summaryrefslogtreecommitdiffstats
path: root/kubernetes/policy
diff options
context:
space:
mode:
Diffstat (limited to 'kubernetes/policy')
-rwxr-xr-xkubernetes/policy/resources/config/drools/settings.xml99
-rw-r--r--kubernetes/policy/resources/config/log/drools/logback.xml107
-rw-r--r--kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml190
-rw-r--r--kubernetes/policy/resources/config/log/filebeat/filebeat.yml41
-rw-r--r--kubernetes/policy/resources/config/log/pypdpserver/logback.xml154
-rw-r--r--kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml153
-rw-r--r--kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml153
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/drools/base.conf100
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh23
-rw-r--r--kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf2
-rw-r--r--kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystorebin0 -> 5640 bytes
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf5
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/base.conf24
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh38
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf53
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/console.conf132
-rw-r--r--kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf3
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf5
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh1
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/pap.conf55
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf12
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh2
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf56
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf12
-rwxr-xr-xkubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh250
-rwxr-xr-xkubernetes/policy/scripts/update-vfw-op-policy.sh93
-rw-r--r--kubernetes/policy/templates/all-services.yaml5
-rw-r--r--kubernetes/policy/templates/dep-brmsgw.yaml11
-rw-r--r--kubernetes/policy/templates/dep-drools.yaml45
-rw-r--r--kubernetes/policy/templates/dep-maria.yaml5
-rw-r--r--kubernetes/policy/templates/dep-pap.yaml25
-rw-r--r--kubernetes/policy/templates/dep-pdp.yaml19
-rw-r--r--kubernetes/policy/templates/policy-deployment-configmap.yaml19
-rw-r--r--kubernetes/policy/templates/policy-deployment-secret.yaml10
-rw-r--r--kubernetes/policy/templates/policy-log-configmap.yaml45
-rw-r--r--kubernetes/policy/templates/policy-pv-pvc.yaml32
-rw-r--r--kubernetes/policy/values.yaml5
37 files changed, 1904 insertions, 80 deletions
diff --git a/kubernetes/policy/resources/config/drools/settings.xml b/kubernetes/policy/resources/config/drools/settings.xml
new file mode 100755
index 0000000000..2a9e2a0b24
--- /dev/null
+++ b/kubernetes/policy/resources/config/drools/settings.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ============LICENSE_START=======================================================
+ Base Package
+ ================================================================================
+ Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+<!--
+ <proxies>
+ <proxy>
+ <id>http-proxy</id>
+ <active>true</active>
+ <protocol>http</protocol>
+ <host>fastweb.int.bell.ca</host>
+ <port>80</port>
+ <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
+ </proxy>
+ <proxy>
+ <id>https-proxy</id>
+ <active>true</active>
+ <protocol>https</protocol>
+ <host>fastweb.int.bell.ca</host>
+ <port>80</port>
+ <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
+ </proxy>
+ </proxies>
+-->
+ <profiles>
+ <profile>
+ <id>policy-profile</id>
+ <activation>
+ <activeByDefault>true</activeByDefault>
+ </activation>
+
+ <repositories>
+ <repository>
+ <id>policy-nexus-snapshots</id>
+ <url>http://nexus:8081/nexus/content/repositories/snapshots/</url>
+ <releases>
+ <enabled>false</enabled>
+ <updatePolicy>always</updatePolicy>
+ </releases>
+ <snapshots>
+ <enabled>true</enabled>
+ <updatePolicy>always</updatePolicy>
+ </snapshots>
+ </repository>
+
+ <repository>
+ <id>policy-nexus-releases</id>
+ <url>http://nexus:8081/nexus/content/repositories/releases/</url>
+ <releases>
+ <enabled>true</enabled>
+ <updatePolicy>always</updatePolicy>
+ </releases>
+ <snapshots>
+ <enabled>false</enabled>
+ <updatePolicy>always</updatePolicy>
+ </snapshots>
+ </repository>
+ </repositories>
+
+ </profile>
+ </profiles>
+
+ <activeProfiles>
+ <activeProfile>policy-profile</activeProfile>
+ </activeProfiles>
+
+ <servers>
+ <server>
+ <id>policy-nexus-snapshots</id>
+ <username>admin</username>
+ <password>admin123</password>
+ </server>
+ <server>
+ <id>policy-nexus-releases</id>
+ <username>admin</username>
+ <password>admin123</password>
+ </server>
+ </servers>
+
+</settings>
diff --git a/kubernetes/policy/resources/config/log/drools/logback.xml b/kubernetes/policy/resources/config/log/drools/logback.xml
new file mode 100644
index 0000000000..daecf97850
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/drools/logback.xml
@@ -0,0 +1,107 @@
+<!--
+ ============LICENSE_START=======================================================
+ policy-management
+ ================================================================================
+ Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<configuration scan="true" scanPeriod="30 seconds" debug="false">
+
+ <property name="logDir" value="/var/log/onap" />
+
+ <property name="errorLog" value="error" />
+ <property name="debugLog" value="debug" />
+ <property name="networkLog" value="network" />
+
+ <property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />
+ <property name="errorPattern" value="${debugPattern}" />
+ <property name="networkPattern" value="[%d|%t]%m%n" />
+
+ <appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDir}/${errorLog}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>5</maxIndex>
+ </rollingPolicy>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>WARN</level>
+ </filter>
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>15MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${errorPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="ErrorOut" />
+ </appender>
+
+ <appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDir}/${debugLog}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>20MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${debugPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="DebugOut" />
+ </appender>
+
+ <appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDir}/${networkLog}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>9</maxIndex>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>15MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${networkPattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="NetworkOut" />
+ </appender>
+
+ <logger name="network" level="INFO" additivity="false">
+ <appender-ref ref="AsyncNetworkOut" />
+ </logger>
+
+ <logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
+ <appender-ref ref="AsyncNetworkOut" />
+ </logger>
+
+ <root level="INFO">
+ <appender-ref ref="AsyncDebugOut" />
+ <appender-ref ref="AsyncErrorOut" />
+ </root>
+
+</configuration> \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
new file mode 100644
index 0000000000..d0871bdb4a
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
@@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ================================================================================
+ eCOMP Portal SDK
+ ================================================================================
+ Copyright (C) 2017 AT&amp;T Intellectual Property
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ================================================================================
+ -->
+<configuration debug="true" scan="true" scanPeriod="3 seconds">
+ <!--
+ Logback files for the ECOMP SDK Application "ecomp_app"
+ are created in directory ${catalina.base}/logs/ecomp_app;
+ e.g., apache-tomcat-8.0.35/logs/ecomp_app/application.log
+ -->
+ <!--<jmxConfigurator /> -->
+ <!-- specify the base path of the log directory -->
+ <property name="logDir" value="/var/log/onap" />
+ <!-- specify the component name -->
+ <property name="componentName" value="policy" />
+ <!-- specify the sub component name -->
+ <property name="subComponentName" value="ep_sdk_app" />
+ <!-- The directories where logs are written -->
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+ <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <!-- log file names -->
+ <property name="generalLogName" value="application" />
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <property name="queueSize" value="256" />
+ <property name="maxFileSize" value="50MB" />
+ <property name="maxHistory" value="30" />
+ <property name="totalSizeCap" value="10GB" />
+ <!--
+ These loggers are not used in code (yet).
