Add Standardized Configuration to POLICY

Change-Id: Iabdb2bba14b5095c08ff2920aec97a213e0acb30
Issue-ID: OOM-745
Signed-off-by: mayankg2703 <mayank.gupta@amdocs.com>
Signed-off-by: Mike Elliott <mike.elliott@amdocs.com>
Signed-off-by: Mandeep Khinda <mandeep.khinda@amdocs.com>
diff --git a/kubernetes/onap/requirements.yaml b/kubernetes/onap/requirements.yaml
index 2bcf0bf..08b6437 100644
--- a/kubernetes/onap/requirements.yaml
+++ b/kubernetes/onap/requirements.yaml
@@ -73,7 +73,7 @@
     repository: '@local'
     condition: multicloud.enabled
   - name: policy
-    version: ~0.1.0
+    version: ~2.0.0
     repository: '@local'
     condition: policy.enabled
   - name: portal
diff --git a/kubernetes/policy/.helmignore b/kubernetes/policy/.helmignore
new file mode 100644
index 0000000..f0c1319
--- /dev/null
+++ b/kubernetes/policy/.helmignore
@@ -0,0 +1,21 @@
+# Patterns to ignore when building packages.
+# This supports shell glob matching, relative path matching, and
+# negation (prefixed with !). Only one pattern per line.
+.DS_Store
+# Common VCS dirs
+.git/
+.gitignore
+.bzr/
+.bzrignore
+.hg/
+.hgignore
+.svn/
+# Common backup files
+*.swp
+*.bak
+*.tmp
+*~
+# Various IDEs
+.project
+.idea/
+*.tmproj
diff --git a/kubernetes/policy/Chart.yaml b/kubernetes/policy/Chart.yaml
index b178495..d033bf1 100644
--- a/kubernetes/policy/Chart.yaml
+++ b/kubernetes/policy/Chart.yaml
@@ -13,6 +13,6 @@
 # limitations under the License.
 
 apiVersion: v1
-description: A Helm chart for Kubernetes
+description: Policy access point
 name: policy
-version: 0.1.0
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/brmsgw/Chart.yaml
similarity index 69%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/brmsgw/Chart.yaml
index 59bfa11..d6aafe4 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/brmsgw/Chart.yaml
@@ -12,13 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+description: Policy BRMS GW
+name: brmsgw
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/brmsgw/requirements.yaml
similarity index 68%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/brmsgw/requirements.yaml
index 59bfa11..f639633 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/brmsgw/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh
old mode 100755
new mode 100644
similarity index 64%
rename from kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
rename to kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh
index daa3596..5c3a2a1
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw-tweaks.sh
+++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw-tweaks.sh
@@ -1,3 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 #! /bin/bash
 
 PROPS_BUILD="${POLICY_HOME}/etc/build.info"
diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
new file mode 100644
index 0000000..6a0012d
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf
@@ -0,0 +1,67 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# BRMSpep component installation configuration parameters
+BRMSGW_JMX_PORT=9989
+
+COMPONENT_X_MX_MB=1024
+COMPONENT_X_MS_MB=1024
+
+REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/
+REST_PDP_ID=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/
+
+PDP_HTTP_USER_ID=testpdp
+PDP_HTTP_PASSWORD=alpha123
+PDP_PAP_PDP_HTTP_USER_ID=testpap
+PDP_PAP_PDP_HTTP_PASSWORD=alpha123
+
+M2_HOME=/usr/share/maven
+snapshotRepositoryID=policy-nexus-snapshots
+snapshotRepositoryName=Snapshots
+snapshotRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/snapshots
+releaseRepositoryID=policy-nexus-releases
+releaseRepositoryName=Releases
+releaseRepositoryURL=http://{{ .Release.Name }}-{{ .Values.global.nexus.nameOverride }}:8081/nexus/content/repositories/releases
+repositoryUsername=admin
+repositoryPassword=admin123
+UEB_URL=dmaap
+UEB_TOPIC=PDPD-CONFIGURATION
+UEB_API_KEY=
+UEB_API_SECRET=
+
+groupID=org.onap.policy-engine
+artifactID=drlPDPGroup
+AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam
+AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules
+
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=brmsgw_1
+node_type=brms_gateway
+
+#Environment should be Set either DEV, TEST or PROD
+ENVIRONMENT=TEST
+
+#Notification Properties... type can be either websocket, ueb, or dmaap
+BRMS_NOTIFICATION_TYPE=websocket
+BRMS_UEB_URL=dmaap
+BRMS_UEB_TOPIC=PDPD-CONFIGURATION
+BRMS_UEB_DELAY=
+BRMS_CLIENT_ID=python
+BRMS_CLIENT_KEY=dGVzdA==
+BRMS_UEB_API_KEY=
+BRMS_UEB_API_SECRET=
+
+#Dependency.json file version
+BRMS_DEPENDENCY_VERSION=1.2.0
+
diff --git a/kubernetes/policy/charts/brmsgw/templates/NOTES.txt b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml
similarity index 71%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/brmsgw/templates/configmap.yaml
index 59bfa11..054338b 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/brmsgw/templates/configmap.yaml
@@ -12,13 +12,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
+kind: ConfigMap
 metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
+  name: {{ include "common.fullname" . }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
 data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/policy/charts/brmsgw/templates/deployment.yaml b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
new file mode 100644
index 0000000..cd715e4
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/deployment.yaml
@@ -0,0 +1,109 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.pap.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+      - command:
+        - /bin/bash
+        - ./do-start.sh
+        - brmsgw
+        name: {{ include "common.name" . }}
+        image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        ports:
+        - containerPort: {{ .Values.service.externalPort }}
+        {{- if eq .Values.liveness.enabled true }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.liveness.periodSeconds }}
+        {{- end }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readiness.periodSeconds }}
+        volumeMounts:
+        - mountPath: /etc/localtime
+          name: localtime
+          readOnly: true
+        - mountPath: /tmp/policy-install/config
+          name: pe-brmsgw
+        - mountPath: /tmp/policy-install/config/base.conf
+          name: pe
+          subPath: base.conf
+        - mountPath: /tmp/policy-install/do-start.sh
+          name: pe-scripts
+          subPath: do-start.sh
+        resources:
+{{ toYaml .Values.resources | indent 12 }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+      {{- end -}}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+      {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: pe
+          configMap:
+            name: {{ .Release.Name }}-pe-configmap
+            defaultMode: 0755
+        - name: pe-scripts
+          configMap:
+            name: {{ .Release.Name }}-pe-scripts-configmap
+            defaultMode: 0777
+        - name: pe-brmsgw
+          configMap:
+            name: {{ include "common.fullname" . }}-pe-configmap
+            defaultMode: 0755
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/brmsgw/templates/service.yaml b/kubernetes/policy/charts/brmsgw/templates/service.yaml
new file mode 100644
index 0000000..ebec058
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/templates/service.yaml
@@ -0,0 +1,39 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
diff --git a/kubernetes/policy/charts/brmsgw/values.yaml b/kubernetes/policy/charts/brmsgw/values.yaml
new file mode 100644
index 0000000..3890e9e
--- /dev/null
+++ b/kubernetes/policy/charts/brmsgw/values.yaml
@@ -0,0 +1,87 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-pe:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: false
+
+readiness:
+  initialDelaySeconds: 30
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: brmsgw
+  externalPort: 9989
+  nodePort: 16
+
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/Chart.yaml
similarity index 69%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/Chart.yaml
index 59bfa11..4f753c0 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/Chart.yaml
@@ -12,13 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+description: Drools Policy Engine 
+name: drools
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml
similarity index 69%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/charts/nexus/Chart.yaml
index 59bfa11..65916b6 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/charts/nexus/Chart.yaml
@@ -12,13 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+description: Policy Nexus
+name: nexus
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml
similarity index 67%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/charts/nexus/requirements.yaml
index 59bfa11..f639633 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/charts/nexus/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt
new file mode 100644
index 0000000..57947a6
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml
new file mode 100644
index 0000000..910ade9
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/templates/deployment.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.mariadb.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.internalPort }}
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end -}}
+          readinessProbe:
+            httpGet:
+              path: {{ .Values.readiness.path }}
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml
new file mode 100644
index 0000000..5447d91
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/templates/service.yaml
@@ -0,0 +1,32 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  ports:
+    - port: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  clusterIP: None
diff --git a/kubernetes/policy/charts/drools/charts/nexus/values.yaml b/kubernetes/policy/charts/drools/charts/nexus/values.yaml
new file mode 100644
index 0000000..f8d80b0
--- /dev/null
+++ b/kubernetes/policy/charts/drools/charts/nexus/values.yaml
@@ -0,0 +1,86 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-nexus:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  path: /nexus/service/local/status
+
+service:
+  type: NodePort
+  name: nexus
+  internalPort: 8081
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/requirements.yaml
similarity index 68%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/requirements.yaml
index 59bfa11..f639633 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/resources/config/drools/settings.xml b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml
similarity index 66%
rename from kubernetes/policy/resources/config/drools/settings.xml
rename to kubernetes/policy/charts/drools/resources/config/drools/settings.xml
index 2a9e2a0..e899a00 100755
--- a/kubernetes/policy/resources/config/drools/settings.xml
+++ b/kubernetes/policy/charts/drools/resources/config/drools/settings.xml
@@ -1,23 +1,19 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
- ============LICENSE_START=======================================================
- Base Package
- ================================================================================
- Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
- ================================================================================
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
-
-      http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
- ============LICENSE_END=========================================================
- -->
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
 
 <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
 
@@ -51,7 +47,7 @@
       <repositories>
         <repository>
           <id>policy-nexus-snapshots</id>
-          <url>http://nexus:8081/nexus/content/repositories/snapshots/</url>
+          <url>http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/</url>
           <releases>
             <enabled>false</enabled>
             <updatePolicy>always</updatePolicy>
@@ -64,7 +60,7 @@
 
         <repository>
           <id>policy-nexus-releases</id>
-          <url>http://nexus:8081/nexus/content/repositories/releases/</url>
+          <url>http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/</url>
           <releases>
             <enabled>true</enabled>
             <updatePolicy>always</updatePolicy>
diff --git a/kubernetes/policy/resources/config/log/drools/logback.xml b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml
similarity index 76%
rename from kubernetes/policy/resources/config/log/drools/logback.xml
rename to kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml
index daecf97..4b058f1 100644
--- a/kubernetes/policy/resources/config/log/drools/logback.xml
+++ b/kubernetes/policy/charts/drools/resources/config/log/drools/logback.xml
@@ -1,107 +1,103 @@
-<!--

-  ============LICENSE_START=======================================================

-  policy-management

-  ================================================================================

-  Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.

-  ================================================================================

-  Licensed under the Apache License, Version 2.0 (the "License");

-  you may not use this file except in compliance with the License.

-  You may obtain a copy of the License at

-

-       http://www.apache.org/licenses/LICENSE-2.0

-

-  Unless required by applicable law or agreed to in writing, software

-  distributed under the License is distributed on an "AS IS" BASIS,

-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-  See the License for the specific language governing permissions and

-  limitations under the License.

