Merge "Change path to daexim directory"
diff --git a/docs/spelling_wordlist.txt b/docs/spelling_wordlist.txt
new file mode 100644
index 0000000..c860d4a
--- /dev/null
+++ b/docs/spelling_wordlist.txt
@@ -0,0 +1,451 @@
+AAF
+AAI
+adaptor
+Adaptor
+adaptors
+Adaptors
+Alcatel
+Ansible
+API
+APIs
+APPC
+ASCII
+Avro
+BPMN
+Camunda
+Cask
+Cassandra
+CCSDK
+CD
+CDAP
+Ceilometer
+CentOS
+CI
+CLI
+Cloudify
+Codec
+committer
+committers
+CommonMark
+Contrail
+CPU
+CRM
+CSCF
+CSIT
+cyber
+DBaaS
+DCAE
+DevOps
+DHCP
+Django
+DMaaP
+DNS
+DNSaaS
+DPDK
+Ebook
+elasticsearch
+Elasticsearch
+Enablement
+enum
+Enum
+env
+Env
+ENV
+ethernet
+Facebook
+failover
+fallback
+Fcaps
+Financials
+geocoder
+Gerrit
+Github
+graphSON
+guestOS
+gui
+Hadoop
+hardcoded
+hashtag
+healthcheck
+healthCheck
+Healthcheck
+HealthCheck
+healthchecks
+heatbridge
+heatclient
+HeatStack
+hostname
+hostName
+Hostname
+hostnames
+hostOS
+htm
+html
+http
+Http
+httpclient
+httpcomponents
+httpdomain
+httpHeader
+httpPort
+httpreturncode
+https
+httpStatusCode
+Huawei
+hyperlink
+Hyperlink
+hypervisor
+Hypervisor
+hypervisors
+Hypervisors
+IaaS
+indices
+Indices
+inline
+internet
+interoperable
+interoperate
+Interoperate
+interoperation
+interwork
+Interworking
+IoT
+ip
+Ip
+IP
+ipAddress
+iPAddress
+IPAddress
+ipam
+Ipam
+ipVersion
+Jacoco
+java
+javalib
+javascript
+Javascript
+jboss
+JBoss
+Jenkins
+Jira
+jpath
+json
+Json
+jsonObject
+jsonObjectInstance
+jsonObjects
+jsonschema
+jtosca
+junit
+Junit
+JUnit
+Junits
+JUnits
+keypair
+Keypair
+keypairs
+keyserver
+keyservers
+keyspace
+Keyspace
+keyspaceName
+keyspaces
+keystore
+keytool
+keyValue
+Kibana
+Kibibytes
+Kubernetes
+LF
+lifecycle
+Lifecycle
+lifecycles
+locator
+logback
+Logback
+logfiles
+Logfiles
+logoffs
+Logoffs
+logon
+Logstash
+macAddress
+MacAddress
+macOS
+Malware
+metadata
+Metadata
+microservice
+Microservice
+microservices
+Microservices
+middleware
+msb
+MSB
+multicast
+multicloud
+Multicloud
+MultiCloud
+multipart
+Mysql
+NaaS
+nameserver
+nameservers
+namespace
+Namespace
+namespaced
+namespaces
+Namespaces
+Netconf
+nfv
+NFV
+nfvi
+nfvo
+nfvparser
+Nokia
+NSD
+OAM
+Ocata
+ODL
+Onap
+ONAP
+onboard
+Onboard
+onboarded
+Onboarded
+onboarding
+Onboarding
+online
+OOF
+OOM
+OpenDaylight
+openo
+OpenO
+Opensource
+Openstack
+OpenStack
+OSS
+Pandoc
+partitionKey
+Partitionkey
+passphrase
+PCRF
+pdf
+PGaaS
+Phishing
+PKI
+placemark
+Placemark
+placemarks
+plantUML
+playbook
+Playbook
+playbooks
+Playbooks
+plugin
+Plugin
+plugins
+Plugins
+PNF
+PoC
+Postgre
+Postgres
+Postgresql
+preload
+Preload
+proactively
+programmatically
+proxyhost
+pserver
+pServer
+pservers
+QoS
+quickstart
+Quickstart
+Rackspace
+readme
+readthedocs
+Readthedocs
+Redhat
+Redis
+refactored
+Refactored
+registrator
+Registrator
+repo
+Repo
+repos
+Restconf
+reStructuredText
+reusability
+Reusability
+RMM
+roadmap
+roadmaps
+RPT
+rst
+RST
+RVMI
+schemas
+screensaver
+sdc
+Sdc
+SDC
+sdk
+SDK
+SDN
+sdnc
+Sdnc
+SDNC
+Selenium
+servlet
+Servlet
+Skynet
+SLI
+SMP
+SNMP
+SPI
+SQL
+stateful
+subclassed
+subclassing
+subdomain
+subflows
+suboperation
+suboperations
+Suboperations
+subtending
+syslog
+sysLog
+Syslog
+syslogs
+Syslogs
+tablename
+taxonomical
+TBD
+Telco
+telecom
+Telecom
+templated
+templating
+timeframe
+timeslots
+timestamp
+Timestamp
+transcoding
+UDP
+UI
+uncheck
+undeploy
+Undeploy
+undeployed
+undeploying
+Undeployment
+uninstall
+uninstallation
+uninstalled
+unitless
+Unregistration
+updatable
+uploadable
+url
+Url
+urls
+usecase
+Usecase
+userid
+username
+Username
+usernames
+validator
+Validator
+vcpu
+vcpus
+vdns
+versioned
+Versioned
+versioning
+Versioning
+vertices
+Vertices
+vf
+vF
+vfc
+vFC
+VFC
+vfcadaptor
+vfirewall
+vFirewall
+vfmodule
+vfModule
+VfModule
+vfModules
+vfstatus
+vfStatus
+virtualization
+Virtualization
+virtualize
+virtualized
+Virtualized
+virtualizes
+virtualizing
+vlan
+Vld
+vm
+Vm
+VM
+vms
+VMs
+VMware
+vnf
+vNF
+Vnf
+VNF
+vnfapi
+vnfc
+VNFFG
+vnfm
+Vnfm
+VNFM
+VNFMs
+vnfs
+vNFs
+vnfsdk
+VPN
+vrouter
+vserver
+vServer
+Vserver
+vservers
+Vservers
+vswitch
+VVP
+Vyatta
+webapp
+webapps
+Webpage
+webserver
+WebServer
+Websocket
+Websockets
+whitebox
+whiteboxes
+whitepaper
+wiki
+Wiki
+Wikis
+Wildfly
+Windriver
+Wireline
+workflow
+Workflow
+workflows
+www
+xml
+Xmx
+Yaml
+yamls
+zabbix
+Zachman
+Zookeeper
+ZTE
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/client-cert.p12
deleted file mode 100644
index dbf4fca..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 9eec841..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/fproxy.properties b/kubernetes/aai/components/aai-babel/resources/fproxy/config/fproxy.properties
deleted file mode 100644
index f512fb7..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/fproxy.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-credential.cache.timeout.ms=180000
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-babel/resources/fproxy/config/logback-spring.xml
deleted file mode 100644
index 0637cfb..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
-    <property name="LOGS" value="./logs/AAF-FPS" />
-    <property name="FILEPREFIX" value="application" />
-
-    <appender name="Console"
-        class="ch.qos.logback.core.ConsoleAppender">
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>
-                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
-            </Pattern>
-        </layout>
-    </appender>
-
-    <appender name="RollingFile"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${LOGS}/${FILEPREFIX}.log</file>
-        <encoder
-            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
-            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
-        </encoder>
-
-        <rollingPolicy
-            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <!-- rollover daily and when the file reaches 10 MegaBytes -->
-            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
-            </fileNamePattern>
-            <timeBasedFileNamingAndTriggeringPolicy
-                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
-                <maxFileSize>10MB</maxFileSize>
-            </timeBasedFileNamingAndTriggeringPolicy>
-        </rollingPolicy>
-    </appender>
-
-    <!-- LOG everything at INFO level -->
-    <root level="info">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </root>
-
-    <!-- LOG "com.baeldung*" at TRACE level -->
-    <logger name="org.onap.aaf.fproxy" level="info" />
-
-</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/fproxy/config/readme.txt b/kubernetes/aai/components/aai-babel/resources/fproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-babel/resources/fproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/client-cert.p12
deleted file mode 100644
index dbf4fca..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 99129c1..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/uri-authorization.json
deleted file mode 100644
index acc9409..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/auth/uri-authorization.json
+++ /dev/null
@@ -1,93 +0,0 @@
-[
-  {
-    "uri": "\/not\/allowed\/at\/all$",
-    "permissions": [
-      "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
-     ]
-  },
-  {
-    "uri": "\/one\/auth\/required$",
-    "permissions": [
-      "test.auth.access.aSimpleSingleAuth"
-     ]
-  },
-  {
-    "uri": "\/multi\/auth\/required$",
-    "permissions": [
-      "test.auth.access.aMultipleAuth1",
-      "test.auth.access.aMultipleAuth2",
-      "test.auth.access.aMultipleAuth3"
-     ]
-  },
-  {
-    "uri": "\/one\/[^\/]+\/required$",
-    "permissions": [
-      "test.auth.access.aSimpleSingleAuth"
-     ]
-  },
-  {
-    "uri": "\/services\/getAAFRequest$",
-    "permissions": [
-      "test.auth.access|services|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/admin\/getAAFRequest$",
-    "permissions": [
-      "test.auth.access|admin|GET,PUT,POST"
-     ]
-  },
-  {
-    "uri": "\/service\/aai\/webapp\/index.html$",
-    "permissions": [
-      "test.auth.access|services|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/services\/aai\/webapp\/index.html$",
-    "permissions": [
-      "test.auth.access|services|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/$",
-    "permissions": [
-    	"\\|services\\|GET",
-      "test\\.auth\\.access\\|services\\|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
-    "permissions": [
-      "test\\.auth\\.access\\|rest\\|read"
-     ]
-  },
-  {
-    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
-    "permissions": [
-      "test.auth.access|clouds|read",
-      "test.auth.access|tenants|read"
-    ]
-  },
-  {
-    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
-    "permissions": [
-      "test.auth.access|clouds|read",
-      "test.auth.access|tenants|read",
-      "test.auth.access|vservers|read"
-    ]
-  },
-  {
-    "uri": "\/backend$",
-    "permissions": [
-      "test\\.auth\\.access\\|services\\|GET,PUT",
-      "\\|services\\|GET"
-     ]
-  },
-  {
-    "uri": "\/services\/babel-service\/.*",
-    "permissions": [
-      "org\\.access\\|\\*\\|\\*"
-     ]
-  }
-]
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/cadi.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/cadi.properties
deleted file mode 100644
index 188c55b..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/cadi.properties
+++ /dev/null
@@ -1,27 +0,0 @@
-{{/*
-# This is a normal Java Properties File
-# Comments are with Pound Signs at beginning of lines,
-# and multi-line expression of properties can be obtained by backslash at end of line
-
-#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
-#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name 
-#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
-#to your hosts file on your machine.
-#hostname=test.aic.cip.att.com
-*/}}
-
-cadi_loglevel=DEBUG
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
-
-cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
-cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-
-# Configure AAF
-aaf_url=https://{{.Values.global.aaf.serverHostname}}:{{.Values.global.aaf.serverPort}}
-aaf_env=DEV
-
-aaf_id=demo@people.osaaf.org
-aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
-
-# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/forward-proxy.properties
deleted file mode 100644
index 1b58d42..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/forward-proxy.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-forward-proxy.protocol = https
-forward-proxy.host = localhost
-forward-proxy.port = 10680
-forward-proxy.cacheurl = /credential-cache
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-babel/resources/rproxy/config/logback-spring.xml
deleted file mode 100644
index 2cd95d4..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
-    <property name="LOGS" value="./logs/reverse-proxy" />
-    <property name="FILEPREFIX" value="application" />
-
-    <appender name="Console"
-        class="ch.qos.logback.core.ConsoleAppender">
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>
-                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
-            </Pattern>
-        </layout>
-    </appender>
-
-    <appender name="RollingFile"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${LOGS}/${FILEPREFIX}.log</file>
-        <encoder
-            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
-            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
-        </encoder>
-
-        <rollingPolicy
-            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <!-- rollover daily and when the file reaches 10 MegaBytes -->
-            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
-            </fileNamePattern>
-            <timeBasedFileNamingAndTriggeringPolicy
-                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
-                <maxFileSize>10MB</maxFileSize>
-            </timeBasedFileNamingAndTriggeringPolicy>
-        </rollingPolicy>
-    </appender>
-
-    <!-- LOG everything at INFO level -->
-    <root level="info">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </root>
-
-    <!-- LOG "com.baeldung*" at TRACE level  -->
-    <logger name="org.onap.aaf.rproxy" level="info" />
-
-</configuration>
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/primary-service.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/primary-service.properties
deleted file mode 100644
index 7055bf5..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/primary-service.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-primary-service.protocol = https
-primary-service.host = localhost
-primary-service.port = 9516
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/readme.txt b/kubernetes/aai/components/aai-babel/resources/rproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/components/aai-babel/resources/rproxy/config/reverse-proxy.properties
deleted file mode 100644
index 8d46e1f..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/reverse-proxy.properties
+++ /dev/null
@@ -1 +0,0 @@
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/resources/rproxy/config/security/keyfile b/kubernetes/aai/components/aai-babel/resources/rproxy/config/security/keyfile
deleted file mode 100644
index 6cd12fc..0000000
--- a/kubernetes/aai/components/aai-babel/resources/rproxy/config/security/keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-bZNOXiGDJ2_eiKBKWYLIFx27URvb-SWfmOl2d-QKetcVKIupOrsG-ScS_VXOtKN3Yxfb2cR6t7oM
-1RNpDnhsKAxDLM6A62IkS_h_Rp3Q9c2JeyomVmyiuHR7a2ARbelaMrX8WDrxXI_t9ce4pIHDVE29
-xiQm3Bdp7d7IiKkgg-ipvOU7Y6NEzeQbvHlHvRTJ3ZZMSwHxBOA5M8DhKN-AF1sqwozEVaNAuJxK
-BVdh72A6KTW7ieb_GvVQQp8h32BuOz8oJhZV7KaGXsWTEvXg9ImboY0h7Sl9hufgn1ZtDK1jxzGm
-6O6LBg1qezzZaFGTXRmHvaeYmEeYSu0bGsU4x-JCU0RyhNTzFhkhjNoccaqPXBdcJymLf096mD99
-QLS8nyji_KtLQJL1fqr500c8p6SOURLPgG6Gzkn4ghgFYlfgve92xs1R3ggHKhNTLV4HJ4O6iSDm
-zCoHeRbsZR1JER9yxT-v8NtcHOMAZe1oDQeY6jVyxb-bhaonN6eZPI4nyF6MHJQtWKhGARC_kOs6
-x9E0ZdAEp5TrX7F7J5PwkXzbCOuSiTVftOBum43iUB4q9He8tn2tJ0X4LtLHT3bPl16wWnZm9RPf
-8wBtTJh4QP_cTStPq1ftSaLIAuqVFpbiC2DxGemXZn3QvykuYqa-rKeYPoIJ5dtWd5rNb_hhcSIz
-FakKTELb0HWYGji98TBF6PaStea2f2m-wGX_uQGD7_Dijl6AgnV9koKVs1bN1XljLtNMPbLdD8sz
-UCvc5lwvCFyyeunljI7os1fgwBmaMyckflq5VfZv9kFxom6jFLbcozylQ_uBg4j7oCP79IXVUI-r
-banZltOSmm8zHGc2R9UlUyxJWBi01yxwi1hUtn9g1H4RtncQpu3BY0Qvu5YLAmS5imivUnGVZWbv
-6wcqnJt5HwaVatE9NHONSLNTViQPsUOutWZBZxhJtAncdZuWOYZSh4TPzUJWvt6zT0E3YMBc_UuG
-yPmdLyqo7qGHR8YWRqq_vq6ISJqENMnVD6X9-BeI6KM4GPEAlDWyhgENXxQFjG45ufg3UpP8LBTB
-xDntlfkphRumsd13-8IlvwVtlpgnbuCMbwP_-lNVeNJcdA1InPt79oY-SEVZ-RVM1881ZASCnFeB
-lh3BTc_bGQ8YoC9s6iHtcCK_1SdbwzBfQBJUqqcYsa8hJLe-j8di7KCaFzI3a-UXWKuuWljpbKbq
-ibd48UFJt_34_GxkD6bmLxycuNH-og2Sd2VcYU0o5UarcrY4-2sgFPE7Mzxovrl98uayfgNF9DqE
-fJ4MwFGqLRtEHlm4zfuMxQ5Rh_giMUHDJApc1DYRkxdGbNUd4bC4aRBln2IhN-rNKbSVtiW_uT6v
-1KTMGmElvktjPWybJd2SvhT5qOLUM81-cmZzAsNa04jxZLBlQn_1fel3IroVos4Ohbdhar2NG6T5
-liten9RZ9P4Cg9RWhgeQonAD5kqLWXAHnCfffb5CVcAU5PHqkCgCbdThvD0-zIGETLO9AE0jKISc
-0o67CUZn3MzJ9pP_3gh-ALr2w-KAwqasqCf0igf1wmEDijv9wEDcgDm39ERIElTpGKgfyuVl4F8u
-PrpK5ZfpUYySUB6CZFQVVz0MvH6E7orQk4dCKFIimV_XwEtGijBttrTvyV6xYNScAEw_olt-0mdm
-8UEKSsuqSyDMxUWLjKJT19rNedahYJNtI87WR9Fhhjsrai9Or3a-srOYa56wcvSj2ZHbkevbO9Xv
-dQ2wzWCGEAMQSpSr83n0XEpR2pZT19Z19Svbhr08mnt2JNykCk60FLCeDTUOylJtYw6YOjqBizQZ
--85B51BCbSEaAKJkgT9-8n_-LGW5aPBrBB_9FT7UIYczNEt3B1Lqr2s4ipPI_36JecEfqaS2cNLn
-c0ObAtNGAONkhO5LYLneMR3fZPMFuOX1-rMObPgE0i9dYqWDZ_30w9rpRsmiWyxYi5lvWDxU5L1J
-uJxwREz3oa_VgpSC3Y2oxCufdQwzBk57iVLDOb1qs_Hwj1SWd1nukWyAo2-g5sR1folAEcao
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/templates/configmap.yaml b/kubernetes/aai/components/aai-babel/templates/configmap.yaml
index cdd2a4f..baee38c 100644
--- a/kubernetes/aai/components/aai-babel/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/configmap.yaml
@@ -1,6 +1,7 @@
 {{/*
 # Copyright © 2018 Amdocs, AT&T
 # Modifications Copyright © 2018 Bell Canada
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -27,46 +28,3 @@
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-log-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-log-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
-{{ end }}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/templates/deployment.yaml b/kubernetes/aai/components/aai-babel/templates/deployment.yaml
index e75815e..9fe386a 100644
--- a/kubernetes/aai/components/aai-babel/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/deployment.yaml
@@ -1,7 +1,7 @@
 {{/*
 # Copyright © 2018 Amdocs, AT&T
 # Modifications Copyright © 2018 Bell Canada
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020,2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -37,19 +37,6 @@
         app: {{ include "common.name" . }}
         release: {{ include "common.release" . }}
     spec:
-    {{ if .Values.global.installSidecarSecurity }}
-      hostAliases:
-      - ip: {{ .Values.global.aaf.serverIp }}
-        hostnames:
-        - {{ .Values.global.aaf.serverHostname }}
-
-      initContainers:
-        - name: {{ .Values.global.tproxyConfig.name }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          securityContext:
-            privileged: true
-    {{ end }}
       containers:
         - name: {{ include "common.name" . }}
           image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -127,79 +114,6 @@
           - mountPath: /usr/share/filebeat/data
             name: aai-filebeat
 
-    {{ if .Values.global.installSidecarSecurity }}
-        - name: {{ .Values.global.rproxy.name }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          env:
-          - name: CONFIG_HOME
-            value: "/opt/app/rproxy/config"
-          - name: KEY_STORE_PASSWORD
-            value: {{ .Values.config.keyStorePassword }}
-          - name: spring_profiles_active
-            value: {{ .Values.global.rproxy.activeSpringProfiles }}
-          volumeMounts:
-          - name: {{ include "common.fullname" . }}-rproxy-config
-            mountPath: /opt/app/rproxy/config/forward-proxy.properties
-            subPath: forward-proxy.properties
-          - name: {{ include "common.fullname" . }}-rproxy-config
-            mountPath: /opt/app/rproxy/config/primary-service.properties
-            subPath: primary-service.properties
-          - name: {{ include "common.fullname" . }}-rproxy-config
-            mountPath: /opt/app/rproxy/config/reverse-proxy.properties
-            subPath: reverse-proxy.properties
-          - name: {{ include "common.fullname" . }}-rproxy-config
-            mountPath: /opt/app/rproxy/config/cadi.properties
-            subPath: cadi.properties
-          - name: {{ include "common.fullname" . }}-rproxy-log-config
-            mountPath: /opt/app/rproxy/config/logback-spring.xml
-            subPath: logback-spring.xml
-          - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-            mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
-            subPath: uri-authorization.json
-          - name: {{ include "common.fullname" . }}-rproxy-auth-config
-            mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
-            subPath: tomcat_keystore
-          - name: {{ include "common.fullname" . }}-rproxy-auth-config
-            mountPath: /opt/app/rproxy/config/auth/client-cert.p12
-            subPath: client-cert.p12
-          - name: {{ include "common.fullname" . }}-rproxy-auth-config
-            mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
-            subPath: aaf_truststore.jks
-          - name: {{ include "common.fullname" . }}-rproxy-security-config
-            mountPath: /opt/app/rproxy/config/security/keyfile
-            subPath: keyfile
-
-          ports:
-          - containerPort: {{ .Values.global.rproxy.port }}
-
-        - name: {{ .Values.global.fproxy.name }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          env:
-          - name: CONFIG_HOME
-            value: "/opt/app/fproxy/config"
-          - name: KEY_STORE_PASSWORD
-            value: {{ .Values.config.keyStorePassword }}
-          - name: spring_profiles_active
-            value: {{ .Values.global.fproxy.activeSpringProfiles }}
-          volumeMounts:
-          - name: {{ include "common.fullname" . }}-fproxy-config
-            mountPath: /opt/app/fproxy/config/fproxy.properties
-            subPath: fproxy.properties
-          - name: {{ include "common.fullname" . }}-fproxy-log-config
-            mountPath: /opt/app/fproxy/config/logback-spring.xml
-            subPath: logback-spring.xml
-          - name: {{ include "common.fullname" . }}-fproxy-auth-config
-            mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
-            subPath: tomcat_keystore
-          - name: {{ include "common.fullname" . }}-fproxy-auth-config
-            mountPath: /opt/app/fproxy/config/auth/client-cert.p12
-            subPath: client-cert.p12
-          ports:
-          - containerPort: {{ .Values.global.fproxy.port }}
-    {{ end }}
-
       volumes:
         - name: localtime
           hostPath:
@@ -226,32 +140,6 @@
           emptyDir: {}
         - name: aai-filebeat
           emptyDir: {}
-    {{ if .Values.global.installSidecarSecurity }}
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          configMap:
-            name: {{ include "common.fullname" . }}-rproxy-config
-        - name: {{ include "common.fullname" . }}-rproxy-log-config
-          configMap:
-            name: {{ include "common.fullname" . }}-rproxy-log-config
-        - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-          configMap:
-            name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-        - name: {{ include "common.fullname" . }}-rproxy-auth-config
-          secret:
-            secretName: {{ include "common.fullname" . }}-rproxy-auth-config
-        - name: {{ include "common.fullname" . }}-rproxy-security-config
-          secret:
-            secretName: {{ include "common.fullname" . }}-rproxy-security-config
-        - name: {{ include "common.fullname" . }}-fproxy-config
-          configMap:
-            name: {{ include "common.fullname" . }}-fproxy-config
-        - name: {{ include "common.fullname" . }}-fproxy-log-config
-          configMap:
-            name: {{ include "common.fullname" . }}-fproxy-log-config
-        - name: {{ include "common.fullname" . }}-fproxy-auth-config
-          secret:
-            secretName: {{ include "common.fullname" . }}-fproxy-auth-config
-    {{ end }}
 
