33 files changed, 1796 insertions, 25 deletions

diff --git a/kubernetes/policy/resources/config/drools/settings.xml b/kubernetes/policy/resources/config/drools/settings.xml
new file mode 100755
index 0000000000..2a9e2a0b24
--- /dev/null
+++ b/kubernetes/policy/resources/config/drools/settings.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ ============LICENSE_START=======================================================
+ Base Package
+ ================================================================================
+ Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+ ================================================================================
+ Licensed under the Apache License, Version 2.0 (the "License");
+ you may not use this file except in compliance with the License.
+ You may obtain a copy of the License at
+
+      http://www.apache.org/licenses/LICENSE-2.0
+
+ Unless required by applicable law or agreed to in writing, software
+ distributed under the License is distributed on an "AS IS" BASIS,
+ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ See the License for the specific language governing permissions and
+ limitations under the License.
+ ============LICENSE_END=========================================================
+ -->
+
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+
+<!--
+  <proxies>
+          <proxy>
+              <id>http-proxy</id>
+              <active>true</active>
+              <protocol>http</protocol>
+              <host>fastweb.int.bell.ca</host>
+              <port>80</port>
+              <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
+          </proxy>
+          <proxy>
+              <id>https-proxy</id>
+              <active>true</active>
+              <protocol>https</protocol>
+              <host>fastweb.int.bell.ca</host>
+              <port>80</port>
+              <nonProxyHosts>localhost|127.0.0.1|*.svc.cluster.local|nexus</nonProxyHosts>
+          </proxy>
+      </proxies>
+-->
+  <profiles>
+    <profile>
+      <id>policy-profile</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+
+      <repositories>
+        <repository>
+          <id>policy-nexus-snapshots</id>
+          <url>http://nexus:8081/nexus/content/repositories/snapshots/</url>
+          <releases>
+            <enabled>false</enabled>
+            <updatePolicy>always</updatePolicy>
+          </releases>
+          <snapshots>
+            <enabled>true</enabled>
+            <updatePolicy>always</updatePolicy>
+          </snapshots>
+        </repository>
+
+        <repository>
+          <id>policy-nexus-releases</id>
+          <url>http://nexus:8081/nexus/content/repositories/releases/</url>
+          <releases>
+            <enabled>true</enabled>
+            <updatePolicy>always</updatePolicy>
+          </releases>
+          <snapshots>
+            <enabled>false</enabled>
+            <updatePolicy>always</updatePolicy>
+          </snapshots>
+        </repository>
+      </repositories>
+
+    </profile>
+  </profiles>
+
+  <activeProfiles>
+    <activeProfile>policy-profile</activeProfile>
+  </activeProfiles>
+
+  <servers>
+    <server>
+      <id>policy-nexus-snapshots</id>
+      <username>admin</username>
+      <password>admin123</password>
+    </server>
+    <server>
+      <id>policy-nexus-releases</id>
+      <username>admin</username>
+      <password>admin123</password>
+    </server>
+  </servers>
+
+</settings>
diff --git a/kubernetes/policy/resources/config/log/drools/logback.xml b/kubernetes/policy/resources/config/log/drools/logback.xml
new file mode 100644
index 0000000000..daecf97850
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/drools/logback.xml
@@ -0,0 +1,107 @@
+<!--

+  ============LICENSE_START=======================================================

+  policy-management

+  ================================================================================

+  Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.

+  ================================================================================

+  Licensed under the Apache License, Version 2.0 (the "License");

+  you may not use this file except in compliance with the License.

+  You may obtain a copy of the License at

+

+       http://www.apache.org/licenses/LICENSE-2.0

+

+  Unless required by applicable law or agreed to in writing, software

+  distributed under the License is distributed on an "AS IS" BASIS,

+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+  See the License for the specific language governing permissions and

+  limitations under the License.

+  ============LICENSE_END=========================================================

+  -->

+

+<configuration scan="true" scanPeriod="30 seconds" debug="false">

+

+	<property name="logDir" value="/var/log/onap" />

+

+	<property name="errorLog" value="error" />

+	<property name="debugLog" value="debug" />

+	<property name="networkLog" value="network" />

+

+	<property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />

+	<property name="errorPattern" value="${debugPattern}" />

+	<property name="networkPattern" value="[%d|%t]%m%n" />

+

+	<appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">

+		<file>${logDir}/${errorLog}.log</file>

+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">

+			<fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>

+			<minIndex>1</minIndex>

+			<maxIndex>5</maxIndex>

+		</rollingPolicy>

+		<filter class="ch.qos.logback.classic.filter.ThresholdFilter">

+			<level>WARN</level>

+		</filter>

+		<triggeringPolicy

+			class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">

+			<maxFileSize>15MB</maxFileSize>

+		</triggeringPolicy>

+		<encoder>

+			<pattern>${errorPattern}</pattern>

+		</encoder>

+	</appender>

+

+	<appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">

+		<appender-ref ref="ErrorOut" />

+	</appender>

+

+	<appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">

+		<file>${logDir}/${debugLog}.log</file>

+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">

+			<fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>

+			<minIndex>1</minIndex>

+			<maxIndex>9</maxIndex>

+		</rollingPolicy>

+		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">

+			<maxFileSize>20MB</maxFileSize>

+		</triggeringPolicy>

+		<encoder>

+			<pattern>${debugPattern}</pattern>

+		</encoder>

+	</appender>

+

+	<appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">

+		<appender-ref ref="DebugOut" />

+	</appender>

+

+	<appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">

+		<file>${logDir}/${networkLog}.log</file>

+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">

+			<fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>

+			<minIndex>1</minIndex>

+			<maxIndex>9</maxIndex>

+		</rollingPolicy>

+		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">

+			<maxFileSize>15MB</maxFileSize>

+		</triggeringPolicy>

+		<encoder>

+			<pattern>${networkPattern}</pattern>

+		</encoder>

+	</appender>

+

+	<appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">

+		<appender-ref ref="NetworkOut" />

+	</appender>

+

+	<logger name="network" level="INFO" additivity="false">

+		<appender-ref ref="AsyncNetworkOut" />

+	</logger>

+

+	<logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">

+		<appender-ref ref="AsyncNetworkOut" />

+	</logger>

+

+	<root level="INFO">

+		<appender-ref ref="AsyncDebugOut" />

+		<appender-ref ref="AsyncErrorOut" />

+	</root>

+

+</configuration>
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
new file mode 100644
index 0000000000..d0871bdb4a
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
@@ -0,0 +1,190 @@
+<?xml version="1.0" encoding="UTF-8"?>

+<!--

+  ================================================================================

+  eCOMP Portal SDK

+  ================================================================================

+  Copyright (C) 2017 AT&amp;T Intellectual Property

+  ================================================================================

+  Licensed under the Apache License, Version 2.0 (the "License");

+  you may not use this file except in compliance with the License.