+ <property name="securityLogName" value="security" />
+ <property name="policyLogName" value="policy" />
+ <property name="performanceLogName" value="performance" />
+ <property name="serverLogName" value="server" />
+ -->
+ <!-- Example evaluator filter applied against console appender -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELF">
+ <file>${logDirectory}/${generalLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELF">
+ <queueSize>${queueSize}</queueSize>
+ <!-- Class name is part of caller data -->
+ <includeCallerData>true</includeCallerData>
+ <appender-ref ref="EELF" />
+ </appender>
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFError" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <!-- daily rollover -->
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger additivity="false" level="info" name="com.att.eelf.audit">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger additivity="false" level="info" name="com.att.eelf.metrics">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger additivity="false" level="info" name="com.att.eelf.error">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+ <logger additivity="false" level="debug" name="com.att.eelf.debug">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+ <root level="INFO">
+ <appender-ref ref="asyncEELFDebug" />
+ </root>
+</configuration> \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000000..f316b866af
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,41 @@
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["logstash.onap-log:5044"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
new file mode 100644
index 0000000000..c4b596b6d5
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ============LICENSE_START=======================================================
+ ECOMP Policy Engine
+ ================================================================================
+ Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+<configuration debug="true" scan="true" scanPeriod="3 seconds">
+ <!--<jmxConfigurator /> -->
+ <!-- specify the base path of the log directory -->
+ <property name="logDir" value="/var/log/onap" />
+ <!-- specify the component name -->
+ <property name="componentName" value="policy" />
+ <!-- specify the sub component name -->
+ <property name="subComponentName" value="pypdpserver" />
+ <!-- The directories where logs are written -->
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+ <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <!-- log file names -->
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <property name="queueSize" value="256" />
+ <property name="maxFileSize" value="50MB" />
+ <property name="maxHistory" value="30" />
+ <property name="totalSizeCap" value="10GB" />
+ <!-- Example evaluator filter applied against console appender -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFError" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger additivity="false" level="info" name="com.att.eelf.audit">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger additivity="false" level="info" name="com.att.eelf.metrics">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger additivity="false" level="info" name="com.att.eelf.error">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+ <logger additivity="false" level="debug" name="com.att.eelf.debug">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+ <root level="INFO">
+ <appender-ref ref="asyncEELFDebug" />
+ <appender-ref ref="asyncEELFError" />
+ </root>
+</configuration> \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
new file mode 100644
index 0000000000..77068bb9aa
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ============LICENSE_START=======================================================
+ ECOMP-PAP-REST
+ ================================================================================
+ Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+<configuration debug="true" scan="true" scanPeriod="3 seconds">
+ <!--<jmxConfigurator /> -->
+ <!-- specify the base path of the log directory -->
+ <property name="logDir" value="/var/log/onap" />
+ <!-- specify the component name -->
+ <property name="componentName" value="policy" />
+ <!-- specify the sub component name -->
+ <property name="subComponentName" value="xacml-pap-rest" />
+ <!-- The directories where logs are written -->
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+ <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <!-- log file names -->
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <property name="queueSize" value="256" />
+ <property name="maxFileSize" value="50MB" />
+ <property name="maxHistory" value="30" />
+ <property name="totalSizeCap" value="10GB" />
+ <!-- Example evaluator filter applied against console appender -->
+ <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFError" />
+ </appender>
+ <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger additivity="false" level="info" name="com.att.eelf.audit">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger additivity="false" level="info" name="com.att.eelf.metrics">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger additivity="false" level="info" name="com.att.eelf.error">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+ <logger additivity="false" level="debug" name="com.att.eelf.debug">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+ <root level="INFO">
+ <appender-ref ref="asyncEELFDebug" />
+ </root>
+</configuration> \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
new file mode 100644
index 0000000000..c9c05d922d
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ============LICENSE_START=======================================================
+ ECOMP-PDP-REST
+ ================================================================================
+ Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+ http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+ <!--<jmxConfigurator /> -->
+ <!-- specify the base path of the log directory -->
+ <property name="logDir" value="/var/log/onap" />
+ <!-- specify the component name -->
+ <property name="componentName" value="policy" />
+ <!-- specify the sub component name -->
+ <property name="subComponentName" value="xacml-pdp-rest" />
