r--kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh107
-rw-r--r--kubernetes/policy/charts/drools/resources/secrets/credentials.conf56
-rw-r--r--kubernetes/policy/charts/drools/templates/NOTES.txt33
-rw-r--r--kubernetes/policy/charts/drools/templates/configmap.yaml2
-rw-r--r--kubernetes/policy/charts/drools/templates/secrets.yaml8
-rw-r--r--kubernetes/policy/charts/drools/templates/statefulset.yaml30
-rw-r--r--kubernetes/policy/charts/drools/values.yaml66
13 files changed, 177 insertions, 221 deletions
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore
deleted file mode 100644
index ab25c3a341..0000000000
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
deleted file mode 100644
index c2ccefe4e3..0000000000
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
+++ /dev/null
@@ -1,19 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-CONTROLLER_ARTIFACT_ID=policy-management
-CONTROLLER_NAME=policy-management-controller
-CONTROLLER_PORT=9696
-RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT
-UEB_TOPIC=policyengine-develop
diff --git a/kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh b/kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh
new file mode 100644
index 0000000000..5949db4dc4
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/configmaps/amsterdam.pre.sh
@@ -0,0 +1,21 @@
+#!/bin/bash
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+
+docker-entrypoint.sh nexus \ No newline at end of file
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/configmaps/base.conf
index e7c6928b0a..ba39b0b5ad 100644
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
+++ b/kubernetes/policy/charts/drools/resources/configmaps/base.conf
@@ -1,4 +1,5 @@
-# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T
+# Copyright © 2017-2018 Amdocs, Bell Canada.
+# Modifications Copyright (C) 2018-2019 AT&T Intellectual Property.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -14,41 +15,33 @@
# JVM options
-JVM_OPTIONS=-server -Xms1024m -Xmx2048m
+JVM_OPTIONS={{.Values.server.jvmOpts}}
# SYSTEM software configuration
POLICY_HOME=/opt/app/policy
POLICY_LOGS=/var/log/onap/policy/pdpd
JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk
-KEYSTORE_PASSWD=Pol1cy_0nap
-TRUSTSTORE_PASSWD=Pol1cy_0nap
# Telemetry credentials
TELEMETRY_PORT=9696
TELEMETRY_HOST=0.0.0.0
-TELEMETRY_USER=demo@people.osaaf.org
-TELEMETRY_PASSWORD=demo123456!
# nexus repository
SNAPSHOT_REPOSITORY_ID=policy-nexus-snapshots
-SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/snapshots/
+SNAPSHOT_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/snapshots/
RELEASE_REPOSITORY_ID=policy-nexus-releases
-RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.config.nexusPort}}/nexus/content/repositories/releases/
-REPOSITORY_USERNAME=admin
-REPOSITORY_PASSWORD=admin123
+RELEASE_REPOSITORY_URL=http://{{.Values.global.nexus.nameOverride}}:{{.Values.nexus.port}}/nexus/content/repositories/releases/
# Relational (SQL) DB access
SQL_HOST={{.Values.global.mariadb.nameOverride}}
-SQL_USER=policy_user
-SQL_PASSWORD=policy_user
# AAF
-AAF=true
+AAF={{.Values.aaf.enabled}}
AAF_NAMESPACE=org.onap.policy
AAF_HOST=aaf-locate.{{.Release.Namespace}}
@@ -56,8 +49,6 @@ AAF_HOST=aaf-locate.{{.Release.Namespace}}
PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
PDPD_CONFIGURATION_SERVERS=message-router
-PDPD_CONFIGURATION_API_KEY=
-PDPD_CONFIGURATION_API_SECRET=
PDPD_CONFIGURATION_CONSUMER_GROUP=
PDPD_CONFIGURATION_CONSUMER_INSTANCE=
PDPD_CONFIGURATION_PARTITION_KEY=
@@ -65,23 +56,14 @@ PDPD_CONFIGURATION_PARTITION_KEY=
# PAP-PDP configuration channel
POLICY_PDP_PAP_TOPIC=POLICY-PDP-PAP
-POLICY_PDP_PAP_API_KEY=
-POLICY_PDP_PAP_API_SECRET=
# PAP
PAP_HOST=policy-pap
-PAP_USERNAME=healthcheck
-PAP_PASSWORD=zb!XztG34
# PDP-X
PDP_HOST=policy-xacml-pdp
-PDP_USERNAME=healthcheck
-PDP_PASSWORD=zb!XztG34
-PDP_CLIENT_USERNAME=python
-PDP_CLIENT_PASSWORD=test
-PDP_ENVIRONMENT=TEST
# DCAE DMaaP
@@ -96,23 +78,15 @@ DMAAP_SERVERS=message-router
# AAI
AAI_URL=https://aai.{{.Release.Namespace}}:8443
-AAI_USERNAME=policy@policy.onap.org
-AAI_PASSWORD=demo123456!