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/components/aai-babel/templates/secrets.yaml b/kubernetes/aai/components/aai-babel/templates/secrets.yaml
index 630ce83..b81ffa0 100644
--- a/kubernetes/aai/components/aai-babel/templates/secrets.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/secrets.yaml
@@ -1,6 +1,7 @@
 {{/*
 # Copyright © 2018 Amdocs, AT&T
 # Modifications Copyright © 2018 Bell Canada
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -43,48 +44,3 @@
 data:
   KEY_STORE_PASSWORD: {{ .Values.config.keyStorePassword | b64enc | quote }}
   KEY_MANAGER_PASSWORD: {{ .Values.config.keyManagerPassword | b64enc | quote }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-auth-config
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-auth-config
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-security-config
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
-{{ end }}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-babel/templates/service.yaml b/kubernetes/aai/components/aai-babel/templates/service.yaml
index fb72955..db54ce1 100644
--- a/kubernetes/aai/components/aai-babel/templates/service.yaml
+++ b/kubernetes/aai/components/aai-babel/templates/service.yaml
@@ -1,6 +1,7 @@
 {{/*
 # Copyright © 2018 Amdocs, AT&T
 # Modifications Copyright © 2018 Bell Canada
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -28,27 +29,16 @@
 spec:
   type: {{ .Values.service.type }}
   ports:
-  {{ if .Values.global.installSidecarSecurity }}
-      {{if eq .Values.service.type "NodePort" -}}
-      - port: {{ .Values.global.rproxy.port }}
-        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-        name: {{ .Values.service.portName }}
-      {{- else -}}
-      - port: {{ .Values.service.externalPort }}
-        targetPort: {{ .Values.global.rproxy.port }}
-        name: {{ .Values.service.portName }}
-      {{- end}}
-  {{ else }}
-      {{if eq .Values.service.type "NodePort" -}}
-      - port: {{ .Values.service.internalPort }}
-        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-        name: {{ .Values.service.portName }}
-      {{- else -}}
-      - port: {{ .Values.service.externalPort }}
-        targetPort: {{ .Values.service.internalPort }}
-        name: {{ .Values.service.portName }}
-      {{- end}}
-  {{ end }}
+    {{- if eq .Values.service.type "NodePort" }}
+    - port: {{ .Values.service.internalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.portName }}
+    {{- else }}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.portName }}
+    {{- end }}
+
   selector:
     app: {{ include "common.name" . }}
     release: {{ include "common.release" . }}
diff --git a/kubernetes/aai/components/aai-babel/values.yaml b/kubernetes/aai/components/aai-babel/values.yaml
index f0a5ec2..db1a2eb 100644
--- a/kubernetes/aai/components/aai-babel/values.yaml
+++ b/kubernetes/aai/components/aai-babel/values.yaml
@@ -1,6 +1,6 @@
 # Copyright © 2018 Amdocs, AT&T
 # Modifications Copyright © 2018 Bell Canada
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020, 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -17,8 +17,7 @@
 #################################################################
 # Global configuration defaults.
 #################################################################
-global:
-  installSidecarSecurity: false
+global: {}
 
 #################################################################
 # Application configuration defaults.
diff --git a/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/client-cert.p12 b/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/client-cert.p12
deleted file mode 100644
index d9fe86e..0000000
--- a/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/fproxy_truststore b/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/fproxy_truststore
deleted file mode 100644
index f6ebc75..0000000
--- a/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/fproxy_truststore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 9eec841..0000000
--- a/kubernetes/aai/components/aai-resources/resources/fproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-resources/resources/fproxy/config/fproxy.properties b/kubernetes/aai/components/aai-resources/resources/fproxy/config/fproxy.properties
deleted file mode 100644
index f512fb7..0000000
--- a/kubernetes/aai/components/aai-resources/resources/fproxy/config/fproxy.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-credential.cache.timeout.ms=180000
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-resources/resources/fproxy/config/logback-spring.xml
deleted file mode 100644
index 9a08348..0000000
--- a/kubernetes/aai/components/aai-resources/resources/fproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
- 
-    <property name="LOGS" value="./logs/AAF-FPS" />
-    <property name="FILEPREFIX" value="application" />
- 
-    <appender name="Console"
-        class="ch.qos.logback.core.ConsoleAppender">
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>
-                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
-            </Pattern>
-        </layout>
-    </appender>
- 
-    <appender name="RollingFile"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${LOGS}/${FILEPREFIX}.log</file>
-        <encoder
-            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
-            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
-        </encoder>
- 
-        <rollingPolicy
-            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <!-- rollover daily and when the file reaches 10 MegaBytes -->
-            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
-            </fileNamePattern>
-            <timeBasedFileNamingAndTriggeringPolicy
-                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
-                <maxFileSize>10MB</maxFileSize>
-            </timeBasedFileNamingAndTriggeringPolicy>
-        </rollingPolicy>
-    </appender>
-     
-    <!-- LOG everything at INFO level -->
-    <root level="info">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </root>
- 
-    <!-- LOG "com.baeldung*" at TRACE level -->
-    <logger name="org.onap.aaf.fproxy" level="info" />
- 
-</configuration>
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/resources/fproxy/config/readme.txt b/kubernetes/aai/components/aai-resources/resources/fproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-resources/resources/fproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/client-cert.p12 b/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/client-cert.p12
deleted file mode 100644
index 071d407..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/client-cert.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12 b/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12
deleted file mode 100644
index 023e2ea..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/org.onap.aai.p12
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/tomcat_keystore b/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/tomcat_keystore
deleted file mode 100644
index 6ad5f51..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/tomcat_keystore
+++ /dev/null
Binary files differ
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/uri-authorization.json
deleted file mode 100644
index e23c03d..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/auth/uri-authorization.json
+++ /dev/null
@@ -1,99 +0,0 @@
-[
-  {
-    "uri": "\/not\/allowed\/at\/all$",
-    "permissions": [
-      "test.auth.access.ifYouLikedItYouShouldHavePutAPermissionOnIt"
-     ]
-  },
-  {
-    "uri": "\/one\/auth\/required$",
-    "permissions": [
-      "test.auth.access.aSimpleSingleAuth"
-     ]
-  },
-  {
-    "uri": "\/multi\/auth\/required$",
-    "permissions": [
-      "test.auth.access.aMultipleAuth1",
-      "test.auth.access.aMultipleAuth2",
-      "test.auth.access.aMultipleAuth3"
-     ]
-  },
-  {
-    "uri": "\/one\/[^\/]+\/required$",
-    "permissions": [
-      "test.auth.access.aSimpleSingleAuth"
-     ]
-  },
-  {
-    "uri": "\/services\/getAAFRequest$",
-    "permissions": [
-      "test.auth.access|services|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/admin\/getAAFRequest$",
-    "permissions": [
-      "test.auth.access|admin|GET,PUT,POST"
-     ]
-  },
-  {
-    "uri": "\/service\/aai\/webapp\/index.html$",
-    "permissions": [
-      "test.auth.access|services|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/services\/aai\/webapp\/index.html$",
-    "permissions": [
-      "test.auth.access|services|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/$",
-    "permissions": [
-    	"\\|services\\|GET",
-      "test\\.auth\\.access\\|services\\|GET,PUT"
-     ]
-  },
-  {
-    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions$",
-    "permissions": [
-      "test\\.auth\\.access\\|rest\\|read"
-     ]
-  },
-  {
-    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+$*",
-    "permissions": [
-      "test.auth.access|clouds|read",
-      "test.auth.access|tenants|read"
-    ]
-  },
-  {
-    "uri": "\/aai\/v10\/cloud-infrastructure\/cloud-regions\/cloud-region\/[^\/]+[\/][^\/]+\/tenants/tenant/[^\/]+/vservers/vserver/[^\/]+$",
-    "permissions": [
-      "test.auth.access|clouds|read",
-      "test.auth.access|tenants|read",
-      "test.auth.access|vservers|read"
-    ]
-  },
-  {
-    "uri": "\/backend$",
-    "permissions": [
-      "test\\.auth\\.access\\|services\\|GET,PUT",
-      "\\|services\\|GET"
-     ]
-  },
-  {
-    "uri": "\/aai\/.*",
-    "permissions": [
-      "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
-     ]
-  },
-  {
-    "uri": "\/aai\/util\/echo",
-    "permissions": [
-      "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
-     ]
-  }
-]
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties b/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties
deleted file mode 100644
index fb3d1cc..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/cadi.properties
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# This is a normal Java Properties File
-# Comments are with Pound Signs at beginning of lines,
-# and multi-line expression of properties can be obtained by backslash at end of line
-
-#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
-#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name 
-#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
-#to your hosts file on your machine.
-#hostname=test.aic.cip.att.com
-*/}}
-
-cadi_loglevel=DEBUG
-
-# OAuth2
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect
-
-cadi_latitude=37.78187
-cadi_longitude=-122.26147
-
-# Locate URL (which AAF Env)
-aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
-
-# AAF URL
-aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
-
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
-cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
-cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
-cadi_alias=aai@aai.onap.org
-cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
-cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-
-aaf_env=DEV
-
-aaf_id=demo@people.osaaf.org
-aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
-
-# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/components/aai-resources/resources/rproxy/config/forward-proxy.properties
deleted file mode 100644
index 1b58d42..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/forward-proxy.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-forward-proxy.protocol = https
-forward-proxy.host = localhost
-forward-proxy.port = 10680
-forward-proxy.cacheurl = /credential-cache
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-resources/resources/rproxy/config/logback-spring.xml
deleted file mode 100644
index 799fd86..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,45 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
- 
-    <property name="LOGS" value="./logs/reverse-proxy" />
-    <property name="FILEPREFIX" value="application" />
- 
-    <appender name="Console"
-        class="ch.qos.logback.core.ConsoleAppender">
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>
-                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
-            </Pattern>
-        </layout>
-    </appender>
- 
-    <appender name="RollingFile"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${LOGS}/${FILEPREFIX}.log</file>
-        <encoder
-            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
-            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
-        </encoder>
- 
-        <rollingPolicy
-            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <!-- rollover daily and when the file reaches 10 MegaBytes -->
-            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
-            </fileNamePattern>
-            <timeBasedFileNamingAndTriggeringPolicy
-                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
-                <maxFileSize>10MB</maxFileSize>
-            </timeBasedFileNamingAndTriggeringPolicy>
-        </rollingPolicy>
-    </appender>
-     
-    <!-- LOG everything at INFO level -->
-    <root level="info">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </root>
- 
-    <!-- LOG "com.baeldung*" at TRACE level  -->
-    <logger name="org.onap.aaf.rproxy" level="info" />
- 
-</configuration>
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/primary-service.properties b/kubernetes/aai/components/aai-resources/resources/rproxy/config/primary-service.properties
deleted file mode 100644
index 2c89d28..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/primary-service.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-primary-service.protocol = https
-primary-service.host = localhost
-primary-service.port = 8447
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/readme.txt b/kubernetes/aai/components/aai-resources/resources/rproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/components/aai-resources/resources/rproxy/config/reverse-proxy.properties
deleted file mode 100644
index 8d46e1f..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/reverse-proxy.properties
+++ /dev/null
@@ -1 +0,0 @@
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/resources/rproxy/config/security/keyfile b/kubernetes/aai/components/aai-resources/resources/rproxy/config/security/keyfile
deleted file mode 100644
index 3416d4a..0000000
--- a/kubernetes/aai/components/aai-resources/resources/rproxy/config/security/keyfile
+++ /dev/null
@@ -1,27 +0,0 @@
-2otP92kNFHdexroZxvgYY7ffslFiwCD3CiVYMIfUF2edqZK7972NwkvE_mbaBo6jh8lByLIqrWAf
-jyzoiVsvQ_kCa0cS1xaRLpcxv3bx1b7o3hGPBqpd6vmSG4y2JLzNlCBZWuTJz827wr8p_fWrYuUm
-4L1WoaEe8W5PRnXjl4hDqbJBAlEoRIBXugUDt_7O5wgx2Rl3HVoOczZtf0RzONZ1F0BmKf3QlAUe
-moSbARitYRgIPt5sLbT7qPyoEpGDhQ1XBowR744-wsjBc-14yO62Ajp5xWKTp15uWn3_HHuw1SAf
-GWSBRGlSlEVkXQqi9Hw5jDttKVzHX1ckwR0SQOirbtHPHplxPX3WKjKhSdSeMzw6LOAHIQYRMKBT
-74oGnULAfPtV7TaGwOKriT3P49CoPdt9On89-LGyCZSxDWKH0K-rgB6I2_hPT2Uzr3jmXiMa-sfh
-iMvyQ7ABBVx0OFsUuNb5mcU2O6dWiQreL5RerrloV_X3ZtnNjxENXKjQ5KBR1A5ISPjFFK-kf4Rb
-p6FSII8LcsiqgdWuZ4GX_C6x8HX4A-vD0x3Uc9CfoXY-k23cNIy-R-W-oB-P2OgdWDNgZ7VaOLNt
-3L-NwWpNblfYvs93cNmkbVAwCZ3r0OP7RFeuON84TRaynK_Fh2S3rypRyJcUmM1pvpZqJ5_-umSW
-hUs1OqkdLv3xjlVzzK-3nMr0q3Zcyp4XdyLYtcX5I3Xqk9ZcsyAT7ghmHhV8KjUjue7OcfAWg0m7
-RJLGq6VC8HeK4HEMa4lF677Qh7DRufghIDEmQSIDfGA790WGSA8HqcOvAL4hURCHyCWiPa5i8ksX
-xX4HyqF8PCVCLJ_ZhzcuIlc0jStAexWbJU_vcyX7XgUaHCkF-M-zv1FP6Z3DHBMD2QqSWjmyNCCk
-8sIuwzs62P_j2o9jG33kssedCrUWOwZancU107-5H0Zw-UWvtCqUfmRZ7TsEbWY7lk_SKfLfAN5q
-ncOQgU_VxDXUFDST4LN_WVECRafK3UtwWomxWSji25Lbf6NVni3ok-yLMDZR-wrE-54jLPES9j0i
-5N0xrk9CfsvGUpUZ1_XQcgaxI6m27DtCCJXb5ywenPBiUIJCMCTq88CqNZxGpju2i4BJcUH2hUHe
-GKhO8pgslwhtEVot9EDwdzSrJkWFCfb6ud4zMxrqdi7-mLWMOydg6lhpEFEX5wu2BLIujGsZlEGE
-_K9jGfBypjXuJCKDZIuPfEnf_7idjKis_JcFB7x4Hx2HHDcBjlWWFZN_VIEnPkQSyZEC26RTFP3k
-zkY3GwUfA36a4XW2pu3gE9wz-W6fkONfzOZ6YiyCm_dRFUVuGSdJG02Hh5iXYlMOGJltPzWH2jVf
-S-QTOmXQTKSOheXoJO6O-9uQbsRf-kq-6w1pvIOp4ms35w4_0Xj0Xr2a9y-L9PdBZvrUsa-jxsZU
-LyA-YY4Ej6QwDBDTD2MGjF1E5_ekYgjoNlltM9rJjofruM4ym0n7LPHC7YXXQSEFOZYeTKi6wUDw
-hQ1DoWHgu4PQ2lexada8sxQdConbPe2iW16h-PrO5D12E4XbT00fqaMlBmjQwzdNRdCC2NRPIQ5W
-nwaO8dZ9yjxsjT7ZVHb9-DRblb3XDocponzxVXqUGtJAie4WXQnerX0ApTWGaHEr5y56JJVS_3LP
-bKrbXBXcs4jTUX4ECXRrOs8JQDQNysXhvTPCu0XUxNZpjx6KLxDs93k2OcESHjl5J6n6OKKJqqoN
-JEyFO5LGXpnmUJbn0-CaHHPRI1mHwEu4brY8wDZd9A0PD1KGXDoCHMfEk1lGblQdyOcVrXZ6uSBk
-Z6zHDnwSCHO1mPYqtelJQehZoFuPSv9PIgKLxs_qJOtZFnXII5YO1mGXgiIBWBjUFDR5HG4ENS6y
-J4MCF-JLMp-PVMAkOaCIQRRDpRnMm_fT1sc_P562Diu_pcdt-r55pMFQYGoGfjRmxQBKk0-SsdnP
-mlZIiis9DfQEN0q3QQdNRYBJD7tmhUwhAPZdLgXqJA8sZf8UyFQhhpsky79NT343YL9smUlF
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/templates/configmap.yaml b/kubernetes/aai/components/aai-resources/templates/configmap.yaml
index 2927031..f173916 100644
--- a/kubernetes/aai/components/aai-resources/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/configmap.yaml
@@ -1,5 +1,6 @@
 {{/*
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -49,113 +50,3 @@
 {{ tpl (.Files.Glob "resources/config/aaf/permissions.properties").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.props").AsConfig . | indent 2 }}
 {{ tpl (.Files.Glob "resources/config/aaf/cadi.properties").AsConfig . | indent 2 }}
-
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-aaf-keys
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
-{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-aai-policy-configmap
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/auth/aai_policy.json").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-log-config
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-auth-config
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-log-config
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-auth-config
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-security-config
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/security/*").AsSecrets . | indent 2 }}
-{{ end }}
diff --git a/kubernetes/aai/components/aai-resources/templates/deployment.yaml b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
index 765ccdf..6fbbf1c 100644
--- a/kubernetes/aai/components/aai-resources/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/deployment.yaml
@@ -72,13 +72,6 @@
       {{- end }}
     spec:
       hostname: aai-resources
-    {{- if .Values.global.initContainers.enabled }}
-      {{- if .Values.global.installSidecarSecurity }}
-      hostAliases:
-      - ip: {{ .Values.global.aaf.serverIp }}
-        hostnames:
-        - {{ .Values.global.aaf.serverHostname }}
-      {{- end }}
       initContainers:
       - command:
       {{- if .Values.global.jobs.migration.enabled }}
@@ -86,23 +79,24 @@
         args:
         - --job-name
         - {{ include "common.release" . }}-aai-graphadmin-migration
-      {{- else if .Values.global.jobs.createSchema.enabled  }}
+      {{- else }}
+        {{- if .Values.global.jobs.createSchema.enabled  }}
         - /app/ready.py
         args:
         - --job-name
         - {{ include "common.release" . }}-aai-graphadmin-create-db-schema
-      {{- else }}
+        {{- else }}
         - /app/ready.py
         args:
         - --container-name
-        {{- if .Values.global.cassandra.localCluster }}
+          {{- if .Values.global.cassandra.localCluster }}
         - aai-cassandra
-        {{- else }}
+          {{- else }}
         - cassandra
-        {{- end }}
+          {{- end }}
         - --container-name
         - aai-schema-service
-      {{- end }}
+        {{- end }}
         env:
         - name: NAMESPACE
           valueFrom:
@@ -112,14 +106,7 @@
         image: {{ include "repositoryGenerator.image.readiness" . }}
         imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
         name: {{ include "common.name" . }}-readiness
-      {{- if .Values.global.installSidecarSecurity }}
-      - name: {{ .Values.global.tproxyConfig.name }}
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        securityContext:
-          privileged: true
       {{- end }}
-    {{- end }}
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -155,11 +142,6 @@
         - mountPath: /opt/app/aai-resources/resources/etc/auth/realm.properties
           name: {{ include "common.fullname" . }}-config
           subPath: realm.properties
-        {{- if .Values.global.installSidecarSecurity }}
-        - mountPath: /opt/app/aai-resources/resources/etc/auth/aai_policy.json
-          name: {{ include "common.fullname" . }}-aai-policy
-          subPath: aai_policy.json
-        {{- end }}
         - mountPath: /opt/app/aai-resources/resources/aaf/org.onap.aai.keyfile
           name: {{ include "common.fullname" . }}-aaf-certs
           subPath: org.onap.aai.keyfile
@@ -233,84 +215,6 @@
         - mountPath: /usr/share/filebeat/data
           name: {{ include "common.fullname" . }}-filebeat
         resources: {{ include "common.resources" . | nindent 12 }}
-    {{- if .Values.global.installSidecarSecurity }}
-      - name: {{ .Values.global.rproxy.name }}
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        env:
-        - name: CONFIG_HOME
-          value: "/opt/app/rproxy/config"
-        - name: KEY_STORE_PASSWORD
-          value: {{ .Values.sidecar.keyStorePassword }}
-        - name: spring_profiles_active
-          value: {{ .Values.global.rproxy.activeSpringProfiles }}
-        volumeMounts:
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/forward-proxy.properties
-          subPath: forward-proxy.properties
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/primary-service.properties
-          subPath: primary-service.properties
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/reverse-proxy.properties
-          subPath: reverse-proxy.properties
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/cadi.properties
-          subPath: cadi.properties
-        - name: {{ include "common.fullname" . }}-rproxy-log-config
-          mountPath: /opt/app/rproxy/config/logback-spring.xml
-          subPath: logback-spring.xml
-        - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-          mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
-          subPath: uri-authorization.json
-        - name: {{ include "common.fullname" . }}-rproxy-auth-config
-          mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
-          subPath: tomcat_keystore
-        - name: {{ include "common.fullname" . }}-rproxy-auth-config
-          mountPath: /opt/app/rproxy/config/auth/client-cert.p12
-          subPath: client-cert.p12
-        - name: {{ include "common.fullname" . }}-rproxy-auth-config
-          mountPath: /opt/app/rproxy/config/auth/aaf_truststore.jks
-          subPath: aaf_truststore.jks
-        - name: {{ include "common.fullname" . }}-rproxy-security-config
-          mountPath: /opt/app/rproxy/config/security/keyfile
-          subPath: keyfile
-        - name: {{ include "common.fullname" . }}-rproxy-auth-config
-          mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
-          subPath: org.onap.aai.p12
-        ports:
-        - containerPort: {{ .Values.global.rproxy.port }}
-      - name: {{ .Values.global.fproxy.name }}
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        env:
-        - name: CONFIG_HOME
-          value: "/opt/app/fproxy/config"
-        - name: KEY_STORE_PASSWORD
-          value: {{ .Values.sidecar.keyStorePassword }}
-        - name: TRUST_STORE_PASSWORD
-          value: {{ .Values.sidecar.trustStorePassword }}
-        - name: spring_profiles_active
-          value: {{ .Values.global.fproxy.activeSpringProfiles }}
-        volumeMounts:
-        - name: {{ include "common.fullname" . }}-fproxy-config
-          mountPath: /opt/app/fproxy/config/fproxy.properties
-          subPath: fproxy.properties
-        - name: {{ include "common.fullname" . }}-fproxy-log-config
-          mountPath: /opt/app/fproxy/config/logback-spring.xml
-          subPath: logback-spring.xml
-        - name: {{ include "common.fullname" . }}-fproxy-auth-config
-          mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
-          subPath: fproxy_truststore
-        - name: {{ include "common.fullname" . }}-fproxy-auth-config
-          mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
-          subPath: tomcat_keystore
-        - name: {{ include "common.fullname" . }}-fproxy-auth-config
-          mountPath: /opt/app/fproxy/config/auth/client-cert.p12
-          subPath: client-cert.p12
-        ports:
-        - containerPort: {{ .Values.global.fproxy.port }}
-    {{- end }}
       volumes:
       - name: aai-common-aai-auth-mount
         secret:
@@ -342,35 +246,6 @@
           - key: {{ . }}
             path: {{ . }}
           {{- end }}
-    {{- if .Values.global.installSidecarSecurity }}
-      - name: {{ include "common.fullname" . }}-aai-policy
-        configMap:
-          name: {{ include "common.fullname" . }}-aai-policy-configmap
-      - name: {{ include "common.fullname" . }}-rproxy-config
-        configMap:
-          name: {{ include "common.fullname" . }}-rproxy-config
-      - name: {{ include "common.fullname" . }}-rproxy-log-config
-        configMap:
-          name: {{ include "common.fullname" . }}-rproxy-log-config
-      - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-        configMap:
-          name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-      - name: {{ include "common.fullname" . }}-rproxy-auth-config
-        secret:
-          secretName: {{ include "common.fullname" . }}-rproxy-auth-config
-      - name: {{ include "common.fullname" . }}-rproxy-security-config
-        secret:
-          secretName: {{ include "common.fullname" . }}-rproxy-security-config
-      - name: {{ include "common.fullname" . }}-fproxy-config
-        configMap:
-          name: {{ include "common.fullname" . }}-fproxy-config
-      - name: {{ include "common.fullname" . }}-fproxy-log-config
-        configMap:
-          name: {{ include "common.fullname" . }}-fproxy-log-config
-      - name: {{ include "common.fullname" . }}-fproxy-auth-config
-        secret:
-          secretName: {{ include "common.fullname" . }}-fproxy-auth-config
-    {{- end }}
       restartPolicy: {{ .Values.restartPolicy }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/templates/configmap.yaml b/kubernetes/aai/components/aai-resources/templates/secret.yaml
similarity index 69%
rename from kubernetes/clamp/templates/configmap.yaml
rename to kubernetes/aai/components/aai-resources/templates/secret.yaml
index 1a5b0ce..d241490 100644
--- a/kubernetes/clamp/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/secret.yaml
@@ -1,6 +1,5 @@
 {{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -16,16 +15,17 @@
 */}}
 
 apiVersion: v1
-kind: ConfigMap
+kind: Secret
 metadata:
-  name: {{ include "common.fullname" . }}
+  name: {{ include "common.fullname" . }}-aaf-keys
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
     chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
     release: {{ include "common.release" . }}
     heritage: {{ .Release.Service }}
+type: Opaque
 data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
-
-{{ include "common.log.configMap" . }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.keyfile").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/org.onap.aai.p12").AsSecrets . | indent 2 }}
+{{ tpl (.Files.Glob "resources/config/aaf/bath_config.csv").AsSecrets . | indent 2 }}
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-resources/templates/service.yaml b/kubernetes/aai/components/aai-resources/templates/service.yaml
index 66dfd49..460e0d5 100644
--- a/kubernetes/aai/components/aai-resources/templates/service.yaml
+++ b/kubernetes/aai/components/aai-resources/templates/service.yaml
@@ -27,7 +27,7 @@
 spec:
   type: {{ .Values.service.type }}
   ports:
-  {{if eq .Values.service.type "NodePort" -}}
+  {{ if eq .Values.service.type "NodePort" -}}
   - port: {{ .Values.service.internalPort }}
     nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
     name: {{ .Values.service.portName }}
@@ -39,7 +39,7 @@
     name: {{ .Values.service.portName }}
   - port: {{ .Values.service.internalPort2 }}
     name: {{ .Values.service.portName2 }}
-  {{- end}}
+  {{- end }}
   selector:
     app: {{ include "common.name" . }}
     release: {{ include "common.release" . }}
diff --git a/kubernetes/aai/components/aai-resources/values.yaml b/kubernetes/aai/components/aai-resources/values.yaml
index 620b4d7..5210a24 100644
--- a/kubernetes/aai/components/aai-resources/values.yaml
+++ b/kubernetes/aai/components/aai-resources/values.yaml
@@ -24,9 +24,6 @@
     #Override it to aai-cassandra if localCluster is enabled.
     serviceName: cassandra
 