-  ============LICENSE_END=========================================================

-  -->

-

-<configuration scan="true" scanPeriod="30 seconds" debug="false">

-

-	<property name="logDir" value="/var/log/onap" />

-

-	<property name="errorLog" value="error" />

-	<property name="debugLog" value="debug" />

-	<property name="networkLog" value="network" />

-

-	<property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />

-	<property name="errorPattern" value="${debugPattern}" />

-	<property name="networkPattern" value="[%d|%t]%m%n" />

-

-	<appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">

-		<file>${logDir}/${errorLog}.log</file>

-		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">

-			<fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>

-			<minIndex>1</minIndex>

-			<maxIndex>5</maxIndex>

-		</rollingPolicy>

-		<filter class="ch.qos.logback.classic.filter.ThresholdFilter">

-			<level>WARN</level>

-		</filter>

-		<triggeringPolicy

-			class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">

-			<maxFileSize>15MB</maxFileSize>

-		</triggeringPolicy>

-		<encoder>

-			<pattern>${errorPattern}</pattern>

-		</encoder>

-	</appender>

-

-	<appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">

-		<appender-ref ref="ErrorOut" />

-	</appender>

-

-	<appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">

-		<file>${logDir}/${debugLog}.log</file>

-		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">

-			<fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>

-			<minIndex>1</minIndex>

-			<maxIndex>9</maxIndex>

-		</rollingPolicy>

-		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">

-			<maxFileSize>20MB</maxFileSize>

-		</triggeringPolicy>

-		<encoder>

-			<pattern>${debugPattern}</pattern>

-		</encoder>

-	</appender>

-

-	<appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">

-		<appender-ref ref="DebugOut" />

-	</appender>

-

-	<appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">

-		<file>${logDir}/${networkLog}.log</file>

-		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">

-			<fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>

-			<minIndex>1</minIndex>

-			<maxIndex>9</maxIndex>

-		</rollingPolicy>

-		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">

-			<maxFileSize>15MB</maxFileSize>

-		</triggeringPolicy>

-		<encoder>

-			<pattern>${networkPattern}</pattern>

-		</encoder>

-	</appender>

-

-	<appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">

-		<appender-ref ref="NetworkOut" />

-	</appender>

-

-	<logger name="network" level="INFO" additivity="false">

-		<appender-ref ref="AsyncNetworkOut" />

-	</logger>

-

-	<logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">

-		<appender-ref ref="AsyncNetworkOut" />

-	</logger>

-

-	<root level="INFO">

-		<appender-ref ref="AsyncDebugOut" />

-		<appender-ref ref="AsyncErrorOut" />

-	</root>

-

-</configuration>
\ No newline at end of file
+<!--
+# Copyright © 2017 Amdocs, Bell Canada,AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+
+<configuration scan="true" scanPeriod="30 seconds" debug="false">
+
+	<property name="logDir" value="/var/log/onap" />
+
+	<property name="errorLog" value="error" />
+	<property name="debugLog" value="debug" />
+	<property name="networkLog" value="network" />
+
+	<property name="debugPattern" value="[%date|%level|%logger{0}|%thread] %msg%n" />
+	<property name="errorPattern" value="${debugPattern}" />
+	<property name="networkPattern" value="[%d|%t]%m%n" />
+
+	<appender name="ErrorOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${logDir}/${errorLog}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+			<fileNamePattern>${logDir}/${errorLog}.%i.log.zip</fileNamePattern>
+			<minIndex>1</minIndex>
+			<maxIndex>5</maxIndex>
+		</rollingPolicy>
+		<filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+			<level>WARN</level>
+		</filter>
+		<triggeringPolicy
+			class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+			<maxFileSize>15MB</maxFileSize>
+		</triggeringPolicy>
+		<encoder>
+			<pattern>${errorPattern}</pattern>
+		</encoder>
+	</appender>
+
+	<appender name="AsyncErrorOut" class="ch.qos.logback.classic.AsyncAppender">
+		<appender-ref ref="ErrorOut" />
+	</appender>
+
+	<appender name="DebugOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${logDir}/${debugLog}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+			<fileNamePattern>${logDir}/${debugLog}.%i.log.zip</fileNamePattern>
+			<minIndex>1</minIndex>
+			<maxIndex>9</maxIndex>
+		</rollingPolicy>
+		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+			<maxFileSize>20MB</maxFileSize>
+		</triggeringPolicy>
+		<encoder>
+			<pattern>${debugPattern}</pattern>
+		</encoder>
+	</appender>
+
+	<appender name="AsyncDebugOut" class="ch.qos.logback.classic.AsyncAppender">
+		<appender-ref ref="DebugOut" />
+	</appender>
+
+	<appender name="NetworkOut" class="ch.qos.logback.core.rolling.RollingFileAppender">
+		<file>${logDir}/${networkLog}.log</file>
+		<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+			<fileNamePattern>${logDir}/${networkLog}.%i.log.zip</fileNamePattern>
+			<minIndex>1</minIndex>
+			<maxIndex>9</maxIndex>
+		</rollingPolicy>
+		<triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+			<maxFileSize>15MB</maxFileSize>
+		</triggeringPolicy>
+		<encoder>
+			<pattern>${networkPattern}</pattern>
+		</encoder>
+	</appender>
+
+	<appender name="AsyncNetworkOut" class="ch.qos.logback.classic.AsyncAppender">
+		<appender-ref ref="NetworkOut" />
+	</appender>
+
+	<logger name="network" level="INFO" additivity="false">
+		<appender-ref ref="AsyncNetworkOut" />
+	</logger>
+
+	<logger name="org.eclipse.jetty.server.RequestLog" level="info" additivity="false">
+		<appender-ref ref="AsyncNetworkOut" />
+	</logger>
+
+	<root level="INFO">
+		<appender-ref ref="AsyncDebugOut" />
+		<appender-ref ref="AsyncErrorOut" />
+	</root>
+
+</configuration>
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
old mode 100755
new mode 100644
similarity index 65%
rename from kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
rename to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
index e5bbd66..aec7bf2
--- a/kubernetes/policy/resources/config/opt/policy/config/drools/base.conf
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf
@@ -1,27 +1,21 @@
-###
-# ============LICENSE_START=======================================================
-# ONAP POLICY
-# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
-#      http://www.apache.org/licenses/LICENSE-2.0
+#       http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-# ============LICENSE_END=========================================================
-###
-
 
 # SYSTEM software configuration 
 
 POLICY_HOME=/opt/app/policy
+POLICY_LOGS=/var/log/ONAP/policy
 JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
 KEYSTORE_PASSWD=PolicyR0ck$
 
@@ -35,22 +29,22 @@
 # nexus repository
 
 snapshotRepositoryID=policy-nexus-snapshots
-snapshotRepositoryUrl=http://nexus:8081/nexus/content/repositories/snapshots/
+snapshotRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/snapshots/
 releaseRepositoryID=policy-nexus-releases
-releaseRepositoryUrl=http://nexus:8081/nexus/content/repositories/releases/
+releaseRepositoryUrl=http://{{.Release.Name}}-{{.Values.global.nexus.nameOverride}}:8081/nexus/content/repositories/releases/
 repositoryUsername=admin
 repositoryPassword=admin123
 
 # Relational (SQL) DB access 
 
-SQL_HOST=mariadb.{{.Values.nsPrefix}}
+SQL_HOST={{.Release.Name}}-{{.Values.global.mariadb.nameOverride}}
 SQL_USER=policy_user
 SQL_PASSWORD=policy_user
 
 # PDP-D DMaaP configuration channel
 
 PDPD_CONFIGURATION_TOPIC=PDPD-CONFIGURATION
-PDPD_CONFIGURATION_SERVERS=dmaap.{{.Values.nsPrefix}}
+PDPD_CONFIGURATION_SERVERS=dmaap
 PDPD_CONFIGURATION_API_KEY=
 PDPD_CONFIGURATION_API_SECRET=
 PDPD_CONFIGURATION_CONSUMER_GROUP=
@@ -59,13 +53,13 @@
 
 # PAP
 
-PAP_HOST=pap.{{.Values.nsPrefix}}
+PAP_HOST={{.Release.Name}}-{{.Values.global.pap.nameOverride}}
 PAP_USERNAME=testpap
 PAP_PASSWORD=alpha123
 
 # PDP-X
 
-PDP_HOST=pdp.{{.Values.nsPrefix}}
+PDP_HOST={{.Release.Name}}-{{.Values.global.pdp.nameOverride}}
 PDP_USERNAME=testpdp
 PDP_PASSWORD=alpha123
 PDP_CLIENT_USERNAME=python
@@ -75,11 +69,11 @@
 # DCAE DMaaP
 
 DCAE_TOPIC=unauthenticated.DCAE_CL_OUTPUT
-DCAE_SERVERS=dmaap.{{.Values.nsPrefix}}
+DCAE_SERVERS=dmaap
 
 # Open DMaaP
 
-DMAAP_SERVERS=dmaap.{{.Values.nsPrefix}}
+DMAAP_SERVERS=dmaap
 
 # AAI
 
@@ -89,7 +83,7 @@
 
 # MSO
 
-SO_URL=http://mso.{{.Values.nsPrefix}}:8080/ecomp/mso/infra
+SO_URL=http://mso:8080/ecomp/mso/infra
 SO_USERNAME=InfraPortalClient
 SO_PASSWORD=password1$
 
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
index 59bfa11..62822ac 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/drools-tweaks.sh
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+#! /bin/bash
+
+${POLICY_HOME}/bin/features enable healthcheck
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
index 59bfa11..cbb45a5 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,5 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+HEALTHCHECK_USER=healthcheck
+HEALTHCHECK_PASSWORD=zb!XztG34
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/policy-keystore b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore
similarity index 100%
rename from kubernetes/policy/resources/config/opt/policy/config/drools/keys/policy-keystore
rename to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/keys/policy-keystore
Binary files differ
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
index 59bfa11..c2ccefe 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/policy-management.conf
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+CONTROLLER_ARTIFACT_ID=policy-management
+CONTROLLER_NAME=policy-management-controller
+CONTROLLER_PORT=9696
+RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT
+UEB_TOPIC=policyengine-develop
diff --git a/kubernetes/policy/charts/drools/resources/scripts/do-start.sh b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh
new file mode 100644
index 0000000..1c40e11
--- /dev/null
+++ b/kubernetes/policy/charts/drools/resources/scripts/do-start.sh
@@ -0,0 +1,50 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash
+
+# skip installation if build.info file is present (restarting an existing container)
+if [[ -f /opt/app/policy/etc/build.info ]]; then
+	echo "Found existing installation, will not reinstall"
+	. /opt/app/policy/etc/profile.d/env.sh
+else 
+	# replace conf files from installer with environment-specific files
+	# mounted from the hosting VM
+	if [[ -d config ]]; then
+		cp config/*.conf .
+	fi
+
+	./docker-install.sh
+
+	. /opt/app/policy/etc/profile.d/env.sh
+
+	# install policy keystore
+	mkdir -p $POLICY_HOME/etc/ssl
+	cp config/policy-keystore $POLICY_HOME/etc/ssl
+
+	if [[ -x config/drools-tweaks.sh ]] ; then
+		echo "Executing tweaks"
+		# file may not be executable; running it as an
+		# argument to bash avoids needing execute perms.
+		bash config/drools-tweaks.sh
+	fi
+
+	# sql provisioning scripts should be invoked here.
+fi
+
+echo "Starting processes"
+
+policy start
+
+sleep 1000d
diff --git a/kubernetes/policy/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
old mode 100755
new mode 100644
similarity index 85%
rename from kubernetes/policy/scripts/update-vfw-op-policy.sh
rename to kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
index 39483a0..a6c054d
--- a/kubernetes/policy/scripts/update-vfw-op-policy.sh
+++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh
@@ -1,3 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 #!/bin/bash
 
