diff options
Diffstat (limited to 'kubernetes/dcaegen2/components/dcae-policy-handler')
9 files changed, 0 insertions, 541 deletions
diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore b/kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore deleted file mode 100644 index f0c1319444..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/.helmignore +++ /dev/null @@ -1,21 +0,0 @@ -# Patterns to ignore when building packages. -# This supports shell glob matching, relative path matching, and -# negation (prefixed with !). Only one pattern per line. -.DS_Store -# Common VCS dirs -.git/ -.gitignore -.bzr/ -.bzrignore -.hg/ -.hgignore -.svn/ -# Common backup files -*.swp -*.bak -*.tmp -*~ -# Various IDEs -.project -.idea/ -*.tmproj diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml deleted file mode 100644 index b15740b906..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/Chart.yaml +++ /dev/null @@ -1,34 +0,0 @@ -#============LICENSE_START======================================================== -#================================================================================= -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2021 Orange -# Modifications Copyright © 2021 Nordix Foundation -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -apiVersion: v2 -description: ONAP DCAE Policy Handler -name: dcae-policy-handler -version: 11.0.0 - -dependencies: - - name: common - version: ~11.x-0 - repository: '@local' - - name: repositoryGenerator - version: ~11.x-0 - repository: '@local' - - name: serviceAccount - version: ~11.x-0 - repository: '@local' diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json deleted file mode 100644 index 2e47c9e118..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/resources/config/config.json +++ /dev/null @@ -1,49 +0,0 @@ -{ - "policy_handler": { - "thread_pool_size": 4, - "pool_connections": 20, - "policy_retry_count": 5, - "policy_retry_sleep": 5, - "catch_up": { - "interval": 1200 - }, - "reconfigure": { - "interval": 600 - }, - "policy_engine": { - "url": "https://{{ .Values.config.address.policy_xacml_pdp }}:6969", - "path_decision": "/policy/pdpx/v1/decision", - "headers": { - "Accept": "application/json", - "Content-Type": "application/json", - "Authorization": "Basic aGVhbHRoY2hlY2s6emIhWHp0RzM0", - "Environment": "TEST" - }, - "target_entity": "policy_engine", - "tls_ca_mode": "cert_directory", - "timeout_in_secs": 60 - }, - "dmaap_mr" : { - "url" : "https://message-router:3905/events/POLICY-NOTIFICATION/policy-handler/ph1", - "query": { - "timeout": 15000 - }, - "headers" : { - "Content-Type" : "application/json" - }, - "target_entity" : "dmaap_mr", - "tls_ca_mode" : "cert_directory", - "timeout_in_secs": 60 - }, - "deploy_handler": { - "target_entity": "deployment_handler", - "url": "https://deployment-handler:8443", - "max_msg_length_mb": 5, - "query": { - "cfy_tenant_name": "default_tenant" - }, - "tls_ca_mode": "cert_directory", - "timeout_in_secs": 60 - } - } -} diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml b/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml deleted file mode 100644 index 06e553d9d4..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/resources/log/filebeat.yml +++ /dev/null @@ -1,74 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2018 AT&T Intellectual Property. All rights reserved. -# Modifications Copyright © 2018 Amdocs, Bell Canada -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} -filebeat.prospectors: -#it is mandatory, in our case it's log -- input_type: log - #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. - paths: - - /var/log/onap/*/*/*/*.log - - /var/log/onap/*/*/*.log - - /var/log/onap/*/*.log - #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive - ignore_older: 48h - # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit - clean_inactive: 96h - - -# Name of the registry file. If a relative path is used, it is considered relative to the -# data path. Else full qualified file name. -#filebeat.registry_file: ${path.data}/registry - - -output.logstash: - #List of logstash server ip addresses with port number. - #But, in our case, this will be the loadbalancer IP address. - #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. - hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] - #If enable will do load balancing among availabe Logstash, automatically. - loadbalance: true - - #The list of root certificates for server verifications. - #If certificate_authorities is empty or not set, the trusted - #certificate authorities of the host system are used. - #ssl.certificate_authorities: $ssl.certificate_authorities - - #The path to the certificate for SSL client authentication. If the certificate is not specified, - #client authentication is not available. - #ssl.certificate: $ssl.certificate - - #The client certificate key used for client authentication. - #ssl.key: $ssl.key - - #The passphrase used to decrypt an encrypted key stored in the configured key file - #ssl.key_passphrase: $ssl.key_passphrase - -logging: - level: debug - - # enable file rotation with default configuration - to_files: true - - # do not log to syslog - to_syslog: false - - files: - path: /usr/share/filebeat/logs - name: mybeat.log - keepfiles: 7 diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml deleted file mode 100644 index 1a3a7fd302..