-  rproxy:
-    name: reverse-proxy
-
   initContainers:
     enabled: true
 
diff --git a/kubernetes/aai/components/aai-search-data/resources/fproxy/config/fproxy.properties b/kubernetes/aai/components/aai-search-data/resources/fproxy/config/fproxy.properties
deleted file mode 100644
index f512fb7..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/fproxy/config/fproxy.properties
+++ /dev/null
@@ -1,2 +0,0 @@
-credential.cache.timeout.ms=180000
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-search-data/resources/fproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-search-data/resources/fproxy/config/logback-spring.xml
deleted file mode 100644
index edac199..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/fproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
-    <property name="LOGS" value="./logs/AAF-FPS" />
-    <property name="FILEPREFIX" value="application" />
-
-    <appender name="Console"
-        class="ch.qos.logback.core.ConsoleAppender">
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>
-                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
-            </Pattern>
-        </layout>
-    </appender>
-
-    <appender name="RollingFile"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${LOGS}/${FILEPREFIX}.log</file>
-        <encoder
-            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
-            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
-        </encoder>
-
-        <rollingPolicy
-            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <!-- rollover daily and when the file reaches 10 MegaBytes -->
-            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
-            </fileNamePattern>
-            <timeBasedFileNamingAndTriggeringPolicy
-                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
-                <maxFileSize>10MB</maxFileSize>
-            </timeBasedFileNamingAndTriggeringPolicy>
-        </rollingPolicy>
-    </appender>
-
-    <!-- LOG everything at INFO level -->
-    <root level="debug">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </root>
-
-    <!-- LOG "com.baeldung*" at TRACE level -->
-    <logger name="org.onap.aaf.fproxy" level="trace" additivity="false">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </logger>
-
-</configuration>
diff --git a/kubernetes/aai/components/aai-search-data/resources/fproxy/config/readme.txt b/kubernetes/aai/components/aai-search-data/resources/fproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/fproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/auth/uri-authorization.json b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/auth/uri-authorization.json
deleted file mode 100644
index 595d484..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/auth/uri-authorization.json
+++ /dev/null
@@ -1,11 +0,0 @@
-[
-  {
-    "uri": "\/services\/search-data-service\/.*",
-    "method": "GET|PUT|POST|DELETE",
-    "permissions": [
-      "org\\.onap\\.aai\\.resources\\|\\*\\|.*"
-     ]
-  }
-
-
-]
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/cadi.properties b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/cadi.properties
deleted file mode 100644
index fb3d1cc..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/cadi.properties
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# This is a normal Java Properties File
-# Comments are with Pound Signs at beginning of lines,
-# and multi-line expression of properties can be obtained by backslash at end of line
-
-#hostname is used for local testing where you may have to set your hostname to **.att.com or **.sbc.com. The example given below
-#will allow for an ATT cross domain cookie to be used for GLO. If you are running on Windows corp machine, your machine name 
-#may be used automatically by cadi. However, if it is not, you will need to use hostname=mywebserver.att.com and add mywebserver.att.com
-#to your hosts file on your machine.
-#hostname=test.aic.cip.att.com
-*/}}
-
-cadi_loglevel=DEBUG
-
-# OAuth2
-aaf_oauth2_token_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.token:2.1/token
-aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.introspect:2.1/introspect
-
-cadi_latitude=37.78187
-cadi_longitude=-122.26147
-
-# Locate URL (which AAF Env)
-aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095
-
-# AAF URL
-aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1
-
-cadi_keyfile=/opt/app/rproxy/config/security/keyfile
-cadi_keystore=/opt/app/rproxy/config/auth/org.onap.aai.p12
-cadi_keystore_password=enc:383RDJRFA6yQz9AOxUxC1iIg3xTJXityw05MswnpnEtelRQy2D4r5INQjrea7GTV
-cadi_alias=aai@aai.onap.org
-cadi_truststore=/opt/app/rproxy/config/auth/tomcat_keystore
-cadi_truststore_password=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
-
-aaf_env=DEV
-
-aaf_id=demo@people.osaaf.org
-aaf_password=enc:92w4px0y_rrm265LXLpw58QnNPgDXykyA1YTrflbAKz
-
-# This is a colon separated list of client cert issuers
-cadi_x509_issuers=CN=ONAP, OU=ONAP, O=ONAP, L=Ottawa, ST=Ontario, C=CA
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/forward-proxy.properties b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/forward-proxy.properties
deleted file mode 100644
index 55a9b48..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/forward-proxy.properties
+++ /dev/null
@@ -1,4 +0,0 @@
-forward-proxy.protocol = https
-forward-proxy.host = localhost
-forward-proxy.port = 10680
-forward-proxy.cacheurl = /credential-cache
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/logback-spring.xml b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/logback-spring.xml
deleted file mode 100644
index 289fe75..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/logback-spring.xml
+++ /dev/null
@@ -1,48 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<configuration>
-
-    <property name="LOGS" value="./logs/reverse-proxy" />
-    <property name="FILEPREFIX" value="application" />
-
-    <appender name="Console"
-        class="ch.qos.logback.core.ConsoleAppender">
-        <layout class="ch.qos.logback.classic.PatternLayout">
-            <Pattern>
-                %d{ISO8601} %-5level [%t] %C{1.}: %msg%n%throwable
-            </Pattern>
-        </layout>
-    </appender>
-
-    <appender name="RollingFile"
-        class="ch.qos.logback.core.rolling.RollingFileAppender">
-        <file>${LOGS}/${FILEPREFIX}.log</file>
-        <encoder
-            class="ch.qos.logback.classic.encoder.PatternLayoutEncoder">
-            <Pattern>%d %p %C{1.} [%t] %m%n</Pattern>
-        </encoder>
-
-        <rollingPolicy
-            class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
-            <!-- rollover daily and when the file reaches 10 MegaBytes -->
-            <fileNamePattern>${LOGS}/archived/${FILEPREFIX}-%d{yyyy-MM-dd}.%i.log
-            </fileNamePattern>
-            <timeBasedFileNamingAndTriggeringPolicy
-                class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
-                <maxFileSize>10MB</maxFileSize>
-            </timeBasedFileNamingAndTriggeringPolicy>
-        </rollingPolicy>
-    </appender>
-
-    <!-- LOG everything at INFO level -->
-    <root level="debug">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </root>
-
-    <!-- LOG "com.baeldung*" at TRACE level  -->
-    <logger name="org.onap.aaf.rproxy" level="trace" additivity="false">
-        <appender-ref ref="RollingFile" />
-        <appender-ref ref="Console" />
-    </logger>
-
-</configuration>
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/primary-service.properties b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/primary-service.properties
deleted file mode 100644
index 5fddcb2..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/primary-service.properties
+++ /dev/null
@@ -1,3 +0,0 @@
-primary-service.protocol = https
-primary-service.host = localhost
-primary-service.port = 9509
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/readme.txt b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/readme.txt
deleted file mode 100644
index 79cf29e..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/readme.txt
+++ /dev/null
@@ -1 +0,0 @@
-Relevant configuration files need to be copied here to successfully run this service locally.
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/reverse-proxy.properties b/kubernetes/aai/components/aai-search-data/resources/rproxy/config/reverse-proxy.properties
deleted file mode 100644
index 8d46e1f..0000000
--- a/kubernetes/aai/components/aai-search-data/resources/rproxy/config/reverse-proxy.properties
+++ /dev/null
@@ -1 +0,0 @@
-transactionid.header.name=X-TransactionId
\ No newline at end of file
diff --git a/kubernetes/aai/components/aai-search-data/templates/configmap.yaml b/kubernetes/aai/components/aai-search-data/templates/configmap.yaml
index 28cf730..0d76239 100644
--- a/kubernetes/aai/components/aai-search-data/templates/configmap.yaml
+++ b/kubernetes/aai/components/aai-search-data/templates/configmap.yaml
@@ -1,5 +1,6 @@
 {{/*
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -39,47 +40,3 @@
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/log/logback.xml").AsConfig . | indent 2 }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-fproxy-log-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/fproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-log-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/logback-spring.xml").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-  namespace: {{ include "common.namespace" . }}
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/uri-authorization.json").AsConfig . | indent 2 }}
-{{ end }}
-
diff --git a/kubernetes/aai/components/aai-search-data/templates/deployment.yaml b/kubernetes/aai/components/aai-search-data/templates/deployment.yaml
index eb4aefe..eaa9087 100644
--- a/kubernetes/aai/components/aai-search-data/templates/deployment.yaml
+++ b/kubernetes/aai/components/aai-search-data/templates/deployment.yaml
@@ -1,7 +1,7 @@
 {{/*
 # Copyright © 2017 Amdocs, Bell Canada
 # Modifications Copyright © 2018 AT&T
-# Modifications Copyright © 2020 Orange
+# Modifications Copyright © 2020,2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -38,14 +38,6 @@
         release: {{ include "common.release" . }}
       name: {{ include "common.name" . }}
     spec:
-    {{ if .Values.global.installSidecarSecurity }}
-      initContainers:
-        - name: {{ .Values.global.tproxyConfig.name }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.tproxyConfig.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          securityContext:
-            privileged: true
-    {{ end }}
       containers:
       - name: {{ include "common.name" . }}
         image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
@@ -126,85 +118,6 @@
           name: {{ include "common.fullname" . }}-service-logs
         - mountPath: /usr/share/filebeat/data
           name: {{ include "common.fullname" . }}-service-filebeat
-
-    {{ if .Values.global.installSidecarSecurity }}
-      - name: {{ .Values.global.rproxy.name }}
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.rproxy.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        env:
-        - name: CONFIG_HOME
-          value: "/opt/app/rproxy/config"
-        - name: KEY_STORE_PASSWORD
-          value: {{ .Values.config.keyStorePassword }}
-        - name: spring_profiles_active
-          value: {{ .Values.global.rproxy.activeSpringProfiles }}
-        volumeMounts:
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/forward-proxy.properties
-          subPath: forward-proxy.properties
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/primary-service.properties
-          subPath: primary-service.properties
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/reverse-proxy.properties
-          subPath: reverse-proxy.properties
-        - name: {{ include "common.fullname" . }}-rproxy-config
-          mountPath: /opt/app/rproxy/config/cadi.properties
-          subPath: cadi.properties
-        - name: {{ include "common.fullname" . }}-rproxy-log-config
-          mountPath: /opt/app/rproxy/config/logback-spring.xml
-          subPath: logback-spring.xml
-        - name: {{ include "common.fullname" . }}-rproxy-auth-certs
-          mountPath: /opt/app/rproxy/config/auth/tomcat_keystore
-          subPath: tomcat_keystore
-        - name: {{ include "common.fullname" . }}-rproxy-auth-certs
-          mountPath: /opt/app/rproxy/config/auth/client-cert.p12
-          subPath: client-cert.p12
-        - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-          mountPath: /opt/app/rproxy/config/auth/uri-authorization.json
-          subPath: uri-authorization.json
-        - name: {{ include "common.fullname" . }}-rproxy-auth-certs
-          mountPath: /opt/app/rproxy/config/auth/org.onap.aai.p12
-          subPath: org.onap.aai.p12
-        - name: {{ include "common.fullname" . }}-rproxy-security-config
-          mountPath: /opt/app/rproxy/config/security/keyfile
-          subPath: keyfile
-
-        ports:
-        - containerPort: {{ .Values.global.rproxy.port }}
-
-      - name: {{ .Values.global.fproxy.name }}
-        image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.global.fproxy.image }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        env:
-        - name: CONFIG_HOME
-          value: "/opt/app/fproxy/config"
-        - name: KEY_STORE_PASSWORD
-          value: {{ .Values.config.keyStorePassword }}
-        - name: TRUST_STORE_PASSWORD
-          value: {{ .Values.config.trustStorePassword }}
-        - name: spring_profiles_active
-          value: {{ .Values.global.fproxy.activeSpringProfiles }}
-        volumeMounts:
-        - name: {{ include "common.fullname" . }}-fproxy-config
-          mountPath: /opt/app/fproxy/config/fproxy.properties
-          subPath: fproxy.properties
-        - name: {{ include "common.fullname" . }}-fproxy-log-config
-          mountPath: /opt/app/fproxy/config/logback-spring.xml
-          subPath: logback-spring.xml
-        - name: {{ include "common.fullname" . }}-fproxy-auth-certs
-          mountPath: /opt/app/fproxy/config/auth/fproxy_truststore
-          subPath: fproxy_truststore
-        - name: {{ include "common.fullname" . }}-fproxy-auth-certs
-          mountPath: /opt/app/fproxy/config/auth/tomcat_keystore
-          subPath: tomcat_keystore
-        - name: {{ include "common.fullname" . }}-fproxy-auth-certs
-          mountPath: /opt/app/fproxy/config/auth/client-cert.p12
-          subPath: client-cert.p12
-        ports:
-        - containerPort: {{ .Values.global.fproxy.port }}
-    {{ end }}
-
       volumes:
       - name: localtime
         hostPath:
@@ -228,35 +141,6 @@
       - name: {{ include "common.fullname" . }}-service-log-conf
         configMap:
           name: {{ include "common.fullname" . }}-service-log
-    {{ if .Values.global.installSidecarSecurity }}
-      - name: {{ include "common.fullname" . }}-rproxy-config
-        configMap:
-          name: {{ include "common.fullname" . }}-rproxy-config
-      - name: {{ include "common.fullname" . }}-rproxy-log-config
-        configMap:
-          name: {{ include "common.fullname" . }}-rproxy-log-config
-      - name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-        configMap:
-          name: {{ include "common.fullname" . }}-rproxy-uri-auth-config
-      - name: {{ include "common.fullname" . }}-rproxy-auth-config
-        secret:
-          secretName: {{ include "common.fullname" . }}-rproxy-auth-config
-      - name: {{ include "common.fullname" . }}-rproxy-auth-certs
-        secret:
-          secretName: aai-rproxy-auth-certs
-      - name: {{ include "common.fullname" . }}-rproxy-security-config
-        secret:
-          secretName: aai-rproxy-security-config
-      - name: {{ include "common.fullname" . }}-fproxy-config
-        configMap:
-          name: {{ include "common.fullname" . }}-fproxy-config
-      - name: {{ include "common.fullname" . }}-fproxy-log-config
-        configMap:
-          name: {{ include "common.fullname" . }}-fproxy-log-config
-      - name: {{ include "common.fullname" . }}-fproxy-auth-certs
-        secret:
-          secretName: aai-fproxy-auth-certs
-    {{ end }}
       restartPolicy: {{ .Values.global.restartPolicy | default .Values.restartPolicy }}
       imagePullSecrets:
       - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/aai/components/aai-search-data/templates/secret.yaml b/kubernetes/aai/components/aai-search-data/templates/secret.yaml
index eacae25..3135df6 100644
--- a/kubernetes/aai/components/aai-search-data/templates/secret.yaml
+++ b/kubernetes/aai/components/aai-search-data/templates/secret.yaml
@@ -1,5 +1,6 @@
 {{/*
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -40,16 +41,3 @@
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/auth/search_policy.json").AsSecrets . | indent 2 }}
-
-{{ if .Values.global.installSidecarSecurity }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-rproxy-auth-config
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/rproxy/config/auth/*").AsSecrets . | indent 2 }}
-{{ end }}
-
diff --git a/kubernetes/aai/components/aai-search-data/templates/service.yaml b/kubernetes/aai/components/aai-search-data/templates/service.yaml
index 940222c..e031410 100644
--- a/kubernetes/aai/components/aai-search-data/templates/service.yaml
+++ b/kubernetes/aai/components/aai-search-data/templates/service.yaml
@@ -1,5 +1,6 @@
 {{/*
 # Copyright © 2018 Amdocs, Bell Canada, AT&T
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -27,28 +28,14 @@
 spec:
   type: {{ .Values.service.type }}
   ports:
-{{ if .Values.global.installSidecarSecurity }}
-      {{if eq .Values.service.type "NodePort" -}}
-      - port: {{ .Values.service.internalPort }}
-        nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-        targetPort: {{ .Values.global.rproxy.port }}
-        name: {{ .Values.service.portName }}
-      {{- else -}}
-      - port: {{ .Values.service.externalPort }}
-        targetPort: {{ .Values.global.rproxy.port }}
-        name: {{ .Values.service.portName }}
-      {{- end}}
-  {{ else }}
-
-  {{if eq .Values.service.type "NodePort" -}}
-  - port: {{ .Values.service.internalPort }}
-    nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-    name: {{ .Values.service.portName }}
-  {{- else -}}
-  - port: {{ .Values.service.internalPort }}
-    name: {{ .Values.service.portName }}
-  {{- end}}
-{{ end }}
+    {{- if eq .Values.service.type "NodePort" }}
+    - port: {{ .Values.service.internalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.portName }}
+    {{- else }}
+    - port: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.portName }}
+    {{- end }}
   selector:
     app: {{ include "common.name" . }}
     release: {{ include "common.release" . }}
diff --git a/kubernetes/aai/components/aai-search-data/values.yaml b/kubernetes/aai/components/aai-search-data/values.yaml
index ae61dd7..4bd535a 100644
--- a/kubernetes/aai/components/aai-search-data/values.yaml
+++ b/kubernetes/aai/components/aai-search-data/values.yaml
@@ -55,7 +55,7 @@
 service:
   type: ClusterIP
   portName: aai-search-data
-  internalPort: 9509
+  internalPort: "9509"
 
 ingress:
   enabled: false
diff --git a/kubernetes/aai/values.yaml b/kubernetes/aai/values.yaml
index 08a1fb8..516dcc4 100644
--- a/kubernetes/aai/values.yaml
+++ b/kubernetes/aai/values.yaml
@@ -1,6 +1,7 @@
 # Copyright (c) 2017 Amdocs, Bell Canada
 # Modifications Copyright (c) 2018 AT&T
 # Modifications Copyright (c) 2020 Nokia, Orange
+# Modifications Copyright (c) 2021 Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -30,30 +31,8 @@
 
   restartPolicy: Always
 
-  installSidecarSecurity: false
   aafEnabled: true
-
-  fproxy:
-    name: forward-proxy
-    activeSpringProfiles: noHostVerification,cadi
-    image: onap/fproxy:2.1.13
-    port: 10680
-
-  rproxy:
-    name: reverse-proxy
-    activeSpringProfiles: noHostVerification,cadi
-    image: onap/rproxy:2.1.13
-    port: 10692
-
-  tproxyConfig:
-    name: init-tproxy-config
-    image: onap/tproxy-config:2.1.13
-
-  # AAF server details. Only needed if the AAF DNS does not resolve from the pod
-  aaf:
-    serverIp: 10.12.6.214
-    serverHostname: aaf.osaaf.org
-    serverPort: 30247
+  msbEnabled: true
 