 if [ "$#" -ne 4 ]; then
diff --git a/kubernetes/policy/charts/drools/templates/NOTES.txt b/kubernetes/policy/charts/drools/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/templates/policy-deployment-configmap.yaml b/kubernetes/policy/charts/drools/templates/configmap.yaml
similarity index 60%
rename from kubernetes/policy/templates/policy-deployment-configmap.yaml
rename to kubernetes/policy/charts/drools/templates/configmap.yaml
index 9998b2c..36f458f 100644
--- a/kubernetes/policy/templates/policy-deployment-configmap.yaml
+++ b/kubernetes/policy/charts/drools/templates/configmap.yaml
@@ -12,30 +12,35 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: policy-dep-drools-settings-configmap
-  namespace: {{ .Values.nsPrefix }}
+  name: {{ include "common.fullname" . }}-settings-configmap
+  namespace: {{ include "common.namespace" . }}
 data:
 {{ tpl (.Files.Glob "resources/config/drools/settings.xml").AsConfig . | indent 2 }}
-#{{ end }}
----
-#{{ if not .Values.disablePolicyPdp }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-dep-pe-configmap
-  namespace: {{ .Values.nsPrefix }}
-data:
-{{ tpl (.Files.Glob "resources/config/opt/policy/config/pe/*").AsConfig . | indent 2 }}
 ---
 apiVersion: v1
 kind: ConfigMap
 metadata:
-  name: policy-dep-drools-configmap
-  namespace: {{ .Values.nsPrefix }}
+  name: {{ include "common.fullname" . }}-configmap
+  namespace: {{ include "common.namespace" . }}
 data:
 {{ tpl (.Files.Glob "resources/config/opt/policy/config/drools/*").AsConfig . | indent 2 }}
-#{{ end }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-script-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/scripts/do-start.sh*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/drools/logback.xml").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/policy/charts/drools/templates/deployment.yaml b/kubernetes/policy/charts/drools/templates/deployment.yaml
new file mode 100644
index 0000000..349f882
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/deployment.yaml
@@ -0,0 +1,180 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.mariadb.nameOverride }}
+        - --container-name
+        - {{ .Values.global.nexus.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      hostAliases:
+      - ip: "{{ .Values.aaiServiceClusterIp }}"
+        hostnames:
+        - "aai.api.simpledemo.openecomp.org"
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.externalPort }}
+          - containerPort: {{ .Values.service.externalPort2 }}
+          command:
+          - /bin/bash
+          - -c
+          - ./do-start.sh
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.externalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{- end }}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.service.externalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          env:
+          - name: REPLICAS
+            value: "{{ .Values.replicaCount }}"
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /tmp/policy-install/config/policy-keystore
+            name: drools-secret
+            subPath: policy-keystore
+          - mountPath: /tmp/policy-install/config/feature-healthcheck.conf
+            name: drools-secret
+            subPath: feature-healthcheck.conf
+          - mountPath: /tmp/policy-install/config/base.conf
+            name: drools-config
+            subPath: base.conf
+          - mountPath: /tmp/policy-install/config/policy-management.conf
+            name: drools-config
+            subPath: policy-management.conf
+          - mountPath: /tmp/policy-install/config/drools-tweaks.sh
+            name: drools-config
+            subPath: drools-tweaks.sh
+          - mountPath: /usr/share/maven/conf/settings.xml
+            name: drools-settingsxml
+            subPath: settings.xml
+          - mountPath: /var/log/onap
+            name: policy-logs
+          - mountPath: /tmp/logback.xml
+            name: policy-logback
+            subPath: logback.xml
+          - mountPath: /tmp/policy-install/do-start.sh
+            name: pe-scripts
+            subPath: do-start.sh
+          lifecycle:
+            postStart:
+              exec:
+                command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.loggingImage }}"
+          imagePullPolicy: {{ .Values.pullPolicy }}
+          name: filebeat-onap
+          volumeMounts:
+          - mountPath: /usr/share/filebeat/filebeat.yml
+            name: filebeat-conf
+            subPath: filebeat.yml
+          - mountPath: /var/log/onap
+            name: policy-logs
+          - mountPath: /usr/share/filebeat/data
+            name: policy-data-filebeat
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: filebeat-conf
+          configMap:
+            name: {{ .Release.Name }}-filebeat-configmap
+        - name: policy-logs
+          emptyDir: {}
+        - name: policy-data-filebeat
+          emptyDir: {}
+        - name: policy-logback
+          configMap:
+            name: {{ include "common.fullname" . }}-log-configmap
+        - name: drools-settingsxml
+          configMap:
+            name: {{ include "common.fullname" . }}-settings-configmap
+        - name: drools-config
+          configMap:
+            name: {{ include "common.fullname" . }}-configmap
+            items:
+            - key: base.conf
+              path: base.conf
+              mode: 0755
+            - key: policy-management.conf
+              path: policy-management.conf
+              mode: 0755
+            - key: drools-tweaks.sh
+              path: drools-tweaks.sh
+              mode: 0755
+        - name: drools-secret
+          secret:
+            secretName: {{ include "common.fullname" . }}-secret
+            items:
+            - key: policy-keystore
+              path: policy-keystore
+              mode: 0644
+            - key: feature-healthcheck.conf
+              path: feature-healthcheck.conf
+              mode: 0644
+        - name: pe-scripts
+          configMap:
+            name: {{ include "common.fullname" . }}-script-configmap
+            defaultMode: 0777
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/drools/templates/secrets.yaml
similarity index 71%
rename from kubernetes/policy/templates/policy-deployment-secret.yaml
rename to kubernetes/policy/charts/drools/templates/secrets.yaml
index 59bfa11..18f5f16 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/drools/templates/secrets.yaml
@@ -12,13 +12,16 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
 kind: Secret
 metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
+  name: {{ include "common.fullname" . }}-secret
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
 data:
 {{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+type: Opaque
diff --git a/kubernetes/policy/charts/drools/templates/service.yaml b/kubernetes/policy/charts/drools/templates/service.yaml
new file mode 100644
index 0000000..4335f7c
--- /dev/null
+++ b/kubernetes/policy/charts/drools/templates/service.yaml
@@ -0,0 +1,42 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}-{{ .Values.service.externalPort }}
+    - port: {{ .Values.service.externalPort2 }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+      name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }}
+    {{- else -}}
+    - port: {{ .Values.service.type.externalPort }}
+      targetPort: {{ .Values.service.type.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
diff --git a/kubernetes/policy/charts/drools/values.yaml b/kubernetes/policy/charts/drools/values.yaml
new file mode 100644
index 0000000..14ebe31
--- /dev/null
+++ b/kubernetes/policy/charts/drools/values.yaml
@@ -0,0 +1,91 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+  ubuntuImage: ubuntu:16.04
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-drools:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+aaiServiceClusterIp: 10.43.255.254
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: false
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: drools
+  externalPort: 6969
+  nodePort: 17
+  externalPort2: 9696
+  nodePort2: 21
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/mariadb/Chart.yaml
similarity index 69%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/mariadb/Chart.yaml
index 59bfa11..c420e67 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/mariadb/Chart.yaml
@@ -12,13 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+description: Policy MariaDB Service
+name: mariadb
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/mariadb/requirements.yaml
similarity index 68%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/mariadb/requirements.yaml
index 59bfa11..f639633 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/mariadb/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/charts/mariadb/resources/config/db.sh b/kubernetes/policy/charts/mariadb/resources/config/db.sh
new file mode 100644
index 0000000..ead656e
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/resources/config/db.sh
@@ -0,0 +1,23 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash -xv
+
+for db in support onap_sdk log
+do
+	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "CREATE DATABASE IF NOT EXISTS ${db};"
+	mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "GRANT ALL PRIVILEGES ON \`${db}\`.* TO '${MYSQL_USER}'@'%' ;"
+done
+
+mysql -uroot -p"${MYSQL_ROOT_PASSWORD}" --execute "FLUSH PRIVILEGES;"
diff --git a/kubernetes/policy/charts/mariadb/templates/NOTES.txt b/kubernetes/policy/charts/mariadb/templates/NOTES.txt
new file mode 100644
index 0000000..57947a6
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "common.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/mariadb/templates/configmap.yaml
similarity index 71%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/mariadb/templates/configmap.yaml
index 59bfa11..a819196 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/mariadb/templates/configmap.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
+kind: ConfigMap
 metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
+  name: {{ include "common.fullname" . }}-configmap
+  namespace: {{ include "common.namespace" . }}
 data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+{{ tpl (.Files.Glob "resources/config/db.sh").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/mariadb/templates/deployment.yaml b/kubernetes/policy/charts/mariadb/templates/deployment.yaml
new file mode 100644
index 0000000..65eb02c
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/deployment.yaml
@@ -0,0 +1,100 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      containers:
+        - name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.internalPort }}
+          # disable liveness probe when breakpoints set in debugger
+          # so K8s doesn't restart unresponsive container 
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end -}}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.service.internalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          env:
+          - name: MYSQL_ROOT_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "common.fullname" . }}-secret
+                key: db-root-password
+          - name: MYSQL_USER
+            value: policy_user
+          - name: MYSQL_PASSWORD
+            valueFrom:
+              secretKeyRef:
+                name: {{ template "common.fullname" . }}-secret
+                key: db-user-password
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /docker-entrypoint-initdb.d
+            name: mariadb-conf
+          - mountPath: /var/lib/mysql
+            name: mariadb-data
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: mariadb-conf
+          configMap:
+            name: {{ include "common.fullname" . }}-configmap
+            defaultMode: 0755
+        - name: mariadb-data
+        {{- if .Values.persistence.enabled }}
+          persistentVolumeClaim:
+            claimName: {{ include "common.fullname" . }}
+        {{- else }}
+          emptyDir: {}
+        {{- end }}
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/mariadb/templates/pv.yaml b/kubernetes/policy/charts/mariadb/templates/pv.yaml
new file mode 100644
index 0000000..da117f4
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/pv.yaml
@@ -0,0 +1,37 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolume
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+    name: {{ include "common.fullname" . }}
+spec:
+  capacity:
+    storage: {{ .Values.persistence.size }}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  persistentVolumeReclaimPolicy: {{ .Values.persistence.volumeReclaimPolicy }}
+  hostPath:
+    path: {{ .Values.global.persistence.mountPath | default .Values.persistence.mountPath }}/{{ .Release.Name }}/{{ .Values.persistence.mountSubPath }}
+{{- end -}}
diff --git a/kubernetes/policy/charts/mariadb/templates/pvc.yaml b/kubernetes/policy/charts/mariadb/templates/pvc.yaml
new file mode 100644
index 0000000..e27c331
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/pvc.yaml
@@ -0,0 +1,48 @@
+{{/*
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+*/}}
+
+{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) -}}
+kind: PersistentVolumeClaim
+apiVersion: v1
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: "{{ .Chart.Name }}-{{ .Chart.Version }}"
+    release: "{{ .Release.Name }}"
+    heritage: "{{ .Release.Service }}"
+{{- if .Values.persistence.annotations }}
+  annotations:
+{{ toYaml .Values.persistence.annotations | indent 4 }}
+{{- end }}
+spec:
+  selector:
+    matchLabels:
+      name: {{ include "common.fullname" . }}
+  accessModes:
+    - {{ .Values.persistence.accessMode }}
+  resources:
+    requests:
+      storage: {{ .Values.persistence.size }}
+{{- if .Values.persistence.storageClass }}
+{{- if (eq "-" .Values.persistence.storageClass) }}
+  storageClassName: ""
+{{- else }}
+  storageClassName: "{{ .Values.persistence.storageClass }}"
+{{- end }}
+{{- end }}
+{{- end -}}
diff --git a/kubernetes/policy/charts/mariadb/templates/secrets.yaml b/kubernetes/policy/charts/mariadb/templates/secrets.yaml
new file mode 100644
index 0000000..9f0c178
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/secrets.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Secret
+metadata:
+  name: {{ include "common.fullname" . }}-secret
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+type: Opaque
+data:
+  db-root-password: {{ .Values.config.mysqlRootPassword | b64enc | quote }}
+  db-user-password: {{ .Values.config.mysqlPassword | b64enc | quote }}
+
diff --git a/kubernetes/policy/charts/mariadb/templates/service.yaml b/kubernetes/policy/charts/mariadb/templates/service.yaml
new file mode 100644
index 0000000..5447d91
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/templates/service.yaml
@@ -0,0 +1,32 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  ports:
+    - port: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  clusterIP: None
diff --git a/kubernetes/policy/charts/mariadb/values.yaml b/kubernetes/policy/charts/mariadb/values.yaml
new file mode 100644
index 0000000..23970cf
--- /dev/null
+++ b/kubernetes/policy/charts/mariadb/values.yaml
@@ -0,0 +1,76 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  persistence: {}
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: mariadb:10.0.34
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config:
+  mysqlRootPassword: secret
+  mysqlUserName: policy_user
+  mysqlPassword: policy_user
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+## Persist data to a persitent volume
+persistence:
+  enabled: true
+  volumeReclaimPolicy: Retain
+  accessMode: ReadWriteMany
+  size: 2Gi
+  mountPath: /dockerdata-nfs
+  mountSubPath: mariadb/data
+
+service:
+  type: ClusterIP
+  name: mariadb
+  internalPort: 3306
+
+ingress:
+  enabled: false
+
+resources: {}
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/pdp/Chart.yaml
similarity index 69%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/pdp/Chart.yaml
index 59bfa11..09a65ea 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/pdp/Chart.yaml
@@ -12,13 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+description: Policy PDP
+name: pdp
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/pdp/requirements.yaml
similarity index 68%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/pdp/requirements.yaml
index 59bfa11..f639633 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/pdp/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml
similarity index 87%
rename from kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
rename to kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml
index c9c05d9..daa4112 100644
--- a/kubernetes/policy/resources/config/log/xacml-pdp-rest/logback.xml
+++ b/kubernetes/policy/charts/pdp/resources/config/log/xacml-pdp-rest/logback.xml
@@ -1,153 +1,150 @@
-<?xml version="1.0" encoding="UTF-8"?>

