aboutsummaryrefslogtreecommitdiffstats
path: root/sdc-os-chef/sdc-frontend/chef-repo/cookbooks
diff options
context:
space:
mode:
authorMichael Lando <ml636r@att.com>2017-02-19 10:28:42 +0200
committerMichael Lando <ml636r@att.com>2017-02-19 10:51:01 +0200
commit451a3400b76511393c62a444f588a4ed15f4a549 (patch)
treee4f5873a863d1d3e55618eab48b83262f874719d /sdc-os-chef/sdc-frontend/chef-repo/cookbooks
parent5abfe4e1fb5fae4bbd5fbc340519f52075aff3ff (diff)
Initial OpenECOMP SDC commit
Change-Id: I0924d5a6ae9cdc161ae17c68d3689a30d10f407b Signed-off-by: Michael Lando <ml636r@att.com>
Diffstat (limited to 'sdc-os-chef/sdc-frontend/chef-repo/cookbooks')
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb2
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml48
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml227
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml11
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb49
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb13
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb7
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb7
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb7
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_create_jetty_modules.rb45
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb79
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb32
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb15
-rw-r--r--sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb83
14 files changed, 625 insertions, 0 deletions
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
new file mode 100644
index 0000000000..6e9bbe36f5
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
@@ -0,0 +1,2 @@
+#
+#
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml
new file mode 100644
index 0000000000..8982b2424f
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml
@@ -0,0 +1,48 @@
+###########################################
+# Note the conventions of the field values:
+# type can be one of: CONFIG_ERROR, SYSTEM_ERROR, DATA_ERROR, CONNECTION_PROBLEM
+# severity can be one of: WARN, ERROR, FATAL
+# alarmSeverity can be one of: CRITICAL,MAJOR,MINOR,INFORMATIONAL,NONE
+# code is a unique integer in range of 3003-9999 (3000-3002 are occupied for internal usage)
+# The above enumeration values are out-of-the-box and can be changed in code.
+# In case of config and code mismatch, the appropriate error will be printed to log
+#
+# Range of FE codes - 8000-9999
+
+
+errors:
+ FeHealthCheckConnectionError: {
+ type: CONNECTION_PROBLEM,
+ code: ASDC_8000,
+ severity: ERROR,
+ description: "Connection error during FE Health Check",
+ alarmSeverity: CRITICAL
+ }
+ FeHttpLoggingError: {
+ type: SYSTEM_ERROR,
+ code: ASDC_8001,
+ severity: ERROR,
+ description: "Error when logging FE HTTP request/response",
+ alarmSeverity: MINOR
+ }
+ FePortalServletError: {
+ type: SYSTEM_ERROR,
+ code: ASDC_8002,
+ severity: ERROR,
+ description: "Error when trying to access FE Portal page",
+ alarmSeverity: MAJOR
+ }
+ FeHealthCheckGeneralError: {
+ type: SYSTEM_ERROR,
+ code: ASDC_8004,
+ severity: ERROR,
+ description: "General error during FE Health Check",
+ alarmSeverity: CRITICAL
+ }
+ FeHealthCheckRecovery: {
+ type: RECOVERY,
+ code: ASDC_8005,
+ severity: INFO,
+ description: "BE Health Check Recovery",
+ alarmSeverity: INFORMATIONAL
+ } \ No newline at end of file
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml
new file mode 100644
index 0000000000..2f793f386b
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml
@@ -0,0 +1,227 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration scan="true" scanPeriod="5 seconds">
+
+ <property scope="system" name="ECOMP-component-name" value="ASDC" />
+ <property scope="system" name="ECOMP-subcomponent-name" value="ASDC-FE" />
+ <property file="${config.home}/catalog-fe/configuration.yaml" />
+ <property scope="context" name="enable-all-log" value="false" />
+
