aboutsummaryrefslogtreecommitdiffstats
path: root/kubernetes/policy
diff options
context:
space:
mode:
authorJorge Hernandez <jh1730@att.com>2018-04-30 19:53:29 -0500
committerJorge Hernandez <jh1730@att.com>2018-05-06 22:26:03 -0500
commit823691fb0dbf7538b5d3319c1b3afdb051c001dd (patch)
tree9810cac402a2149022b2b5c35d9e7fbee99c4686 /kubernetes/policy
parentf4eea37ac0a03de52c254707887b69626aa9df78 (diff)
oom tweaks in pap configuration for pdp-x pooling
paplp_1 process is unused and causes intermittent bad behavior when issuing healthchecks. Since it provides no apparent benefit integrity monitor usage has been disabled. preloading policies apis are executed when the PAP come up. The PDP-Xs take longer to come up, therefore the push-policies script causes bad interactions. This operation has to be triggered after all the PDP-Xs are up and properly running, which is difficult to predict. Therefore, it is moved to a manual step execution. In the future, we could think of'how perhaps execute autonomously by some other means. It does not currently work as is, so it is disabled, at least temporarily, there were a couple problems with pap.conf, first the pdps hostname need to be explicitly provided, as PAP keeps a white list of pdp hosts that can connect to it and be served policies. Another limitation is the format, note the change to ";" to separate pdps, instead of ",". Further the automatic configuration sequence is only made for 1 PDP-X, does not work well when multiple PDP-Xs are provided, so for the first PDP-X, the credentials need to be explicitly added, otherwise, it denies access to PDP-Xs. Change-Id: I5d4a9a39822c036db26e97edb594ecaaa27f80d8 Issue-ID: POLICY-768 Signed-off-by: Jorge Hernandez <jh1730@att.com>
Diffstat (limited to 'kubernetes/policy')
-rw-r--r--kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf4
-rw-r--r--kubernetes/policy/resources/config/pe/pap.conf2
-rw-r--r--kubernetes/policy/values.yaml2
3 files changed, 4 insertions, 4 deletions
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
index 7b13116e34..8e0b88213d 100644
--- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
@@ -30,7 +30,7 @@ TOMCAT_X_MX_MB=1024
UEB_CLUSTER=message-router
REST_PAP_URL=http://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/
-REST_PDP_ID=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/
+REST_PDP_ID=http://${{"{{"}}FQDN{{"}}"}}:{{.Values.service.externalPort}}/pdp/
REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config
REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps
REST_PDP_REGISTER=true
@@ -46,7 +46,7 @@ PDP_PAP_PDP_HTTP_PASSWORD=alpha123
node_type=pdp_xacml
resource_name=pdp_1
-dependency_groups=pdplp_1;brmsgw_1
+dependency_groups=brmsgw_1
test_via_jmx=true
#
diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf
index 39199d7f1a..ae9d47c491 100644
--- a/kubernetes/policy/resources/config/pe/pap.conf
+++ b/kubernetes/policy/resources/config/pe/pap.conf
@@ -39,7 +39,7 @@ REST_ADMIN_REPOSITORY=repository
REST_ADMIN_WORKSPACE=workspace
# PDP related properties
-PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/,http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}:{{ .Values.config.pdpPort }}/pdp/
+PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-0.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/,testpdp,alpha123;http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}-1.{{ .Values.global.pdp.nameOverride }}.{{ include "common.namespace" . }}.svc.cluster.local:{{ .Values.config.pdpPort }}/pdp/
PAP_PDP_HTTP_USER_ID=testpdp
PAP_PDP_HTTP_PASSWORD=alpha123
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 4ab6e11ec7..c2c9747747 100644
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -65,7 +65,7 @@ debugEnabled: false
# application configuration
config:
- preloadPolicies: true
+ preloadPolicies: false
pdpPort: 8081
# default number of instances