   cassandra:
     #This will instantiate AAI cassandra cluster, default:shared cassandra.
diff --git a/kubernetes/clamp/.helmignore b/kubernetes/clamp/.helmignore
deleted file mode 100644
index 68ffb32..0000000
--- a/kubernetes/clamp/.helmignore
+++ /dev/null
@@ -1 +0,0 @@
-components/
diff --git a/kubernetes/clamp/Makefile b/kubernetes/clamp/Makefile
deleted file mode 100644
index 89b2f46..0000000
--- a/kubernetes/clamp/Makefile
+++ /dev/null
@@ -1,56 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES := dist resources templates charts docker
-HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-HELM_VER := $(shell $(HELM_BIN) version --template "{{.Version}}")
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
-	@echo "\n[$@]"
-	@make package-$@
-
-make-%:
-	@if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
-	@if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
-	@if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
-
-package-%: lint-%
-	@mkdir -p $(PACKAGE_DIR)
-ifeq "$(findstring v3,$(HELM_VER))" "v3"
-	@if [ -f $*/Chart.yaml ]; then PACKAGE_NAME=$$($(HELM_BIN) package -d $(PACKAGE_DIR) $* | cut -d":" -f2) && $(HELM_BIN) push -f $$PACKAGE_NAME local; fi
-else
-	@if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
-endif
-	@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
-	@rm -f */requirements.lock
-	@rm -f *tgz */charts/*tgz
-	@rm -rf $(PACKAGE_DIR)
-%:
-	@:
diff --git a/kubernetes/clamp/components/Makefile b/kubernetes/clamp/components/Makefile
deleted file mode 100644
index bf267b7..0000000
--- a/kubernetes/clamp/components/Makefile
+++ /dev/null
@@ -1,51 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-ROOT_DIR := $(shell dirname $(realpath $(lastword $(MAKEFILE_LIST))))
-OUTPUT_DIR := $(ROOT_DIR)/../../dist
-PACKAGE_DIR := $(OUTPUT_DIR)/packages
-SECRET_DIR := $(OUTPUT_DIR)/secrets
-
-EXCLUDES :=
-HELM_BIN := helm
-HELM_CHARTS := $(filter-out $(EXCLUDES), $(sort $(patsubst %/.,%,$(wildcard */.))))
-
-.PHONY: $(EXCLUDES) $(HELM_CHARTS)
-
-all: $(HELM_CHARTS)
-
-$(HELM_CHARTS):
-	@echo "\n[$@]"
-	@make package-$@
-
-make-%:
-	@if [ -f $*/Makefile ]; then make -C $*; fi
-
-dep-%: make-%
-	@if [ -f $*/requirements.yaml ]; then $(HELM_BIN) dep up $*; fi
-
-lint-%: dep-%
-	@if [ -f $*/Chart.yaml ]; then $(HELM_BIN) lint $*; fi
-
-package-%: lint-%
-	@mkdir -p $(PACKAGE_DIR)
-	@if [ -f $*/Chart.yaml ]; then $(HELM_BIN) package -d $(PACKAGE_DIR) $*; fi
-	@$(HELM_BIN) repo index $(PACKAGE_DIR)
-
-clean:
-	@rm -f */requirements.lock
-	@rm -f *tgz */charts/*tgz
-	@rm -rf $(PACKAGE_DIR)
-%:
-	@:
diff --git a/kubernetes/clamp/components/clamp-backend/Chart.yaml b/kubernetes/clamp/components/clamp-backend/Chart.yaml
deleted file mode 100644
index c9aa635..0000000
--- a/kubernetes/clamp/components/clamp-backend/Chart.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Clamp
-name: clamp-backend
-version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-dash-es/Chart.yaml b/kubernetes/clamp/components/clamp-dash-es/Chart.yaml
deleted file mode 100644
index c2b8ccb..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/Chart.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Clamp Dashboard Elasticsearch
-name: clamp-dash-es
-version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-dash-es/requirements.yaml b/kubernetes/clamp/components/clamp-dash-es/requirements.yaml
deleted file mode 100644
index 22b92c4..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/requirements.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
-  - name: common
-    version: ~7.x-0
-    repository: '@local'
-  - name: certInitializer
-    version: ~7.x-0
-    repository: '@local'
-  - name: repositoryGenerator
-    version: ~7.x-0
-    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/clamp/components/clamp-dash-es/resources/config/elasticsearch.yml b/kubernetes/clamp/components/clamp-dash-es/resources/config/elasticsearch.yml
deleted file mode 100644
index 9e04d5a..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/resources/config/elasticsearch.yml
+++ /dev/null
@@ -1,138 +0,0 @@
----
-# Copyright © 2020  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ======================== Elasticsearch Configuration =========================
-#
-# NOTE: Elasticsearch comes with reasonable defaults for most settings.
-#       Before you set out to tweak and tune the configuration, make sure you
-#       understand what are you trying to accomplish and the consequences.
-#
-# The primary way of configuring a node is via this file. This template lists
-# the most important settings you may want to configure for a production cluster.
-#
-# Please consult the documentation for further information on configuration options:
-# https://www.elastic.co/guide/en/elasticsearch/reference/index.html
-#
-# ---------------------------------- Cluster -----------------------------------
-#
-# Name of the Elasticsearch cluster.
-# A node can only join a cluster when it shares its cluster.name with all the other nodes in the cluster.
-# The default name is elasticsearch, but you should change it to an appropriate name which describes the
-# purpose of the cluster.
-#
-## Default Elasticsearch configuration from elasticsearch-docker.
-## from https://opendistro.github.io/for-elasticsearch-docs/docs/elasticsearch/configuration/
-#
-
-cluster.name: "clamp-dashboard"
-node.name: "cldash-es-node1"
-# ---------------------------------- Network -----------------------------------
-#
-# Set the bind address to a specific IP (IPv4 or IPv6):
-# In order to communicate and to form a cluster with nodes on other servers, your node will need to bind to a
-# non-loopback address.
-network.host: 0.0.0.0
-#
-# Set a custom port for HTTP: If required, default is 9200-9300
-#
-#http.port: $http.port
-#
-# For more information, consult the network module documentation.
-# ----------------------------------- Paths ------------------------------------
-#
-# The location of the data files of each index / shard allocated on the node. Can hold multiple locations separated by coma.
-# In production, we should not keep this default to "/elasticsearch/data", as on upgrading Elasticsearch, directory structure
-# may change & can deal to data loss.
-path.data: /usr/share/elasticsearch/data
-#
-# Elasticsearch's log files location. In production, we should not keep this default to "/elasticsearch/logs",
-# as on upgrading Elasticsearch, directory structure may change.
-path.logs: /usr/share/elasticsearch/logs
-#
-# ----------------------------------- Memory -----------------------------------
-#
-# It is vitally important to the health of your node that none of the JVM is ever swapped out to disk.
-# Lock the memory on startup.
-#
-bootstrap.memory_lock: false
-#
-# Make sure that the heap size is set to about half the memory available
-# on the system and that the owner of the process is allowed to use this
-# limit.
-#
-# Elasticsearch performs poorly when the system is swapping the memory.
-#
-# --------------------------------- Discovery ----------------------------------
-#
-# Pass an initial list of hosts to perform discovery when new node is started
-# To form a cluster with nodes on other servers, you have to provide a seed list of other nodes in the cluster
-# that are likely to be live and contactable.
-# By default, Elasticsearch will bind to the available loopback addresses and will scan ports 9300 to 9305 to try
-# to connect to other nodes running on the same server.
-# # minimum_master_nodes need to be explicitly set when bound on a public IP
-# # set to 1 to allow single node clusters
-# # Details: https://github.com/elastic/elasticsearch/pull/17288
-discovery.zen.minimum_master_nodes: 1
-discovery.seed_hosts: []
-# # Breaking change in 7.0
-# # https://www.elastic.co/guide/en/elasticsearch/reference/7.0/breaking-changes-7.0.html#breaking_70_discovery_changes
-cluster.initial_master_nodes:
-    - cldash-es-node1
-#    - docker-test-node-1
-# ---------------------------------- Various -----------------------------------
-#
-# Require explicit names when deleting indices:
-#
-#action.destructive_requires_name: true
-# Set a custom port for HTTP: If required, default is 9200-9300
-# This is used for REST APIs
-http.port: {{.Values.service.externalPort}}
-# Port to bind for communication between nodes. Accepts a single value or a range.
-# If a range is specified, the node will bind to the first available port in the range.
-# Defaults to 9300-9400.
-# More info:
-transport.tcp.port: {{.Values.service.externalPort2}}
-
-######## Start OpenDistro for Elasticsearch Security Demo Configuration ########
-# WARNING: revise all the lines below before you go into production
-{{- if .Values.global.aafEnabled }}
-opendistro_security.ssl.transport.pemcert_filepath: {{ .Values.certInitializer.clamp_pem }}
-opendistro_security.ssl.transport.pemkey_filepath: {{ .Values.certInitializer.clamp_key }}
-opendistro_security.ssl.transport.pemtrustedcas_filepath: {{ .Values.certInitializer.clamp_ca_certs_pem }}
-opendistro_security.ssl.http.pemcert_filepath: {{ .Values.certInitializer.clamp_pem }}
-opendistro_security.ssl.http.pemkey_filepath: {{ .Values.certInitializer.clamp_key }}
-opendistro_security.ssl.http.pemtrustedcas_filepath: {{ .Values.certInitializer.clamp_ca_certs_pem }}
-{{- else }}
-opendistro_security.ssl.transport.pemcert_filepath: esnode.pem
-opendistro_security.ssl.transport.pemkey_filepath: esnode-key.pem
-opendistro_security.ssl.transport.pemtrustedcas_filepath: root-ca.pem
-opendistro_security.ssl.http.pemcert_filepath: esnode.pem
-opendistro_security.ssl.http.pemkey_filepath: esnode-key.pem
-opendistro_security.ssl.http.pemtrustedcas_filepath: root-ca.pem
-{{- end }}
-opendistro_security.ssl.transport.enforce_hostname_verification: false
-opendistro_security.ssl.http.enabled: {{.Values.security.ssl.enabled}}
-
-opendistro_security.allow_unsafe_democertificates: true
-opendistro_security.allow_default_init_securityindex: true
-opendistro_security.authcz.admin_dn:
-  - CN=kirk,OU=client,O=client,L=test, C=de
-
-opendistro_security.audit.type: internal_elasticsearch
-opendistro_security.enable_snapshot_restore_privilege: true
-opendistro_security.check_snapshot_restore_write_privileges: true
-opendistro_security.restapi.roles_enabled: ["all_access", "security_rest_api_access"]
-cluster.routing.allocation.disk.threshold_enabled: false
-node.max_local_storage_nodes: 3
-######## End OpenDistro for Elasticsearch Security Demo Configuration ########
diff --git a/kubernetes/clamp/components/clamp-dash-es/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/deployment.yaml
deleted file mode 100644
index d7aa77c..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/templates/deployment.yaml
+++ /dev/null
@@ -1,138 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
-  template:
-    metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
-    spec:
-      initContainers:
-      - command:
-        - /bin/sh
-        - -c
-        - |
-          sysctl -w vm.max_map_count=262144
-          mkdir -p /usr/share/elasticsearch/logs
-          mkdir -p /usr/share/elasticsearch/data
-          chmod -R 777 /usr/share/elasticsearch
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        securityContext:
-          privileged: true
-        image: {{ include "repositoryGenerator.image.busybox" . }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: init-sysctl
-        volumeMounts:
-        - name: {{ include "common.fullname" . }}-logs
-          mountPath: /usr/share/elasticsearch/logs/
-        - name: {{ include "common.fullname" . }}-data
-          mountPath: /usr/share/elasticsearch/data/
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
-      containers:
-        - name: {{ include "common.name" . }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          {{- if .Values.global.aafEnabled }}
-          command:
-          - sh
-          args:
-          - -c
-          - |
-            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_key }} /usr/share/elasticsearch/config/{{ .Values.certInitializer.clamp_key }}
-            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_pem }} /usr/share/elasticsearch/config/{{ .Values.certInitializer.clamp_pem }}
-            cp {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }} /usr/share/elasticsearch/config/{{ .Values.certInitializer.clamp_ca_certs_pem }}
-            /usr/local/bin/docker-entrypoint.sh
-          {{- end }}
-          ports:
-          - containerPort: {{ .Values.service.internalPort }}
-            name: {{ include "common.servicename" . }}
-          - containerPort: {{ .Values.service.internalPort2 }}
-            name: {{ include "common.servicename" . }}2
-# disable liveness probe when breakpoints set in debugger
-          # so K8s doesn't restart unresponsive container
-          {{- if eq .Values.liveness.enabled true }}
-          livenessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.liveness.periodSeconds }}
-            timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
-          {{ end -}}
-          readinessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort2 }}
-            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readiness.periodSeconds }}
-            timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
-          env:
-          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
-          - mountPath: /etc/localtime
-            name: localtime
-            readOnly: true
-          - mountPath: /usr/share/elasticsearch/config/elasticsearch.yml
-            name: {{ include "common.fullname" . }}-config
-            subPath: elasticsearch.yml
-          - mountPath: /usr/share/elasticsearch/data/
-            name: {{ include "common.fullname" . }}-data
-          resources:
-{{ include "common.resources" . | indent 12 }}
-        {{- if .Values.nodeSelector }}
-        nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
-        {{- end -}}
-        {{- if .Values.affinity }}
-        affinity:
-{{ toYaml .Values.affinity | indent 10 }}
-        {{- end }}
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: {{ include "common.fullname" . }}-config
-          configMap:
-            name: {{ include "common.fullname" . }}-configmap
-            items:
-            - key: elasticsearch.yml
-              path: elasticsearch.yml
-        - name: {{ include "common.fullname" . }}-data
-          persistentVolumeClaim:
-            claimName: {{ include "common.fullname" . }}
-        - name: {{ include "common.fullname" . }}-logs
-          hostPath:
-            path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPathLogs }}
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/components/clamp-dash-es/templates/pv.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/pv.yaml
deleted file mode 100644
index 3669621..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/templates/pv.yaml
+++ /dev/null
@@ -1,39 +0,0 @@
-{{/*
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-  name: {{ include "common.fullname" . }}-data
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
-    release: "{{ include "common.release" . }}"
-    heritage: "{{ .Release.Service }}"
-    name: {{ include "common.fullname" . }}
-spec:
-  capacity:
-    storage: {{ .Values.persistence.size}}
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  storageClassName: "{{ include "common.fullname" . }}-data"
-  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
-  hostPath:
-    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/clamp/components/clamp-dash-es/templates/pvc.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/pvc.yaml
deleted file mode 100644
index 6ae4eea..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/templates/pvc.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-{{/*
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-    release: "{{ include "common.release" . }}"
-    heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
-  annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  storageClassName: {{ include "common.storageClass" . }}
-  resources:
-    requests:
-      storage: {{ .Values.persistence.size }}
-{{- end -}}
diff --git a/kubernetes/clamp/components/clamp-dash-es/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-es/templates/service.yaml
deleted file mode 100644
index 9c182ed..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/templates/service.yaml
+++ /dev/null
@@ -1,70 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "common.servicename" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-  annotations:
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    {{if eq .Values.service.type "NodePort" -}}
-    - port: {{ .Values.service.externalPort }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.config.portName }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort }}
-      targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.config.portName }}
-    {{- end}}
-  selector:
-    app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "common.servicename" . }}-tcp
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-  annotations:
-spec:
-  type: {{ .Values.service.type2 }}
-  ports:
-    {{if eq .Values.service.type2 "NodePort" -}}
-    - port: {{ .Values.service.externalPort2 }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
-      name: {{ .Values.config.portName2 }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort2 }}
-      targetPort: {{ .Values.service.internalPort2 }}
-      name: {{ .Values.config.portName2 }}
-    {{- end}}
-  selector:
-    app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
diff --git a/kubernetes/clamp/components/clamp-dash-es/values.yaml b/kubernetes/clamp/components/clamp-dash-es/values.yaml
deleted file mode 100644
index 1e2ae47..0000000
--- a/kubernetes/clamp/components/clamp-dash-es/values.yaml
+++ /dev/null
@@ -1,163 +0,0 @@
-# Copyright © 2020 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  persistence: {}
-  centralizedLoggingEnabled: true
-  #AAF service
-  aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
-  permission_user: 1000
-  permission_group: 999
-  addconfig: true
-  keystoreFile: "org.onap.clamp.p12"
-  truststoreFile: "org.onap.clamp.trust.jks"
-  keyFile: "org.onap.clamp.keyfile"
-  truststoreFileONAP: "truststoreONAPall.jks"
-  clamp_key: "org.onap.clamp.crt.key"
-  clamp_pem: "org.onap.clamp.key.pem"
-  clamp_ca_certs_pem: "clamp-ca-certs.pem"
-  nameOverride: clamp-es-cert-initializer
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  # aafDeployCredsExternalSecret: some secret
-  fqdn: clamp
-  fqi: clamp@clamp.onap.org
-  public_fqdn: clamp.onap.org
-  cadi_longitude: "0.0"
-  cadi_latitude: "0.0"
-  app_ns: org.osaaf.aaf
-  credsPath: /opt/app/osaaf/local
-  aaf_add_config: >
-    /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
-    export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
-    cd {{ .Values.credsPath }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
-    chmod a+rx *;
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/clamp-dashboard-elasticsearch:5.0.4
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-# Example:
-config: {}
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
-  initialDelaySeconds: 180
-  periodSeconds: 30
-  timeoutSeconds: 5
-  # necessary to disable liveness probe when setting breakpoints
-  # in debugger so K8s doesn't restart unresponsive container
-  enabled: true
-
-readiness:
-  initialDelaySeconds: 180
-  periodSeconds: 30
-  timeoutSeconds: 5
-
-## Persist data to a persitent volume
-persistence:
-  enabled: true
-
-  ## A manually managed Persistent Volume and Claim
-  ## Requires persistence.enabled: true
-  ## If defined, PVC must be created manually before volume will be bound
-  # existingClaim:
-  volumeReclaimPolicy: Retain
-
-  ## database data Persistent Volume Storage Class
-  ## If defined, storageClassName: <storageClass>
-  ## If set to "-", storageClassName: "", which disables dynamic provisioning
-  ## If undefined (the default) or set to null, no storageClassName spec is
-  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-  ##   GKE, AWS & OpenStack)
-  accessMode: ReadWriteOnce
-  size: 4Gi
-  mountPath: /dockerdata-nfs
-  mountSubPath: clamp/dashboard-elasticsearch/data
-  mountSubPathLogs: clamp
-
-security:
-  ssl:
-    enabled: true
-
-service:
-  type: ClusterIP
-  name: cdash-es
-  portName: cdash-es-rest
-  externalPort: 9200
-  internalPort: 9200
-  type2: ClusterIP
-  portName2: cdash-es-tcp
-  externalPort2: 9300
-  internalPort2: 9300
-
-ingress:
-  enabled: false
-
-#resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
-  small:
-    limits:
-      cpu: 1
-      memory: 4Gi
-    requests:
-      cpu: 10m
-      memory: 2.5Gi
-  large:
-    limits:
-      cpu: 1
-      memory: 4Gi
-    requests:
-      cpu: 10m
-      memory: 2.5Gi
-  unlimited: {}
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml b/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml
deleted file mode 100644
index f5c146a..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/Chart.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Clamp Dashboard Kibana
-name: clamp-dash-kibana
-version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml b/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml
deleted file mode 100644
index 22b92c4..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/requirements.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
-  - name: common
-    version: ~7.x-0
-    repository: '@local'
-  - name: certInitializer
-    version: ~7.x-0
-    repository: '@local'
-  - name: repositoryGenerator
-    version: ~7.x-0
-    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml b/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml
deleted file mode 100644
index b7a8fbf..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/resources/config/kibana.yml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright © 2020  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.# Default Kibana configuration from kibana-docker.
-*/}}
-
-server.name: "Clamp CL Dashboard"
-server.host: "0"
-# Kibana is served by a back end server. This setting specifies the port to use.
-server.port: {{.Values.service.externalPort}}
-
-server.ssl.enabled: {{.Values.config.sslEnabled}}
-{{- if .Values.global.aafEnabled }}
-server.ssl.certificate: {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_pem }}
-server.ssl.key: {{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_key }}
-{{ else }}
-server.ssl.certificate: {{.Values.config.sslPemCertFilePath}}
-server.ssl.key: {{.Values.config.sslPemkeyFilePath}}
-{{- end }}
-# The URL of the Elasticsearch instance to use for all your queries.
-elasticsearch.hosts: ${elasticsearch_base_url}
-
-elasticsearch.ssl.verificationMode: none
-elasticsearch.username: {{.Values.config.elasticUSR}}
-elasticsearch.password: {{.Values.config.elasticPWD}}
-
-elasticsearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
-
-opendistro_security.multitenancy.enabled: true
-opendistro_security.multitenancy.tenants.preferred: ["Private", "Global"]
-opendistro_security.readonly_mode.roles: ["kibana_read_only"]
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml
deleted file mode 100644
index 48d8547..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/templates/configmap.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: Secret
-metadata:
-  name: {{ include "common.fullname" . }}-aaf-pem-keys
-  namespace: {{ include "common.namespace" . }}
-type: Opaque
-data:
-{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml
deleted file mode 100644
index 8cb95cd..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/templates/deployment.yaml
+++ /dev/null
@@ -1,107 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
-  template:
-    metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
-    spec:
-      initContainers:
-      - command:
-        - /app/ready.py
-        args:
-        - --container-name
-        - clamp-dash-es
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: {{ include "repositoryGenerator.image.readiness" . }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
-      containers:
-        - name: {{ include "common.name" . }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          ports:
-          - containerPort: {{ .Values.service.internalPort }}
-            name: {{ include "common.servicename" . }}
-          readinessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readiness.periodSeconds }}
-# disable liveness probe when breakpoints set in debugger
-          # so K8s doesn't restart unresponsive container
-          {{- if eq .Values.liveness.enabled true }}
-          livenessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.liveness.periodSeconds }}
-          {{ end -}}
-          env:
-          - name: elasticsearch_base_url
-            value: "{{ternary "https" "http" .Values.security.ssl.enabled}}://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}"
-          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
-          - mountPath: /etc/localtime
-            name: localtime
-            readOnly: true
-          - mountPath: /usr/share/kibana/config/kibana.yml
-            name: {{ include "common.fullname" . }}
-            subPath: kibana.yml
-          resources:
-{{ include "common.resources" . | indent 12 }}
-        {{- if .Values.nodeSelector }}
-        nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
-        {{- end -}}
-        {{- if .Values.affinity }}
-        affinity:
-{{ toYaml .Values.affinity | indent 10 }}
-        {{- end }}
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: {{ include "common.fullname" . }}
-          configMap:
-            name: {{ include "common.fullname" . }}
-            items:
-            - key: kibana.yml
-              path: kibana.yml
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml
deleted file mode 100644
index f1b6cf5..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/templates/service.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "common.servicename" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-  annotations:
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    {{if eq .Values.service.type "NodePort" -}}
-    - port: {{ .Values.service.externalPort }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.config.portName }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort }}
-      targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.config.portName }}
-    {{- end}}
-  selector:
-    app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/values.yaml b/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
deleted file mode 100644
index 9b5f1fc..0000000
--- a/kubernetes/clamp/components/clamp-dash-kibana/values.yaml
+++ /dev/null
@@ -1,152 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  persistence: {}
-  centralizedLoggingEnabled: true
-  #AAF service
-  aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
-  permission_user: 1000
-  permission_group: 999
-  addconfig: true
-  keystoreFile: "org.onap.clamp.p12"
-  truststoreFile: "org.onap.clamp.trust.jks"
-  keyFile: "org.onap.clamp.keyfile"
-  truststoreFileONAP: "truststoreONAPall.jks"
-  clamp_key: "org.onap.clamp.crt.key"
-  clamp_pem: "org.onap.clamp.key.pem"
-  clamp_ca_certs_pem: "clamp-ca-certs.pem"
-  nameOverride: clamp-kibana-cert-initializer
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  # aafDeployCredsExternalSecret: some secret
-  fqdn: clamp
-  fqi: clamp@clamp.onap.org
-  public_fqdn: clamp.onap.org
-  cadi_longitude: "0.0"
-  cadi_latitude: "0.0"
-  app_ns: org.osaaf.aaf
-  credsPath: /opt/app/osaaf/local
-  aaf_add_config: >
-    /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
-    export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
-    cd {{ .Values.credsPath }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
-    chmod a+rx *;
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-# application image
-image: onap/clamp-dashboard-kibana:5.0.4
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-#the 'sslEnabled flag' here below is for the kibana UI connection (web browser connection to kibana)
-config:
-  elasticsearchServiceName: cdash-es
-  elasticsearchPort: 9200
-  elasticUSR: kibanaserver
-  elasticPWD: kibanaserver
-  sslEnabled: true
-  sslPemCertFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.crt.pem
-  sslPemkeyFilePath: /usr/share/kibana/config/keystore/org.onap.clamp.key.pem
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
-  initialDelaySeconds: 360
-  periodSeconds: 30
-  # necessary to disable liveness probe when setting breakpoints
-  # in debugger so K8s doesn't restart unresponsive container
-  enabled: true
-
-readiness:
-  initialDelaySeconds: 360
-  periodSeconds: 30
-
-#internal ssl security scheme for elasticsearch connection mainly
-security:
-  ssl:
-    enabled: true
-
-service:
-  #Example service definition with external, internal and node ports.
-  #Services may use any combination of ports depending on the 'type' of
-  #service being defined.
-  type: NodePort
-  name: cdash-kibana
-  portName: cdash-kibana-http
-  externalPort: 5601
-  internalPort: 5601
-  nodePort: 90
-ingress:
-  enabled: false
-  service:
-    - baseaddr: "cdash-kibana"
-      name: "cdash-kibana"
-      port: 5601
-  config:
-    ssl: "redirect"
-
-#resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
-  small:
-    limits:
-      cpu: 1
-      memory: 2Gi
-    requests:
-      cpu: 10m
-      memory: 750Mi
-  large:
-    limits:
-      cpu: 1
-      memory: 2Gi
-    requests:
-      cpu: 10m
-      memory: 750Mi
-  unlimited: {}
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/Chart.yaml b/kubernetes/clamp/components/clamp-dash-logstash/Chart.yaml
deleted file mode 100644
index 686898e..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/Chart.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-apiVersion: v1
-description: ONAP Clamp Dashboard Logstash
-name: clamp-dash-logstash
-version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/requirements.yaml b/kubernetes/clamp/components/clamp-dash-logstash/requirements.yaml
deleted file mode 100644
index 22b92c4..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/requirements.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
-  - name: common
-    version: ~7.x-0
-    repository: '@local'
-  - name: certInitializer
-    version: ~7.x-0
-    repository: '@local'
-  - name: repositoryGenerator
-    version: ~7.x-0
-    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/resources/config/logstash.yml b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/logstash.yml
deleted file mode 100644
index 1e06e34..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/resources/config/logstash.yml
+++ /dev/null
@@ -1,26 +0,0 @@
-{{/*
-# Copyright © 2020  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-http.host: "0.0.0.0"
-## Path where pipeline configurations reside
-path.config: /usr/share/logstash/pipeline
-
-## Type of queue : memeory based or file based
-#queue.type: persisted
-## Size of queue
-#queue.max_bytes: 1024mb
-## Setting true makes logstash check periodically for change in pipeline configurations
-config.reload.automatic: true
-
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf b/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf
deleted file mode 100644
index b978e76..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/resources/config/pipeline.conf
+++ /dev/null
@@ -1,277 +0,0 @@
-{{/*
-# Copyright (c) 2018 AT&T Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-input {
-    http_poller {
-        urls => {
-            event_queue => {
-                method => get
-                url => "${dmaap_base_url}/events/${event_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000"
-                headers => {
-                    Accept => "application/json"
-                }
-                topic => "${event_topic}"
-                tags => [ "dmaap_source" ]
-            }
-            notification_queue => {
-                method => get
-                url => "${dmaap_base_url}/events/${notification_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000"
-                headers => {
-                    Accept => "application/json"
-                }
-                topic => "${notification_topic}"
-                tags => [ "dmaap_source" ]
-            }
-            request_queue => {
-                method => get
-                url => "${dmaap_base_url}/events/${request_topic}/${dmaap_consumer_group}/${dmaap_consumer_id}?timeout=15000"
-                headers => {
-                    Accept => "application/json"
-                }
-                topic => "${request_topic}"
-                tags => [ "dmaap_source" ]
-            }
-        }
-        socket_timeout => 30
-        request_timeout => 30
-        schedule => { "every" => "1m" }
-        codec => "plain"
-{{- if .Values.global.aafEnabled }}
-        cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
-        cacert => "/certs.d/aafca.pem"
-{{- end }}
-    }
-}
-
-
-filter {
-    # avoid noise if no entry in the list
-    if [message] == "[]" {
-        drop { }
-    }
-
-    if [http_request_failure] or [@metadata][code] != 200 {
-       mutate {
-              add_tag => [ "error" ]
-       }
-    }
-
-    if "dmaap_source" in [@metadata][request][tags] {
-        #
-        # Dmaap provides a json list, whose items are Strings containing the event
-        # provided to Dmaap, which itself is an escaped json.
-        #
-        # We first need to parse the json as we have to use the plaintext as it cannot
-        # work with list of events, then split that list into multiple string events,
-        # that we then transform into json.
-        #
-        json {
-            source => "[message]"
-            target => "message"
-        }
-
-        split {
-            field => "message"
-        }
-        json {
-            source => "message"
-        }
-        mutate {
-            remove_field => [ "message" ]
-        }
-    }
-
-    #
-    # Some timestamps are expressed as milliseconds, some are in microseconds
-    #
-    if [closedLoopAlarmStart] {
-        ruby {
-            code => "
-            if event.get('closedLoopAlarmStart').to_s.to_i(10) > 9999999999999
-              event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10) / 1000)
-            else
-              event.set('closedLoopAlarmStart', event.get('closedLoopAlarmStart').to_s.to_i(10))
-            end
-            "
-        }
-        date {
-            match => [ "closedLoopAlarmStart", UNIX_MS ]
-            target => "closedLoopAlarmStart"
-        }
-    }
-
-    if [closedLoopAlarmEnd] {
-        ruby {
-            code => "
-            if event.get('closedLoopAlarmEnd').to_s.to_i(10) > 9999999999999
-              event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10) / 1000)
-            else
-              event.set('closedLoopAlarmEnd', event.get('closedLoopAlarmEnd').to_s.to_i(10))
-            end
-            "
-        }
-        date {
-            match => [ "closedLoopAlarmEnd", UNIX_MS ]
-            target => "closedLoopAlarmEnd"
-        }
-
-    }
-
-
-    #
-    # Notification time are expressed under the form "yyyy-MM-dd HH:mm:ss", which
-    # is close to ISO8601, but lacks of T as spacer: "yyyy-MM-ddTHH:mm:ss"
-    #
-    if [notificationTime] {
-        mutate {
-            gsub => [
-                "notificationTime", " ", "T"
-                ]
-        }
-        date {
-            match => [ "notificationTime", ISO8601 ]
-            target => "notificationTime"
-        }
-    }
-
-
-    #
-    # Renaming some fields for readability
-    #
-        if [AAI][generic-vnf.vnf-name] {
-            mutate {
-                add_field => { "vnfName" => "%{[AAI][generic-vnf.vnf-name]}" }
-            }
-        }
-        if [AAI][generic-vnf.vnf-type] {
-            mutate {
-                add_field => { "vnfType" => "%{[AAI][generic-vnf.vnf-type]}" }
-            }
-        }
-        if [AAI][vserver.vserver-name] {
-            mutate {
-                add_field => { "vmName" => "%{[AAI][vserver.vserver-name]}" }
-            }
-        }
-        if [AAI][complex.city] {
-            mutate {
-                add_field => { "locationCity" => "%{[AAI][complex.city]}" }
-            }
-        }
-        if [AAI][complex.state] {
-            mutate {
-                add_field => { "locationState" => "%{[AAI][complex.state]}" }
-            }
-        }
-
-
-    #
-    # Adding some flags to ease aggregation
-    #
-    if [closedLoopEventStatus] =~ /(?i)ABATED/ {
-        mutate {
-            add_field => { "flagAbated" => "1" }
-        }
-    }
-    if [notification] =~ /^.*?(?:\b|_)FINAL(?:\b|_).*?(?:\b|_)FAILURE(?:\b|_).*?$/ {
-        mutate {
-            add_field => { "flagFinalFailure" => "1" }
-        }
-    }
-
-
-    if "error" not in [@metadata][request][tags]{
-        #
-        # Creating data for a secondary index
-        #
-        clone {
-            clones => [ "event-cl-aggs" ]
-            add_tag => [ "event-cl-aggs" ]
-        }
-
-        if  "event-cl-aggs" in [@metadata][request][tags]{
-            #
-            # we only need a few fields for aggregations; remove all fields from clone except :
-            #   vmName,vnfName,vnfType,requestID,closedLoopAlarmStart, closedLoopControlName,closedLoopAlarmEnd,abated,nbrDmaapevents,finalFailure
-            #
-            prune {
-                whitelist_names => ["^@.*$","^topic$","^type$","^tags$","^flagFinalFailure$","^flagAbated$","^locationState$","^locationCity$","^vmName$","^vnfName$","^vnfType$","^requestID$","^closedLoopAlarmStart$","^closedLoopControlName$","^closedLoopAlarmEnd$","^target$","^target_type$","^triggerSourceName$","^policyScope$","^policyName$","^policyVersion$"]
-            }
-
-        }
-    }
-}
-
-
-output {
-    stdout {
-        codec => rubydebug
-    }
-
-    if "error" in [tags] {
-        elasticsearch {
-            ilm_enabled => false
-            codec => "json"
-{{- if .Values.global.aafEnabled }}
-            cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
-            cacert => "/clamp-cert/ca-certs.pem"
-{{- end }}
-            ssl_certificate_verification => false
-            hosts => ["${elasticsearch_base_url}"]
-            user => ["${logstash_user}"]
-            password => ["${logstash_pwd}"]
-            index => "errors-%{+YYYY.MM.DD}"
-            doc_as_upsert => true
-        }
-
-    } else if "event-cl-aggs" in [tags] {
-        elasticsearch {
-            ilm_enabled => false
-            codec => "json"
-            hosts => ["${elasticsearch_base_url}"]
-{{- if .Values.global.aafEnabled }}
-            cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
-            cacert => "/clamp-cert/ca-certs.pem"
-{{- end }}
-            ssl_certificate_verification => false
-            user => ["${logstash_user}"]
-            password => ["${logstash_pwd}"]
-            document_id => "%{requestID}"
-            index => "events-cl-%{+YYYY.MM.DD}" # creates daily indexes for control loop
-            doc_as_upsert => true
-            action => "update"
-        }
-
-    } else {
-        elasticsearch {
-            ilm_enabled => false
-            codec => "json"
-            hosts => ["${elasticsearch_base_url}"]
-{{- if .Values.global.aafEnabled }}
-            cacert => "{{ .Values.certInitializer.credsPath }}/{{ .Values.certInitializer.clamp_ca_certs_pem }}"
-{{- else }}
-            cacert => "/clamp-cert/ca-certs.pem"
-{{- end }}
-            ssl_certificate_verification => false
-            user => ["${logstash_user}"]
-            password => ["${logstash_pwd}"]
-            index => "events-%{+YYYY.MM.DD}" # creates daily indexes
-            doc_as_upsert => true
-        }
-    }
-}