+ <!-- The directories where logs are written -->
+ <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+ <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+ <!-- log file names -->
+ <property name="errorLogName" value="error" />
+ <property name="metricsLogName" value="metrics" />
+ <property name="auditLogName" value="audit" />
+ <property name="debugLogName" value="debug" />
+ <property name="queueSize" value="256" />
+ <property name="maxFileSize" value="50MB" />
+ <property name="maxHistory" value="30" />
+ <property name="totalSizeCap" value="10GB" />
+ <!-- Example evaluator filter applied against console appender -->
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF Appenders -->
+ <!-- ============================================================================ -->
+ <!-- The EELFAppender is used to record events to the general application
+ log -->
+ <!-- EELF Audit Appender. This appender is used to record audit engine
+ related logging events. The audit logger and appender are specializations
+ of the EELF application root logger and appender. This can be used to segregate
+ Policy engine events from other components, or it can be eliminated to record
+ these events as part of the application root log. -->
+ <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${auditLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFAudit" />
+ </appender>
+ <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${metricsLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} -
+ %msg%n"</pattern> -->
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFMetrics" />
+ </appender>
+ <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${errorLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+ </appender>
+ <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFError" />
+ </appender>
+ <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${logDirectory}/${debugLogName}.log</file>
+ <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+ <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+ <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+ <maxFileSize>${maxFileSize}</maxFileSize>
+ </timeBasedFileNamingAndTriggeringPolicy>
+ <maxHistory>${maxHistory}</maxHistory>
+ <totalSizeCap>${totalSizeCap}</totalSizeCap>
+ </rollingPolicy>
+ <encoder>
+ <pattern>${pattern}</pattern>
+ </encoder>
+ </appender>
+ <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+ <queueSize>${queueSize}</queueSize>
+ <appender-ref ref="EELFDebug" />
+ <includeCallerData>true</includeCallerData>
+ </appender>
+ <!-- ============================================================================ -->
+ <!-- EELF loggers -->
+ <!-- ============================================================================ -->
+ <logger name="com.att.eelf.audit" level="info" additivity="false">
+ <appender-ref ref="asyncEELFAudit" />
+ </logger>
+ <logger name="com.att.eelf.metrics" level="info" additivity="false">
+ <appender-ref ref="asyncEELFMetrics" />
+ </logger>
+ <logger name="com.att.eelf.error" level="info" additivity="false">
+ <appender-ref ref="asyncEELFError" />
+ </logger>
+ <logger name="com.att.eelf.debug" level="debug" additivity="false">
+ <appender-ref ref="asyncEELFDebug" />
+ </logger>
+ <root level="INFO">
+ <appender-ref ref="asyncEELFDebug" />
+ </root>
+</configuration> \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
new file mode 100755
index 0000000000..4f904444f7
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
@@ -0,0 +1,100 @@
+###
+# ============LICENSE_START=======================================================
+# ONAP POLICY
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+
+# SYSTEM software configuration
+
+POLICY_HOME=/opt/app/policy
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+KEYSTORE_PASSWD=PolicyR0ck$
+
+# Telemetry credentials
+
+ENGINE_MANAGEMENT_PORT=9696
+ENGINE_MANAGEMENT_HOST=0.0.0.0
+ENGINE_MANAGEMENT_USER=@1b3rt
+ENGINE_MANAGEMENT_PASSWORD=31nst31n
+
+# nexus repository
+
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryUrl=http://nexus:8081/nexus/content/repositories/snapshots/
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryUrl=http://nexus:8081/nexus/content/repositories/releases/
+repositoryUsername=admin
+repositoryPassword=admin123
+
+# Relational (SQL) DB access
+
+SQL_HOST=mariadb.onap-policy
+SQL_USER=policy_user
+SQL_PASSWORD=policy_user
+
+# PDP-D DMaaP configuration channel
+
+PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
+PDPD_CONFIGURATION_SERVERS=dmaap.onap-message-router
+PDPD_CONFIGURATION_API_KEY=
+PDPD_CONFIGURATION_API_SECRET=
+PDPD_CONFIGURATION_CONSUMER_GROUP=
+PDPD_CONFIGURATION_CONSUMER_INSTANCE=
+PDPD_CONFIGURATION_PARTITION_KEY=
+
+# PAP
+
+PAP_HOST=pap.onap-policy
+PAP_USERNAME=testpap
+PAP_PASSWORD=alpha123
+
+# PDP-X
+
+PDP_HOST=pdp.onap-policy
+PDP_USERNAME=testpdp
+PDP_PASSWORD=alpha123
+PDP_CLIENT_USERNAME=python
+PDP_CLIENT_PASSWORD=test
+PDP_ENVIRONMENT=TEST
+
+# DCAE DMaaP
+
+DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT
+DCAE_SERVERS=dmaap.onap-message-router
+
+# Open DMaaP
+
+DMAAP_SERVERS=dmaap.onap-message-router
+
+# AAI
+
+AAI_URL=https://aai.api.simpledemo.openecomp.org:8443
+AAI_USERNAME=POLICY
+AAI_PASSWORD=POLICY
+
+# MSO
+
+SO_URL=http://mso.onap-mso:8080/ecomp/mso/infra
+SO_USERNAME=InfraPortalClient
+SO_PASSWORD=password1$
+
+# VFC
+
+VFC_URL=
+VFC_USERNAME=
+VFC_PASSWORD= \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
new file mode 100755
index 0000000000..8bff59c2e7
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
@@ -0,0 +1,23 @@
+#! /bin/bash
+
+###
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+${POLICY_HOME}/bin/features enable healthcheck
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf
new file mode 100644
index 0000000000..31baed21e3
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf
@@ -0,0 +1,2 @@
+HEALTHCHECK_USER=healthcheck
+HEALTHCHECK_PASSWORD=zb!XztG34
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore
new file mode 100644
index 0000000000..ab25c3a341
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore
Binary files differ
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
new file mode 100755
index 0000000000..843b832ea7
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
@@ -0,0 +1,5 @@