-<!--

-  ============LICENSE_START=======================================================

-  ECOMP-PDP-REST

-  ================================================================================

-  Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.

-  ================================================================================

-  Licensed under the Apache License, Version 2.0 (the "License");

-  you may not use this file except in compliance with the License.

-  You may obtain a copy of the License at

-  

-       http://www.apache.org/licenses/LICENSE-2.0

-  

-  Unless required by applicable law or agreed to in writing, software

-  distributed under the License is distributed on an "AS IS" BASIS,

-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-  See the License for the specific language governing permissions and

-  limitations under the License.

-  ============LICENSE_END=========================================================

-  -->

-<configuration scan="true" scanPeriod="3 seconds" debug="true">

-   <!--<jmxConfigurator /> -->

-   <!--  specify the base path of the log directory --> 

-   <property name="logDir" value="/var/log/onap" />

-   <!--  specify the component name -->

-   <property name="componentName" value="policy" />

-   <!-- specify the sub component name -->

-   <property name="subComponentName" value="xacml-pdp-rest" />

-   <!-- The directories where logs are written --> 

-   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

-   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

-   <!--  log file names -->

-   <property name="errorLogName" value="error" />

-   <property name="metricsLogName" value="metrics" />

-   <property name="auditLogName" value="audit" />

-   <property name="debugLogName" value="debug" />

-   <property name="queueSize" value="256" />

-   <property name="maxFileSize" value="50MB" />

-   <property name="maxHistory" value="30" />

-   <property name="totalSizeCap" value="10GB" />

-   <!-- Example evaluator filter applied against console appender -->

-   <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <!-- ============================================================================ -->

-   <!-- EELF Appenders -->

-   <!-- ============================================================================ -->

-   <!-- The EELFAppender is used to record events to the general application 

-    log -->

-   <!-- EELF Audit Appender. This appender is used to record audit engine 

-    related logging events. The audit logger and appender are specializations 

-    of the EELF application root logger and appender. This can be used to segregate 

-    Policy engine events from other components, or it can be eliminated to record 

-    these events as part of the application root log. -->

-   <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">

-      <file>${logDirectory}/${auditLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFAudit" />

-   </appender>

-   <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">

-      <file>${logDirectory}/${metricsLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 

-        %msg%n"</pattern> -->

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFMetrics" />

-   </appender>

-   <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">

-      <file>${logDirectory}/${errorLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

-         <level>INFO</level>

-      </filter>

-   </appender>

-   <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFError" />

-   </appender>

-   <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">

-      <file>${logDirectory}/${debugLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFDebug" />

-      <includeCallerData>true</includeCallerData>

-   </appender>

-   <!-- ============================================================================ -->

-   <!--  EELF loggers -->

-   <!-- ============================================================================ -->

-   <logger name="com.att.eelf.audit" level="info" additivity="false">

-      <appender-ref ref="asyncEELFAudit" />

-   </logger>

-   <logger name="com.att.eelf.metrics" level="info" additivity="false">

-      <appender-ref ref="asyncEELFMetrics" />

-   </logger>

-   <logger name="com.att.eelf.error" level="info" additivity="false">

-      <appender-ref ref="asyncEELFError" />

-   </logger>

-   <logger name="com.att.eelf.debug" level="debug" additivity="false">

-      <appender-ref ref="asyncEELFDebug" />

-   </logger>

-   <root level="INFO">

-      <appender-ref ref="asyncEELFDebug" />

-   </root>

-</configuration>
\ No newline at end of file
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License. 
+-->
+
+<configuration scan="true" scanPeriod="3 seconds" debug="true">
+   <!--<jmxConfigurator /> -->
+   <!--  specify the base path of the log directory --> 
+   <property name="logDir" value="/var/log/onap" />
+   <!--  specify the component name -->
+   <property name="componentName" value="policy" />
+   <!-- specify the sub component name -->
+   <property name="subComponentName" value="xacml-pdp-rest" />
+   <!-- The directories where logs are written --> 
+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+   <!--  log file names -->
+   <property name="errorLogName" value="error" />
+   <property name="metricsLogName" value="metrics" />
+   <property name="auditLogName" value="audit" />
+   <property name="debugLogName" value="debug" />
+   <property name="queueSize" value="256" />
+   <property name="maxFileSize" value="50MB" />
+   <property name="maxHistory" value="30" />
+   <property name="totalSizeCap" value="10GB" />
+   <!-- Example evaluator filter applied against console appender -->
+   <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <!-- ============================================================================ -->
+   <!-- EELF Appenders -->
+   <!-- ============================================================================ -->
+   <!-- The EELFAppender is used to record events to the general application 
+    log -->
+   <!-- EELF Audit Appender. This appender is used to record audit engine 
+    related logging events. The audit logger and appender are specializations 
+    of the EELF application root logger and appender. This can be used to segregate 
+    Policy engine events from other components, or it can be eliminated to record 
+    these events as part of the application root log. -->
+   <appender name="EELFAudit" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${auditLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender name="asyncEELFAudit" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFAudit" />
+   </appender>
+   <appender name="EELFMetrics" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${metricsLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 
+        %msg%n"</pattern> -->
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender name="asyncEELFMetrics" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFMetrics" />
+   </appender>
+   <appender name="EELFError" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${errorLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+         <level>INFO</level>
+      </filter>
+   </appender>
+   <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFError" />
+   </appender>
+   <appender name="EELFDebug" class="ch.qos.logback.core.rolling.RollingFileAppender">
+      <file>${logDirectory}/${debugLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender name="asyncEELFDebug" class="ch.qos.logback.classic.AsyncAppender">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFDebug" />
+      <includeCallerData>true</includeCallerData>
+   </appender>
+   <!-- ============================================================================ -->
+   <!--  EELF loggers -->
+   <!-- ============================================================================ -->
+   <logger name="com.att.eelf.audit" level="info" additivity="false">
+      <appender-ref ref="asyncEELFAudit" />
+   </logger>
+   <logger name="com.att.eelf.metrics" level="info" additivity="false">
+      <appender-ref ref="asyncEELFMetrics" />
+   </logger>
+   <logger name="com.att.eelf.error" level="info" additivity="false">
+      <appender-ref ref="asyncEELFError" />
+   </logger>
+   <logger name="com.att.eelf.debug" level="debug" additivity="false">
+      <appender-ref ref="asyncEELFDebug" />
+   </logger>
+   <root level="INFO">
+      <appender-ref ref="asyncEELFDebug" />
+   </root>
+</configuration>
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh
index 59bfa11..6060fe9 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp-tweaks.sh
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,5 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+#! /bin/bash
+
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
old mode 100755
new mode 100644
similarity index 60%
rename from kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
rename to kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
index c3af223..9dae9f2
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp.conf
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf
@@ -1,3 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pdp component installation configuration parameters
 