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/templates/configmap.yaml b/kubernetes/clamp/components/clamp-dash-logstash/templates/configmap.yaml
deleted file mode 100644
index 3e98246..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/templates/configmap.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/templates/deployment.yaml b/kubernetes/clamp/components/clamp-dash-logstash/templates/deployment.yaml
deleted file mode 100644
index f098338..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/templates/deployment.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
-  template:
-    metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
-    spec:
-      initContainers:
-      - command:
-        - /app/ready.py
-        args:
-        - --container-name
-        - clamp-dash-es
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: {{ include "repositoryGenerator.image.readiness" . }}
-        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-        name: {{ include "common.name" . }}-readiness
-{{ include "common.certInitializer.initContainer" . | indent 6 }}
-      containers:
-        - name: {{ include "common.name" . }}
-          image: {{ include "repositoryGenerator.repository" . }}/{{ .Values.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          env:
-          - name: dmaap_consumer_group
-            value: "{{ .Values.config.dmaapConsumerGroup }}"
-          - name: dmaap_consumer_id
-            value: "{{ .Values.config.dmaapConsumerId }}"
-          - name: event_topic
-            value: "{{ .Values.config.eventTopic }}"
-          - name: notification_topic
-            value: "{{ .Values.config.notificationTopic }}"
-          - name: request_topic
-            value: "{{ .Values.config.requestTopic }}"
-          - name: dmaap_base_url
-            value: {{ ternary "https" "http" .Values.security.ssl.enabled }}://{{ .Values.config.dmaapHost }}.{{ include "common.namespace" . }}:{{ .Values.config.dmaapPort }}
-          - name: logstash_user
-            value: "{{ .Values.config.logstash_user }}"
-          - name: logstash_pwd
-            value: "{{ .Values.config.logstash_pwd }}"
-          - name: elasticsearch_base_url
-            value: "{{ ternary "https" "http" .Values.security.ssl.enabled }}://{{.Values.config.elasticsearchServiceName}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.config.elasticsearchPort}}"
-          ports:
-          - containerPort: {{ .Values.service.internalPort }}
-            name: {{ include "common.servicename" . }}
-          readinessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readiness.periodSeconds }}
-            timeoutSeconds: {{ .Values.readiness.timeoutSeconds }}
-# disable liveness probe when breakpoints set in debugger
-          # so K8s doesn't restart unresponsive container
-          {{- if eq .Values.liveness.enabled true }}
-          livenessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.liveness.periodSeconds }}
-            timeoutSeconds: {{ .Values.liveness.timeoutSeconds }}
-          {{ end -}}
-          volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
-          - mountPath: /etc/localtime
-            name: localtime
-            readOnly: true
-          - mountPath: /usr/share/logstash/config/logstash.yml
-            name: {{ include "common.fullname" . }}
-            subPath: logstash.yml
-          - mountPath: /usr/share/logstash/pipeline/logstash.conf
-            name: {{ include "common.fullname" . }}
-            subPath: pipeline.conf
-          resources:
-{{ include "common.resources" . | indent 12 }}
-        {{- if .Values.nodeSelector }}
-        nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
-        {{- end -}}
-        {{- if .Values.affinity }}
-        affinity:
-{{ toYaml .Values.affinity | indent 10 }}
-        {{- end }}
-      volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: {{ include "common.fullname" . }}
-          configMap:
-            name: {{ include "common.fullname" . }}
-            items:
-            - key: logstash.yml
-              path: logstash.yml
-            - key: pipeline.conf
-              path: pipeline.conf
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/templates/service.yaml b/kubernetes/clamp/components/clamp-dash-logstash/templates/service.yaml
deleted file mode 100644
index f1b6cf5..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/templates/service.yaml
+++ /dev/null
@@ -1,43 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ include "common.servicename" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-  annotations:
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    {{if eq .Values.service.type "NodePort" -}}
-    - port: {{ .Values.service.externalPort }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.config.portName }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort }}
-      targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.config.portName }}
-    {{- end}}
-  selector:
-    app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
diff --git a/kubernetes/clamp/components/clamp-dash-logstash/values.yaml b/kubernetes/clamp/components/clamp-dash-logstash/values.yaml
deleted file mode 100644
index 9aab3af..0000000
--- a/kubernetes/clamp/components/clamp-dash-logstash/values.yaml
+++ /dev/null
@@ -1,152 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global:
-  nodePortPrefix: 302
-  persistence: {}
-  centralizedLoggingEnabled: true
-  #AAF service
-  aafEnabled: true
-
-#################################################################
-# AAF part
-#################################################################
-certInitializer:
-  permission_user: 1000
-  permission_group: 999
-  addconfig: true
-  keystoreFile: "org.onap.clamp.p12"
-  truststoreFile: "org.onap.clamp.trust.jks"
-  keyFile: "org.onap.clamp.keyfile"
-  truststoreFileONAP: "truststoreONAPall.jks"
-  clamp_key: "org.onap.clamp.crt.key"
-  clamp_pem: "org.onap.clamp.key.pem"
-  clamp_ca_certs_pem: "clamp-ca-certs.pem"
-  nameOverride: clamp-logstash-cert-initializer
-  aafDeployFqi: deployer@people.osaaf.org
-  aafDeployPass: demo123456!
-  # aafDeployCredsExternalSecret: some secret
-  fqdn: clamp
-  fqi: clamp@clamp.onap.org
-  public_fqdn: clamp.onap.org
-  cadi_longitude: "0.0"
-  cadi_latitude: "0.0"
-  app_ns: org.osaaf.aaf
-  credsPath: /opt/app/osaaf/local
-  aaf_add_config: >
-    /opt/app/aaf_config/bin/agent.sh local showpass {{.Values.fqi}} {{ .Values.fqdn }} > {{ .Values.credsPath }}/mycreds.prop;
-    export $(/opt/app/aaf_config/bin/agent.sh local showpass | grep '^c' | xargs -0);
-    cd {{ .Values.credsPath }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -nocerts -nodes -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_key }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -clcerts -nokeys -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_pem }};
-    openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
-    chmod a+rx *;
-
-flavor: small
-
-#################################################################
-# Application configuration defaults.
-#################################################################
-
-# application image
-image: onap/clamp-dashboard-logstash:5.0.4
-pullPolicy: Always
-
-# flag to enable debugging - application support required
-debugEnabled: false
-
-# application configuration
-config:
-  elasticsearchServiceName: cdash-es
-  elasticsearchPort: 9200
-  dmaapHost: message-router
-  dmaapSchemeSSL: https
-  dmaapSchemeNoSSL: http
-  dmaapPort: 3905
-  dmaapConsumerGroup: "clampdashboard"
-  dmaapConsumerId: "clampdashboard"
-  eventTopic: "DCAE-CL-EVENT"
-  notificationTopic: "POLICY-CL-MGT"
-  requestTopic: "APPC-CL"
-  logstash_user: "logstash"
-  logstash_pwd: "logstash"
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
-  initialDelaySeconds: 900
-  periodSeconds: 20
-  timeoutSeconds: 5
-  # necessary to disable liveness probe when setting breakpoints
-  # in debugger so K8s doesn't restart unresponsive container
-  enabled: true
-
-readiness:
-  initialDelaySeconds: 900
-  periodSeconds: 20
-  timeoutSeconds: 5
-
-security:
-  ssl:
-    enabled: true
-
-service:
-  #Example service definition with external, internal and node ports.
-  #Services may use any combination of ports depending on the 'type' of
-  #service being defined.
-  type: ClusterIP
-  name: cdash-ls
-  portName: cdash-ls-healthcheck
-  externalPort: 9600
-  internalPort: 9600
-ingress:
-  enabled: false
-
-#resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
-  small:
-    limits:
-      cpu: 1
-      memory: 1.3Gi
-    requests:
-      cpu: 10m
-      memory: 750Mi
-  large:
-    limits:
-      cpu: 1
-      memory: 1.3Gi
-    requests:
-      cpu: 10m
-      memory: 750Mi
-  unlimited: {}
diff --git a/kubernetes/clamp/components/clamp-mariadb/NOTES.txt b/kubernetes/clamp/components/clamp-mariadb/NOTES.txt
deleted file mode 100644
index 1103aff..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/NOTES.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
-  http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
-  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/clamp/components/clamp-mariadb/requirements.yaml b/kubernetes/clamp/components/clamp-mariadb/requirements.yaml
deleted file mode 100644
index d62ef09..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/requirements.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-# Copyright © 2020 Samsung Electronics
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
-  - name: common
-    version: ~7.x-0
-    repository: '@local'
-  - name: repositoryGenerator
-    version: ~7.x-0
-    repository: '@local'
\ No newline at end of file
diff --git a/kubernetes/clamp/components/clamp-mariadb/resources/config/init/docker-entrypoint.sh b/kubernetes/clamp/components/clamp-mariadb/resources/config/init/docker-entrypoint.sh
deleted file mode 100755
index 71f32e2..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/resources/config/init/docker-entrypoint.sh
+++ /dev/null
@@ -1,198 +0,0 @@
-#!/bin/bash
-set -eo pipefail
-shopt -s nullglob
-
-# if command starts with an option, prepend mysqld
-if [ "${1:0:1}" = '-' ]; then
-	set -- mysqld "$@"
-fi
-
-# skip setup if they want an option that stops mysqld
-wantHelp=
-for arg; do
-	case "$arg" in
-		-'?'|--help|--print-defaults|-V|--version)
-			wantHelp=1
-			break
-			;;
-	esac
-done
-
-prepare_password()
-{
-	echo "$1" | sed -e "s/'/\\\\'/g; s/\"/\\\\\"/g"
-}
-
-# usage: file_env VAR [DEFAULT]
-#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
-# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
-#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
-file_env() {
-	local var="$1"
-	local fileVar="${var}_FILE"
-	local def="${2:-}"
-	if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then
-		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
-		exit 1
-	fi
-	local val="$def"
-	if [ "${!var:-}" ]; then
-		val="${!var}"
-	elif [ "${!fileVar:-}" ]; then
-		val="$(< "${!fileVar}")"
-	fi
-	val=`prepare_password $val`
-	export "$var"="$val"
-	unset "$fileVar"
-}
-
-_check_config() {
-	toRun=( "$@" --verbose --help --log-bin-index="$(mktemp -u)" )
-	if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then
-		cat >&2 <<-EOM
-
-			ERROR: mysqld failed while attempting to check config
-			command was: "${toRun[*]}"
-
-			$errors
-		EOM
-		exit 1
-	fi
-}
-
-# Fetch value from server config
-# We use mysqld --verbose --help instead of my_print_defaults because the
-# latter only show values present in config files, and not server defaults
-_get_config() {
-	local conf="$1"; shift
-	"$@" --verbose --help --log-bin-index="$(mktemp -u)" 2>/dev/null \
-		| awk '$1 == "'"$conf"'" && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }'
-	# match "datadir      /some/path with/spaces in/it here" but not "--xyz=abc\n     datadir (xyz)"
-}
-
-# allow the container to be started with `--user`
-if [ "$1" = 'mysqld' -a -z "$wantHelp" -a "$(id -u)" = '0' ]; then
-	_check_config "$@"
-	DATADIR="$(_get_config 'datadir' "$@")"
-	mkdir -p "$DATADIR"
-	find "$DATADIR" \! -user mysql -exec chown mysql '{}' +
-	exec gosu mysql "$BASH_SOURCE" "$@"
-fi
-
-if [ "$1" = 'mysqld' -a -z "$wantHelp" ]; then
-	# still need to check config, container may have started with --user
-	_check_config "$@"
-	# Get config
-	DATADIR="$(_get_config 'datadir' "$@")"
-
-	if [ ! -d "$DATADIR/mysql" ]; then
-		file_env 'MYSQL_ROOT_PASSWORD'
-		if [ -z "$MYSQL_ROOT_PASSWORD" -a -z "$MYSQL_ALLOW_EMPTY_PASSWORD" -a -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
-			echo >&2 'error: database is uninitialized and password option is not specified '
-			echo >&2 '  You need to specify one of MYSQL_ROOT_PASSWORD, MYSQL_ALLOW_EMPTY_PASSWORD and MYSQL_RANDOM_ROOT_PASSWORD'
-			exit 1
-		fi
-
-		mkdir -p "$DATADIR"
-
-		echo 'Initializing database'
-		# "Other options are passed to mysqld." (so we pass all "mysqld" arguments directly here)
-		mysql_install_db --datadir="$DATADIR" --rpm "${@:2}"
-		echo 'Database initialized'
-
-		SOCKET="$(_get_config 'socket' "$@")"
-		"$@" --skip-networking --socket="${SOCKET}" &
-		pid="$!"
-
-		mysql=( mysql --protocol=socket -uroot -hlocalhost --socket="${SOCKET}" )
-
-		for i in {30..0}; do
-			if echo 'SELECT 1' | "${mysql[@]}" &> /dev/null; then
-				break
-			fi
-			echo 'MySQL init process in progress...'
-			sleep 1
-		done
-		if [ "$i" = 0 ]; then
-			echo >&2 'MySQL init process failed.'
-			exit 1
-		fi
-
-		if [ -z "$MYSQL_INITDB_SKIP_TZINFO" ]; then
-			# sed is for https://bugs.mysql.com/bug.php?id=20545
-			mysql_tzinfo_to_sql /usr/share/zoneinfo | sed 's/Local time zone must be set--see zic manual page/FCTY/' | "${mysql[@]}" mysql
-		fi
-
-		if [ ! -z "$MYSQL_RANDOM_ROOT_PASSWORD" ]; then
-			export MYSQL_ROOT_PASSWORD="$(pwgen -1 32)"
-			echo "GENERATED ROOT PASSWORD: $MYSQL_ROOT_PASSWORD"
-		fi
-
-		rootCreate=
-		# default root to listen for connections from anywhere
-		file_env 'MYSQL_ROOT_HOST' '%'
-		if [ ! -z "$MYSQL_ROOT_HOST" -a "$MYSQL_ROOT_HOST" != 'localhost' ]; then
-			# no, we don't care if read finds a terminating character in this heredoc
-			# https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151
-			read -r -d '' rootCreate <<-EOSQL || true
-				CREATE USER 'root'@'${MYSQL_ROOT_HOST}' IDENTIFIED BY '${MYSQL_ROOT_PASSWORD}' ;
-				GRANT ALL ON *.* TO 'root'@'${MYSQL_ROOT_HOST}' WITH GRANT OPTION ;
-			EOSQL
-		fi
-
-		"${mysql[@]}" <<-EOSQL
-			-- What's done in this file shouldn't be replicated
-			--  or products like mysql-fabric won't work
-			SET @@SESSION.SQL_LOG_BIN=0;
-
-			DELETE FROM mysql.user WHERE user NOT IN ('mysql.sys', 'mysqlxsys', 'root') OR host NOT IN ('localhost') ;
-			SET PASSWORD FOR 'root'@'localhost'=PASSWORD('${MYSQL_ROOT_PASSWORD}') ;
-			GRANT ALL ON *.* TO 'root'@'localhost' WITH GRANT OPTION ;
-			${rootCreate}
-			DROP DATABASE IF EXISTS test ;
-			FLUSH PRIVILEGES ;
-		EOSQL
-
-		if [ ! -z "$MYSQL_ROOT_PASSWORD" ]; then
-			mysql+=( -p"${MYSQL_ROOT_PASSWORD}" )
-		fi
-
-		file_env 'MYSQL_DATABASE'
-		if [ "$MYSQL_DATABASE" ]; then
-			echo "CREATE DATABASE IF NOT EXISTS \`$MYSQL_DATABASE\` ;" | "${mysql[@]}"
-			mysql+=( "$MYSQL_DATABASE" )
-		fi
-
-		file_env 'MYSQL_USER'
-		file_env 'MYSQL_PASSWORD'
-		if [ "$MYSQL_USER" -a "$MYSQL_PASSWORD" ]; then
-			echo "CREATE USER '$MYSQL_USER'@'%' IDENTIFIED BY '$MYSQL_PASSWORD' ;" | "${mysql[@]}"
-
-			if [ "$MYSQL_DATABASE" ]; then
-				echo "GRANT ALL ON \`$MYSQL_DATABASE\`.* TO '$MYSQL_USER'@'%' ;" | "${mysql[@]}"
-			fi
-		fi
-
-		echo
-		for f in /docker-entrypoint-initdb.d/*; do
-			case "$f" in
-				*.sh)     echo "$0: running $f"; . "$f" ;;
-				*.sql)    echo "$0: running $f"; "${mysql[@]}" < "$f"; echo ;;
-				*.sql.gz) echo "$0: running $f"; gunzip -c "$f" | "${mysql[@]}"; echo ;;
-				*)        echo "$0: ignoring $f" ;;
-			esac
-			echo
-		done
-
-		if ! kill -s TERM "$pid" || ! wait "$pid"; then
-			echo >&2 'MySQL init process failed.'
-			exit 1
-		fi
-
-		echo
-		echo 'MySQL init process done. Ready for start up.'
-		echo
-	fi
-fi
-
-exec "$@"
diff --git a/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/conf.d/conf1/my.cnf b/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/conf.d/conf1/my.cnf
deleted file mode 100644
index 8b5dc2a..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/conf.d/conf1/my.cnf
+++ /dev/null
@@ -1,209 +0,0 @@
-{{/*
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# Example MySQL config file for medium systems.
-#
-# This is for a system with memory 8G where MySQL plays
-# an important part, or systems up to 128M where MySQL is used together with
-# other programs (such as a web server)
-#
-# In this file, you can use all long options that a program supports.
-# If you want to know which options a program supports, run the program
-# with the "--help" option.
-*/}}
-
-# The following options will be passed to all MySQL clients
-##[client]
-##user            = root
-##port            = 3306
-##socket          = //opt/app/mysql/mysql.sock
-
-# Here follows entries for some specific programs
-
-# The MySQL server
-[mysqld]
-##performance_schema
-
-slow_query_log =ON
-long_query_time =2
-slow_query_log_file =//var/lib/mysql/slow_query.log
-##basedir         = //opt/app/mysql/product/mariadb-10.1.11-linux-x86_64
-##datadir         = //opt/app/mysql/data
-##port            = 3306
-##socket          = //opt/app/mysql/mysql.sock
-skip-external-locking
-explicit_defaults_for_timestamp = true
-skip-symbolic-links
-local-infile = 0
-#ignore_db_dir=lost+found
-key_buffer_size = 16M
-max_allowed_packet = 4M
-table_open_cache = 100
-sort_buffer_size = 512K
-net_buffer_length = 8K
-read_buffer_size = 256K
-read_rnd_buffer_size = 512K
-myisam_sort_buffer_size = 8M
-max_connections = 500
-lower_case_table_names = 1
-thread_stack = 256K
-thread_cache_size = 25
-query_cache_size = 8M
-query_cache_type = 0
-query_prealloc_size = 512K
-query_cache_limit = 1M
-
-# Password validation
-##plugin-load-add=simple_password_check.so
-##simple_password_check_other_characters=0
-
-# Audit Log settings
-plugin-load-add=server_audit.so
-server_audit=FORCE_PLUS_PERMANENT
-server_audit_file_path=//var/lib/mysql/audit.log
-server_audit_file_rotate_size=50M
-server_audit_events=CONNECT,QUERY,TABLE
-server_audit_logging=on
-
-# Don't listen on a TCP/IP port at all. This can be a security enhancement,
-# if all processes that need to connect to mysqld run on the same host.
-# All interaction with mysqld must be made via Unix sockets or named pipes.
-# Note that using this option without enabling named pipes on Windows
-# (via the "enable-named-pipe" option) will render mysqld useless!
-#
-#skip-networking
-
-# Replication Master Server (default)
-# binary logging is required for replication
-##log-bin=//var/lib/mysql/mysql-bin
-
-# binary logging format - mixed recommended
-binlog_format=row
-
-# required unique id between 1 and 2^32 - 1
-# defaults to 1 if master-host is not set
-# but will not function as a master if omitted
-
-# Replication Slave (comment out master section to use this)
-#
-# To configure this host as a replication slave, you can choose between
-# two methods :
-#
-# 1) Use the CHANGE MASTER TO command (fully described in our manual) -
-#    the syntax is:
-#
-#    CHANGE MASTER TO MASTER_HOST=<host>, MASTER_PORT=<port>,
-#    MASTER_USER=<user>, MASTER_PASSWORD=<password> ;
-#
-#    where you replace <host>, <user>, <password> by quoted strings and
-#    <port> by the master's port number (3306 by default).
-#
-#    Example:
-#
-#    CHANGE MASTER TO MASTER_HOST='125.564.12.1', MASTER_PORT=3306,
-#    MASTER_USER='joe', MASTER_PASSWORD='secret';
-#
-# OR
-#
-# 2) Set the variables below. However, in case you choose this method, then
-#    start replication for the first time (even unsuccessfully, for example
-#    if you mistyped the password in master-password and the slave fails to
-#    connect), the slave will create a master.info file, and any later
-#    change in this file to the variables' values below will be ignored and
-#    overridden by the content of the master.info file, unless you shutdown
-#    the slave server, delete master.info and restart the slaver server.
-#    For that reason, you may want to leave the lines below untouched
-#    (commented) and instead use CHANGE MASTER TO (see above)
-#
-# required unique id between 2 and 2^32 - 1
-# (and different from the master)
-# defaults to 2 if master-host is set
-# but will not function as a slave if omitted
-#server-id       = 2
-#
-# The replication master for this slave - required
-#master-host     =   <hostname>
-#
-# The username the slave will use for authentication when connecting
-# to the master - required
-#master-user     =   <username>
-#
-# The password the slave will authenticate with when connecting to
-# the master - required
-#master-password =   <password>
-#
-# The port the master is listening on.
-# optional - defaults to 3306
-#master-port     =  <port>
-#
-# binary logging - not required for slaves, but recommended
-#log-bin=mysql-bin
-
-# Uncomment the following if you are using InnoDB tables
-##innodb_data_home_dir = //opt/app/mysql/data
-##innodb_data_file_path = ibdata1:20M:autoextend:max:32G
-##innodb_log_group_home_dir = //opt/app/mysql/iblogs
-# You can set .._buffer_pool_size up to 50 - 80 %
-# of RAM but beware of setting memory usage too high
-innodb_buffer_pool_size = 128M
-#innodb_additional_mem_pool_size = 2M
-# Set .._log_file_size to 25 % of buffer pool size
-innodb_log_file_size = 10M
-innodb_log_files_in_group = 3
-innodb_log_buffer_size = 8M
-#innodb_flush_log_at_trx_commit = 1
-innodb_lock_wait_timeout = 50
-innodb_autoextend_increment = 100
-expire_logs_days = 8
-open_files_limit = 2000
-transaction-isolation=READ-COMMITTED
-####### Galera parameters #######
-## Galera Provider configuration
-wsrep_provider=/usr/lib/galera/libgalera_smm.so
-wsrep_provider_options="gcache.size=128M; gcache.page_size=10M"
-## Galera Cluster configuration
-wsrep_cluster_name="MSO-automated-tests-cluster"
-wsrep_cluster_address="gcomm://"
-#wsrep_cluster_address="gcomm://mariadb1,mariadb2,mariadb3"
-##wsrep_cluster_address="gcomm://192.169.3.184,192.169.3.185,192.169.3.186"
-## Galera Synchronization configuration
-wsrep_sst_method=rsync
-#wsrep_sst_method=xtrabackup-v2
-#wsrep_sst_auth="sstuser:Mon#2o!6"
-## Galera Node configuration
-wsrep_node_name="mariadb1"
-##wsrep_node_address="192.169.3.184"
-wsrep_on=OFF
-## Status notification
-#wsrep_notify_cmd=/opt/app/mysql/bin/wsrep_notify
-#######
-
-
-[mysqldump]
-quick
-max_allowed_packet = 16M
-
-[mysql]
-no-auto-rehash
-# Remove the next comment character if you are not familiar with SQL
-#safe-updates
-
-[myisamchk]
-key_buffer_size = 20971520
-
-##[mysqlhotcopy]
-##interactive-timeout
-##[mysqld_safe]
-##malloc-lib=//opt/app/mysql/local/lib/libjemalloc.so.1
-##log-error=//opt/app/mysql/log/mysqld.log
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/NOTES.txt b/kubernetes/clamp/components/clamp-mariadb/templates/NOTES.txt
deleted file mode 100644
index 1103aff..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/templates/NOTES.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
-  http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
-  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  echo "Visit http://127.0.0.1:8080 to use your application"
-  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/configmap.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/configmap.yaml
deleted file mode 100644
index b8a774a..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/templates/configmap.yaml
+++ /dev/null
@@ -1,57 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-#{{ if not .Values.disableClampClampMariadb }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: clamp-entrypoint-bulkload-configmap
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/docker-entrypoint-initdb.d/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: clamp-mariadb-conf-configmap
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/mariadb/conf.d/conf1/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/init/*").AsConfig . | indent 2 }}
-#{{ end }}
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/deployment.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/deployment.yaml
deleted file mode 100644
index 8ddf584..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/templates/deployment.yaml
+++ /dev/null
@@ -1,113 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: apps/v1
-kind: Deployment
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-spec:
-  replicas: {{ .Values.replicaCount }}
-  selector:
-    matchLabels:
-      app: {{ include "common.name" . }}
-  template:
-    metadata:
-      labels:
-        app: {{ include "common.name" . }}
-        release: {{ include "common.release" . }}
-    spec:
-      containers:
-        - name: {{ include "common.name" .  }}
-          image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.image }}
-          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
-          ports:
-          - containerPort: {{ .Values.service.internalPort }}
-          # disable liveness probe when breakpoints set in debugger
-          # so K8s doesn't restart unresponsive container
-          {{- if eq .Values.liveness.enabled true }}
-          livenessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.liveness.periodSeconds }}
-          {{ end -}}
-          readinessProbe:
-            tcpSocket:
-              port: {{ .Values.service.internalPort }}
-            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
-            periodSeconds: {{ .Values.readiness.periodSeconds }}
-          env:
-          - name: MYSQL_USER
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
-          - name: MYSQL_PASSWORD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
-          - name: MYSQL_ROOT_PASSWORD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-root-pass" "key" "password") | indent 12 }}
-          - name: MYSQL_DATABASE
-            value: {{ tpl .Values.db.databaseName .}}
-          volumeMounts:
-          - mountPath: /docker-entrypoint.sh
-            subPath: docker-entrypoint.sh
-            name: init-script
-          - mountPath: /etc/localtime
-            name: localtime
-            readOnly: true
-          - mountPath: /docker-entrypoint-initdb.d/
-            name: docker-entrypoint-bulkload
-          - mountPath: /etc/mysql/conf.d/conf1/
-            name:  clamp-mariadb-conf
-          - mountPath: /var/lib/mysql
-            name: clamp-mariadb-data
-          resources:
-{{ include "common.resources" . | indent 12 }}
-        {{- if .Values.nodeSelector }}
-        nodeSelector:
-{{ toYaml .Values.nodeSelector | indent 10 }}
-        {{- end -}}
-        {{- if .Values.affinity }}
-        affinity:
-{{ toYaml .Values.affinity | indent 10 }}
-        {{- end }}
-      volumes:
-      {{- if .Values.persistence.enabled }}
-        - name: clamp-mariadb-data
-          persistentVolumeClaim:
-            claimName: {{ include "common.fullname" . }}
-      {{- else }}
-          emptyDir: {}
-      {{- end }}
-        - name: docker-entrypoint-bulkload
-          configMap:
-            name: clamp-entrypoint-bulkload-configmap
-        - name: clamp-mariadb-conf
-          configMap:
-            name: clamp-mariadb-conf-configmap
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: init-script
-          configMap:
-            name: {{ include "common.fullname" . }}
-            defaultMode: 0755
-      imagePullSecrets:
-      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/pv.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/pv.yaml
deleted file mode 100644
index 4249879..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/templates/pv.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-{{- if eq "True" (include "common.needPV" .) -}}
-kind: PersistentVolume
-apiVersion: v1
-metadata:
-  name: {{ include "common.fullname" . }}-data
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
-    release: "{{ include "common.release" . }}"
-    heritage: "{{ .Release.Service }}"
-    name: {{ include "common.fullname" . }}
-spec:
-  capacity:
-    storage: {{ .Values.persistence.size}}
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  storageClassName: "{{ include "common.fullname" . }}-data"
-  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
-  hostPath:
-    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ include "common.release" . }}/{{ .Values.persistence.mountSubPath }}
-{{- end -}}
-{{- end -}}
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/pvc.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/pvc.yaml
deleted file mode 100644
index 6856c80..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/templates/pvc.yaml
+++ /dev/null
@@ -1,40 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
-kind: PersistentVolumeClaim
-apiVersion: v1
-metadata:
-  name: {{ include "common.fullname" . }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
-    release: "{{ include "common.release" . }}"
-    heritage: "{{ .Release.Service }}"
-{{- if .Values.persistence.annotations }}
-  annotations:
-{{ toYaml .Values.persistence.annotations | indent 4 }}
-{{- end }}
-spec:
-  accessModes:
-    - {{ .Values.persistence.accessMode }}
-  resources:
-    requests:
-      storage: {{ .Values.persistence.size }}
-  storageClassName: {{ include "common.storageClass" . }}
-{{- end -}}
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/secrets.yaml b/kubernetes/clamp/components/clamp-mariadb/templates/secrets.yaml
deleted file mode 100644
index 4cf8155..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/templates/secrets.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/clamp/components/clamp-mariadb/values.yaml b/kubernetes/clamp/components/clamp-mariadb/values.yaml
deleted file mode 100644
index 60b2cfe..0000000
--- a/kubernetes/clamp/components/clamp-mariadb/values.yaml
+++ /dev/null
@@ -1,130 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018-2019 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#################################################################
-# Global configuration defaults.
-#################################################################
-global: # global defaults
-  nodePortPrefix: 302
-
-  persistence: {}
-# application image
-image: mariadb:10.5.4
-pullPolicy: Always
-flavor: small
-#################################################################
-# Secrets metaconfig
-#################################################################
-secrets:
-  - uid: db-root-pass
-    type: password
-    externalSecret: '{{ tpl (default "" .Values.db.rootCredsExternalSecret) . }}'
-    password: '{{ .Values.db.rootPass }}'
-  - uid: db-secret
-    type: basicAuth
-    externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
-    login: '{{ .Values.db.user }}'
-    password: '{{ .Values.db.password }}'
-
-# Application configuration
-# dummy value db user pasword to pass lint!!!
-db:
-  user: dummy-clds
-  password: dummy-sidnnd83K
-  databaseName: dummy-cldsdb4
-
-# default number of instances
-replicaCount: 1
-
-nodeSelector: {}
-
-affinity: {}
-
-# probe configuration parameters
-liveness:
-  initialDelaySeconds: 30
-  periodSeconds: 10
-  timeoutSeconds: 3
-  # necessary to disable liveness probe when setting breakpoints
-  # in debugger so K8s doesn't restart unresponsive container
-  enabled: true
-
-readiness:
-  initialDelaySeconds: 30
-  periodSeconds: 10
-  timeoutSeconds: 3
-
-## Persist data to a persitent volume
-persistence:
-  enabled: true
-
-  ## A manually managed Persistent Volume and Claim
-  ## Requires persistence.enabled: true
-  ## If defined, PVC must be created manually before volume will be bound
-  # existingClaim:
-  volumeReclaimPolicy: Retain
-
-  ## database data Persistent Volume Storage Class
-  ## If defined, storageClassName: <storageClass>
-  ## If set to "-", storageClassName: "", which disables dynamic provisioning
-  ## If undefined (the default) or set to null, no storageClassName spec is
-  ##   set, choosing the default provisioner.  (gp2 on AWS, standard on
-  ##   GKE, AWS & OpenStack)
-  ##
-  # storageClass: "-"
-  accessMode: ReadWriteOnce
-  size: 2Gi
-  mountPath: /dockerdata-nfs
-  mountSubPath: clamp/mariadb/data
-
-service:
-  type: ClusterIP
-  name: clampdb
-  portName: clampdb
-  internalPort: 3306
-  externalPort: 3306
-
-
-ingress:
-  enabled: false
-
-
-#resources: {}
-  # We usually recommend not to specify default resources and to leave this as a conscious
-  # choice for the user. This also increases chances charts run on environments with little
-  # resources, such as Minikube. If you do want to specify resources, uncomment the following
-  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
-  #
-  # Example:
-  # Configure resource requests and limits
-  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
-  # Minimum memory for development is 2 CPU cores and 4GB memory
-  # Minimum memory for production is 4 CPU cores and 8GB memory
-resources:
-  small:
-    limits:
-      cpu: 1
-      memory: 500Mi
-    requests:
-      cpu: 10m
-      memory: 200Mi
-  large:
-    limits:
-      cpu: 1
-      memory: 500Mi
-    requests:
-      cpu: 10m
-      memory: 200Mi
-  unlimited: {}
diff --git a/kubernetes/clamp/requirements.yaml b/kubernetes/clamp/requirements.yaml
deleted file mode 100644
index 2d27103..0000000
--- a/kubernetes/clamp/requirements.yaml
+++ /dev/null
@@ -1,37 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-dependencies:
-  - name: certInitializer
-    version: ~7.x-0
-    repository: '@local'
-  - name: repositoryGenerator
-    version: ~7.x-0
-    repository: '@local'
-  - name: clamp-mariadb
-    version: ~7.x-0
-    repository: 'file://components/clamp-mariadb'
-  - name: clamp-backend
-    version: ~7.x-0
-    repository: 'file://components/clamp-backend'
-  - name: clamp-dash-es
-    version: ~7.x-0
-    repository: 'file://components/clamp-dash-es'
-  - name: clamp-dash-logstash
-    version: ~7.x-0
-    repository: 'file://components/clamp-dash-logstash'
-  - name: clamp-dash-kibana
-    version: ~7.x-0
-    repository: 'file://components/clamp-dash-kibana'
\ No newline at end of file
diff --git a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml b/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml
deleted file mode 100644
index 8717e6f..0000000
--- a/kubernetes/clamp/resources/config/log/filebeat/filebeat.yml
+++ /dev/null
@@ -1,55 +0,0 @@
-{{/*
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-filebeat.prospectors:
-#it is mandatory, in our case it's log
-- input_type: log
-  #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
-  paths:
-    - /var/log/onap/*/*/*/*.log
-    - /var/log/onap/*/*/*.log
-    - /var/log/onap/*/*.log
-  #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
-  ignore_older: 48h
-  # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
-  clean_inactive: 96h
-
-# Name of the registry file. If a relative path is used, it is considered relative to the
-# data path. Else full qualified file name.
-#filebeat.registry_file: ${path.data}/registry
-
-
-output.logstash:
-  #List of logstash server ip addresses with port number.
-  #But, in our case, this will be the loadbalancer IP address.
-  #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
-  hosts: ["{{.Values.config.log.logstashServiceName}}:{{.Values.config.log.logstashPort}}"]
-  #If enable will do load balancing among availabe Logstash, automatically.
-  loadbalance: true
-
-  #The list of root certificates for server verifications.
-  #If certificate_authorities is empty or not set, the trusted
-  #certificate authorities of the host system are used.
-  #ssl.certificate_authorities: $ssl.certificate_authorities
-
-  #The path to the certificate for SSL client authentication. If the certificate is not specified,
-  #client authentication is not available.
-  #ssl.certificate: $ssl.certificate
-
-  #The client certificate key used for client authentication.
-  #ssl.key: $ssl.key
-
-  #The passphrase used to decrypt an encrypted key stored in the configured key file
-  #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/clamp/templates/NOTES.txt b/kubernetes/clamp/templates/NOTES.txt
deleted file mode 100644
index e36d6a5..0000000
--- a/kubernetes/clamp/templates/NOTES.txt
+++ /dev/null
@@ -1,32 +0,0 @@
-# Copyright © 2018  AT&T, Amdocs, Bell Canada Intellectual Property.  All rights reserved.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-1. Get the application URL by running these commands:
-{{- if .Values.ingress.enabled }}
-{{- range .Values.ingress.hosts }}
-  http://{{ . }}
-{{- end }}
-{{- else if contains "NodePort" .Values.service.type }}
-  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
-  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
-  echo http://$NODE_IP:$NODE_PORT
-{{- else if contains "LoadBalancer" .Values.service.type }}
-     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
-           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
-  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
-  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
-{{- else if contains "ClusterIP" .Values.service.type }}
-  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
-  echo "Visit https://127.0.0.1:8443 to use your application"
-  kubectl port-forward $POD_NAME 8443:{{ .Values.service.internalPort }}
-{{- end }}
diff --git a/kubernetes/clamp/templates/secrets.yaml b/kubernetes/clamp/templates/secrets.yaml
deleted file mode 100644
index 4cf8155..0000000
--- a/kubernetes/clamp/templates/secrets.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-{{ include "common.secretFast" . }}
diff --git a/kubernetes/clamp/templates/service.yaml b/kubernetes/clamp/templates/service.yaml
deleted file mode 100644
index 31f4380..0000000
--- a/kubernetes/clamp/templates/service.yaml
+++ /dev/null
@@ -1,69 +0,0 @@
-{{/*
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-*/}}
-
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ .Values.service.name }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-spec:
-  type: {{ .Values.service.type }}
-  ports:
-    {{if eq .Values.service.type "NodePort" -}}
-    - port: {{ .Values.service.internalPort }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
-      name: {{ .Values.service.portName }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort }}
-      targetPort: {{ .Values.service.internalPort }}
-      name: {{ .Values.service.portName }}
-    {{- end}}
-  selector:
-    app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: {{ .Values.service.name2 }}
-  namespace: {{ include "common.namespace" . }}
-  labels:
-    app: {{ include "common.name" . }}
-    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
-    release: {{ include "common.release" . }}
-    heritage: {{ .Release.Service }}
-  annotations:
-spec:
-  type: {{ .Values.service.type2 }}
-  ports:
-    {{if eq .Values.service.type2 "NodePort" -}}
-    - port: {{ .Values.service.internalPort2 }}
-      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
-      name: {{ .Values.config.portName2 }}
-    {{- else -}}
-    - port: {{ .Values.service.externalPort2 }}
-      targetPort: {{ .Values.service.internalPort2 }}
-      name: {{ .Values.config.portName2 }}
-    {{- end}}
-  selector:
-    app: {{ include "common.name" . }}
-    release: {{ include "common.release" . }}
\ No newline at end of file
diff --git a/kubernetes/clamp/Chart.yaml b/kubernetes/common/certManagerCertificate/Chart.yaml
similarity index 82%
rename from kubernetes/clamp/Chart.yaml
rename to kubernetes/common/certManagerCertificate/Chart.yaml
index e9f2197..305d252 100644
--- a/kubernetes/clamp/Chart.yaml
+++ b/kubernetes/common/certManagerCertificate/Chart.yaml
@@ -1,5 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
-# Modifications Copyright © 2018 AT&T
+# Copyright © 2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +13,6 @@
 # limitations under the License.
 
