From: Mandeep Khinda Date: Wed, 19 Sep 2018 17:27:47 +0000 (+0000) Subject: Merge "Do not mount certificates in SO" X-Git-Tag: 3.0.0-ONAP~303 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=cb34d2f44c5bd9b3b1ebf31bb0731bd5c4e48716;hp=a52efcc04e5fc9dfb14df30bb62e1aa91e527f0c;p=oom.git Merge "Do not mount certificates in SO" --- diff --git a/TOSCA/bootstrap.sh b/TOSCA/bootstrap.sh index 3a415f0fcf..b6a63721c8 100644 --- a/TOSCA/bootstrap.sh +++ b/TOSCA/bootstrap.sh @@ -24,9 +24,12 @@ # 4. execute this script with sudo -apt-get update +apt-get update apt-get install build-essential libssl-dev libffi-dev python-dev gcc -y wget http://repository.cloudifysource.org/cloudify/18.3.23/community-release/cloudify-cli-community-18.3.23.deb dpkg -i cloudify-cli-community-18.3.23.deb cfy install cloudify-environment-setup/openstack.yaml -i cloudify-environment-setup/inputs/openstack.yaml --install-plugins --task-retries=30 --task-retry-interval=5 -cfy install cloudify-environment-setup/openstack.yaml -i cloudify-environment-setup/inputs/openstack.yaml --install-plugins --task-retries=30 --task-retry-interval=5 +cfy install cloudify-environment-setup/openstack.yaml -i cloudify-environment-setup/inputs/openstack.yaml --install-plugins --task-retries=30 --task-retry-interval=5 | tee cminstall.log +setprofiles=$(grep "cfy profiles use" cminstall.log | cut -d'`' -f2) +eval $setprofiles +cfy blueprints upload ONAP_TOSCA/onap_tosca.yaml -b onap diff --git a/kubernetes/consul/templates/configmap.yaml b/kubernetes/consul/templates/configmap.yaml index 622d5c623e..56b34790f9 100644 --- a/kubernetes/consul/templates/configmap.yaml +++ b/kubernetes/consul/templates/configmap.yaml @@ -18,6 +18,11 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/consul-agent-config/*").AsConfig . | indent 2 }} --- @@ -26,5 +31,10 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-scripts-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/consul-agent-config/scripts/*").AsConfig . | indent 2 }} diff --git a/kubernetes/consul/templates/secrets.yaml b/kubernetes/consul/templates/secrets.yaml index eb0d02c10f..7cc711075e 100644 --- a/kubernetes/consul/templates/secrets.yaml +++ b/kubernetes/consul/templates/secrets.yaml @@ -17,5 +17,10 @@ kind: Secret metadata: name: {{ include "common.fullname" . }}-certs-secret namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/consul-agent-config/certs/*").AsSecrets . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json b/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json index 5db1839ac9..c8908c7b91 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json +++ b/kubernetes/policy/charts/policy-apex-pdp/resources/config/config.json @@ -43,7 +43,7 @@ "carrierTechnologyParameters" : { "carrierTechnology" : "RESTSERVER", "parameterClassName" : - "org.onap.policy.apex.plugins.event.carrier.restserver.RESTServerCarrierTechnologyParameters", + "org.onap.policy.apex.plugins.event.carrier.restserver.RestServerCarrierTechnologyParameters", "parameters" : { "standalone" : true, "host" : "localhost", @@ -63,7 +63,7 @@ "carrierTechnologyParameters":{ "carrierTechnology" : "RESTSERVER", "parameterClassName" : - "org.onap.policy.apex.plugins.event.carrier.restserver.RESTServerCarrierTechnologyParameters" + "org.onap.policy.apex.plugins.event.carrier.restserver.RestServerCarrierTechnologyParameters" }, "eventProtocolParameters":{ "eventProtocol" : "JSON" diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml index d35b5de4c2..318ad34491 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/configmap.yaml @@ -22,5 +22,5 @@ metadata: name: {{ include "common.fullname" . }}-configmap namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml index d7604d3231..8063c83817 100644 --- a/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml +++ b/kubernetes/policy/charts/policy-apex-pdp/templates/statefulset.yaml @@ -69,9 +69,8 @@ spec: readOnly: true - mountPath: /var/log/onap name: policy-logs - - mountPath: /home/apexuser/config/config.json + - mountPath: /home/apexuser/config name: apexconfig - subpath: config.json resources: {{ toYaml (pluck .Values.flavor .Values.resources| first) | indent 12 }} {{- if .Values.nodeSelector }} @@ -91,9 +90,6 @@ spec: - name: apexconfig configMap: name: {{ include "common.fullname" . }}-configmap - items: - - key: config.json - path: config.json - mode: 0755 + defaultMode: 0755 imagePullSecrets: - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-distribution/Chart.yaml b/kubernetes/policy/charts/policy-distribution/Chart.yaml new file mode 100644 index 0000000000..0f85689a24 --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/Chart.