+  You may obtain a copy of the License at

+  

+       http://www.apache.org/licenses/LICENSE-2.0

+  

+  Unless required by applicable law or agreed to in writing, software

+  distributed under the License is distributed on an "AS IS" BASIS,

+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+  See the License for the specific language governing permissions and

+  limitations under the License.

+  ================================================================================

+  -->

+<configuration debug="true" scan="true" scanPeriod="3 seconds">

+   <!-- 

+  Logback files for the ECOMP SDK Application "ecomp_app"

+  are created in directory ${catalina.base}/logs/ecomp_app;

+  e.g., apache-tomcat-8.0.35/logs/ecomp_app/application.log  

+  -->

+   <!--<jmxConfigurator /> -->

+   <!--  specify the base path of the log directory -->

+   <property name="logDir" value="/var/log/onap" />

+   <!-- specify the component name -->

+   <property name="componentName" value="policy" />

+   <!-- specify the sub component name -->

+   <property name="subComponentName" value="ep_sdk_app" />

+   <!-- The directories where logs are written -->

+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

+   <!--  log file names -->

+   <property name="generalLogName" value="application" />

+   <property name="errorLogName" value="error" />

+   <property name="metricsLogName" value="metrics" />

+   <property name="auditLogName" value="audit" />

+   <property name="debugLogName" value="debug" />

+   <property name="queueSize" value="256" />

+   <property name="maxFileSize" value="50MB" />

+   <property name="maxHistory" value="30" />

+   <property name="totalSizeCap" value="10GB" />

+   <!--

+  These loggers are not used in code (yet). 

+  <property name="securityLogName" value="security" />

+  <property name="policyLogName" value="policy" />

+  <property name="performanceLogName" value="performance" />

+  <property name="serverLogName" value="server" />

+   -->

+   <!-- Example evaluator filter applied against console appender -->

+   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <!-- ============================================================================ -->

+   <!-- EELF Appenders -->

+   <!-- ============================================================================ -->

+   <!-- The EELFAppender is used to record events to the general application 

+    log -->

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELF">

+      <file>${logDirectory}/${generalLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <!-- daily rollover -->

+         <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+      <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELF">

+      <queueSize>${queueSize}</queueSize>

+      <!-- Class name is part of caller data -->

+      <includeCallerData>true</includeCallerData>

+      <appender-ref ref="EELF" />

+   </appender>

+   <!-- EELF Audit Appender. This appender is used to record audit engine 

+    related logging events. The audit logger and appender are specializations 

+    of the EELF application root logger and appender. This can be used to segregate 

+    Policy engine events from other components, or it can be eliminated to record 

+    these events as part of the application root log. -->

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">

+      <file>${logDirectory}/${auditLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <!-- daily rollover -->

+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFAudit" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">

+      <file>${logDirectory}/${metricsLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <!-- daily rollover -->

+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFMetrics" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">

+      <file>${logDirectory}/${errorLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <!-- daily rollover -->

+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

+         <level>INFO</level>

+      </filter>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFError" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">

+      <file>${logDirectory}/${debugLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <!-- daily rollover -->

+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFDebug" />

+      <includeCallerData>true</includeCallerData>

+   </appender>

+   <!-- ============================================================================ -->

+   <!--  EELF loggers -->

+   <!-- ============================================================================ -->

+   <logger additivity="false" level="info" name="com.att.eelf.audit">

+      <appender-ref ref="asyncEELFAudit" />

+   </logger>

+   <logger additivity="false" level="info" name="com.att.eelf.metrics">

+      <appender-ref ref="asyncEELFMetrics" />

+   </logger>

+   <logger additivity="false" level="info" name="com.att.eelf.error">

+      <appender-ref ref="asyncEELFError" />

+   </logger>

+   <logger additivity="false" level="debug" name="com.att.eelf.debug">

+      <appender-ref ref="asyncEELFDebug" />

+   </logger>

+   <root level="INFO">

+      <appender-ref ref="asyncEELFDebug" />

+   </root>

+</configuration>
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000000..f316b866af
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,41 @@
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+  #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+  paths:
+    - /var/log/onap/*/*/*/*.log
+    - /var/log/onap/*/*/*.log
+    - /var/log/onap/*/*.log
+  #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+  ignore_older: 48h
+  # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+  clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+  #List of logstash server ip addresses with port number.
+  #But, in our case, this will be the loadbalancer IP address.
+  #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+  hosts: ["logstash.onap-log:5044"]
+  #If enable will do load balancing among availabe Logstash, automatically.
+  loadbalance: true
+
+  #The list of root certificates for server verifications.
+  #If certificate_authorities is empty or not set, the trusted
+  #certificate authorities of the host system are used.
+  #ssl.certificate_authorities: $ssl.certificate_authorities
+
+  #The path to the certificate for SSL client authentication. If the certificate is not specified,
+  #client authentication is not available.
+  #ssl.certificate: $ssl.certificate
+
+  #The client certificate key used for client authentication.
+  #ssl.key: $ssl.key
+
+  #The passphrase used to decrypt an encrypted key stored in the configured key file
+  #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
new file mode 100644
index 0000000000..c4b596b6d5
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
@@ -0,0 +1,154 @@
+<?xml version="1.0" encoding="UTF-8"?>

+<!--

+  ============LICENSE_START=======================================================

+  ECOMP Policy Engine

+  ================================================================================

+  Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.

+  ================================================================================

+  Licensed under the Apache License, Version 2.0 (the "License");

+  you may not use this file except in compliance with the License.

+  You may obtain a copy of the License at

+  

+       http://www.apache.org/licenses/LICENSE-2.0

+  

+  Unless required by applicable law or agreed to in writing, software

+  distributed under the License is distributed on an "AS IS" BASIS,

+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+  See the License for the specific language governing permissions and

+  limitations under the License.

