5 files changed, 80 insertions, 17 deletions

diff --git a/kubernetes/aai/components/aai-resources/resources/config/application.properties b/kubernetes/aai/components/aai-resources/resources/config/application.properties
index 805f3cd505..1b7bdf8ff6 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/application.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/application.properties
@@ -98,13 +98,13 @@ schema.service.versions.endpoint=versions
 schema.service.client=no-auth
 
 #to expose the Prometheus scraping endpoint
-management.port=8448
-management.endpoints.enabled-by-default=false
-management.security.enabled=false
-endpoints.enabled=false
-endpoints.info.enabled=false
-endpoints.prometheus.enabled=false
-endpoints.health.enabled=false
+management.server.port=8448
+management.endpoints.enabled-by-default=true
+management.endpoints.web.exposure.include=info,health,prometheus
+endpoints.enabled={{ .Values.endpoints.enabled }}
+endpoints.info.enabled={{ .Values.endpoints.info.enabled }}
+endpoints.prometheus.enabled={{ .Values.metrics.serviceMonitor.enabled }}
+endpoints.health.enabled={{ .Values.endpoints.health.enabled }}
 management.metrics.web.server.auto-time-requests=false
 management.metrics.distribution.percentiles-histogram[http.server.requests]=true
 management.metrics.distribution.sla[http.server.requests]=20ms, 30ms, 40ms, 50ms, 60ms, 70ms, 80ms, 90ms, 100ms, 500ms, 1000ms, 5000ms, 7000ms
diff --git a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties
index 836dc7b176..4835560665 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties
+++ b/kubernetes/aai/components/aai-resources/resources/config/janusgraph-realtime.properties
@@ -90,7 +90,17 @@ log.tx.key-consistent={{ .Values.global.config.storage.keyConsistent }}
 {{ end }}
 
 storage.lock.wait-time=300
-# Setting db-cache to false ensure the fastest propagation of changes across servers
-cache.db-cache = false
+
+# https://docs.janusgraph.org/operations/cache/#database-level-caching
+# Setting db-cache to false will ensure the fastest propagation of changes across servers
+# Setting db-cache to true will ensure fastest response times
+cache.db-cache={{ .Values.config.janusgraph.caching.enabled }}
+{{ if .Values.config.janusgraph.caching.enabled }}
+# cache-time in milliseconds
+cache.db-cache-time={{ .Values.config.janusgraph.caching.dbCacheTime }}
+cache.db-cache-size={{ .Values.config.janusgraph.caching.dbCacheSize }}
+cache.db-cache-clean-wait={{ .Values.config.janusgraph.caching.dbCacheCleanWait }}
+{{ end }}
+
 #load graphson file on startup
 load.snapshot.file=false
diff --git a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
index 5ddd293658..07919a97a2 100644
--- a/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
+++ b/kubernetes/aai/components/aai-resources/resources/config/localhost-access-logback.xml
@@ -27,14 +27,17 @@
 <configuration>

   <property name="AJSC_HOME" value="${AJSC_HOME:-.}" />

 

-  <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}'/>

+  <property name="logToFileEnabled" value='{{.Values.accessLogback.logToFileEnabled}}' />

   <property name="maxHistory" value='{{.Values.accessLogback.maxHistory}}' />

   <property name="totalSizeCap" value='{{.Values.accessLogback.totalSizeCap}}' />

+  <property name="livenessAccessLogEnabled"

+    value='{{.Values.accessLogback.livenessAccessLogEnabled}}' />

+

 

   <if condition='property("logToFileEnabled").contains("true")'>

     <then>

       <appender name="ACCESS"

-                class="ch.qos.logback.core.rolling.RollingFileAppender">

+        class="ch.qos.logback.core.rolling.RollingFileAppender">

         <file>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log</file>

         <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

           <fileNamePattern>${AJSC_HOME}/logs/ajsc-jetty/localhost_access.log.%d{yyyy-MM-dd}.zip

@@ -43,17 +46,36 @@
           <totalSizeCap>${totalSizeCap}</totalSizeCap>

         </rollingPolicy>

         <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

-          <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D</Pattern>

+          <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}

+            %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU}

+            %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST}

+            %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter}

+            %i{X-AAI-SSL-Client-DN} %D</Pattern>

         </encoder>

       </appender>

-      <appender-ref ref="ACCESS"/>

+      <appender-ref ref="ACCESS" />

     </then>

   </if>

 