+CONTROLLER_ARTIFACT_ID=policy-management
+CONTROLLER_NAME=policy-management-controller
+CONTROLLER_PORT=9696
+RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT
+UEB_TOPIC=policyengine-develop
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
new file mode 100755
index 0000000000..9c87d9ca72
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
@@ -0,0 +1,24 @@
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+POLICY_HOME=/opt/app/policy
+KEYSTORE_PASSWD=PolicyR0ck$
+
+JDBC_DRIVER=org.mariadb.jdbc.Driver
+JDBC_URL=jdbc:mariadb://mariadb.onap-policy:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true
+JDBC_LOG_URL=jdbc:mariadb://mariadb.onap-policy:3306/log?failOverReadOnly=false&autoReconnect=true
+JDBC_USER=policy_user
+JDBC_PASSWORD=policy_user
+
+site_name=site_1
+fp_monitor_interval=30
+failed_counter_threshold=3
+test_trans_interval=20
+write_fpc_interval=5
+max_fpc_update_interval=60
+test_via_jmx=false
+jmx_fqdn=
+
+ENVIRONMENT=TEST
+
+#Micro Service Model Properties
+policy_msOnapName=
+policy_msPolicyName= \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
new file mode 100755
index 0000000000..daa3596e6e
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
@@ -0,0 +1,38 @@
+#! /bin/bash
+
+PROPS_BUILD="${POLICY_HOME}/etc/build.info"
+
+PROPS_RUNTIME="${POLICY_HOME}/servers/brmsgw/config.properties"
+PROPS_INSTALL="${POLICY_HOME}/install/servers/brmsgw/config.properties"
+
+
+if [ ! -f "${PROPS_BUILD}" ]; then
+ echo "error: version information does not exist: ${PROPS_BUILD}"
+ exit 1
+fi
+
+source "${POLICY_HOME}/etc/build.info"
+
+if [ -z "${version}" ]; then
+ echo "error: no version information present"
+ exit 1
+fi
+
+for CONFIG in ${PROPS_RUNTIME} ${PROPS_INSTALL}; do
+ if [ ! -f "${CONFIG}" ]; then
+ echo "warning: configuration does not exist: ${CONFIG}"
+ else
+ sed -i -e "s/brms.dependency.version=.*/brms.dependency.version=${version}/g" "${CONFIG}"
+ fi
+done
+
+DEPS_JSON_RUNTIME="${POLICY_HOME}/servers/brmsgw/dependency.json"
+DEPS_JSON_INSTALL="${POLICY_HOME}/install/servers/brmsgw/dependency.json"
+
+for DEP in ${DEPS_JSON_RUNTIME} ${DEPS_JSON_INSTALL}; do
+ if [ ! -f "${DEP}" ]; then
+ echo "warning: configuration does not exist: ${DEP}"
+ else
+ sed -i -e "s/\"version\":.*-SNAPSHOT\"/\"version\": \"${version}\"/g" "${DEP}"
+ fi
+done
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
new file mode 100755
index 0000000000..ff4d2e487d
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
@@ -0,0 +1,53 @@
+# BRMSpep component installation configuration parameters
+BRMSGW_JMX_PORT=9989
+
+COMPONENT_X_MX_MB=1024
+COMPONENT_X_MS_MB=1024
+
+REST_PAP_URL=http://pap.onap-policy:9091/pap/
+REST_PDP_ID=http://pdp.onap-policy:8081/pdp/
+
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+M2_HOME=/usr/share/maven
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryName=Snapshots
+snapshotRepositoryURL=http://nexus.onap-policy:8081/nexus/content/repositories/snapshots
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryName=Releases
+releaseRepositoryURL=http://nexus.onap-policy:8081/nexus/content/repositories/releases
+repositoryUsername=admin
+repositoryPassword=admin123
+UEB_URL=dmaap.onap-message-router
+UEB_TOPIC=PDPD-CONFIGURATION
+UEB_API_KEY=
+UEB_API_SECRET=
+
+groupID=org.onap.policy-engine
+artifactID=drlPDPGroup
+AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam
+AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules
+
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=brmsgw_1
+node_type=brms_gateway
+
+#Environment should be Set either DEV, TEST or PROD
+ENVIRONMENT=TEST
+
+#Notification Properties... type can be either websocket, ueb, or dmaap
+BRMS_NOTIFICATION_TYPE=websocket
+BRMS_UEB_URL=dmaap.onap-message-router
+BRMS_UEB_TOPIC=PDPD-CONFIGURATION
+BRMS_UEB_DELAY=
+BRMS_CLIENT_ID=python
+BRMS_CLIENT_KEY=dGVzdA==
+BRMS_UEB_API_KEY=
+BRMS_UEB_API_SECRET=
+
+#Dependency.json file version
+BRMS_DEPENDENCY_VERSION=1.2.0
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
new file mode 100755
index 0000000000..938543cb7e
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
@@ -0,0 +1,132 @@
+# configs component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9993
+TOMCAT_SHUTDOWN_PORT=8090
+SSL_HTTP_CONNECTOR_PORT=8443
+SSL_HTTP_CONNECTOR_REDIRECT_PORT=8443
+SSL_AJP_CONNECTOR_PORT=8383
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=2048
+TOMCAT_X_MX_MB=2048
+
+# ------------------ console properties ---------------------------
+
+#
+# Authorization Policy
+
+ROOT_POLICIES=admin
+ADMIN_FILE=Policy-Admin.xml
+
+
+# Set your domain here:
+
+REST_ADMIN_DOMAIN=com
+
+#
+# Location where the GIT repository is located
+#
+REST_ADMIN_REPOSITORY=repository
+
+#
+# Location where all the user workspaces are located.
+#
+REST_ADMIN_WORKSPACE=${{POLICY_HOME}}/servers/console/bin/workspace
+
+#
+# These can be set so the Admin Console knows who is logged on. Ideally, you can run the console in a J2EE
+# container and setup authentication as you please. Setting HttpSession attribute values will override these
+# values set in the properties files.
+#
+# ((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer");
+#
+# The default policy: Policy-Admin.xml is extremely simple.
+#
+# You can test authorization within the Admin Console by changing the user id.
+# There are 3 supported user ids:
+# guest - Read only access
+# editor - Read/Write access
+# admin - Read/Write/Admin access
+#
+# An empty or null value for xacml.rest.admin.user.id results in no access to the application at all.
+#
+# This is for development/demonstration purposes only. A production environment should provide authentication which is
+# outside the scope of this application. This application can be used to develop a XACML policy for user authorization
+# within this application.
+#
+
+REST_ADMIN_USER_NAME=Administrator
+REST_ADMIN_USER_ID=super-admin
+
+#
+#
+# Property to declare the max time frame for logs.
+#
+LOG_TIMEFRAME=30
+
+# Property to declare the number of visible rows for users in MicroService Policy
+COLUMN_COUNT=3
+
+# Dashboard refresh rate in miliseconds
+REFRESH_RATE=40000
+
+#
+# URL location for the PAP servlet.
+#
+
+
+REST_PAP_URL=http://pap.onap-policy:9091/pap/
+
+#
+# Config/Action Properties location.