# MSO
SO_URL=http://so.{{.Release.Namespace}}:8080/onap/so/infra
-SO_USERNAME=InfraPortalClient
-SO_PASSWORD=password1$
# VFC
VFC_URL=
-VFC_USERNAME=
-VFC_PASSWORD=
# SDNC
SDNC_URL=http://sdnc.{{.Release.Namespace}}:8282/restconf/operations
-SDNC_USERNAME=admin
-SDNC_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf b/kubernetes/policy/charts/drools/resources/configmaps/feature-pooling-dmaap.conf
index 7b95e79b4d..44d0bf18ce 100644
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/feature-pooling-dmaap.conf
+++ b/kubernetes/policy/charts/drools/resources/configmaps/feature-pooling-dmaap.conf
@@ -1,5 +1,5 @@
-# Copyright 2018 AT&T Intellectual Property. All rights reserved
-# Modifications Copyright © 2018 Amdocs, Bell Canada
+# Copyright 2018-2019 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/charts/drools/resources/configmaps/status.post.sh
index 20d8298472..e2d7381689 100644
--- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
+++ b/kubernetes/policy/charts/drools/resources/configmaps/status.post.sh
@@ -1,16 +1,20 @@
-# Copyright © 2017-2018 Amdocs, Bell Canada, AT&T
-#
+#!/bin/bash
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
-# http://www.apache.org/licenses/LICENSE-2.0
+# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+# ============LICENSE_END=========================================================
-HEALTHCHECK_USER=demo@people.osaaf.org
-HEALTHCHECK_PASSWORD=demo123456!
+policy status
diff --git a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
deleted file mode 100644
index ff7a64bdb9..0000000000
--- a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
+++ /dev/null
@@ -1,107 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada, AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#!/bin/bash
-
-if [ "$#" -ne 4 ]; then
- echo "Usage: $(basename $0) <k8s-host> <policy-pdp-node-port> <policy-drools-node-port> <resource-id>"
- exit 1
-fi
-
-K8S_HOST=$1
-POLICY_PDP_PORT=$2
-POLICY_DROOLS_PORT=$3
-RESOURCE_ID=$4
-
-echo
-echo
-echo "Removing the vFW Policy from PDP.."
-echo
-echo
-
-curl -v -k -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
- "pdpGroup": "default",
- "policyComponent" : "PDP",
- "policyName": "com.BRMSParamvFirewall",
- "policyType": "BRMS_Param"
-}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy
-
-sleep 20
-
-echo
-
-echo
-echo "Updating vFW Operational Policy .."
-echo
-
-curl -v -k -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
- "policyConfigType": "BRMS_PARAM",
- "policyName": "com.BRMSParamvFirewall",
- "policyDescription": "BRMS Param vFirewall policy",
- "policyScope": "com",
- "attributes": {
- "MATCHING": {
- "controller": "amsterdam"
- },
- "RULE": {
- "templateName": "ClosedLoopControlName",
- "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
- "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+'${RESOURCE_ID}'%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
- }
- }
-}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy
-
-sleep 5
-
-echo
-echo
-echo "Pushing the vFW Policy .."
-echo
-echo
-
-curl -v -k --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
- "pdpGroup": "default",
- "policyName": "com.BRMSParamvFirewall",
- "policyType": "BRMS_Param"
-}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy
-
-sleep 20
-
-echo
-echo
-echo "Restarting PDP-D .."
