summaryrefslogtreecommitdiffstats
path: root/kubernetes/policy/components/policy-pap
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/policy/components/policy-pap')
-rwxr-xr-xkubernetes/policy/components/policy-pap/resources/config/config.json101
-rw-r--r--kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml113
-rwxr-xr-xkubernetes/policy/components/policy-pap/templates/configmap.yaml2
-rwxr-xr-xkubernetes/policy/components/policy-pap/templates/deployment.yaml15
-rw-r--r--kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml23
-rwxr-xr-xkubernetes/policy/components/policy-pap/values.yaml36
6 files changed, 179 insertions, 111 deletions
diff --git a/kubernetes/policy/components/policy-pap/resources/config/config.json b/kubernetes/policy/components/policy-pap/resources/config/config.json
deleted file mode 100755
index e5cbd22105..0000000000
--- a/kubernetes/policy/components/policy-pap/resources/config/config.json
+++ /dev/null
@@ -1,101 +0,0 @@
-{{/*
-# ============LICENSE_START=======================================================
-# Copyright (C) 2019 Nordix Foundation.
-# Modifications Copyright (C) 2021 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-# SPDX-License-Identifier: Apache-2.0
-# ============LICENSE_END=========================================================
-*/}}
-{
- "name":"PapGroup",
- "restServerParameters":{
- "host":"0.0.0.0",
- "port":6969,
- "userName":"${RESTSERVER_USER}",
- "password":"${RESTSERVER_PASSWORD}",
- "https": true,
- "aaf": false,
- "prometheus": true
- },
- "pdpParameters": {
- "heartBeatMs": 120000,
- "updateParameters": {
- "maxRetryCount": 1,
- "maxWaitMs": 30000
- },
- "stateChangeParameters": {
- "maxRetryCount": 1,
- "maxWaitMs": 30000
- }
- },
- "databaseProviderParameters": {
- "name": "PolicyProviderParameterGroup",
- "implementation": "org.onap.policy.models.provider.impl.DatabasePolicyModelsProviderImpl",
- "databaseDriver": "org.mariadb.jdbc.Driver",
- "databaseUrl": "jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/policyadmin",
- "databaseUser": "${SQL_USER}",
- "databasePassword": "${SQL_PASSWORD}",
- "persistenceUnit": "PolicyMariaDb"
- },
- "savePdpStatisticsInDb": true,
- "topicParameterGroup": {
- "topicSources" : [{
- "topic" : "POLICY-PDP-PAP",
- "servers" : [ "message-router" ],
- "useHttps": true,
- "fetchTimeout": 15000,
- "topicCommInfrastructure" : "dmaap"
- },
- {
- "topic" : "POLICY-HEARTBEAT",
- "effectiveTopic": "POLICY-PDP-PAP",
- "consumerGroup": "policy-pap",
- "servers" : [ "message-router" ],
- "useHttps": true,
- "fetchTimeout": 15000,
- "topicCommInfrastructure" : "dmaap"
- }],
- "topicSinks" : [{
- "topic" : "POLICY-PDP-PAP",
- "servers" : [ "message-router" ],
- "useHttps" : true,
- "topicCommInfrastructure" : "dmaap"
- },
- {
- "topic" : "POLICY-NOTIFICATION",
- "servers" : [ "message-router" ],
- "useHttps" : true,
- "topicCommInfrastructure" : "dmaap"
- }]
- },
- "healthCheckRestClientParameters":[{
- "clientName": "api",
- "hostname": "policy-api",
- "port": 6969,
- "userName": "${API_USER}",
- "password": "${API_PASSWORD}",
- "useHttps": true,
- "basePath": "policy/api/v1/healthcheck"
- },
- {
- "clientName": "distribution",
- "hostname": "policy-distribution",
- "port": 6969,
- "userName": "${DISTRIBUTION_USER}",
- "password": "${DISTRIBUTION_PASSWORD}",
- "useHttps": true,
- "basePath": "healthcheck"
- }]
-}