+ <!-- value used by pattern field list (| - is inter-field separator, || - unavailable or not applicable field value) (m - mandatory, o- optional)-->
+ <!--timestamp(m)| requestID(m)| serviceInstanceID(o)| threadID(m)| physicalServerName(o)| serviceName(m)| userID(m)| logLevel(m)| severity(o)| serverIpAddress(m)| serverName(m)| clientIpAddress(o)| className(m)| timer(o)| detailedMessage(o)-->
+ <property name="default-log-pattern"
+ value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{uuid}|%X{serviceInstanceID}|%thread||${ECOMP-subcomponent-name}|%X{userId}|%level|%X{alarmSeverity}|%X{localAddr}|${feFqdn}|%X{remoteAddr}|%logger{35}|%X{timer}|ActivityType=&lt;%M&gt;, Desc=&lt;%msg&gt;%n" />
+
+ <!-- All log -->
+ <if condition='property("enable-all-log").equalsIgnoreCase("true")'>
+ <then>
+ <appender name="ALL_ROLLING"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log
+ </file>
+
+ <rollingPolicy
+ class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log.%i
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>10</maxIndex>
+ </rollingPolicy>
+
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>20MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${default-log-pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <appender name="ASYNC_ALL" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="ALL_ROLLING" />
+ </appender>
+ </then>
+ </if>
+
+ <!-- Error log -->
+ <appender name="ERROR_ROLLING"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log
+ </file>
+
+ <!-- Audit messages filter - deny audit messages -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
+ <marker>AUDIT_MARKER</marker>
+ </evaluator>
+ <onMismatch>NEUTRAL</onMismatch>
+ <onMatch>DENY</onMatch>
+ </filter>
+
+ <!-- Transaction messages filter - deny Transaction messages -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
+ <marker>TRANSACTION_MARKER</marker>
+ </evaluator>
+ <onMismatch>NEUTRAL</onMismatch>
+ <onMatch>DENY</onMatch>
+ </filter>
+
+ <!-- deny all events with a level below INFO, that is TRACE and DEBUG -->
+ <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+ <level>INFO</level>
+ </filter>
+
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log.%i
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>10</maxIndex>
+ </rollingPolicy>
+
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>20MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${default-log-pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- Debug log -->
+ <appender name="DEBUG_ROLLING"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log
+ </file>
+
+ <!-- No need to deny audit messages - they are INFO only, will be denied
+ anyway -->
+ <!-- Transaction messages filter - deny Transaction messages, there are
+ some DEBUG level messages among them -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
+ <marker>TRANSACTION_MARKER</marker>
+ </evaluator>
+ <onMismatch>NEUTRAL</onMismatch>
+ <onMatch>DENY</onMatch>
+ </filter>
+
+ <!-- accept DEBUG and TRACE level -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator">
+ <expression>
+ e.level.toInt() &lt;= DEBUG.toInt()
+ </expression>
+ </evaluator>
+ <OnMismatch>DENY</OnMismatch>
+ <OnMatch>NEUTRAL</OnMatch>
+ </filter>
+
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log.%i
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>10</maxIndex>
+ </rollingPolicy>
+
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>20MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${default-log-pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- Audit log -->
+ <appender name="AUDIT_ROLLING"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+
+ <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log
+ </file>
+
+ <!-- Audit messages filter - accept audit messages -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
+ <marker>AUDIT_MARKER</marker>
+ </evaluator>
+ <onMismatch>DENY</onMismatch>
+ <onMatch>ACCEPT</onMatch>
+ </filter>
+
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log.%i