-echo
-echo
-
-POD=$(kubectl --namespace {{ include "common.namespace" . }} get pods | sed 's/ .*//'| grep drools)
-kubectl --namespace {{ include "common.namespace" . }} exec -it ${POD} -- bash -c "source /opt/app/policy/etc/profile.d/env.sh && policy stop && sleep 5 && policy start"
-
-sleep 20
-
-echo
-echo
-echo "PDP-D amsterdam maven coordinates .."
-echo
-echo
-
-curl -vvv -k --silent --user "demo@people.osaaf.org:demo123456!" -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
-
-
-echo
-echo
-echo "PDP-D control loop updated .."
-echo
-echo
-
-curl -v -k --silent --user "demo@people.osaaf.org:demo123456!" -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool
diff --git a/kubernetes/policy/charts/drools/resources/secrets/credentials.conf b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
new file mode 100644
index 0000000000..36d3c3b376
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/secrets/credentials.conf
@@ -0,0 +1,56 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2019 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+KEYSTORE_PASSWD={{.Values.keystore.password}}
+TRUSTSTORE_PASSWD={{.Values.truststore.password}}
+
+TELEMETRY_USER={{.Values.telemetry.user}}
+TELEMETRY_PASSWORD={{.Values.telemetry.password}}
+
+REPOSITORY_USERNAME={{.Values.nexus.user}}
+REPOSITORY_PASSWORD={{.Values.nexus.password}}
+
+SQL_USER={{.Values.db.user}}
+SQL_PASSWORD={{.Values.db.password}}
+
+PDPD_CONFIGURATION_API_KEY={{.Values.dmaap.brmsgw.key}}
+PDPD_CONFIGURATION_API_SECRET={{.Values.dmaap.brmsgw.secret}}
+
+POLICY_PDP_PAP_API_KEY={{.Values.dmaap.pap.key}}
+POLICY_PDP_PAP_API_SECRET={{.Values.dmaap.pap.secret}}
+
+PAP_USERNAME={{.Values.pap.user}}
+PAP_PASSWORD={{.Values.pap.password}}
+
+PDP_USERNAME={{.Values.pdp.user}}
+PDP_PASSWORD={{.Values.pdp.password}}
+
+AAI_USERNAME={{.Values.aai.user}}
+AAI_PASSWORD={{.Values.aai.password}}
+
+SO_USERNAME={{.Values.so.user}}
+SO_PASSWORD={{.Values.so.password}}
+
+VFC_USERNAME={{.Values.vfc.user}}
+VFC_PASSWORD={{.Values.vfc.password}}
+
+SDNC_USERNAME={{.Values.sdnc.user}}
+SDNC_PASSWORD={{.Values.sdnc.password}}
+
+HEALTHCHECK_USER={{.Values.telemetry.user}}
+HEALTHCHECK_PASSWORD={{.Values.telemetry.password}}
diff --git a/kubernetes/policy/charts/drools/templates/NOTES.txt b/kubernetes/policy/charts/drools/templates/NOTES.txt
deleted file mode 100644
index fa0aa7d258..0000000000
--- a/kubernetes/policy/charts/drools/templates/NOTES.txt
+++ /dev/null
@@ -1,33 +0,0 @@
-# Copyright 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
- http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
- export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
- export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
- echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
- NOTE: It may take a few minutes for the LoadBalancer IP to be available.