 # tomcat specific parameters
@@ -13,10 +27,10 @@
 
 # pdp properties
 
-UEB_CLUSTER=dmaap.{{.Values.nsPrefix}}
+UEB_CLUSTER=dmaap
 
-REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/
-REST_PDP_ID=http://pdp.{{.Values.nsPrefix}}:8081/pdp/
+REST_PAP_URL=http://{{ .Release.Name }}-{{ .Values.global.pap.nameOverride }}:9091/pap/
+REST_PDP_ID=http://{{ include "common.fullname" . }}:8081/pdp/
 REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config
 REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps
 REST_PDP_REGISTER=true
diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf
new file mode 100644
index 0000000..141eb28
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9997
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://{{ include "common.fullname" . }}:8081/pdp/
+LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=pdplp_1
diff --git a/kubernetes/policy/charts/pdp/templates/NOTES.txt b/kubernetes/policy/charts/pdp/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/pdp/templates/configmap.yaml b/kubernetes/policy/charts/pdp/templates/configmap.yaml
new file mode 100644
index 0000000..76a4c0f
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/configmap.yaml
@@ -0,0 +1,29 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/pdp/templates/service.yaml b/kubernetes/policy/charts/pdp/templates/service.yaml
new file mode 100644
index 0000000..aed3fd1
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/service.yaml
@@ -0,0 +1,52 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+  annotations:
+    msb.onap.org/service-info: '[
+      {
+          "serviceName": "{{ include "common.fullname" . }}",
+          "version": "v1",
+          "url": "/pdp",
+          "protocol": "REST",
+          "port": "8081",
+          "visualRange":"1"
+      },
+      ]'
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
+  sessionAffinity: None
+  
diff --git a/kubernetes/policy/charts/pdp/templates/statefulset.yaml b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
new file mode 100644
index 0000000..367cde4
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/templates/statefulset.yaml
@@ -0,0 +1,143 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: apps/v1beta1
+kind: StatefulSet
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  serviceName: {{ include "common.fullname" . }}
+  replicas: {{ .Values.replicaCount }}
+  selector:
+    matchLabels:
+      app: {{ include "common.name" . }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.pap.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      containers:
+      - command:
+        - /bin/bash
+        - ./do-start.sh
+        - pdp
+        name: {{ include "common.name" . }}
+        image: {{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        ports:
+        - containerPort: {{ .Values.service.externalPort }}
+        {{- if eq .Values.liveness.enabled true }}
+        livenessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.liveness.periodSeconds }}
+        {{- end }}
+        readinessProbe:
+          tcpSocket:
+            port: {{ .Values.service.externalPort }}
+          initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+          periodSeconds: {{ .Values.readiness.periodSeconds }}
+        volumeMounts:
+        - mountPath: /etc/localtime
+          name: localtime
+          readOnly: true
+        - mountPath: /tmp/policy-install/config/base.conf
+          name: pe
+          subPath: base.conf
+        - mountPath: /tmp/policy-install/config/
+          name: pe-pdp
+        - mountPath: /tmp/policy-install/do-start.sh
+          name: pe-scripts
+          subPath: do-start.sh
+        - mountPath: /var/log/onap
+          name: policy-logs
+        - mountPath:  /tmp/logback.xml
+          name: policy-logback
+          subPath: logback.xml
+        lifecycle:
+          postStart:
+            exec:
+              command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+      - image: {{ .Values.global.loggingRepository }}/{{ .Values.global.loggingImage }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: filebeat-onap
+        volumeMounts:
+        - mountPath: /usr/share/filebeat/filebeat.yml
+          name: filebeat-conf
+          subPath: filebeat.yml
+        - mountPath: /var/log/onap
+          name: policy-logs
+        - mountPath: /usr/share/filebeat/data
+          name: policy-data-filebeat
+        resources:
+{{ toYaml .Values.resources | indent 12 }}
+      {{- if .Values.nodeSelector }}
+      nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+      {{- end -}}
+      {{- if .Values.affinity }}
+      affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+      - name: localtime
+        hostPath:
+          path: /etc/localtime
+      - name: filebeat-conf
+        configMap:
+          name: {{ .Release.Name }}-filebeat-configmap
+      - name: policy-logs
+        emptyDir: {}
+      - name: policy-data-filebeat
+        emptyDir: {}
+      - name: policy-logback
+        configMap:
+          name: {{ include "common.fullname" . }}-log-configmap
+      - name: pe
+        configMap:
+          name: {{ .Release.Name }}-pe-configmap
+          defaultMode: 0755
+      - name: pe-scripts
+        configMap:
+          name: {{ .Release.Name }}-pe-scripts-configmap
+          defaultMode: 0777
+      - name: pe-pdp
+        configMap:
+          name: {{ include "common.fullname" . }}-pe-configmap
+          defaultMode: 0755
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/charts/pdp/values.yaml b/kubernetes/policy/charts/pdp/values.yaml
new file mode 100644
index 0000000..c2b7580
--- /dev/null
+++ b/kubernetes/policy/charts/pdp/values.yaml
@@ -0,0 +1,90 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.1.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-pe:1.2-SNAPSHOT-latest
+pullPolicy: Always
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config: {}
+#  username: myusername
+#  password: mypassword
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: pdp
+  externalPort: 8081
+  #Example internal target port if required
+  #internalPort: <80>
+  nodePort: 20
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/policy-common/Chart.yaml
similarity index 69%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/policy-common/Chart.yaml
index 59bfa11..f853be0 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/policy-common/Chart.yaml
@@ -12,13 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
 apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+description: Policy Common
+name: policy-common
+version: 2.0.0
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/charts/policy-common/requirements.yaml
similarity index 67%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/charts/policy-common/requirements.yaml
index 59bfa11..f639633 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/charts/policy-common/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local'
diff --git a/kubernetes/policy/resources/config/log/filebeat/filebeat.yml b/kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml
similarity index 100%
rename from kubernetes/policy/resources/config/log/filebeat/filebeat.yml
rename to kubernetes/policy/charts/policy-common/resources/config/log/filebeat/filebeat.yml
diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
new file mode 100644
index 0000000..885a114
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf
@@ -0,0 +1,38 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
+POLICY_HOME=/opt/app/policy
+KEYSTORE_PASSWD=PolicyR0ck$
+
+JDBC_DRIVER=org.mariadb.jdbc.Driver
+JDBC_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true
+JDBC_LOG_URL=jdbc:mariadb://{{ .Release.Name }}-{{ .Values.global.mariadb.nameOverride }}:3306/log?failOverReadOnly=false&autoReconnect=true
+JDBC_USER=policy_user
+JDBC_PASSWORD=policy_user
+
+site_name=site_1
+fp_monitor_interval=30
+failed_counter_threshold=3
+test_trans_interval=20
+write_fpc_interval=5
+max_fpc_update_interval=60
+test_via_jmx=false
+jmx_fqdn=
+
+ENVIRONMENT=TEST
+
+#Micro Service Model Properties
+policy_msOnapName=
+policy_msPolicyName=
diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh
new file mode 100644
index 0000000..35842e4
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh
@@ -0,0 +1,92 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#!/bin/bash
+
+# Script to configure and start the Policy components that are to run in the designated container,
+# It is intended to be used as the entrypoint in the Dockerfile, so the last statement of the
+# script just goes into a long sleep so that the script does not exit (which would cause the
+# container to be torn down).
+
+container=$1
+
+case $container in
+pap)
+	comps="base pap paplp console mysql elk"
+	;;
+pdp)
+	comps="base pdp pdplp"
+	;;
+brmsgw)
+	comps="base brmsgw"
+	;;
+*)
+	echo "Usage: do-start.sh pap|pdp|brmsgw" >&2
+	exit 1
+esac
+
+
+# skip installation if build.info file is present (restarting an existing container)
+if [[ -f /opt/app/policy/etc/build.info ]]; then
+	echo "Found existing installation, will not reinstall"
+	. /opt/app/policy/etc/profile.d/env.sh
+
+else 
+	if [[ -d config ]]; then
+		cp config/*.conf .
+	fi
+
+	for comp in $comps; do
+		echo "Installing component: $comp"
+		./docker-install.sh --install $comp
+	done
+	for comp in $comps; do
+		echo "Configuring component: $comp"
+		./docker-install.sh --configure $comp
+	done
+
+	. /opt/app/policy/etc/profile.d/env.sh
+
+	# install keystore
+	#changed to use http instead of http, so keystore no longer needed
+	#cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore
+	
+	if [[ -f config/$container-tweaks.sh ]] ; then
+		# file may not be executable; running it as an
+		# argument to bash avoids needing execute perms.
+		bash config/$container-tweaks.sh
+	fi
+
+	if [[ $container == pap ]]; then
+		# wait for DB up
+		# now that DB is up, invoke database upgrade
+		# (which does nothing if the db is already up-to-date)
+		dbuser=$(echo $(grep '^JDBC_USER=' base.conf | cut -f2 -d=))
+		dbpw=$(echo $(grep '^JDBC_PASSWORD=' base.conf | cut -f2 -d=))
+		db_upgrade_remote.sh $dbuser $dbpw {{.Release.Name}}-{{.Values.global.mariadb.nameOverride}}
+	fi
+
+fi
+
+policy.sh start
+
+# on pap, wait for pap, pdp, brmsgw, nexus and drools up,
+# then push the initial default policies
+if [[ $container == pap ]]; then
+	# wait addional 1 minute for all processes to get fully initialized and synched up
+	sleep 60
+	bash -xv config/push-policies.sh
+fi
+
+sleep 1000d
diff --git a/kubernetes/policy/charts/policy-common/templates/NOTES.txt b/kubernetes/policy/charts/policy-common/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/charts/policy-common/templates/configmap.yaml b/kubernetes/policy/charts/policy-common/templates/configmap.yaml
new file mode 100644
index 0000000..23311c6
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/templates/configmap.yaml
@@ -0,0 +1,37 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-pe-scripts-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/scripts/do-start.sh").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ .Release.Name }}-filebeat-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/filebeat/filebeat.yml").AsConfig . | indent 2 }}
diff --git a/kubernetes/policy/charts/policy-common/values.yaml b/kubernetes/policy/charts/policy-common/values.yaml
new file mode 100644
index 0000000..8ac609d
--- /dev/null
+++ b/kubernetes/policy/charts/policy-common/values.yaml
@@ -0,0 +1,82 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
+config:
+  logstashServiceName: log-ls
+  logstashPort: 5044
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: <onap-app>
+  externalPort: <8080>
+  #Example internal target port if required
+  #internalPort: <80>
+  nodePort: <replace with unused node port suffix eg. 23>
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/requirements.yaml
similarity index 68%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/requirements.yaml
index 59bfa11..2bf0d7b 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/requirements.yaml
@@ -12,13 +12,10 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+dependencies:
+  - name: common
+    version: ~2.0.0
+    # local reference to common chart, as it is
+    # a part of this chart's package and will not
+    # be published independently to a repo (at this point)
+    repository: '@local' 
diff --git a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
index d0871bd..bcc6b16 100644
--- a/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
+++ b/kubernetes/policy/resources/config/log/ep_sdk_app/logback.xml
@@ -1,190 +1,186 @@
-<?xml version="1.0" encoding="UTF-8"?>

-<!--

-  ================================================================================

-  eCOMP Portal SDK

-  ================================================================================

-  Copyright (C) 2017 AT&amp;T Intellectual Property

-  ================================================================================

-  Licensed under the Apache License, Version 2.0 (the "License");

-  you may not use this file except in compliance with the License.

-  You may obtain a copy of the License at

-  

-       http://www.apache.org/licenses/LICENSE-2.0

-  

-  Unless required by applicable law or agreed to in writing, software

-  distributed under the License is distributed on an "AS IS" BASIS,

-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-  See the License for the specific language governing permissions and

-  limitations under the License.

