aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJim Hahn <jrh3@att.com>2019-09-13 12:41:29 +0000
committerGerrit Code Review <gerrit@onap.org>2019-09-13 12:41:29 +0000
commit9a2297bfc23c5218409d59bad830bcf27d27a955 (patch)
tree8195bf5f2ac446bb59daef14d5c21da0e536f663
parent4f3ca3c529b308fcbf2ffb44e7d9c817e7c15643 (diff)
parent5d1e77264d6c61526a9b43be1a02655bfd17ff4e (diff)
Merge "PDPD Customization Documentation" into elalto
-rw-r--r--docs/installation/installation.rst2
-rw-r--r--docs/installation/oom.rst47
2 files changed, 47 insertions, 2 deletions
diff --git a/docs/installation/installation.rst b/docs/installation/installation.rst
index 627ffd68..40cd342e 100644
--- a/docs/installation/installation.rst
+++ b/docs/installation/installation.rst
@@ -7,7 +7,7 @@ Policy Component Installation
-----------------------------
.. toctree::
- :maxdepth: 1
+ :maxdepth: 2
oom.rst
docker.rst
diff --git a/docs/installation/oom.rst b/docs/installation/oom.rst
index 1bdaa240..748a37bc 100644
--- a/docs/installation/oom.rst
+++ b/docs/installation/oom.rst
@@ -96,7 +96,7 @@ After deploying policy, loop on monitoring the policy pods until they come up.
.. code-block:: bash
- helm deploy dev-policy local/onap --namespace onap
+ helm deploy dev-policy local/onap --namespace onap
kubectl get pods -n onap
Exposing ports
@@ -107,3 +107,48 @@ For security reasons, the ports for the policy containers are configured as Clus
kubectl -n onap expose service policy-api --port=7171 --target-port=6969 --name=api-public --type=NodePort
+Customizing PDP-D Installations
+*******************************
+
+Credentials and other configuration parameters can be set as values
+when deploying the policy (drools) subchart. Please refer to
+`PDP-D Default Values <https://git.onap.org/oom/tree/kubernetes/policy/charts/drools/values.yaml>`_
+for the current default values. It is strongly recommended that sensitive
+information is secured appropriately before using in production.
+
+Additional customization can be applied to the PDP-D. Custom configuration goes under the
+"resources" directory of the drools subchart (oom/kubernetes/policy/charts/drools/resources).
+This requires rebuilding the policy subchart
+(see section :ref:`Rebuilding and/or modifying the Policy Charts`).
+
+Configuration is done by adding or modifying configmaps and/or secrets.
+Configmaps are placed under "drools/resources/configmaps", and
+secrets under "drools/resources/secrets".
+
+Custom configuration supportes these types of files:
+
+* **\*.conf** files to support additional environment configuration.
+* **features\*.zip** to add additional custom features.
+* **\*.pre.sh** scripts to be executed before starting the PDP-D process.
+* **\*.post.sh** scripts to be executed after starting the PDP-D process.
+* **policy-keystore** to override the PDP-D policy-keystore.
+* **policy-truststore** to override the PDP-D policy-truststore.
+* **aaf-cadi.keyfile** to override the PDP-D AAF key.
+* **\*.properties** to override or add properties files.
+
+Examples
+^^^^^^^^
+
+To *disable AAF*, simply override the "aaf.enabled" value when deploying the helm chart
+(see the OOM installation instructions mentioned above).
+
+To *override the PDP-D keystore or trustore*, add a suitable replacement(s) under
+"drools/resources/secrets". Modify the drools chart values.yaml with
+new credentials, and follow the procedures described at
+:ref:`Rebuilding and/or modifying the Policy Charts` to redeploy the chart.
+
+To *disable https* for the DMaaP configuration topic, add a copy of
+`engine.properties <https://git.onap.org/policy/drools-pdp/tree/policy-management/src/main/server/config/engine.properties>`_
+with "dmaap.source.topics.PDPD-CONFIGURATION.https" set to "false", or alternatively
+create a ".pre.sh" script (see above) that edits this file before the PDP-D is
+started.