- You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
- export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
- echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
- export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
- echo "Visit http://127.0.0.1:8080 to use your application"
- kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/policy/charts/drools/templates/configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml
index 1f9503130c..7daf473db2 100644
--- a/kubernetes/policy/charts/drools/templates/configmap.yaml
+++ b/kubernetes/policy/charts/drools/templates/configmap.yaml
@@ -19,4 +19,4 @@ metadata:
name: {{ include "common.fullname" . }}-configmap
namespace: {{ include "common.namespace" . }}
data:
-{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/configmaps/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/drools/templates/secrets.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml
index e21084fe5d..31ba543c0e 100644
--- a/kubernetes/policy/charts/drools/templates/secrets.yaml
+++ b/kubernetes/policy/charts/drools/templates/secrets.yaml
@@ -1,5 +1,5 @@
# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Modifications Copyright © 2018-2019 AT&T
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -23,6 +23,8 @@ metadata:
chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
release: {{ .Release.Name }}
heritage: {{ .Release.Service }}
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
type: Opaque
+data:
+{{- range $path, $bytes := .Files.Glob "resources/secrets/*" }}
+ {{ base $path }}: {{ tpl ($.Files.Get $path) $ | b64enc | quote }}
+{{- end }}
diff --git a/kubernetes/policy/charts/drools/templates/statefulset.yaml b/kubernetes/policy/charts/drools/templates/statefulset.yaml
index beacbabd06..bb21ae14aa 100644
--- a/kubernetes/policy/charts/drools/templates/statefulset.yaml
+++ b/kubernetes/policy/charts/drools/templates/statefulset.yaml
@@ -78,15 +78,16 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /tmp/policy-install/config/feature-healthcheck.conf
+ {{- range $path, $bytes := .Files.Glob "resources/secrets/*" }}
+ - mountPath: /tmp/policy-install/config/{{ base $path }}
name: drools-secret
- subPath: feature-healthcheck.conf
- - mountPath: /tmp/policy-install/config/feature-pooling-dmaap.conf
- name: drools-config
- subPath: feature-pooling-dmaap.conf
- - mountPath: /tmp/policy-install/config/base.conf
+ subPath: {{ base $path }}
+ {{- end }}
+ {{- range $path, $bytes := .Files.Glob "resources/configmaps/*" }}
+ - mountPath: /tmp/policy-install/config/{{ base $path }}
name: drools-config
- subPath: base.conf
+ subPath: {{ base $path }}
+ {{- end }}
- mountPath: /var/log/onap
name: policy-logs
resources:
@@ -125,18 +126,19 @@ spec:
configMap:
name: {{ include "common.fullname" . }}-configmap
items:
- - key: base.conf
- path: base.conf
- mode: 0755
- - key: feature-pooling-dmaap.conf
- path: feature-pooling-dmaap.conf
+ {{- range $path, $bytes := .Files.Glob "resources/configmaps/*" }}
+ - key: {{ base $path }}
+ path: {{ base $path }}
mode: 0755
+ {{- end }}
- name: drools-secret
secret:
secretName: {{ include "common.fullname" . }}-secret
items:
- - key: feature-healthcheck.conf
- path: feature-healthcheck.conf
+ {{- range $path, $bytes := .Files.Glob "resources/secrets/*" }}
+ - key: {{ base $path }}
+ path: {{ base $path }}
mode: 0644
+ {{- end }}
imagePullSecrets:
- name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml
index 21f9169462..74e0fe8e1c 100644
--- a/kubernetes/policy/charts/drools/values.yaml
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -23,21 +23,18 @@ global:
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
ubuntuImage: ubuntu:16.04
+
#################################################################
# Application configuration defaults.
#################################################################
# application image
repository: nexus3.onap.org:10001
-image: onap/policy-pdpd-cl:1.5.1
+image: onap/policy-pdpd-cl:1.5.2
pullPolicy: Always
# flag to enable debugging - application support required
debugEnabled: false
-# application configuration
-config:
- nexusPort: 8081
-
# default number of instances
replicaCount: 1
@@ -71,6 +68,65 @@ service:
ingress:
enabled: false
+# Default installation values to be overridden
+
+server:
+ jvmOpts: -server -Xms1024m -Xmx2048m
+
+aaf:
+ enabled: "true"
+
+keystore:
+ password: Pol1cy_0nap
+
+truststore:
+ password: Pol1cy_0nap
+
+telemetry:
+ user: demo@people.osaaf.org
+ password: demo123456!
+
+nexus:
+ nexus: admin
+ password: admin123
+ port: 8081
+
+db:
+ user: policy_user
+ password: policy_user
+
+pap:
+ user: healthcheck
+ password: zb!XztG34
+
+pdp:
+ user: healthcheck
+ password: zb!XztG34
+
+aai:
+ user: policy@policy.onap.org
+ password: demo123456!
+
+so:
+ user: InfraPortalClient
+ password: password1$
+
+vfc:
+ user:
+ password:
+
+sdnc:
+ user: admin
+ password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
+dmaap:
+ brmsgw:
+ key:
+ password:
+ pap:
+ key:
+ password:
+
# Resource Limit flavor -By Default using small
flavor: small
# Segregation for Different environment (Small and Large)