   <appender name="STDOUTACCESS" class="ch.qos.logback.core.ConsoleAppender">

     <encoder class="org.onap.aai.logging.CustomLogPatternLayoutEncoder">

-      <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId} %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O} %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C} %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D - "logType": "access"</Pattern>

+      <Pattern>%a %u %z [%t] "%m %U%q" %s %b %y %i{X-TransactionId} %i{X-FromAppId}

+        %i{X-Forwarded-For} %i{X-AAI-SSL-Client-CN} %i{X-AAI-SSL-Client-OU} %i{X-AAI-SSL-Client-O}

+        %i{X-AAI-SSL-Client-L} %i{X-AAI-SSL-Client-ST} %i{X-AAI-SSL-Client-C}

+        %i{X-AAI-SSL-Client-NotBefore} %i{X-AAI-SSL-Client-NotAfter} %i{X-AAI-SSL-Client-DN} %D -

+        "logType": "access"</Pattern>

     </encoder>

+    <if condition='property("livenessAccessLogEnabled").contains("false")'>

+      <then>

+        <filter class="ch.qos.logback.core.filter.EvaluatorFilter">

+          <evaluator class="ch.qos.logback.access.net.URLEvaluator">

+            <URL>/aai/util/echo</URL>

+          </evaluator>

+          <OnMismatch>NEUTRAL</OnMismatch>

+          <OnMatch>DENY</OnMatch>

+        </filter>

+      </then>

+    </if>

   </appender>

 

   <appender-ref ref="STDOUTACCESS" />

@@ -83,5 +105,4 @@
 %z - Custom pattern that parses the cert for the subject

 %y - Custom pattern determines rest or dme2

 -->

-*/}}

-

+*/}}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
index 5b9e9d222f..626dc71506 100644
--- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
@@ -135,6 +135,12 @@ spec:
           echo "*** actual launch of AAI Resources"
           /bin/bash /opt/app/aai-resources/docker-entrypoint.sh
         env:
+        {{- if .Values.config.env }}
+        {{- range $key,$value := .Values.config.env }}
+        - name: {{ $key | upper | quote}}
+          value: {{ $value | quote}}
+        {{- end }}
+        {{- end }}
         - name: LOCAL_USER_ID
           value: {{ .Values.global.config.userId | quote }}
         - name: LOCAL_GROUP_ID
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 0df30ed0cf..e8bbb37140 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -154,6 +154,18 @@ config:
     # to the user in keycloak
     multiTenancy:
       enabled: true
+  janusgraph:
+    caching:
+      # enable when running read-heavy workloads
+      # modifications to graph done by this service/janusgraph instance will immediately invalidate the cache
+      # modifications to graph done by other services (traversal) will only be visible
+      # after time specified in db-cache-time
+      enabled: false
+      # Documentation: https://docs.janusgraph.org/operations/cache/#database-level-caching
+      dbCacheTime: 180000 # in milliseconds
+      dbCacheSize: 0.1 # percentage (expressed as a decimal between 0 and 1) of the total heap space available to the JVM running
+      dbCacheCleanWait: 20 # in milliseconds
+
 
   # Specifies crud related operation timeouts and overrides
   crud:
@@ -175,6 +187,12 @@ config:
     # Specifies if the bulk can be override and if it can the value
     override: false
 
+  # environment variables added to the launch of the image in deployment
+  env:
+    MIN_HEAP_SIZE: "512m"
+    MAX_HEAP_SIZE: "1024m"
+    MAX_METASPACE_SIZE: "512m"
+
 nodeSelector: {}
 
 affinity: {}
@@ -253,11 +271,18 @@ tracing:
   ignorePatterns:
     - /aai/util.*
 
+endpoints:
+  enabled: true
+  health:
+    enabled: true
+  info:
+    enabled: true
+
 metrics:
   serviceMonitor:
     enabled: false
     targetPort: 8448
-    path: /prometheus
+    path: /actuator/prometheus
     basicAuth:
       enabled: false
       externalSecretName: mysecretname
@@ -324,6 +349,7 @@ logback:
   queueSize: 1000
 
 accessLogback:
+  livenessAccessLogEnabled: false # false: do not log kubernetes liveness probes
   logToFileEnabled: false
   maxHistory: 7
   totalSizeCap: 1GB