summaryrefslogtreecommitdiffstats
path: root/config/pe
diff options
context:
space:
mode:
authorPamela Dragosh <pdragosh@research.att.com>2017-02-14 19:57:17 -0500
committerPamela Dragosh <pdragosh@research.att.com>2017-02-14 19:57:34 -0500
commitd1728dcd6de36778e6ec0bb99ea9e37ac2f56645 (patch)
tree8c3df0cbb52b7d90131101f20841d9e3b5b87ba4 /config/pe
parent35607b20f059053e77a2a9355b26a8dd9a7b9c31 (diff)
Initial OpenECOMP policy/docker commit
Change-Id: Ib37c3693614ee21a78f838e63eb40319cc85bdc6 Signed-off-by: Pamela Dragosh <pdragosh@research.att.com>
Diffstat (limited to 'config/pe')
-rw-r--r--config/pe/base.conf20
-rwxr-xr-xconfig/pe/brmsgw-tweaks.sh2
-rw-r--r--config/pe/brmsgw.conf43
-rw-r--r--config/pe/console.conf135
-rw-r--r--config/pe/mysql.conf5
-rwxr-xr-xconfig/pe/pap-tweaks.sh15
-rw-r--r--config/pe/pap.conf55
-rw-r--r--config/pe/paplp.conf12
-rwxr-xr-xconfig/pe/pdp-tweaks.sh2
-rw-r--r--config/pe/pdp.conf36
-rw-r--r--config/pe/pdplp.conf12
-rw-r--r--config/pe/push-policies.sh75
-rwxr-xr-xconfig/pe/pypdp-tweaks.sh3
-rw-r--r--config/pe/pypdp.conf25
14 files changed, 440 insertions, 0 deletions
diff --git a/config/pe/base.conf b/config/pe/base.conf
new file mode 100644
index 00000000..e798a40d
--- /dev/null
+++ b/config/pe/base.conf
@@ -0,0 +1,20 @@
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+POLICY_HOME=/opt/app/policy
+KEYSTORE_PASSWD=PolicyR0ck$
+
+JDBC_DRIVER=org.mariadb.jdbc.Driver
+JDBC_URL=jdbc:mariadb://mariadb:3306/ecomp_sdk
+JDBC_LOG_URL=jdbc:mariadb://mariadb:3306/log
+JDBC_USER=policy_user
+JDBC_PASSWORD=policy_user
+
+site_name=site_1
+fp_monitor_interval=30
+failed_counter_threshold=3
+test_trans_interval=20
+write_fpc_interval=5
+max_fpc_update_interval=60
+test_via_jmx=false
+jmx_fqdn=
+
+ENVIRONMENT=TEST
diff --git a/config/pe/brmsgw-tweaks.sh b/config/pe/brmsgw-tweaks.sh
new file mode 100755
index 00000000..f6825363
--- /dev/null
+++ b/config/pe/brmsgw-tweaks.sh
@@ -0,0 +1,2 @@
+#! /bin/bash
+
diff --git a/config/pe/brmsgw.conf b/config/pe/brmsgw.conf
new file mode 100644
index 00000000..da2cd0a4
--- /dev/null
+++ b/config/pe/brmsgw.conf
@@ -0,0 +1,43 @@
+# BRMSpep component installation configuration parameters
+BRMSGW_JMX_PORT=9989
+
+COMPONENT_X_MX_MB=1024
+COMPONENT_X_MS_MB=1024
+
+REST_PAP_URL=http://pap:9091/pap/
+REST_PDP_ID=http://pdp:8081/pdp/
+
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+M2_HOME=/usr/share/maven
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryName=Snapshots
+snapshotRepositoryURL=http://nexus:8081/nexus/content/repositories/snapshots
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryName=Releases
+releaseRepositoryURL=http://nexus:8081/nexus/content/repositories/releases
+repositoryUsername=admin
+repositoryPassword=admin123
+UEB_URL=vm1.mr.simpledemo.openecomp.org
+UEB_TOPIC=PDPD-CONFIGURATION
+UEB_API_KEY=
+UEB_API_SECRET=
+
+groupID=org.openecomp.policy-engine
+artifactID=drlPDPGroup
+VFW_GROUP_ID=org.openecomp.policy-engine.drools.vFW
+VFW_ARTIFACT_ID=policy-vFW-rules