+  ============LICENSE_END=========================================================

+  -->

+<configuration debug="true" scan="true" scanPeriod="3 seconds">

+   <!--<jmxConfigurator /> -->

+   <!--  specify the base path of the log directory --> 

+   <property name="logDir" value="/var/log/onap" />

+   <!--  specify the component name -->

+   <property name="componentName" value="policy" />

+   <!-- specify the sub component name -->

+   <property name="subComponentName" value="pypdpserver" />

+   <!-- The directories where logs are written --> 

+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

+   <!--  log file names -->

+   <property name="errorLogName" value="error" />

+   <property name="metricsLogName" value="metrics" />

+   <property name="auditLogName" value="audit" />

+   <property name="debugLogName" value="debug" />

+   <property name="queueSize" value="256" />

+   <property name="maxFileSize" value="50MB" />

+   <property name="maxHistory" value="30" />

+   <property name="totalSizeCap" value="10GB" />

+   <!-- Example evaluator filter applied against console appender -->

+   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <!-- ============================================================================ -->

+   <!-- EELF Appenders -->

+   <!-- ============================================================================ -->

+   <!-- The EELFAppender is used to record events to the general application 

+    log -->

+   <!-- EELF Audit Appender. This appender is used to record audit engine 

+    related logging events. The audit logger and appender are specializations 

+    of the EELF application root logger and appender. This can be used to segregate 

+    Policy engine events from other components, or it can be eliminated to record 

+    these events as part of the application root log. -->

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">

+      <file>${logDirectory}/${auditLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFAudit" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">

+      <file>${logDirectory}/${metricsLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 

+        %msg%n"</pattern> -->

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFMetrics" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">

+      <file>${logDirectory}/${errorLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

+         <level>INFO</level>

+      </filter>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFError" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">

+      <file>${logDirectory}/${debugLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFDebug" />

+      <includeCallerData>true</includeCallerData>

+   </appender>

+   <!-- ============================================================================ -->

+   <!--  EELF loggers -->

+   <!-- ============================================================================ -->

+   <logger additivity="false" level="info" name="com.att.eelf.audit">

+      <appender-ref ref="asyncEELFAudit" />

+   </logger>

+   <logger additivity="false" level="info" name="com.att.eelf.metrics">

+      <appender-ref ref="asyncEELFMetrics" />

+   </logger>

+   <logger additivity="false" level="info" name="com.att.eelf.error">

+      <appender-ref ref="asyncEELFError" />

+   </logger>

+   <logger additivity="false" level="debug" name="com.att.eelf.debug">

+      <appender-ref ref="asyncEELFDebug" />

+   </logger>

+   <root level="INFO">

+      <appender-ref ref="asyncEELFDebug" />

+      <appender-ref ref="asyncEELFError" />

+   </root>

+</configuration>
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
new file mode 100644
index 0000000000..77068bb9aa
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>

+<!--

+  ============LICENSE_START=======================================================

+  ECOMP-PAP-REST

+  ================================================================================

+  Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.

+  ================================================================================

+  Licensed under the Apache License, Version 2.0 (the "License");

+  you may not use this file except in compliance with the License.

+  You may obtain a copy of the License at

+  

+       http://www.apache.org/licenses/LICENSE-2.0

+  

+  Unless required by applicable law or agreed to in writing, software

+  distributed under the License is distributed on an "AS IS" BASIS,

+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+  See the License for the specific language governing permissions and

+  limitations under the License.

+  ============LICENSE_END=========================================================

+  -->

+<configuration debug="true" scan="true" scanPeriod="3 seconds">

+   <!--<jmxConfigurator /> -->

+   <!--  specify the base path of the log directory -->

+   <property name="logDir" value="/var/log/onap" />

+   <!--  specify the component name -->

+   <property name="componentName" value="policy" />

+   <!-- specify the sub component name -->

+   <property name="subComponentName" value="xacml-pap-rest" />

+   <!-- The directories where logs are written -->

+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

+   <!--  log file names -->

+   <property name="errorLogName" value="error" />

+   <property name="metricsLogName" value="metrics" />

+   <property name="auditLogName" value="audit" />

+   <property name="debugLogName" value="debug" />

+   <property name="queueSize" value="256" />

+   <property name="maxFileSize" value="50MB" />

+   <property name="maxHistory" value="30" />

+   <property name="totalSizeCap" value="10GB" />

+   <!-- Example evaluator filter applied against console appender -->

+   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <!-- ============================================================================ -->

+   <!-- EELF Appenders -->

+   <!-- ============================================================================ -->

+   <!-- The EELFAppender is used to record events to the general application 

+    log -->

+   <!-- EELF Audit Appender. This appender is used to record audit engine 

+    related logging events. The audit logger and appender are specializations 

+    of the EELF application root logger and appender. This can be used to segregate 

+    Policy engine events from other components, or it can be eliminated to record 

+    these events as part of the application root log. -->

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">

+      <file>${logDirectory}/${auditLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFAudit" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">

+      <file>${logDirectory}/${metricsLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 

+        %msg%n"</pattern> -->

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFMetrics" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">

+      <file>${logDirectory}/${errorLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

+         <level>INFO</level>

+      </filter>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFError" />

+   </appender>

+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">

+      <file>${logDirectory}/${debugLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFDebug" />

+      <includeCallerData>true</includeCallerData>

+   </appender>

+   <!-- ============================================================================ -->

+   <!--  EELF loggers -->

+   <!-- ============================================================================ -->

+   <logger additivity="false" level="info" name="com.att.eelf.audit">

+      <appender-ref ref="asyncEELFAudit" />

+   </logger>

+   <logger additivity="false" level="info" name="com.att.eelf.metrics">

+      <appender-ref ref="asyncEELFMetrics" />

+   </logger>

+   <logger additivity="false" level="info" name="com.att.eelf.error">

+      <appender-ref ref="asyncEELFError" />

+   </logger>

+   <logger additivity="false" level="debug" name="com.att.eelf.debug">

+      <appender-ref ref="asyncEELFDebug" />

+   </logger>

+   <root level="INFO">

+      <appender-ref ref="asyncEELFDebug" />

+   </root>

+</configuration>
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
new file mode 100644
index 0000000000..c9c05d922d
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
@@ -0,0 +1,153 @@
+<?xml version="1.0" encoding="UTF-8"?>

+<!--

+  ============LICENSE_START=======================================================

+  ECOMP-PDP-REST

+  ================================================================================

+  Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.

+  ================================================================================

+  Licensed under the Apache License, Version 2.0 (the "License");

+  you may not use this file except in compliance with the License.

+  You may obtain a copy of the License at

+  

+       http://www.apache.org/licenses/LICENSE-2.0

+  

+  Unless required by applicable law or agreed to in writing, software

+  distributed under the License is distributed on an "AS IS" BASIS,

+  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

+  See the License for the specific language governing permissions and

+  limitations under the License.

