From df4db0bc8473b46f7212c277ff17c193f681aed6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Alexis=20de=20Talhou=C3=ABt?= Date: Mon, 11 Dec 2017 08:36:25 -0500 Subject: [PATCH] Fix policy MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit - remove useless init-check in deployment to match requirement from policy team: https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=docker-compose.yml;h=96fd5073e9d51908dabd04643aa96b42820ac681;hb=HEAD - add missing drools port (9696) - update configuration files to reflect latest Change-Id: I3399c21a3357b649fdc078a0bd4ba4af1f751a9b Issue-ID: OOM-490 Signed-off-by: Alexis de Talhouët --- kubernetes/aai/templates/all-services.yaml | 1 + kubernetes/aai/values.yaml | 5 + .../init/src/config/log/policy/drools/logback.xml | 225 +++++++----------- .../policy/opt/policy/config/drools/base.conf | 27 ++- .../opt/policy/config/drools/policy-keystore | Bin .../policy/opt/policy/config/pe/brmsgw-tweaks.sh | 2 +- .../config/policy/opt/policy/config/pe/brmsgw.conf | 9 +- .../policy/opt/policy/config/pe/console.conf | 2 +- .../config/policy/opt/policy/config/pe/pdp.conf | 3 + .../policy/opt/policy/config/pe/push-policies.sh | 261 +++++++++++++++------ kubernetes/policy/templates/all-services.yaml | 3 + kubernetes/policy/templates/dep-brmsgw.yaml | 6 - kubernetes/policy/templates/dep-drools.yaml | 10 +- kubernetes/policy/templates/dep-pap.yaml | 5 +- kubernetes/policy/templates/dep-pdp.yaml | 4 - kubernetes/policy/values.yaml | 5 + 16 files changed, 338 insertions(+), 230 deletions(-) mode change 100755 => 100644 kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore mode change 100644 => 100755 kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh diff --git a/kubernetes/aai/templates/all-services.yaml b/kubernetes/aai/templates/all-services.yaml index 0cf62d0fec..77f7dc1f9b 100644 --- a/kubernetes/aai/templates/all-services.yaml +++ b/kubernetes/aai/templates/all-services.yaml @@ -184,6 +184,7 @@ spec: type: NodePort selector: app: aai-service + clusterIP: {{ .Values.aaiServiceClusterIp }} #{{ end }} #{{ if not .Values.disableAaiModelLoaderService }} --- diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml index ce625b7ab3..692d071d10 100644 --- a/kubernetes/aai/values.yaml +++ b/kubernetes/aai/values.yaml @@ -1,6 +1,11 @@ nsPrefix: onap pullPolicy: Always nodePortPrefix: 302 + +# POLICY hotfix - Note this must be temporary +# See https://jira.onap.org/browse/POLICY-510 +aaiServiceClusterIp: 10.43.255.254 + image: readiness: oomk8s/readiness-check:1.0.0 aaiProxy: aaionap/haproxy diff --git a/kubernetes/config/docker/init/src/config/log/policy/drools/logback.xml b/kubernetes/config/docker/init/src/config/log/policy/drools/logback.xml index 2b6d11e962..daecf97850 100644 --- a/kubernetes/config/docker/init/src/config/log/policy/drools/logback.xml +++ b/kubernetes/config/docker/init/src/config/log/policy/drools/logback.xml @@ -1,16 +1,15 @@ - - - - - - - - - - - - - - - - - - - - - - - - - ${pattern} - - - - - - - - - ${logDirectory}/${auditLogName}.log - - ${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${metricsLogName}.log - - ${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - - - ${logDirectory}/${errorLogName}.log - - ${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - INFO - - - - ${queueSize} - - - - ${logDirectory}/${debugLogName}.log - - ${logDirectory}/${debugLogName}.%i.log.zip - - ${maxFileSize} - - ${maxHistory} - ${totalSizeCap} - - - ${pattern} - - - - ${queueSize} - - true - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + ${logDir}/${errorLog}.log + + ${logDir}/${errorLog}.%i.log.zip + 1 + 5 + + + WARN + + + 15MB + + + ${errorPattern} + + + + + + + + + ${logDir}/${debugLog}.log + + ${logDir}/${debugLog}.%i.log.zip + 1 + 9 + + + 20MB + + + ${debugPattern} + + + + + + + + + ${logDir}/${networkLog}.log + + ${logDir}/${networkLog}.%i.log.zip + 1 + 9 + + + 15MB + + + ${networkPattern} + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/base.conf b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/base.conf index f531c0fa85..4f904444f7 100755 --- a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/base.conf +++ b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/base.conf @@ -28,7 +28,7 @@ KEYSTORE_PASSWD=PolicyR0ck$ # Telemetry credentials ENGINE_MANAGEMENT_PORT=9696 -ENGINE_MANAGEMENT_HOST=localhost +ENGINE_MANAGEMENT_HOST=0.0.0.0 ENGINE_MANAGEMENT_USER=@1b3rt ENGINE_MANAGEMENT_PASSWORD=31nst31n @@ -68,12 +68,33 @@ PAP_PASSWORD=alpha123 PDP_HOST=pdp.onap-policy PDP_USERNAME=testpdp PDP_PASSWORD=alpha123 +PDP_CLIENT_USERNAME=python +PDP_CLIENT_PASSWORD=test +PDP_ENVIRONMENT=TEST # DCAE DMaaP -DCAE_TOPIC=unauthenticated.TCA_EVENT_OUTPUT -DCAE_SERVERS=dcae-controller.onap-dcae +DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT +DCAE_SERVERS=dmaap.onap-message-router # Open DMaaP DMAAP_SERVERS=dmaap.onap-message-router + +# AAI + +AAI_URL=https://aai.api.simpledemo.openecomp.org:8443 +AAI_USERNAME=POLICY +AAI_PASSWORD=POLICY + +# MSO + +SO_URL=http://mso.onap-mso:8080/ecomp/mso/infra +SO_USERNAME=InfraPortalClient +SO_PASSWORD=password1$ + +# VFC + +VFC_URL= +VFC_USERNAME= +VFC_PASSWORD= \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore old mode 100755 new mode 100644 diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw-tweaks.sh index d318d4d189..daa3596e6e 100755 --- a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw-tweaks.sh +++ b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw-tweaks.sh @@ -33,6 +33,6 @@ for DEP in ${DEPS_JSON_RUNTIME} ${DEPS_JSON_INSTALL}; do if [ ! -f "${DEP}" ]; then echo "warning: configuration does not exist: ${DEP}" else - sed -i -e "s/\"version\":.*/\"version\": \"${version}\"/g" "${DEP}" + sed -i -e "s/\"version\":.*-SNAPSHOT\"/\"version\": \"${version}\"/g" "${DEP}" fi done diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf index 3cafc32a4c..ff4d2e487d 100755 --- a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf +++ b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf @@ -28,11 +28,8 @@ UEB_API_SECRET= groupID=org.onap.policy-engine artifactID=drlPDPGroup -VFW_GROUP_ID=org.onap.policy-engine.drools.vFW -VFW_ARTIFACT_ID=policy-vFW-rules -VDNS_GROUP_ID=org.onap.policy-engine.drools.vDNS -VDNS_ARTIFACT_ID=policy-vDNS-rules - +AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam +AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules # the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase resource_name=brmsgw_1 @@ -52,5 +49,5 @@ BRMS_UEB_API_KEY= BRMS_UEB_API_SECRET= #Dependency.json file version -BRMS_DEPENDENCY_VERSION=1.1.0-SNAPSHOT +BRMS_DEPENDENCY_VERSION=1.2.0 diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/console.conf b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/console.conf index b0a7888398..938543cb7e 100755 --- a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/console.conf +++ b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/console.conf @@ -122,7 +122,7 @@ onap_application_name= #-----------------------ONAP-PORTAL-Properties---------------------- ONAP_REDIRECT_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/login.htm -ONAP_REST_URL= +ONAP_REST_URL=http://portalapps.onap-portal:8989/ONAPPORTAL/auxapi ONAP_UEB_URL_LIST= ONAP_PORTAL_INBOX_NAME= ONAP_UEB_APP_KEY= diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp.conf b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp.conf index d1dee77a11..dba8af2e10 100755 --- a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp.conf +++ b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp.conf @@ -51,3 +51,6 @@ PDP_DMAAP_AAF_PASSWORD= #Required only, when we use AAF POLICY_AAF_NAMESPACE= POLICY_AAF_RESOURCE= + +# Indeterminate resolution +DECISION_INDETERMINATE_RESPONSE=PERMIT \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh old mode 100644 new mode 100755 index 7a71639595..0461731c16 --- a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh +++ b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh @@ -1,121 +1,250 @@ #! /bin/bash +# forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM -echo "Pushing default policies" +#########################################Upload BRMS Param Template########################################## -# Sometimes brmsgw gets an error when trying to retrieve the policies on initial push, -# so for the BRMS policies we will do a push, then delete from the pdp group, then push again. -# Second push should be successful. +echo "Upload BRMS Param Template" -echo "pushPolicy : PUT : com.vFirewall" -curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "com.vFirewall", - "policyType": "MicroService" -}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' +sleep 2 + +wget -O cl-amsterdam-template.drl https://git.onap.org/policy/drools-applications/plain/controlloop/templates/archetype-cl-amsterdam/src/main/resources/archetype-resources/src/main/resources/__closedLoopControlName__.drl sleep 2 -echo "pushPolicy : PUT : com.vLoadBalancer" -curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "com.vLoadBalancer", - "policyType": "MicroService" -}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' +curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://pdp.onap-policy:8081/pdp/api/policyEngineImport' + +echo "PRELOAD_POLICIES is $PRELOAD_POLICIES" + +if [ "$PRELOAD_POLICIES" == "false" ]; then + exit 0 +fi + +#########################################Create BRMS Param policies########################################## + +echo "Create BRMSParam Operational Policies" sleep 2 -echo "pushPolicy : PUT : com.BRMSParamvLBDemoPolicy" +echo "Create BRMSParamvFirewall Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvFirewall", + "policyDescription": "BRMS Param vFirewall policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvDNS Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvDNS", + "policyDescription": "BRMS Param vDNS policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamVOLTE Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamVOLTE", + "policyDescription": "BRMS Param VOLTE policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + +sleep 2 + +echo "Create BRMSParamvCPE Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/html' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyConfigType": "BRMS_PARAM", + "policyName": "com.BRMSParamvCPE", + "policyDescription": "BRMS Param vCPE policy", + "policyScope": "com", + "attributes": { + "MATCHING": { + "controller" : "amsterdam" + }, + "RULE": { + "templateName": "ClosedLoopControlName", + "closedLoopControlName": "ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e", + "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" + } + } +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + +#########################################Create Micro Service Config policies########################################## + +echo "Create MicroService Config Policies" + +sleep 2 + +echo "Create MicroServicevFirewall Policy" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "com.BRMSParamvLBDemoPolicy", - "policyType": "BRMS_Param" -}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevFirewall\", \"description\": \"MicroService vFirewall Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vFirewallBroadcastPackets\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"LESS_OR_EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ONSET\" }, { \"closedLoopControlName\": \"ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 700, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" } ] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevFirewall", + "onapName": "DCAE" +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + sleep 2 -echo "pushPolicy : PUT : com.BRMSParamvFWDemoPolicy" +echo "Create MicroServicevDNS Policy" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ - "pdpGroup": "default", - "policyName": "com.BRMSParamvFWDemoPolicy", - "policyType": "BRMS_Param" -}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevDNS\", \"description\": \"MicroService vDNS Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"vLoadBalancer\", \"controlLoopSchemaType\": \"VM\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.vNicUsageArray[*].receivedTotalPacketsDelta\", \"thresholdValue\": 300, \"direction\": \"GREATER_OR_EQUAL\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevDNS", + "onapName": "DCAE" +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + sleep 2 -echo "deletePolicy : DELETE : com.vFirewall" -curl -v --silent -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ -"pdpGroup": "default", -"policyComponent": "PDP", -"policyName": "com.vFirewall", -"policyType": "MicroService" -}' 'http://pdp.onap-policy:8081/pdp/api/deletePolicy' +echo "Create MicroServicevCPE Policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "configBody": "{ \"service\": \"tca_policy\", \"location\": \"SampleServiceLocation\", \"uuid\": \"test\", \"policyName\": \"MicroServicevCPE\", \"description\": \"MicroService vCPE Policy\", \"configName\": \"SampleConfigName\", \"templateVersion\": \"OpenSource.version.1\", \"version\": \"1.1.0\", \"priority\": \"1\", \"policyScope\": \"resource=SampleResource,service=SampleService,type=SampleType,closedLoopControlName=ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"riskType\": \"SampleRiskType\", \"riskLevel\": \"1\", \"guard\": \"False\", \"content\": { \"tca_policy\": { \"domain\": \"measurementsForVfScaling\", \"metricsPerEventName\": [{ \"eventName\": \"Measurement_vGMUX\", \"controlLoopSchemaType\": \"VNF\", \"policyScope\": \"DCAE\", \"policyName\": \"DCAE.Config_tca-hi-lo\", \"policyVersion\": \"v0.0.1\", \"thresholds\": [{ \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"EQUAL\", \"severity\": \"MAJOR\", \"closedLoopEventStatus\": \"ABATED\" }, { \"closedLoopControlName\": \"ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e\", \"version\": \"1.0.2\", \"fieldPath\": \"$.event.measurementsForVfScalingFields.additionalMeasurements[*].arrayOfFields[0].value\", \"thresholdValue\": 0, \"direction\": \"GREATER\", \"severity\": \"CRITICAL\", \"closedLoopEventStatus\": \"ONSET\" }] }] } } }", + "policyConfigType": "MicroService", + "policyName": "com.MicroServicevCPE", + "onapName": "DCAE" +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + +#########################################Creating Decision Guard policy######################################### sleep 2 -echo "deletePolicy : DELETE : com.vLoadBalancer" -curl -v --silent -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ -"pdpGroup": "default", -"policyComponent": "PDP", -"policyName": "com.vLoadBalancer", -"policyType": "MicroService" -}' 'http://pdp.onap-policy:8081/pdp/api/deletePolicy' +echo "Creating Decision Guard policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "policyClass": "Decision", + "policyName": "com.AllPermitGuard", + "policyDescription": "Testing all Permit YAML Guard Policy", + "ecompName": "PDPD", + "ruleProvider": "GUARD_YAML", + "attributes": { + "MATCHING": { + "actor": ".*", + "recipe": ".*", + "targets": ".*", + "clname": ".*", + "limit": "10", + "timeWindow": "1", + "timeUnits": "minute", + "guardActiveStart": "00:00:01-05:00", + "guardActiveEnd": "00:00:00-05:00" + } + } +}' 'http://pdp.onap-policy:8081/pdp/api/createPolicy' + +#########################################Push Decision policy######################################### sleep 2 -echo "deletePolicy : DELETE : com.BRMSParamvFWDemoPolicy" -curl -v --silent -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ -"pdpGroup": "default", -"policyComponent": "PDP", -"policyName": "com.BRMSParamvFWDemoPolicy", -"policyType": "BRMS_Param" -}' 'http://pdp.onap-policy:8081/pdp/api/deletePolicy' +echo "Push Decision policy" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.AllPermitGuard", + "policyType": "DECISION" +}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' + +#########################################Pushing BRMS Param policies########################################## +echo "Pushing BRMSParam Operational policies" sleep 2 -echo "deletePolicy : DELETE : com.BRMSParamvLBDemoPolicy" -curl -v --silent -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ -"pdpGroup": "default", -"policyComponent": "PDP", -"policyName": "com.BRMSParamvLBDemoPolicy", -"policyType": "BRMS_Param" -}' 'http://pdp.onap-policy:8081/pdp/api/deletePolicy' +echo "pushPolicy : PUT : com.BRMSParamvFirewall" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.BRMSParamvFirewall", + "policyType": "BRMS_Param" +}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' sleep 2 -echo "pushPolicy : PUT : com.vFirewall" +echo "pushPolicy : PUT : com.BRMSParamvDNS" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "com.vFirewall", - "policyType": "MicroService" + "policyName": "com.BRMSParamvDNS", + "policyType": "BRMS_Param" }' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' sleep 2 -echo "pushPolicy : PUT : com.vLoadBalancer" +echo "pushPolicy : PUT : com.BRMSParamVOLTE" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "com.vLoadBalancer", - "policyType": "MicroService" -}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' + "policyName": "com.BRMSParamVOLTE", + "policyType": "BRMS_Param" +}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' sleep 2 -echo "pushPolicy : PUT : com.BRMSParamvLBDemoPolicy" +echo "pushPolicy : PUT : com.BRMSParamvCPE" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "com.BRMSParamvLBDemoPolicy", + "policyName": "com.BRMSParamvCPE", "policyType": "BRMS_Param" }' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' +#########################################Pushing MicroService Config policies########################################## + +echo "Pushing MicroService Config policies" + sleep 2 -echo "pushPolicy : PUT : com.BRMSParamvFWDemoPolicy" +echo "pushPolicy : PUT : com.MicroServicevFirewall" curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", - "policyName": "com.BRMSParamvFWDemoPolicy", - "policyType": "BRMS_Param" + "policyName": "com.MicroServicevFirewall", + "policyType": "MicroService" }' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevDNS" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevDNS", + "policyType": "MicroService" +}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' + +sleep 10 + +echo "pushPolicy : PUT : com.MicroServicevCPE" +curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ + "pdpGroup": "default", + "policyName": "com.MicroServicevCPE", + "policyType": "MicroService" +}' 'http://pdp.onap-policy:8081/pdp/api/pushPolicy' \ No newline at end of file diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml index a1c480458d..5c5f683e88 100644 --- a/kubernetes/policy/templates/all-services.yaml +++ b/kubernetes/policy/templates/all-services.yaml @@ -45,6 +45,9 @@ spec: - name: "drools-port" port: 6969 nodePort: {{ .Values.nodePortPrefix }}17 + - name: "drools-port2" + port: 9696 + nodePort: {{ .Values.nodePortPrefix }}21 selector: app: drools type: NodePort diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml index 7a1bcdec49..89752aece7 100644 --- a/kubernetes/policy/templates/dep-brmsgw.yaml +++ b/kubernetes/policy/templates/dep-brmsgw.yaml @@ -20,13 +20,7 @@ spec: - /root/ready.py args: - --container-name - - mariadb - - --container-name - - nexus - - --container-name - pap - - --container-name - - pdp env: - name: NAMESPACE valueFrom: diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml index 48ef16e3b2..83179fafc9 100644 --- a/kubernetes/policy/templates/dep-drools.yaml +++ b/kubernetes/policy/templates/dep-drools.yaml @@ -23,12 +23,6 @@ spec: - mariadb - --container-name - nexus - - --container-name - - pap - - --container-name - - pdp - - --container-name - - brmsgw env: - name: NAMESPACE valueFrom: @@ -38,6 +32,10 @@ spec: image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}" imagePullPolicy: {{ .Values.pullPolicy }} name: drools-readiness + hostAliases: + - ip: "{{ .Values.aaiServiceClusterIp }}" + hostnames: + - "aai.api.simpledemo.openecomp.org" containers: - command: - /bin/bash diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml index 523cfd35ff..a19fd24778 100644 --- a/kubernetes/policy/templates/dep-pap.yaml +++ b/kubernetes/policy/templates/dep-pap.yaml @@ -19,8 +19,6 @@ spec: - /root/ready.py args: - --container-name - - nexus - - --container-name - mariadb env: - name: NAMESPACE @@ -52,6 +50,9 @@ spec: image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}" imagePullPolicy: {{ .Values.pullPolicy }} name: pap + env: + - name: PRELOAD_POLICIES + value: "true" ports: - containerPort: 8443 - containerPort: 9091 diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml index 3763b95bb2..1f66396a1c 100644 --- a/kubernetes/policy/templates/dep-pdp.yaml +++ b/kubernetes/policy/templates/dep-pdp.yaml @@ -20,10 +20,6 @@ spec: - /root/ready.py args: - --container-name - - mariadb - - --container-name - - nexus - - --container-name - pap env: - name: NAMESPACE diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml index ce037d896d..f52dc445e6 100644 --- a/kubernetes/policy/values.yaml +++ b/kubernetes/policy/values.yaml @@ -1,6 +1,11 @@ nsPrefix: onap pullPolicy: Always nodePortPrefix: 302 + +# POLICY hotfix - Note this must be temporary +# See https://jira.onap.org/browse/POLICY-510 +aaiServiceClusterIp: 10.43.255.254 + image: readiness: oomk8s/readiness-check readinessVersion: 1.0.0 -- 2.16.6