From ced8514d3c19dc5ba4ae8e42797fc731ef25d200 Mon Sep 17 00:00:00 2001 From: mayankg2703 Date: Tue, 20 Mar 2018 05:42:53 +0000 Subject: [PATCH] Add Standardized Configuration to POLICY Change-Id: Iabdb2bba14b5095c08ff2920aec97a213e0acb30 Issue-ID: OOM-745 Signed-off-by: mayankg2703 Signed-off-by: Mike Elliott Signed-off-by: Mandeep Khinda --- kubernetes/onap/requirements.yaml | 2 +- kubernetes/policy/.helmignore | 21 ++ kubernetes/policy/Chart.yaml | 4 +- kubernetes/policy/charts/brmsgw/Chart.yaml | 18 + kubernetes/policy/charts/brmsgw/requirements.yaml | 21 ++ .../brmsgw/resources}/config/pe/brmsgw-tweaks.sh | 14 + .../brmsgw/resources}/config/pe/brmsgw.conf | 26 +- .../policy/charts/brmsgw/templates/NOTES.txt | 19 ++ .../policy/charts/brmsgw/templates/configmap.yaml | 22 ++ .../policy/charts/brmsgw/templates/deployment.yaml | 109 ++++++ .../policy/charts/brmsgw/templates/service.yaml | 39 +++ kubernetes/policy/charts/brmsgw/values.yaml | 87 +++++ kubernetes/policy/charts/drools/Chart.yaml | 18 + .../policy/charts/drools/charts/nexus/Chart.yaml | 18 + .../charts/drools/charts/nexus/requirements.yaml | 21 ++ .../charts/drools/charts/nexus/templates/NOTES.txt | 19 ++ .../drools/charts/nexus/templates/deployment.yaml | 86 +++++ .../drools/charts/nexus/templates/service.yaml | 32 ++ .../policy/charts/drools/charts/nexus/values.yaml | 86 +++++ kubernetes/policy/charts/drools/requirements.yaml | 21 ++ .../drools}/resources/config/drools/settings.xml | 36 +- .../resources/config/log/drools/logback.xml | 210 ++++++------ .../config/opt/policy/config/drools/base.conf | 32 +- .../opt/policy/config/drools/drools-tweaks.sh | 20 +- .../config/drools/keys/feature-healthcheck.conf | 16 + .../opt/policy/config/drools/keys/policy-keystore | Bin .../policy/config/drools/policy-management.conf | 19 ++ .../charts/drools/resources/scripts/do-start.sh | 50 +++ .../resources}/scripts/update-vfw-op-policy.sh | 14 + .../policy/charts/drools/templates/NOTES.txt | 19 ++ .../drools/templates/configmap.yaml} | 29 +- .../policy/charts/drools/templates/deployment.yaml | 180 ++++++++++ .../drools/templates/secrets.yaml} | 13 +- .../policy/charts/drools/templates/service.yaml | 42 +++ kubernetes/policy/charts/drools/values.yaml | 91 +++++ kubernetes/policy/charts/mariadb/Chart.yaml | 18 + kubernetes/policy/charts/mariadb/requirements.yaml | 21 ++ .../policy/charts/mariadb/resources/config/db.sh | 23 ++ .../policy/charts/mariadb/templates/NOTES.txt | 19 ++ .../policy/charts/mariadb/templates/configmap.yaml | 21 ++ .../charts/mariadb/templates/deployment.yaml | 100 ++++++ kubernetes/policy/charts/mariadb/templates/pv.yaml | 37 ++ .../policy/charts/mariadb/templates/pvc.yaml | 48 +++ .../policy/charts/mariadb/templates/secrets.yaml | 29 ++ .../policy/charts/mariadb/templates/service.yaml | 32 ++ kubernetes/policy/charts/mariadb/values.yaml | 76 +++++ kubernetes/policy/charts/pdp/Chart.yaml | 18 + kubernetes/policy/charts/pdp/requirements.yaml | 21 ++ .../config/log/xacml-pdp-rest/logback.xml | 303 ++++++++--------- .../charts/pdp/resources/config/pe/pdp-tweaks.sh | 16 + .../pdp/resources}/config/pe/pdp.conf | 20 +- .../charts/pdp/resources/config/pe/pdplp.conf | 26 ++ kubernetes/policy/charts/pdp/templates/NOTES.txt | 19 ++ .../policy/charts/pdp/templates/configmap.yaml | 29 ++ .../policy/charts/pdp/templates/service.yaml | 52 +++ .../policy/charts/pdp/templates/statefulset.yaml | 143 ++++++++ kubernetes/policy/charts/pdp/values.yaml | 90 +++++ kubernetes/policy/charts/policy-common/Chart.yaml | 18 + .../policy/charts/policy-common/requirements.yaml | 21 ++ .../resources/config/log/filebeat/filebeat.yml | 0 .../policy-common/resources/config/pe/base.conf | 38 +++ .../resources/config/scripts/do-start.sh | 92 +++++ .../charts/policy-common/templates/NOTES.txt | 19 ++ .../charts/policy-common/templates/configmap.yaml | 37 ++ kubernetes/policy/charts/policy-common/values.yaml | 82 +++++ kubernetes/policy/requirements.yaml | 21 ++ .../resources/config/log/ep_sdk_app/logback.xml | 376 ++++++++++----------- .../resources/config/log/pypdpserver/logback.xml | 154 --------- .../config/log/xacml-pap-rest/logback.xml | 303 ++++++++--------- .../config/drools/keys/feature-healthcheck.conf | 2 - .../policy/config/drools/policy-management.conf | 5 - .../config/opt/policy/config/pe/base.conf | 24 -- .../resources/config/opt/policy/config/pe/elk.conf | 3 - .../config/opt/policy/config/pe/mysql.conf | 5 - .../config/opt/policy/config/pe/pap-tweaks.sh | 1 - .../config/opt/policy/config/pe/paplp.conf | 12 - .../config/opt/policy/config/pe/pdp-tweaks.sh | 2 - .../config/opt/policy/config/pe/pdplp.conf | 12 - .../config/{opt/policy/config => }/pe/console.conf | 24 +- kubernetes/policy/resources/config/pe/elk.conf | 17 + kubernetes/policy/resources/config/pe/mysql.conf | 19 ++ .../policy/resources/config/pe/pap-tweaks.sh | 15 + .../config/{opt/policy/config => }/pe/pap.conf | 18 +- kubernetes/policy/resources/config/pe/paplp.conf | 26 ++ .../{opt/policy/config => }/pe/push-policies.sh | 48 ++- kubernetes/policy/templates/NOTES.txt | 19 ++ kubernetes/policy/templates/all-services.yaml | 145 -------- kubernetes/policy/templates/configmap.yaml | 38 +++ kubernetes/policy/templates/dep-brmsgw.yaml | 71 ---- kubernetes/policy/templates/dep-drools.yaml | 152 --------- kubernetes/policy/templates/dep-maria.yaml | 54 --- kubernetes/policy/templates/dep-nexus.yaml | 61 ---- kubernetes/policy/templates/dep-pap.yaml | 131 ------- kubernetes/policy/templates/dep-pdp.yaml | 108 ------ kubernetes/policy/templates/deployment.yaml | 162 +++++++++ .../policy/templates/policy-log-configmap.yaml | 59 ---- kubernetes/policy/templates/service.yaml | 42 +++ kubernetes/policy/values.yaml | 128 +++++-- 98 files changed, 3443 insertions(+), 1736 deletions(-) create mode 100644 kubernetes/policy/.helmignore create mode 100644 kubernetes/policy/charts/brmsgw/Chart.yaml create mode 100644 kubernetes/policy/charts/brmsgw/requirements.yaml rename kubernetes/policy/{resources/config/opt/policy => charts/brmsgw/resources}/config/pe/brmsgw-tweaks.sh (64%) mode change 100755 => 100644 rename kubernetes/policy/{resources/config/opt/policy => charts/brmsgw/resources}/config/pe/brmsgw.conf (53%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/charts/brmsgw/templates/NOTES.txt create mode 100644 kubernetes/policy/charts/brmsgw/templates/configmap.yaml create mode 100644 kubernetes/policy/charts/brmsgw/templates/deployment.yaml create mode 100644 kubernetes/policy/charts/brmsgw/templates/service.yaml create mode 100644 kubernetes/policy/charts/brmsgw/values.yaml create mode 100644 kubernetes/policy/charts/drools/Chart.yaml create mode 100644 kubernetes/policy/charts/drools/charts/nexus/Chart.yaml create mode 100644 kubernetes/policy/charts/drools/charts/nexus/requirements.yaml create mode 100644 kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt create mode 100644 kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml create mode 100644 kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml create mode 100644 kubernetes/policy/charts/drools/charts/nexus/values.yaml create mode 100644 kubernetes/policy/charts/drools/requirements.yaml rename kubernetes/policy/{ => charts/drools}/resources/config/drools/settings.xml (66%) rename kubernetes/policy/{ => charts/drools}/resources/config/log/drools/logback.xml (74%) rename kubernetes/policy/{ => charts/drools}/resources/config/opt/policy/config/drools/base.conf (64%) mode change 100755 => 100644 rename kubernetes/policy/{ => charts/drools}/resources/config/opt/policy/config/drools/drools-tweaks.sh (53%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf rename kubernetes/policy/{ => charts/drools}/resources/config/opt/policy/config/drools/keys/policy-keystore (100%) create mode 100644 kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf create mode 100644 kubernetes/policy/charts/drools/resources/scripts/do-start.sh rename kubernetes/policy/{ => charts/drools/resources}/scripts/update-vfw-op-policy.sh (85%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/charts/drools/templates/NOTES.txt rename kubernetes/policy/{templates/policy-deployment-configmap.yaml => charts/drools/templates/configmap.yaml} (60%) create mode 100644 kubernetes/policy/charts/drools/templates/deployment.yaml rename kubernetes/policy/{templates/policy-deployment-secret.yaml => charts/drools/templates/secrets.yaml} (72%) create mode 100644 kubernetes/policy/charts/drools/templates/service.yaml create mode 100644 kubernetes/policy/charts/drools/values.yaml create mode 100644 kubernetes/policy/charts/mariadb/Chart.yaml create mode 100644 kubernetes/policy/charts/mariadb/requirements.yaml create mode 100644 kubernetes/policy/charts/mariadb/resources/config/db.sh create mode 100644 kubernetes/policy/charts/mariadb/templates/NOTES.txt create mode 100644 kubernetes/policy/charts/mariadb/templates/configmap.yaml create mode 100644 kubernetes/policy/charts/mariadb/templates/deployment.yaml create mode 100644 kubernetes/policy/charts/mariadb/templates/pv.yaml create mode 100644 kubernetes/policy/charts/mariadb/templates/pvc.yaml create mode 100644 kubernetes/policy/charts/mariadb/templates/secrets.yaml create mode 100644 kubernetes/policy/charts/mariadb/templates/service.yaml create mode 100644 kubernetes/policy/charts/mariadb/values.yaml create mode 100644 kubernetes/policy/charts/pdp/Chart.yaml create mode 100644 kubernetes/policy/charts/pdp/requirements.yaml rename kubernetes/policy/{ => charts/pdp}/resources/config/log/xacml-pdp-rest/logback.xml (86%) create mode 100644 kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh rename kubernetes/policy/{resources/config/opt/policy => charts/pdp/resources}/config/pe/pdp.conf (60%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf create mode 100644 kubernetes/policy/charts/pdp/templates/NOTES.txt create mode 100644 kubernetes/policy/charts/pdp/templates/configmap.yaml create mode 100644 kubernetes/policy/charts/pdp/templates/service.yaml create mode 100644 kubernetes/policy/charts/pdp/templates/statefulset.yaml create mode 100644 kubernetes/policy/charts/pdp/values.yaml create mode 100644 kubernetes/policy/charts/policy-common/Chart.yaml create mode 100644 kubernetes/policy/charts/policy-common/requirements.yaml rename kubernetes/policy/{ => charts/policy-common}/resources/config/log/filebeat/filebeat.yml (100%) create mode 100644 kubernetes/policy/charts/policy-common/resources/config/pe/base.conf create mode 100644 kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh create mode 100644 kubernetes/policy/charts/policy-common/templates/NOTES.txt create mode 100644 kubernetes/policy/charts/policy-common/templates/configmap.yaml create mode 100644 kubernetes/policy/charts/policy-common/values.yaml create mode 100644 kubernetes/policy/requirements.yaml delete mode 100644 kubernetes/policy/resources/config/log/pypdpserver/logback.xml delete mode 100644 kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/pe/base.conf delete mode 100644 kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh delete mode 100755 kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf rename kubernetes/policy/resources/config/{opt/policy/config => }/pe/console.conf (77%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/resources/config/pe/elk.conf create mode 100644 kubernetes/policy/resources/config/pe/mysql.conf create mode 100644 kubernetes/policy/resources/config/pe/pap-tweaks.sh rename kubernetes/policy/resources/config/{opt/policy/config => }/pe/pap.conf (63%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/resources/config/pe/paplp.conf rename kubernetes/policy/resources/config/{opt/policy/config => }/pe/push-policies.sh (88%) mode change 100755 => 100644 create mode 100644 kubernetes/policy/templates/NOTES.txt delete mode 100644 kubernetes/policy/templates/all-services.yaml create mode 100644 kubernetes/policy/templates/configmap.yaml delete mode 100644 kubernetes/policy/templates/dep-brmsgw.yaml delete mode 100644 kubernetes/policy/templates/dep-drools.yaml delete mode 100644 kubernetes/policy/templates/dep-maria.yaml delete mode 100644 kubernetes/policy/templates/dep-nexus.yaml delete mode 100644 kubernetes/policy/templates/dep-pap.yaml delete mode 100644 kubernetes/policy/templates/dep-pdp.yaml create mode 100644 kubernetes/policy/templates/deployment.yaml delete mode 100644 kubernetes/policy/templates/policy-log-configmap.yaml create mode 100644 kubernetes/policy/templates/service.yaml diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml index 2bcf0bfecd..08b643782a 100644 --- a/kubernetes/onap/requirements.yaml +++ b/kubernetes/onap/requirements.yaml @@ -73,7 +73,7 @@ dependencies: repository: '@local' condition: multicloud.enabled - name: policy - version: ~0.1.0 + version: ~2.0.0 repository: '@local' condition: policy.enabled - name: portal diff --git a/kubernetes/policy/.helmignore b/kubernetes/policy/.helmignore new file mode 100644 index 0000000000..f0c1319444 --- /dev/null +++ b/kubernetes/policy/.helmignore @@ -0,0 +1,21 @@ +# Patterns to ignore when building packages. +# This supports shell glob matching, relative path matching, and +# negation (prefixed with !). Only one pattern per line. +.DS_Store +# Common VCS dirs +.git/ +.gitignore +.bzr/ +.bzrignore +.hg/ +.hgignore +.svn/ +# Common backup files +*.swp +*.bak +*.tmp +*~ +# Various IDEs +.project +.idea/ +*.tmproj diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml index b178495b47..d033bf1858 100644 --- a/kubernetes/policy/Chart.yaml +++ b/kubernetes/policy/Chart.yaml @@ -13,6 +13,6 @@ # limitations under the License. apiVersion: v1 -description: A Helm chart for Kubernetes +description: Policy access point name: policy -version: 0.1.0 +version: 2.0.0 diff --git a/kubernetes/policy/charts/brmsgw/Chart.yaml b/kubernetes/policy/charts/brmsgw/Chart.yaml new file mode 100644 index 0000000000..d6aafe4488 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy BRMS GW +name: brmsgw +version: 2.0.0 diff --git a/kubernetes/policy/charts/brmsgw/requirements.yaml b/kubernetes/policy/charts/brmsgw/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh old mode 100755 new mode 100644 similarity index 64% rename from kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh rename to kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh index daa3596e6e..5c3a2a1fe3 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #! /bin/bash PROPS_BUILD="${POLICY_HOME}/etc/build.info" diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf old mode 100755 new mode 100644 similarity index 53% rename from kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf rename to kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index d874237575..6a0012dafa --- a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -1,11 +1,25 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # BRMSpep component installation configuration parameters BRMSGW_JMX_PORT=9989 COMPONENT_X_MX_MB=1024 COMPONENT_X_MS_MB=1024 -REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ -REST_PDP_ID=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ +REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/ +REST_PDP_ID=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/ PDP_HTTP_USER_ID=testpdp PDP_HTTP_PASSWORD=alpha123 @@ -15,13 +29,13 @@ PDP_PAP_PDP_HTTP_PASSWORD=alpha123 M2_HOME=/usr/share/maven snapshotRepositoryID=policy-nexus-snapshots snapshotRepositoryName=Snapshots -snapshotRepositoryURL=http://nexus.{{.Values.nsPrefix}}:8081/nexus/content/repositories/snapshots +snapshotRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/snapshots releaseRepositoryID=policy-nexus-releases releaseRepositoryName=Releases -releaseRepositoryURL=http://nexus.{{.Values.nsPrefix}}:8081/nexus/content/repositories/releases +releaseRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/releases repositoryUsername=admin repositoryPassword=admin123 -UEB_URL=dmaap.{{.Values.nsPrefix}} +UEB_URL=dmaap UEB_TOPIC=PDPD-CONFIGURATION UEB_API_KEY= UEB_API_SECRET= @@ -40,7 +54,7 @@ ENVIRONMENT=TEST #Notification Properties... type can be either websocket, ueb, or dmaap BRMS_NOTIFICATION_TYPE=websocket -BRMS_UEB_URL=dmaap.{{.Values.nsPrefix}} +BRMS_UEB_URL=dmaap BRMS_UEB_TOPIC=PDPD-CONFIGURATION BRMS_UEB_DELAY= BRMS_CLIENT_ID=python diff --git a/kubernetes/policy/charts/brmsgw/templates/NOTES.txt b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/brmsgw/templates/configmap.yaml b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml new file mode 100644 index 0000000000..054338bb5b --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml @@ -0,0 +1,22 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml new file mode 100644 index 0000000000..cd715e4606 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml @@ -0,0 +1,109 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.pap.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - command: + - /bin/bash + - ./do-start.sh + - brmsgw + name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config + name: pe-brmsgw + - mountPath: /tmp/policy-install/config/base.conf + name: pe + subPath: base.conf + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: pe + configMap: + name: {{ .Release.Name }}-pe-configmap + defaultMode: 0755 + - name: pe-scripts + configMap: + name: {{ .Release.Name }}-pe-scripts-configmap + defaultMode: 0777 + - name: pe-brmsgw + configMap: + name: {{ include "common.fullname" . }}-pe-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/brmsgw/templates/service.yaml b/kubernetes/policy/charts/brmsgw/templates/service.yaml new file mode 100644 index 0000000000..ebec058193 --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/templates/service.yaml @@ -0,0 +1,39 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml new file mode 100644 index 0000000000..3890e9e6ab --- /dev/null +++ b/kubernetes/policy/charts/brmsgw/values.yaml @@ -0,0 +1,87 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pe:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 30 + periodSeconds: 10 + +service: + type: NodePort + name: brmsgw + externalPort: 9989 + nodePort: 16 + + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/drools/Chart.yaml b/kubernetes/policy/charts/drools/Chart.yaml new file mode 100644 index 0000000000..4f753c07f4 --- /dev/null +++ b/kubernetes/policy/charts/drools/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Drools Policy Engine +name: drools +version: 2.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml new file mode 100644 index 0000000000..65916b652c --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy Nexus +name: nexus +version: 2.0.0 diff --git a/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt new file mode 100644 index 0000000000..57947a65da --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml new file mode 100644 index 0000000000..910ade9108 --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + httpGet: + path: {{ .Values.readiness.path }} + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml new file mode 100644 index 0000000000..5447d91e0e --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml @@ -0,0 +1,32 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml new file mode 100644 index 0000000000..f8d80b0fca --- /dev/null +++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml @@ -0,0 +1,86 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-nexus:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + path: /nexus/service/local/status + +service: + type: NodePort + name: nexus + internalPort: 8081 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/drools/requirements.yaml b/kubernetes/policy/charts/drools/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/drools/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml similarity index 66% rename from kubernetes/policy/resources/config/drools/settings.xml rename to kubernetes/policy/charts/drools/resources/config/drools/settings.xml index 2a9e2a0b24..e899a004da 100755 --- a/kubernetes/policy/resources/config/drools/settings.xml +++ b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml @@ -1,23 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +--> @@ -51,7 +47,7 @@ policy-nexus-snapshots - http://nexus:8081/nexus/content/repositories/snapshots/ + http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/ false always @@ -64,7 +60,7 @@ policy-nexus-releases - http://nexus:8081/nexus/content/repositories/releases/ + http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/ true always diff --git a/kubernetes/policy/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml similarity index 74% rename from kubernetes/policy/resources/config/log/drools/logback.xml rename to kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml index daecf97850..4b058f1e4b 100644 --- a/kubernetes/policy/resources/config/log/drools/logback.xml +++ b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml @@ -1,107 +1,103 @@ - - - - - - - - - - - - - - - - ${logDir}/${errorLog}.log - - ${logDir}/${errorLog}.%i.log.zip - 1 - 5 - - - WARN - - - 15MB - - - ${errorPattern} - - - - - - - - - ${logDir}/${debugLog}.log - - ${logDir}/${debugLog}.%i.log.zip - 1 - 9 - - - 20MB - - - ${debugPattern} - - - - - - - - - ${logDir}/${networkLog}.log - - ${logDir}/${networkLog}.%i.log.zip - 1 - 9 - - - 15MB - - - ${networkPattern} - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file + + + + + + + + + + + + + + + + ${logDir}/${errorLog}.log + + ${logDir}/${errorLog}.%i.log.zip + 1 + 5 + + + WARN + + + 15MB + + + ${errorPattern} + + + + + + + + + ${logDir}/${debugLog}.log + + ${logDir}/${debugLog}.%i.log.zip + 1 + 9 + + + 20MB + + + ${debugPattern} + + + + + + + + + ${logDir}/${networkLog}.log + + ${logDir}/${networkLog}.%i.log.zip + 1 + 9 + + + 15MB + + + ${networkPattern} + + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf old mode 100755 new mode 100644 similarity index 64% rename from kubernetes/policy/resources/config/opt/policy/config/drools/base.conf rename to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index e5bbd6637d..aec7bf20ee --- a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -1,27 +1,21 @@ -### -# ============LICENSE_START======================================================= -# ONAP POLICY -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # -# http://www.apache.org/licenses/LICENSE-2.0 +# http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# ============LICENSE_END========================================================= -### - # SYSTEM software configuration POLICY_HOME=/opt/app/policy +POLICY_LOGS=/var/log/ONAP/policy JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 KEYSTORE_PASSWD=PolicyR0ck$ @@ -35,22 +29,22 @@ ENGINE_MANAGEMENT_PASSWORD=31nst31n # nexus repository snapshotRepositoryID=policy-nexus-snapshots -snapshotRepositoryUrl=http://nexus:8081/nexus/content/repositories/snapshots/ +snapshotRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/ releaseRepositoryID=policy-nexus-releases -releaseRepositoryUrl=http://nexus:8081/nexus/content/repositories/releases/ +releaseRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/ repositoryUsername=admin repositoryPassword=admin123 # Relational (SQL) DB access -SQL_HOST=mariadb.{{.Values.nsPrefix}} +SQL_HOST={{.Release.Name}}-{{.Values.global.mariadb.nameOverride}} SQL_USER=policy_user SQL_PASSWORD=policy_user # PDP-D DMaaP configuration channel PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION -PDPD_CONFIGURATION_SERVERS=dmaap.{{.Values.nsPrefix}} +PDPD_CONFIGURATION_SERVERS=dmaap PDPD_CONFIGURATION_API_KEY= PDPD_CONFIGURATION_API_SECRET= PDPD_CONFIGURATION_CONSUMER_GROUP= @@ -59,13 +53,13 @@ PDPD_CONFIGURATION_PARTITION_KEY= # PAP -PAP_HOST=pap.{{.Values.nsPrefix}} +PAP_HOST={{.Release.Name}}-{{.Values.global.pap.nameOverride}} PAP_USERNAME=testpap PAP_PASSWORD=alpha123 # PDP-X -PDP_HOST=pdp.{{.Values.nsPrefix}} +PDP_HOST={{.Release.Name}}-{{.Values.global.pdp.nameOverride}} PDP_USERNAME=testpdp PDP_PASSWORD=alpha123 PDP_CLIENT_USERNAME=python @@ -75,11 +69,11 @@ PDP_ENVIRONMENT=TEST # DCAE DMaaP DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT -DCAE_SERVERS=dmaap.{{.Values.nsPrefix}} +DCAE_SERVERS=dmaap # Open DMaaP -DMAAP_SERVERS=dmaap.{{.Values.nsPrefix}} +DMAAP_SERVERS=dmaap # AAI @@ -89,7 +83,7 @@ AAI_PASSWORD=POLICY # MSO -SO_URL=http://mso.{{.Values.nsPrefix}}:8080/ecomp/mso/infra +SO_URL=http://mso:8080/ecomp/mso/infra SO_USERNAME=InfraPortalClient SO_PASSWORD=password1$ diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh old mode 100755 new mode 100644 similarity index 53% rename from kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh rename to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh index 8bff59c2e7..62822ac824 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh @@ -1,23 +1,17 @@ -#! /bin/bash - -### -# ============LICENSE_START======================================================= -# ONAP -# ================================================================================ -# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. -# ================================================================================ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# +# +# http://www.apache.org/licenses/LICENSE-2.0 +# # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -# ============LICENSE_END========================================================= -### + +#! /bin/bash ${POLICY_HOME}/bin/features enable healthcheck diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf new file mode 100644 index 0000000000..cbb45a5828 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf @@ -0,0 +1,16 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +HEALTHCHECK_USER=healthcheck +HEALTHCHECK_PASSWORD=zb!XztG34 diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/policy-keystore b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore similarity index 100% rename from kubernetes/policy/resources/config/opt/policy/config/drools/keys/policy-keystore rename to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf new file mode 100644 index 0000000000..c2ccefe4e3 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +CONTROLLER_ARTIFACT_ID=policy-management +CONTROLLER_NAME=policy-management-controller +CONTROLLER_PORT=9696 +RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT +UEB_TOPIC=policyengine-develop diff --git a/kubernetes/policy/charts/drools/resources/scripts/do-start.sh b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh new file mode 100644 index 0000000000..1c40e11b16 --- /dev/null +++ b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh @@ -0,0 +1,50 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# skip installation if build.info file is present (restarting an existing container) +if [[ -f /opt/app/policy/etc/build.info ]]; then + echo "Found existing installation, will not reinstall" + . /opt/app/policy/etc/profile.d/env.sh +else + # replace conf files from installer with environment-specific files + # mounted from the hosting VM + if [[ -d config ]]; then + cp config/*.conf . + fi + + ./docker-install.sh + + . /opt/app/policy/etc/profile.d/env.sh + + # install policy keystore + mkdir -p $POLICY_HOME/etc/ssl + cp config/policy-keystore $POLICY_HOME/etc/ssl + + if [[ -x config/drools-tweaks.sh ]] ; then + echo "Executing tweaks" + # file may not be executable; running it as an + # argument to bash avoids needing execute perms. + bash config/drools-tweaks.sh + fi + + # sql provisioning scripts should be invoked here. +fi + +echo "Starting processes" + +policy start + +sleep 1000d diff --git a/kubernetes/policy/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh old mode 100755 new mode 100644 similarity index 85% rename from kubernetes/policy/scripts/update-vfw-op-policy.sh rename to kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh index 39483a0fb7..a6c054dbc1 --- a/kubernetes/policy/scripts/update-vfw-op-policy.sh +++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #!/bin/bash if [ "$#" -ne 4 ]; then diff --git a/kubernetes/policy/charts/drools/templates/NOTES.txt b/kubernetes/policy/charts/drools/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/drools/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/templates/policy-deployment-configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml similarity index 60% rename from kubernetes/policy/templates/policy-deployment-configmap.yaml rename to kubernetes/policy/charts/drools/templates/configmap.yaml index 9998b2c320..36f458f5a4 100644 --- a/kubernetes/policy/templates/policy-deployment-configmap.yaml +++ b/kubernetes/policy/charts/drools/templates/configmap.yaml @@ -12,30 +12,35 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if not .Values.disablePolicyDrools }} apiVersion: v1 kind: ConfigMap metadata: - name: policy-dep-drools-settings-configmap - namespace: {{ .Values.nsPrefix }} + name: {{ include "common.fullname" . }}-settings-configmap + namespace: {{ include "common.namespace" . }} data: {{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }} -#{{ end }} --- -#{{ if not .Values.disablePolicyPdp }} apiVersion: v1 kind: ConfigMap metadata: - name: policy-dep-pe-configmap - namespace: {{ .Values.nsPrefix }} + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/opt/policy/config/pe/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} --- apiVersion: v1 kind: ConfigMap metadata: - name: policy-dep-drools-configmap - namespace: {{ .Values.nsPrefix }} + name: {{ include "common.fullname" . }}-script-configmap + namespace: {{ include "common.namespace" . }} data: -{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }} -#{{ end }} +{{ tpl (.Files.Glob "resources/scripts/do-start.sh*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/charts/drools/templates/deployment.yaml b/kubernetes/policy/charts/drools/templates/deployment.yaml new file mode 100644 index 0000000000..349f88245e --- /dev/null +++ b/kubernetes/policy/charts/drools/templates/deployment.yaml @@ -0,0 +1,180 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + - --container-name + - {{ .Values.global.nexus.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + hostAliases: + - ip: "{{ .Values.aaiServiceClusterIp }}" + hostnames: + - "aai.api.simpledemo.openecomp.org" + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + - containerPort: {{ .Values.service.externalPort2 }} + command: + - /bin/bash + - -c + - ./do-start.sh + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: REPLICAS + value: "{{ .Values.replicaCount }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config/policy-keystore + name: drools-secret + subPath: policy-keystore + - mountPath: /tmp/policy-install/config/feature-healthcheck.conf + name: drools-secret + subPath: feature-healthcheck.conf + - mountPath: /tmp/policy-install/config/base.conf + name: drools-config + subPath: base.conf + - mountPath: /tmp/policy-install/config/policy-management.conf + name: drools-config + subPath: policy-management.conf + - mountPath: /tmp/policy-install/config/drools-tweaks.sh + name: drools-config + subPath: drools-tweaks.sh + - mountPath: /usr/share/maven/conf/settings.xml + name: drools-settingsxml + subPath: settings.xml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /tmp/logback.xml + name: policy-logback + subPath: logback.xml + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.loggingImage }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /usr/share/filebeat/data + name: policy-data-filebeat + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-filebeat-configmap + - name: policy-logs + emptyDir: {} + - name: policy-data-filebeat + emptyDir: {} + - name: policy-logback + configMap: + name: {{ include "common.fullname" . }}-log-configmap + - name: drools-settingsxml + configMap: + name: {{ include "common.fullname" . }}-settings-configmap + - name: drools-config + configMap: + name: {{ include "common.fullname" . }}-configmap + items: + - key: base.conf + path: base.conf + mode: 0755 + - key: policy-management.conf + path: policy-management.conf + mode: 0755 + - key: drools-tweaks.sh + path: drools-tweaks.sh + mode: 0755 + - name: drools-secret + secret: + secretName: {{ include "common.fullname" . }}-secret + items: + - key: policy-keystore + path: policy-keystore + mode: 0644 + - key: feature-healthcheck.conf + path: feature-healthcheck.conf + mode: 0644 + - name: pe-scripts + configMap: + name: {{ include "common.fullname" . }}-script-configmap + defaultMode: 0777 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml similarity index 72% rename from kubernetes/policy/templates/policy-deployment-secret.yaml rename to kubernetes/policy/charts/drools/templates/secrets.yaml index 59bfa11df2..18f5f16c4d 100644 --- a/kubernetes/policy/templates/policy-deployment-secret.yaml +++ b/kubernetes/policy/charts/drools/templates/secrets.yaml @@ -12,13 +12,16 @@ # See the License for the specific language governing permissions and # limitations under the License. -#{{ if not .Values.disablePolicyDrools }} apiVersion: v1 kind: Secret metadata: - name: policy-dep-drools-secret - namespace: {{ .Values.nsPrefix }} -type: Opaque + name: {{ include "common.fullname" . }}-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} data: {{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }} -#{{ end }} +type: Opaque diff --git a/kubernetes/policy/charts/drools/templates/service.yaml b/kubernetes/policy/charts/drools/templates/service.yaml new file mode 100644 index 0000000000..4335f7cc79 --- /dev/null +++ b/kubernetes/policy/charts/drools/templates/service.yaml @@ -0,0 +1,42 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort }} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }} + {{- else -}} + - port: {{ .Values.service.type.externalPort }} + targetPort: {{ .Values.service.type.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml new file mode 100644 index 0000000000..14ebe31be2 --- /dev/null +++ b/kubernetes/policy/charts/drools/values.yaml @@ -0,0 +1,91 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuImage: ubuntu:16.04 +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-drools:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +aaiServiceClusterIp: 10.43.255.254 +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: false + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: drools + externalPort: 6969 + nodePort: 17 + externalPort2: 9696 + nodePort2: 21 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/mariadb/Chart.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml new file mode 100644 index 0000000000..c420e67379 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy MariaDB Service +name: mariadb +version: 2.0.0 diff --git a/kubernetes/policy/charts/mariadb/requirements.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/charts/mariadb/resources/config/db.sh new file mode 100644 index 0000000000..ead656ef0e --- /dev/null +++ b/kubernetes/policy/charts/mariadb/resources/config/db.sh @@ -0,0 +1,23 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash -xv + +for db in support onap_sdk log +do + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};" + mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;" +done + +mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;" diff --git a/kubernetes/policy/charts/mariadb/templates/NOTES.txt b/kubernetes/policy/charts/mariadb/templates/NOTES.txt new file mode 100644 index 0000000000..57947a65da --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/mariadb/templates/configmap.yaml b/kubernetes/policy/charts/mariadb/templates/configmap.yaml new file mode 100644 index 0000000000..a819196a1d --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/configmap.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/mariadb/templates/deployment.yaml b/kubernetes/policy/charts/mariadb/templates/deployment.yaml new file mode 100644 index 0000000000..65eb02cd6e --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/deployment.yaml @@ -0,0 +1,100 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + containers: + - name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.internalPort }} + # disable liveness probe when breakpoints set in debugger + # so K8s doesn't restart unresponsive container + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.internalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: MYSQL_ROOT_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-secret + key: db-root-password + - name: MYSQL_USER + value: policy_user + - name: MYSQL_PASSWORD + valueFrom: + secretKeyRef: + name: {{ template "common.fullname" . }}-secret + key: db-user-password + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /docker-entrypoint-initdb.d + name: mariadb-conf + - mountPath: /var/lib/mysql + name: mariadb-data + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: mariadb-conf + configMap: + name: {{ include "common.fullname" . }}-configmap + defaultMode: 0755 + - name: mariadb-data + {{- if .Values.persistence.enabled }} + persistentVolumeClaim: + claimName: {{ include "common.fullname" . }} + {{- else }} + emptyDir: {} + {{- end }} + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/mariadb/templates/pv.yaml b/kubernetes/policy/charts/mariadb/templates/pv.yaml new file mode 100644 index 0000000000..da117f4919 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/pv.yaml @@ -0,0 +1,37 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolume +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" + name: {{ include "common.fullname" . }} +spec: + capacity: + storage: {{ .Values.persistence.size }} + accessModes: + - {{ .Values.persistence.accessMode }} + persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }} + hostPath: + path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }} +{{- end -}} diff --git a/kubernetes/policy/charts/mariadb/templates/pvc.yaml b/kubernetes/policy/charts/mariadb/templates/pvc.yaml new file mode 100644 index 0000000000..e27c3311e9 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/pvc.yaml @@ -0,0 +1,48 @@ +{{/* +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +*/}} + +{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}} +kind: PersistentVolumeClaim +apiVersion: v1 +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: "{{ .Chart.Name }}-{{ .Chart.Version }}" + release: "{{ .Release.Name }}" + heritage: "{{ .Release.Service }}" +{{- if .Values.persistence.annotations }} + annotations: +{{ toYaml .Values.persistence.annotations | indent 4 }} +{{- end }} +spec: + selector: + matchLabels: + name: {{ include "common.fullname" . }} + accessModes: + - {{ .Values.persistence.accessMode }} + resources: + requests: + storage: {{ .Values.persistence.size }} +{{- if .Values.persistence.storageClass }} +{{- if (eq "-" .Values.persistence.storageClass) }} + storageClassName: "" +{{- else }} + storageClassName: "{{ .Values.persistence.storageClass }}" +{{- end }} +{{- end }} +{{- end -}} diff --git a/kubernetes/policy/charts/mariadb/templates/secrets.yaml b/kubernetes/policy/charts/mariadb/templates/secrets.yaml new file mode 100644 index 0000000000..9f0c1788e4 --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/secrets.yaml @@ -0,0 +1,29 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Secret +metadata: + name: {{ include "common.fullname" . }}-secret + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +type: Opaque +data: + db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }} + db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }} + diff --git a/kubernetes/policy/charts/mariadb/templates/service.yaml b/kubernetes/policy/charts/mariadb/templates/service.yaml new file mode 100644 index 0000000000..5447d91e0e --- /dev/null +++ b/kubernetes/policy/charts/mariadb/templates/service.yaml @@ -0,0 +1,32 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + ports: + - port: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + clusterIP: None diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml new file mode 100644 index 0000000000..23970cfb8b --- /dev/null +++ b/kubernetes/policy/charts/mariadb/values.yaml @@ -0,0 +1,76 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + persistence: {} + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: mariadb:10.0.34 +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + mysqlRootPassword: secret + mysqlUserName: policy_user + mysqlPassword: policy_user +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +## Persist data to a persitent volume +persistence: + enabled: true + volumeReclaimPolicy: Retain + accessMode: ReadWriteMany + size: 2Gi + mountPath: /dockerdata-nfs + mountSubPath: mariadb/data + +service: + type: ClusterIP + name: mariadb + internalPort: 3306 + +ingress: + enabled: false + +resources: {} diff --git a/kubernetes/policy/charts/pdp/Chart.yaml b/kubernetes/policy/charts/pdp/Chart.yaml new file mode 100644 index 0000000000..09a65ead9d --- /dev/null +++ b/kubernetes/policy/charts/pdp/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy PDP +name: pdp +version: 2.0.0 diff --git a/kubernetes/policy/charts/pdp/requirements.yaml b/kubernetes/policy/charts/pdp/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/pdp/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml similarity index 86% rename from kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml rename to kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml index c9c05d922d..daa4112e51 100644 --- a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml +++ b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml @@ -1,153 +1,150 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - ${pattern} - - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${errorLogName}.log - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - INFO - - - - ${queueSize} - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - true - - - - - - - - - - - - - - - - - - - - \ No newline at end of file + + + + + + + + + + + + + + + + + + + + + + + + + + + ${pattern} + + + + + + + + + ${logDirectory}/${auditLogName}.log + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + + + ${logDirectory}/${metricsLogName}.log + + ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + + ${pattern} + + + + ${queueSize} + + + + ${logDirectory}/${errorLogName}.log + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + INFO + + + + ${queueSize} + + + + ${logDirectory}/${debugLogName}.log + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + true + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh new file mode 100644 index 0000000000..6060fe9b6f --- /dev/null +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh @@ -0,0 +1,16 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#! /bin/bash + diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf old mode 100755 new mode 100644 similarity index 60% rename from kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf rename to kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf index c3af2238f0..9dae9f2552 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # pdp component installation configuration parameters # tomcat specific parameters @@ -13,10 +27,10 @@ TOMCAT_X_MX_MB=1024 # pdp properties -UEB_CLUSTER=dmaap.{{.Values.nsPrefix}} +UEB_CLUSTER=dmaap -REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ -REST_PDP_ID=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ +REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/ +REST_PDP_ID=http://{{ include "common.fullname" . }}:8081/pdp/ REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps REST_PDP_REGISTER=true diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf new file mode 100644 index 0000000000..141eb28acd --- /dev/null +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# JVM specific parameters +LOGPARSER_JMX_PORT=9997 +LOGPARSER_X_MS_MB=1024 +LOGPARSER_X_MX_MB=1024 + +SERVER=http://{{ include "common.fullname" . }}:8081/pdp/ +LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log +PARSERLOGPATH=IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=pdplp_1 diff --git a/kubernetes/policy/charts/pdp/templates/NOTES.txt b/kubernetes/policy/charts/pdp/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/pdp/templates/configmap.yaml b/kubernetes/policy/charts/pdp/templates/configmap.yaml new file mode 100644 index 0000000000..76a4c0fdd4 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/configmap.yaml @@ -0,0 +1,29 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/pdp/templates/service.yaml b/kubernetes/policy/charts/pdp/templates/service.yaml new file mode 100644 index 0000000000..aed3fd1ae9 --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/service.yaml @@ -0,0 +1,52 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} + annotations: + msb.onap.org/service-info: '[ + { + "serviceName": "{{ include "common.fullname" . }}", + "version": "v1", + "url": "/pdp", + "protocol": "REST", + "port": "8081", + "visualRange":"1" + }, + ]' +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + sessionAffinity: None + diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml new file mode 100644 index 0000000000..367cde49bd --- /dev/null +++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml @@ -0,0 +1,143 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: apps/v1beta1 +kind: StatefulSet +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + serviceName: {{ include "common.fullname" . }} + replicas: {{ .Values.replicaCount }} + selector: + matchLabels: + app: {{ include "common.name" . }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.pap.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + containers: + - command: + - /bin/bash + - ./do-start.sh + - pdp + name: {{ include "common.name" . }} + image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{- end }} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config/base.conf + name: pe + subPath: base.conf + - mountPath: /tmp/policy-install/config/ + name: pe-pdp + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /tmp/logback.xml + name: policy-logback + subPath: logback.xml + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /usr/share/filebeat/data + name: policy-data-filebeat + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-filebeat-configmap + - name: policy-logs + emptyDir: {} + - name: policy-data-filebeat + emptyDir: {} + - name: policy-logback + configMap: + name: {{ include "common.fullname" . }}-log-configmap + - name: pe + configMap: + name: {{ .Release.Name }}-pe-configmap + defaultMode: 0755 + - name: pe-scripts + configMap: + name: {{ .Release.Name }}-pe-scripts-configmap + defaultMode: 0777 + - name: pe-pdp + configMap: + name: {{ include "common.fullname" . }}-pe-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml new file mode 100644 index 0000000000..c2b7580347 --- /dev/null +++ b/kubernetes/policy/charts/pdp/values.yaml @@ -0,0 +1,90 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.1.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pe:1.2-SNAPSHOT-latest +pullPolicy: Always + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: {} +# username: myusername +# password: mypassword + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: pdp + externalPort: 8081 + #Example internal target port if required + #internalPort: <80> + nodePort: 20 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/charts/policy-common/Chart.yaml b/kubernetes/policy/charts/policy-common/Chart.yaml new file mode 100644 index 0000000000..f853be0bc8 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/Chart.yaml @@ -0,0 +1,18 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +description: Policy Common +name: policy-common +version: 2.0.0 diff --git a/kubernetes/policy/charts/policy-common/requirements.yaml b/kubernetes/policy/charts/policy-common/requirements.yaml new file mode 100644 index 0000000000..f639633537 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml similarity index 100% rename from kubernetes/policy/resources/config/log/filebeat/filebeat.yml rename to kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf new file mode 100644 index 0000000000..885a114a97 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -0,0 +1,38 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 +POLICY_HOME=/opt/app/policy +KEYSTORE_PASSWD=PolicyR0ck$ + +JDBC_DRIVER=org.mariadb.jdbc.Driver +JDBC_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true +JDBC_LOG_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/log?failOverReadOnly=false&autoReconnect=true +JDBC_USER=policy_user +JDBC_PASSWORD=policy_user + +site_name=site_1 +fp_monitor_interval=30 +failed_counter_threshold=3 +test_trans_interval=20 +write_fpc_interval=5 +max_fpc_update_interval=60 +test_via_jmx=false +jmx_fqdn= + +ENVIRONMENT=TEST + +#Micro Service Model Properties +policy_msOnapName= +policy_msPolicyName= diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh new file mode 100644 index 0000000000..35842e4859 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh @@ -0,0 +1,92 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#!/bin/bash + +# Script to configure and start the Policy components that are to run in the designated container, +# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the +# script just goes into a long sleep so that the script does not exit (which would cause the +# container to be torn down). + +container=$1 + +case $container in +pap) + comps="base pap paplp console mysql elk" + ;; +pdp) + comps="base pdp pdplp" + ;; +brmsgw) + comps="base brmsgw" + ;; +*) + echo "Usage: do-start.sh pap|pdp|brmsgw" >&2 + exit 1 +esac + + +# skip installation if build.info file is present (restarting an existing container) +if [[ -f /opt/app/policy/etc/build.info ]]; then + echo "Found existing installation, will not reinstall" + . /opt/app/policy/etc/profile.d/env.sh + +else + if [[ -d config ]]; then + cp config/*.conf . + fi + + for comp in $comps; do + echo "Installing component: $comp" + ./docker-install.sh --install $comp + done + for comp in $comps; do + echo "Configuring component: $comp" + ./docker-install.sh --configure $comp + done + + . /opt/app/policy/etc/profile.d/env.sh + + # install keystore + #changed to use http instead of http, so keystore no longer needed + #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore + + if [[ -f config/$container-tweaks.sh ]] ; then + # file may not be executable; running it as an + # argument to bash avoids needing execute perms. + bash config/$container-tweaks.sh + fi + + if [[ $container == pap ]]; then + # wait for DB up + # now that DB is up, invoke database upgrade + # (which does nothing if the db is already up-to-date) + dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=)) + dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=)) + db_upgrade_remote.sh $dbuser $dbpw {{.Release.Name}}-{{.Values.global.mariadb.nameOverride}} + fi + +fi + +policy.sh start + +# on pap, wait for pap, pdp, brmsgw, nexus and drools up, +# then push the initial default policies +if [[ $container == pap ]]; then + # wait addional 1 minute for all processes to get fully initialized and synched up + sleep 60 + bash -xv config/push-policies.sh +fi + +sleep 1000d diff --git a/kubernetes/policy/charts/policy-common/templates/NOTES.txt b/kubernetes/policy/charts/policy-common/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/charts/policy-common/templates/configmap.yaml b/kubernetes/policy/charts/policy-common/templates/configmap.yaml new file mode 100644 index 0000000000..23311c66f5 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/templates/configmap.yaml @@ -0,0 +1,37 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-pe-scripts-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/scripts/do-start.sh").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ .Release.Name }}-filebeat-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }} diff --git a/kubernetes/policy/charts/policy-common/values.yaml b/kubernetes/policy/charts/policy-common/values.yaml new file mode 100644 index 0000000000..8ac609d264 --- /dev/null +++ b/kubernetes/policy/charts/policy-common/values.yaml @@ -0,0 +1,82 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: +config: + logstashServiceName: log-ls + logstashPort: 5044 + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: + externalPort: <8080> + #Example internal target port if required + #internalPort: <80> + nodePort: + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml new file mode 100644 index 0000000000..2bf0d7b9e5 --- /dev/null +++ b/kubernetes/policy/requirements.yaml @@ -0,0 +1,21 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +dependencies: + - name: common + version: ~2.0.0 + # local reference to common chart, as it is + # a part of this chart's package and will not + # be published independently to a repo (at this point) + repository: '@local' diff --git a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml index d0871bdb4a..bcc6b167fc 100644 --- a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml +++ b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml @@ -1,190 +1,186 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ${pattern} - - - - - - - - ${logDirectory}/${generalLogName}.log - - - ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - - ${queueSize} - - true - - - - - ${logDirectory}/${auditLogName}.log - - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${metricsLogName}.log - - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${errorLogName}.log - - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - INFO - - - - ${queueSize} - - - - ${logDirectory}/${debugLogName}.log - - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - true - - - - - - - - - - - - - - - - - - - - \ No newline at end of file + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ${pattern} + + + + + + + + ${logDirectory}/${generalLogName}.log + + + ${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + + ${queueSize} + + true + + + + + ${logDirectory}/${auditLogName}.log + + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + + + ${logDirectory}/${metricsLogName}.log + + + ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + + + ${logDirectory}/${errorLogName}.log + + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + INFO + + + + ${queueSize} + + + + ${logDirectory}/${debugLogName}.log + + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + true + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml deleted file mode 100644 index c4b596b6d5..0000000000 --- a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml +++ /dev/null @@ -1,154 +0,0 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - ${pattern} - - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${errorLogName}.log - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - INFO - - - - ${queueSize} - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - true - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file diff --git a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml index 77068bb9aa..9401e54861 100644 --- a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml +++ b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml @@ -1,153 +1,150 @@ - - - - - - - - - - - - - - - - - - - - - - - - - - ${pattern} - - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${errorLogName}.log - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - INFO - - - - ${queueSize} - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - true - - - - - - - - - - - - - - - - - - - - \ No newline at end of file + + + + + + + + + + + + + + + + + + + + + + + + + + + ${pattern} + + + + + + + + + ${logDirectory}/${auditLogName}.log + + ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + + + ${logDirectory}/${metricsLogName}.log + + ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + + ${pattern} + + + + ${queueSize} + + + + ${logDirectory}/${errorLogName}.log + + ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + INFO + + + + ${queueSize} + + + + ${logDirectory}/${debugLogName}.log + + ${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log + + ${maxFileSize} + + ${maxHistory} + ${totalSizeCap} + + + ${pattern} + + + + ${queueSize} + + true + + + + + + + + + + + + + + + + + + + + diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf deleted file mode 100644 index 31baed21e3..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf +++ /dev/null @@ -1,2 +0,0 @@ -HEALTHCHECK_USER=healthcheck -HEALTHCHECK_PASSWORD=zb!XztG34 diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf deleted file mode 100755 index 843b832ea7..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf +++ /dev/null @@ -1,5 +0,0 @@ -CONTROLLER_ARTIFACT_ID=policy-management -CONTROLLER_NAME=policy-management-controller -CONTROLLER_PORT=9696 -RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT -UEB_TOPIC=policyengine-develop diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf deleted file mode 100755 index 291743157b..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf +++ /dev/null @@ -1,24 +0,0 @@ -JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 -POLICY_HOME=/opt/app/policy -KEYSTORE_PASSWD=PolicyR0ck$ - -JDBC_DRIVER=org.mariadb.jdbc.Driver -JDBC_URL=jdbc:mariadb://mariadb.{{.Values.nsPrefix}}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true -JDBC_LOG_URL=jdbc:mariadb://mariadb.{{.Values.nsPrefix}}:3306/log?failOverReadOnly=false&autoReconnect=true -JDBC_USER=policy_user -JDBC_PASSWORD=policy_user - -site_name=site_1 -fp_monitor_interval=30 -failed_counter_threshold=3 -test_trans_interval=20 -write_fpc_interval=5 -max_fpc_update_interval=60 -test_via_jmx=false -jmx_fqdn= - -ENVIRONMENT=TEST - -#Micro Service Model Properties -policy_msOnapName= -policy_msPolicyName= diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf deleted file mode 100644 index 938954ce63..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf +++ /dev/null @@ -1,3 +0,0 @@ -# elasticsearch - -ELK_JMX_PORT=9995 \ No newline at end of file diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf deleted file mode 100755 index 28b9e3ca33..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf +++ /dev/null @@ -1,5 +0,0 @@ -# mysql scripts component installation configuration parameters - -# Path to mysql bin -MYSQL_BIN=/usr/local/mysql/bin - diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh deleted file mode 100755 index 36ac3689b1..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh +++ /dev/null @@ -1 +0,0 @@ -#! /bin/bash diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf deleted file mode 100755 index 22ca8492b2..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf +++ /dev/null @@ -1,12 +0,0 @@ -# JVM specific parameters -LOGPARSER_JMX_PORT=9996 -LOGPARSER_X_MS_MB=1024 -LOGPARSER_X_MX_MB=1024 - -SERVER=http://pap.{{.Values.nsPrefix}}:9091/pap/ -LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log -PARSERLOGPATH=IntegrityMonitor.log - -node_type=logparser -# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase -resource_name=paplp_1 diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh deleted file mode 100755 index f68253635a..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh +++ /dev/null @@ -1,2 +0,0 @@ -#! /bin/bash - diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf deleted file mode 100755 index 0e58cebbc6..0000000000 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf +++ /dev/null @@ -1,12 +0,0 @@ -# JVM specific parameters -LOGPARSER_JMX_PORT=9997 -LOGPARSER_X_MS_MB=1024 -LOGPARSER_X_MX_MB=1024 - -SERVER=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ -LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log -PARSERLOGPATH=IntegrityMonitor.log - -node_type=logparser -# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase -resource_name=pdplp_1 diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf old mode 100755 new mode 100644 similarity index 77% rename from kubernetes/policy/resources/config/opt/policy/config/pe/console.conf rename to kubernetes/policy/resources/config/pe/console.conf index 3ff708655c..3ed6ed439c --- a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf +++ b/kubernetes/policy/resources/config/pe/console.conf @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # configs component installation configuration parameters # tomcat specific parameters @@ -77,7 +91,7 @@ REFRESH_RATE=40000 # -REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ +REST_PAP_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/pap/ # # Config/Action Properties location. @@ -85,7 +99,7 @@ REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ REST_CONFIG_HOME=/opt/app/policy/servers/pap/webapps/Config/ REST_ACTION_HOME=/opt/app/policy/servers/pap/webapps/Action/ -REST_CONFIG_URL=http://pap.{{.Values.nsPrefix}}:9091/ +REST_CONFIG_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/ REST_CONFIG_WEBAPPS=/opt/app/policy/servers/pap/webapps/ # PAP account information @@ -121,12 +135,12 @@ onap_application_name= #-----------------------ONAP-PORTAL-Properties---------------------- -ONAP_REDIRECT_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/login.htm -ONAP_REST_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/auxapi +ONAP_REDIRECT_URL=http://portalapps:8989/ONAPPORTAL/login.htm +ONAP_REST_URL=http://portalapps:8989/ONAPPORTAL/auxapi ONAP_UEB_URL_LIST= ONAP_PORTAL_INBOX_NAME= ONAP_UEB_APP_KEY= ONAP_UEB_APP_SECRET= ONAP_UEB_APP_MAILBOX_NAME= APP_DISPLAY_NAME=ONAP Policy -ONAP_SHARED_CONTEXT_REST_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/context +ONAP_SHARED_CONTEXT_REST_URL=http://portalapps:8989/ONAPPORTAL/context diff --git a/kubernetes/policy/resources/config/pe/elk.conf b/kubernetes/policy/resources/config/pe/elk.conf new file mode 100644 index 0000000000..2750bff702 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/elk.conf @@ -0,0 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# elasticsearch + +ELK_JMX_PORT=9995 diff --git a/kubernetes/policy/resources/config/pe/mysql.conf b/kubernetes/policy/resources/config/pe/mysql.conf new file mode 100644 index 0000000000..d4f83d414e --- /dev/null +++ b/kubernetes/policy/resources/config/pe/mysql.conf @@ -0,0 +1,19 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# mysql scripts component installation configuration parameters + +# Path to mysql bin +MYSQL_BIN=/usr/local/mysql/bin + diff --git a/kubernetes/policy/resources/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/pe/pap-tweaks.sh new file mode 100644 index 0000000000..1930b98f77 --- /dev/null +++ b/kubernetes/policy/resources/config/pe/pap-tweaks.sh @@ -0,0 +1,15 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +#! /bin/bash diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf old mode 100755 new mode 100644 similarity index 63% rename from kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf rename to kubernetes/policy/resources/config/pe/pap.conf index 3f892c9f5a..28c2da1a14 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf +++ b/kubernetes/policy/resources/config/pe/pap.conf @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + # pap component installation configuration parameters # tomcat specific parameters @@ -14,7 +28,7 @@ TOMCAT_X_MX_MB=1024 # pap properties PAP_PDPS=/opt/app/policy/servers/pap/bin/pdps -PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/ +PAP_URL=http://{{ include "common.fullname" . }}:9091/pap/ PAP_INITIATE_PDP=true PAP_HEARTBEAT_INTERVAL=10000 @@ -26,7 +40,7 @@ REST_ADMIN_WORKSPACE=workspace # PDP related properties -PAP_PDP_URL=http://pdp.{{.Values.nsPrefix}}:8081/pdp/ +PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/ PAP_PDP_HTTP_USER_ID=testpdp PAP_PDP_HTTP_PASSWORD=alpha123 diff --git a/kubernetes/policy/resources/config/pe/paplp.conf b/kubernetes/policy/resources/config/pe/paplp.conf new file mode 100644 index 0000000000..7124fde01a --- /dev/null +++ b/kubernetes/policy/resources/config/pe/paplp.conf @@ -0,0 +1,26 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +# JVM specific parameters +LOGPARSER_JMX_PORT=9996 +LOGPARSER_X_MS_MB=1024 +LOGPARSER_X_MX_MB=1024 + +SERVER=http://{{ include "common.fullname" . }}:9091/pap/ +LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log +PARSERLOGPATH=IntegrityMonitor.log + +node_type=logparser +# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase +resource_name=paplp_1 diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh old mode 100755 new mode 100644 similarity index 88% rename from kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh rename to kubernetes/policy/resources/config/pe/push-policies.sh index b9242cee78..5e0172bce9 --- a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh +++ b/kubernetes/policy/resources/config/pe/push-policies.sh @@ -1,3 +1,17 @@ +# Copyright © 2017 Amdocs, Bell Canada, AT&T +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + #! /bin/bash # forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM @@ -12,7 +26,7 @@ wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-application sleep 2 -curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/policyEngineImport' +curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/policyEngineImport' echo "PRELOAD_POLICIES is $PRELOAD_POLICIES" @@ -42,7 +56,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -62,7 +76,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -82,7 +96,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -102,7 +116,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' #########################################Create Micro Service Config policies########################################## @@ -116,7 +130,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyConfigType": "MicroService", "policyName": "com.MicroServicevFirewall", "onapName": "DCAE" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -127,7 +141,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyConfigType": "MicroService", "policyName": "com.MicroServicevDNS", "onapName": "DCAE" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' sleep 2 @@ -138,7 +152,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "policyConfigType": "MicroService", "policyName": "com.MicroServicevCPE", "onapName": "DCAE" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' #########################################Creating Decision Guard policy######################################### @@ -165,7 +179,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "guardActiveEnd": "00:00:00-05:00" } } -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy' #########################################Push Decision policy######################################### @@ -176,7 +190,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.AllPermitGuard", "policyType": "DECISION" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' #########################################Pushing BRMS Param policies########################################## @@ -189,7 +203,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamvFirewall", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 2 @@ -198,7 +212,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamvDNS", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 2 @@ -207,7 +221,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamVOLTE", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 2 @@ -216,7 +230,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.BRMSParamvCPE", "policyType": "BRMS_Param" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' #########################################Pushing MicroService Config policies########################################## @@ -229,7 +243,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.MicroServicevFirewall", "policyType": "MicroService" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 10 @@ -238,7 +252,7 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.MicroServicevDNS", "policyType": "MicroService" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' sleep 10 @@ -247,4 +261,4 @@ curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Acce "pdpGroup": "default", "policyName": "com.MicroServicevCPE", "policyType": "MicroService" -}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' +}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' diff --git a/kubernetes/policy/templates/NOTES.txt b/kubernetes/policy/templates/NOTES.txt new file mode 100644 index 0000000000..91d8ed42f1 --- /dev/null +++ b/kubernetes/policy/templates/NOTES.txt @@ -0,0 +1,19 @@ +1. Get the application URL by running these commands: +{{- if .Values.ingress.enabled }} +{{- range .Values.ingress.hosts }} + http://{{ . }} +{{- end }} +{{- else if contains "NodePort" .Values.service.type }} + export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }}) + export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}") + echo http://$NODE_IP:$NODE_PORT +{{- else if contains "LoadBalancer" .Values.service.type }} + NOTE: It may take a few minutes for the LoadBalancer IP to be available. + You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}' + export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}') + echo http://$SERVICE_IP:{{ .Values.service.externalPort }} +{{- else if contains "ClusterIP" .Values.service.type }} + export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") + echo "Visit http://127.0.0.1:8080 to use your application" + kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }} +{{- end }} diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml deleted file mode 100644 index f8e435b1bc..0000000000 --- a/kubernetes/policy/templates/all-services.yaml +++ /dev/null @@ -1,145 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyMariadb }} -apiVersion: v1 -kind: Service -metadata: - name: mariadb - namespace: "{{ .Values.nsPrefix }}" - labels: - app: mariadb -spec: - ports: - - name: 3306-port - port: 3306 - selector: - app: mariadb - clusterIP: None -#{{ end }} -#{{ if not .Values.disablePolicyNexus }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: nexus - name: nexus - namespace: "{{ .Values.nsPrefix }}" -spec: - ports: - - name: nexus-port - port: 8081 - selector: - app: nexus - clusterIP: None -#{{ end }} -#{{ if not .Values.disablePolicyDrools }} ---- -apiVersion: v1 -kind: Service -metadata: - labels: - app: drools - name: drools - namespace: "{{ .Values.nsPrefix }}" -spec: - ports: - - name: "drools-port" - port: 6969 - nodePort: {{ .Values.nodePortPrefix }}17 - - name: "drools-port2" - port: 9696 - nodePort: {{ .Values.nodePortPrefix }}21 - selector: - app: drools - type: NodePort -#{{ end }} -#{{ if not .Values.disablePolicyPap }} ---- -apiVersion: v1 -kind: Service -metadata: - name: pap - namespace: "{{ .Values.nsPrefix }}" - labels: - app: pap -spec: - ports: - - name: 8443-port - port: 8443 - nodePort: {{ .Values.nodePortPrefix }}19 - - name: 9091-port - port: 9091 - nodePort: {{ .Values.nodePortPrefix }}18 - selector: - app: pap - type: NodePort -#{{ end }} -#{{ if not .Values.disablePolicyPdp }} ---- -apiVersion: v1 -kind: Service -metadata: - name: pdp - namespace: "{{ .Values.nsPrefix }}" - labels: - app: pdp - annotations: - msb.onap.org/service-info: '[ - { - "serviceName": "policy-pdp", - "version": "v1", - "url": "/pdp", - "protocol": "REST", - "port": "8081", - "visualRange":"1" - }, - { - "serviceName": "policy-pdp-deprecated", - "version": "v1", - "url": "/pdp", - "protocol": "REST", - "port": "8081", - "visualRange":"1", - "path":"/pdp" - } - ]' -spec: - ports: - - name: 8081-port - port: 8081 - nodePort: {{ .Values.nodePortPrefix }}20 - selector: - app: pdp - type: NodePort -#{{ end }} -#{{ if not .Values.disablePolicyBrmsgw }} ---- -apiVersion: v1 -kind: Service -metadata: - name: brmsgw - namespace: "{{ .Values.nsPrefix }}" - labels: - app: brmsgw -spec: - ports: - - name: 9989-port - port: 9989 - nodePort: {{ .Values.nodePortPrefix }}16 - selector: - app: brmsgw - type: NodePort -#{{ end }} diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml new file mode 100644 index 0000000000..3a9564a04b --- /dev/null +++ b/kubernetes/policy/templates/configmap.yaml @@ -0,0 +1,38 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/xacml-pap-rest/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-sdk-log-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/log/ep_sdk_app/logback.xml").AsConfig . | indent 2 }} +--- +apiVersion: v1 +kind: ConfigMap +metadata: + name: {{ include "common.fullname" . }}-pe-configmap + namespace: {{ include "common.namespace" . }} +data: +{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }} + diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml deleted file mode 100644 index 54b5565617..0000000000 --- a/kubernetes/policy/templates/dep-brmsgw.yaml +++ /dev/null @@ -1,71 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyBrmsgw }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-brmsgw - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.brmsgwReplicas }} - selector: - matchLabels: - app: brmsgw - template: - metadata: - labels: - app: brmsgw - name: policy-brmsgw - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - pap - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: brmsgw-readiness - containers: - - command: - - /bin/bash - - ./do-start.sh - - brmsgw - image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion}}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: brmsgw - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config - name: pe - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: pe - configMap: - name: policy-dep-pe-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml deleted file mode 100644 index ec0413aac5..0000000000 --- a/kubernetes/policy/templates/dep-drools.yaml +++ /dev/null @@ -1,152 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyDrools }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-drools - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.droolsReplicas }} - selector: - matchLabels: - app: drools - template: - metadata: - labels: - app: drools - name: policy-drools - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - mariadb - - --container-name - - nexus - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: drools-readiness - hostAliases: - - ip: "{{ .Values.aaiServiceClusterIp }}" - hostnames: - - "aai.api.simpledemo.openecomp.org" - containers: - - command: - - /bin/bash - - -c - - ./do-start.sh - image: "{{ .Values.image.policyDrools }}:{{ .Values.image.policyDroolsVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: drools - ports: - - containerPort: 6969 - readinessProbe: - tcpSocket: - port: 6969 - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config/policy-keystore - name: drools-secret - subPath: policy-keystore - - mountPath: /tmp/policy-install/config/feature-healthcheck.conf - name: drools-secret - subPath: feature-healthcheck.conf - - mountPath: /tmp/policy-install/config/base.conf - name: drools-config - subPath: base.conf - - mountPath: /tmp/policy-install/config/policy-management.conf - name: drools-config - subPath: policy-management.conf - - mountPath: /tmp/policy-install/config/drools-tweaks.sh - name: drools-config - subPath: drools-tweaks.sh - - mountPath: /usr/share/maven/conf/settings.xml - name: drools-settingsxml - subPath: settings.xml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.image.filebeat }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: policy-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: policy-drools-log-configmap - - name: drools-settingsxml - configMap: - name: policy-dep-drools-settings-configmap - - name: drools-config - configMap: - name: policy-dep-drools-configmap - items: - - key: base.conf - path: base.conf - mode: 0755 - - key: policy-management.conf - path: policy-management.conf - mode: 0755 - - key: drools-tweaks.sh - path: drools-tweaks.sh - mode: 0755 - - name: drools-secret - secret: - secretName: policy-dep-drools-secret - items: - - key: policy-keystore - path: policy-keystore - mode: 0644 - - key: feature-healthcheck.conf - path: feature-healthcheck.conf - mode: 0644 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-maria.yaml b/kubernetes/policy/templates/dep-maria.yaml deleted file mode 100644 index 302a052401..0000000000 --- a/kubernetes/policy/templates/dep-maria.yaml +++ /dev/null @@ -1,54 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyMariadb }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-mariadb - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.mariadbReplicas }} - selector: - matchLabels: - app: mariadb - template: - metadata: - labels: - app: mariadb - name: policy-mariadb - spec: - hostname: mariadb - containers: - - image: "{{ .Values.image.policyDb }}:{{ .Values.image.policyDbVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: mariadb - ports: - - containerPort: 3306 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - readinessProbe: - tcpSocket: - port: 3306 - initialDelaySeconds: 5 - periodSeconds: 10 - volumes: - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-nexus.yaml b/kubernetes/policy/templates/dep-nexus.yaml deleted file mode 100644 index de0aeb0f30..0000000000 --- a/kubernetes/policy/templates/dep-nexus.yaml +++ /dev/null @@ -1,61 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyNexus }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-nexus - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.nexusReplicas }} - selector: - matchLabels: - app: nexus - template: - metadata: - labels: - app: nexus - name: policy-nexus - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - mariadb - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: nexus-readiness - containers: - - image: "{{ .Values.image.policyNexus }}:{{ .Values.image.policyNexusVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: nexus - volumeMounts: - - name: localtime - mountPath: /etc/localtime - readOnly: true - volumes: - - name: localtime - hostPath: - path: /etc/localtime - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml deleted file mode 100644 index 5a0d0467eb..0000000000 --- a/kubernetes/policy/templates/dep-pap.yaml +++ /dev/null @@ -1,131 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyPap }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-pap - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.papReplicas }} - selector: - matchLabels: - app: pap - template: - metadata: - labels: - app: pap - name: policy-pap - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - mariadb - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pap-readiness - - command: ["/bin/bash", "-c", "echo $POD_IP > /config/ip_addr.txt"] - env: - - name: POD_IP - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: status.podIP - volumeMounts: - - mountPath: /config/ - name: pe - image: {{ .Values.image.ubuntu }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: generate-ip-addr-txt - containers: - - command: - - /bin/bash - - ./do-start.sh - - pap - image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pap - env: - - name: PRELOAD_POLICIES - value: "true" - ports: - - containerPort: 8443 - - containerPort: 9091 - readinessProbe: - tcpSocket: - port: 9091 - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config/ - name: pe - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/policy-install/logback.xml - name: policy-sdk-logback - subPath: logback.xml - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.image.filebeat }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: policy-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: policy-pap-log-configmap - - name: policy-sdk-logback - configMap: - name: policy-sdk-log-configmap - - name: pe - configMap: - name: policy-dep-pe-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml deleted file mode 100644 index 6b28ed0fdb..0000000000 --- a/kubernetes/policy/templates/dep-pdp.yaml +++ /dev/null @@ -1,108 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyPdp }} -apiVersion: extensions/v1beta1 -kind: Deployment -metadata: - name: policy-pdp - namespace: "{{ .Values.nsPrefix }}" -spec: - replicas: {{ .Values.pdpReplicas }} - selector: - matchLabels: - app: pdp - template: - metadata: - labels: - app: pdp - name: policy-pdp - spec: - initContainers: - - command: - - /root/ready.py - args: - - --container-name - - pap - env: - - name: NAMESPACE - valueFrom: - fieldRef: - apiVersion: v1 - fieldPath: metadata.namespace - image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pdp-readiness - containers: - - command: - - /bin/bash - - ./do-start.sh - - pdp - image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}" - imagePullPolicy: {{ .Values.pullPolicy }} - name: pdp - ports: - - containerPort: 8081 - readinessProbe: - tcpSocket: - port: 8081 - initialDelaySeconds: 5 - periodSeconds: 10 - volumeMounts: - - mountPath: /etc/localtime - name: localtime - readOnly: true - - mountPath: /tmp/policy-install/config - name: pe - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /tmp/logback.xml - name: policy-logback - subPath: logback.xml - lifecycle: - postStart: - exec: - command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] - - image: {{ .Values.image.filebeat }} - imagePullPolicy: {{ .Values.pullPolicy }} - name: filebeat-onap - volumeMounts: - - mountPath: /usr/share/filebeat/filebeat.yml - name: filebeat-conf - subPath: filebeat.yml - - mountPath: /var/log/onap - name: policy-logs - - mountPath: /usr/share/filebeat/data - name: policy-data-filebeat - volumes: - - name: localtime - hostPath: - path: /etc/localtime - - name: filebeat-conf - configMap: - name: policy-filebeat-configmap - - name: policy-logs - emptyDir: {} - - name: policy-data-filebeat - emptyDir: {} - - name: policy-logback - configMap: - name: policy-pdp-log-configmap - - name: pe - configMap: - name: policy-dep-pe-configmap - defaultMode: 0755 - imagePullSecrets: - - name: "{{ .Values.nsPrefix }}-docker-registry-key" -#{{ end }} diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml new file mode 100644 index 0000000000..88b3de35c0 --- /dev/null +++ b/kubernetes/policy/templates/deployment.yaml @@ -0,0 +1,162 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: extensions/v1beta1 +kind: Deployment +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + replicas: {{ .Values.replicaCount }} + template: + metadata: + labels: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} + spec: + initContainers: + - command: + - /root/ready.py + args: + - --container-name + - {{ .Values.global.mariadb.nameOverride }} + env: + - name: NAMESPACE + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: metadata.namespace + image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: {{ include "common.name" . }}-readiness + - command: ["/bin/bash", "-c", "echo $POD_IP > /config/ip_addr.txt"] + env: + - name: POD_IP + valueFrom: + fieldRef: + apiVersion: v1 + fieldPath: status.podIP + volumeMounts: + - mountPath: /config/ + name: pe + image: {{ .Values.global.ubuntuImage }} + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + name: generate-ip-addr-txt + containers: + - command: + - /bin/bash + - ./do-start.sh + - pap + name: {{ include "common.name" . }} + image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}" + imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }} + ports: + - containerPort: {{ .Values.service.externalPort }} + - containerPort: {{ .Values.service.externalPort2 }} + {{- if eq .Values.liveness.enabled true }} + livenessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }} + periodSeconds: {{ .Values.liveness.periodSeconds }} + {{ end -}} + readinessProbe: + tcpSocket: + port: {{ .Values.service.externalPort }} + initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }} + periodSeconds: {{ .Values.readiness.periodSeconds }} + env: + - name: PRELOAD_POLICIES + value: "{{ .Values.config.preloadPolicies }}" + volumeMounts: + - mountPath: /etc/localtime + name: localtime + readOnly: true + - mountPath: /tmp/policy-install/config/base.conf + name: pe + subPath: base.conf + - mountPath: /tmp/policy-install/config/ + name: pe-pap + - mountPath: /tmp/policy-install/do-start.sh + name: pe-scripts + subPath: do-start.sh + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /tmp/policy-install/logback.xml + name: policy-sdk-logback + subPath: logback.xml + - mountPath: /tmp/logback.xml + name: policy-logback + subPath: logback.xml + lifecycle: + postStart: + exec: + command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"] + - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.global.loggingImage | default .Values.loggingImage }}" + imagePullPolicy: {{ .Values.pullPolicy }} + name: filebeat-onap + volumeMounts: + - mountPath: /usr/share/filebeat/filebeat.yml + name: filebeat-conf + subPath: filebeat.yml + - mountPath: /var/log/onap + name: policy-logs + - mountPath: /usr/share/filebeat/data + name: policy-data-filebeat + resources: +{{ toYaml .Values.resources | indent 12 }} + {{- if .Values.nodeSelector }} + nodeSelector: +{{ toYaml .Values.nodeSelector | indent 10 }} + {{- end -}} + {{- if .Values.affinity }} + affinity: +{{ toYaml .Values.affinity | indent 10 }} + {{- end }} + volumes: + - name: localtime + hostPath: + path: /etc/localtime + - name: filebeat-conf + configMap: + name: {{ .Release.Name }}-filebeat-configmap + - name: policy-logs + emptyDir: {} + - name: policy-data-filebeat + emptyDir: {} + - name: policy-logback + configMap: + name: {{ include "common.fullname" . }}-log-configmap + - name: policy-sdk-logback + configMap: + name: {{ include "common.fullname" . }}-sdk-log-configmap + - name: pe + configMap: + name: {{ .Release.Name }}-pe-configmap + defaultMode: 0755 + - name: pe-scripts + configMap: + name: {{ .Release.Name }}-pe-scripts-configmap + defaultMode: 0777 + - name: pe-pap + configMap: + name: {{ include "common.fullname" . }}-pe-configmap + defaultMode: 0755 + imagePullSecrets: + - name: "{{ include "common.namespace" . }}-docker-registry-key" diff --git a/kubernetes/policy/templates/policy-log-configmap.yaml b/kubernetes/policy/templates/policy-log-configmap.yaml deleted file mode 100644 index 3a62030bd5..0000000000 --- a/kubernetes/policy/templates/policy-log-configmap.yaml +++ /dev/null @@ -1,59 +0,0 @@ -# Copyright © 2017 Amdocs, Bell Canada -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -#{{ if not .Values.disablePolicyPap }} -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-pap-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/xacml-pap-rest/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-sdk-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/ep_sdk_app/*").AsConfig . | indent 2 }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-filebeat-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }} -#{{ end }} -#{{ if not .Values.disablePolicyPdp }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-pdp-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/*").AsConfig . | indent 2 }} -#{{ end }} -#{{ if not .Values.disablePolicyDrools }} ---- -apiVersion: v1 -kind: ConfigMap -metadata: - name: policy-drools-log-configmap - namespace: {{ .Values.nsPrefix }} -data: -{{ tpl (.Files.Glob "resources/config/log/drools/*").AsConfig . | indent 2 }} -#{{ end }} diff --git a/kubernetes/policy/templates/service.yaml b/kubernetes/policy/templates/service.yaml new file mode 100644 index 0000000000..4d7996042d --- /dev/null +++ b/kubernetes/policy/templates/service.yaml @@ -0,0 +1,42 @@ +# Copyright © 2017 Amdocs, Bell Canada +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +apiVersion: v1 +kind: Service +metadata: + name: {{ include "common.fullname" . }} + namespace: {{ include "common.namespace" . }} + labels: + app: {{ include "common.name" . }} + chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }} + release: {{ .Release.Name }} + heritage: {{ .Release.Service }} +spec: + type: {{ .Values.service.type }} + ports: + {{if eq .Values.service.type "NodePort" -}} + - port: {{ .Values.service.externalPort }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort }} + - port: {{ .Values.service.externalPort2 }} + nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }} + name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }} + {{- else -}} + - port: {{ .Values.service.externalPort }} + targetPort: {{ .Values.service.internalPort }} + name: {{ .Values.service.name }} + {{- end}} + selector: + app: {{ include "common.name" . }} + release: {{ .Release.Name }} diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index 49ad89225d..171ea1078c 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -12,33 +12,107 @@ # See the License for the specific language governing permissions and # limitations under the License. -nsPrefix: onap +################################################################# +# Global configuration defaults. +################################################################# +global: + nodePortPrefix: 302 + repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ== + readinessRepository: oomk8s + readinessImage: readiness-check:1.0.0 + loggingRepository: docker.elastic.co + loggingImage: beats/filebeat:5.5.0 + ubuntuImage: ubuntu:16.04 + mariadb: + nameOverride: policydb + pdp: + nameOverride: pdp + pap: + nameOverride: pap + drools: + nameOverride: drools + brmwgw: + nameOverride: brmsgw + nexus: + nameOverride: nexus + +################################################################# +# Application configuration defaults. +################################################################# +# application image +repository: nexus3.onap.org:10001 +image: onap/policy-pe:1.2-SNAPSHOT-latest pullPolicy: Always -nodePortPrefix: 302 - -# POLICY hotfix - Note this must be temporary -# See https://jira.onap.org/browse/POLICY-510 -aaiServiceClusterIp: 10.43.255.254 -brmsgwReplicas: 1 -droolsReplicas: 1 -mariadbReplicas: 1 -nexusReplicas: 1 -papReplicas: 1 -pdpReplicas: 1 -image: - readiness: oomk8s/readiness-check - readinessVersion: 1.1.0 - policyPe: nexus3.onap.org:10001/onap/policy/policy-pe - policyPeVersion: v1.1.1 - policyDrools: nexus3.onap.org:10001/onap/policy/policy-drools - policyDroolsVersion: v1.1.1 - policyDb: nexus3.onap.org:10001/onap/policy/policy-db - policyDbVersion: v1.1.1 - policyNexus: nexus3.onap.org:10001/onap/policy/policy-nexus - policyNexusVersion: v1.1.1 - ubuntu: ubuntu:16.04 - filebeat: docker.elastic.co/beats/filebeat:5.5.0 +subChartsOnly: + enabled: true + +nameOverride: pap + +pdp: + nameOverride: pdp +mariadb: + nameOverride: policydb +drools: + nameOverride: drools +brmwgw: + nameOverride: brmsgw +nexus: + nameOverride: nexus + +# flag to enable debugging - application support required +debugEnabled: false + +# application configuration +# Example: config: - logstashServiceName: log-ls - logstashPort: 5044 + preloadPolicies: true + +# default number of instances +replicaCount: 1 + +nodeSelector: {} + +affinity: {} + +# probe configuration parameters +liveness: + initialDelaySeconds: 10 + periodSeconds: 10 + # necessary to disable liveness probe when setting breakpoints + # in debugger so K8s doesn't restart unresponsive container + enabled: true + +readiness: + initialDelaySeconds: 10 + periodSeconds: 10 + +service: + type: NodePort + name: pap + externalPort: 8443 + nodePort: 19 + externalPort2: 9091 + nodePort2: 18 + +ingress: + enabled: false + +resources: {} + # We usually recommend not to specify default resources and to leave this as a conscious + # choice for the user. This also increases chances charts run on environments with little + # resources, such as Minikube. If you do want to specify resources, uncomment the following + # lines, adjust them as necessary, and remove the curly braces after 'resources:'. + # + # Example: + # Configure resource requests and limits + # ref: http://kubernetes.io/docs/user-guide/compute-resources/ + # Minimum memory for development is 2 CPU cores and 4GB memory + # Minimum memory for production is 4 CPU cores and 8GB memory +#resources: +# limits: +# cpu: 2 +# memory: 4Gi +# requests: +# cpu: 2 +# memory: 4Gi -- 2.16.6