-  ================================================================================

-  -->

-<configuration debug="true" scan="true" scanPeriod="3 seconds">

-   <!-- 

-  Logback files for the ECOMP SDK Application "ecomp_app"

-  are created in directory ${catalina.base}/logs/ecomp_app;

-  e.g., apache-tomcat-8.0.35/logs/ecomp_app/application.log  

-  -->

-   <!--<jmxConfigurator /> -->

-   <!--  specify the base path of the log directory -->

-   <property name="logDir" value="/var/log/onap" />

-   <!-- specify the component name -->

-   <property name="componentName" value="policy" />

-   <!-- specify the sub component name -->

-   <property name="subComponentName" value="ep_sdk_app" />

-   <!-- The directories where logs are written -->

-   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

-   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

-   <!--  log file names -->

-   <property name="generalLogName" value="application" />

-   <property name="errorLogName" value="error" />

-   <property name="metricsLogName" value="metrics" />

-   <property name="auditLogName" value="audit" />

-   <property name="debugLogName" value="debug" />

-   <property name="queueSize" value="256" />

-   <property name="maxFileSize" value="50MB" />

-   <property name="maxHistory" value="30" />

-   <property name="totalSizeCap" value="10GB" />

-   <!--

-  These loggers are not used in code (yet). 

-  <property name="securityLogName" value="security" />

-  <property name="policyLogName" value="policy" />

-  <property name="performanceLogName" value="performance" />

-  <property name="serverLogName" value="server" />

-   -->

-   <!-- Example evaluator filter applied against console appender -->

-   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <!-- ============================================================================ -->

-   <!-- EELF Appenders -->

-   <!-- ============================================================================ -->

-   <!-- The EELFAppender is used to record events to the general application 

-    log -->

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELF">

-      <file>${logDirectory}/${generalLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <!-- daily rollover -->

-         <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-      <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELF">

-      <queueSize>${queueSize}</queueSize>

-      <!-- Class name is part of caller data -->

-      <includeCallerData>true</includeCallerData>

-      <appender-ref ref="EELF" />

-   </appender>

-   <!-- EELF Audit Appender. This appender is used to record audit engine 

-    related logging events. The audit logger and appender are specializations 

-    of the EELF application root logger and appender. This can be used to segregate 

-    Policy engine events from other components, or it can be eliminated to record 

-    these events as part of the application root log. -->

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">

-      <file>${logDirectory}/${auditLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <!-- daily rollover -->

-         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFAudit" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">

-      <file>${logDirectory}/${metricsLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <!-- daily rollover -->

-         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFMetrics" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">

-      <file>${logDirectory}/${errorLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <!-- daily rollover -->

-         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

-         <level>INFO</level>

-      </filter>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFError" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">

-      <file>${logDirectory}/${debugLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <!-- daily rollover -->

-         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFDebug" />

-      <includeCallerData>true</includeCallerData>

-   </appender>

-   <!-- ============================================================================ -->

-   <!--  EELF loggers -->

-   <!-- ============================================================================ -->

-   <logger additivity="false" level="info" name="com.att.eelf.audit">

-      <appender-ref ref="asyncEELFAudit" />

-   </logger>

-   <logger additivity="false" level="info" name="com.att.eelf.metrics">

-      <appender-ref ref="asyncEELFMetrics" />

-   </logger>

-   <logger additivity="false" level="info" name="com.att.eelf.error">

-      <appender-ref ref="asyncEELFError" />

-   </logger>

-   <logger additivity="false" level="debug" name="com.att.eelf.debug">

-      <appender-ref ref="asyncEELFDebug" />

-   </logger>

-   <root level="INFO">

-      <appender-ref ref="asyncEELFDebug" />

-   </root>

-</configuration>
\ No newline at end of file
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+-->
+<configuration debug="true" scan="true" scanPeriod="3 seconds">
+   <!-- 
+  Logback files for the ECOMP SDK Application "ecomp_app"
+  are created in directory ${catalina.base}/logs/ecomp_app;
+  e.g., apache-tomcat-8.0.35/logs/ecomp_app/application.log  
+  -->
+   <!--<jmxConfigurator /> -->
+   <!--  specify the base path of the log directory -->
+   <property name="logDir" value="/var/log/onap" />
+   <!-- specify the component name -->
+   <property name="componentName" value="policy" />
+   <!-- specify the sub component name -->
+   <property name="subComponentName" value="ep_sdk_app" />
+   <!-- The directories where logs are written -->
+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+   <!--  log file names -->
+   <property name="generalLogName" value="application" />
+   <property name="errorLogName" value="error" />
+   <property name="metricsLogName" value="metrics" />
+   <property name="auditLogName" value="audit" />
+   <property name="debugLogName" value="debug" />
+   <property name="queueSize" value="256" />
+   <property name="maxFileSize" value="50MB" />
+   <property name="maxHistory" value="30" />
+   <property name="totalSizeCap" value="10GB" />
+   <!--
+  These loggers are not used in code (yet). 
+  <property name="securityLogName" value="security" />
+  <property name="policyLogName" value="policy" />
+  <property name="performanceLogName" value="performance" />
+  <property name="serverLogName" value="server" />
+   -->
+   <!-- Example evaluator filter applied against console appender -->
+   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <!-- ============================================================================ -->
+   <!-- EELF Appenders -->
+   <!-- ============================================================================ -->
+   <!-- The EELFAppender is used to record events to the general application 
+    log -->
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELF">
+      <file>${logDirectory}/${generalLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <!-- daily rollover -->
+         <fileNamePattern>${logDirectory}/${generalLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+      <filter class="org.openecomp.portalapp.util.CustomLoggingFilter" />
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELF">
+      <queueSize>${queueSize}</queueSize>
+      <!-- Class name is part of caller data -->
+      <includeCallerData>true</includeCallerData>
+      <appender-ref ref="EELF" />
+   </appender>
+   <!-- EELF Audit Appender. This appender is used to record audit engine 
+    related logging events. The audit logger and appender are specializations 
+    of the EELF application root logger and appender. This can be used to segregate 
+    Policy engine events from other components, or it can be eliminated to record 
+    these events as part of the application root log. -->
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
+      <file>${logDirectory}/${auditLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <!-- daily rollover -->
+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFAudit" />
+   </appender>
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
+      <file>${logDirectory}/${metricsLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <!-- daily rollover -->
+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFMetrics" />
+   </appender>
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
+      <file>${logDirectory}/${errorLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <!-- daily rollover -->
+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+         <level>INFO</level>
+      </filter>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFError" />
+   </appender>
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
+      <file>${logDirectory}/${debugLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <!-- daily rollover -->
+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFDebug" />
+      <includeCallerData>true</includeCallerData>
+   </appender>
+   <!-- ============================================================================ -->
+   <!--  EELF loggers -->
+   <!-- ============================================================================ -->
+   <logger additivity="false" level="info" name="com.att.eelf.audit">
+      <appender-ref ref="asyncEELFAudit" />
+   </logger>
+   <logger additivity="false" level="info" name="com.att.eelf.metrics">
+      <appender-ref ref="asyncEELFMetrics" />
+   </logger>
+   <logger additivity="false" level="info" name="com.att.eelf.error">
+      <appender-ref ref="asyncEELFError" />
+   </logger>
+   <logger additivity="false" level="debug" name="com.att.eelf.debug">
+      <appender-ref ref="asyncEELFDebug" />
+   </logger>
+   <root level="INFO">
+      <appender-ref ref="asyncEELFDebug" />
+   </root>
+</configuration>
diff --git a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml b/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
deleted file mode 100644
index c4b596b..0000000
--- a/kubernetes/policy/resources/config/log/pypdpserver/logback.xml
+++ /dev/null
@@ -1,154 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>

-<!--

-  ============LICENSE_START=======================================================

-  ECOMP Policy Engine

-  ================================================================================

-  Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.

-  ================================================================================

-  Licensed under the Apache License, Version 2.0 (the "License");

-  you may not use this file except in compliance with the License.

-  You may obtain a copy of the License at

-  

-       http://www.apache.org/licenses/LICENSE-2.0

-  

-  Unless required by applicable law or agreed to in writing, software

-  distributed under the License is distributed on an "AS IS" BASIS,

-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-  See the License for the specific language governing permissions and

-  limitations under the License.

-  ============LICENSE_END=========================================================

-  -->

-<configuration debug="true" scan="true" scanPeriod="3 seconds">

-   <!--<jmxConfigurator /> -->

-   <!--  specify the base path of the log directory --> 

-   <property name="logDir" value="/var/log/onap" />

-   <!--  specify the component name -->

-   <property name="componentName" value="policy" />

-   <!-- specify the sub component name -->

-   <property name="subComponentName" value="pypdpserver" />

-   <!-- The directories where logs are written --> 

-   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

-   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

-   <!--  log file names -->

-   <property name="errorLogName" value="error" />

-   <property name="metricsLogName" value="metrics" />

-   <property name="auditLogName" value="audit" />

-   <property name="debugLogName" value="debug" />

-   <property name="queueSize" value="256" />

-   <property name="maxFileSize" value="50MB" />

-   <property name="maxHistory" value="30" />

-   <property name="totalSizeCap" value="10GB" />

-   <!-- Example evaluator filter applied against console appender -->

-   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <!-- ============================================================================ -->

-   <!-- EELF Appenders -->

-   <!-- ============================================================================ -->

-   <!-- The EELFAppender is used to record events to the general application 

-    log -->

-   <!-- EELF Audit Appender. This appender is used to record audit engine 

-    related logging events. The audit logger and appender are specializations 

-    of the EELF application root logger and appender. This can be used to segregate 

-    Policy engine events from other components, or it can be eliminated to record 

-    these events as part of the application root log. -->

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">

-      <file>${logDirectory}/${auditLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFAudit" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">

-      <file>${logDirectory}/${metricsLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 

-        %msg%n"</pattern> -->

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFMetrics" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">

-      <file>${logDirectory}/${errorLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

-         <level>INFO</level>

-      </filter>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFError" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">

-      <file>${logDirectory}/${debugLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFDebug" />

-      <includeCallerData>true</includeCallerData>

-   </appender>

-   <!-- ============================================================================ -->

-   <!--  EELF loggers -->

-   <!-- ============================================================================ -->

-   <logger additivity="false" level="info" name="com.att.eelf.audit">

-      <appender-ref ref="asyncEELFAudit" />

-   </logger>

-   <logger additivity="false" level="info" name="com.att.eelf.metrics">

-      <appender-ref ref="asyncEELFMetrics" />

-   </logger>

-   <logger additivity="false" level="info" name="com.att.eelf.error">

-      <appender-ref ref="asyncEELFError" />

-   </logger>

-   <logger additivity="false" level="debug" name="com.att.eelf.debug">

-      <appender-ref ref="asyncEELFDebug" />

-   </logger>

-   <root level="INFO">

-      <appender-ref ref="asyncEELFDebug" />

-      <appender-ref ref="asyncEELFError" />

-   </root>

-</configuration>
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
index 77068bb..9401e54 100644
--- a/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
+++ b/kubernetes/policy/resources/config/log/xacml-pap-rest/logback.xml
@@ -1,153 +1,150 @@
-<?xml version="1.0" encoding="UTF-8"?>

-<!--

-  ============LICENSE_START=======================================================

-  ECOMP-PAP-REST

-  ================================================================================

-  Copyright (C) 2017 AT&amp;T Intellectual Property. All rights reserved.