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>10</maxIndex>
+ </rollingPolicy>
+
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>20MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${default-log-pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- SdncTransaction log -->
+ <appender name="TRANSACTION_ROLLING"
+ class="ch.qos.logback.core.rolling.RollingFileAppender">
+
+ <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log
+ </file>
+
+ <!-- Transaction messages filter - accept audit messages -->
+ <filter class="ch.qos.logback.core.filter.EvaluatorFilter">
+ <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator">
+ <marker>TRANSACTION_MARKER</marker>
+ </evaluator>
+ <onMismatch>DENY</onMismatch>
+ <onMatch>ACCEPT</onMatch>
+ </filter>
+
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log.%i
+ </fileNamePattern>
+ <minIndex>1</minIndex>
+ <maxIndex>10</maxIndex>
+ </rollingPolicy>
+
+ <triggeringPolicy
+ class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <maxFileSize>20MB</maxFileSize>
+ </triggeringPolicy>
+ <encoder>
+ <pattern>${default-log-pattern}</pattern>
+ </encoder>
+ </appender>
+
+ <!-- Asynchronicity Configurations -->
+ <appender name="ASYNC_DEBUG" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="DEBUG_ROLLING" />
+ </appender>
+
+ <appender name="ASYNC_TRANSACTION" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="TRANSACTION_ROLLING" />
+ </appender>
+
+ <appender name="ASYNC_ERROR" class="ch.qos.logback.classic.AsyncAppender">
+ <appender-ref ref="ERROR_ROLLING" />
+ </appender>
+
+
+ <root level="INFO">
+ <appender-ref ref="ASYNC_ERROR" />
+ <appender-ref ref="ASYNC_DEBUG" />
+ <appender-ref ref="AUDIT_ROLLING" />
+ <appender-ref ref="ASYNC_TRANSACTION" />
+ <if condition='property("enable-all-log").equalsIgnoreCase("true")'>
+ <then>
+ <appender-ref ref="ALL_ROLLING" />
+ </then>
+ </if>
+ </root>
+
+ <logger name="org.openecomp.sdc" level="INFO" />
+</configuration>
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml
new file mode 100644
index 0000000000..ecedafea56
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml
@@ -0,0 +1,11 @@
+# rest read timeout - means no timeout
+readTimeoutInSec: 0
+
+# whether to ignore certificate
+ignoreCertificate: false
+
+# the connection pool size
+connectionPoolSize: 10
+
+# create connection timeout
+connectTimeoutInSec: 10
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb
new file mode 100644
index 0000000000..29301a9418
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb
@@ -0,0 +1,49 @@
+#directory "FE_tempdir_cleanup" do
+# path "/var/lib/jetty/tempdir"
+# recursive true
+# action :delete
+#end
+
+
+directory "FE_tempdir_creation" do
+ path "/var/lib/jetty/temp"
+ owner 'jetty'
+ group 'jetty'
+ mode '0755'
+ action :create
+end
+
+
+#directory "FE_webapps_cleanup" do
+# path "/var/lib/jetty/webapps"
+# recursive true
+# action :delete
+#end
+
+
+#directory "FE_webapps_creation" do
+# path "/var/lib/jetty/webapps"
+# owner 'jetty'
+# group 'jetty'
+# mode '0755'
+# action :create
+#end
+
+
+directory "FE_create_config_dir" do
+ path "/var/lib/jetty/config"
+ owner 'jetty'
+ group 'jetty'
+ mode '0755'
+ action :create
+end
+
+
+directory "FE_create_catalog-fe" do
+ path "/var/lib/jetty/config/catalog-fe"
+ owner 'jetty'
+ group 'jetty'
+ mode '0755'
+ action :create
+end
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb
new file mode 100644
index 0000000000..64d71768cd
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb
@@ -0,0 +1,13 @@
+template "catalog-fe-config" do
+ path "/var/lib/jetty/config/catalog-fe/configuration.yaml"
+ source "FE-configuration.yaml.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables({
+ :fe_host_ip => node['HOST_IP'],
+ :be_host_ip => node['HOST_IP'],
+ :catalog_port => node['BE'][:http_port],
+ :ssl_port => node['BE'][:https_port]
+ })
+end
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb
new file mode 100644
index 0000000000..278c3bb35d