+  ============LICENSE_END=========================================================

+  -->

+<configuration scan="true" scanPeriod="3 seconds" debug="true">

+   <!--<jmxConfigurator /> -->

+   <!--  specify the base path of the log directory --> 

+   <property name="logDir" value="/var/log/onap" />

+   <!--  specify the component name -->

+   <property name="componentName" value="policy" />

+   <!-- specify the sub component name -->

+   <property name="subComponentName" value="xacml-pdp-rest" />

+   <!-- The directories where logs are written --> 

+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

+   <!--  log file names -->

+   <property name="errorLogName" value="error" />

+   <property name="metricsLogName" value="metrics" />

+   <property name="auditLogName" value="audit" />

+   <property name="debugLogName" value="debug" />

+   <property name="queueSize" value="256" />

+   <property name="maxFileSize" value="50MB" />

+   <property name="maxHistory" value="30" />

+   <property name="totalSizeCap" value="10GB" />

+   <!-- Example evaluator filter applied against console appender -->

+   <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <!-- ============================================================================ -->

+   <!-- EELF Appenders -->

+   <!-- ============================================================================ -->

+   <!-- The EELFAppender is used to record events to the general application 

+    log -->

+   <!-- EELF Audit Appender. This appender is used to record audit engine 

+    related logging events. The audit logger and appender are specializations 

+    of the EELF application root logger and appender. This can be used to segregate 

+    Policy engine events from other components, or it can be eliminated to record 

+    these events as part of the application root log. -->

+   <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">

+      <file>${logDirectory}/${auditLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFAudit" />

+   </appender>

+   <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">

+      <file>${logDirectory}/${metricsLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 

+        %msg%n"</pattern> -->

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFMetrics" />

+   </appender>

+   <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">

+      <file>${logDirectory}/${errorLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

+         <level>INFO</level>

+      </filter>

+   </appender>

+   <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFError" />

+   </appender>

+   <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">

+      <file>${logDirectory}/${debugLogName}.log</file>

+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

+            <maxFileSize>${maxFileSize}</maxFileSize>

+         </timeBasedFileNamingAndTriggeringPolicy>

+         <maxHistory>${maxHistory}</maxHistory>

+         <totalSizeCap>${totalSizeCap}</totalSizeCap>

+      </rollingPolicy>

+      <encoder>

+         <pattern>${pattern}</pattern>

+      </encoder>

+   </appender>

+   <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">

+      <queueSize>${queueSize}</queueSize>

+      <appender-ref ref="EELFDebug" />

+      <includeCallerData>true</includeCallerData>

+   </appender>

+   <!-- ============================================================================ -->

+   <!--  EELF loggers -->

+   <!-- ============================================================================ -->

