diff options
98 files changed, 3443 insertions, 1736 deletions
diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 2bcf0bfecd..08b643782a 100644 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -73,7 +73,7 @@ dependencies: repository: '@local' condition: multicloud.enabled - name: policy - version: ~0.1.0 + version: ~2.0.0 repository: '@local' condition: policy.enabled - name: portal diff --git a/kubernetes/policy/.helmignore b/kubernetes/policy/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/policy/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index b178495b47..d033bf1858 100644 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: A Helm chart for Kubernetes +description: Policy access point name: policy -version: 0.1.0 +version: 2.0.0 diff --git a/kubernetes/policy/charts/brmsgw/Chart.yaml b/kubernetes/policy/charts/brmsgw/Chart.yaml new file mode 100644 index 0000000000..d6aafe4488 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy BRMS GW +name: brmsgw +version: 2.0.0 diff --git a/kubernetes/policy/charts/brmsgw/requirements.yaml b/kubernetes/policy/charts/brmsgw/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh index daa3596e6e..5c3a2a1fe3 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #! /bin/bash PROPS_BUILD="${POLICY_HOME}/etc/build.info" diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index d874237575..6a0012dafa 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -1,11 +1,25 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # BRMSpep component installation configuration parameters BRMSGW_JMX_PORT=9989 COMPONENT_X_MX_MB=1024 COMPONENT_X_MS_MB=1024 -REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ -REST_PDP_ID=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ +REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/ +REST_PDP_ID=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/ PDP_HTTP_USER_ID=testpdp PDP_HTTP_PASSWORD=alpha123 @@ -15,13 +29,13 @@ PDP_PAP_PDP_HTTP_PASSWORD=alpha123 M2_HOME=/usr/share/maven snapshotRepositoryID=policy-nexus-snapshots snapshotRepositoryName=Snapshots -snapshotRepositoryURL=http://nexus.{{.Values.nsPrefix}}:8081/nexus/content/repositories/snapshots +snapshotRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/snapshots releaseRepositoryID=policy-nexus-releases releaseRepositoryName=Releases -releaseRepositoryURL=http://nexus.{{.Values.nsPrefix}}:8081/nexus/content/repositories/releases +releaseRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/releases repositoryUsername=admin repositoryPassword=admin123 -UEB_URL=dmaap.{{.Values.nsPrefix}} +UEB_URL=dmaap UEB_TOPIC=PDPD-CONFIGURATION UEB_API_KEY= UEB_API_SECRET= @@ -40,7 +54,7 @@ ENVIRONMENT=TEST #Notification Properties... type can be either websocket, ueb, or dmaap BRMS_NOTIFICATION_TYPE=websocket -BRMS_UEB_URL=dmaap.{{.Values.nsPrefix}} +BRMS_UEB_URL=dmaap BRMS_UEB_TOPIC=PDPD-CONFIGURATION BRMS_UEB_DELAY= BRMS_CLIENT_ID=python diff --git a/kubernetes/policy/charts/brmsgw/templates/NOTES.txt b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/brmsgw/templates/configmap.yaml b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml new file mode 100644 index 0000000000..054338bb5b --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml new file mode 100644 index 0000000000..cd715e4606 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml @@ -0,0 +1,109 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.pap.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - command: + - /bin/bash + - ./do-start.sh + - brmsgw + name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config + name: pe-brmsgw + - mountPath: /tmp/policy-install/config/base.conf + name: pe + subPath: base.conf + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: pe + configMap: + name: {{ .Release.Name }}-pe-configmap + defaultMode: 0755 + - name: pe-scripts + configMap: + name: {{ .Release.Name }}-pe-scripts-configmap + defaultMode: 0777 + - name: pe-brmsgw + configMap: + name: {{ include "common.fullname" . }}-pe-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/brmsgw/templates/service.yaml b/kubernetes/policy/charts/brmsgw/templates/service.yaml new file mode 100644 index 0000000000..ebec058193 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml new file mode 100644 index 0000000000..3890e9e6ab --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -0,0 +1,87 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pe:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +service: + type: NodePort + name: brmsgw + externalPort: 9989 + nodePort: 16 + + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/drools/Chart.yaml b/kubernetes/policy/charts/drools/Chart.yaml new file mode 100644 index 0000000000..4f753c07f4 --- /dev/null +++ b/kubernetes/policy/charts/drools/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Drools Policy Engine +name: drools +version: 2.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml new file mode 100644 index 0000000000..65916b652c --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy Nexus +name: nexus +version: 2.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt new file mode 100644 index 0000000000..57947a65da --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml new file mode 100644 index 0000000000..910ade9108 --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml new file mode 100644 index 0000000000..5447d91e0e --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml @@ -0,0 +1,32 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml new file mode 100644 index 0000000000..f8d80b0fca --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-nexus:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + path: /nexus/service/local/status + +service: + type: NodePort + name: nexus + internalPort: 8081 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/drools/requirements.yaml b/kubernetes/policy/charts/drools/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/drools/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml index 2a9e2a0b24..e899a004da 100755 --- a/kubernetes/policy/resources/config/drools/settings.xml +++ b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml @@ -1,23 +1,19 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - ============LICENSE_START======================================================= - Base Package - ================================================================================ - Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. - ================================================================================ - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - ============LICENSE_END========================================================= - --> +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd"> @@ -51,7 +47,7 @@ <repositories> <repository> <id>policy-nexus-snapshots</id> - <url>http://nexus:8081/nexus/content/repositories/snapshots/</url> + <url>http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/</url> <releases> <enabled>false</enabled> <updatePolicy>always</updatePolicy> @@ -64,7 +60,7 @@ <repository> <id>policy-nexus-releases</id> - <url>http://nexus:8081/nexus/content/repositories/releases/</url> + <url>http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/</url> <releases> <enabled>true</enabled> <updatePolicy>always</updatePolicy> diff --git a/kubernetes/policy/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml index daecf97850..4b058f1e4b 100644 --- a/kubernetes/policy/resources/config/log/drools/logback.xml +++ b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml @@ -1,107 +1,103 @@ -<!--
- ============LICENSE_START=======================================================
- policy-management
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-
-<configuration scan="true" scanPeriod="30 seconds" debug="false">
-
- <property name="logDir" value="/var/log/onap" />
-
- <property name="errorLog" value="error" />
- <property name="debugLog" value="debug" />
- <property name="networkLog" value="network" />
-
- <property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />
- <property name="errorPattern" value="${debugPattern}" />
- <property name="networkPattern" value="[%d|%t]%m%n" />
-
- <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDir}/${errorLog}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>5</maxIndex>
- </rollingPolicy>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>WARN</level>
- </filter>
- <triggeringPolicy
- class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>15MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${errorPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="ErrorOut" />
- </appender>
-
- <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDir}/${debugLog}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>20MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${debugPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="DebugOut" />
- </appender>
-
- <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDir}/${networkLog}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
- <fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>
- <minIndex>1</minIndex>
- <maxIndex>9</maxIndex>
- </rollingPolicy>
- <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
- <maxFileSize>15MB</maxFileSize>
- </triggeringPolicy>
- <encoder>
- <pattern>${networkPattern}</pattern>
- </encoder>
- </appender>
-
- <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
- <appender-ref ref="NetworkOut" />
- </appender>
-
- <logger name="network" level="INFO" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- </logger>
-
- <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
- <appender-ref ref="AsyncNetworkOut" />
- </logger>
-
- <root level="INFO">
- <appender-ref ref="AsyncDebugOut" />
- <appender-ref ref="AsyncErrorOut" />
- </root>
-
-</configuration>