 apiVersion: v1
-description: ONAP Clamp
-name: clamp
+name: certManagerCertificate
+description: A Helm chart for Cert-Manager Certificate CRD template
 version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml b/kubernetes/common/certManagerCertificate/requirements.yaml
similarity index 82%
rename from kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
rename to kubernetes/common/certManagerCertificate/requirements.yaml
index e5d7174..6bcaed0 100644
--- a/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
+++ b/kubernetes/common/certManagerCertificate/requirements.yaml
@@ -1,4 +1,4 @@
-{{/* # Copyright © 2020 Samsung, Orange
+# Copyright © 2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -11,6 +11,8 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-*/}}
 
-{{ include "common.ingress" . }}
+dependencies:
+  - name: common
+    version: ~7.x-0
+    repository: 'file://../common'
diff --git a/kubernetes/common/certManagerCertificate/templates/_certificate.tpl b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl
new file mode 100644
index 0000000..4e43f62
--- /dev/null
+++ b/kubernetes/common/certManagerCertificate/templates/_certificate.tpl
@@ -0,0 +1,219 @@
+{{/*#
+# Copyright © 2020-2021, Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.*/}}
+
+{{/*
+# This is a template for requesting a certificate from the cert-manager (https://cert-manager.io).
+#
+# To request a certificate following steps are to be done:
+#  - create an object 'certificates' in the values.yaml
+#  - create a file templates/certificates.yaml and invoke the function "certManagerCertificate.certificate".
+#
+# Here is an example of the certificate request for a component:
+#
+# Directory structure:
+#   component
+#     templates
+#       certifictes.yaml
+#     values.yaml
+#
+# To be added in the file certificates.yamll
+#
+# To be added in the file values.yaml
+#  1. Minimal version (certificates only in PEM format)
+#  certificates:
+#    - commonName: component.onap.org
+#
+#  2. Extended version (with defined own issuer and additional certificate format):
+#  certificates:
+#    - name:       onap-component-certificate
+#      secretName: onap-component-certificate
+#      commonName: component.onap.org
+#      dnsNames:
+#        - component.onap.org
+#      issuer:
+#        group: certmanager.onap.org
+#        kind: CMPv2Issuer
+#        name: cmpv2-issuer-for-the-component
+#      keystore:
+#        outputType:
+#          - p12
+#          - jks
+#        passwordSecretRef:
+#          name: secret-name
+#          key:  secret-key
+#
+# Fields 'name', 'secretName' and 'commonName' are mandatory and required to be defined.
+# Other mandatory fields for the certificate definition do not have to be defined directly,
+# in that case they will be taken from default values.
+#
+# Default values are defined in file onap/values.yaml (see-> global.certificate.default)
+# and can be overriden during onap installation process.
+#
+*/}}
+
+{{- define "certManagerCertificate.certificate" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+
+{{- $certificates := $dot.Values.certificates -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global }}
+
+{{ range $i, $certificate := $certificates }}
+{{/*# General certifiacate attributes  #*/}}
+{{- $name           := include "common.fullname" $dot                                                             -}}
+{{- $certName       := default (printf "%s-cert-%d"   $name $i) $certificate.name                                 -}}
+{{- $secretName     := default (printf "%s-secret-%d" $name $i) $certificate.secretName                           -}}
+{{- $commonName     := (required "'commonName' for Certificate is required." $certificate.commonName)          -}}
+{{- $renewBefore    := default $subchartGlobal.certificate.default.renewBefore     $certificate.renewBefore    -}}
+{{- $duration       := default $subchartGlobal.certificate.default.duration        $certificate.duration       -}}
+{{- $namespace      := $dot.Release.Namespace      -}}
+{{/*# SAN's #*/}}
+{{- $dnsNames       := $certificate.dnsNames       -}}
+{{- $ipAddresses    := $certificate.ipAddresses    -}}
+{{- $uris           := $certificate.uris           -}}
+{{- $emailAddresses := $certificate.emailAddresses -}}
+{{/*# Subject #*/}}
+{{- $subject        := $subchartGlobal.certificate.default.subject                                             -}}
+{{- if $certificate.subject -}}
+{{-   $subject       = $certificate.subject                                              -}}
+{{- end -}}
+{{/*# Issuer #*/}}
+{{- $issuer         := $subchartGlobal.certificate.default.issuer                                              -}}
+{{- if $certificate.issuer -}}
+{{-   $issuer        = $certificate.issuer                                               -}}
+{{- end -}}
+---
+{{- if $certificate.keystore }}
+  {{- $passwordSecretRef := $certificate.keystore.passwordSecretRef -}}
+  {{- $password := include "common.createPassword" (dict "dot" $dot "uid" $certName) | quote }}
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ $passwordSecretRef.name }}
+  namespace: {{ $namespace }}
+type: Opaque
+stringData:
+  {{ $passwordSecretRef.key }}: {{ $password }}
+{{- end }}
+---
+apiVersion: cert-manager.io/v1
+kind: Certificate
+metadata:
+  name:        {{ $certName }}
+  namespace:   {{ $namespace }}
+spec:
+  secretName:  {{ $secretName }}
+  commonName:  {{ $commonName }}
+  renewBefore: {{ $renewBefore }}
+  {{- if $duration }}
+  duration:    {{ $duration }}
+  {{- end }}
+  subject:
+    organizations:
+      - {{ $subject.organization }}
+    countries:
+      - {{ $subject.country }}
+    localities:
+      - {{ $subject.locality }}
+    provinces:
+      - {{ $subject.province }}
+    organizationalUnits:
+      - {{ $subject.organizationalUnit }}
+  {{- if $dnsNames }}
+  dnsNames:
+    {{- range $dnsName := $dnsNames }}
+      - {{ $dnsName }}
+    {{- end }}
+  {{- end }}
+  {{- if $ipAddresses }}
+  ipAddresses:
+    {{- range $ipAddress := $ipAddresses }}
+      - {{ $ipAddress }}
+    {{- end }}
+  {{- end }}
+  {{- if $uris }}
+  uris:
+    {{- range $uri := $uris }}
+      - {{ $uri }}
+    {{- end }}
+  {{- end }}
+  {{- if $emailAddresses }}
+  emailAddresses:
+    {{- range $emailAddress := $emailAddresses }}
+      - {{ $emailAddress }}
+    {{- end }}
+  {{- end }}
+  issuerRef:
+    group: {{ $issuer.group }}
+    kind:  {{ $issuer.kind }}
+    name:  {{ $issuer.name }}
+  {{- if $certificate.keystore }}
+  keystores:
+    {{- range $outputType := $certificate.keystore.outputType }}
+      {{- if eq $outputType "p12" }}
+        {{- $outputType = "pkcs12" }}
+      {{- end }}
+    {{ $outputType }}:
+      create: true
+      passwordSecretRef:
+        name: {{ $certificate.keystore.passwordSecretRef.name }}
+        key: {{ $certificate.keystore.passwordSecretRef.key }}
+    {{- end }}
+  {{- end }}
+{{ end }}
+{{- end -}}
+
+{{- define "common.certManager.volumeMounts" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+  {{- range $i, $certificate := $dot.Values.certificates -}}
+    {{- $mountPath := $certificate.mountPath -}}
+- mountPath: {{ $mountPath }}
+  name: certmanager-certs-volume-{{ $i }}
+   {{- end -}}
+{{- end -}}
+
+{{- define "common.certManager.volumes" -}}
+{{- $dot := default . .dot -}}
+{{- $initRoot := default $dot.Values.certManagerCertificate .initRoot -}}
+{{- $subchartGlobal := mergeOverwrite (deepCopy $initRoot.global) $dot.Values.global -}}
+{{- $certificates := $dot.Values.certificates -}}
+  {{- range $i, $certificate := $certificates -}}
+    {{- $name := include "common.fullname" $dot -}}
+    {{- $certificatesSecretName := default (printf "%s-secret-%d" $name $i) $certificate.secretName -}}
+- name: certmanager-certs-volume-{{ $i }}
+  projected:
+    sources:
+    - secret:
+        name: {{ $certificatesSecretName }}
+    {{- if $certificate.keystore }}
+        items:
+        {{- range $outputType := $certificate.keystore.outputType }}
+          - key: keystore.{{ $outputType }}
+            path: keystore.{{ $outputType }}
+          - key: truststore.{{ $outputType }}
+            path: truststore.{{ $outputType }}
+        {{- end }}
+    - secret:
+        name: {{ $certificate.keystore.passwordSecretRef.name }}
+        items:
+          - key: {{ $certificate.keystore.passwordSecretRef.key }}
+            path: keystore.pass
+          - key: {{ $certificate.keystore.passwordSecretRef.key }}
+            path: truststore.pass
+     {{- end }}
+  {{- end -}}
+{{- end -}}
diff --git a/kubernetes/common/certManagerCertificate/values.yaml b/kubernetes/common/certManagerCertificate/values.yaml
new file mode 100644
index 0000000..d60cdf6
--- /dev/null
+++ b/kubernetes/common/certManagerCertificate/values.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2021 Nokia
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+global:
+# default values for certificates
+  certificate:
+    default:
+      renewBefore: 720h #30 days
+      duration:    8760h #365 days
+      subject:
+        organization: "Linux-Foundation"
+        country: "US"
+        locality: "San-Francisco"
+        province: "California"
+        organizationalUnit: "ONAP"
+      issuer:
+        group: certmanager.onap.org
+        kind: CMPv2Issuer
+        name: cmpv2-issuer-onap
diff --git a/kubernetes/common/common/templates/_certificate.tpl b/kubernetes/common/common/templates/_certificate.tpl
deleted file mode 100644
index d3313b2..0000000
--- a/kubernetes/common/common/templates/_certificate.tpl
+++ /dev/null
@@ -1,192 +0,0 @@
-{{/*#
-# Copyright © 2020, Nokia
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.*/}}
-
-{{/*
-# This is a template for requesting a certificate from the cert-manager (https://cert-manager.io).
-#
-# To request a certificate following steps are to be done:
-#  - create an object 'certificates' in the values.yaml
-#  - create a file templates/certificates.yaml and invoke the function "commom.certificate".
-#
-# Here is an example of the certificate request for a component:
-#
-# Directory structure:
-#   component
-#     templates
-#       certifictes.yaml
-#     values.yaml
-#
-# To be added in the file certificates.yamll
-#
-# To be added in the file values.yaml
-#  1. Minimal version (certificates only in PEM format)
-#  certificates:
-#    - commonName: component.onap.org
-#
-#  2. Extended version (with defined own issuer and additional certificate format):
-#  certificates:
-#    - name:       onap-component-certificate
-#      secretName: onap-component-certificate
-#      commonName: component.onap.org
-#      dnsNames:
-#        - component.onap.org
-#      issuer:
-#        group: certmanager.onap.org
-#        kind: CMPv2Issuer
-#        name: cmpv2-issuer-for-the-component
-#      p12Keystore:
-#        create: true
-#        passwordSecretRef:
-#          name: secret-name
-#          key:  secret-key
-#      jksKeystore:
-#        create: true
-#        passwordSecretRef:
-#          name: secret-name
-#          key:  secret-key
-#
-# Fields 'name', 'secretName' and 'commonName' are mandatory and required to be defined.
-# Other mandatory fields for the certificate definition do not have to be defined directly,
-# in that case they will be taken from default values.
-#
-# Default values are defined in file onap/values.yaml (see-> global.certificate.default)
-# and can be overriden during onap installation process.
-#
-*/}}
-
-{{- define "common.certificate" -}}
-{{- $dot := default . .dot -}}
-{{- $certificates := $dot.Values.certificates -}}
-
-{{ range $i, $certificate := $certificates }}
-{{/*# General certifiacate attributes  #*/}}
-{{- $name           := include "common.fullname" $dot                                                             -}}
-{{- $certName       := default (printf "%s-cert-%d"   $name $i) $certificate.name                                 -}}
-{{- $secretName     := default (printf "%s-secret-%d" $name $i) $certificate.secretName                           -}}
-{{- $commonName     := default $dot.Values.global.certificate.default.commonName      $certificate.commonName     -}}
-{{- $renewBefore    := default $dot.Values.global.certificate.default.renewBefore     $certificate.renewBefore    -}}
-{{- $duration       := $certificate.duration                                                                      -}}
-{{- $namespace      := default $dot.Release.Namespace         $dot.Values.global.certificate.default.namespace    -}}
-{{- if $certificate.namespace -}}
-{{-   $namespace    = default $namespace                                              $certificate.namespace      -}}
-{{- end -}}
-{{/*# SAN's #*/}}
-{{- $dnsNames       := default $dot.Values.global.certificate.default.dnsNames        $certificate.dnsNames       -}}
-{{- $ipAddresses    := default $dot.Values.global.certificate.default.ipAddresses     $certificate.ipAddresses    -}}
-{{- $uris           := default $dot.Values.global.certificate.default.uris            $certificate.uris           -}}
-{{- $emailAddresses := default $dot.Values.global.certificate.default.emailAddresses  $certificate.emailAddresses -}}
-{{/*# Subject #*/}}
-{{- $subject        := $dot.Values.global.certificate.default.subject                                             -}}
-{{- if $certificate.subject -}}
-{{-   $subject       = mergeOverwrite $subject  $certificate.subject                                              -}}
-{{- end -}}
-{{/*# Issuer #*/}}
-{{- $issuer         := $dot.Values.global.certificate.default.issuer                                              -}}
-{{- if $certificate.issuer -}}
-{{-   $issuer        = mergeOverwrite $issuer   $certificate.issuer                                               -}}
-{{- end -}}
-{{/*# Keystores #*/}}
-{{- $createJksKeystore                  := $dot.Values.global.certificate.default.jksKeystore.create                  -}}
-{{- $jksKeystorePasswordSecretName      := $dot.Values.global.certificate.default.jksKeystore.passwordSecretRef.name  -}}
-{{- $jksKeystorePasswordSecreKey        := $dot.Values.global.certificate.default.jksKeystore.passwordSecretRef.key   -}}
-{{- $createP12Keystore                  := $dot.Values.global.certificate.default.p12Keystore.create                  -}}
-{{- $p12KeystorePasswordSecretName      := $dot.Values.global.certificate.default.p12Keystore.passwordSecretRef.name  -}}
-{{- $p12KeystorePasswordSecreKey        := $dot.Values.global.certificate.default.p12Keystore.passwordSecretRef.key   -}}
-{{- if $certificate.jksKeystore -}}
-{{-   $createJksKeystore                 = default $createJksKeystore                $certificate.jksKeystore.create                   -}}
-{{-   if $certificate.jksKeystore.passwordSecretRef -}}
-{{-     $jksKeystorePasswordSecretName   = default $jksKeystorePasswordSecretName    $certificate.jksKeystore.passwordSecretRef.name   -}}
-{{-     $jksKeystorePasswordSecreKey     = default $jksKeystorePasswordSecreKey      $certificate.jksKeystore.passwordSecretRef.key    -}}
-{{-   end -}}
-{{- end -}}
-{{- if $certificate.p12Keystore -}}
-{{-   $createP12Keystore                 = default $createP12Keystore                $certificate.p12Keystore.create                   -}}
-{{-   if $certificate.p12Keystore.passwordSecretRef -}}
-{{-     $p12KeystorePasswordSecretName   = default $p12KeystorePasswordSecretName    $certificate.p12Keystore.passwordSecretRef.name   -}}
-{{-     $p12KeystorePasswordSecreKey     = default $p12KeystorePasswordSecreKey      $certificate.p12Keystore.passwordSecretRef.key    -}}
-{{-   end -}}
-{{- end -}}
----
-apiVersion: cert-manager.io/v1
-kind: Certificate
-metadata:
-  name:        {{ $certName }}
-  namespace:   {{ $namespace }}
-spec:
-  secretName:  {{ $secretName }}
-  commonName:  {{ $commonName }}
-  renewBefore: {{ $renewBefore }}
-  {{- if $duration }}
-  duration:    {{ $duration }}
-  {{- end }}
-  subject:
-    organizations:
-      - {{ $subject.organization }}
-    countries:
-      - {{ $subject.country }}
-    localities:
-      - {{ $subject.locality }}
-    provinces:
-      - {{ $subject.province }}
-    organizationalUnits:
-      - {{ $subject.organizationalUnit }}
-  {{- if $dnsNames }}
-  dnsNames:
-    {{- range $dnsName := $dnsNames }}
-      - {{ $dnsName }}
-    {{- end }}
-  {{- end }}
-  {{- if $ipAddresses }}
-  ipAddresses:
-    {{- range $ipAddress := $ipAddresses }}
-      - {{ $ipAddress }}
-    {{- end }}
-  {{- end }}
-  {{- if $uris }}
-  uris:
-    {{- range $uri := $uris }}
-      - {{ $uri }}
-    {{- end }}
-  {{- end }}
-  {{- if $emailAddresses }}
-  emailAddresses:
-    {{- range $emailAddress := $emailAddresses }}
-      - {{ $emailAddress }}
-    {{- end }}
-  {{- end }}
-  issuerRef:
-    group: {{ $issuer.group }}
-    kind:  {{ $issuer.kind }}
-    name:  {{ $issuer.name }}
-  {{- if or $createJksKeystore $createP12Keystore }}
-  keystores:
-    {{- if $createJksKeystore }}
-    jks:
-      create: {{ $createJksKeystore }}
-      passwordSecretRef:
-        name: {{ $jksKeystorePasswordSecretName }}
-        key:  {{ $jksKeystorePasswordSecreKey }}
-    {{- end }}
-    {{- if $createP12Keystore }}
-    pkcs12:
-      create: {{ $createP12Keystore }}
-      passwordSecretRef:
-        name: {{ $p12KeystorePasswordSecretName }}
-        key:  {{ $p12KeystorePasswordSecreKey }}
-    {{- end }}
-  {{- end }}
-{{ end }}
-
-{{- end -}}
diff --git a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
index f71db5e..6412bf8 100644
--- a/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-bootstrap/values.yaml
@@ -24,7 +24,7 @@
   nodePortPrefix: 302
   nodePortPrefixExt: 304
   tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
 