+   <logger name="com.att.eelf.audit" level="info" additivity="false">

+      <appender-ref ref="asyncEELFAudit" />

+   </logger>

+   <logger name="com.att.eelf.metrics" level="info" additivity="false">

+      <appender-ref ref="asyncEELFMetrics" />

+   </logger>

+   <logger name="com.att.eelf.error" level="info" additivity="false">

+      <appender-ref ref="asyncEELFError" />

+   </logger>

+   <logger name="com.att.eelf.debug" level="debug" additivity="false">

+      <appender-ref ref="asyncEELFDebug" />

+   </logger>

+   <root level="INFO">

+      <appender-ref ref="asyncEELFDebug" />

+   </root>

+</configuration>
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
new file mode 100755
index 0000000000..4f904444f7
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
@@ -0,0 +1,100 @@
+###
+# ============LICENSE_START=======================================================
+# ONAP POLICY
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+
+# SYSTEM software configuration 
+
+POLICY_HOME=/opt/app/policy
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+KEYSTORE_PASSWD=PolicyR0ck$
+
+# Telemetry credentials
+
+ENGINE_MANAGEMENT_PORT=9696
+ENGINE_MANAGEMENT_HOST=0.0.0.0
+ENGINE_MANAGEMENT_USER=@1b3rt
+ENGINE_MANAGEMENT_PASSWORD=31nst31n
+
+# nexus repository
+
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryUrl=http://nexus:8081/nexus/content/repositories/snapshots/
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryUrl=http://nexus:8081/nexus/content/repositories/releases/
+repositoryUsername=admin
+repositoryPassword=admin123
+
+# Relational (SQL) DB access 
+
+SQL_HOST=mariadb.onap-policy
+SQL_USER=policy_user
+SQL_PASSWORD=policy_user
+
+# PDP-D DMaaP configuration channel
+
+PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
+PDPD_CONFIGURATION_SERVERS=dmaap.onap-message-router
+PDPD_CONFIGURATION_API_KEY=
+PDPD_CONFIGURATION_API_SECRET=
+PDPD_CONFIGURATION_CONSUMER_GROUP=
+PDPD_CONFIGURATION_CONSUMER_INSTANCE=
+PDPD_CONFIGURATION_PARTITION_KEY=
+
+# PAP
+
+PAP_HOST=pap.onap-policy
+PAP_USERNAME=testpap
+PAP_PASSWORD=alpha123
+
+# PDP-X
+
+PDP_HOST=pdp.onap-policy
+PDP_USERNAME=testpdp
+PDP_PASSWORD=alpha123
+PDP_CLIENT_USERNAME=python
+PDP_CLIENT_PASSWORD=test
+PDP_ENVIRONMENT=TEST
+
+# DCAE DMaaP
+
+DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT
+DCAE_SERVERS=dmaap.onap-message-router
+
+# Open DMaaP
+
+DMAAP_SERVERS=dmaap.onap-message-router
+
+# AAI
+
+AAI_URL=https://aai.api.simpledemo.openecomp.org:8443
+AAI_USERNAME=POLICY
+AAI_PASSWORD=POLICY
+
+# MSO
+
+SO_URL=http://mso.onap-mso:8080/ecomp/mso/infra
+SO_USERNAME=InfraPortalClient
+SO_PASSWORD=password1$
+
+# VFC
+
+VFC_URL=
+VFC_USERNAME=
+VFC_PASSWORD=
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
new file mode 100755
index 0000000000..8bff59c2e7
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
@@ -0,0 +1,23 @@
+#! /bin/bash
+
+###
+# ============LICENSE_START=======================================================
+# ONAP
+# ================================================================================
+# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+# 
+#      http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# ============LICENSE_END=========================================================
+###
+
+${POLICY_HOME}/bin/features enable healthcheck
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf
new file mode 100644
index 0000000000..31baed21e3
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf
@@ -0,0 +1,2 @@
+HEALTHCHECK_USER=healthcheck
+HEALTHCHECK_PASSWORD=zb!XztG34
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore
new file mode 100644
index 0000000000..ab25c3a341
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
new file mode 100755
index 0000000000..843b832ea7
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
@@ -0,0 +1,5 @@
+CONTROLLER_ARTIFACT_ID=policy-management
+CONTROLLER_NAME=policy-management-controller
+CONTROLLER_PORT=9696
+RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT
+UEB_TOPIC=policyengine-develop
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
new file mode 100755
index 0000000000..9c87d9ca72
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
@@ -0,0 +1,24 @@
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+POLICY_HOME=/opt/app/policy
+KEYSTORE_PASSWD=PolicyR0ck$
+
+JDBC_DRIVER=org.mariadb.jdbc.Driver
+JDBC_URL=jdbc:mariadb://mariadb.onap-policy:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true
+JDBC_LOG_URL=jdbc:mariadb://mariadb.onap-policy:3306/log?failOverReadOnly=false&autoReconnect=true
+JDBC_USER=policy_user
+JDBC_PASSWORD=policy_user
+
+site_name=site_1
+fp_monitor_interval=30
+failed_counter_threshold=3
+test_trans_interval=20
+write_fpc_interval=5
+max_fpc_update_interval=60
+test_via_jmx=false
+jmx_fqdn=
+
+ENVIRONMENT=TEST
+
+#Micro Service Model Properties
+policy_msOnapName=
+policy_msPolicyName=
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
new file mode 100755
index 0000000000..daa3596e6e
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
@@ -0,0 +1,38 @@
+#! /bin/bash
+
+PROPS_BUILD="${POLICY_HOME}/etc/build.info"
+
+PROPS_RUNTIME="${POLICY_HOME}/servers/brmsgw/config.properties"
+PROPS_INSTALL="${POLICY_HOME}/install/servers/brmsgw/config.properties"
+
+
+if [ ! -f "${PROPS_BUILD}" ]; then
+	echo "error: version information does not exist: ${PROPS_BUILD}"
+	exit 1
+fi
+
+source "${POLICY_HOME}/etc/build.info"
+
+if [ -z "${version}" ]; then
+	echo "error: no version information present"
+	exit 1
+fi
+
+for CONFIG in ${PROPS_RUNTIME} ${PROPS_INSTALL}; do
+	if [ ! -f "${CONFIG}" ]; then
+		echo "warning: configuration does not exist: ${CONFIG}"
+	else
+		sed -i -e "s/brms.dependency.version=.*/brms.dependency.version=${version}/g" "${CONFIG}"
+	fi
+done
+
+DEPS_JSON_RUNTIME="${POLICY_HOME}/servers/brmsgw/dependency.json"
+DEPS_JSON_INSTALL="${POLICY_HOME}/install/servers/brmsgw/dependency.json"
+
+for DEP in ${DEPS_JSON_RUNTIME} ${DEPS_JSON_INSTALL}; do
+	if [ ! -f "${DEP}" ]; then
+		echo "warning: configuration does not exist: ${DEP}"
+	else
+		sed -i -e "s/\"version\":.*-SNAPSHOT\"/\"version\": \"${version}\"/g" "${DEP}"
+	fi
+done
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
new file mode 100755
index 0000000000..ff4d2e487d
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
@@ -0,0 +1,53 @@
+# BRMSpep component installation configuration parameters
+BRMSGW_JMX_PORT=9989
+
+COMPONENT_X_MX_MB=1024
+COMPONENT_X_MS_MB=1024
+
+REST_PAP_URL=http://pap.onap-policy:9091/pap/
+REST_PDP_ID=http://pdp.onap-policy:8081/pdp/
+
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+M2_HOME=/usr/share/maven
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryName=Snapshots
+snapshotRepositoryURL=http://nexus.onap-policy:8081/nexus/content/repositories/snapshots
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryName=Releases
+releaseRepositoryURL=http://nexus.onap-policy:8081/nexus/content/repositories/releases
+repositoryUsername=admin
+repositoryPassword=admin123
+UEB_URL=dmaap.onap-message-router
+UEB_TOPIC=PDPD-CONFIGURATION
+UEB_API_KEY=
+UEB_API_SECRET=
+
+groupID=org.onap.policy-engine
+artifactID=drlPDPGroup
+AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam
+AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules
+
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=brmsgw_1
+node_type=brms_gateway
+
+#Environment should be Set either DEV, TEST or PROD
+ENVIRONMENT=TEST
+
+#Notification Properties... type can be either websocket, ueb, or dmaap
+BRMS_NOTIFICATION_TYPE=websocket
+BRMS_UEB_URL=dmaap.onap-message-router
+BRMS_UEB_TOPIC=PDPD-CONFIGURATION
+BRMS_UEB_DELAY=
+BRMS_CLIENT_ID=python
+BRMS_CLIENT_KEY=dGVzdA==
+BRMS_UEB_API_KEY=
+BRMS_UEB_API_SECRET=
+
+#Dependency.json file version
+BRMS_DEPENDENCY_VERSION=1.2.0
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
new file mode 100755
index 0000000000..938543cb7e
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
@@ -0,0 +1,132 @@
+# configs component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9993
+TOMCAT_SHUTDOWN_PORT=8090
+SSL_HTTP_CONNECTOR_PORT=8443
+SSL_HTTP_CONNECTOR_REDIRECT_PORT=8443
+SSL_AJP_CONNECTOR_PORT=8383
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=2048