+VDNS_GROUP_ID=org.openecomp.policy-engine.drools.vDNS
+VDNS_ARTIFACT_ID=policy-vDNS-rules
+
+
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=brmsgw_1
+node_type=brms_gateway
+
+CLIENT_ID=PyPDPServer
+CLIENT_KEY=test
+ENVIRONMENT=TEST
diff --git a/config/pe/console.conf b/config/pe/console.conf
new file mode 100644
index 00000000..6606addb
--- /dev/null
+++ b/config/pe/console.conf
@@ -0,0 +1,135 @@
+# configs component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9993
+TOMCAT_SHUTDOWN_PORT=8090
+SSL_HTTP_CONNECTOR_PORT=8443
+SSL_HTTP_CONNECTOR_REDIRECT_PORT=8443
+SSL_AJP_CONNECTOR_PORT=8383
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=2048
+TOMCAT_X_MX_MB=2048
+
+# ------------------ console properties ---------------------------
+
+#
+# Authorization Policy
+
+ROOT_POLICIES=admin
+ADMIN_FILE=Policy-Admin.xml
+
+
+# Set your domain here:
+
+REST_ADMIN_DOMAIN=com
+
+#
+# Location where the GIT repository is located
+#
+REST_ADMIN_REPOSITORY=repository
+
+#
+# Location where all the user workspaces are located.
+#
+REST_ADMIN_WORKSPACE=${{POLICY_HOME}}/servers/console/bin/workspace
+
+#
+# These can be set so the Admin Console knows who is logged on. Ideally, you can run the console in a J2EE
+# container and setup authentication as you please. Setting HttpSession attribute values will override these
+# values set in the properties files.
+#
+# ((HttpServletRequest) request).getSession().setAttribute("xacml.rest.admin.user.name", "Homer");
+#
+# The default policy: Policy-Admin.xml is extremely simple.
+#
+# You can test authorization within the Admin Console by changing the user id.
+# There are 3 supported user ids:
+# guest - Read only access
+# editor - Read/Write access
+# admin - Read/Write/Admin access
+#
+# An empty or null value for xacml.rest.admin.user.id results in no access to the application at all.
+#
+# This is for development/demonstration purposes only. A production environment should provide authentication which is
+# outside the scope of this application. This application can be used to develop a XACML policy for user authorization
+# within this application.
+#
+
+REST_ADMIN_USER_NAME=Administrator
+REST_ADMIN_USER_ID=super-admin
+
+#
+#
+# Property to declare the max time frame for logs.
+#
+LOG_TIMEFRAME=30
+
+# Property to declare the number of visible rows for users in MicroService Policy
+COLUMN_COUNT=3
+
+# Dashboard refresh rate in miliseconds
+REFRESH_RATE=40000
+
+#
+# URL location for the PAP servlet.
+#
+
+
+REST_PAP_URL=http://pap:9091/pap/
+
+#
+# Config/Action Properties location.
+#
+
+REST_CONFIG_HOME=${{POLICY_HOME}}/servers/pap/webapps/Config/
+REST_ACTION_HOME=${{POLICY_HOME}}/servers/pap/webapps/Action/
+REST_CONFIG_URL=http://pap:9091/
+REST_CONFIG_WEBAPPS=${{POLICY_HOME}}/servers/pap/webapps/
+
+# PAP account information
+CONSOLE_PAP_HTTP_USER_ID=testpap
+CONSOLE_PAP_HTTP_PASSWORD=alpha123
+
+
+node_type=pap_admin
+resource_name=console_1
+
+# The (optional) period of time in seconds between executions of the integrity audit.