diff --git a/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
new file mode 100644
index 0000000000..6f501b8c21
--- /dev/null
+++ b/kubernetes/policy/components/policy-pap/resources/config/papParameters.yaml
@@ -0,0 +1,113 @@
+# ============LICENSE_START=======================================================
+# Copyright (C) 2022 Bell Canada. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+
+spring:
+ security:
+ user:
+ name: "${RESTSERVER_USER}"
+ password: "${RESTSERVER_PASSWORD}"
+ http:
+ converters:
+ preferred-json-mapper: gson
+ datasource:
+ url: jdbc:mariadb://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort}}/policyadmin
+ driverClassName: org.mariadb.jdbc.Driver
+ username: "${SQL_USER}"
+ password: "${SQL_PASSWORD}"
+ jpa:
+ properties:
+ hibernate:
+ dialect: org.hibernate.dialect.MariaDB103Dialect
+ hibernate:
+ ddl-auto: none
+ naming:
+ physical-strategy: org.hibernate.boot.model.naming.PhysicalNamingStrategyStandardImpl
+ implicit-strategy: org.onap.policy.common.spring.utils.CustomImplicitNamingStrategy
+
+server:
+ port: 6969
+ ssl:
+ enabled: true
+
+pap:
+ name: PapGroup
+ aaf: false
+ pdpParameters:
+ heartBeatMs: 120000
+ updateParameters:
+ maxRetryCount: 1
+ maxWaitMs: 30000
+ stateChangeParameters:
+ maxRetryCount: 1
+ maxWaitMs: 30000
+ savePdpStatisticsInDb: false
+ topicParameterGroup:
+ topicSources:
+ - topic: POLICY-PDP-PAP
+ servers:
+ - message-router
+ useHttps: true
+ fetchTimeout: 15000
+ topicCommInfrastructure: dmaap
+ - topic: POLICY-HEARTBEAT
+ effectiveTopic: POLICY-PDP-PAP
+ consumerGroup: policy-pap
+ servers:
+ - message-router
+ useHttps: true
+ fetchTimeout: 15000
+ topicCommInfrastructure: dmaap
+ topicSinks:
+ - topic: POLICY-PDP-PAP
+ servers:
+ - message-router
+ useHttps: true
+ topicCommInfrastructure: dmaap
+ - topic: POLICY-NOTIFICATION
+ servers:
+ - message-router
+ useHttps: true
+ topicCommInfrastructure: dmaap
+ healthCheckRestClientParameters:
+ - clientName: api
+ hostname: policy-api
+ port: 6969
+ userName: "${API_USER}"
+ password: "${API_PASSWORD}"
+ useHttps: true
+ basePath: policy/api/v1/healthcheck
+ - clientName: distribution
+ hostname: policy-distribution
+ port: 6969
+ userName: "${DISTRIBUTION_USER}"
+ password: "${DISTRIBUTION_PASSWORD}"
+ useHttps: true
+ basePath: healthcheck
+ - clientName: dmaap
+ hostname: message-router
+ port: 3905
+ useHttps: true
+ basePath: topics
+
+management:
+ endpoints:
+ web:
+ base-path: /
+ exposure:
+ include: health, metrics, prometheus
+ path-mapping.prometheus: metrics
diff --git a/kubernetes/policy/components/policy-pap/templates/configmap.yaml b/kubernetes/policy/components/policy-pap/templates/configmap.yaml
index e1a5360ac2..ee03f70b00 100755
--- a/kubernetes/policy/components/policy-pap/templates/configmap.yaml
+++ b/kubernetes/policy/components/policy-pap/templates/configmap.yaml
@@ -36,4 +36,4 @@ binaryData:
{{- end }}
{{- end }}
data:
-{{ tpl (.Files.Glob "resources/config/*.{json,xml}").AsConfig . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/*.{yaml,xml}").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/components/policy-pap/templates/deployment.yaml b/kubernetes/policy/components/policy-pap/templates/deployment.yaml
index 77474a8387..c33b80f4af 100755
--- a/kubernetes/policy/components/policy-pap/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-pap/templates/deployment.yaml