 secrets:
   - uid: pg-root-pass
@@ -115,7 +115,7 @@
   tcagen2: onap/org.onap.dcaegen2.analytics.tca-gen2.dcae-analytics-tca-web:1.2.1
   ves: onap/org.onap.dcaegen2.collectors.ves.vescollector:1.7.9
   snmptrap: onap/org.onap.dcaegen2.collectors.snmptrap:1.4.0
-  prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.4
+  prh: onap/org.onap.dcaegen2.services.prh.prh-app-server:1.5.5
   hv_ves: onap/org.onap.dcaegen2.collectors.hv-ves.hv-collector-main:1.6.0
   datafile_collector: onap/org.onap.dcaegen2.collectors.datafile.datafile-app-server:1.5.0
 
diff --git a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
index 891c0e1..711c1d5 100644
--- a/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-cloudify-manager/values.yaml
@@ -24,7 +24,7 @@
   nodePortPrefix: 302
   persistence: {}
   tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
   repositoryCred:
     user: docker
     password: docker
@@ -50,7 +50,7 @@
 # Application configuration defaults.
 #################################################################
 # application image
-image: onap/org.onap.dcaegen2.deployments.cm-container:4.1.0
+image: onap/org.onap.dcaegen2.deployments.cm-container:4.2.0
 pullPolicy: Always
 
 # name of shared ConfigMap with kubeconfig for multiple clusters
diff --git a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml
index a32214f..7b9431c 100644
--- a/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-deployment-handler/values.yaml
@@ -21,7 +21,7 @@
 global:
   nodePortPrefix: 302
   tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
 
 secrets:
   - uid: 'cm-pass'
diff --git a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
index 95bbe1e..8f6432d 100644
--- a/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
+++ b/kubernetes/dcaegen2/components/dcae-policy-handler/values.yaml
@@ -21,8 +21,7 @@
 global:
   nodePortPrefix: 302
   tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
-
+  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
 secrets:
   - uid: 'cm-pass'
     type: password
diff --git a/kubernetes/dcaegen2/values.yaml b/kubernetes/dcaegen2/values.yaml
index d4007ad..232f8b4 100644
--- a/kubernetes/dcaegen2/values.yaml
+++ b/kubernetes/dcaegen2/values.yaml
@@ -20,7 +20,7 @@
 global:
   nodePortPrefix: 302
   tlsImage: onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
-  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.0.0
+  consulLoaderImage: onap/org.onap.dcaegen2.deployments.consul-loader-container:1.1.0
 
 #################################################################
 # Secrets metaconfig
diff --git a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
index 03b5c83..2482748 100644
--- a/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
+++ b/kubernetes/dcaemod/components/dcaemod-runtime-api/values.yaml
@@ -69,7 +69,7 @@
   # Should have a proper readiness endpoint or script
 
 # application image
-image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.1
+image: onap/org.onap.dcaegen2.platform.mod.runtime-web:1.2.2
 
 # Resource Limit flavor -By Default using small
 flavor: small
diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml
index 335629d..3e96bdf 100755
--- a/kubernetes/onap/requirements.yaml
+++ b/kubernetes/onap/requirements.yaml
@@ -39,10 +39,6 @@
     version: ~7.x-0
     repository: '@local'
     condition: cds.enabled
-  - name: clamp
-    version: ~7.x-0
-    repository: '@local'
-    condition: clamp.enabled
   - name: cli
     version: ~7.x-0
     repository: '@local'
diff --git a/kubernetes/onap/values.yaml b/kubernetes/onap/values.yaml
index 389b16a..0920222 100755
--- a/kubernetes/onap/values.yaml
+++ b/kubernetes/onap/values.yaml
@@ -179,7 +179,8 @@
   # default values for certificates
   certificate:
     default:
-      renewBefore: 8h
+      renewBefore: 720h #30 days
+      duration:    8760h #365 days
       subject:
         organization: "Linux-Foundation"
         country: "US"
@@ -190,16 +191,6 @@
         group: certmanager.onap.org
         kind: CMPv2Issuer
         name: cmpv2-issuer-onap
-      p12Keystore:
-        create: false
-        passwordSecretRef:
-          name: ""
-          key:  ""
-      jksKeystore:
-        create: false
-        passwordSecretRef:
-          name: ""
-          key:  ""
 
   # Enabling CMPv2
   cmpv2Enabled: true
diff --git a/kubernetes/clamp/components/clamp-mariadb/Chart.yaml b/kubernetes/policy/components/policy-clamp-be/Chart.yaml
similarity index 91%
rename from kubernetes/clamp/components/clamp-mariadb/Chart.yaml
rename to kubernetes/policy/components/policy-clamp-be/Chart.yaml
index c0de185..fd48cc2 100644
--- a/kubernetes/clamp/components/clamp-mariadb/Chart.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/Chart.yaml
@@ -14,6 +14,6 @@
 # limitations under the License.
 
 apiVersion: v1
-description: MariaDB Service
-name: clamp-mariadb
+description: ONAP Policy Clamp Backend
+name: policy-clamp-be
 version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-backend/requirements.yaml b/kubernetes/policy/components/policy-clamp-be/requirements.yaml
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/requirements.yaml
rename to kubernetes/policy/components/policy-clamp-be/requirements.yaml
diff --git a/kubernetes/clamp/components/clamp-backend/resources/config/application.properties b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties
similarity index 91%
rename from kubernetes/clamp/components/clamp-backend/resources/config/application.properties
rename to kubernetes/policy/components/policy-clamp-be/resources/config/application.properties
index 8dd0fc7..17185cc 100644
--- a/kubernetes/clamp/components/clamp-backend/resources/config/application.properties
+++ b/kubernetes/policy/components/policy-clamp-be/resources/config/application.properties
@@ -44,11 +44,11 @@
 #clds datasource connection details
 spring.datasource.username=${MYSQL_USER}
 spring.datasource.password=${MYSQL_PASSWORD}
-spring.datasource.url=jdbc:mariadb:sequential://clampdb.{{ include "common.namespace" . }}:3306/${MYSQL_DATABASE}?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
+spring.datasource.url=jdbc:mariadb:sequential://{{ .Values.db.service.name }}:{{ .Values.db.service.internalPort }}/policyclamp?autoReconnect=true&connectTimeout=10000&socketTimeout=10000&retriesAllDown=3
 spring.profiles.active=clamp-default,clamp-aaf-authentication,clamp-sdc-controller,clamp-ssl-config,clamp-policy-controller,default-dictionary-elements
 
 #The log folder that will be used in logback.xml file
-clamp.config.files.sdcController=file:/opt/clamp/sdc-controllers-config.json
+clamp.config.files.sdcController=file:/opt/policy/clamp/sdc-controllers-config.json
 
 #
 # Configuration Settings for Policy Engine Components
diff --git a/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml b/kubernetes/policy/components/policy-clamp-be/resources/config/create-db-tables.sh
old mode 100644
new mode 100755
similarity index 66%
copy from kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
copy to kubernetes/policy/components/policy-clamp-be/resources/config/create-db-tables.sh
index e5d7174..329479f
--- a/kubernetes/clamp/components/clamp-dash-kibana/templates/ingress.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/resources/config/create-db-tables.sh
@@ -1,4 +1,7 @@
-{{/* # Copyright © 2020 Samsung, Orange
+#!/bin/sh
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+# Modifications Copyright © 2018, 2020-2021 AT&T Intellectual Property
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -13,4 +16,4 @@
 # limitations under the License.
 */}}
 
