+++ /dev/null
-#============LICENSE_START========================================================
-#=================================================================================
-# Copyright (c) 2017-2018 AT&T Intellectual Property. All rights reserved.
-# Modifications Copyright © 2018 Amdocs, Bell Canada
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-
-{{ if .Values.componentImages.policy_handler }}
-policy_handler_image: {{ include "common.repository" . }}/{{ .Values.componentImages.policy_handler }}
-{{ end }}
-application_config:
- policy_handler :
- # parallelize the getConfig queries to policy-engine on each policy-update notification
- thread_pool_size : 4
-
- # parallelize requests to policy-engine and keep them alive
- pool_connections : 20
-
- # retry to getConfig from policy-engine on policy-update notification
- policy_retry_count : 5
- policy_retry_sleep : 5
-
- # mode of operation for the policy-handler
- # either active or passive
- # in passive mode the policy-hanlder will not listen to
- # and will not bring the policy-updates from policy-engine
- mode_of_operation : "active"
-
- # config of automatic catch_up for resiliency
- catch_up :
- # interval in seconds on how often to call automatic catch_up
- # example: 1200 is 20*60 seconds that is 20 minutes
- interval : 1200
-
- # config of periodic reconfigure-rediscover for adaptability
- reconfigure:
- # interval in seconds on how often to call automatic reconfigure
- # example: 600 is 10*60 seconds that is 10 minutes
- interval : 600
-
- # policy-engine config
- # These are the url of and the auth for the external system, namely the policy-engine (PDP).
- # We obtain that info manually from PDP folks at the moment.
- # In long run we should figure out a way of bringing that info into consul record
- # related to policy-engine itself.
- # - k8s specific routing to policy-engine by hostname "pdp"
- # - relying on dns to resolve hostname "pdp" to ip address
- # - expecing to find "pdp" as the hostname in server cert from policy-engine
- policy_engine :
- url : "https://{{ .Values.config.address.policy_pdp }}.{{include "common.namespace" . }}:8081"
- path_notifications : "/pdp/notifications"
- path_api : "/pdp/api/"
- headers :
- Accept : "application/json"
- "Content-Type" : "application/json"
- ClientAuth : "cHl0aG9uOnRlc3Q="
- Authorization : "Basic dGVzdHBkcDphbHBoYTEyMw=="
- Environment : "TEST"
- target_entity : "policy_engine"
- # optional tls_ca_mode specifies where to find the cacert.pem for tls
- # can be one of these:
- # "cert_directory" - use the cacert.pem stored locally in cert_directory.
- # this is the default if cacert.pem file is found
- #
- # "os_ca_bundle" - use the public ca_bundle provided by linux system.
- # this is the default if cacert.pem file not found
- #
- # "do_not_verify" - special hack to turn off the verification by cacert and hostname
- tls_ca_mode : "cert_directory"
- # optional tls_wss_ca_mode specifies the same for the tls based web-socket
- tls_wss_ca_mode : "cert_directory"
- # optional timeout_in_secs specifies the timeout for the http requests
- timeout_in_secs: 60
- # optional ws_ping_interval_in_secs specifies the ping interval for the web-socket connection
- ws_ping_interval_in_secs: 30
- # deploy_handler config
- # changed from string "deployment_handler" in 2.3.1 to structure in 2.4.0
- deploy_handler :
- # name of deployment-handler service used by policy-handler for logging
- target_entity : "deployment_handler"
- # url of the deployment-handler service for policy-handler to direct the policy-updates to
- # - expecting dns to resolve the hostname deployment-handler to ip address
- url : "https://deployment-handler:8443"
- # limit the size of a single data segment for policy-update messages
- # from policy-handler to deployment-handler in megabytes
- max_msg_length_mb : 5
- query :
- # optionally specify the tenant name for the cloudify under deployment-handler
- # if not specified the "default_tenant" is used by the deployment-handler
- cfy_tenant_name : "default_tenant"
- # optional tls_ca_mode specifies where to find the cacert.pem or skip tls verification
- # can be one of these:
- # "cert_directory" - use the cacert.pem stored locally in cert_directory.
- # this is the default if cacert.pem file is found
- #
- # "os_ca_bundle" - use the public ca_bundle provided by linux system.
- # this is the default if cacert.pem file not found
- #
- # "do_not_verify" - special hack to turn off the verification by cacert and hostname
- tls_ca_mode : "cert_directory"
- # optional timeout_in_secs specifies the timeout for the http requests
- timeout_in_secs: 60
Code Review / oom.git / blobdiff