@@ -1,6 +1,7 @@
{{/*
# ============LICENSE_START=======================================================
# Copyright (C) 2020 AT&T Intellectual Property.
+# Modifications Copyright (C) 2022 Bell Canada. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -80,10 +81,10 @@ spec:
{{- if .Values.global.aafEnabled }}
command: ["sh","-c"]
args: ["source {{ .Values.certInitializer.credsPath }}/.ci;\
- /opt/app/policy/pap/bin/policy-pap.sh /opt/app/policy/pap/etc/mounted/config.json"]
+ /opt/app/policy/pap/bin/policy-pap.sh /opt/app/policy/pap/etc/mounted/papParameters.yaml"]
{{- else }}
command: ["/opt/app/policy/pap/bin/policy-pap.sh"]
- args: ["/opt/app/policy/pap/etc/mounted/config.json"]
+ args: ["/opt/app/policy/pap/etc/mounted/papParameters.yaml"]
env:
- name: KEYSTORE_PASSWD
{{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "keystore-password" "key" "password") | indent 12 }}
@@ -101,10 +102,18 @@ spec:
periodSeconds: {{ .Values.liveness.periodSeconds }}
{{ end -}}
readinessProbe:
- tcpSocket:
+ httpGet:
+ path: {{ .Values.readiness.api }}
port: {{ .Values.readiness.port }}
+ httpHeaders:
+ - name: Authorization
+ value: Basic {{ printf "%s:%s" .Values.restServer.user .Values.restServer.password | b64enc }}
+ scheme: {{ .Values.readiness.scheme }}
+ successThreshold: {{ .Values.readiness.successThreshold }}
+ failureThreshold: {{ .Values.readiness.failureThreshold }}
initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
periodSeconds: {{ .Values.readiness.periodSeconds }}
+ timeoutSeconds: {{ .Values.readiness.timeout }}
volumeMounts:
{{ include "common.certInitializer.volumeMount" . | indent 10 }}
- mountPath: /etc/localtime
diff --git a/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml
new file mode 100644
index 0000000000..dbf6a7cd6a
--- /dev/null
+++ b/kubernetes/policy/components/policy-pap/templates/serviceMonitor.yaml
@@ -0,0 +1,23 @@
+{{/*
+# ============LICENSE_START=======================================================
+# Copyright (c) 2022 Bell Canada
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+
+# http://www.apache.org/licenses/LICENSE-2.0
+
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+*/}}
+
+{{- if .Values.prometheus.enabled }}
+{{ include "common.serviceMonitor" . }}
+{{- end }} \ No newline at end of file
diff --git a/kubernetes/policy/components/policy-pap/values.yaml b/kubernetes/policy/components/policy-pap/values.yaml
index a31de712ef..311653b860 100755
--- a/kubernetes/policy/components/policy-pap/values.yaml
+++ b/kubernetes/policy/components/policy-pap/values.yaml
@@ -1,7 +1,7 @@
# ============LICENSE_START=======================================================
# Copyright (C) 2019 Nordix Foundation.
# Modifications Copyright (C) 2019-2021 AT&T Intellectual Property.
-# Modifications Copyright (C) 2020 Bell Canada.
+# Modifications Copyright (C) 2020-2022 Bell Canada. All rights reserved.
# ================================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
@@ -92,7 +92,7 @@ certInitializer:
# Application configuration defaults.
#################################################################
# application image
-image: onap/policy-pap:2.6.0
+image: onap/policy-pap:2.6.1
pullPolicy: Always
# flag to enable debugging - application support required
@@ -109,7 +109,7 @@ db:
restServer:
user: policyadmin
- password: none
+ password: zb!XztG34
healthCheckRestClient:
api:
@@ -128,7 +128,7 @@ affinity: {}
# probe configuration parameters
liveness:
- initialDelaySeconds: 20
+ initialDelaySeconds: 60
periodSeconds: 10
# necessary to disable liveness probe when setting breakpoints
# in debugger so K8s doesn't restart unresponsive container
@@ -136,9 +136,14 @@ liveness:
port: http-api
readiness:
- initialDelaySeconds: 20
- periodSeconds: 10
+ initialDelaySeconds: 10
+ periodSeconds: 120
port: http-api
+ api: /policy/pap/v1/healthcheck
+ scheme: HTTPS
+ successThreshold: 1
+ failureThreshold: 3
+ timeout: 60
service:
type: ClusterIP
@@ -175,3 +180,22 @@ serviceAccount:
nameOverride: policy-pap
roles:
- read
+
+prometheus:
+ enabled: true
+
+metrics:
+ serviceMonitor:
+ # Override the labels based on the Prometheus config parameter: serviceMonitorSelector.
+ # The default operator for prometheus enforces the below label.
+ labels:
+ release: prometheus
+ enabled: true
+ port: http-api
+ interval: 60s
+ isHttps: true
+ basicAuth:
+ enabled: true
+ externalSecretNameSuffix: policy-pap-user-creds
+ externalSecretUserKey: login
+ externalSecretPasswordKey: password