aboutsummaryrefslogtreecommitdiffstats
path: root/docs/ui/runtime-ui/gui-server.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/ui/runtime-ui/gui-server.rst')
-rw-r--r--docs/ui/runtime-ui/gui-server.rst143
1 files changed, 143 insertions, 0 deletions
diff --git a/docs/ui/runtime-ui/gui-server.rst b/docs/ui/runtime-ui/gui-server.rst
new file mode 100644
index 00000000..ffb0f9f9
--- /dev/null
+++ b/docs/ui/runtime-ui/gui-server.rst
@@ -0,0 +1,143 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+
+.. _gui-server-label:
+
+The Policy Framework GUI Server
+###############################
+
+The **gui-server** microservice serves the GUI code to the browser for Policy Framework UI. In addition, it acts as
+a single point of reference for the REST interfaces provided by **policy-api**, **policy-pap**, and **acm-runtime**.
+It can also be used as a HTTPS gatewy for REST references into a Policy Framework deployment in a Kubernetes cluster.
+
+.. contents::
+ :depth: 2
+
+The **gui-server** is a regular microservice, and it is packaged, delivered and configured as a docker image. It is
+a Spring application and therefore uses a normal Spring-style *applciation.yaml* approach to configuration.
+
+Definitive example configurations are available in the codebase:
+
+- `application_http.yaml <https://github.com/onap/policy-gui/blob/master/gui-server/src/test/resources/application_http.yaml>`_
+ showing how to configure gui-server for HTTP access
+- `application_https.yaml <https://github.com/onap/policy-gui/blob/master/gui-server/src/test/resources/application_https.yaml>`_
+ showing how to configure gui-server for HTTPS access
+
+The configuration parameters are explained in the sections below
+
+Server Configuration
+--------------------
+
+Configuration for HTTP access to gui-server::
+
+ server:
+ port: 2443
+ ssl:
+ enabled: false
+
+Start gui-server on port 2443 and disable SSL.
+
+Configuration for HTTPS access to gui-server::
+
+ server:
+ port: 2443
+ ssl:
+ enabled: true
+ enabled-protocols: TLSv1.2
+ client-auth: want
+ key-store: file:./src/test/resources/helloworld-keystore.jks
+ key-store-password: changeit
+ trust-store: file:./src/test/resources/helloworld-truststore.jks
+ trust-store-password: changeit
+
+Start gui-server on port 2443 and enable SSL with the parameters specified above
+
+Note that other standard Spring **server** configuraiton parameters as
+documented
+`on the Spring website <https://docs.spring.io/spring-boot/docs/current/reference/html/application-properties.html>`_
+are supported.
+
+Runtime Adaptation Configuration
+--------------------------------
+
+You can configure the adaptation for **policy-api**, **policy-pap**, and **runtime-acm**. In other words, you can map
+the URL that the GUI produced or that you want to use in a REST tool such as *postman* or *curl* in the **runtime-ui**
+part of the aaplication.yaml file::
+
+ runtime-ui:
+ policy-api:
+ mapping-path: "/runtime-ui/policy-api/restservices/"
+ url: http://localhost:30440
+ disable-ssl-validation: true
+ disable-ssl-hostname-check: true
+ policy-pap:
+ mapping-path: "/runtime-ui/policy-pap/restservices/"
+ url: http://localhost:30442
+ disable-ssl-validation: true
+ disable-ssl-hostname-check: true
+ acm:
+ mapping-path: "/runtime-ui/acm/restservices/"
+ url: http://localhost:30258
+ disable-ssl-validation: true
+ disable-ssl-hostname-check: true
+
+The parameters under the **policy-api**, **policy-pap**, and **acm** sections are identical.
+
+mapping-path and url
+++++++++++++++++++++
+
+The **mapping-path** is the root part of the path that will be replaced by the **url**, the **url** replaces the
+**mapping-path**.
+
+Therefore, using the configuration above for policy-api, the following mapping occurs::
+
+ http://localhost:2443/runtime-ui/policy-api/restservices/policy/api/v1/healthcheck
+
+ maps to
+
+ http://localhost:30440/policy/api/v1/healthcheck
+
+and::
+
+ https://localhost:2443/runtime-ui/acm/restservices/onap/policy/clamp/acm/v2/commission
+
+ maps to
+
+ http://localhost:30258/onap/policy/clamp/acm/v2/commission
+
+disable-ssl-validation and disable-ssl-hostname-check
++++++++++++++++++++++++++++++++++++++++++++++++++++++
+
+The **disable-ssl-validation** **disable-ssl-hostname-check** are boolean values. If the target server (policy-api,
+policy-pap, or runtime-acm) is using http, these values should be set to **false**. If the target server is using
+HTTPS, set the values as **true** so that the **gui-server** transfers and forwards certificates to target servers.
+
+Spring Boot Acuator Monitoring
+------------------------------
+
+The **gui-server** supports regular
+`Spring Boot Actuator monitoring <https://docs.spring.io/spring-boot/docs/1.4.0.M2/reference/html/production-ready-monitoring.html>`_
+and monitoring over `prometheus <https://prometheus.io/>`_.
+
+The following section of the *application.yaml** file is an example of how to enable monitoring::
+
+ management:
+ endpoints:
+ web:
+ base-path: /
+ exposure:
+ include: health,metrics,prometheus
+ path-mapping.metrics: plain-metrics
+ path-mapping.prometheus: metrics
+
+The configuration above enables the following URLs::
+
+ # Health Check
+ http://localhost:2443/health
+
+ # Plain Metrics
+ http://localhost:2443/plain-metrics
+
+ # Prometheus Metrics
+ http://localhost:2443/metrics
+
+