\ No newline at end of file +<!-- +# Copyright © 2017 Amdocs, Bell Canada,AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> + +<configuration scan="true" scanPeriod="30 seconds" debug="false"> + + <property name="logDir" value="/var/log/onap" /> + + <property name="errorLog" value="error" /> + <property name="debugLog" value="debug" /> + <property name="networkLog" value="network" /> + + <property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" /> + <property name="errorPattern" value="${debugPattern}" /> + <property name="networkPattern" value="[%d|%t]%m%n" /> + + <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDir}/${errorLog}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>5</maxIndex> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>WARN</level> + </filter> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>15MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${errorPattern}</pattern> + </encoder> + </appender> + + <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="ErrorOut" /> + </appender> + + <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDir}/${debugLog}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${debugPattern}</pattern> + </encoder> + </appender> + + <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="DebugOut" /> + </appender> + + <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDir}/${networkLog}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>15MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${networkPattern}</pattern> + </encoder> + </appender> + + <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="NetworkOut" /> + </appender> + + <logger name="network" level="INFO" additivity="false"> + <appender-ref ref="AsyncNetworkOut" /> + </logger> + + <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false"> + <appender-ref ref="AsyncNetworkOut" /> + </logger> + + <root level="INFO"> + <appender-ref ref="AsyncDebugOut" /> + <appender-ref ref="AsyncErrorOut" /> + </root> + +</configuration> diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index e5bbd6637d..aec7bf20ee 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -1,27 +1,21 @@ -### -# ============LICENSE_START======================================================= -# ONAP POLICY -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# ============LICENSE_END========================================================= -### - # SYSTEM software configuration POLICY_HOME=/opt/app/policy +POLICY_LOGS=/var/log/ONAP/policy JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 KEYSTORE_PASSWD=PolicyR0ck$ @@ -35,22 +29,22 @@ ENGINE_MANAGEMENT_PASSWORD=31nst31n # nexus repository snapshotRepositoryID=policy-nexus-snapshots -snapshotRepositoryUrl=http://nexus:8081/nexus/content/repositories/snapshots/ +snapshotRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/ releaseRepositoryID=policy-nexus-releases -releaseRepositoryUrl=http://nexus:8081/nexus/content/repositories/releases/ +releaseRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/ repositoryUsername=admin repositoryPassword=admin123 # Relational (SQL) DB access -SQL_HOST=mariadb.{{.Values.nsPrefix}} +SQL_HOST={{.Release.Name}}-{{.Values.global.mariadb.nameOverride}} SQL_USER=policy_user SQL_PASSWORD=policy_user # PDP-D DMaaP configuration channel PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION -PDPD_CONFIGURATION_SERVERS=dmaap.{{.Values.nsPrefix}} +PDPD_CONFIGURATION_SERVERS=dmaap PDPD_CONFIGURATION_API_KEY= PDPD_CONFIGURATION_API_SECRET= PDPD_CONFIGURATION_CONSUMER_GROUP= @@ -59,13 +53,13 @@ PDPD_CONFIGURATION_PARTITION_KEY= # PAP -PAP_HOST=pap.{{.Values.nsPrefix}} +PAP_HOST={{.Release.Name}}-{{.Values.global.pap.nameOverride}} PAP_USERNAME=testpap PAP_PASSWORD=alpha123 # PDP-X -PDP_HOST=pdp.{{.Values.nsPrefix}} +PDP_HOST={{.Release.Name}}-{{.Values.global.pdp.nameOverride}} PDP_USERNAME=testpdp PDP_PASSWORD=alpha123 PDP_CLIENT_USERNAME=python @@ -75,11 +69,11 @@ PDP_ENVIRONMENT=TEST # DCAE DMaaP DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT -DCAE_SERVERS=dmaap.{{.Values.nsPrefix}} +DCAE_SERVERS=dmaap # Open DMaaP -DMAAP_SERVERS=dmaap.{{.Values.nsPrefix}} +DMAAP_SERVERS=dmaap # AAI @@ -89,7 +83,7 @@ AAI_PASSWORD=POLICY # MSO -SO_URL=http://mso.{{.Values.nsPrefix}}:8080/ecomp/mso/infra +SO_URL=http://mso:8080/ecomp/mso/infra SO_USERNAME=InfraPortalClient SO_PASSWORD=password1$ diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh index 8bff59c2e7..62822ac824 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh @@ -1,23 +1,17 @@ -#! /bin/bash - -### -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# +# +# http://www.apache.org/licenses/LICENSE-2.0 +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# ============LICENSE_END========================================================= -### + +#! /bin/bash ${POLICY_HOME}/bin/features enable healthcheck diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf new file mode 100644 index 0000000000..cbb45a5828 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf @@ -0,0 +1,16 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +HEALTHCHECK_USER=healthcheck +HEALTHCHECK_PASSWORD=zb!XztG34 diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/policy-keystore b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore Binary files differindex ab25c3a341..ab25c3a341 100644 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/policy-keystore +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf new file mode 100644 index 0000000000..c2ccefe4e3 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +CONTROLLER_ARTIFACT_ID=policy-management +CONTROLLER_NAME=policy-management-controller +CONTROLLER_PORT=9696 +RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT +UEB_TOPIC=policyengine-develop diff --git a/kubernetes/policy/charts/drools/resources/scripts/do-start.sh b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh new file mode 100644 index 0000000000..1c40e11b16 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh @@ -0,0 +1,50 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# skip installation if build.info file is present (restarting an existing container) +if [[ -f /opt/app/policy/etc/build.info ]]; then + echo "Found existing installation, will not reinstall" + . /opt/app/policy/etc/profile.d/env.sh +else + # replace conf files from installer with environment-specific files + # mounted from the hosting VM + if [[ -d config ]]; then + cp config/*.conf . + fi + + ./docker-install.sh + + . /opt/app/policy/etc/profile.d/env.sh + + # install policy keystore + mkdir -p $POLICY_HOME/etc/ssl + cp config/policy-keystore $POLICY_HOME/etc/ssl + + if [[ -x config/drools-tweaks.sh ]] ; then + echo "Executing tweaks" + # file may not be executable; running it as an + # argument to bash avoids needing execute perms. + bash config/drools-tweaks.sh + fi + + # sql provisioning scripts should be invoked here. +fi + +echo "Starting processes" + +policy start + +sleep 1000d diff --git a/kubernetes/policy/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh index 39483a0fb7..a6c054dbc1 100755..100644 --- a/kubernetes/policy/scripts/update-vfw-op-policy.sh +++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #!/bin/bash if [ "$#" -ne 4 ]; then diff --git a/kubernetes/policy/charts/drools/templates/NOTES.txt b/kubernetes/policy/charts/drools/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/drools/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/templates/policy-deployment-configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml index 9998b2c320..36f458f5a4 100644 --- a/kubernetes/policy/templates/policy-deployment-configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -12,30 +12,35 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if not .Values.disablePolicyDrools }} apiVersion: v1 kind: ConfigMap metadata: - name: policy-dep-drools-settings-configmap - namespace: {{ .Values.nsPrefix }} + name: {{ include "common.fullname" . }}-settings-configmap + namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }} -#{{ end }} --- -#{{ if not .Values.disablePolicyPdp }} apiVersion: v1 kind: ConfigMap metadata: - name: policy-dep-pe-configmap - namespace: {{ .Values.nsPrefix }} + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/opt/policy/config/pe/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: policy-dep-drools-configmap - namespace: {{ .Values.nsPrefix }} + name: {{ include "common.fullname" . }}-script-configmap + namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} -#{{ end }} +{{ tpl (.Files.Glob "resources/scripts/do-start.sh*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/charts/drools/templates/deployment.yaml b/kubernetes/policy/charts/drools/templates/deployment.yaml new file mode 100644 index 0000000000..349f88245e --- /dev/null +++ b/kubernetes/policy/charts/drools/templates/deployment.yaml @@ -0,0 +1,180 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + - --container-name + - {{ .Values.global.nexus.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + hostAliases: + - ip: "{{ .Values.aaiServiceClusterIp }}" + hostnames: + - "aai.api.simpledemo.openecomp.org" + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + - containerPort: {{ .Values.service.externalPort2 }} + command: + - /bin/bash + - -c + - ./do-start.sh + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: REPLICAS + value: "{{ .Values.replicaCount }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config/policy-keystore + name: drools-secret + subPath: policy-keystore + - mountPath: /tmp/policy-install/config/feature-healthcheck.conf + name: drools-secret + subPath: feature-healthcheck.conf + - mountPath: /tmp/policy-install/config/base.conf + name: drools-config + subPath: base.conf + - mountPath: /tmp/policy-install/config/policy-management.conf + name: drools-config + subPath: policy-management.conf + - mountPath: /tmp/policy-install/config/drools-tweaks.sh + name: drools-config + subPath: drools-tweaks.sh + - mountPath: /usr/share/maven/conf/settings.xml + name: drools-settingsxml + subPath: settings.xml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /tmp/logback.xml + name: policy-logback + subPath: logback.xml + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.loggingImage }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /usr/share/filebeat/data + name: policy-data-filebeat + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-filebeat-configmap + - name: policy-logs + emptyDir: {} + - name: policy-data-filebeat + emptyDir: {} + - name: policy-logback + configMap: + name: {{ include "common.fullname" . }}-log-configmap + - name: drools-settingsxml + configMap: + name: {{ include "common.fullname" . }}-settings-configmap + - name: drools-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: base.conf + path: base.conf + mode: 0755 + - key: policy-management.conf + path: policy-management.conf + mode: 0755 + - key: drools-tweaks.sh + path: drools-tweaks.sh + mode: 0755 + - name: drools-secret + secret: + secretName: {{ include "common.fullname" . }}-secret + items: + - key: policy-keystore + path: policy-keystore + mode: 0644 + - key: feature-healthcheck.conf + path: feature-healthcheck.conf + mode: 0644 + - name: pe-scripts + configMap: + name: {{ include "common.fullname" . }}-script-configmap + defaultMode: 0777 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml index 59bfa11df2..18f5f16c4d 100644 --- a/kubernetes/policy/templates/policy-deployment-secret.yaml +++ b/kubernetes/policy/charts/drools/templates/secrets.yaml @@ -12,13 +12,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if not .Values.disablePolicyDrools }} apiVersion: v1 kind: Secret metadata: - name: policy-dep-drools-secret - namespace: {{ .Values.nsPrefix }} -type: Opaque + name: {{ include "common.fullname" . }}-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }} -#{{ end }} +type: Opaque diff --git a/kubernetes/policy/charts/drools/templates/service.yaml b/kubernetes/policy/charts/drools/templates/service.yaml new file mode 100644 index 0000000000..4335f7cc79 --- /dev/null +++ b/kubernetes/policy/charts/drools/templates/service.yaml @@ -0,0 +1,42 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort }} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }} + {{- else -}} + - port: {{ .Values.service.type.externalPort }} + targetPort: {{ .Values.service.type.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml new file mode 100644 index 0000000000..14ebe31be2 --- /dev/null +++ b/kubernetes/policy/charts/drools/values.yaml @@ -0,0 +1,91 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuImage: ubuntu:16.04 +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-drools:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +aaiServiceClusterIp: 10.43.255.254 +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: drools + externalPort: 6969 + nodePort: 17 + externalPort2: 9696 + nodePort2: 21 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/mariadb/Chart.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml new file mode 100644 index 0000000000..c420e67379 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy MariaDB Service +name: mariadb +version: 2.0.0 diff --git a/kubernetes/policy/charts/mariadb/requirements.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/charts/mariadb/resources/config/db.sh new file mode 100644 index 0000000000..ead656ef0e --- /dev/null +++ b/kubernetes/policy/charts/mariadb/resources/config/db.sh @@ -0,0 +1,23 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash -xv + +for db in support onap_sdk log +do + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" +done + +mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;" diff --git a/kubernetes/policy/charts/mariadb/templates/NOTES.txt b/kubernetes/policy/charts/mariadb/templates/NOTES.txt new file mode 100644 index 0000000000..57947a65da --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/mariadb/templates/configmap.yaml b/kubernetes/policy/charts/mariadb/templates/configmap.yaml new file mode 100644 index 0000000000..a819196a1d --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/mariadb/templates/deployment.yaml b/kubernetes/policy/charts/mariadb/templates/deployment.yaml new file mode 100644 index 0000000000..65eb02cd6e --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/deployment.yaml @@ -0,0 +1,100 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-secret + key: db-root-password + - name: MYSQL_USER + value: policy_user + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-secret + key: db-user-password + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /docker-entrypoint-initdb.d + name: mariadb-conf + - mountPath: /var/lib/mysql + name: mariadb-data + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: mariadb-conf + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + - name: mariadb-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/mariadb/templates/pv.yaml b/kubernetes/policy/charts/mariadb/templates/pv.yaml new file mode 100644 index 0000000000..da117f4919 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/policy/charts/mariadb/templates/pvc.yaml b/kubernetes/policy/charts/mariadb/templates/pvc.yaml new file mode 100644 index 0000000000..e27c3311e9 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/policy/charts/mariadb/templates/secrets.yaml b/kubernetes/policy/charts/mariadb/templates/secrets.yaml new file mode 100644 index 0000000000..9f0c1788e4 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/secrets.yaml @@ -0,0 +1,29 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }} + db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }} + diff --git a/kubernetes/policy/charts/mariadb/templates/service.yaml b/kubernetes/policy/charts/mariadb/templates/service.yaml new file mode 100644 index 0000000000..5447d91e0e --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/service.yaml @@ -0,0 +1,32 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml new file mode 100644 index 0000000000..23970cfb8b --- /dev/null +++ b/kubernetes/policy/charts/mariadb/values.yaml @@ -0,0 +1,76 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: mariadb:10.0.34 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + mysqlRootPassword: secret + mysqlUserName: policy_user + mysqlPassword: policy_user +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: mariadb/data + +service: + type: ClusterIP + name: mariadb + internalPort: 3306 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/policy/charts/pdp/Chart.yaml b/kubernetes/policy/charts/pdp/Chart.yaml new file mode 100644 index 0000000000..09a65ead9d --- /dev/null +++ b/kubernetes/policy/charts/pdp/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy PDP +name: pdp +version: 2.0.0 diff --git a/kubernetes/policy/charts/pdp/requirements.yaml b/kubernetes/policy/charts/pdp/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/pdp/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml index c9c05d922d..daa4112e51 100644 --- a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml +++ b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml @@ -1,153 +1,150 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START=======================================================
- ECOMP-PDP-REST
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<configuration scan="true" scanPeriod="3 seconds" debug="true">
- <!--<jmxConfigurator /> -->
- <!-- specify the base path of the log directory -->
- <property name="logDir" value="/var/log/onap" />
- <!-- specify the component name -->
- <property name="componentName" value="policy" />
- <!-- specify the sub component name -->
- <property name="subComponentName" value="xacml-pdp-rest" />
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
- <!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <!-- Example evaluator filter applied against console appender -->
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
- <!-- The EELFAppender is used to record events to the general application
- log -->
- <!-- EELF Audit Appender. This appender is used to record audit engine
- related logging events. The audit logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
- <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
- %msg%n"</pattern> -->
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
- <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- </appender>
- <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
- <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
- <file>${logDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>true</includeCallerData>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger name="com.att.eelf.audit" level="info" additivity="false">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger name="com.att.eelf.metrics" level="info" additivity="false">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger name="com.att.eelf.error" level="info" additivity="false">
- <appender-ref ref="asyncEELFError" />
- </logger>
- <logger name="com.att.eelf.debug" level="debug" additivity="false">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
- <root level="INFO">
- <appender-ref ref="asyncEELFDebug" />
- </root>
-</configuration>
\ No newline at end of file +<?xml version="1.0" encoding="UTF-8"?> +<!-- +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> + +<configuration scan="true" scanPeriod="3 seconds" debug="true"> + <!--<jmxConfigurator /> --> + <!-- specify the base path of the log directory --> + <property name="logDir" value="/var/log/onap" /> + <!-- specify the component name --> + <property name="componentName" value="policy" /> + <!-- specify the sub component name --> + <property name="subComponentName" value="xacml-pdp-rest" /> + <!-- The directories where logs are written --> + <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> + <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" /> + <!-- log file names --> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + <property name="queueSize" value="256" /> + <property name="maxFileSize" value="50MB" /> + <property name="maxHistory" value="30" /> + <property name="totalSizeCap" value="10GB" /> + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + <!-- The EELFAppender is used to record events to the general application + log --> + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFMetrics" /> + </appender> + <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${errorLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + </appender> + <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFError" /> + </appender> + <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + <logger name="com.att.eelf.error" level="info" additivity="false"> + <appender-ref ref="asyncEELFError" /> + </logger> + <logger name="com.att.eelf.debug" level="debug" additivity="false"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + <root level="INFO"> + <appender-ref ref="asyncEELFDebug" /> + </root> +</configuration> diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh new file mode 100644 index 0000000000..6060fe9b6f --- /dev/null +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh @@ -0,0 +1,16 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#! /bin/bash + diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf index c3af2238f0..9dae9f2552 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # pdp component installation configuration parameters # tomcat specific parameters @@ -13,10 +27,10 @@ TOMCAT_X_MX_MB=1024 # pdp properties -UEB_CLUSTER=dmaap.