-  ================================================================================

-  Licensed under the Apache License, Version 2.0 (the "License");

-  you may not use this file except in compliance with the License.

-  You may obtain a copy of the License at

-  

-       http://www.apache.org/licenses/LICENSE-2.0

-  

-  Unless required by applicable law or agreed to in writing, software

-  distributed under the License is distributed on an "AS IS" BASIS,

-  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.

-  See the License for the specific language governing permissions and

-  limitations under the License.

-  ============LICENSE_END=========================================================

-  -->

-<configuration debug="true" scan="true" scanPeriod="3 seconds">

-   <!--<jmxConfigurator /> -->

-   <!--  specify the base path of the log directory -->

-   <property name="logDir" value="/var/log/onap" />

-   <!--  specify the component name -->

-   <property name="componentName" value="policy" />

-   <!-- specify the sub component name -->

-   <property name="subComponentName" value="xacml-pap-rest" />

-   <!-- The directories where logs are written -->

-   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />

-   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />

-   <!--  log file names -->

-   <property name="errorLogName" value="error" />

-   <property name="metricsLogName" value="metrics" />

-   <property name="auditLogName" value="audit" />

-   <property name="debugLogName" value="debug" />

-   <property name="queueSize" value="256" />

-   <property name="maxFileSize" value="50MB" />

-   <property name="maxHistory" value="30" />

-   <property name="totalSizeCap" value="10GB" />

-   <!-- Example evaluator filter applied against console appender -->

-   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <!-- ============================================================================ -->

-   <!-- EELF Appenders -->

-   <!-- ============================================================================ -->

-   <!-- The EELFAppender is used to record events to the general application 

-    log -->

-   <!-- EELF Audit Appender. This appender is used to record audit engine 

-    related logging events. The audit logger and appender are specializations 

-    of the EELF application root logger and appender. This can be used to segregate 

-    Policy engine events from other components, or it can be eliminated to record 

-    these events as part of the application root log. -->

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">

-      <file>${logDirectory}/${auditLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFAudit" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">

-      <file>${logDirectory}/${metricsLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 

-        %msg%n"</pattern> -->

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFMetrics" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">

-      <file>${logDirectory}/${errorLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">

-         <level>INFO</level>

-      </filter>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFError" />

-   </appender>

-   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">

-      <file>${logDirectory}/${debugLogName}.log</file>

-      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">

-         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>

-         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">

-            <maxFileSize>${maxFileSize}</maxFileSize>

-         </timeBasedFileNamingAndTriggeringPolicy>

-         <maxHistory>${maxHistory}</maxHistory>

-         <totalSizeCap>${totalSizeCap}</totalSizeCap>

-      </rollingPolicy>

-      <encoder>

-         <pattern>${pattern}</pattern>

-      </encoder>

-   </appender>

-   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">

-      <queueSize>${queueSize}</queueSize>

-      <appender-ref ref="EELFDebug" />

-      <includeCallerData>true</includeCallerData>

-   </appender>

-   <!-- ============================================================================ -->

-   <!--  EELF loggers -->

-   <!-- ============================================================================ -->

-   <logger additivity="false" level="info" name="com.att.eelf.audit">

-      <appender-ref ref="asyncEELFAudit" />

-   </logger>

-   <logger additivity="false" level="info" name="com.att.eelf.metrics">

-      <appender-ref ref="asyncEELFMetrics" />

-   </logger>

-   <logger additivity="false" level="info" name="com.att.eelf.error">

-      <appender-ref ref="asyncEELFError" />

-   </logger>

-   <logger additivity="false" level="debug" name="com.att.eelf.debug">

-      <appender-ref ref="asyncEELFDebug" />

-   </logger>

-   <root level="INFO">

-      <appender-ref ref="asyncEELFDebug" />

-   </root>

-</configuration>
\ No newline at end of file
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.  
+-->
+
+<configuration debug="true" scan="true" scanPeriod="3 seconds">
+   <!--<jmxConfigurator /> -->
+   <!--  specify the base path of the log directory -->
+   <property name="logDir" value="/var/log/onap" />
+   <!--  specify the component name -->
+   <property name="componentName" value="policy" />
+   <!-- specify the sub component name -->
+   <property name="subComponentName" value="xacml-pap-rest" />
+   <!-- The directories where logs are written -->
+   <property name="logDirectory" value="${logDir}/${componentName}/${subComponentName}" />
+   <property name="pattern" value="%d{&amp;quot;yyyy-MM-dd'T'HH:mm:ss.SSSXXX&amp;quot;, UTC}\t[%thread]\t%-5level\t%logger{36}\t%replace(%replace(%replace(%mdc){'\t','\\\\t'}){', ','\t'}){'\n', '\\\\n'}\t%replace(%replace(%msg){'\n', '\\\\n'}){'\t','\\\\t'}%n" />
+   <!--  log file names -->
+   <property name="errorLogName" value="error" />
+   <property name="metricsLogName" value="metrics" />
+   <property name="auditLogName" value="audit" />
+   <property name="debugLogName" value="debug" />
+   <property name="queueSize" value="256" />
+   <property name="maxFileSize" value="50MB" />
+   <property name="maxHistory" value="30" />
+   <property name="totalSizeCap" value="10GB" />
+   <!-- Example evaluator filter applied against console appender -->
+   <appender class="ch.qos.logback.core.ConsoleAppender" name="STDOUT">
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <!-- ============================================================================ -->
+   <!-- EELF Appenders -->
+   <!-- ============================================================================ -->
+   <!-- The EELFAppender is used to record events to the general application 
+    log -->
+   <!-- EELF Audit Appender. This appender is used to record audit engine 
+    related logging events. The audit logger and appender are specializations 
+    of the EELF application root logger and appender. This can be used to segregate 
+    Policy engine events from other components, or it can be eliminated to record 
+    these events as part of the application root log. -->
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFAudit">
+      <file>${logDirectory}/${auditLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${auditLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFAudit">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFAudit" />
+   </appender>
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFMetrics">
+      <file>${logDirectory}/${metricsLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${metricsLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <!-- <pattern>"%d{HH:mm:ss.SSS} [%thread] %-5level %logger{1024} - 
+        %msg%n"</pattern> -->
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFMetrics">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFMetrics" />
+   </appender>
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFError">
+      <file>${logDirectory}/${errorLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${errorLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+      <filter class="ch.qos.logback.classic.filter.ThresholdFilter">
+         <level>INFO</level>
+      </filter>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFError">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFError" />
+   </appender>
+   <appender class="ch.qos.logback.core.rolling.RollingFileAppender" name="EELFDebug">
+      <file>${logDirectory}/${debugLogName}.log</file>
+      <rollingPolicy class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy">
+         <fileNamePattern>${logDirectory}/${debugLogName}.%d{yyyy-MM-dd}.%i.log</fileNamePattern>
+         <timeBasedFileNamingAndTriggeringPolicy class="ch.qos.logback.core.rolling.SizeAndTimeBasedFNATP">
+            <maxFileSize>${maxFileSize}</maxFileSize>
+         </timeBasedFileNamingAndTriggeringPolicy>
+         <maxHistory>${maxHistory}</maxHistory>
+         <totalSizeCap>${totalSizeCap}</totalSizeCap>
+      </rollingPolicy>
+      <encoder>
+         <pattern>${pattern}</pattern>
+      </encoder>
+   </appender>
+   <appender class="ch.qos.logback.classic.AsyncAppender" name="asyncEELFDebug">
+      <queueSize>${queueSize}</queueSize>
+      <appender-ref ref="EELFDebug" />
+      <includeCallerData>true</includeCallerData>
+   </appender>
+   <!-- ============================================================================ -->
+   <!--  EELF loggers -->
+   <!-- ============================================================================ -->
+   <logger additivity="false" level="info" name="com.att.eelf.audit">
+      <appender-ref ref="asyncEELFAudit" />
+   </logger>
+   <logger additivity="false" level="info" name="com.att.eelf.metrics">
+      <appender-ref ref="asyncEELFMetrics" />
+   </logger>
+   <logger additivity="false" level="info" name="com.att.eelf.error">
+      <appender-ref ref="asyncEELFError" />
+   </logger>
+   <logger additivity="false" level="debug" name="com.att.eelf.debug">
+      <appender-ref ref="asyncEELFDebug" />
+   </logger>
+   <root level="INFO">
+      <appender-ref ref="asyncEELFDebug" />
+   </root>
+</configuration>
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
deleted file mode 100755
index 8bff59c..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/drools/drools-tweaks.sh
+++ /dev/null
@@ -1,23 +0,0 @@
-#! /bin/bash
-
-###
-# ============LICENSE_START=======================================================
-# ONAP
-# ================================================================================
-# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved.
-# ================================================================================
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-# 
-#      http://www.apache.org/licenses/LICENSE-2.0
-# 
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-# ============LICENSE_END=========================================================
-###
-
-${POLICY_HOME}/bin/features enable healthcheck
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
deleted file mode 100644
index 31baed2..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/drools/keys/feature-healthcheck.conf
+++ /dev/null
@@ -1,2 +0,0 @@
-HEALTHCHECK_USER=healthcheck
-HEALTHCHECK_PASSWORD=zb!XztG34
diff --git a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf b/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
deleted file mode 100755
index 843b832..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/drools/policy-management.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-CONTROLLER_ARTIFACT_ID=policy-management
-CONTROLLER_NAME=policy-management-controller
-CONTROLLER_PORT=9696
-RULES_ARTIFACT=not-used:not-used:1.0.0-SNAPSHOT
-UEB_TOPIC=policyengine-develop
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
deleted file mode 100755
index 2917431..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/base.conf
+++ /dev/null
@@ -1,24 +0,0 @@
-JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64
-POLICY_HOME=/opt/app/policy
-KEYSTORE_PASSWD=PolicyR0ck$
-
-JDBC_DRIVER=org.mariadb.jdbc.Driver
-JDBC_URL=jdbc:mariadb://mariadb.{{.Values.nsPrefix}}:3306/onap_sdk?failOverReadOnly=false&autoReconnect=true
-JDBC_LOG_URL=jdbc:mariadb://mariadb.{{.Values.nsPrefix}}:3306/log?failOverReadOnly=false&autoReconnect=true
-JDBC_USER=policy_user
-JDBC_PASSWORD=policy_user
-
-site_name=site_1
-fp_monitor_interval=30
-failed_counter_threshold=3
-test_trans_interval=20
-write_fpc_interval=5
-max_fpc_update_interval=60
-test_via_jmx=false
-jmx_fqdn=
-
-ENVIRONMENT=TEST
-
-#Micro Service Model Properties
-policy_msOnapName=
-policy_msPolicyName=
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
deleted file mode 100755
index d874237..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/brmsgw.conf
+++ /dev/null
@@ -1,53 +0,0 @@
-# BRMSpep component installation configuration parameters
-BRMSGW_JMX_PORT=9989
-
-COMPONENT_X_MX_MB=1024
-COMPONENT_X_MS_MB=1024
-
-REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/
-REST_PDP_ID=http://pdp.{{.Values.nsPrefix}}:8081/pdp/
-
-PDP_HTTP_USER_ID=testpdp
-PDP_HTTP_PASSWORD=alpha123
-PDP_PAP_PDP_HTTP_USER_ID=testpap
-PDP_PAP_PDP_HTTP_PASSWORD=alpha123
-
-M2_HOME=/usr/share/maven
-snapshotRepositoryID=policy-nexus-snapshots
-snapshotRepositoryName=Snapshots
-snapshotRepositoryURL=http://nexus.{{.Values.nsPrefix}}:8081/nexus/content/repositories/snapshots
-releaseRepositoryID=policy-nexus-releases
-releaseRepositoryName=Releases
-releaseRepositoryURL=http://nexus.{{.Values.nsPrefix}}:8081/nexus/content/repositories/releases
-repositoryUsername=admin
-repositoryPassword=admin123
-UEB_URL=dmaap.{{.Values.nsPrefix}}
-UEB_TOPIC=PDPD-CONFIGURATION
-UEB_API_KEY=
-UEB_API_SECRET=
-
-groupID=org.onap.policy-engine
-artifactID=drlPDPGroup
-AMSTERDAM_GROUP_ID=org.onap.policy-engine.drools.amsterdam
-AMSTERDAM_ARTIFACT_ID=policy-amsterdam-rules
-
-# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
-resource_name=brmsgw_1
-node_type=brms_gateway
-
-#Environment should be Set either DEV, TEST or PROD
-ENVIRONMENT=TEST
-
-#Notification Properties... type can be either websocket, ueb, or dmaap
-BRMS_NOTIFICATION_TYPE=websocket
-BRMS_UEB_URL=dmaap.{{.Values.nsPrefix}}
-BRMS_UEB_TOPIC=PDPD-CONFIGURATION
-BRMS_UEB_DELAY=
-BRMS_CLIENT_ID=python
-BRMS_CLIENT_KEY=dGVzdA==
-BRMS_UEB_API_KEY=
-BRMS_UEB_API_SECRET=
-
-#Dependency.json file version
-BRMS_DEPENDENCY_VERSION=1.2.0
-
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
deleted file mode 100644
index 938954c..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/elk.conf
+++ /dev/null
@@ -1,3 +0,0 @@
-# elasticsearch
-
-ELK_JMX_PORT=9995
\ No newline at end of file
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
deleted file mode 100755
index 28b9e3c..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/mysql.conf
+++ /dev/null
@@ -1,5 +0,0 @@
-# mysql scripts component installation configuration parameters
-
-# Path to mysql bin
-MYSQL_BIN=/usr/local/mysql/bin
-
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
deleted file mode 100755
index 36ac368..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/pap-tweaks.sh
+++ /dev/null
@@ -1 +0,0 @@
-#! /bin/bash
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
deleted file mode 100755
index 22ca849..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/paplp.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# JVM specific parameters
-LOGPARSER_JMX_PORT=9996
-LOGPARSER_X_MS_MB=1024
-LOGPARSER_X_MX_MB=1024
-
-SERVER=http://pap.{{.Values.nsPrefix}}:9091/pap/
-LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log
-PARSERLOGPATH=IntegrityMonitor.log
-
-node_type=logparser
-# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
-resource_name=paplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh b/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
deleted file mode 100755
index f682536..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdp-tweaks.sh
+++ /dev/null
@@ -1,2 +0,0 @@
-#! /bin/bash
-
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf b/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
deleted file mode 100755
index 0e58ceb..0000000
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/pdplp.conf
+++ /dev/null
@@ -1,12 +0,0 @@
-# JVM specific parameters
-LOGPARSER_JMX_PORT=9997
-LOGPARSER_X_MS_MB=1024
-LOGPARSER_X_MX_MB=1024
-
-SERVER=http://pdp.{{.Values.nsPrefix}}:8081/pdp/
-LOGPATH=/opt/app/policy/servers/pdp/logs/pdp-rest.log
-PARSERLOGPATH=IntegrityMonitor.log
-
-node_type=logparser
-# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
-resource_name=pdplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf b/kubernetes/policy/resources/config/pe/console.conf
old mode 100755
new mode 100644
similarity index 77%
rename from kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
rename to kubernetes/policy/resources/config/pe/console.conf
index 3ff7086..3ed6ed4
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/console.conf
+++ b/kubernetes/policy/resources/config/pe/console.conf
@@ -1,3 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # configs component installation configuration parameters
 