+TOMCAT_X_MX_MB=2048
+
+# ------------------ console properties ---------------------------
+
+#
+# Authorization Policy
+
+ROOT_POLICIES=admin
+ADMIN_FILE=Policy-Admin.xml
+
+
+# Set your domain here:
+
+REST_ADMIN_DOMAIN=com
+
+#
+# Location where the GIT repository is located
+#
+REST_ADMIN_REPOSITORY=repository
+
+#
+# Location where all the user workspaces are located.
+#
+REST_ADMIN_WORKSPACE=${{POLICY_HOME}}/servers/console/bin/workspace
+
+#
+# These can be set so the Admin Console knows who is logged on. Ideally, you can run the console in a J2EE
+# container and setup authentication as you please. Setting HttpSession attribute values will override these
+# values set in the properties files.
+#
+# ((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer");
+#
+# The default policy: Policy-Admin.xml is extremely simple.
+#
+# You can test authorization within the Admin Console by changing the user id.
+# There are 3 supported user ids:
+#       guest - Read only access
+#       editor - Read/Write access
+#       admin - Read/Write/Admin access
+#
+# An empty or null value for xacml.rest.admin.user.id results in no access to the application at all.
+#
+# This is for development/demonstration purposes only. A production environment should provide authentication which is
+# outside the scope of this application. This application can be used to develop a XACML policy for user authorization
+# within this application.
+#
+
+REST_ADMIN_USER_NAME=Administrator
+REST_ADMIN_USER_ID=super-admin
+
+#
+#
+# Property to declare the max time frame for logs.
+#
+LOG_TIMEFRAME=30
+
+# Property to declare the number of visible rows for users in MicroService Policy
+COLUMN_COUNT=3
+
+# Dashboard refresh rate in miliseconds
+REFRESH_RATE=40000
+
+#
+# URL location for the PAP servlet.
+#
+
+
+REST_PAP_URL=http://pap.onap-policy:9091/pap/
+
+#
+# Config/Action Properties location.
+#
+
+REST_CONFIG_HOME=${{POLICY_HOME}}/servers/pap/webapps/Config/
+REST_ACTION_HOME=${{POLICY_HOME}}/servers/pap/webapps/Action/
+REST_CONFIG_URL=http://pap.onap-policy:9091/
+REST_CONFIG_WEBAPPS=${{POLICY_HOME}}/servers/pap/webapps/
+
+# PAP account information
+CONSOLE_PAP_HTTP_USER_ID=testpap
+CONSOLE_PAP_HTTP_PASSWORD=alpha123
+
+
+node_type=pap_admin
+resource_name=console_1
+
+# The (optional) period of time in seconds between executions of the integrity audit.
+# Value < 0 : Audit does not run (default value if property is not present = -1)
+# Value = 0 : Audit runs continuously
+# Value > 0 : The period of time in seconds between execution of the audit on a particular node
+integrity_audit_period_seconds=-1
+
+#Automatic Policy Distribution 
+automatic_push=false
+
+#Diff of policies for Firewall feature
+FW_GETURL=
+FW_AUTHOURL=
+FW_PROXY=
+FW_PORT=
+
+#SMTP Server Details for Java Mail
+onap_smtp_host=
+onap_smtp_port=25
+onap_smtp_userName=
+onap_smtp_password=
+onap_smtp_emailExtension=
+onap_application_name=
+
+#-----------------------ONAP-PORTAL-Properties----------------------
+
+ONAP_REDIRECT_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/login.htm
+ONAP_REST_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/auxapi
+ONAP_UEB_URL_LIST=
+ONAP_PORTAL_INBOX_NAME=
+ONAP_UEB_APP_KEY=
+ONAP_UEB_APP_SECRET=
+ONAP_UEB_APP_MAILBOX_NAME=
+APP_DISPLAY_NAME=ONAP Policy
+ONAP_SHARED_CONTEXT_REST_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/context
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
new file mode 100644
index 0000000000..938954ce63
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
@@ -0,0 +1,3 @@
+# elasticsearch
+
+ELK_JMX_PORT=9995
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
new file mode 100755
index 0000000000..28b9e3ca33
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
@@ -0,0 +1,5 @@
+# mysql scripts component installation configuration parameters
+
+# Path to mysql bin
+MYSQL_BIN=/usr/local/mysql/bin
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
new file mode 100755
index 0000000000..36ac3689b1
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
@@ -0,0 +1 @@
+#! /bin/bash
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
new file mode 100755
index 0000000000..53c52aaceb
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
@@ -0,0 +1,55 @@
+# pap component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9990
+TOMCAT_SHUTDOWN_PORT=9405
+SSL_HTTP_CONNECTOR_PORT=9091
+SSL_AJP_CONNECTOR_PORT=8380
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pap properties
+
+PAP_PDPS=${{POLICY_HOME}}/servers/pap/bin/pdps
+PAP_URL=http://pap.onap-policy:9091/pap/
+
+PAP_INITIATE_PDP=true
+PAP_HEARTBEAT_INTERVAL=10000
+PAP_HEARTBEAT_TIMEOUT=10000
+
+REST_ADMIN_DOMAIN=com
+REST_ADMIN_REPOSITORY=repository
+REST_ADMIN_WORKSPACE=workspace
+
+# PDP related properties
+
+PAP_PDP_URL=http://pdp.onap-policy:8081/pdp/
+PAP_PDP_HTTP_USER_ID=testpdp
+PAP_PDP_HTTP_PASSWORD=alpha123
+
+PAP_HTTP_USER_ID=testpap
+PAP_HTTP_PASSWORD=alpha123
+
+#new values added 10-21-2015
+PROP_PAP_TRANS_WAIT=500000
+PROP_PAP_TRANS_TIMEOUT=5000
+PROP_PAP_AUDIT_TIMEOUT=300000
+PROP_PAP_RUN_AUDIT_FLAG=true
+PROP_PAP_AUDIT_FLAG=true
+
+PROP_PAP_INCOMINGNOTIFICATION_TRIES=4
+
+
+node_type=pap
+resource_name=pap_1
+dependency_groups=paplp_1
+test_via_jmx=true
+
+# The (optional) period of time in seconds between executions of the integrity audit.
+# Value < 0 : Audit does not run (default value if property is not present = -1)
+# Value = 0 : Audit runs continuously
+# Value > 0 : The period of time in seconds between execution of the audit on a particular node
+integrity_audit_period_seconds=-1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
new file mode 100755
index 0000000000..d25f11be3b
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
@@ -0,0 +1,12 @@
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9996
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://pap.onap-policy:9091/pap/
+LOGPATH=${{POLICY_HOME}}/servers/pap/logs/pap-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=paplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
new file mode 100755
index 0000000000..f68253635a
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
@@ -0,0 +1,2 @@
+#! /bin/bash
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
new file mode 100755
index 0000000000..dba8af2e10
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
@@ -0,0 +1,56 @@
+# pdp component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9991
+TOMCAT_SHUTDOWN_PORT=8087
+SSL_HTTP_CONNECTOR_PORT=8081
+SSL_AJP_CONNECTOR_PORT=8381
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pdp properties
+
+UEB_CLUSTER=dmaap.onap-message-router
+
+REST_PAP_URL=http://pap.onap-policy:9091/pap/
+REST_PDP_ID=http://pdp.onap-policy:8081/pdp/
+REST_PDP_CONFIG=${{POLICY_HOME}}/servers/pdp/bin/config
+REST_PDP_WEBAPPS=${{POLICY_HOME}}/servers/pdp/webapps
+REST_PDP_REGISTER=true
+REST_PDP_REGISTER_SLEEP=15
+REST_PDP_REGISTER_RETRIES=-1
+REST_PDP_MAXCONTENT=999999999
+
+# PDP related properties
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+node_type=pdp_xacml
+resource_name=pdp_1
+dependency_groups=pdplp_1;brmsgw_1
+test_via_jmx=true
+
+#
+# Notification Properties
+# Notification type: websocket, ueb or dmaap... if left blank websocket is the default
+PDP_NOTIFICATION_TYPE=websocket
+PDP_UEB_CLUSTER=
+PDP_UEB_TOPIC=
+PDP_UEB_DELAY=
+PDP_UEB_API_KEY=
+PDP_UEB_API_SECRET=
+PDP_DMAAP_AAF_LOGIN=
+PDP_DMAAP_AAF_PASSWORD=
+
+#AAF Policy Name space
+#Required only, when we use AAF
+POLICY_AAF_NAMESPACE=
+POLICY_AAF_RESOURCE=
+
+# Indeterminate resolution
+DECISION_INDETERMINATE_RESPONSE=PERMIT
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
new file mode 100755
index 0000000000..8320caa56b
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
@@ -0,0 +1,12 @@
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9997
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://pdp.onap-policy:8081/pdp/
+LOGPATH=${{POLICY_HOME}}/servers/pdp/logs/pdp-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=pdplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
new file mode 100755
index 0000000000..0461731c16
--- /dev/null
+++ b/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
@@ -0,0 +1,250 @@
+#! /bin/bash