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb
@@ -0,0 +1,7 @@
+cookbook_file "/var/lib/jetty/config/catalog-fe/ecomp-error-configuration.yaml" do
+ source "FE-ecomp-error-configuration.yaml"
+ mode 0755
+ owner "jetty"
+ group "jetty"
+end
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb
new file mode 100644
index 0000000000..674febb47a
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb
@@ -0,0 +1,7 @@
+cookbook_file "/var/lib/jetty/config/catalog-fe/logback.xml" do
+ source "FE-logback.xml"
+ mode 0755
+ owner "jetty"
+ group "jetty"
+end
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb
new file mode 100644
index 0000000000..710286a8dd
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb
@@ -0,0 +1,7 @@
+cookbook_file "/var/lib/jetty/config/catalog-fe/rest-configuration-info.yaml" do
+ source "FE-rest-configuration.yaml"
+ mode 0755
+ owner "jetty"
+ group "jetty"
+end
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_create_jetty_modules.rb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_create_jetty_modules.rb
new file mode 100644
index 0000000000..2800fd1808
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_create_jetty_modules.rb
@@ -0,0 +1,45 @@
+jetty_base="/var/lib/jetty"
+jetty_home="/usr/local/jetty"
+
+###### create Jetty modules
+bash "create-jetty-modules" do
+cwd "#{jetty_base}"
+code <<-EOH
+ cd "#{jetty_base}"
+ java -jar "/#{jetty_home}"/start.jar --add-to-start=deploy
+ java -jar "/#{jetty_home}"/start.jar --add-to-startd=http,https,logging,setuid
+EOH
+not_if "ls /#{jetty_base}/start.d/https.ini"
+end
+
+
+###### configure Jetty modules
+template "FE-http-ini" do
+ path "/#{jetty_base}/start.d/http.ini"
+ source "FE-http-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables :FE_http_port => "#{node['FE'][:http_port]}"
+end
+
+
+template "FE-https-ini" do
+ path "/#{jetty_base}/start.d/https.ini"
+ source "FE-https-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables :FE_https_port => "#{node['FE'][:https_port]}"
+end
+
+
+template "FE-ssl-ini" do
+ path "/#{jetty_base}/start.d/ssl.ini"
+ source "FE-ssl-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables :FE_https_port => "#{node['FE'][:https_port]}"
+end
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb
new file mode 100644
index 0000000000..f864bb9dbb
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb
@@ -0,0 +1,79 @@
+# Needed for logging purposes. To be populated by DevOps - currently dummy
+feFqdn: <%= @fe_host_ip %>
+
+# catalog backend hostname
+beHost: <%= @be_host_ip %>
+
+# catalog backend http port
+beHttpPort: <%= @catalog_port %>
+
+# catalog backend http context
+beContext: /sdc2/rest/v1/catalog/upload/resources
+
+# catalog backend protocol
+beProtocol: http
+
+# catalog backend ssl port
+beSslPort: <%= @ssl_port %>
+
+# threadpool size for handling requests
+threadpoolSize: 50
+
+# request processing timeout (seconds)
+requestTimeout: 10
+
+healthCheckSocketTimeoutInMs: 5000
+
+healthCheckIntervalInSeconds: 5
+
+identificationHeaderFields:
+ -
+ - &HTTP_IV_USER HTTP_IV_USER
+ - &iv-user iv-user
+ -
+ - &USER_ID USER_ID
+ - &user-id user-id
+ -
+ - &HTTP_CSP_ATTUID HTTP_CSP_ATTUID
+ - &csp-attuid csp-attuid
+ -
+ - &HTTP_CSP_WSTYPE HTTP_CSP_WSTYPE
+ - &csp-wstype csp-wstype
+
+optionalHeaderFields:
+ -
+ - &HTTP_CSP_FIRSTNAME HTTP_CSP_FIRSTNAME
+ - &csp-firstname csp-firstname
+ -
+ - &HTTP_CSP_LASTNAME HTTP_CSP_LASTNAME
+ - &csp-lastname csp-lastname
+ -
+ - &HTTP_IV_REMOTE_ADDRESS HTTP_IV_REMOTE_ADDRESS
+ - &iv-remote-address iv-remote-address
+ -
+ - &HTTP_CSP_EMAIL HTTP_CSP_EMAIL
+ - &csp-email csp-email
+
+
+version: 1.0
+released: 2012-11-30
+
+# Connection parameters
+connection:
+ url: jdbc:mysql://localhost:3306/db
+ poolSize: 17
+
+# Protocols
+protocols:
+ - http
+ - https
+
+
+systemMonitoring:
+ enabled: true
+ isProxy: true
+ probeIntervalInSeconds: 15
+
+kibanaHost: localhost
+kibanaPort: 5601
+kibanaProtocol: http
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb
new file mode 100644
index 0000000000..34a73fdf55
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb
@@ -0,0 +1,32 @@
+# ---------------------------------------
+# Module: http
+--module=http
+
+### HTTP Connector Configuration
+
+## Connector host/address to bind to
+# jetty.http.host=0.0.0.0
+
+## Connector port to listen on
+jetty.http.port=<%= @FE_http_port %>
+
+## Connector idle timeout in milliseconds
+jetty.http.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.http.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.http.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.http.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.http.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.http.acceptorPriorityDelta=0
+
+## HTTP Compliance: RFC7230, RFC2616, LEGACY
+# jetty.http.compliance=RFC7230
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb
new file mode 100644
index 0000000000..f8ca5252b0
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb
@@ -0,0 +1,15 @@
+# ---------------------------------------
+# Module: https
+--module=https
+
+## HTTPS Configuration
+# HTTP port to listen on
+https.port=<%= @FE_https_port %>
+
+# HTTPS idle timeout in milliseconds
+jetty.https.idleTimeout=300000
+
+# HTTPS Socket.soLingerTime in seconds. (-1 to disable)
+# https.soLingerTime=-1
+
+
diff --git a/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb
new file mode 100644
index 0000000000..426e0e44b5
--- /dev/null
+++ b/sdc-os-chef/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-ssl-ini.erb
@@ -0,0 +1,83 @@
+# ---------------------------------------
+# Module: ssl
+--module=ssl
+
+### TLS(SSL) Connector Configuration
+
+## Connector host/address to bind to
+# jetty.ssl.host=0.0.0.0
+
+## Connector port to listen on
+jetty.ssl.port=<%= @FE_https_port %>
+
+## Connector idle timeout in milliseconds
+# jetty.ssl.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.ssl.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.ssl.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.ssl.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.ssl.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.ssl.acceptorPriorityDelta=0
+
+## Whether request host names are checked to match any SNI names
+# jetty.ssl.sniHostCheck=true
+
+## max age in seconds for a Strict-Transport-Security response header (default -1)
+# jetty.ssl.stsMaxAgeSeconds=31536000
+
+## include subdomain property in any Strict-Transport-Security header (default false)
+# jetty.ssl.stsIncludeSubdomains=true
+
+### SslContextFactory Configuration
+## Note that OBF passwords are not secure, just protected from casual observation
+## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html
+
+## Keystore file path (relative to $jetty.base)
+# jetty.sslContext.keyStorePath=etc/keystore
+
+## Truststore file path (relative to $jetty.base)
+# jetty.sslContext.trustStorePath=etc/keystore
+
+## Keystore password
+# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+
+## Keystore type and provider
+# jetty.sslContext.keyStoreType=JKS
+# jetty.sslContext.keyStoreProvider=
+
+## KeyManager password
+# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g
+
+## Truststore password
+# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+
+## Truststore type and provider
+# jetty.sslContext.trustStoreType=JKS
+# jetty.sslContext.trustStoreProvider=
+
+## whether client certificate authentication is required
+# jetty.sslContext.needClientAuth=false
+
+## Whether client certificate authentication is desired
+# jetty.sslContext.wantClientAuth=false
+
+## Whether cipher order is significant (since java 8 only)
+# jetty.sslContext.useCipherSuitesOrder=true
+
+## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at
+## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites
+
+## Set the size of the SslSession cache
+# jetty.sslContext.sslSessionCacheSize=-1
+
+## Set the timeout (in seconds) of the SslSession cache timeout
+# jetty.sslContext.sslSessionTimeout=-1