-{{ include "common.ingress" . }}
+mysql -h"${MYSQL_HOST}" -P"${MYSQL_PORT}" -u"${MYSQL_USER}" -p"${MYSQL_PASSWORD}" policyclamp < /dbcmd-config/policy-clamp-create-tables.sql
diff --git a/kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/components/policy-clamp-be/resources/config/log/filebeat/filebeat.yml
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml
rename to kubernetes/policy/components/policy-clamp-be/resources/config/log/filebeat/filebeat.yml
diff --git a/kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql b/kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql
similarity index 100%
rename from kubernetes/clamp/components/clamp-mariadb/resources/config/mariadb/docker-entrypoint-initdb.d/create-tables.sql
rename to kubernetes/policy/components/policy-clamp-be/resources/config/policy-clamp-create-tables.sql
diff --git a/kubernetes/clamp/components/clamp-backend/resources/config/sdc-controllers-config.json b/kubernetes/policy/components/policy-clamp-be/resources/config/sdc-controllers-config.json
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/resources/config/sdc-controllers-config.json
rename to kubernetes/policy/components/policy-clamp-be/resources/config/sdc-controllers-config.json
diff --git a/kubernetes/clamp/components/clamp-backend/templates/NOTES.txt b/kubernetes/policy/components/policy-clamp-be/templates/NOTES.txt
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/templates/NOTES.txt
rename to kubernetes/policy/components/policy-clamp-be/templates/NOTES.txt
diff --git a/kubernetes/clamp/components/clamp-dash-es/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-be/templates/configmap.yaml
similarity index 95%
rename from kubernetes/clamp/components/clamp-dash-es/templates/configmap.yaml
rename to kubernetes/policy/components/policy-clamp-be/templates/configmap.yaml
index fe0349e..aeadc37 100644
--- a/kubernetes/clamp/components/clamp-dash-es/templates/configmap.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/templates/configmap.yaml
@@ -27,3 +27,5 @@
     heritage: {{ .Release.Service }}
 data:
 {{ tpl (.Files.Glob "resources/config/*").AsConfig . | indent 2 }}
+
+{{ include "common.log.configMap" . }}
diff --git a/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
similarity index 90%
rename from kubernetes/clamp/components/clamp-backend/templates/deployment.yaml
rename to kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
index 9153f9d..1120f9b 100644
--- a/kubernetes/clamp/components/clamp-backend/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/templates/deployment.yaml
@@ -40,8 +40,8 @@
       - command:
         - /app/ready.py
         args:
-        - --container-name
-        - clamp-mariadb
+        - --job-name
+        - {{ include "common.release" . }}-policy-clamp-galera-config
         env:
         - name: NAMESPACE
           valueFrom:
@@ -61,14 +61,14 @@
           imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
           command:
           - sh
-          workingDir: "/opt/clamp/"
+          workingDir: "/opt/policy/clamp/"
           args:
           - -c
           - |
           {{- if .Values.global.aafEnabled }}
             export $(grep '^cadi_' {{ .Values.certInitializer.credsPath }}/org.onap.clamp.cred.props | xargs -0)
           {{- end }}
-            java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./app.jar
+            java -Djava.security.egd=file:/dev/./urandom ${JAVA_RAM_CONFIGURATION} -jar ./policy-clamp-backend.jar
           ports:
           - containerPort: {{ .Values.service.internalPort }}
           # disable liveness probe when breakpoints set in debugger
@@ -88,19 +88,17 @@
           volumeMounts: {{ include "common.certInitializer.volumeMount" . | nindent 10 }}
           - name: logs
             mountPath: {{ .Values.log.path }}
-          - mountPath: /opt/clamp/sdc-controllers-config.json
+          - mountPath: /opt/policy/clamp/sdc-controllers-config.json
             name: {{ include "common.fullname" . }}-config
             subPath: sdc-controllers-config.json
-          - mountPath: /opt/clamp/application.properties
+          - mountPath: /opt/policy/clamp/application.properties
             name: {{ include "common.fullname" . }}-config
             subPath: application.properties
           env:
           - name: MYSQL_USER
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "login") | indent 12 }}
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 12 }}
           - name: MYSQL_PASSWORD
-            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-secret" "key" "password") | indent 12 }}
-          - name: MYSQL_DATABASE
-            value: {{ tpl .Values.db.databaseName .}}
+            {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 12 }}
           {{-  if ne "unlimited" (include "common.flavor" .) }}
           - name: JAVA_RAM_CONFIGURATION
             value: -XX:MinRAMPercentage=50 -XX:MaxRAMPercentage=75
@@ -115,7 +113,7 @@
       volumes: {{ include "common.certInitializer.volumes" . | nindent 8 }}
         - name: {{ include "common.fullname" . }}-config
           configMap:
-            name: {{ include "common.fullname" . }}
+            name: {{ include "common.fullname" . }}-configmap
             items:
             - key: sdc-controllers-config.json
               path: sdc-controllers-config.json
diff --git a/kubernetes/policy/components/policy-clamp-be/templates/job.yaml b/kubernetes/policy/components/policy-clamp-be/templates/job.yaml
new file mode 100755
index 0000000..c5c968a
--- /dev/null
+++ b/kubernetes/policy/components/policy-clamp-be/templates/job.yaml
@@ -0,0 +1,84 @@
+{{/*
+# Copyright © 2018 Amdocs, Bell Canada
+# Modifications Copyright © 2020-2021 AT&T Intellectual Property
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+apiVersion: batch/v1
+kind: Job
+metadata:
+  name: {{ include "common.release" . }}-policy-clamp-galera-config
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}-policy-clamp-job
+    release: {{ include "common.release" . }}
+spec:
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}-policy-clamp-job
+        release: {{ include "common.release" . }}
+    spec:
+      initContainers:
+#This container checks that all galera instances are up before initializing it.
+      - name: {{ include "common.name" . }}-readiness
+        image: {{ include "repositoryGenerator.image.readiness" . }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        command:
+        - /app/ready.py
+        - --job-name
+        - {{ include "common.release" . }}-policy-galera-config
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+      containers:
+      - name: {{ include "common.release" . }}-policy-clamp-galera-config
+        image: {{ include "repositoryGenerator.dockerHubRepository" . }}/{{ .Values.db.image }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        volumeMounts:
+        - mountPath: /dbcmd-config/create-db-tables.sh
+          name: {{ include "common.fullname" . }}-config
+          subPath: create-db-tables.sh
+        - mountPath: /dbcmd-config/policy-clamp-create-tables.sql
+          name: {{ include "common.fullname" . }}-config
+          subPath: policy-clamp-create-tables.sql
+        command:
+        - /bin/sh
+        args:
+        - -x
+        - /dbcmd-config/create-db-tables.sh
+        env:
+        - name: MYSQL_HOST
+          value: "{{ .Values.db.service.name }}"
+        - name: MYSQL_USER
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "login") | indent 10 }}
+        - name: MYSQL_PASSWORD
+          {{- include "common.secret.envFromSecretFast" (dict "global" . "uid" "db-creds" "key" "password") | indent 10 }}
+        - name: MYSQL_PORT
+          value: "{{ .Values.db.service.internalPort }}"
+        resources:
+{{ include "common.resources" . }}
+      restartPolicy: Never
+      volumes:
+        - name: {{ include "common.fullname" . }}-config
+          configMap:
+            name: {{ include "common.fullname" . }}-configmap
+            items:
+              - key: create-db-tables.sh
+                path: create-db-tables.sh
+              - key: policy-clamp-create-tables.sql
+                path: policy-clamp-create-tables.sql
diff --git a/kubernetes/clamp/components/clamp-backend/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-be/templates/secrets.yaml
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/templates/secrets.yaml
rename to kubernetes/policy/components/policy-clamp-be/templates/secrets.yaml
diff --git a/kubernetes/clamp/components/clamp-backend/templates/service.yaml b/kubernetes/policy/components/policy-clamp-be/templates/service.yaml
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/templates/service.yaml
rename to kubernetes/policy/components/policy-clamp-be/templates/service.yaml
diff --git a/kubernetes/clamp/components/clamp-backend/values.yaml b/kubernetes/policy/components/policy-clamp-be/values.yaml
similarity index 92%
rename from kubernetes/clamp/components/clamp-backend/values.yaml
rename to kubernetes/policy/components/policy-clamp-be/values.yaml
index efd08ba..1446ac4 100644
--- a/kubernetes/clamp/components/clamp-backend/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-be/values.yaml
@@ -53,9 +53,9 @@
     chmod a+rx *;
 
 secrets:
-  - uid: db-secret
+  - uid: db-creds
     type: basicAuth
-    externalSecret: '{{ tpl (default "" .Values.db.userCredsExternalSecret) . }}'
+    externalSecret: '{{ tpl (default "" .Values.db.credsExternalSecret) . }}'
     login: '{{ .Values.db.user }}'
     password: '{{ .Values.db.password }}'
     passwordPolicy: required
@@ -63,7 +63,7 @@
 flavor: small
 
 # application image
-image: onap/clamp-backend:5.1.5
+image: onap/policy-clamp-backend:6.0.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required
@@ -80,9 +80,12 @@
 #####dummy values for db user and password to pass lint!!!#######
 
 db:
-  user: dummyclds
-  password: dummysidnnd83K
-  databaseName: dummycldsdb4
+  user: policy_user
+  password: policy_user
+  image: mariadb:10.5.8
+  service:
+    name: policy-mariadb
+    internalPort: 3306
 
 config:
   log:
@@ -114,10 +117,10 @@
 
 service:
   type: ClusterIP
-  name: clamp-backend
-  portName: clamp-backend
+  name: policy-clamp-be
+  portName: policy-clamp-be
   internalPort: 8443
-  externalPort: 443
+  externalPort: 8443
 
 ingress:
   enabled: false
diff --git a/kubernetes/clamp/components/clamp-mariadb/Chart.yaml b/kubernetes/policy/components/policy-clamp-fe/Chart.yaml
similarity index 91%
copy from kubernetes/clamp/components/clamp-mariadb/Chart.yaml
copy to kubernetes/policy/components/policy-clamp-fe/Chart.yaml
index c0de185..331ba86 100644
--- a/kubernetes/clamp/components/clamp-mariadb/Chart.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/Chart.yaml
@@ -14,6 +14,6 @@
 # limitations under the License.
 
 apiVersion: v1
-description: MariaDB Service
-name: clamp-mariadb
+description: ONAP Policy Clamp Frontend
+name: policy-clamp-fe
 version: 7.0.0
diff --git a/kubernetes/clamp/components/clamp-backend/requirements.yaml b/kubernetes/policy/components/policy-clamp-fe/requirements.yaml
similarity index 100%
copy from kubernetes/clamp/components/clamp-backend/requirements.yaml
copy to kubernetes/policy/components/policy-clamp-fe/requirements.yaml
diff --git a/kubernetes/clamp/resources/config/default.conf b/kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf
similarity index 93%
rename from kubernetes/clamp/resources/config/default.conf
rename to kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf
index 3e6fde9..4cab734 100644
--- a/kubernetes/clamp/resources/config/default.conf
+++ b/kubernetes/policy/components/policy-clamp-fe/resources/config/default.conf
@@ -12,7 +12,7 @@
 
   ssl_verify_client optional_no_ca;
     location /restservices/clds/ {
-        proxy_pass https://clamp-backend:443;
+        proxy_pass https://policy-clamp-be:8443;
         proxy_set_header X-SSL-Cert $ssl_client_escaped_cert;
     }
 
diff --git a/kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/components/policy-clamp-fe/resources/config/log/filebeat/filebeat.yml
similarity index 100%
copy from kubernetes/clamp/components/clamp-backend/resources/config/log/filebeat/filebeat.yml
copy to kubernetes/policy/components/policy-clamp-fe/resources/config/log/filebeat/filebeat.yml
diff --git a/kubernetes/clamp/components/clamp-backend/templates/NOTES.txt b/kubernetes/policy/components/policy-clamp-fe/templates/NOTES.txt
similarity index 100%
copy from kubernetes/clamp/components/clamp-backend/templates/NOTES.txt
copy to kubernetes/policy/components/policy-clamp-fe/templates/NOTES.txt
diff --git a/kubernetes/clamp/components/clamp-backend/templates/configmap.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/configmap.yaml
similarity index 100%
rename from kubernetes/clamp/components/clamp-backend/templates/configmap.yaml
rename to kubernetes/policy/components/policy-clamp-fe/templates/configmap.yaml
diff --git a/kubernetes/clamp/templates/deployment.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
similarity index 98%
rename from kubernetes/clamp/templates/deployment.yaml
rename to kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
index 51b864b..97c7919 100644
--- a/kubernetes/clamp/templates/deployment.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/templates/deployment.yaml
@@ -41,7 +41,7 @@
         - /app/ready.py
         args:
         - --container-name
-        - clamp-backend
+        - policy-clamp-be
         env:
         - name: NAMESPACE
           valueFrom:
diff --git a/kubernetes/clamp/templates/ingress.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/ingress.yaml
similarity index 100%
rename from kubernetes/clamp/templates/ingress.yaml
rename to kubernetes/policy/components/policy-clamp-fe/templates/ingress.yaml
diff --git a/kubernetes/clamp/components/clamp-backend/templates/secrets.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/secrets.yaml
similarity index 100%
copy from kubernetes/clamp/components/clamp-backend/templates/secrets.yaml
copy to kubernetes/policy/components/policy-clamp-fe/templates/secrets.yaml
diff --git a/kubernetes/clamp/components/clamp-mariadb/templates/service.yaml b/kubernetes/policy/components/policy-clamp-fe/templates/service.yaml
similarity index 94%
rename from kubernetes/clamp/components/clamp-mariadb/templates/service.yaml
rename to kubernetes/policy/components/policy-clamp-fe/templates/service.yaml
index 20a5065..b4549ba 100644
--- a/kubernetes/clamp/components/clamp-mariadb/templates/service.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/templates/service.yaml
@@ -18,7 +18,7 @@
 apiVersion: v1
 kind: Service
 metadata:
-  name: {{ include "common.servicename" . }}
+  name: {{ .Values.service.name }}
   namespace: {{ include "common.namespace" . }}
   labels:
     app: {{ include "common.name" . }}
@@ -31,11 +31,13 @@
     {{if eq .Values.service.type "NodePort" -}}
     - port: {{ .Values.service.internalPort }}
       nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.portName }}
     {{- else -}}
     - port: {{ .Values.service.externalPort }}
       targetPort: {{ .Values.service.internalPort }}
-    {{- end}}
       name: {{ .Values.service.portName }}
+    {{- end}}
   selector:
     app: {{ include "common.name" . }}
     release: {{ include "common.release" . }}
+---
diff --git a/kubernetes/clamp/values.yaml b/kubernetes/policy/components/policy-clamp-fe/values.yaml
similarity index 83%
rename from kubernetes/clamp/values.yaml
rename to kubernetes/policy/components/policy-clamp-fe/values.yaml
index b2b37d3..91a096d 100644
--- a/kubernetes/clamp/values.yaml
+++ b/kubernetes/policy/components/policy-clamp-fe/values.yaml
@@ -56,40 +56,13 @@
     openssl pkcs12 -in {{ .Values.keystoreFile }} -cacerts -nokeys -chain -passin pass:$cadi_keystore_password_p12 > {{ .Values.clamp_ca_certs_pem }};
     chmod a+rx *;
 
-secrets:
-  - uid: db-root-pass
-    name: &dbRootPass '{{ include "common.release" . }}-clamp-db-root-pass'
-    type: password
-    password: '{{ .Values.db.rootPass }}'
-  - uid: db-secret
-    name: &dbUserPass '{{ include "common.release" . }}-clamp-db-user-pass'
-    type: basicAuth
-    login: '{{ .Values.db.user }}'
-    password: '{{ .Values.db.password }}'
-
-db:
-  user: clds
-#  password: sidnnd83K
-  databaseName: &dbName cldsdb4
-#    rootPass: emrys  user: testos
-
-clamp-backend:
-  db:
-    userCredsExternalSecret: *dbUserPass
-    databaseName: *dbName
-clamp-mariadb:
-  db:
-    rootCredsExternalSecret: *dbRootPass
-    userCredsExternalSecret: *dbUserPass
-    databaseName: *dbName
-
 subChartsOnly:
   enabled: true
 
 flavor: small
 
 # application image
-image: onap/clamp-frontend:5.1.5
+image: onap/policy-clamp-frontend:6.0.0
 pullPolicy: Always
 
 # flag to enable debugging - application support required
@@ -131,20 +104,14 @@
 
 service:
   type: NodePort
-  name: clamp-external
-  portName: clamp-external
+  name: policy-clamp-fe
+  portName: policy-clamp-fe
   internalPort: 2443
   nodePort: 58
 
   # as of 20180904 port 58 is reserved for clamp from log/logdemonode
   # see https://wiki.onap.org/display/DW/OOM+NodePort+List
 
-  type2: ClusterIP
-  name2: clamp
-  portName2: clamp-internal
-  internalPort2: 2443
-  externalPort2: 8443
-
 ingress:
   enabled: false
   service:
diff --git a/kubernetes/policy/requirements.yaml b/kubernetes/policy/requirements.yaml
index b2f2b74..22e3dfa 100755
--- a/kubernetes/policy/requirements.yaml
+++ b/kubernetes/policy/requirements.yaml
@@ -48,6 +48,14 @@
     version: ~7.x-0
     repository: 'file://components/policy-distribution'
     condition: policy-distribution.enabled
+  - name: policy-clamp-be
+    version: ~7.x-0
+    repository: 'file://components/policy-clamp-be'
+    condition: policy-clamp-be.enabled
+  - name: policy-clamp-fe
+    version: ~7.x-0
+    repository: 'file://components/policy-clamp-fe'
+    condition: policy-clamp-fe.enabled
   - name: repositoryGenerator
     version: ~7.x-0
     repository: '@local'
diff --git a/kubernetes/policy/resources/config/db.sh b/kubernetes/policy/resources/config/db.sh
index 0d7ce07..90c9879 100755
--- a/kubernetes/policy/resources/config/db.sh
+++ b/kubernetes/policy/resources/config/db.sh
@@ -18,7 +18,7 @@
 
 mysql() { /usr/bin/mysql  -h ${MYSQL_HOST} -P ${MYSQL_USER} "$@"; };
 
-for db in support onap_sdk log migration operationshistory10 pooling policyadmin operationshistory
+for db in support onap_sdk log migration operationshistory10 pooling policyadmin policyclamp operationshistory
 do
 	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
 	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index d098954..678772c 100755
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -66,6 +66,11 @@
 policy-distribution:
   enabled: true
   db: *dbSecretsHook
+policy-clamp-be:
+  enabled: true
+  db: *dbSecretsHook
+policy-clamp-fe:
+  enabled: true
 policy-nexus:
   enabled: false
 
diff --git a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
index 84a78ab..39cd029 100644
--- a/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
+++ b/kubernetes/portal/components/portal-cassandra/templates/deployment.yaml
@@ -1,7 +1,7 @@
 {{/*
 # Copyright (c) 2017 Amdocs, Bell Canada
 # Modifications Copyright (c) 2018 AT&T
-# Modifications Copyright (c) 2020 Nokia
+# Modifications Copyright (c) 2020 Nokia, Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -108,6 +108,12 @@
             value: rack1
           - name: CASSANDRA_ENABLE_RPC
             value: "true"
+          {{- if eq "small" .Values.flavor }}
+          - name: MAX_HEAP_SIZE
+            value: {{ .Values.resources.small.heap.max }}
+          - name: HEAP_NEWSIZE
+            value: {{ .Values.resources.small.heap.new }}
+          {{- end }}
         volumeMounts:
         - mountPath: /etc/localtime
           name: localtime
diff --git a/kubernetes/portal/components/portal-cassandra/values.yaml b/kubernetes/portal/components/portal-cassandra/values.yaml
index ec76d08..c185155 100644
--- a/kubernetes/portal/components/portal-cassandra/values.yaml
+++ b/kubernetes/portal/components/portal-cassandra/values.yaml
@@ -1,6 +1,6 @@
 # Copyright (c) 2017 Amdocs, Bell Canada
 # Modifications Copyright (c) 2018 AT&T
-# Modifications Copyright (c) 2020 Nokia
+# Modifications Copyright (c) 2020 Nokia, Orange
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -112,12 +112,20 @@
 # Segregation for Different environment (Small and Large)
 resources:
   small:
+    # Heap size is tightly correlated to RAM limits.
+    # If limit > 8G, Cassandra should define itself the best value.
+    # If not, you must set up it in a coherent way with limits set
+    # Refer to https://docs.datastax.com/en/cassandra-oss/3.0/cassandra/operations/opsTuneJVM.html#Determiningtheheapsize
+    # for more informations.
+    heap:
+      max: 3G
+      new: 100M
     limits:
       cpu: 500m
       memory: 3.75Gi
     requests:
       cpu: 160m
-      memory: 2.8Gi
+      memory: 3.1Gi
   large:
     limits:
       cpu: 4
diff --git a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
index ef12c9a..50117bd 100644
--- a/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
+++ b/kubernetes/robot/resources/config/eteshare/config/robot_properties.py
@@ -20,7 +20,7 @@
 GLOBAL_INJECTED_APPC_CDT_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "appc-cdt") }}'
 GLOBAL_INJECTED_ARTIFACTS_VERSION = '{{.Values.demoArtifactsVersion}}'
 GLOBAL_INJECTED_ARTIFACTS_REPO_URL = "{{ .Values.demoArtifactsRepoUrl }}"
-GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "clamp") }}'
+GLOBAL_INJECTED_CLAMP_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "policy-clamp-fe") }}'
 GLOBAL_INJECTED_CLI_IP_ADDR = '{{include "robot.ingress.svchost" (dict "root" . "hostname" "cli") }}'
 GLOBAL_INJECTED_CLOUD_ENV = 'openstack'
 GLOBAL_INJECTED_DCAE_COLLECTOR_IP = "{{ .Values.dcaeCollectorIp }}"
@@ -152,7 +152,7 @@
 GLOBAL_SDC_AUTHENTICATION = [GLOBAL_SDC_USERNAME, GLOBAL_SDC_PASSWORD]
 # clamp info - everything is from the private oam network (also called onap private network)
 GLOBAL_CLAMP_SERVER_PROTOCOL = "https"
-GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "clamp" "port" 8443) }}'
+GLOBAL_CLAMP_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "policy-clamp-fe" "port" 2443) }}'
 # nbi info - everything is from the private oam network (also called onap private network)
 GLOBAL_NBI_SERVER_PROTOCOL = "https"
 GLOBAL_NBI_SERVER_PORT = '{{include "robot.ingress.port" (dict "root" . "hostname" "nbi" "port" 8443) }}'
diff --git a/kubernetes/sdnc/requirements.yaml b/kubernetes/sdnc/requirements.yaml
index f58ecb1..27b68df 100644
--- a/kubernetes/sdnc/requirements.yaml
+++ b/kubernetes/sdnc/requirements.yaml
@@ -24,6 +24,9 @@
   - name: cmpv2Certificate
     version: ~7.x-0
     repository: '@local'
+  - name: certManagerCertificate
+    version: ~7.x-0
+    repository: '@local'
   - name: logConfiguration
     version: ~7.x-0
     repository: '@local'
diff --git a/kubernetes/sdnc/templates/certificates.yaml b/kubernetes/sdnc/templates/certificates.yaml
index dda1617..c4eca61 100644
--- a/kubernetes/sdnc/templates/certificates.yaml
+++ b/kubernetes/sdnc/templates/certificates.yaml
@@ -1,5 +1,5 @@
 {{/*
-# Copyright © 2020 Nokia
+# Copyright © 2020-2021 Nokia
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -14,6 +14,6 @@
 # limitations under the License.
 */}}
 
-{{ if .Values.global.CMPv2CertManagerIntegration }}
-{{ include "common.certificate" . }}
+{{ if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "certManagerCertificate.certificate" . }}
 {{ end }}
diff --git a/kubernetes/sdnc/templates/statefulset.yaml b/kubernetes/sdnc/templates/statefulset.yaml
index 2a36c0b..7441dac 100644
--- a/kubernetes/sdnc/templates/statefulset.yaml
+++ b/kubernetes/sdnc/templates/statefulset.yaml
@@ -202,6 +202,9 @@
           volumeMounts:
 {{ include "common.certInitializer.volumeMount" . | indent 10 }}
 {{ include "common.certServiceClient.volumeMounts" . | indent 10 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumeMounts" . | indent 10 }}
+{{- end }}
           - mountPath: /etc/localtime
             name: localtime
             readOnly: true
@@ -319,6 +322,9 @@
   {{ else }}
 {{ include "common.certInitializer.volumes" . | nindent 8 }}
 {{ include "common.certServiceClient.volumes" . | nindent 8 }}
+{{- if and .Values.global.cmpv2Enabled .Values.global.CMPv2CertManagerIntegration }}
+{{ include "common.certManager.volumes" . | nindent 8 }}
+{{- end }}
   volumeClaimTemplates:
   - metadata:
       name: {{ include "common.fullname" . }}-data
diff --git a/kubernetes/sdnc/values.yaml b/kubernetes/sdnc/values.yaml
index 868a083..5a4d204 100644
--- a/kubernetes/sdnc/values.yaml
+++ b/kubernetes/sdnc/values.yaml
@@ -117,10 +117,6 @@
     login: '{{ .Values.config.scaleoutUser }}'
     password: '{{ .Values.config.scaleoutPassword }}'
     passwordPolicy: required
-  - uid: keystore-password
-    type: password
-    password: secret
-    passwordPolicy: required
 #################################################################
 # Certificates
 #################################################################
@@ -129,16 +125,16 @@
     commonName: sdnc.simpledemo.onap.org
     dnsNames:
         - sdnc.simpledemo.onap.org
-    p12Keystore:
-      create: true
+    keystore:
+      outputType:
+        - jks
       passwordSecretRef:
-        name: keystore-password
+        name: sdnc-cmpv2-keystore-password
         key: password
-    jksKeystore:
-      create: true
-      passwordSecretRef:
-        name: keystore-password
-        key: password
+    issuer:
+      group: certmanager.onap.org
+      kind: CMPv2Issuer
+      name: cmpv2-issuer-onap
 #################################################################
 # Application configuration defaults.
 #################################################################
diff --git a/tox.ini b/tox.ini
index 1de0620..7c7060f 100644
--- a/tox.ini
+++ b/tox.ini
@@ -23,6 +23,18 @@
 deps = -rdocs/requirements-docs.txt
 commands = sphinx-build -W -b linkcheck -d {envtmpdir}/doctrees ./docs/ {toxinidir}/docs/_build/linkcheck
 
+[testenv:spelling]
+#basepython = python3
+whitelist_externals = wget
+deps =
+    -rdocs/requirements-docs.txt
+    sphinxcontrib-spelling
+    PyEnchant
+changedir={toxinidir}/docs
+commands =
+    wget -nv https://git.onap.org/doc/plain/docs/spelling_wordlist.txt -O spelling_wordlist.txt
+    sphinx-build -b spelling -d {envtmpdir}/doctrees . _build/spelling
+
 [testenv:gitlint]
 basepython = python3
 deps =