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +description: ONAP Policy Distribution +name: policy-distribution +version: 2.0.0 diff --git a/kubernetes/policy/charts/policy-distribution/requirements.yaml b/kubernetes/policy/charts/policy-distribution/requirements.yaml new file mode 100644 index 0000000000..fee7a3c24d --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/requirements.yaml @@ -0,0 +1,22 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +dependencies: + - name: common + version: ~2.0.0 + repository: '@local' diff --git a/kubernetes/policy/charts/policy-distribution/resources/config/config.json b/kubernetes/policy/charts/policy-distribution/resources/config/config.json new file mode 100644 index 0000000000..b0a6504555 --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/resources/config/config.json @@ -0,0 +1,130 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +{ + "name":"SDCDistributionGroup", + "restServerParameters":{ + "host":"0.0.0.0", + "port":6969, + "userName":"healthcheck", + "password":"zb!XztG34" + }, + "receptionHandlerParameters":{ + "SDCReceptionHandler":{ + "receptionHandlerType":"SDC", + "receptionHandlerClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandler", + "receptionHandlerConfigurationName":"sdcConfiguration", + "pluginHandlerParameters":{ + "policyDecoders":{ + "CsarDecoder":{ + "decoderType":"CsarDecoder", + "decoderClassName":"org.onap.policy.distribution.reception.decoding.pdpx.PolicyDecoderCsarPdpx", + "decoderConfigurationName": "csarToOptimizationPolicyConfiguration" + }, + "ApexDecoder":{ + "decoderType":"ApexDecoder", + "decoderClassName":"org.onap.policy.distribution.reception.decoding.policy.file.PolicyDecoderFileInCsarToPolicy", + "decoderConfigurationName": "apexDecoderConfiguration" + } + }, + "policyForwarders":{ + "PAPEngineForwarder":{ + "forwarderType":"PAPEngine", + "forwarderClassName":"org.onap.policy.distribution.forwarding.xacml.pdp.XacmlPdpPolicyForwarder", + "forwarderConfigurationName": "xacmlPdpConfiguration" + }, + "ApexForwarder":{ + "forwarderType":"ApexForwarder", + "forwarderClassName":"org.onap.policy.distribution.forwarding.apex.pdp.ApexPdpPolicyForwarder", + "forwarderConfigurationName": "apexForwarderConfiguration" + } + } + } + } + }, + "receptionHandlerConfigurationParameters":{ + "sdcConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.handling.sdc.SdcReceptionHandlerConfigurationParameterGroup", + "parameters":{ + "asdcAddress": "sdc-be:8443", + "messageBusAddress": [ + "message-router" + ], + "user": "policy", + "password": "Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U", + "pollingInterval":20, + "pollingTimeout":30, + "consumerId": "policy-id", + "artifactTypes": [ + "TOSCA_CSAR", + "HEAT" + ], + "consumerGroup": "policy-group", + "environmentName": "AUTO", + "keystorePath": "null", + "keystorePassword": "null", + "activeserverTlsAuth": false, + "isFilterinEmptyResources": true, + "isUseHttpsWithDmaap": false + } + } + }, + "policyDecoderConfigurationParameters":{ + "csarToOptimizationPolicyConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.decoding.pdpx.PolicyDecoderCsarPdpxConfigurationParameterGroup", + "parameters":{ + "policyNamePrefix": "oofCasablanca", + "onapName": "OOF", + "version": "1.0", + "priority": "3", + "riskType": "Test", + "riskLevel": "2" + } + }, + "apexDecoderConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.reception.decoding.policy.file.PolicyDecoderFileInCsarToPolicyParameterGroup", + "parameters":{ + "policyFileName": "SamplePolicyModelJAVASCRIPT", + "policyType": "APEX" + } + } + }, + "policyForwarderConfigurationParameters":{ + "xacmlPdpConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.forwarding.xacml.pdp.XacmlPdpPolicyForwarderParameterGroup", + "parameters":{ + "useHttps": false, + "hostname": "pdp", + "port": 8081, + "userName": "testpdp", + "password": "alpha123", + "clientAuth": "cHl0aG9uOnRlc3Q=", + "isManaged": true, + "pdpGroup": "pdpGroup" + } + }, + "apexForwarderConfiguration":{ + "parameterClassName":"org.onap.policy.distribution.forwarding.apex.pdp.ApexPdpPolicyForwarderParameterGroup", + "parameters":{ + "hostname":"policy-apex-pdp", + "port":"12345", + "ignoreConflicts": true, + "forceUpdate": true + } + } + } +} diff --git a/kubernetes/policy/charts/policy-distribution/templates/NOTES.txt b/kubernetes/policy/charts/policy-distribution/templates/NOTES.txt new file mode 100644 index 0000000000..c882c3385e --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/templates/NOTES.txt @@ -0,0 +1,37 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ include "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml new file mode 100644 index 0000000000..318ad34491 --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/templates/configmap.yaml @@ -0,0 +1,26 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/config.json").