+# Value < 0 : Audit does not run (default value if property is not present = -1)
+# Value = 0 : Audit runs continuously
+# Value > 0 : The period of time in seconds between execution of the audit on a particular node
+integrity_audit_period_seconds=-1
+
+#Automatic Policy Distribution
+automatic_push=false
+
+#Diff of policies for Firewall feature
+FW_GETURL=
+FW_AUTHOURL=
+FW_PROXY=
+FW_PORT=
+
+#SMTP Server Details for Java Mail
+ecomp_smtp_host=
+ecomp_smtp_port=25
+ecomp_smtp_userName=
+ecomp_smtp_password=
+ecomp_application_name=
+
+#-----------------------ECOMP-PORTAL-Properties----------------------
+
+ECOMP_REDIRECT_URL=http://portal.api.simpledemo.openecomp.org:8989/ECOMPPORTAL/login.htm
+ECOMP_REST_URL=
+ECOMP_UEB_URL_LIST=
+ECOMP_PORTAL_INBOX_NAME=
+ECOMP_UEB_APP_KEY=
+ECOMP_UEB_APP_SECRET=
+ECOMP_UEB_APP_MAILBOX_NAME=
+APP_DISPLAY_NAME=OpenECOMP Policy
+ECOMP_SHARED_CONTEXT_REST_URL=http://portal.api.simpledemo.openecomp.org:8989/ECOMPPORTAL/context
+
+#Add the Rest PAP url and pap auth password on adding delimiter @Auth@
+
+REST_PAPURL_WITH_AUTH_PASSWORD=http://policy.api.simpledemo.openecomp.org:9091/pap/@Auth@dGVzdHBhcDphbHBoYTEyMw==
diff --git a/config/pe/mysql.conf b/config/pe/mysql.conf
new file mode 100644
index 00000000..28b9e3ca
--- /dev/null
+++ b/config/pe/mysql.conf
@@ -0,0 +1,5 @@
+# mysql scripts component installation configuration parameters
+
+# Path to mysql bin
+MYSQL_BIN=/usr/local/mysql/bin
+
diff --git a/config/pe/pap-tweaks.sh b/config/pe/pap-tweaks.sh
new file mode 100755
index 00000000..be8a905a
--- /dev/null
+++ b/config/pe/pap-tweaks.sh
@@ -0,0 +1,15 @@
+#! /bin/bash
+
+# config directory may contain an ip_addr.txt file that specifies
+# the VM IP address. Substitute this value in the URL in the
+# config.json file, overriding the hostname that came from the
+# REST_PAPURL_WITH_AUTH_PASSWORD property in console.conf. This is
+# to avoid hardcoding an IP address in console.conf that can change
+# from one VM instance to the next.
