From ced8514d3c19dc5ba4ae8e42797fc731ef25d200 Mon Sep 17 00:00:00 2001 From: mayankg2703 Date: Tue, 20 Mar 2018 05:42:53 +0000 Subject: Add Standardized Configuration to POLICY Change-Id: Iabdb2bba14b5095c08ff2920aec97a213e0acb30 Issue-ID: OOM-745 Signed-off-by: mayankg2703 Signed-off-by: Mike Elliott Signed-off-by: Mandeep Khinda --- kubernetes/policy/resources/config/pe/console.conf | 146 ++++++++++++ kubernetes/policy/resources/config/pe/elk.conf | 17 ++ kubernetes/policy/resources/config/pe/mysql.conf | 19 ++ .../policy/resources/config/pe/pap-tweaks.sh | 15 ++ kubernetes/policy/resources/config/pe/pap.conf | 69 ++++++ kubernetes/policy/resources/config/pe/paplp.conf | 26 ++ .../policy/resources/config/pe/push-policies.sh | 264 +++++++++++++++++++++ 7 files changed, 556 insertions(+) create mode 100644 kubernetes/policy/resources/config/pe/console.conf create mode 100644 kubernetes/policy/resources/config/pe/elk.conf create mode 100644 kubernetes/policy/resources/config/pe/mysql.conf create mode 100644 kubernetes/policy/resources/config/pe/pap-tweaks.sh create mode 100644 kubernetes/policy/resources/config/pe/pap.conf create mode 100644 kubernetes/policy/resources/config/pe/paplp.conf create mode 100644 kubernetes/policy/resources/config/pe/push-policies.sh (limited to 'kubernetes/policy/resources/config/pe') diff --git a/kubernetes/policy/resources/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf new file mode 100644 index 0000000000..3ed6ed439c --- /dev/null +++ b/kubernetes/policy/resources/config/pe/console.conf @@ -0,0 +1,146 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# configs component installation configuration parameters + +# tomcat specific parameters + +TOMCAT_JMX_PORT=9993 +TOMCAT_SHUTDOWN_PORT=8090 +SSL_HTTP_CONNECTOR_PORT=8443 +SSL_HTTP_CONNECTOR_REDIRECT_PORT=8443 +SSL_AJP_CONNECTOR_PORT=8383 +SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 + +TOMCAT_X_MS_MB=2048 +TOMCAT_X_MX_MB=2048 + +# ------------------ console properties --------------------------- + +# +# Authorization Policy + +ROOT_POLICIES=admin +ADMIN_FILE=Policy-Admin.xml + + +# Set your domain here: + +REST_ADMIN_DOMAIN=com + +# +# Location where the GIT repository is located +# +REST_ADMIN_REPOSITORY=repository + +# +# Location where all the user workspaces are located. +# +REST_ADMIN_WORKSPACE=/opt/app/policy/servers/console/bin/workspace + +# +# These can be set so the Admin Console knows who is logged on. Ideally, you can run the console in a J2EE +# container and setup authentication as you please. Setting HttpSession attribute values will override these +# values set in the properties files. +# +# ((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer"); +# +# The default policy: Policy-Admin.xml is extremely simple. +# +# You can test authorization within the Admin Console by changing the user id. +# There are 3 supported user ids: +# guest - Read only access +# editor - Read/Write access +# admin - Read/Write/Admin access +# +# An empty or null value for xacml.rest.admin.user.id results in no access to the application at all. +# +# This is for development/demonstration purposes only. A production environment should provide authentication which is +# outside the scope of this application. This application can be used to develop a XACML policy for user authorization +# within this application. +# + +REST_ADMIN_USER_NAME=Administrator +REST_ADMIN_USER_ID=super-admin + +# +# +# Property to declare the max time frame for logs. +# +LOG_TIMEFRAME=30 + +# Property to declare the number of visible rows for users in MicroService Policy +COLUMN_COUNT=3 + +# Dashboard refresh rate in miliseconds +REFRESH_RATE=40000 + +# +# URL location for the PAP servlet. +# + + +REST_PAP_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/pap/ + +# +# Config/Action Properties location. +# + +REST_CONFIG_HOME=/opt/app/policy/servers/pap/webapps/Config/ +REST_ACTION_HOME=/opt/app/policy/servers/pap/webapps/Action/ +REST_CONFIG_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/ +REST_CONFIG_WEBAPPS=/opt/app/policy/servers/pap/webapps/ + +# PAP account information +CONSOLE_PAP_HTTP_USER_ID=testpap +CONSOLE_PAP_HTTP_PASSWORD=alpha123 + + +node_type=pap_admin +resource_name=console_1 + +# The (optional) period of time in seconds between executions of the integrity audit. +# Value < 0 : Audit does not run (default value if property is not present = -1) +# Value = 0 : Audit runs continuously +# Value > 0 : The period of time in seconds between execution of the audit on a particular node +integrity_audit_period_seconds=-1 + +#Automatic Policy Distribution +automatic_push=false + +#Diff of policies for Firewall feature +FW_GETURL= +FW_AUTHOURL= +FW_PROXY= +FW_PORT= + +#SMTP