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/configmap.yaml +++ /dev/null @@ -1,36 +0,0 @@ -{{/* -# Copyright © 2017 Amdocs, Bell Canada -# Modifications Copyright © 2019 AT&T -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{ include "common.fullname" . }}-configmap - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: {{include "common.fullname" . }}-filebeat-configmap - namespace: {{include "common.namespace" . }} -data: -{{ tpl (.Files.Glob "resources/log/*").AsConfig . | indent 2 }}
\ No newline at end of file diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml deleted file mode 100644 index b8c24355e6..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/deployment.yaml +++ /dev/null @@ -1,165 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} - -apiVersion: apps/v1 -kind: Deployment -metadata: - name: {{ include "common.fullname" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - replicas: 1 - selector: - matchLabels: - app: {{ include "common.name" . }} - template: - metadata: - labels: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - spec: - initContainers: - - name: {{ include "common.name" . }}-readiness - image: {{ include "repositoryGenerator.image.readiness" . }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - command: - - /app/ready.py - args: - - --container-name - - dcae-deployment-handler - - --container-name - - consul-server - - --container-name - - policy-xacml-pdp - - "-t" - - "45" - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - - name: init-tls - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: aaf_locator_fqdn - value: dcae - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tlsImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: {} - volumeMounts: - - mountPath: /opt/app/osaaf - name: tls-info - - name: init-consul - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.consulLoaderImage }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - args: - - --key - - policy_handler|/phconfig/config.json - resources: {} - volumeMounts: - - mountPath: /phconfig - name: ph-config - containers: - - name: {{ include "common.name" . }} - image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }} - imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} - resources: -{{ include "common.resources" . | indent 12 }} - ports: - - containerPort: {{ .Values.service.internalPort }} - # disable liveness probe when breakpoints set in debugger - # so K8s doesn't restart unresponsive container - {{- if eq .Values.liveness.enabled true }} - livenessProbe: - tcpSocket: - port: {{ .Values.service.internalPort }} - initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} - periodSeconds: {{ .Values.liveness.periodSeconds }} - {{ end }} - readinessProbe: - httpGet: - path: {{ .Values.readiness.path }} - port: {{ .Values.service.internalPort }} - scheme: {{ .Values.readiness.scheme }} - initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} - periodSeconds: {{ .Values.readiness.periodSeconds }} - volumeMounts: - - mountPath: /app/logs - name: component-log - - mountPath: /app/etc/tls/certs/ - name: tls-info - env: - - name: CONSUL_HOST - value: consul-server.{{ include "common.namespace" . }} - - name: CLOUDIFY_USER - value: admin - - name: CLOUDIFY_PASSWORD - {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "cm-pass" "key" "password") | indent 14 }} - - name: CONFIG_BINDING_SERVICE - value: config-binding-service - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - - name: {{ include "common.name" . }}-filebeat - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - image: {{ include "repositoryGenerator.image.logging" . }} - imagePullPolicy: IfNotPresent - resources: {} - volumeMounts: - - mountPath: /var/log/onap/policy-handler - name: component-log - - mountPath: /usr/share/filebeat/data - name: filebeat-data - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - serviceAccountName: {{ include "common.fullname" (dict "suffix" "read" "dot" . )}} - volumes: - - emptyDir: {} - name: component-log - - emptyDir: {} - name: filebeat-data - - configMap: - defaultMode: 420 - name: {{ include "common.fullname" . }}-filebeat-configmap - name: filebeat-conf - - emptyDir: {} - name: tls-info - - configMap: - defaultMode: 422 - name: {{ include "common.fullname" . }}-configmap - name: ph-config - imagePullSecrets: - - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml deleted file mode 100644 index 34932b713d..