+#
+
+REST_CONFIG_HOME=${{POLICY_HOME}}/servers/pap/webapps/Config/
+REST_ACTION_HOME=${{POLICY_HOME}}/servers/pap/webapps/Action/
+REST_CONFIG_URL=http://pap.onap-policy:9091/
+REST_CONFIG_WEBAPPS=${{POLICY_HOME}}/servers/pap/webapps/
+
+# PAP account information
+CONSOLE_PAP_HTTP_USER_ID=testpap
+CONSOLE_PAP_HTTP_PASSWORD=alpha123
+
+
+node_type=pap_admin
+resource_name=console_1
+
+# The (optional) period of time in seconds between executions of the integrity audit.
+# Value < 0 : Audit does not run (default value if property is not present = -1)
+# Value = 0 : Audit runs continuously
+# Value > 0 : The period of time in seconds between execution of the audit on a particular node
+integrity_audit_period_seconds=-1
+
+#Automatic Policy Distribution
+automatic_push=false
+
+#Diff of policies for Firewall feature
+FW_GETURL=
+FW_AUTHOURL=
+FW_PROXY=
+FW_PORT=
+
+#SMTP Server Details for Java Mail
+onap_smtp_host=
+onap_smtp_port=25
+onap_smtp_userName=
+onap_smtp_password=
+onap_smtp_emailExtension=
+onap_application_name=
+
+#-----------------------ONAP-PORTAL-Properties----------------------
+
+ONAP_REDIRECT_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/login.htm
+ONAP_REST_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/auxapi
+ONAP_UEB_URL_LIST=
+ONAP_PORTAL_INBOX_NAME=
+ONAP_UEB_APP_KEY=
+ONAP_UEB_APP_SECRET=
+ONAP_UEB_APP_MAILBOX_NAME=
+APP_DISPLAY_NAME=ONAP Policy
+ONAP_SHARED_CONTEXT_REST_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/context
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
new file mode 100644
index 0000000000..938954ce63
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
@@ -0,0 +1,3 @@
+# elasticsearch
+
+ELK_JMX_PORT=9995 \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
new file mode 100755
index 0000000000..28b9e3ca33
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
@@ -0,0 +1,5 @@
+# mysql scripts component installation configuration parameters
+
+# Path to mysql bin
+MYSQL_BIN=/usr/local/mysql/bin
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
new file mode 100755
index 0000000000..36ac3689b1
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
@@ -0,0 +1 @@
+#! /bin/bash
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
new file mode 100755
index 0000000000..53c52aaceb
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
@@ -0,0 +1,55 @@
+# pap component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9990
+TOMCAT_SHUTDOWN_PORT=9405
+SSL_HTTP_CONNECTOR_PORT=9091
+SSL_AJP_CONNECTOR_PORT=8380
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pap properties
+
+PAP_PDPS=${{POLICY_HOME}}/servers/pap/bin/pdps
+PAP_URL=http://pap.onap-policy:9091/pap/
+
+PAP_INITIATE_PDP=true
+PAP_HEARTBEAT_INTERVAL=10000
+PAP_HEARTBEAT_TIMEOUT=10000
+
+REST_ADMIN_DOMAIN=com
+REST_ADMIN_REPOSITORY=repository
+REST_ADMIN_WORKSPACE=workspace
+
+# PDP related properties
+
+PAP_PDP_URL=http://pdp.onap-policy:8081/pdp/
+PAP_PDP_HTTP_USER_ID=testpdp
+PAP_PDP_HTTP_PASSWORD=alpha123
+
+PAP_HTTP_USER_ID=testpap
+PAP_HTTP_PASSWORD=alpha123
+
+#new values added 10-21-2015
+PROP_PAP_TRANS_WAIT=500000
+PROP_PAP_TRANS_TIMEOUT=5000
+PROP_PAP_AUDIT_TIMEOUT=300000
+PROP_PAP_RUN_AUDIT_FLAG=true
+PROP_PAP_AUDIT_FLAG=true
+
+PROP_PAP_INCOMINGNOTIFICATION_TRIES=4
+
+
+node_type=pap
+resource_name=pap_1
+dependency_groups=paplp_1
+test_via_jmx=true
+
+# The (optional) period of time in seconds between executions of the integrity audit.
+# Value < 0 : Audit does not run (default value if property is not present = -1)
+# Value = 0 : Audit runs continuously
+# Value > 0 : The period of time in seconds between execution of the audit on a particular node
+integrity_audit_period_seconds=-1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
new file mode 100755
index 0000000000..d25f11be3b
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
@@ -0,0 +1,12 @@
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9996
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://pap.onap-policy:9091/pap/
+LOGPATH=${{POLICY_HOME}}/servers/pap/logs/pap-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=paplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
new file mode 100755
index 0000000000..f68253635a
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
@@ -0,0 +1,2 @@
+#! /bin/bash
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
new file mode 100755
index 0000000000..dba8af2e10
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
@@ -0,0 +1,56 @@
+# pdp component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9991
+TOMCAT_SHUTDOWN_PORT=8087
+SSL_HTTP_CONNECTOR_PORT=8081
+SSL_AJP_CONNECTOR_PORT=8381
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pdp properties
+
+UEB_CLUSTER=dmaap.onap-message-router
+
+REST_PAP_URL=http://pap.onap-policy:9091/pap/
+REST_PDP_ID=http://pdp.onap-policy:8081/pdp/
+REST_PDP_CONFIG=${{POLICY_HOME}}/servers/pdp/bin/config
+REST_PDP_WEBAPPS=${{POLICY_HOME}}/servers/pdp/webapps
+REST_PDP_REGISTER=true
+REST_PDP_REGISTER_SLEEP=15
+REST_PDP_REGISTER_RETRIES=-1
+REST_PDP_MAXCONTENT=999999999
+
+# PDP related properties
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+node_type=pdp_xacml
+resource_name=pdp_1
+dependency_groups=pdplp_1;brmsgw_1
+test_via_jmx=true
+
+#
+# Notification Properties
+# Notification type: websocket, ueb or dmaap... if left blank websocket is the default
+PDP_NOTIFICATION_TYPE=websocket
+PDP_UEB_CLUSTER=
+PDP_UEB_TOPIC=
+PDP_UEB_DELAY=
+PDP_UEB_API_KEY=
+PDP_UEB_API_SECRET=
+PDP_DMAAP_AAF_LOGIN=
+PDP_DMAAP_AAF_PASSWORD=
+
+#AAF Policy Name space
+#Required only, when we use AAF
+POLICY_AAF_NAMESPACE=
+POLICY_AAF_RESOURCE=
+
+# Indeterminate resolution
+DECISION_INDETERMINATE_RESPONSE=PERMIT \ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
new file mode 100755
index 0000000000..8320caa56b
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
@@ -0,0 +1,12 @@
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9997
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://pdp.onap-policy:8081/pdp/
+LOGPATH=${{POLICY_HOME}}/servers/pdp/logs/pdp-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=pdplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
new file mode 100755
index 0000000000..0461731c16
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
@@ -0,0 +1,250 @@
+#! /bin/bash
+
+# forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM
+
+#########################################Upload BRMS Param Template##########################################
+
+echo "Upload BRMS Param Template"
+
+sleep 2
+
+wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl
+
+sleep 2
+
+curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://pdp.onap-policy:8081/pdp/api/policyEngineImport'
+
+echo "PRELOAD_POLICIES is $PRELOAD_POLICIES"
+
+if [ "$PRELOAD_POLICIES" == "false" ]; then
+ exit 0
+fi
+
+#########################################Create BRMS Param policies##########################################
+
+echo "Create BRMSParam Operational Policies"
+
+sleep 2
+