Server Details for Java Mail +onap_smtp_host= +onap_smtp_port=25 +onap_smtp_userName= +onap_smtp_password= +onap_smtp_emailExtension= +onap_application_name= + +#-----------------------ONAP-PORTAL-Properties---------------------- + +ONAP_REDIRECT_URL=http://portalapps:8989/ONAPPORTAL/login.htm +ONAP_REST_URL=http://portalapps:8989/ONAPPORTAL/auxapi +ONAP_UEB_URL_LIST= +ONAP_PORTAL_INBOX_NAME= +ONAP_UEB_APP_KEY= +ONAP_UEB_APP_SECRET= +ONAP_UEB_APP_MAILBOX_NAME= +APP_DISPLAY_NAME=ONAP Policy +ONAP_SHARED_CONTEXT_REST_URL=http://portalapps:8989/ONAPPORTAL/context diff --git a/kubernetes/policy/resources/config/pe/elk.conf b/kubernetes/policy/resources/config/pe/elk.conf new file mode 100644 index 0000000000..2750bff702 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/elk.conf @@ -0,0 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# elasticsearch + +ELK_JMX_PORT=9995 diff --git a/kubernetes/policy/resources/config/pe/mysql.conf b/kubernetes/policy/resources/config/pe/mysql.conf new file mode 100644 index 0000000000..d4f83d414e --- /dev/null +++ b/kubernetes/policy/resources/config/pe/mysql.conf @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# mysql scripts component installation configuration parameters + +# Path to mysql bin +MYSQL_BIN=/usr/local/mysql/bin + diff --git a/kubernetes/policy/resources/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/pe/pap-tweaks.sh new file mode 100644 index 0000000000..1930b98f77 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/pap-tweaks.sh @@ -0,0 +1,15 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#! /bin/bash diff --git a/kubernetes/policy/resources/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf new file mode 100644 index 0000000000..28c2da1a14 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -0,0 +1,69 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# pap component installation configuration parameters + +# tomcat specific parameters + +TOMCAT_JMX_PORT=9990 +TOMCAT_SHUTDOWN_PORT=9405 +SSL_HTTP_CONNECTOR_PORT=9091 +SSL_AJP_CONNECTOR_PORT=8380 +SSL_AJP_CONNECTOR_REDIRECT_PORT=8443 + +TOMCAT_X_MS_MB=1024 +TOMCAT_X_MX_MB=1024 + +# pap properties + +PAP_PDPS=/opt/app/policy/servers/pap/bin/pdps +PAP_URL=http://{{ include "common.fullname" . }}:9091/pap/ + +PAP_INITIATE_PDP=true +PAP_HEARTBEAT_INTERVAL=10000 +PAP_HEARTBEAT_TIMEOUT=10000 + +REST_ADMIN_DOMAIN=com +REST_ADMIN_REPOSITORY=repository +REST_ADMIN_WORKSPACE=workspace + +# PDP related properties + +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/ +PAP_PDP_HTTP_USER_ID=testpdp +PAP_PDP_HTTP_PASSWORD=alpha123 + +PAP_HTTP_USER_ID=testpap +PAP_HTTP_PASSWORD=alpha123 + +#new values added 10-21-2015 +PROP_PAP_TRANS_WAIT=500000 +PROP_PAP_TRANS_TIMEOUT=5000 +PROP_PAP_AUDIT_TIMEOUT=300000 +PROP_PAP_RUN_AUDIT_FLAG=true +PROP_PAP_AUDIT_FLAG=true + +PROP_PAP_INCOMINGNOTIFICATION_TRIES=4 + + +node_type=pap +resource_name=pap_1 +dependency_groups=paplp_1 +test_via_jmx=true + +# The (optional) period of time in seconds between executions of the integrity audit. +# Value < 0 : Audit does not run (default value if property is not present = -1) +# Value = 0 : Audit runs continuously +# Value > 0 : The period of time in seconds between execution of the audit on a particular node +integrity_audit_period_seconds=-1 diff --git a/kubernetes/policy/resources/config/pe/paplp.conf b/kubernetes/policy/resources/config/pe/paplp.conf new file mode 100644 index 0000000000..7124fde01a --- /dev/null +++ b/kubernetes/policy/resources/config/pe/paplp.conf @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# JVM specific parameters +LOGPARSER_JMX_PORT=9996 +LOGPARSER_X_MS_MB=1024 +LOGPARSER_X_MX_MB=1024 + +SERVER=http://{{ include "common.fullname" . }}:9091/pap/ +LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log +PARSERLOGPATH=IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=paplp_1 diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh new file mode 100644 index 0000000000..5e0172bce9 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -0,0 +1,264 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#! /bin/bash + +# forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM + +#########################################Upload BRMS Param Template########################################## + +echo "Upload BRMS Param Template" + +sleep 2 + +wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl + +sleep 2 + +curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/policyEngineImport' + +echo "PRELOAD_POLICIES is $PRELOAD_POLICIES" + +if [ "$PRELOAD_POLICIES" == "false" ]; then + exit 0 +fi + +#########################################Create BRMS Param policies########################################## + +echo "Create BRMSParam