{{.Values.nsPrefix}} +UEB_CLUSTER=dmaap -REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ -REST_PDP_ID=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ +REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/ +REST_PDP_ID=http://{{ include "common.fullname" . }}:8081/pdp/ REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps REST_PDP_REGISTER=true diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf new file mode 100644 index 0000000000..141eb28acd --- /dev/null +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# JVM specific parameters +LOGPARSER_JMX_PORT=9997 +LOGPARSER_X_MS_MB=1024 +LOGPARSER_X_MX_MB=1024 + +SERVER=http://{{ include "common.fullname" . }}:8081/pdp/ +LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log +PARSERLOGPATH=IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=pdplp_1 diff --git a/kubernetes/policy/charts/pdp/templates/NOTES.txt b/kubernetes/policy/charts/pdp/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/pdp/templates/configmap.yaml b/kubernetes/policy/charts/pdp/templates/configmap.yaml new file mode 100644 index 0000000000..76a4c0fdd4 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/configmap.yaml @@ -0,0 +1,29 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/pdp/templates/service.yaml b/kubernetes/policy/charts/pdp/templates/service.yaml new file mode 100644 index 0000000000..aed3fd1ae9 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/service.yaml @@ -0,0 +1,52 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "{{ include "common.fullname" . }}", + "version": "v1", + "url": "/pdp", + "protocol": "REST", + "port": "8081", + "visualRange":"1" + }, + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + sessionAffinity: None + diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml new file mode 100644 index 0000000000..367cde49bd --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml @@ -0,0 +1,143 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ include "common.fullname" . }} + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.pap.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - command: + - /bin/bash + - ./do-start.sh + - pdp + name: {{ include "common.name" . }} + image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config/base.conf + name: pe + subPath: base.conf + - mountPath: /tmp/policy-install/config/ + name: pe-pdp + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /tmp/logback.xml + name: policy-logback + subPath: logback.xml + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /usr/share/filebeat/data + name: policy-data-filebeat + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-filebeat-configmap + - name: policy-logs + emptyDir: {} + - name: policy-data-filebeat + emptyDir: {} + - name: policy-logback + configMap: + name: {{ include "common.fullname" . }}-log-configmap + - name: pe + configMap: + name: {{ .Release.Name }}-pe-configmap + defaultMode: 0755 + - name: pe-scripts + configMap: + name: {{ .Release.Name }}-pe-scripts-configmap + defaultMode: 0777 + - name: pe-pdp + configMap: + name: {{ include "common.fullname" . }}-pe-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml new file mode 100644 index 0000000000..c2b7580347 --- /dev/null +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -0,0 +1,90 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pe:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: pdp + externalPort: 8081 + #Example internal target port if required + #internalPort: <80> + nodePort: 20 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/policy-common/Chart.yaml b/kubernetes/policy/charts/policy-common/Chart.yaml new file mode 100644 index 0000000000..f853be0bc8 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy Common +name: policy-common +version: 2.0.0 diff --git a/kubernetes/policy/charts/policy-common/requirements.yaml b/kubernetes/policy/charts/policy-common/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml index b0d4690754..b0d4690754 100644 --- a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml +++ b/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf new file mode 100644 index 0000000000..885a114a97 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -0,0 +1,38 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 +POLICY_HOME=/opt/app/policy +KEYSTORE_PASSWD=PolicyR0ck$ + +JDBC_DRIVER=org.mariadb.jdbc.Driver +JDBC_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true +JDBC_LOG_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/log?failOverReadOnly=false&autoReconnect=true +JDBC_USER=policy_user +JDBC_PASSWORD=policy_user + +site_name=site_1 +fp_monitor_interval=30 +failed_counter_threshold=3 +test_trans_interval=20 +write_fpc_interval=5 +max_fpc_update_interval=60 +test_via_jmx=false +jmx_fqdn= + +ENVIRONMENT=TEST + +#Micro Service Model Properties +policy_msOnapName= +policy_msPolicyName= diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh new file mode 100644 index 0000000000..35842e4859 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh @@ -0,0 +1,92 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# Script to configure and start the Policy components that are to run in the designated container, +# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the +# script just goes into a long sleep so that the script does not exit (which would cause the +# container to be torn down). + +container=$1 + +case $container in +pap) + comps="base pap paplp console mysql elk" + ;; +pdp) + comps="base pdp pdplp" + ;; +brmsgw) + comps="base brmsgw" + ;; +*) + echo "Usage: do-start.sh pap|pdp|brmsgw" >&2 + exit 1 +esac + + +# skip installation if build.info file is present (restarting an existing container) +if [[ -f /opt/app/policy/etc/build.info ]]; then + echo "Found existing installation, will not reinstall" + . /opt/app/policy/etc/profile.d/env.sh + +else + if [[ -d config ]]; then + cp config/*.conf . + fi + + for comp in $comps; do + echo "Installing component: $comp" + ./docker-install.sh --install $comp + done + for comp in $comps; do + echo "Configuring component: $comp" + ./docker-install.sh --configure $comp + done + + . /opt/app/policy/etc/profile.d/env.sh + + # install keystore + #changed to use http instead of http, so keystore no longer needed + #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore + + if [[ -f config/$container-tweaks.sh ]] ; then + # file may not be executable; running it as an + # argument to bash avoids needing execute perms. + bash config/$container-tweaks.sh + fi + + if [[ $container == pap ]]; then + # wait for DB up + # now that DB is up, invoke database upgrade + # (which does nothing if the db is already up-to-date) + dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) + dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) + db_upgrade_remote.sh $dbuser $dbpw {{.Release.Name}}-{{.Values.global.mariadb.nameOverride}} + fi + +fi + +policy.sh start + +# on pap, wait for pap, pdp, brmsgw, nexus and drools up, +# then push the initial default policies +if [[ $container == pap ]]; then + # wait addional 1 minute for all processes to get fully initialized and synched up + sleep 60 + bash -xv config/push-policies.sh +fi + +sleep 1000d diff --git a/kubernetes/policy/charts/policy-common/templates/NOTES.txt b/kubernetes/policy/charts/policy-common/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/policy-common/templates/configmap.yaml b/kubernetes/policy/charts/policy-common/templates/configmap.yaml new file mode 100644 index 0000000000..23311c66f5 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/templates/configmap.yaml @@ -0,0 +1,37 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-pe-scripts-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/scripts/do-start.sh").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-filebeat-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-common/values.yaml b/kubernetes/policy/charts/policy-common/values.yaml new file mode 100644 index 0000000000..8ac609d264 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/values.yaml @@ -0,0 +1,82 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + logstashServiceName: log-ls + logstashPort: 5044 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: <onap-app> + externalPort: <8080> + #Example internal target port if required + #internalPort: <80> + nodePort: <replace with unused node port suffix eg. 23> + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml new file mode 100644 index 0000000000..2bf0d7b9e5 --- /dev/null +++ b/kubernetes/policy/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml index d0871bdb4a..bcc6b167fc 100644 --- a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml +++ b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml @@ -1,190 +1,186 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ================================================================================
- eCOMP Portal SDK
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ================================================================================
- -->
-<configuration debug="true" scan="true" scanPeriod="3 seconds">
- <!--
- Logback files for the ECOMP SDK Application "ecomp_app"
- are created in directory ${catalina.base}/logs/ecomp_app;
- e.g., apache-tomcat-8.0.35/logs/ecomp_app/application.log
- -->
- <!--<jmxConfigurator /> -->
- <!-- specify the base path of the log directory -->
- <property name="logDir" value="/var/log/onap" />
- <!-- specify the component name -->
- <property name="componentName" value="policy" />
- <!-- specify the sub component name -->
- <property name="subComponentName" value="ep_sdk_app" />
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
- <!-- log file names -->
- <property name="generalLogName" value="application" />
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <!--
- These loggers are not used in code (yet).
