diff options
Diffstat (limited to 'policy-management/src/main/server/config')
11 files changed, 745 insertions, 0 deletions
diff --git a/policy-management/src/main/server/config/IntegrityMonitor.properties b/policy-management/src/main/server/config/IntegrityMonitor.properties new file mode 100644 index 00000000..1201a9da --- /dev/null +++ b/policy-management/src/main/server/config/IntegrityMonitor.properties @@ -0,0 +1,81 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +hostPort = ${{host_port}} + +# The following were added as part of US673632 +# +# Forward Progress Monitor update interval seconds +fp_monitor_interval = ${{fp_monitor_interval}} +# Failed counter threshold before failover +failed_counter_threshold = ${{failed_counter_threshold}} +# Interval between test transactions when no traffic seconds +test_trans_interval = ${{test_trans_interval}} +# Interval between writes of the FPC to the DB seconds +write_fpc_interval = ${{write_fpc_interval}} +# Name of the site in which this node is hosted +site_name = ${{site_name}} +# Node type +# Note: Make sure you don't leave any trailing spaces, or you'll get an 'invalid node type' error! +node_type = pdp_drools +# Dependency groups are groups of resources upon which a node operational state is dependent upon. +# Each group is a comma-separated list of resource names and groups are separated by a semicolon. For example: +dependency_groups=${{dependency_groups}} +# When set to true, dependent health checks are performed by using JMX to invoke test() on the dependent. +# The default false is to use state checks for health. +test_via_jmx=${{test_via_jmx}} +# This is the max number of seconds beyond which a non incrementing FPC is considered a failure +max_fpc_update_interval=${{max_fpc_update_interval}} + +# Needed by DroolsPdpsElectionHandler +pdp.checkInterval=7000 +pdp.updateInterval=10000 +#pdp.timeout=3000 +# Need long timeout, because testTransaction is only run every 10 seconds. +pdp.timeout=15000 +#how long do we wait for the pdp table to populate on initial startup +pdp.initialWait=20000 + +# Known as the PDPID in the droolpdpentity table. +#resource.name=pdp1 +resource.name=${{resource_name}} + +# The amount of this a resource (entity) should sleep between audit executions. +# If not specified, defaults to five seconds. +# -1 turns off audit +# zero forces audit to run continuously +integrity_audit_period_seconds=-1 + +# Properties needed for repository audit +repository.audit.id=${{repositoryID}} +repository.audit.url=${{repositoryUrl}} +repository.audit.username=${{repositoryUsername}} +repository.audit.password=${{repositoryPassword}} + +# Flag to control the execution of the subsystemTest for the Database +db.audit.is.active=false + +# Flag to control the execution of the subsystemTest for the Nexus Maven repository +repository.audit.is.active=false + + + + + diff --git a/policy-management/src/main/server/config/controller.properties.README b/policy-management/src/main/server/config/controller.properties.README new file mode 100644 index 00000000..8421cf40 --- /dev/null +++ b/policy-management/src/main/server/config/controller.properties.README @@ -0,0 +1,153 @@ +# +# *-controller.properties configuration +# +# +# The <controller-name>-controller.properties file define the +# configuration aspects of a give controller at initialization time. +# +# It contains 3 major sections: +# +# 1. CONTROLLER +# 2. DMAAP +# 4. UEB +# 5. DROOLS +# +# 1. CONTROLLER +# +# controller.name: controller unique name identifier. +# +# 2. DMAAP: +# 2.1. DMAAP Sources Information +# 2.1.1. Topics that this controller supports over DMAAP. +# 2.1.1. DMAAP Network Information for each topic. +# 2.1.2. Decoders information for each topic to map network input to +# an object that will be injected into its appropriate drools +# sessions. +# 2.1.3. Filtering information for each decoder, to filter out from +# drools, messages that should not be processed. +# 2.2. DMAAP Sinks Information +# 2.2.1. Topics that this controller supports over DMAAP. +# 2.2.2. DMAAP Network Information for each topic. +# 2.2.3. Encoders information for each topic to map a model object +# to serialize network output that will be send over the +# appropriate DMAAP topic according to its network information. +# +# 2.1 DMAAP Sources +# +# dmaap.source.topics: comma separated list of DMAAP topics source of events. +# dmaap.source.topics.<aTopic>.servers: comma separated list of DMAAP servers to poll for events. +# [optional] dmaap.source.topics.<aTopic>.apiKey=<APIKEY> : api key +# [optional] dmaap.source.topics.<aTopic>.apiSecret=<APISECRET> : api secret +# [optional] dmaap.source.topics.