Policy config segreggation
Issue-ID: OOM-553
Change-Id: I8dab41aea5b0fad1395f6deb47b2faa6f7dcbdbc
Signed-off-by: vaibhav_16dec <vaibhav.chopra@amdocs.com>
diff --git a/kubernetes/config/docker/init/src/config/policy/drools/settings.xml b/kubernetes/policy/resources/config/drools/settings.xml
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/drools/settings.xml
rename to kubernetes/policy/resources/config/drools/settings.xml
diff --git a/kubernetes/config/docker/init/src/config/log/policy/drools/logback.xml b/kubernetes/policy/resources/config/log/drools/logback.xml
similarity index 100%
rename from kubernetes/config/docker/init/src/config/log/policy/drools/logback.xml
rename to kubernetes/policy/resources/config/log/drools/logback.xml
diff --git a/kubernetes/config/docker/init/src/config/log/policy/ep_sdk_app/logback.xml b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
similarity index 100%
rename from kubernetes/config/docker/init/src/config/log/policy/ep_sdk_app/logback.xml
rename to kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
diff --git a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/resources/config/log/filebeat/filebeat.yml
new file mode 100644
index 0000000..f316b86
--- /dev/null
+++ b/kubernetes/policy/resources/config/log/filebeat/filebeat.yml
@@ -0,0 +1,41 @@
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["logstash.onap-log:5044"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase
diff --git a/kubernetes/config/docker/init/src/config/log/policy/pypdpserver/logback.xml b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
similarity index 100%
rename from kubernetes/config/docker/init/src/config/log/policy/pypdpserver/logback.xml
rename to kubernetes/policy/resources/config/log/pypdpserver/logback.xml
diff --git a/kubernetes/config/docker/init/src/config/log/policy/xacml-pap-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
similarity index 100%
rename from kubernetes/config/docker/init/src/config/log/policy/xacml-pap-rest/logback.xml
rename to kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
diff --git a/kubernetes/config/docker/init/src/config/log/policy/xacml-pdp-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
similarity index 100%
rename from kubernetes/config/docker/init/src/config/log/policy/xacml-pdp-rest/logback.xml
rename to kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/base.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/base.conf
rename to kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/drools-tweaks.sh
rename to kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/feature-healthcheck.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/feature-healthcheck.conf
rename to kubernetes/policy/resources/config/opt/policy/config/drools/feature-healthcheck.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore
rename to kubernetes/policy/resources/config/opt/policy/config/drools/policy-keystore
Binary files differ
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-management.conf
rename to kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/base.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/base.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw-tweaks.sh
rename to kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/brmsgw.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/console.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/console.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/elk.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/elk.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/mysql.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/mysql.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pap-tweaks.sh
rename to kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pap.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pap.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/paplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/paplp.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp-tweaks.sh
rename to kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdp.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/pdplp.conf
rename to kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
similarity index 100%
rename from kubernetes/config/docker/init/src/config/policy/opt/policy/config/pe/push-policies.sh
rename to kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml
index 5c5f683..c6b633e 100644
--- a/kubernetes/policy/templates/all-services.yaml
+++ b/kubernetes/policy/templates/all-services.yaml
@@ -128,4 +128,4 @@
selector:
app: brmsgw
type: NodePort
-#{{ end }}
\ No newline at end of file
+#{{ end }}
diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml
index 89752ae..667ccc6 100644
--- a/kubernetes/policy/templates/dep-brmsgw.yaml
+++ b/kubernetes/policy/templates/dep-brmsgw.yaml
@@ -49,8 +49,9 @@
hostPath:
path: /etc/localtime
- name: pe
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+ configMap:
+ name: policy-dep-pe-configmap
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml
index 83179fa..afa044a 100644
--- a/kubernetes/policy/templates/dep-drools.yaml
+++ b/kubernetes/policy/templates/dep-drools.yaml
@@ -59,10 +59,12 @@
name: drools
- mountPath: /usr/share/maven/conf/settings.xml
name: drools-settingsxml
+ subPath: settings.xml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /tmp/logback.xml
name: policy-logback
+ subPath: logback.xml
lifecycle:
postStart:
exec:
@@ -73,6 +75,7 @@
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
+ subPath: filebeat.yml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /usr/share/filebeat/data
@@ -82,21 +85,37 @@
hostPath:
path: /etc/localtime