- <property name="securityLogName" value="security" />
- <property name="policyLogName" value="policy" />
- <property name="performanceLogName" value="performance" />
- <property name="serverLogName" value="server" />
- -->
- <!-- Example evaluator filter applied against console appender -->
- <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
- <!-- The EELFAppender is used to record events to the general application
- log -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELF">
- <file>${logDirectory}/${generalLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELF">
- <queueSize>${queueSize}</queueSize>
- <!-- Class name is part of caller data -->
- <includeCallerData>true</includeCallerData>
- <appender-ref ref="EELF" />
- </appender>
- <!-- EELF Audit Appender. This appender is used to record audit engine
- related logging events. The audit logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
- <file>${logDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <!-- daily rollover -->
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>true</includeCallerData>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger additivity="false" level="info" name="com.att.eelf.audit">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger additivity="false" level="info" name="com.att.eelf.metrics">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger additivity="false" level="info" name="com.att.eelf.error">
- <appender-ref ref="asyncEELFError" />
- </logger>
- <logger additivity="false" level="debug" name="com.att.eelf.debug">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
- <root level="INFO">
- <appender-ref ref="asyncEELFDebug" />
- </root>
-</configuration>
\ No newline at end of file +<?xml version="1.0" encoding="UTF-8"?> +<!-- +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> +<configuration debug="true" scan="true" scanPeriod="3 seconds"> + <!-- + Logback files for the ECOMP SDK Application "ecomp_app" + are created in directory ${catalina.base}/logs/ecomp_app; + e.g., apache-tomcat-8.0.35/logs/ecomp_app/application.log + --> + <!--<jmxConfigurator /> --> + <!-- specify the base path of the log directory --> + <property name="logDir" value="/var/log/onap" /> + <!-- specify the component name --> + <property name="componentName" value="policy" /> + <!-- specify the sub component name --> + <property name="subComponentName" value="ep_sdk_app" /> + <!-- The directories where logs are written --> + <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> + <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" /> + <!-- log file names --> + <property name="generalLogName" value="application" /> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + <property name="queueSize" value="256" /> + <property name="maxFileSize" value="50MB" /> + <property name="maxHistory" value="30" /> + <property name="totalSizeCap" value="10GB" /> + <!-- + These loggers are not used in code (yet). + <property name="securityLogName" value="security" /> + <property name="policyLogName" value="policy" /> + <property name="performanceLogName" value="performance" /> + <property name="serverLogName" value="server" /> + --> + <!-- Example evaluator filter applied against console appender --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + <!-- The EELFAppender is used to record events to the general application + log --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELF"> + <file>${logDirectory}/${generalLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- daily rollover --> + <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" /> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELF"> + <queueSize>${queueSize}</queueSize> + <!-- Class name is part of caller data --> + <includeCallerData>true</includeCallerData> + <appender-ref ref="EELF" /> + </appender> + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- daily rollover --> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- daily rollover --> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFMetrics" /> + </appender> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError"> + <file>${logDirectory}/${errorLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- daily rollover --> + <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFError" /> + </appender> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <!-- daily rollover --> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger additivity="false" level="info" name="com.att.eelf.audit"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger additivity="false" level="info" name="com.att.eelf.metrics"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + <logger additivity="false" level="info" name="com.att.eelf.error"> + <appender-ref ref="asyncEELFError" /> + </logger> + <logger additivity="false" level="debug" name="com.att.eelf.debug"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + <root level="INFO"> + <appender-ref ref="asyncEELFDebug" /> + </root> +</configuration> diff --git a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml deleted file mode 100644 index c4b596b6d5..0000000000 --- a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml +++ /dev/null @@ -1,154 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START=======================================================
- ECOMP Policy Engine
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<configuration debug="true" scan="true" scanPeriod="3 seconds">
- <!--<jmxConfigurator /> -->
- <!-- specify the base path of the log directory -->
- <property name="logDir" value="/var/log/onap" />
- <!-- specify the component name -->
- <property name="componentName" value="policy" />
- <!-- specify the sub component name -->
- <property name="subComponentName" value="pypdpserver" />
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
- <!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <!-- Example evaluator filter applied against console appender -->
- <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
- <!-- The EELFAppender is used to record events to the general application
- log -->
- <!-- EELF Audit Appender. This appender is used to record audit engine
- related logging events. The audit logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
- %msg%n"</pattern> -->
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
- <file>${logDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>true</includeCallerData>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger additivity="false" level="info" name="com.att.eelf.audit">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger additivity="false" level="info" name="com.att.eelf.metrics">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger additivity="false" level="info" name="com.att.eelf.error">
- <appender-ref ref="asyncEELFError" />
- </logger>
- <logger additivity="false" level="debug" name="com.att.eelf.debug">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
- <root level="INFO">
- <appender-ref ref="asyncEELFDebug" />
- <appender-ref ref="asyncEELFError" />
- </root>
-</configuration>
\ No newline at end of file diff --git a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml index 77068bb9aa..9401e54861 100644 --- a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml +++ b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml @@ -1,153 +1,150 @@ -<?xml version="1.0" encoding="UTF-8"?>
-<!--
- ============LICENSE_START=======================================================
- ECOMP-PAP-REST
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
-<configuration debug="true" scan="true" scanPeriod="3 seconds">
- <!--<jmxConfigurator /> -->
- <!-- specify the base path of the log directory -->
- <property name="logDir" value="/var/log/onap" />
- <!-- specify the component name -->
- <property name="componentName" value="policy" />
- <!-- specify the sub component name -->
- <property name="subComponentName" value="xacml-pap-rest" />
- <!-- The directories where logs are written -->
- <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
- <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
- <!-- log file names -->
- <property name="errorLogName" value="error" />
- <property name="metricsLogName" value="metrics" />
- <property name="auditLogName" value="audit" />
- <property name="debugLogName" value="debug" />
- <property name="queueSize" value="256" />
- <property name="maxFileSize" value="50MB" />
- <property name="maxHistory" value="30" />
- <property name="totalSizeCap" value="10GB" />
- <!-- Example evaluator filter applied against console appender -->
- <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF Appenders -->
- <!-- ============================================================================ -->
- <!-- The EELFAppender is used to record events to the general application
- log -->
- <!-- EELF Audit Appender. This appender is used to record audit engine
- related logging events. The audit logger and appender are specializations
- of the EELF application root logger and appender. This can be used to segregate
- Policy engine events from other components, or it can be eliminated to record
- these events as part of the application root log. -->
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
- <file>${logDirectory}/${auditLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFAudit" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
- <file>${logDirectory}/${metricsLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
- %msg%n"</pattern> -->
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFMetrics" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
- <file>${logDirectory}/${errorLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
- <level>INFO</level>
- </filter>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFError" />
- </appender>
- <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
- <file>${logDirectory}/${debugLogName}.log</file>
- <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
- <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
- <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
- <maxFileSize>${maxFileSize}</maxFileSize>
- </timeBasedFileNamingAndTriggeringPolicy>
- <maxHistory>${maxHistory}</maxHistory>
- <totalSizeCap>${totalSizeCap}</totalSizeCap>