+echo "Create BRMSParamvFirewall Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "policyConfigType": "BRMS_PARAM",
+ "policyName": "com.BRMSParamvFirewall",
+ "policyDescription": "BRMS Param vFirewall policy",
+ "policyScope": "com",
+ "attributes": {
+ "MATCHING": {
+ "controller" : "amsterdam"
+ },
+ "RULE": {
+ "templateName": "ClosedLoopControlName",
+ "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
+ "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+ }
+ }
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+sleep 2
+
+echo "Create BRMSParamvDNS Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "policyConfigType": "BRMS_PARAM",
+ "policyName": "com.BRMSParamvDNS",
+ "policyDescription": "BRMS Param vDNS policy",
+ "policyScope": "com",
+ "attributes": {
+ "MATCHING": {
+ "controller" : "amsterdam"
+ },
+ "RULE": {
+ "templateName": "ClosedLoopControlName",
+ "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3",
+ "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+ }
+ }
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+sleep 2
+
+echo "Create BRMSParamVOLTE Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "policyConfigType": "BRMS_PARAM",
+ "policyName": "com.BRMSParamVOLTE",
+ "policyDescription": "BRMS Param VOLTE policy",
+ "policyScope": "com",
+ "attributes": {
+ "MATCHING": {
+ "controller" : "amsterdam"
+ },
+ "RULE": {
+ "templateName": "ClosedLoopControlName",
+ "closedLoopControlName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b",
+ "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+ }
+ }
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+sleep 2
+
+echo "Create BRMSParamvCPE Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "policyConfigType": "BRMS_PARAM",
+ "policyName": "com.BRMSParamvCPE",
+ "policyDescription": "BRMS Param vCPE policy",
+ "policyScope": "com",
+ "attributes": {
+ "MATCHING": {
+ "controller" : "amsterdam"
+ },
+ "RULE": {
+ "templateName": "ClosedLoopControlName",
+ "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e",
+ "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+ }
+ }
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+#########################################Create Micro Service Config policies##########################################
+
+echo "Create MicroService Config Policies"
+
+sleep 2
+
+echo "Create MicroServicevFirewall Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevFirewall\", \"description\": \"MicroService vFirewall Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"LESS_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" }, { \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 700, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }",
+ "policyConfigType": "MicroService",
+ "policyName": "com.MicroServicevFirewall",
+ "onapName": "DCAE"
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+
+sleep 2
+
+echo "Create MicroServicevDNS Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevDNS\", \"description\": \"MicroService vDNS Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vLoadBalancer\", \"controlLoopSchemaType\": \"VM\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }",
+ "policyConfigType": "MicroService",
+ "policyName": "com.MicroServicevDNS",
+ "onapName": "DCAE"
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+
+sleep 2
+
+echo "Create MicroServicevCPE Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevCPE\", \"description\": \"MicroService vCPE Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"Measurement_vGMUX\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ABATED\" }, { \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"GREATER\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }",
+ "policyConfigType": "MicroService",
+ "policyName": "com.MicroServicevCPE",
+ "onapName": "DCAE"
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+
+#########################################Creating Decision Guard policy#########################################
+
+sleep 2
+
+echo "Creating Decision Guard policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "policyClass": "Decision",
+ "policyName": "com.AllPermitGuard",
+ "policyDescription": "Testing all Permit YAML Guard Policy",
+ "ecompName": "PDPD",
+ "ruleProvider": "GUARD_YAML",
+ "attributes": {
+ "MATCHING": {
+ "actor": ".*",
+ "recipe": ".*",
+ "targets": ".*",
+ "clname": ".*",
+ "limit": "10",
+ "timeWindow": "1",
+ "timeUnits": "minute",
+ "guardActiveStart": "00:00:01-05:00",
+ "guardActiveEnd": "00:00:00-05:00"
+ }
+ }
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+#########################################Push Decision policy#########################################
+
+sleep 2
+
+echo "Push Decision policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.AllPermitGuard",
+ "policyType": "DECISION"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+#########################################Pushing BRMS Param policies##########################################
+
+echo "Pushing BRMSParam Operational policies"
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamvFirewall"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.BRMSParamvFirewall",
+ "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamvDNS"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.BRMSParamvDNS",
+ "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamVOLTE"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.BRMSParamVOLTE",
+ "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamvCPE"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.BRMSParamvCPE",
+ "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+#########################################Pushing MicroService Config policies##########################################
+
+echo "Pushing MicroService Config policies"
+
+sleep 2
+
+echo "pushPolicy : PUT : com.MicroServicevFirewall"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.MicroServicevFirewall",
+ "policyType": "MicroService"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 10
+
+echo "pushPolicy : PUT : com.MicroServicevDNS"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.MicroServicevDNS",
+ "policyType": "MicroService"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 10
+
+echo "pushPolicy : PUT : com.MicroServicevCPE"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.MicroServicevCPE",
+ "policyType": "MicroService"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' \ No newline at end of file
diff --git a/kubernetes/policy/scripts/update-vfw-op-policy.sh b/kubernetes/policy/scripts/update-vfw-op-policy.sh
new file mode 100755
index 0000000000..39483a0fb7
--- /dev/null
+++ b/kubernetes/policy/scripts/update-vfw-op-policy.sh
@@ -0,0 +1,93 @@
+#!/bin/bash
+
+if [ "$#" -ne 4 ]; then
+ echo "Usage: $(basename $0) <k8s-host> <policy-pdp-node-port> <policy-drools-node-port> <resource-id>"
+ exit 1
+fi
+
+K8S_HOST=$1
+POLICY_PDP_PORT=$2
+POLICY_DROOLS_PORT=$3
+RESOURCE_ID=$4
+
+echo
+echo
+echo "Removing the vFW Policy from PDP.."