<aTopic>.consumerGroup=<CONSUMER-GROUP> : consumer group +# [optional] dmaap.source.topics.<aTopic>.consumerInstance=<CONSUMER-INSTANCE> : consumer instance +# dmaap.source.topics.<aTopic>.events: comma separated list of classes to which an event can be mapped to, +# where <aTopic> must be declared in dmaap.source.topics +# [optional] dmaap.source.topics.<aTopic>.events.<eventClass>.filter: comma separated list of conditions in the form of +# pairs of "<field-name>=<field-value-regex>" values, where <field-name> identifies a field of the event, and +# <field-value-regex> is a regular expression that that field's value in the event must match +# against each particular instantiation of the event for this controller. Note that multiple +# "<field-name>=<field-value-regex>" are evaluated for acceptance by AND'ing each condition. +# Further, <aTopic> must be declared in dmaap.source.topics, and +# <eventClass> in dmaap.source.topics.<aTopic>.events. +# [optional] dmaap.source.topics.<aTopic>.events.custom.gson: comma separated pair, where the first item +# is a class in the model that contains a gson parser, and the second is the actual gson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# [optional] dmaap.source.topics.<aTopic>.events.custom.jackson: comma separated pair, where the first item +# is a class in the model that contains a jackson parser, and the second is the actual jackson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# +# 2.2 DMAAP Sinks +# +# dmaap.sink.topics: comma separated list of DMAAP topics destination of locally produced events. +# dmaap.sink.topics.<aTopic>.servers: comma separated list of DMAAP servers to send events. +# [optional] dmaap.sink.topics.<aTopic>.apiKey=<API-KEY> : api key +# [optional] dmaap.sink.topics.<aTopic>.apiSecret=<API-SECRET> : api secret +# [optional] dmaap.sink.topics.<aTopic>.partitionKey=<PARTITIONKEY> : partition key +# dmaap.sink.topics.<aTopic>.events: comma separated list of classes to which an event can be mapped to, +# where <aTopic> must be declared in dmaap.sink.topics +# [optional] dmaap.sink.topics.<aTopic>.events.custom.gson: comma separated pair, where the first item +# is a class in the model that contains a gson parser, and the second is the actual gson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# [optional] dmaap.sink.topics.<aTopic>.events.custom.jackson: comma separated pair, where the first item +# is a class in the model that contains a jackson parser, and the second is the actual jackson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# +# 2. UEB: +# 2.1. UEB Sources Information +# 2.1.1. Topics that this controller supports over UEB. +# 2.1.1. UEB Network Information for each topic. +# 2.1.2. Decoders information for each topic to map network input to +# an object that will be injected into its appropriate drools +# sessions. +# 2.1.3. Filtering information for each decoder, to filter out from +# drools, messages that should not be processed. +# 2.2. UEB Sinks Information +# 2.2.1. Topics that this controller supports over UEB. +# 2.2.2. UEB Network Information for each topic. +# 2.2.3. Encoders information for each topic to map a model object +# to serialize network output that will be send over the +# appropriate UEB topic according to its network information. +# +# +# 2.1 UEB Sources +# +# ueb.source.topics: comma separated list of UEB topics source of events. +# ueb.source.topics.<aTopic>.servers: comma separated list of UEB servers to poll for events. +# [optional] ueb.source.topics.<aTopic>.apiKey=<API-KEY> : api key +# [optional] ueb.source.topics.<aTopic>.apiSecret=<API-SECRET> : api secret +# [optional] ueb.source.topics.<aTopic>.consumerGroup=<CONSUMER-GROUP> : consumer group +# [optional] ueb.source.topics.<aTopic>.consumerInstance=<CONSUMER-INSTANCE> : consumer instance +# ueb.source.topics.<aTopic>.events: comma separated list of classes to which an event can be mapped to, +# where <aTopic> must be declared in ueb.source.topics +# ueb.source.topics.<aTopic>.events.<eventClass>.filter: comma separated list of conditions in the form of +# pairs of "<field-name>=<field-value-regex>" values, where <field-name> identifies a field of the event, and +# <field-value-regex> is a regular expression that that field's value in the event must match +# against each particular instantiation of the event for this controller. Note that multiple +# "<field-name>=<field-value-regex>" are evaluated for acceptance by AND'ing each condition. +# Further, <aTopic> must be declared in ueb.source.topics, and +# <eventClass> in ueb.source.topics.