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/secrets.yaml +++ /dev/null @@ -1,17 +0,0 @@ -{{/* -# Copyright © 2020 Samsung Electronics -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -*/}} - -{{ include "common.secretFast" . }} diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml deleted file mode 100644 index cca0b640bb..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/templates/service.yaml +++ /dev/null @@ -1,45 +0,0 @@ -{{/* -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2019 AT&T Intellectual Property. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= -*/}} - -apiVersion: v1 -kind: Service -metadata: - name: {{ include "common.servicename" . }} - namespace: {{ include "common.namespace" . }} - labels: - app: {{ include "common.name" . }} - chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} - release: {{ include "common.release" . }} - heritage: {{ .Release.Service }} -spec: - type: {{ .Values.service.type }} - ports: - {{if eq .Values.service.type "NodePort" -}} - - port: {{ .Values.service.externalPort }} - nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} - name: {{ .Values.service.name }} - {{- else -}} - - port: {{ .Values.service.externalPort }} - targetPort: {{ .Values.service.internalPort }} - name: {{ .Values.service.name }} - {{- end}} - selector: - app: {{ include "common.name" . }} - release: {{ include "common.release" . }} - diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml deleted file mode 100644 index 00ce47b451..0000000000 --- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml +++ /dev/null @@ -1,100 +0,0 @@ -#============LICENSE_START======================================================== -# ================================================================================ -# Copyright (c) 2019-2020 AT&T Intellectual Property. All rights reserved. -# Copyright (c) 2021 J. F. Lucas. All rights reserved. -# ================================================================================ -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# ============LICENSE_END========================================================= - -################################################################# -# Global configuration defaults. -################################################################# -global: - nodePortPrefix: 302 - tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0 - consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.1 -secrets: - - uid: 'cm-pass' - type: password - externalSecret: '{{ tpl (default "" .Values.config.cloudifyManagerPasswordExternalSecret) . }}' - password: '{{ .Values.config.cloudifyManagerPassword }}' - policy: required - -config: - cloudifyManagerPassword: "override me" - logstashServiceName: log-ls - logstashPort: 5044 - # Addresses of other ONAP entities - address: - consul: - host: consul-server - port: 8500 - policy_xacml_pdp: policy-xacml-pdp - -################################################################# -# Application configuration defaults. -################################################################# -# application image -image: onap/org.onap.dcaegen2.platform.policy-handler:5.1.3 -pullPolicy: Always - -# probe configuration parameters -liveness: - initialDelaySeconds: 10 - periodSeconds: 10 - # necessary to disable liveness probe when setting breakpoints - # in debugger so K8s doesn't restart unresponsive container - # liveness not desirable for Cloudify Manager container - enabled: false - -readiness: - initialDelaySeconds: 60 - periodSeconds: 300 - path: /healthcheck - scheme: HTTP - -service: - type: ClusterIP - name: policy-handler - externalPort: 80 - internalPort: 25577 - - -# Resource Limit flavor -By Default using small -flavor: small -# Segregation for Different environment (Small and Large) -resources: - small: - limits: - cpu: 2 - memory: 2Gi - requests: - cpu: 1 - memory: 1Gi - large: - limits: - cpu: 4 - memory: 4Gi - requests: - cpu: 2 - memory: 2Gi - unlimited: {} -# Kubernetes namespace for components deployed via Cloudify manager -# If empty, use the common namespace -# dcae_ns: "dcae" - -#Pods Service Account -serviceAccount: - nameOverride: dcae-policy-handler - roles: - - read |