+echo
+echo
+
+curl -v -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyComponent" : "PDP",
+ "policyName": "com.BRMSParamvFirewall",
+ "policyType": "BRMS_Param"
+}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy
+
+sleep 20
+
+echo
+
+echo
+echo "Updating vFW Operational Policy .."
+echo
+
+curl -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "policyConfigType": "BRMS_PARAM",
+ "policyName": "com.BRMSParamvFirewall",
+ "policyDescription": "BRMS Param vFirewall policy",
+ "policyScope": "com",
+ "attributes": {
+ "MATCHING": {
+ "controller": "amsterdam"
+ },
+ "RULE": {
+ "templateName": "ClosedLoopControlName",
+ "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
+ "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+'${RESOURCE_ID}'%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+ }
+ }
+}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy
+
+sleep 5
+
+echo
+echo
+echo "Pushing the vFW Policy .."
+echo
+echo
+
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "com.BRMSParamvFirewall",
+ "policyType": "BRMS_Param"
+}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy
+
+sleep 20
+
+echo
+echo
+echo "Restarting PDP-D .."
+echo
+echo
+
+POD=$(kubectl --namespace onap-policy get pods | sed 's/ .*//'| grep drools)
+kubectl --namespace onap-policy exec -it ${POD} -- bash -c "source /opt/app/policy/etc/profile.d/env.sh && policy stop && sleep 5 && policy start"
+
+sleep 20
+
+echo
+echo
+echo "PDP-D amsterdam maven coordinates .."
+echo
+echo
+
+curl -vvv --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool
+
+
+echo
+echo
+echo "PDP-D control loop updated .."
+echo
+echo
+
+curl -v --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool
diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml
index a1c480458d..c6b633e98d 100644
--- a/kubernetes/policy/templates/all-services.yaml
+++ b/kubernetes/policy/templates/all-services.yaml
@@ -45,6 +45,9 @@ spec:
- name: "drools-port"
port: 6969
nodePort: {{ .Values.nodePortPrefix }}17
+ - name: "drools-port2"
+ port: 9696
+ nodePort: {{ .Values.nodePortPrefix }}21
selector:
app: drools
type: NodePort
@@ -125,4 +128,4 @@ spec:
selector:
app: brmsgw
type: NodePort
-#{{ end }} \ No newline at end of file
+#{{ end }}
diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml
index 7a1bcdec49..667ccc6251 100644
--- a/kubernetes/policy/templates/dep-brmsgw.yaml
+++ b/kubernetes/policy/templates/dep-brmsgw.yaml
@@ -20,13 +20,7 @@ spec:
- /root/ready.py
args:
- --container-name
- - mariadb
- - --container-name
- - nexus
- - --container-name
- pap
- - --container-name
- - pdp
env:
- name: NAMESPACE
valueFrom:
@@ -55,8 +49,9 @@ spec:
hostPath:
path: /etc/localtime
- name: pe
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+ configMap:
+ name: policy-dep-pe-configmap
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml
index 48ef16e3b2..afa044abe9 100644
--- a/kubernetes/policy/templates/dep-drools.yaml
+++ b/kubernetes/policy/templates/dep-drools.yaml
@@ -23,12 +23,6 @@ spec:
- mariadb
- --container-name
- nexus
- - --container-name
- - pap
- - --container-name
- - pdp
- - --container-name
- - brmsgw
env:
- name: NAMESPACE
valueFrom:
@@ -38,6 +32,10 @@ spec:
image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}"
imagePullPolicy: {{ .Values.pullPolicy }}
name: drools-readiness
+ hostAliases:
+ - ip: "{{ .Values.aaiServiceClusterIp }}"
+ hostnames:
+ - "aai.api.simpledemo.openecomp.org"
containers:
- command:
- /bin/bash
@@ -61,10 +59,12 @@ spec:
name: drools
- mountPath: /usr/share/maven/conf/settings.xml
name: drools-settingsxml
+ subPath: settings.xml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /tmp/logback.xml
name: policy-logback
+ subPath: logback.xml
lifecycle:
postStart:
exec:
@@ -75,6 +75,7 @@ spec:
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
+ subPath: filebeat.yml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /usr/share/filebeat/data
@@ -84,21 +85,37 @@ spec:
hostPath:
path: /etc/localtime
- name: filebeat-conf
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+ configMap:
+ name: policy-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- name: policy-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/drools/logback.xml
+ configMap:
+ name: policy-drools-log-configmap
- name: drools-settingsxml
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/drools/settings.xml
+ configMap:
+ name: policy-dep-drools-settings-configmap
- name: drools
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/drools/
+ secret:
+ secretName: policy-dep-drools-secret
+ items:
+ - key: policy-keystore
+ path: policy-keystore
+ mode: 0644
+ - key: feature-healthcheck.conf
+ path: feature-healthcheck.conf
+ mode: 0644
+ - key: base.conf
+ path: base.conf
+ mode: 0755
+ - key: policy-management.conf
+ path: policy-management.conf
+ mode: 0755
+ - key: drools-tweaks.sh
+ path: drools-tweaks.sh
+ mode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/dep-maria.yaml b/kubernetes/policy/templates/dep-maria.yaml
index c0f5060884..c921e8c890 100644
--- a/kubernetes/policy/templates/dep-maria.yaml
+++ b/kubernetes/policy/templates/dep-maria.yaml
@@ -24,8 +24,6 @@ spec:
- mountPath: /etc/localtime
name: localtime
readOnly: true
- - mountPath: /var/lib/mysql
- name: policy-mariadb-data
readinessProbe:
tcpSocket:
port: 3306
@@ -35,9 +33,6 @@ spec:
- name: localtime
hostPath:
path: /etc/localtime
- - name: policy-mariadb-data
- persistentVolumeClaim:
- claimName: policy-db
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }} \ No newline at end of file
diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml
index 523cfd35ff..d3d5ff3738 100644
--- a/kubernetes/policy/templates/dep-pap.yaml
+++ b/kubernetes/policy/templates/dep-pap.yaml
@@ -19,8 +19,6 @@ spec:
- /root/ready.py
args:
- --container-name
- - nexus
- - --container-name
- mariadb
env:
- name: NAMESPACE
@@ -52,6 +50,9 @@ spec:
image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}"
imagePullPolicy: {{ .Values.pullPolicy }}