- name: filebeat-conf
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+ configMap:
+ name: policy-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- name: policy-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/drools/logback.xml
+ configMap:
+ name: policy-drools-log-configmap
- name: drools-settingsxml
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/drools/settings.xml
+ configMap:
+ name: policy-dep-drools-settings-configmap
- name: drools
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/drools/
+ secret:
+ secretName: policy-dep-drools-secret
+ items:
+ - key: policy-keystore
+ path: policy-keystore
+ mode: 0644
+ - key: feature-healthcheck.conf
+ path: feature-healthcheck.conf
+ mode: 0644
+ - key: base.conf
+ path: base.conf
+ mode: 0755
+ - key: policy-management.conf
+ path: policy-management.conf
+ mode: 0755
+ - key: drools-tweaks.sh
+ path: drools-tweaks.sh
+ mode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml
index a19fd24..d3d5ff3 100644
--- a/kubernetes/policy/templates/dep-pap.yaml
+++ b/kubernetes/policy/templates/dep-pap.yaml
@@ -71,8 +71,10 @@
name: policy-logs
- mountPath: /tmp/policy-install/logback.xml
name: policy-sdk-logback
+ subPath: logback.xml
- mountPath: /tmp/logback.xml
name: policy-logback
+ subPath: logback.xml
lifecycle:
postStart:
exec:
@@ -83,6 +85,7 @@
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
+ subPath: filebeat.yml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /usr/share/filebeat/data
@@ -92,21 +95,22 @@
hostPath:
path: /etc/localtime
- name: filebeat-conf
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+ configMap:
+ name: policy-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- name: policy-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/xacml-pap-rest/logback.xml
+ configMap:
+ name: policy-pap-log-configmap
- name: policy-sdk-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/ep_sdk_app/logback.xml
+ configMap:
+ name: policy-sdk-log-configmap
- name: pe
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+ configMap:
+ name: policy-dep-pe-configmap
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml
index 1f66396..b62e280 100644
--- a/kubernetes/policy/templates/dep-pdp.yaml
+++ b/kubernetes/policy/templates/dep-pdp.yaml
@@ -55,6 +55,7 @@
name: policy-logs
- mountPath: /tmp/logback.xml
name: policy-logback
+ subPath: logback.xml
lifecycle:
postStart:
exec:
@@ -65,6 +66,7 @@
volumeMounts:
- mountPath: /usr/share/filebeat/filebeat.yml
name: filebeat-conf
+ subPath: filebeat.yml
- mountPath: /var/log/onap
name: policy-logs
- mountPath: /usr/share/filebeat/data
@@ -74,18 +76,19 @@
hostPath:
path: /etc/localtime
- name: filebeat-conf
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/filebeat/logback/filebeat.yml
+ configMap:
+ name: policy-filebeat-configmap
- name: policy-logs
emptyDir: {}
- name: policy-data-filebeat
emptyDir: {}
- name: policy-logback
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/log/policy/xacml-pdp-rest/logback.xml
+ configMap:
+ name: policy-pdp-log-configmap
- name: pe
- hostPath:
- path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/pe/
+ configMap:
+ name: policy-dep-pe-configmap
+ defaultMode: 0755
imagePullSecrets:
- name: "{{ .Values.nsPrefix }}-docker-registry-key"
#{{ end }}
diff --git a/kubernetes/policy/templates/policy-deployment-configmap.yaml b/kubernetes/policy/templates/policy-deployment-configmap.yaml
new file mode 100644
index 0000000..b1db02b
--- /dev/null
+++ b/kubernetes/policy/templates/policy-deployment-configmap.yaml
@@ -0,0 +1,19 @@
+#{{ if not .Values.disablePolicyDrools }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-dep-drools-settings-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/drools/settings.xml").AsConfig | indent 2 }}
+#{{ end }}
+---
+#{{ if not .Values.disablePolicyPdp }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-dep-pe-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/opt/policy/config/pe/*").AsConfig | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/templates/policy-deployment-secret.yaml
new file mode 100644
index 0000000..99a807b
--- /dev/null
+++ b/kubernetes/policy/templates/policy-deployment-secret.yaml
@@ -0,0 +1,10 @@
+#{{ if not .Values.disablePolicyDrools }}
+apiVersion: v1
+kind: Secret
+metadata:
+ name: policy-dep-drools-secret
+ namespace: {{ .Values.nsPrefix }}-policy
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsSecrets . | indent 2 }}
+#{{ end }}
diff --git a/kubernetes/policy/templates/policy-log-configmap.yaml b/kubernetes/policy/templates/policy-log-configmap.yaml
new file mode 100644
index 0000000..24ad45e
--- /dev/null
+++ b/kubernetes/policy/templates/policy-log-configmap.yaml
@@ -0,0 +1,45 @@
+#{{ if not .Values.disablePolicyPap }}
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-pap-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/xacml-pap-rest/*").AsConfig | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-sdk-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/ep_sdk_app/*").AsConfig | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-filebeat-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/filebeat/*").AsConfig | indent 2 }}
+#{{ end }}
+#{{ if not .Values.disablePolicyPdp }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-pdp-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/xacml-pdp-rest/*").AsConfig | indent 2 }}
+#{{ end }}
+#{{ if not .Values.disablePolicyDrools }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: policy-drools-log-configmap
+ namespace: {{ .Values.nsPrefix }}-policy
+data:
+{{ (.Files.Glob "resources/config/log/drools/*").AsConfig | indent 2 }}
+#{{ end }}