<aTopic>.events +# ueb.source.topics.<aTopic>.events: comma separated list of classes to which an event can be mapped to, +# where <aTopic> must be declared in dmaap.source.topics +# [optional] ueb.source.topics.<aTopic>.events.<eventClass>.filter: comma separated list of conditions in the form of +# pairs of "<field-name>=<field-value-regex>" values, where <field-name> identifies a field of the event, and +# <field-value-regex> is a regular expression that that field's value in the event must match +# against each particular instantiation of the event for this controller. Note that multiple +# "<field-name>=<field-value-regex>" are evaluated for acceptance by AND'ing each condition. +# Further, <aTopic> must be declared in dmaap.source.topics, and +# <eventClass> in dmaap.source.topics.<aTopic>.events. +# [optional] ueb.source.topics.<aTopic>.events.custom.gson: comma separated pair, where the first item +# is a class in the model that contains a gson parser, and the second is the actual gson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# [optional] ueb.source.topics.<aTopic>.events.custom.jackson: comma separated pair, where the first item +# is a class in the model that contains a jackson parser, and the second is the actual jackson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# +# 2.1 UEB Sinks +# +# ueb.sink.topics: comma separated list of UEB topics destination of locally produced events. +# ueb.sink.topics.<aTopic>.servers: comma separated list of UEB servers to send events. +# [optional] ueb.sink.topics.<aTopic>.apiKey=<APIKEY> : api key +# [optional] ueb.sink.topics.<aTopic>.apiSecret=<APISECRET> : api secret +# [optional] ueb.sink.topics.<aTopic>.partitionKey=<PARTITIONKEY> : partition key +# ueb.sink.topics.<aTopic>.events: comma separated list of classes to which an event can be mapped to, +# where <aTopic> must be declared in ueb.sink.topics +# [optional] ueb.sink.topics.<aTopic>.events.custom.gson: comma separated pair, where the first item +# is a class in the model that contains a gson parser, and the second is the actual gson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# [optional] ueb.sink.topics.<aTopic>.events.custom.jackson: comma separated pair, where the first item +# is a class in the model that contains a jackson parser, and the second is the actual jackson parser in +# the class. This setting overrides the PDP-D generic framework parsers with an specific model +# provided one +# +# 3. DROOLS (Maven Group Coordinates): +# +# rules.groupId: maven group id of rules jar file +# rules.artifactId: maven artifact id of rules jar file +# rules.version: comma separated list of versions supported and detected that include the drl. diff --git a/policy-management/src/main/server/config/droolsPersistence.properties b/policy-management/src/main/server/config/droolsPersistence.properties new file mode 100644 index 00000000..60793cdc --- /dev/null +++ b/policy-management/src/main/server/config/droolsPersistence.properties @@ -0,0 +1,51 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +#javax.persistence.jdbc.driver = org.h2.Driver +#javax.persistence.jdbc.url = jdbc:h2:file:./sql/drools +#javax.persistence.jdbc.user = sa +#javax.persistence.jdbc.password = + +#javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver +#javax.persistence.jdbc.url=jdbc:mariadb://localhost:3306/drools +#javax.persistence.jdbc.user=root +#javax.persistence.jdbc.password=policy + +javax.persistence.jdbc.driver = ${{JDBC_DRIVER}} +javax.persistence.jdbc.url = ${{JDBC_DROOLS_URL}} +javax.persistence.jdbc.user = ${{JDBC_USER}} +javax.persistence.jdbc.password = ${{JDBC_PASSWORD}} + +# Needed? +#javax.persistence.jdbc.driver = org.h2.Driver +#javax.persistence.jdbc.url = jdbc:h2:file:./sql/ncomp +#javax.persistence.jdbc.user = sa +#javax.persistence.jdbc.password = +#persistenceDisabled=false +#javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver +#javax.persistence.jdbc.url=jdbc:mariadb://192.168.56.30:3306/drools +#javax.persistence.jdbc.user=patb +#javax.persistence.jdbc.password=policy + +hibernate.dataSource=org.mariadb.jdbc.MySQLDataSource + +# For testing purposes, it may be convenient to disable persistence +persistenceDisabled=false + diff --git a/policy-management/src/main/server/config/log4j.properties b/policy-management/src/main/server/config/log4j.properties new file mode 100644 index 00000000..6ad25643 --- /dev/null +++ b/policy-management/src/main/server/config/log4j.properties @@ -0,0 +1,48 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +log4j.rootLogger=INFO,stdout + +log4j.logger.org.apache.http.headers=INFO,stdout +log4j.logger.org.apache.http.wire=INFO,stdout +log4j.logger.networkLogger=INFO,network + +log4j.additivity.networkLogger=false + +log4j.appender.stdout=org.apache.log4j.RollingFileAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%d %5p [%t] %m %C:%L%n + +log4j.appender.network=org.apache.log4j.RollingFileAppender +log4j.appender.network.File=logs/network.log +log4j.appender.network.layout=org.apache.log4j.PatternLayout +log4j.appender.network.layout.ConversionPattern=[%d|%t]%m%n%n +log4j.appender.network.MaxFileSize=50MB +log4j.appender.network.MaxBackupIndex=4 + +log4j.logger.debugLogger=INFO,debug +log4j.additivity.debugLogger=false +log4j.appender.debug=org.apache.log4j.RollingFileAppender +log4j.appender.debug.File=logs/debug.log +log4j.appender.debug.layout=org.apache.log4j.PatternLayout +log4j.appender.debug.layout.ConversionPattern=[%d|%t]%m%n%n +log4j.appender.debug.MaxFileSize=50MB +log4j.appender.debug.MaxBackupIndex=4 + diff --git a/policy-management/src/main/server/config/logback.xml b/policy-management/src/main/server/config/logback.xml new file mode 100644 index 00000000..545b6f48 --- /dev/null +++ b/policy-management/src/main/server/config/logback.xml @@ -0,0 +1,211 @@ +<!-- + ============LICENSE_START======================================================= + policy-management + ================================================================================ + Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + --> + +<configuration scan="true" scanPeriod="3 seconds" debug="true"> + <!--<jmxConfigurator /> --> + <!-- directory path for all other type logs --> + <property name="logDir" value="logs" /> + + <!-- directory path for debugging type logs --> + <property name="debugDir" value="debug-logs" /> + + <!-- specify the component name + <ECOMP-component-name>::= "MSO" | "DCAE" | "ASDC " | "AAI" |"Policy" | "SDNC" | "AC" --> + <property name="componentName" value="Policy"></property> + + <!-- log file names --> + <property name="errorLogName" value="error" /> + <property name="metricsLogName" value="metrics" /> + <property name="auditLogName" value="audit" /> + <property name="debugLogName" value="debug" /> + <!-- modified time stamp format --> + <property name="defaultPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> + <property name="defaultMetricPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServerName}|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> + <property name="defaultAuditPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}||%X{ProcessKey}|%X{TargetVirtualEntity}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> + <property name="defaultErrorPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%X{RequestId}|%thread|%X{ServiceName}|%X{PartnerName}|%X{TargetEntity}|%X{TargetServiceName}|%X{ErrorCategory}|%X{ErrorCode}|%X{ErrorDesciption}|%msg%n" /> + + <property name="defaultPatternOld" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Timer}|%msg%n" /> + + <property name="debugLoggerPattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSS+00:00, UTC}|%X{RequestId}|%X{ClassName}|%msg%n" /> +<!-- <property name="debugLoggerPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}||%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}|%msg%n" /> --> + + <property name="debugLoggerPatternOld" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" /> + + <property name="logDirectory" value="${logDir}/${componentName}" /> + <property name="debugLogDirectory" value="${logDir}/${componentName}" /> + + + <!-- Example evaluator filter applied against console appender --> + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <!-- The EELFAppender is used to record events to the general application + log --> + + + + + <!-- EELF Audit Appender. This appender is used to record audit engine + related logging events. The audit logger and appender are specializations + of the EELF application root logger and appender. This can be used to segregate + Policy engine events from other components, or it can be eliminated to record + these events as part of the application root log. --> + + <appender name="EELFAudit" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${auditLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${auditLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultAuditPattern}</pattern> + </encoder> + </appender> + <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFAudit" /> + </appender> + +<appender name="EELFMetrics" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${metricsLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${metricsLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - + %msg%n"</pattern> --> + <pattern>${defaultMetricPattern}</pattern> + </encoder> + </appender> + + + <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFMetrics"/> + </appender> + + <appender