- </rollingPolicy>
- <encoder>
- <pattern>${pattern}</pattern>
- </encoder>
- </appender>
- <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
- <queueSize>${queueSize}</queueSize>
- <appender-ref ref="EELFDebug" />
- <includeCallerData>true</includeCallerData>
- </appender>
- <!-- ============================================================================ -->
- <!-- EELF loggers -->
- <!-- ============================================================================ -->
- <logger additivity="false" level="info" name="com.att.eelf.audit">
- <appender-ref ref="asyncEELFAudit" />
- </logger>
- <logger additivity="false" level="info" name="com.att.eelf.metrics">
- <appender-ref ref="asyncEELFMetrics" />
- </logger>
- <logger additivity="false" level="info" name="com.att.eelf.error">
- <appender-ref ref="asyncEELFError" />
- </logger>
- <logger additivity="false" level="debug" name="com.att.eelf.debug">
- <appender-ref ref="asyncEELFDebug" />
- </logger>
- <root level="INFO">
- <appender-ref ref="asyncEELFDebug" />
- </root>
-</configuration>
\ No newline at end of file +<?xml version="1.0" encoding="UTF-8"?> +<!-- +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> + +<configuration debug="true" scan="true" scanPeriod="3 seconds"> + <!--<jmxConfigurator /> --> + <!-- specify the base path of the log directory --> + <property name="logDir" value="/var/log/onap" /> + <!-- specify the component name --> + <property name="componentName" value="policy" /> + <!-- specify the sub component name --> + <property name="subComponentName" value="xacml-pap-rest" /> + <!-- The directories where logs are written --> + <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" /> + <property name="pattern" value="%d{&quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" /> + <!-- log file names --> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + <property name="queueSize" value="256" /> + <property name="maxFileSize" value="50MB" /> + <property name="maxHistory" value="30" /> + <property name="totalSizeCap" value="10GB" /> + <!-- Example evaluator filter applied against console appender --> + <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT"> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + <!-- The EELFAppender is used to record events to the general application + log --> + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFMetrics" /> + </appender> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError"> + <file>${logDirectory}/${errorLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFError" /> + </appender> + <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug"> + <file>${logDirectory}/${debugLogName}.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> + <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern> + <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP"> + <maxFileSize>${maxFileSize}</maxFileSize> + </timeBasedFileNamingAndTriggeringPolicy> + <maxHistory>${maxHistory}</maxHistory> + <totalSizeCap>${totalSizeCap}</totalSizeCap> + </rollingPolicy> + <encoder> + <pattern>${pattern}</pattern> + </encoder> + </appender> + <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug"> + <queueSize>${queueSize}</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger additivity="false" level="info" name="com.att.eelf.audit"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + <logger additivity="false" level="info" name="com.att.eelf.metrics"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + <logger additivity="false" level="info" name="com.att.eelf.error"> + <appender-ref ref="asyncEELFError" /> + </logger> + <logger additivity="false" level="debug" name="com.att.eelf.debug"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + <root level="INFO"> + <appender-ref ref="asyncEELFDebug" /> + </root> +</configuration> diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf deleted file mode 100644 index 31baed21e3..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf +++ /dev/null @@ -1,2 +0,0 @@ -HEALTHCHECK_USER=healthcheck -HEALTHCHECK_PASSWORD=zb!XztG34 diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf deleted file mode 100755 index 843b832ea7..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf +++ /dev/null @@ -1,5 +0,0 @@ -CONTROLLER_ARTIFACT_ID=policy-management -CONTROLLER_NAME=policy-management-controller -CONTROLLER_PORT=9696 -RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT -UEB_TOPIC=policyengine-develop diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf deleted file mode 100755 index 291743157b..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf +++ /dev/null @@ -1,24 +0,0 @@ -JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 -POLICY_HOME=/opt/app/policy -KEYSTORE_PASSWD=PolicyR0ck$ - -JDBC_DRIVER=org.mariadb.jdbc.Driver -JDBC_URL=jdbc:mariadb://mariadb.{{.Values.nsPrefix}}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true -JDBC_LOG_URL=jdbc:mariadb://mariadb.{{.Values.nsPrefix}}:3306/log?failOverReadOnly=false&autoReconnect=true -JDBC_USER=policy_user -JDBC_PASSWORD=policy_user - -site_name=site_1 -fp_monitor_interval=30 -failed_counter_threshold=3 -test_trans_interval=20 -write_fpc_interval=5 -max_fpc_update_interval=60 -test_via_jmx=false -jmx_fqdn= - -ENVIRONMENT=TEST - -#Micro Service Model Properties -policy_msOnapName= -policy_msPolicyName= diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf deleted file mode 100644 index 938954ce63..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf +++ /dev/null @@ -1,3 +0,0 @@ -# elasticsearch - -ELK_JMX_PORT=9995
\ No newline at end of file diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf deleted file mode 100755 index 28b9e3ca33..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf +++ /dev/null @@ -1,5 +0,0 @@ -# mysql scripts component installation configuration parameters - -# Path to mysql bin -MYSQL_BIN=/usr/local/mysql/bin - diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh deleted file mode 100755 index 36ac3689b1..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh +++ /dev/null @@ -1 +0,0 @@ -#! /bin/bash diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf deleted file mode 100755 index 22ca8492b2..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf +++ /dev/null @@ -1,12 +0,0 @@ -# JVM specific parameters -LOGPARSER_JMX_PORT=9996 -LOGPARSER_X_MS_MB=1024 -LOGPARSER_X_MX_MB=1024 - -SERVER=http://pap.{{.Values.nsPrefix}}:9091/pap/ -LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log -PARSERLOGPATH=IntegrityMonitor.log - -node_type=logparser -# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase -resource_name=paplp_1 diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh deleted file mode 100755 index f68253635a..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh +++ /dev/null @@ -1,2 +0,0 @@ -#! /bin/bash - diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf deleted file mode 100755 index 0e58cebbc6..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf +++ /dev/null @@ -1,12 +0,0 @@ -# JVM specific parameters -LOGPARSER_JMX_PORT=9997 -LOGPARSER_X_MS_MB=1024 -LOGPARSER_X_MX_MB=1024 - -SERVER=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ -LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log -PARSERLOGPATH=IntegrityMonitor.log - -node_type=logparser -# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase -resource_name=pdplp_1 diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf index 3ff708655c..3ed6ed439c 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf +++ b/kubernetes/policy/resources/config/pe/console.conf @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # configs component installation configuration parameters # tomcat specific parameters @@ -77,7 +91,7 @@ REFRESH_RATE=40000 # -REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ +REST_PAP_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/pap/ # # Config/Action Properties location. @@ -85,7 +99,7 @@ REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ REST_CONFIG_HOME=/opt/app/policy/servers/pap/webapps/Config/ REST_ACTION_HOME=/opt/app/policy/servers/pap/webapps/Action/ -REST_CONFIG_URL=http://pap.{{.Values.nsPrefix}}:9091/ +REST_CONFIG_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/ REST_CONFIG_WEBAPPS=/opt/app/policy/servers/pap/webapps/ # PAP account information @@ -121,12 +135,12 @@ onap_application_name= #-----------------------ONAP-PORTAL-Properties---------------------- -ONAP_REDIRECT_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/login.htm -ONAP_REST_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/auxapi +ONAP_REDIRECT_URL=http://portalapps:8989/ONAPPORTAL/login.htm +ONAP_REST_URL=http://portalapps:8989/ONAPPORTAL/auxapi ONAP_UEB_URL_LIST= ONAP_PORTAL_INBOX_NAME= ONAP_UEB_APP_KEY= ONAP_UEB_APP_SECRET= ONAP_UEB_APP_MAILBOX_NAME= APP_DISPLAY_NAME=ONAP Policy -ONAP_SHARED_CONTEXT_REST_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/context +ONAP_SHARED_CONTEXT_REST_URL=http://portalapps:8989/ONAPPORTAL/context diff --git a/kubernetes/policy/resources/config/pe/elk.conf b/kubernetes/policy/resources/config/pe/elk.conf new file mode 100644 index 0000000000..2750bff702 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/elk.conf @@ -0,0 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# elasticsearch + +ELK_JMX_PORT=9995 diff --git a/kubernetes/policy/resources/config/pe/mysql.conf b/kubernetes/policy/resources/config/pe/mysql.conf new file mode 100644 index 0000000000..d4f83d414e --- /dev/null +++ b/kubernetes/policy/resources/config/pe/mysql.conf @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# mysql scripts component installation configuration parameters + +# Path to mysql bin +MYSQL_BIN=/usr/local/mysql/bin + diff --git a/kubernetes/policy/resources/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/pe/pap-tweaks.sh new file mode 100644 index 0000000000..1930b98f77 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/pap-tweaks.sh @@ -0,0 +1,15 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#! /bin/bash diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf index 3f892c9f5a..28c2da1a14 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # pap component installation configuration parameters # tomcat specific parameters @@ -14,7 +28,7 @@ TOMCAT_X_MX_MB=1024 # pap properties PAP_PDPS=/opt/app/policy/servers/pap/bin/pdps -PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ +PAP_URL=http://{{ include "common.fullname" . }}:9091/pap/ PAP_INITIATE_PDP=true PAP_HEARTBEAT_INTERVAL=10000 @@ -26,7 +40,7 @@ REST_ADMIN_WORKSPACE=workspace # PDP related properties -PAP_PDP_URL=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/ PAP_PDP_HTTP_USER_ID=testpdp PAP_PDP_HTTP_PASSWORD=alpha123 diff --git a/kubernetes/policy/resources/config/pe/paplp.conf b/kubernetes/policy/resources/config/pe/paplp.conf new file mode 100644 index 0000000000..7124fde01a --- /dev/null +++ b/kubernetes/policy/resources/config/pe/paplp.conf @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# JVM specific parameters +LOGPARSER_JMX_PORT=9996 +LOGPARSER_X_MS_MB=1024 +LOGPARSER_X_MX_MB=1024 + +SERVER=http://{{ include "common.fullname" . }}:9091/pap/ +LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log +PARSERLOGPATH=IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=paplp_1 diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh index b9242cee78..5e0172bce9 100755..100644 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #! /bin/bash # forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM @@ -12,7 +26,7 @@ wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-application sleep 2 -curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/policyEngineImport' +curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/policyEngineImport' echo "PRELOAD_POLICIES is $PRELOAD_POLICIES" @@ -42,7 +56,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -62,7 +76,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -82,7 +96,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -102,7 +116,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' #########################################Create Micro Service Config policies########################################## @@ -116,7 +130,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyConfigType": "MicroService", "policyName": "com.MicroServicevFirewall", "onapName": "DCAE" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -127,7 +141,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyConfigType": "MicroService", "policyName": "com.MicroServicevDNS", "onapName": "DCAE" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -138,7 +152,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyConfigType": "MicroService", "policyName": "com.MicroServicevCPE", "onapName": "DCAE" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' #########################################Creating Decision Guard policy######################################### @@ -165,7 +179,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "guardActiveEnd": "00:00:00-05:00" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' #########################################Push Decision policy######################################### @@ -176,7 +190,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.AllPermitGuard", "policyType": "DECISION" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' #########################################Pushing BRMS Param policies########################################## @@ -189,7 +203,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamvFirewall", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 2 @@ -198,7 +212,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamvDNS", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 2 @@ -207,7 +221,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamVOLTE", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 2 @@ -216,7 +230,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamvCPE", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' #########################################Pushing MicroService Config policies########################################## @@ -229,7 +243,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.MicroServicevFirewall", "policyType": "MicroService" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 10 @@ -238,7 +252,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.MicroServicevDNS", "policyType": "MicroService" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 10 @@ -247,4 +261,4 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.MicroServicevCPE", "policyType": "MicroService" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' diff --git a/kubernetes/policy/templates/NOTES.txt b/kubernetes/policy/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml deleted file mode 100644 index f8e435b1bc..0000000000 --- a/kubernetes/policy/templates/all-services.yaml +++ /dev/null @@ -1,145 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyMariadb }} -apiVersion: v1 -kind: Service -metadata: - name: mariadb - namespace: "{{ .Values.nsPrefix }}" - labels: - app: mariadb -spec: - ports: - - name: 3306-port - port: 3306 - selector: - app: mariadb - clusterIP: None -#{{ end }} -#{{ if not .Values.disablePolicyNexus }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: nexus - name: nexus - namespace: "{{ .Values.nsPrefix }}" -spec: - ports: - - name: nexus-port - port: 8081 - selector: - app: nexus - clusterIP: None -#{{ end }} -#{{ if not .Values.disablePolicyDrools }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: drools - name: drools - namespace: "{{ .Values.nsPrefix }}" -spec: - ports: - - name: "drools-port" - port: 6969 - nodePort: {{ .Values.nodePortPrefix }}17 - - name: "drools-port2" - port: 9696 - nodePort: {{ .Values.nodePortPrefix }}21 - selector: - app: drools - type: NodePort -#{{ end }} -#{{ if not .Values.disablePolicyPap }} ---- -apiVersion: v1 -kind: Service -metadata: - name: pap - namespace: "{{ .Values.nsPrefix }}" - labels: - app: pap -spec: - ports: - - name: 8443-port - port: 8443 - nodePort: {{ .Values.nodePortPrefix }}19 - - name: 9091-port - port: 9091 - nodePort: {{ .Values.nodePortPrefix }}18 - selector: - app: pap - type: NodePort -#{{ end }} -#{{ if not .Values.disablePolicyPdp }} ---- -apiVersion: v1 -kind: Service -metadata: - name: pdp - namespace: "{{ .Values.nsPrefix }}" - labels: - app: pdp - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "policy-pdp", - "version": "v1", - "url": "/pdp", - "protocol": "REST", - "port": "8081", - "visualRange":"1" - }, - { - "serviceName": "policy-pdp-deprecated", - "version": "v1", - "url": "/pdp", - "protocol": "REST", - "port": "8081", - "visualRange":"1", - "path":"/pdp" - } - ]' -spec: - ports: - - name: 8081-port - port: 8081 - nodePort: {{ .Values.nodePortPrefix }}20 - selector: - app: pdp - type: NodePort -#{{ end }} -#{{ if not .Values.disablePolicyBrmsgw }} ---- -apiVersion: v1 -kind: Service -metadata: - name: brmsgw - namespace: "{{ .Values.nsPrefix }}" - labels: - app: brmsgw -spec: - ports: - - name: 9989-port - port: 9989 - nodePort: {{ .Values.nodePortPrefix }}16 - selector: - app: brmsgw - type: NodePort -#{{ end }} diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml new file mode 100644 index 0000000000..3a9564a04b --- /dev/null +++ b/kubernetes/policy/templates/configmap.yaml @@ -0,0 +1,38 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/xacml-pap-rest/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-sdk-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/ep_sdk_app/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml deleted file mode 100644 index 54b5565617..0000000000 --- a/kubernetes/policy/templates/dep-brmsgw.yaml +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyBrmsgw }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-brmsgw - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.brmsgwReplicas }} - selector: - matchLabels: - app: brmsgw - template: - metadata: - labels: - app: brmsgw - name: policy-brmsgw - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - pap - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: brmsgw-readiness - containers: - - command: - - /bin/bash - - ./do-start.sh - - brmsgw - image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion}}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: brmsgw - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config - name: pe - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: pe - configMap: - name: policy-dep-pe-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml deleted file mode 100644 index ec0413aac5..0000000000 --- a/kubernetes/policy/templates/dep-drools.yaml +++ /dev/null @@ -1,152 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyDrools }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-drools - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.droolsReplicas }} - selector: - matchLabels: - app: drools - template: - metadata: - labels: - app: drools - name: policy-drools - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - mariadb - - --container-name - - nexus - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: drools-readiness - hostAliases: - - ip: "{{ .Values.aaiServiceClusterIp }}" - hostnames: - - "aai.api.simpledemo.openecomp.org" - containers: - - command: - - /bin/bash - - -c - - ./do-start.sh - image: "{{ .Values.image.policyDrools }}:{{ .Values.image.policyDroolsVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: drools - ports: - - containerPort: 6969 - readinessProbe: - tcpSocket: - port: 6969 - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config/policy-keystore - name: drools-secret - subPath: policy-keystore - - mountPath: /tmp/policy-install/config/feature-healthcheck.conf - name: drools-secret - subPath: feature-healthcheck.conf - - mountPath: /tmp/policy-install/config/base.conf - name: drools-config - subPath: base.conf - - mountPath: /tmp/policy-install/config/policy-management.conf - name: drools-config - subPath: policy-management.conf - - mountPath: /tmp/policy-install/config/drools-tweaks.sh - name: drools-config - subPath: drools-tweaks.sh - - mountPath: /usr/share/maven/conf/settings.xml - name: drools-settingsxml - subPath: settings.xml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.image.filebeat }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: policy-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: policy-drools-log-configmap - - name: drools-settingsxml - configMap: - name: policy-dep-drools-settings-configmap - - name: drools-config - configMap: - name: policy-dep-drools-configmap - items: - - key: base.conf - path: base.conf - mode: 0755 - - key: policy-management.conf - path: policy-management.conf - mode: 0755 - - key: drools-tweaks.sh - path: drools-tweaks.sh - mode: 0755 - - name: drools-secret - secret: - secretName: policy-dep-drools-secret - items: - - key: policy-keystore - path: policy-keystore - mode: 0644 - - key: feature-healthcheck.conf - path: feature-healthcheck.conf - mode: 0644 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-maria.yaml b/kubernetes/policy/templates/dep-maria.yaml deleted file mode 100644 index 302a052401..0000000000 --- a/kubernetes/policy/templates/dep-maria.