+
+# forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM
+
+#########################################Upload BRMS Param Template##########################################
+
+echo "Upload BRMS Param Template"
+
+sleep 2
+
+wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl
+
+sleep 2
+
+curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://pdp.onap-policy:8081/pdp/api/policyEngineImport' 
+
+echo "PRELOAD_POLICIES is $PRELOAD_POLICIES"
+
+if [ "$PRELOAD_POLICIES" == "false" ]; then
+    exit 0
+fi
+
+#########################################Create BRMS Param policies##########################################
+
+echo "Create BRMSParam Operational Policies"
+
+sleep 2
+
+echo "Create BRMSParamvFirewall Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"policyConfigType": "BRMS_PARAM",
+	"policyName": "com.BRMSParamvFirewall",
+	"policyDescription": "BRMS Param vFirewall policy",
+	"policyScope": "com",
+	"attributes": {
+		"MATCHING": {
+	    	"controller" : "amsterdam"
+	    },
+		"RULE": {
+			"templateName": "ClosedLoopControlName",
+			"closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a",
+			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+		}
+	}
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+sleep 2
+
+echo "Create BRMSParamvDNS Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"policyConfigType": "BRMS_PARAM",
+	"policyName": "com.BRMSParamvDNS",
+	"policyDescription": "BRMS Param vDNS policy",
+	"policyScope": "com",
+	"attributes": {
+		"MATCHING": {
+	    	"controller" : "amsterdam"
+	    },
+		"RULE": {
+			"templateName": "ClosedLoopControlName",
+			"closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3",
+			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+		}
+	}
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+sleep 2
+
+echo "Create BRMSParamVOLTE Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"policyConfigType": "BRMS_PARAM",
+	"policyName": "com.BRMSParamVOLTE",
+	"policyDescription": "BRMS Param VOLTE policy",
+	"policyScope": "com",
+	"attributes": {
+		"MATCHING": {
+	    	"controller" : "amsterdam"
+	    },
+		"RULE": {
+			"templateName": "ClosedLoopControlName",
+			"closedLoopControlName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b",
+			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+		}
+	}
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+sleep 2
+
+echo "Create BRMSParamvCPE Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"policyConfigType": "BRMS_PARAM",
+	"policyName": "com.BRMSParamvCPE",
+	"policyDescription": "BRMS Param vCPE policy",
+	"policyScope": "com",
+	"attributes": {
+	    "MATCHING": {
+	    	"controller" : "amsterdam"
+	    },
+		"RULE": {
+			"templateName": "ClosedLoopControlName",
+			"closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e",
+			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
+		}
+	}
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+#########################################Create Micro Service Config policies##########################################
+
+echo "Create MicroService Config Policies"
+
+sleep 2
+
+echo "Create MicroServicevFirewall Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevFirewall\", \"description\": \"MicroService vFirewall Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"LESS_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" }, { \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 700, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }",
+	"policyConfigType": "MicroService",
+	"policyName": "com.MicroServicevFirewall",
+	"onapName": "DCAE"
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+
+sleep 2
+
+echo "Create MicroServicevDNS Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevDNS\", \"description\": \"MicroService vDNS Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vLoadBalancer\", \"controlLoopSchemaType\": \"VM\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }",
+	"policyConfigType": "MicroService",
+	"policyName": "com.MicroServicevDNS",
+	"onapName": "DCAE"
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+
+sleep 2
+
+echo "Create MicroServicevCPE Policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+	"configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevCPE\", \"description\": \"MicroService vCPE Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"Measurement_vGMUX\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ABATED\" }, { \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"GREATER\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }",
+	"policyConfigType": "MicroService",
+	"policyName": "com.MicroServicevCPE",
+	"onapName": "DCAE"
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+
+#########################################Creating Decision Guard policy######################################### 
+
+sleep 2
+
+echo "Creating Decision Guard policy"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ 
+	"policyClass": "Decision", 
+	"policyName": "com.AllPermitGuard", 
+	"policyDescription": "Testing all Permit YAML Guard Policy", 
+	"ecompName": "PDPD", 
+	"ruleProvider": "GUARD_YAML", 
+	"attributes": { 
+		"MATCHING": { 
+			"actor": ".*", 
+			"recipe": ".*", 
+			"targets": ".*", 
+			"clname": ".*", 
+			"limit": "10", 
+			"timeWindow": "1", 
+			"timeUnits": "minute", 
+			"guardActiveStart": "00:00:01-05:00", 
+			"guardActiveEnd": "00:00:00-05:00" 
+		} 
+	} 
+}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy'
+
+#########################################Push Decision policy#########################################
+
+sleep 2
+
+echo "Push Decision policy" 
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ 
+  "pdpGroup": "default", 
+  "policyName": "com.AllPermitGuard", 
+  "policyType": "DECISION" 
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+#########################################Pushing BRMS Param policies##########################################
+
+echo "Pushing BRMSParam Operational policies"
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamvFirewall"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.BRMSParamvFirewall",
+  "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamvDNS"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.BRMSParamvDNS",
+  "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamVOLTE"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.BRMSParamVOLTE",
+  "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 2
+
+echo "pushPolicy : PUT : com.BRMSParamvCPE"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.BRMSParamvCPE",
+  "policyType": "BRMS_Param"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+#########################################Pushing MicroService Config policies##########################################
+
+echo "Pushing MicroService Config policies"
+
+sleep 2
+
+echo "pushPolicy : PUT : com.MicroServicevFirewall"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.MicroServicevFirewall",
+  "policyType": "MicroService"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy'
+
+sleep 10
+
+echo "pushPolicy : PUT : com.MicroServicevDNS"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.MicroServicevDNS",
+  "policyType": "MicroService"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' 
+
+sleep 10
+
+echo "pushPolicy : PUT : com.MicroServicevCPE"
+curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{
+  "pdpGroup": "default",
+  "policyName": "com.MicroServicevCPE",
+  "policyType": "MicroService"
+}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' 
\ No newline at end of file
diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml
index 5c5f683e88..c6b633e98d 100644
--- a/kubernetes/policy/templates/all-services.yaml
+++ b/kubernetes/policy/templates/all-services.yaml
@@ -128,4 +128,4 @@ spec:
   selector:
     app: brmsgw
   type: NodePort
-#{{ end }}
\ No newline at end of file
+#{{ end }}
diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml
index 89752aece7..667ccc6251 100644
--- a/kubernetes/policy/templates/dep-brmsgw.yaml
+++ b/kubernetes/policy/templates/dep-brmsgw.yaml
@@ -49,8 +49,9 @@ spec:
           hostPath:
             path: /etc/localtime
         - name: pe
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+          configMap:
+            name: policy-dep-pe-configmap
+            defaultMode: 0755
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
 #{{ end }}
diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml
index 83179fafc9..afa044abe9 100644
--- a/kubernetes/policy/templates/dep-drools.yaml
+++ b/kubernetes/policy/templates/dep-drools.yaml
@@ -59,10 +59,12 @@ spec:
           name: drools
         - mountPath: /usr/share/maven/conf/settings.xml
           name: drools-settingsxml
+          subPath: settings.xml
         - mountPath: /var/log/onap
           name: policy-logs
         - mountPath: /tmp/logback.xml
           name: policy-logback
+          subPath: logback.xml
         lifecycle:
           postStart:
             exec:
@@ -73,6 +75,7 @@ spec:
         volumeMounts:
         - mountPath: /usr/share/filebeat/filebeat.yml
           name: filebeat-conf
+          subPath: filebeat.yml
         - mountPath: /var/log/onap
           name: policy-logs
         - mountPath: /usr/share/filebeat/data
@@ -82,21 +85,37 @@ spec:
           hostPath:
             path: /etc/localtime
         - name: filebeat-conf
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+          configMap:
+            name: policy-filebeat-configmap
         - name: policy-logs
           emptyDir: {}
         - name: policy-data-filebeat
           emptyDir: {}
         - name: policy-logback
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/drools/logback.xml
+          configMap:
+            name: policy-drools-log-configmap
         - name: drools-settingsxml
-          hostPath:
-            path:  /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/drools/settings.xml
+          configMap:
+            name: policy-dep-drools-settings-configmap
         - name: drools
-          hostPath:
-            path:  /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/drools/
+          secret:
+            secretName: policy-dep-drools-secret
+            items:
+            - key: policy-keystore
+              path: policy-keystore
+              mode: 0644
+            - key: feature-healthcheck.conf
+              path: feature-healthcheck.conf
+              mode: 0644
+            - key: base.conf
+              path: base.conf
+              mode: 0755
+            - key: policy-management.conf
+              path: policy-management.conf
+              mode: 0755
+            - key: drools-tweaks.sh
+              path: drools-tweaks.sh
+              mode: 0755
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
 #{{ end }}
diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml
index a19fd24778..d3d5ff3738 100644
--- a/kubernetes/policy/templates/dep-pap.yaml
+++ b/kubernetes/policy/templates/dep-pap.yaml
@@ -71,8 +71,10 @@ spec:
           name: policy-logs
         - mountPath: /tmp/policy-install/logback.xml
           name: policy-sdk-logback
+          subPath: logback.xml
         - mountPath: /tmp/logback.xml
           name: policy-logback
+          subPath: logback.xml
         lifecycle:
           postStart:
             exec:
@@ -83,6 +85,7 @@ spec:
         volumeMounts:
         - mountPath: /usr/share/filebeat/filebeat.yml
           name: filebeat-conf
+          subPath: filebeat.yml
         - mountPath: /var/log/onap
           name: policy-logs
         - mountPath: /usr/share/filebeat/data
@@ -92,21 +95,22 @@ spec:
           hostPath:
             path: /etc/localtime
         - name: filebeat-conf
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+          configMap:
+            name: policy-filebeat-configmap
         - name: policy-logs
           emptyDir: {}
         - name: policy-data-filebeat
           emptyDir: {}
         - name: policy-logback
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/xacml-pap-rest/logback.xml
+          configMap:
+            name: policy-pap-log-configmap
         - name: policy-sdk-logback
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/ep_sdk_app/logback.xml
+          configMap:
+            name: policy-sdk-log-configmap
         - name: pe
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+          configMap:
+            name: policy-dep-pe-configmap
+            defaultMode: 0755
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
 #{{ end }}
diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml
index 1f66396a1c..b62e280895 100644
--- a/kubernetes/policy/templates/dep-pdp.yaml
+++ b/kubernetes/policy/templates/dep-pdp.yaml
@@ -55,6 +55,7 @@ spec:
           name: policy-logs
         - mountPath:  /tmp/logback.xml
           name: policy-logback
+          subPath: logback.xml
         lifecycle:
           postStart:
             exec:
@@ -65,6 +66,7 @@ spec:
         volumeMounts:
         - mountPath: /usr/share/filebeat/filebeat.yml
           name: filebeat-conf
+          subPath: filebeat.yml
         - mountPath: /var/log/onap
           name: policy-logs
         - mountPath: /usr/share/filebeat/data
@@ -74,18 +76,19 @@ spec:
           hostPath:
             path: /etc/localtime
         - name: filebeat-conf
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+          configMap:
+            name: policy-filebeat-configmap
         - name: policy-logs
           emptyDir: {}
         - name: policy-data-filebeat
           emptyDir: {}
         - name: policy-logback
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/xacml-pdp-rest/logback.xml
+          configMap:
+            name: policy-pdp-log-configmap
         - name: pe
-          hostPath:
-            path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+          configMap:
+            name: policy-dep-pe-configmap
+            defaultMode: 0755
       imagePullSecrets:
       - name: "{{ .Values.nsPrefix }}-docker-registry-key"
 #{{ end }}
diff --git a/kubernetes/policy/templates/policy-deployment-configmap.yaml b/kubernetes/policy/templates/policy-deployment-configmap.yaml
new file mode 100644
index 0000000000..b1db02bd20
--- /dev/null
+++ b/kubernetes/policy/templates/policy-deployment-configmap.yaml
@@ -0,0 +1,19 @@
+#{{ if not .Values.disablePolicyDrools }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-dep-drools-settings-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/drools/settings.xml").AsConfig | indent 2 }}
+#{{ end }}
+---
+#{{ if not .Values.disablePolicyPdp }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-dep-pe-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/opt/policy/config/pe/*").AsConfig | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/templates/policy-deployment-secret.yaml
new file mode 100644
index 0000000000..99a807bddf
--- /dev/null
+++ b/kubernetes/policy/templates/policy-deployment-secret.yaml
@@ -0,0 +1,10 @@
+#{{ if not .Values.disablePolicyDrools }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: policy-dep-drools-secret
+  namespace: {{ .Values.nsPrefix }}-policy
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsSecrets . | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-log-configmap.yaml b/kubernetes/policy/templates/policy-log-configmap.yaml
new file mode 100644
index 0000000000..24ad45e5f7
--- /dev/null
+++ b/kubernetes/policy/templates/policy-log-configmap.yaml
@@ -0,0 +1,45 @@
+#{{ if not .Values.disablePolicyPap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-pap-log-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/xacml-pap-rest/*").AsConfig | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-sdk-log-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/ep_sdk_app/*").AsConfig | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-filebeat-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{  (.Files.Glob "resources/config/log/filebeat/*").AsConfig | indent 2 }}
+#{{ end }}
+#{{ if not .Values.disablePolicyPdp }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-pdp-log-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/xacml-pdp-rest/*").AsConfig | indent 2 }}
+#{{ end }}
+#{{ if not .Values.disablePolicyDrools }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: policy-drools-log-configmap
+  namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/drools/*").AsConfig | indent 2 }}
+#{{ end }}