+
+if [[ -f config/ip_addr.txt ]]; then
+ vm_ip=$(<config/ip_addr.txt)
+ echo "Substituting VM IP address $vm_ip in console config.json file"
+ sed -i -e "s@http:.*:@http://$vm_ip:@" \
+ $POLICY_HOME/servers/console/webapps/ecomp/app/policyApp/Properties/config.json
+fi
diff --git a/config/pe/pap.conf b/config/pe/pap.conf
new file mode 100644
index 00000000..084f127f
--- /dev/null
+++ b/config/pe/pap.conf
@@ -0,0 +1,55 @@
+# pap component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9990
+TOMCAT_SHUTDOWN_PORT=9405
+SSL_HTTP_CONNECTOR_PORT=9091
+SSL_AJP_CONNECTOR_PORT=8380
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pap properties
+
+PAP_PDPS=${{POLICY_HOME}}/servers/pap/bin/pdps
+PAP_URL=http://pap:9091/pap/
+
+PAP_INITIATE_PDP=true
+PAP_HEARTBEAT_INTERVAL=10000
+PAP_HEARTBEAT_TIMEOUT=10000
+
+REST_ADMIN_DOMAIN=com
+REST_ADMIN_REPOSITORY=repository
+REST_ADMIN_WORKSPACE=workspace
+
+# PDP related properties
+
+PAP_PDP_URL=http://pdp:8081/pdp/
+PAP_PDP_HTTP_USER_ID=testpdp
+PAP_PDP_HTTP_PASSWORD=alpha123
+
+PAP_HTTP_USER_ID=testpap
+PAP_HTTP_PASSWORD=alpha123
+
+#new values added 10-21-2015
+PROP_PAP_TRANS_WAIT=500000
+PROP_PAP_TRANS_TIMEOUT=5000
+PROP_PAP_AUDIT_TIMEOUT=300000
+PROP_PAP_RUN_AUDIT_FLAG=true
+PROP_PAP_AUDIT_FLAG=true
+
+PROP_PAP_INCOMINGNOTIFICATION_TRIES=4
+
+
+node_type=pap
+resource_name=pap_1
+dependency_groups=paplp_1
+test_via_jmx=true
+
+# The (optional) period of time in seconds between executions of the integrity audit.
+# Value < 0 : Audit does not run (default value if property is not present = -1)
+# Value = 0 : Audit runs continuously
+# Value > 0 : The period of time in seconds between execution of the audit on a particular node
+integrity_audit_period_seconds=-1
diff --git a/config/pe/paplp.conf b/config/pe/paplp.conf
new file mode 100644
index 00000000..9fdd643b
--- /dev/null
+++ b/config/pe/paplp.conf
@@ -0,0 +1,12 @@
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9996
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://pap:9091/pap/
+LOGPATH=${{POLICY_HOME}}/servers/pap/logs/pap-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=paplp_1
diff --git a/config/pe/pdp-tweaks.sh b/config/pe/pdp-tweaks.sh
new file mode 100755
index 00000000..f6825363
--- /dev/null
+++ b/config/pe/pdp-tweaks.sh
@@ -0,0 +1,2 @@
+#! /bin/bash
+
diff --git a/config/pe/pdp.conf b/config/pe/pdp.conf
new file mode 100644
index 00000000..363fdcb3
--- /dev/null
+++ b/config/pe/pdp.conf
@@ -0,0 +1,36 @@
+# pdp component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9991
+TOMCAT_SHUTDOWN_PORT=8087
+SSL_HTTP_CONNECTOR_PORT=8081
+SSL_AJP_CONNECTOR_PORT=8381
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pdp properties
+
+UEB_CLUSTER=vm1.mr.simpledemo.openecomp.org
+
+REST_PAP_URL=http://pap:9091/pap/
+REST_PDP_ID=http://pdp:8081/pdp/
+REST_PDP_CONFIG=${{POLICY_HOME}}/servers/pdp/bin/config
+REST_PDP_WEBAPPS=${{POLICY_HOME}}/servers/pdp/webapps
+REST_PDP_REGISTER=true
+REST_PDP_REGISTER_SLEEP=15
+REST_PDP_REGISTER_RETRIES=-1
+REST_PDP_MAXCONTENT=999999999
+
+# PDP related properties
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+node_type=pdp_xacml
+resource_name=pdp_1
+dependency_groups=pdplp_1;pypdp_1;brmsgw_1
+test_via_jmx=true
diff --git a/config/pe/pdplp.conf b/config/pe/pdplp.conf
new file mode 100644
index 00000000..789d2b01
--- /dev/null
+++ b/config/pe/pdplp.conf
@@ -0,0 +1,12 @@
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9997
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://pdp:8081/pdp/
+LOGPATH=${{POLICY_HOME}}/servers/pdp/logs/pdp-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=pdplp_1
diff --git a/config/pe/push-policies.sh b/config/pe/push-policies.sh
new file mode 100644
index 00000000..957156ed
--- /dev/null
+++ b/config/pe/push-policies.sh
@@ -0,0 +1,75 @@
+#! /bin/bash
+
+
+echo "Pushing default policies"
+
+# Sometimes brmsgw gets an error when trying to retrieve the policies on initial push,
+# so for the BRMS policies we will do a push, then delete from the pdp group, then push again.