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml b/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml new file mode 100644 index 0000000000..12029f3b03 --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/templates/deployment.yaml @@ -0,0 +1,66 @@ +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + command: ["/opt/app/policy/distribution/bin/policy-dist.sh"] + args: ["/opt/app/policy/distribution/etc/mounted/config.json"] + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /opt/app/policy/distribution/etc/mounted + name: distributionconfig + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: distributionconfig + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/policy-distribution/templates/service.yaml b/kubernetes/policy/charts/policy-distribution/templates/service.yaml new file mode 100644 index 0000000000..be6b567b7d --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/templates/service.yaml @@ -0,0 +1,36 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.servicename" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.portName }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/policy/charts/policy-distribution/values.yaml b/kubernetes/policy/charts/policy-distribution/values.yaml new file mode 100644 index 0000000000..d74d0018d1 --- /dev/null +++ b/kubernetes/policy/charts/policy-distribution/values.yaml @@ -0,0 +1,66 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2018 Ericsson. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +################################################################# +# Global configuration defaults. +################################################################# +global: + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-distribution:2.0.0-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 20 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 20 + periodSeconds: 10 + +service: + type: ClusterIP + name: policy-distribution + portName: policy-distribution + internalPort: 6969 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/policy/resources/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh index 44f3b36abe..818ca502dc 100644 --- a/kubernetes/policy/resources/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -118,6 +118,26 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A } }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' +sleep 2 + +echo "Create BRMSParamvPCI Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvPCI", + "policyDescription": "BRMS Param vPCI policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "casablanca" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+3.0.0%0D%0A++controlLoopName%3A+ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459%0D%0A++trigger_policy%3A+unique-policy-id-123-modifyconfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-123-modifyconfig%0D%0A++++name%3A+modify+PCI+config%0D%0A++++description%3A%0D%0A++++actor%3A+SDNR%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+These+fields+are+not+used%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' + #########################################Create Micro Service Config policies########################################## echo "Create MicroService Config Policies" @@ -188,6 +208,45 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A "description": "ONAP_VPG_NAMING_TIMESTAMP" }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' +#########################################Creating OOF PCI Policies########################################## +sleep 2 + +echo "Create MicroServicevPCI Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation_pci\", \"uuid\": \"test_pci\", \"policyName\": \"MicroServicevPCI\", \"description\": \"MicroService vPCI Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.executePolicy\", \"thresholdValue\": 1, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevPCI", + "onapName": "DCAE" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' + +sleep 2 + +echo "Create PCI MS Config Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyName": "com.PCIMS_CONFIG_POLICY", + "configBody": "{ \"PCI_NEIGHBOR_CHANGE_CLUSTER_TIMEOUT_IN_SECS\":60, \"PCI_MODCONFIG_POLICY_NAME\":\"ControlLoop-vPCI-fb41f388-a5f2-11e8-98d0-529269fb1459\", \"PCI_OPTMIZATION_ALGO_CATEGORY_IN_OOF\":\"OOF-PCI-OPTIMIZATION\", \"PCI_SDNR_TARGET_NAME\":\"SDNR\" }", + "policyType": "Config", + "attributes" : { "matching" : { "key1" : "value1" } }, + "policyConfigType": "Base", + "onapName": "DCAE", + "configName": "PCIMS_CONFIG_POLICY", + "configBodyType": "JSON" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' + +sleep 2 + +echo "Create OOF Config Policy" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyName": "com.OOF_PCI_CONFIG_POLICY", + "configBody": "{ \"ALGO_CATEGORY\":\"OOF-PCI-OPTIMIZATION\", \"PCI_OPTMIZATION_ALGO_NAME\":\"OOF-PCI-OPTIMIZATION-LEVEL1\", \"PCI_OPTIMIZATION_NW_CONSTRAINT\":\"MAX5PCICHANGESONLY\", \"PCI_OPTIMIZATION_PRIORITY\": 2, \"PCI_OPTIMIZATION_TIME_CONSTRAINT\":\"ONLYATNIGHT\" }", + "attributes" : { "matching" : { "key1" : "value1" } }, + "policyType": "Config", + "policyConfigType": "Base", + "onapName": "DCAE", + "configName": "OOF_PCI_CONFIG_POLICY", + "configBodyType": "JSON" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/createPolicy' + #########################################Creating Decision Guard policy######################################### sleep 2 @@ -265,6 +324,15 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A "policyType": "BRMS_Param" }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' +sleep 2 + +echo "pushPolicy : PUT : com.BRMSParamvPCI" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvPCI", + "policyType": "BRMS_Param" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' + #########################################Pushing MicroService Config policies########################################## echo "Pushing MicroService Config policies" @@ -316,3 +384,31 @@ curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'A "policyName": "SDNC_Policy.ONAP_VPG_NAMING_TIMESTAMP", "policyType": "MicroService" }' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' + +#########################################Pushing OOF PCI Policies########################################## +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevPCI" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevPCI", + "policyType": "MicroService" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.PCIMS_CONFIG_POLICY" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.PCIMS_CONFIG_POLICY", + "policyType": "Base" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.OOF_PCI_CONFIG_POLICY" +curl -k -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.OOF_PCI_CONFIG_POLICY", + "policyType": "Base" +}' 'https://{{.Values.global.pdp.nameOverride}}:{{.Values.config.pdpPort}}/pdp/api/pushPolicy' diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties index c4c00d3509..274a872856 100644 --- a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties @@ -35,13 +35,6 @@ server.context_parameters.p-name=value #context parameter with p-name as key and basicAuth.username={{ .Values.config.networkDiscoveryUserId }} basicAuth.password={{ .Values.config.networkDiscoveryPassword }} -# A&AI Enircher REST Client Configuration -enricher.url=https://: -enricher.connectionTimeout=5000 -enricher.readTimeout=60000 -enricher.keyStorePath=config/auth/enricher-client-cert.p12 -enricher.keyStorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o - enricher.types = vserver, l3-network enricher.type.vserver.url = /enricher/v11/cloud-infrastructure/vservers/vserver/{0}?sot=!aai enricher.type.l3-network.url = /enricher/v11/network/l3-networks/l3-network/{0}?sot=!aai diff --git a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties index 26737f5d88..c271040cab 100644 --- a/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties +++ b/kubernetes/pomba/charts/pomba-servicedecomposition/resources/config/application.properties @@ -35,11 +35,6 @@ basicAuth.password={{ .Values.config.serviceDecompositionPassword }} aai.host=127.0.0.1 aai.port=8443 aai.httpProtocol=http -aai.trustStorePath=tomcat_keystore -aai.keyStorePath=aai-client-cert.p12 -aai.keyStorePassword=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o -aai.keyManagerFactoryAlgorithm=SunX509 -aai.keyStoreType=PKCS12 aai.securityProtocol=TLS aai.connectionTimeout=5000 aai.readTimeout=1000 diff --git a/kubernetes/robot/templates/configmap.yaml b/kubernetes/robot/templates/configmap.yaml index 42579e16e4..da5093471a 100644 --- a/kubernetes/robot/templates/configmap.yaml +++ b/kubernetes/robot/templates/configmap.yaml @@ -17,5 +17,10 @@ kind: ConfigMap metadata: name: {{ include "common.fullname" . }}-eteshare-configmap namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/eteshare/config/*").AsConfig . | indent 2 }}