name: pap
+ env:
+ - name: PRELOAD_POLICIES
+ value: "true"
ports:
- containerPort: 8443
- containerPort: 9091
@@ -70,8 +71,10 @@ spec:
name: policy-logs
- mountPath: /tmp/policy-install/logback.xml
name: policy-sdk-logback
+ subPath: logback.xml
- mountPath: /tmp/logback.xml
name: policy-logback
+ subPath: logback.xml
lifecycle:
postStart:
exec:
@@ -82,6 +85,7 @@ spec:
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
+ subPath: filebeat.yml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /usr/share/filebeat/data
@@ -91,21 +95,22 @@ spec:
hostPath:
path: /etc/localtime
- name: filebeat-conf
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+ configMap:
+ name: policy-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- name: policy-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/xacml-pap-rest/logback.xml
+ configMap:
+ name: policy-pap-log-configmap
- name: policy-sdk-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/ep_sdk_app/logback.xml
+ configMap:
+ name: policy-sdk-log-configmap
- name: pe
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+ configMap:
+ name: policy-dep-pe-configmap
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml
index 3763b95bb2..b62e280895 100644
--- a/kubernetes/policy/templates/dep-pdp.yaml
+++ b/kubernetes/policy/templates/dep-pdp.yaml
@@ -20,10 +20,6 @@ spec:
- /root/ready.py
args:
- --container-name
- - mariadb
- - --container-name
- - nexus
- - --container-name
- pap
env:
- name: NAMESPACE
@@ -59,6 +55,7 @@ spec:
name: policy-logs
- mountPath: /tmp/logback.xml
name: policy-logback
+ subPath: logback.xml
lifecycle:
postStart:
exec:
@@ -69,6 +66,7 @@ spec:
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
+ subPath: filebeat.yml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /usr/share/filebeat/data
@@ -78,18 +76,19 @@ spec:
hostPath:
path: /etc/localtime
- name: filebeat-conf
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+ configMap:
+ name: policy-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- name: policy-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/xacml-pdp-rest/logback.xml
+ configMap:
+ name: policy-pdp-log-configmap
- name: pe
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+ configMap:
+ name: policy-dep-pe-configmap
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/policy-deployment-configmap.yaml b/kubernetes/policy/templates/policy-deployment-configmap.yaml
new file mode 100644
index 0000000000..b1db02bd20
--- /dev/null
+++ b/kubernetes/policy/templates/policy-deployment-configmap.yaml
@@ -0,0 +1,19 @@
+#{{ if not .Values.disablePolicyDrools }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-dep-drools-settings-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/drools/settings.xml").AsConfig | indent 2 }}
+#{{ end }}
+---
+#{{ if not .Values.disablePolicyPdp }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-dep-pe-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/opt/policy/config/pe/*").AsConfig | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/templates/policy-deployment-secret.yaml
new file mode 100644
index 0000000000..99a807bddf
--- /dev/null
+++ b/kubernetes/policy/templates/policy-deployment-secret.yaml
@@ -0,0 +1,10 @@
+#{{ if not .Values.disablePolicyDrools }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: policy-dep-drools-secret
+ namespace: {{ .Values.nsPrefix }}-policy
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsSecrets . | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-log-configmap.yaml b/kubernetes/policy/templates/policy-log-configmap.yaml
new file mode 100644
index 0000000000..24ad45e5f7
--- /dev/null
+++ b/kubernetes/policy/templates/policy-log-configmap.yaml
@@ -0,0 +1,45 @@
+#{{ if not .Values.disablePolicyPap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-pap-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/xacml-pap-rest/*").AsConfig | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-sdk-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/ep_sdk_app/*").AsConfig | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-filebeat-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/filebeat/*").AsConfig | indent 2 }}
+#{{ end }}
+#{{ if not .Values.disablePolicyPdp }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-pdp-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/xacml-pdp-rest/*").AsConfig | indent 2 }}
+#{{ end }}
+#{{ if not .Values.disablePolicyDrools }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-drools-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/drools/*").AsConfig | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-pv-pvc.yaml b/kubernetes/policy/templates/policy-pv-pvc.yaml
deleted file mode 100644
index 5dc0c61c43..0000000000
--- a/kubernetes/policy/templates/policy-pv-pvc.yaml
+++ /dev/null
@@ -1,32 +0,0 @@
-#{{ if not .Values.disablePolicyMariadb }}
-apiVersion: v1
-kind: PersistentVolume
-metadata:
- name: "{{ .Values.nsPrefix }}-policy-db"
- namespace: "{{ .Values.nsPrefix }}-policy"
- labels:
- name: "{{ .Values.nsPrefix }}-policy-db"
-spec:
- capacity:
- storage: 2Gi
- accessModes:
- - ReadWriteMany
- persistentVolumeReclaimPolicy: Retain
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/mariadb/data/
----
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
- name: policy-db
- namespace: "{{ .Values.nsPrefix }}-policy"
-spec:
- accessModes:
- - ReadWriteMany
- resources:
- requests:
- storage: 2Gi
- selector:
- matchLabels:
- name: "{{ .Values.nsPrefix }}-policy-db"
-#{{ end }} \ No newline at end of file
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index ce037d896d..f52dc445e6 100644
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -1,6 +1,11 @@
nsPrefix: onap
pullPolicy: Always
nodePortPrefix: 302
+
+# POLICY hotfix - Note this must be temporary
+# See https://jira.onap.org/browse/POLICY-510
+aaiServiceClusterIp: 10.43.255.254
+
image:
readiness: oomk8s/readiness-check
readinessVersion: 1.0.0