Operational Policies" + +sleep 2 + +echo "Create BRMSParamvFirewall Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvFirewall", + "policyDescription": "BRMS Param vFirewall policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvDNS Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvDNS", + "policyDescription": "BRMS Param vDNS policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamVOLTE Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamVOLTE", + "policyDescription": "BRMS Param VOLTE policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvCPE Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvCPE", + "policyDescription": "BRMS Param vCPE policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + +#########################################Create Micro Service Config policies########################################## + +echo "Create MicroService Config Policies" + +sleep 2 + +echo "Create MicroServicevFirewall Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevFirewall\", \"description\": \"MicroService vFirewall Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"LESS_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" }, { \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 700, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevFirewall", + "onapName": "DCAE" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + + +sleep 2 + +echo "Create MicroServicevDNS Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevDNS\", \"description\": \"MicroService vDNS Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vLoadBalancer\", \"controlLoopSchemaType\": \"VM\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevDNS", + "onapName": "DCAE" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + + +sleep 2 + +echo "Create MicroServicevCPE Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevCPE\", \"description\": \"MicroService vCPE Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"Measurement_vGMUX\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ABATED\" }, { \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"GREATER\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevCPE", + "onapName": "DCAE" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + + +#########################################Creating Decision Guard policy######################################### + +sleep 2 + +echo "Creating Decision Guard policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyClass": "Decision", + "policyName": "com.AllPermitGuard", + "policyDescription": "Testing all Permit YAML Guard Policy", + "ecompName": "PDPD", + "ruleProvider": "GUARD_YAML", + "attributes": { + "MATCHING": { + "actor": ".*", + "recipe": ".*", + "targets": ".*", + "clname": ".*", + "limit": "10", + "timeWindow": "1", + "timeUnits": "minute", + "guardActiveStart": "00:00:01-05:00", + "guardActiveEnd": "00:00:00-05:00" + } + } +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' + +#########################################Push Decision policy######################################### + +sleep 2 + +echo "Push Decision policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.AllPermitGuard", + "policyType": "DECISION" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +#########################################Pushing BRMS Param policies########################################## + +echo "Pushing BRMSParam Operational policies" + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvFirewall" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvFirewall", + "policyType": "BRMS_Param" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvDNS" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvDNS", + "policyType": "BRMS_Param" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamVOLTE" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamVOLTE", + "policyType": "BRMS_Param" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvCPE" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvCPE", + "policyType": "BRMS_Param" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +#########################################Pushing MicroService Config policies########################################## + +echo "Pushing MicroService Config policies" + +sleep 2 + +echo "pushPolicy : PUT : com.MicroServicevFirewall" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevFirewall", + "policyType": "MicroService" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevDNS" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevDNS", + "policyType": "MicroService" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevCPE" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevCPE", + "policyType": "MicroService" +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' -- cgit 1.2.3-korg