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyMariadb }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-mariadb - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.mariadbReplicas }} - selector: - matchLabels: - app: mariadb - template: - metadata: - labels: - app: mariadb - name: policy-mariadb - spec: - hostname: mariadb - containers: - - image: "{{ .Values.image.policyDb }}:{{ .Values.image.policyDbVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: mariadb - ports: - - containerPort: 3306 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - readinessProbe: - tcpSocket: - port: 3306 - initialDelaySeconds: 5 - periodSeconds: 10 - volumes: - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-nexus.yaml b/kubernetes/policy/templates/dep-nexus.yaml deleted file mode 100644 index de0aeb0f30..0000000000 --- a/kubernetes/policy/templates/dep-nexus.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyNexus }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-nexus - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.nexusReplicas }} - selector: - matchLabels: - app: nexus - template: - metadata: - labels: - app: nexus - name: policy-nexus - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - mariadb - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: nexus-readiness - containers: - - image: "{{ .Values.image.policyNexus }}:{{ .Values.image.policyNexusVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: nexus - volumeMounts: - - name: localtime - mountPath: /etc/localtime - readOnly: true - volumes: - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml deleted file mode 100644 index 5a0d0467eb..0000000000 --- a/kubernetes/policy/templates/dep-pap.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyPap }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-pap - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.papReplicas }} - selector: - matchLabels: - app: pap - template: - metadata: - labels: - app: pap - name: policy-pap - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - mariadb - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pap-readiness - - command: ["/bin/bash", "-c", "echo $POD_IP > /config/ip_addr.txt"] - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - volumeMounts: - - mountPath: /config/ - name: pe - image: {{ .Values.image.ubuntu }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: generate-ip-addr-txt - containers: - - command: - - /bin/bash - - ./do-start.sh - - pap - image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pap - env: - - name: PRELOAD_POLICIES - value: "true" - ports: - - containerPort: 8443 - - containerPort: 9091 - readinessProbe: - tcpSocket: - port: 9091 - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config/ - name: pe - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/policy-install/logback.xml - name: policy-sdk-logback - subPath: logback.xml - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.image.filebeat }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: policy-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: policy-pap-log-configmap - - name: policy-sdk-logback - configMap: - name: policy-sdk-log-configmap - - name: pe - configMap: - name: policy-dep-pe-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml deleted file mode 100644 index 6b28ed0fdb..0000000000 --- a/kubernetes/policy/templates/dep-pdp.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyPdp }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-pdp - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.pdpReplicas }} - selector: - matchLabels: - app: pdp - template: - metadata: - labels: - app: pdp - name: policy-pdp - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - pap - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pdp-readiness - containers: - - command: - - /bin/bash - - ./do-start.sh - - pdp - image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pdp - ports: - - containerPort: 8081 - readinessProbe: - tcpSocket: - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config - name: pe - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.image.filebeat }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: policy-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: policy-pdp-log-configmap - - name: pe - configMap: - name: policy-dep-pe-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml new file mode 100644 index 0000000000..88b3de35c0 --- /dev/null +++ b/kubernetes/policy/templates/deployment.yaml @@ -0,0 +1,162 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - command: ["/bin/bash", "-c", "echo $POD_IP > /config/ip_addr.txt"] + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + volumeMounts: + - mountPath: /config/ + name: pe + image: {{ .Values.global.ubuntuImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: generate-ip-addr-txt + containers: + - command: + - /bin/bash + - ./do-start.sh + - pap + name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + - containerPort: {{ .Values.service.externalPort2 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PRELOAD_POLICIES + value: "{{ .Values.config.preloadPolicies }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config/base.conf + name: pe + subPath: base.conf + - mountPath: /tmp/policy-install/config/ + name: pe-pap + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /tmp/policy-install/logback.xml + name: policy-sdk-logback + subPath: logback.xml + - mountPath: /tmp/logback.xml + name: policy-logback + subPath: logback.xml + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.global.loggingImage | default .Values.loggingImage }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /usr/share/filebeat/data + name: policy-data-filebeat + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-filebeat-configmap + - name: policy-logs + emptyDir: {} + - name: policy-data-filebeat + emptyDir: {} + - name: policy-logback + configMap: + name: {{ include "common.fullname" . }}-log-configmap + - name: policy-sdk-logback + configMap: + name: {{ include "common.fullname" . }}-sdk-log-configmap + - name: pe + configMap: + name: {{ .Release.Name }}-pe-configmap + defaultMode: 0755 + - name: pe-scripts + configMap: + name: {{ .Release.Name }}-pe-scripts-configmap + defaultMode: 0777 + - name: pe-pap + configMap: + name: {{ include "common.fullname" . }}-pe-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/templates/policy-log-configmap.yaml b/kubernetes/policy/templates/policy-log-configmap.yaml deleted file mode 100644 index 3a62030bd5..0000000000 --- a/kubernetes/policy/templates/policy-log-configmap.yaml +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyPap }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-pap-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/xacml-pap-rest/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-sdk-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/ep_sdk_app/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-filebeat-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} -#{{ end }} -#{{ if not .Values.disablePolicyPdp }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-pdp-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/*").AsConfig . | indent 2 }} -#{{ end }} -#{{ if not .Values.disablePolicyDrools }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-drools-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/drools/*").AsConfig . | indent 2 }} -#{{ end }} diff --git a/kubernetes/policy/templates/service.yaml b/kubernetes/policy/templates/service.yaml new file mode 100644 index 0000000000..4d7996042d --- /dev/null +++ b/kubernetes/policy/templates/service.yaml @@ -0,0 +1,42 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort }} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 49ad89225d..171ea1078c 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -12,33 +12,107 @@ # See the License for the specific language governing permissions and # limitations under the License. -nsPrefix: onap +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuImage: ubuntu:16.04 + mariadb: + nameOverride: policydb + pdp: + nameOverride: pdp + pap: + nameOverride: pap + drools: + nameOverride: drools + brmwgw: + nameOverride: brmsgw + nexus: + nameOverride: nexus + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pe:1.2-SNAPSHOT-latest pullPolicy: Always -nodePortPrefix: 302 - -# POLICY hotfix - Note this must be temporary -# See https://jira.onap.org/browse/POLICY-510 -aaiServiceClusterIp: 10.43.255.254 -brmsgwReplicas: 1 -droolsReplicas: 1 -mariadbReplicas: 1 -nexusReplicas: 1 -papReplicas: 1 -pdpReplicas: 1 -image: - readiness: oomk8s/readiness-check - readinessVersion: 1.1.0 - policyPe: nexus3.onap.org:10001/onap/policy/policy-pe - policyPeVersion: v1.1.1 - policyDrools: nexus3.onap.org:10001/onap/policy/policy-drools - policyDroolsVersion: v1.1.1 - policyDb: nexus3.onap.org:10001/onap/policy/policy-db - policyDbVersion: v1.1.1 - policyNexus: nexus3.onap.org:10001/onap/policy/policy-nexus - policyNexusVersion: v1.1.1 - ubuntu: ubuntu:16.04 - filebeat: docker.elastic.co/beats/filebeat:5.5.0 +subChartsOnly: + enabled: true + +nameOverride: pap + +pdp: + nameOverride: pdp +mariadb: + nameOverride: policydb +drools: + nameOverride: drools +brmwgw: + nameOverride: brmsgw +nexus: + nameOverride: nexus + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: config: - logstashServiceName: log-ls - logstashPort: 5044 + preloadPolicies: true + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: pap + externalPort: 8443 + nodePort: 19 + externalPort2: 9091 + nodePort2: 18 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi |