.. image:: PolicyArchitectureDetails.png
+.. image:: PolicyArchitectureDetailsKey.png
+
+
The PAP provides interfaces for the management of policies. It utilizes the XACML database to store policies, which are then distributed to the PDPs.
The XACML and Drools databases are hosted in a MariaDB cluster. The XACML database is used to persist policies and policy dictionaries and provide a point for PDPs to retrieve policies. The XACML database also has tables used for node state management, detection of node failure and failover. As indicated above, the state management tables will only include entries for the PAP and PDP-X as the testing is not yet complete for the PDP-D.
Policy writers can define attributes so that policy events or requests self-indicate their scope. The scope is then examined by a suitable function and subsequently acted upon accordingly. Policy decisions and enforcement functions can self-indicate their scope of decision-making, enforcement, or other capabilities. Virtual functions can be automatically attached to the appropriate POLICY Framework and distribution mechanisms.
+.. image:: PolicySummary.png
+
End of Document
--- /dev/null
+
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+*******************************
+Policy Cookbook |cookbooklogo|
+*******************************
+
+Policy VM/Docker Recipes
+^^^^^^^^^^^^^^^^^^^^^^^^
+
+ .. code-block:: bash
+ :caption: Get latest images in an already setup policy VM
+ :linenos:
+
+ /opt/policy_vm_init.sh
+
+
+ .. code-block:: bash
+ :caption: Install/start docker policy containers with no policies preloaded
+ :linenos:
+
+ echo "PRELOAD_POLICIES=false" > /opt/policy/.env
+ /opt/policy_vm_init.sh
+
+
+ .. code-block:: bash
+ :caption: Install/start docker policy containers with policies preloaded
+ :linenos:
+
+ # This is the current default mode of instantiation.
+ # These operations are unnecessary unless PRELOAD_POLICIES
+ # was previously set to true
+
+ echo "PRELOAD_POLICIES=true" > /opt/policy/.env
+ /opt/policy_vm_init.sh
+
+
+ .. code-block:: bash
+ :caption: Access the PDP-D container as a policy user
+ :linenos:
+
+ docker exec -it drools bash
+
+
+ .. code-block:: bash
+ :caption: Access the PDP-X container as a policy user
+ :linenos:
+
+ docker exec -it -u 0 pdp su - policy
+
+
+ .. code-block:: bash
+ :caption: Access the BRMSGW container as a policy user
+ :linenos:
+
+ docker exec -it -u 0 brmsgw su - policy
+
+
+ .. code-block:: bash
+ :caption: Access PAP container as a policy user
+ :linenos:
+
+ docker exec -it -u 0 pap su - policy
+
+
+ .. code-block:: bash
+ :caption: Access the CONSOLE container as a policy user
+ :linenos:
+
+ docker exec -it -u 0 console su - policy
+
+
+ .. code-block:: bash
+ :caption: Manual Healthcheck invokation
+ :linenos:
+
+ # Assuming the healthcheck service credentials have not been changed
+ # post-installation within the drools container
+
+ source /opt/app/policy/config/feature-healthcheck.conf.environment
+ curl --silent --user "${HEALTHCHECK_USER}:${HEALTHCHECK_PASSWORD}"
+ -X GET http://localhost:6969/healthcheck | python -m json.tool
+
+
+PDP-D Recipes ("drools" container)
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+
+ .. code-block:: bash
+ :caption: Stop the PDP-D
+ :linenos:
+
+ policy stop
+
+
+ .. code-block:: bash
+ :caption: Start the PDP-D
+ :linenos:
+
+ policy start
+
+
+ .. code-block:: bash
+ :caption: Manual Healthcheck Invokation
+ :linenos:
+
+ # Assuming the healthcheck service credentials have not been changed
+ # post-installation within the drools container
+
+ source ${POLICY_HOME}/config/feature-healthcheck.conf
+ curl --silent --user "${HEALTHCHECK_USER}:${HEALTHCHECK_PASSWORD}"
+ -X GET http://localhost:6969/healthcheck | python -m json.tool
+
+
+.. |recipelogo| image:: recipecard.png
+ :width: 80pt
+ :height: 80pt
+
+.. |cookbooklogo| image:: cookbook.gif
+ :width: 80pt
+ :height: 80pt
+
+End of Document
+
+.. SSNote: Wiki page ref. https://wiki.onap.org/display/DW/Policy+Cookbook
+
+
+