4 files changed, 116 insertions, 7 deletions

diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
new file mode 100644
index 0000000000..a6fbea1e1d
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-hv_ves-inputs.yaml
@@ -0,0 +1,20 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+{{ if .Values.componentImages.hv_ves }}
+tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.hv_ves }}
+{{ end }}
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml
index d53e8fdfde..d4ee73e303 100644
--- a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml
@@ -27,21 +27,33 @@ application_config:
     # parallelize requests to policy-engine and keep them alive
     pool_connections : 20
 
-    # list of policyName prefixes (filters) that DCAE-Controller handles (=ignores any other policyName values)
-    scope_prefixes : ["DCAE.Config_"]
-
     # retry to getConfig from policy-engine on policy-update notification
     policy_retry_count : 5
     policy_retry_sleep : 5
 
+    # config of automatic catch_up for resiliency
+    catch_up :
+        # interval in seconds on how often to call automatic catch_up
+        # example: 1200 is 20*60 seconds that is 20 minutes
+        interval : 1200
+
+    # config of periodic reconfigure-rediscover for adaptability
+    reconfigure:
+        # interval in seconds on how often to call automatic reconfigure
+        # example: 600 is 10*60 seconds that is 10 minutes
+        interval : 600
+
     # policy-engine config
     # These are the url of and the auth for the external system, namely the policy-engine (PDP).
     # We obtain that info manually from PDP folks at the moment.
     # In long run we should figure out a way of bringing that info into consul record
     #    related to policy-engine itself.
+    # - k8s specific routing to policy-engine by hostname "pdp"
+    # - relying on dns to resolve hostname "pdp" to ip address
+    # - expecing to find "pdp" as the hostname in server cert from policy-engine
     policy_engine :
-        url : "http://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081"
-        path_pdp : "/pdp/"
+        url : "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081"
+        path_notifications : "/pdp/notifications"
         path_api : "/pdp/api/"
         headers :
             Accept : "application/json"
@@ -50,5 +62,41 @@ application_config:
             Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw=="
             Environment : "TEST"
         target_entity : "policy_engine"
-    # name of deployment-handler service in consul for policy-handler to direct the policy-updates to
-    deploy_handler : "deployment_handler"
+        # optional tls_ca_mode specifies where to find the cacert.pem for tls
+        #   can be one of these:
+        #       "cert_directory" - use the cacert.pem stored locally in cert_directory.
+        #                          this is the default if cacert.pem file is found
+        #
+        #       "os_ca_bundle"     - use the public ca_bundle provided by linux system.
+        #                          this is the default if cacert.pem file not found
+        #
+        #       "do_not_verify"  - special hack to turn off the verification by cacert and hostname
+        tls_ca_mode : "cert_directory"
+        # optional tls_wss_ca_mode specifies the same for the tls based web-socket
+        tls_wss_ca_mode : "cert_directory"
+    # deploy_handler config
+    #    changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
+    deploy_handler :
+        # name of deployment-handler service used by policy-handler for logging
+        target_entity : "deployment_handler"
+        # url of the deployment-handler service for policy-handler to direct the policy-updates to
+        #   - expecting dns to resolve the hostname deployment-handler to ip address
+        url : "http://deployment-handler:8188"
+        # limit the size of a single data segment for policy-update messages
+        #       from policy-handler to deployment-handler in megabytes
+        max_msg_length_mb : 5
+        query :
+            # optionally specify the tenant name for the cloudify under deployment-handler
+            #    if not specified the "default_tenant" is used by the deployment-handler
+            cfy_tenant_name : "default_tenant"
+        # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification
+        #   can be one of these:
+        #       "cert_directory" - use the cacert.pem stored locally in cert_directory.
+        #                          this is the default if cacert.pem file is found
+        #
+        #       "os_ca_bundle"     - use the public ca_bundle provided by linux system.
+        #                          this is the default if cacert.pem file not found
+        #
+        #       "do_not_verify"  - special hack to turn off the verification by cacert and hostname
+        tls_ca_mode : "cert_directory"
+
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml
new file mode 100644
index 0000000000..1491e731d8
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-prh-inputs.yaml
@@ -0,0 +1,20 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+{{ if .Values.componentImages.prh }}
+tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.prh }}
+{{ end }}
diff --git a/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml
new file mode 100644
index 0000000000..e1ae791af8
--- /dev/null
+++ b/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-snmptrap-inputs.yaml
@@ -0,0 +1,21 @@
+#============LICENSE_START========================================================
+#=================================================================================
+# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved.
+# Modifications Copyright © 2018 Amdocs, Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+
+{{ if .Values.componentImages.snmptrap }}
+tag_version: {{ include "common.repository" . }}/{{ .Values.componentImages.snmptrap }}
+{{ end }}