name="EELFError" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${errorLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>ERROR</level> + </filter> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultErrorPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFError"/> + </appender> + + <appender name="EELFDebug" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${debugLogDirectory}/${debugLogName}.log</file> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${debugLogDirectory}/${debugLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${debugLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFDebug" /> + <includeCallerData>true</includeCallerData> + </appender> + + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + + <logger name="com.att.eelf.audit" level="info" additivity="false"> + <appender-ref ref="asyncEELFAudit" /> + </logger> + + <logger name="com.att.eelf.metrics" level="info" additivity="false"> + <appender-ref ref="asyncEELFMetrics" /> + </logger> + + <logger name="com.att.eelf.error" level="error" additivity="false"> + <appender-ref ref="asyncEELFError" /> + </logger> + + <logger name="com.att.eelf.debug" level="info" additivity="false"> + <appender-ref ref="asyncEELFDebug" /> + </logger> + + + + <root level="INFO"> + <appender-ref ref="asyncEELFDebug" /> + <appender-ref ref="asyncEELFError" /> + </root> + +</configuration> diff --git a/policy-management/src/main/server/config/makefile b/policy-management/src/main/server/config/makefile new file mode 100644 index 00000000..5a96c541 --- /dev/null +++ b/policy-management/src/main/server/config/makefile @@ -0,0 +1,9 @@ + +restart: stop start + +start: + bin/policy-management-controller start +stop: + bin/policy-management-controller stop +console: + bin/policy-management-controller console diff --git a/policy-management/src/main/server/config/policy-engine.properties b/policy-management/src/main/server/config/policy-engine.properties new file mode 100644 index 00000000..647f7367 --- /dev/null +++ b/policy-management/src/main/server/config/policy-engine.properties @@ -0,0 +1,46 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +# Policy Engine Configuration + +# Configuration Channel Settings: PDPD_CONFIGURATION + +ueb.source.topics=${{PDPD_CONFIGURATION_TOPIC}} +ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}} +ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}} +ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}} +ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerGroup=${{PDPD_CONFIGURATION_CONSUMER_GROUP}} +ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.consumerInstance=${{PDPD_CONFIGURATION_CONSUMER_INSTANCE}} +ueb.source.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false + +ueb.sink.topics=${{PDPD_CONFIGURATION_TOPIC}} +ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.servers=${{PDPD_CONFIGURATION_SERVERS}} +ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiKey=${{PDPD_CONFIGURATION_API_KEY}} +ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.apiSecret=${{PDPD_CONFIGURATION_API_SECRET}} +ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.partitionKey=${{PDPD_CONFIGURATION_PARTITION_KEY}} +ueb.sink.topics.${{PDPD_CONFIGURATION_TOPIC}}.managed=false + +http.server.services=CONFIG +http.server.services.CONFIG.host=${{ENGINE_MANAGEMENT_HOST}} +http.server.services.CONFIG.port=${{ENGINE_MANAGEMENT_PORT}} +http.server.services.CONFIG.userName=${{ENGINE_MANAGEMENT_USER}} +http.server.services.CONFIG.password=${{ENGINE_MANAGEMENT_PASSWORD}} +http.server.services.CONFIG.restPackages=org.openecomp.policy.drools.server.restful +http.server.services.CONFIG.managed=false diff --git a/policy-management/src/main/server/config/policy-healthcheck.properties b/policy-management/src/main/server/config/policy-healthcheck.properties new file mode 100644 index 00000000..51da7ece --- /dev/null +++ b/policy-management/src/main/server/config/policy-healthcheck.properties @@ -0,0 +1,23 @@ +http.server.services=HEALTHCHECK +http.server.services.HEALTHCHECK.host=0.0.0.0 +http.server.services.HEALTHCHECK.port=6969 +http.server.services.HEALTHCHECK.restClasses=org.openecomp.policy.drools.healthcheck.RestHealthCheck +http.server.services.HEALTHCHECK.managed=false + +http.client.services=PAP,PDP + +http.client.services.PAP.host=${{PAP_HOST}} +http.client.services.PAP.port=9091 +http.client.services.PAP.contextUriPath=pap/test +http.client.services.PAP.https=false +http.client.services.PAP.userName=${{PAP_USERNAME}} +http.client.services.PAP.password=${{PAP_PASSWORD}} +http.client.services.PAP.managed=true + +http.client.services.PDP.host=${{PDP_HOST}} +http.client.services.PDP.port=8081 +http.client.services.PDP.contextUriPath=pdp/test +http.client.services.PDP.https=false +http.client.services.PDP.userName=${{PDP_USERNAME}} +http.client.services.PDP.password=${{PDP_PASSWORD}} +http.client.services.PDP.managed=false diff --git a/policy-management/src/main/server/config/policyLogger.properties b/policy-management/src/main/server/config/policyLogger.properties new file mode 100644 index 00000000..4a977992 --- /dev/null +++ b/policy-management/src/main/server/config/policyLogger.properties @@ -0,0 +1,49 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +################################### Set concurrentHashMap and timer info ####################### +#Timer initial delay and the delay between in milliseconds before task is to be execute. +timer.delay.time=1000 +#Timer scheduleAtFixedRate period - time in milliseconds between successive task executions. +check.interval= 30000 +#Longest time an event info can be stored in the concurrentHashMap for logging - in seconds. +event.expired.time=86400 +#Size of the concurrentHashMap which stores the event starting time, etc - when its size reaches this limit, the Timer gets executed +#to remove all expired records from this concurrentHashMap. +concurrentHashMap.limit=5000 +#Size of the concurrentHashMap - when its size drops to this point, stop the Timer +stop.check.point=2500 +################################### Set logging format ############################################# +# set EELF for EELF logging format, set LOG4J for using log4j, set SYSTEMOUT for using system.out.println +logger.type=EELF +#################################### Set level for EELF or SYSTEMOUT logging ################################## +# Set level for debug file. Set DEBUG to enable .info, .warn and .debug; set INFO for enable .info and .warn; set OFF to disable all +# Set override flag. Set TRUE for override the level setups in logback.xml. Set FALSE for using the level setups of logback.xml +override.logback.level.setup=FALSE +debugLogger.level=INFO +# Set level for metrics file. Set OFF to disable; set ON to enable +metricsLogger.level=ON +# Set level for error file. Set OFF to disable; set ON to enable +error.level=ON +# Set level for audit file. Set OFF to disable; set ON to enable +audit.level=ON +#################################### Set Policy Component ################################## +# Set DROOLS for drools PDP. Set XACML to xacml PDP +policy.component=DROOLS diff --git a/policy-management/src/main/server/config/system.properties b/policy-management/src/main/server/config/system.properties new file mode 100644 index 00000000..feffbd00 --- /dev/null +++ b/policy-management/src/main/server/config/system.properties @@ -0,0 +1,31 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +# system properties passed to controller + +# start JMX server port +com.sun.management.jmxremote.port = 9991 +com.sun.management.jmxremote.authenticate = false +com.sun.management.jmxremote.ssl = false + +javax.net.ssl.keyStore=/opt/app/policy/etc/ssl/policy-keystore +javax.net.ssl.keyStorePassword = ${{KEYSTORE_PASSWD}} +javax.net.ssl.trustStore=/opt/app/policy/etc/ssl/policy-keystore +javax.net.ssl.trustStorePassword = ${{KEYSTORE_PASSWD}} diff --git a/policy-management/src/main/server/config/xacmlPersistence.properties b/policy-management/src/main/server/config/xacmlPersistence.properties new file mode 100644 index 00000000..e88d8aaf --- /dev/null +++ b/policy-management/src/main/server/config/xacmlPersistence.properties @@ -0,0 +1,43 @@ +### +# ============LICENSE_START======================================================= +# policy-management +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +#javax.persistence.jdbc.driver = org.h2.Driver +#javax.persistence.jdbc.url = jdbc:h2:file:./sql/xacml +#javax.persistence.jdbc.user = sa +#javax.persistence.jdbc.password = + +#javax.persistence.jdbc.driver=org.mariadb.jdbc.Driver +#javax.persistence.jdbc.url=jdbc:mariadb://127.0.0.1:3306/xacml +#javax.persistence.jdbc.user=root +#javax.persistence.jdbc.password=policy + +javax.persistence.jdbc.driver = ${{JDBC_DRIVER}} +javax.persistence.jdbc.url = ${{JDBC_URL}} +javax.persistence.jdbc.user = ${{JDBC_USER}} +javax.persistence.jdbc.password = ${{JDBC_PASSWORD}} + +# Needed? +hibernate.dataSource=org.mariadb.jdbc.MySQLDataSource + +# For testing purposes, it may be convenient to disable persistence +persistenceDisabled=false + + + |