+# Second push should be successful.
+
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "vFirewall",
+ "policyScope": "com",
+ "policyType": "MicroService"
+}' 'http://pypdp:8480/PyPDPServer/pushPolicy'
+
+sleep 2
+
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "vLoadBalancer",
+ "policyScope": "com",
+ "policyType": "MicroService"
+}' 'http://pypdp:8480/PyPDPServer/pushPolicy'
+
+sleep 2
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "BRMSParamvLBDemoPolicy",
+ "policyScope": "com",
+ "policyType": "BRMS_Param"
+}' 'http://pypdp:8480/PyPDPServer/pushPolicy'
+
+sleep 2
+
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "BRMSParamvFWDemoPolicy",
+ "policyScope": "com",
+ "policyType": "BRMS_Param"
+}' 'http://pypdp:8480/PyPDPServer/pushPolicy'
+
+sleep 2
+
+curl -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+"pdpGroup": "default",
+"policyComponent": "PDP",
+"policyName": "com.Config_BRMS_Param_BRMSParamvFWDemoPolicy.1.xml"
+}' 'http://pypdp:8480/PyPDPServer/deletePolicy'
+
+
+
+curl -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+"pdpGroup": "default",
+"policyComponent": "PDP",
+"policyName": "com.Config_BRMS_Param_BRMSParamvLBDemoPolicy.1.xml"
+}' 'http://pypdp:8480/PyPDPServer/deletePolicy'
+
+sleep 2
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "BRMSParamvLBDemoPolicy",
+ "policyScope": "com",
+ "policyType": "BRMS_Param"
+}' 'http://pypdp:8480/PyPDPServer/pushPolicy'
+
+sleep 2
+
+curl -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHJlc3Q6M2MwbXBVI2gwMUBOMWMz' --header 'Environment: TEST' -d '{
+ "pdpGroup": "default",
+ "policyName": "BRMSParamvFWDemoPolicy",
+ "policyScope": "com",
+ "policyType": "BRMS_Param"
+}' 'http://pypdp:8480/PyPDPServer/pushPolicy'
+
diff --git a/config/pe/pypdp-tweaks.sh b/config/pe/pypdp-tweaks.sh
new file mode 100755
index 00000000..5d899bd1
--- /dev/null
+++ b/config/pe/pypdp-tweaks.sh
@@ -0,0 +1,3 @@
+#! /bin/bash
+
+
diff --git a/config/pe/pypdp.conf b/config/pe/pypdp.conf
new file mode 100644
index 00000000..4a792b47
--- /dev/null
+++ b/config/pe/pypdp.conf
@@ -0,0 +1,25 @@
+# pypdp component installation configuration parameters
+
+# tomcat specific parameters
+
+TOMCAT_JMX_PORT=9994
+TOMCAT_SHUTDOWN_PORT=8405
+SSL_HTTP_CONNECTOR_PORT=8480
+SSL_AJP_CONNECTOR_PORT=8384
+SSL_AJP_CONNECTOR_REDIRECT_PORT=8443
+
+TOMCAT_X_MS_MB=1024
+TOMCAT_X_MX_MB=1024
+
+# pypdp parameters
+
+PDP_URL=http://pdp:8081/pdp/,testpdp,alpha123
+PAP_URL=http://pap:9091/pap/,testpap,alpha123
+PYPDP_ID=testrest
+PYPDP_PASSWORD=3c0mpU#h01@N1c3
+
+node_type=pypdp
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=pypdp_1
+
+CLIENT_FILE=client.properties