 # tomcat specific parameters
@@ -77,7 +91,7 @@
 #
 
 
-REST_PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/
+REST_PAP_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/pap/
 
 #
 # Config/Action Properties location.
@@ -85,7 +99,7 @@
 
 REST_CONFIG_HOME=/opt/app/policy/servers/pap/webapps/Config/
 REST_ACTION_HOME=/opt/app/policy/servers/pap/webapps/Action/
-REST_CONFIG_URL=http://pap.{{.Values.nsPrefix}}:9091/
+REST_CONFIG_URL=http://{{.Release.Name}}-{{.Values.global.pap.nameOverride}}:9091/
 REST_CONFIG_WEBAPPS=/opt/app/policy/servers/pap/webapps/
 
 # PAP account information
@@ -121,12 +135,12 @@
 
 #-----------------------ONAP-PORTAL-Properties----------------------
 
-ONAP_REDIRECT_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/login.htm
-ONAP_REST_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/auxapi
+ONAP_REDIRECT_URL=http://portalapps:8989/ONAPPORTAL/login.htm
+ONAP_REST_URL=http://portalapps:8989/ONAPPORTAL/auxapi
 ONAP_UEB_URL_LIST=
 ONAP_PORTAL_INBOX_NAME=
 ONAP_UEB_APP_KEY=
 ONAP_UEB_APP_SECRET=
 ONAP_UEB_APP_MAILBOX_NAME=
 APP_DISPLAY_NAME=ONAP Policy
-ONAP_SHARED_CONTEXT_REST_URL=http://portalapps.{{.Values.nsPrefix}}:8989/ONAPPORTAL/context
+ONAP_SHARED_CONTEXT_REST_URL=http://portalapps:8989/ONAPPORTAL/context
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/resources/config/pe/elk.conf
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/resources/config/pe/elk.conf
index 59bfa11..2750bff 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/resources/config/pe/elk.conf
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,6 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+# elasticsearch
+
+ELK_JMX_PORT=9995
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/resources/config/pe/mysql.conf
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/resources/config/pe/mysql.conf
index 59bfa11..d4f83d4 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/resources/config/pe/mysql.conf
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+# mysql scripts component installation configuration parameters
+
+# Path to mysql bin
+MYSQL_BIN=/usr/local/mysql/bin
+
diff --git a/kubernetes/policy/templates/policy-deployment-secret.yaml b/kubernetes/policy/resources/config/pe/pap-tweaks.sh
similarity index 63%
copy from kubernetes/policy/templates/policy-deployment-secret.yaml
copy to kubernetes/policy/resources/config/pe/pap-tweaks.sh
index 59bfa11..1930b98 100644
--- a/kubernetes/policy/templates/policy-deployment-secret.yaml
+++ b/kubernetes/policy/resources/config/pe/pap-tweaks.sh
@@ -1,4 +1,4 @@
-# Copyright © 2017 Amdocs, Bell Canada
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -12,13 +12,4 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: v1
-kind: Secret
-metadata:
-  name: policy-dep-drools-secret
-  namespace: {{ .Values.nsPrefix }}
-type: Opaque
-data:
-{{ (.Files.Glob "resources/config/opt/policy/config/drools/keys/*").AsSecrets | indent 2 }}
-#{{ end }}
+#! /bin/bash
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf b/kubernetes/policy/resources/config/pe/pap.conf
old mode 100755
new mode 100644
similarity index 63%
rename from kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
rename to kubernetes/policy/resources/config/pe/pap.conf
index 3f892c9..28c2da1
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/pap.conf
+++ b/kubernetes/policy/resources/config/pe/pap.conf
@@ -1,3 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 # pap component installation configuration parameters
 
 # tomcat specific parameters
@@ -14,7 +28,7 @@
 # pap properties
 
 PAP_PDPS=/opt/app/policy/servers/pap/bin/pdps
-PAP_URL=http://pap.{{.Values.nsPrefix}}:9091/pap/
+PAP_URL=http://{{ include "common.fullname" . }}:9091/pap/
 
 PAP_INITIATE_PDP=true
 PAP_HEARTBEAT_INTERVAL=10000
@@ -26,7 +40,7 @@
 
 # PDP related properties
 
-PAP_PDP_URL=http://pdp.{{.Values.nsPrefix}}:8081/pdp/
+PAP_PDP_URL=http://{{ .Release.Name }}-{{ .Values.global.pdp.nameOverride }}:8081/pdp/
 PAP_PDP_HTTP_USER_ID=testpdp
 PAP_PDP_HTTP_PASSWORD=alpha123
 
diff --git a/kubernetes/policy/resources/config/pe/paplp.conf b/kubernetes/policy/resources/config/pe/paplp.conf
new file mode 100644
index 0000000..7124fde
--- /dev/null
+++ b/kubernetes/policy/resources/config/pe/paplp.conf
@@ -0,0 +1,26 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# JVM specific parameters
+LOGPARSER_JMX_PORT=9996
+LOGPARSER_X_MS_MB=1024
+LOGPARSER_X_MX_MB=1024
+
+SERVER=http://{{ include "common.fullname" . }}:9091/pap/
+LOGPATH=/opt/app/policy/servers/pap/logs/pap-rest.log
+PARSERLOGPATH=IntegrityMonitor.log
+
+node_type=logparser
+# the java property is RESOURCE_NAME (uppercase), but the conf parameter is lowercase
+resource_name=paplp_1
diff --git a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh b/kubernetes/policy/resources/config/pe/push-policies.sh
old mode 100755
new mode 100644
similarity index 88%
rename from kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
rename to kubernetes/policy/resources/config/pe/push-policies.sh
index b9242ce..5e0172b
--- a/kubernetes/policy/resources/config/opt/policy/config/pe/push-policies.sh
+++ b/kubernetes/policy/resources/config/pe/push-policies.sh
@@ -1,3 +1,17 @@
+# Copyright © 2017 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
 #! /bin/bash
 
 # forked from https://gerrit.onap.org/r/gitweb?p=policy/docker.git;a=blob;f=config/pe/push-policies.sh;h=555ab357e6b4f54237bf07ef5e6777d782564bc0;hb=refs/heads/amsterdam and adapted for OOM
@@ -12,7 +26,7 @@
 
 sleep 2
 
-curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/policyEngineImport' 
+curl -v --silent -X POST --header 'Content-Type: multipart/form-data' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -F "file=@cl-amsterdam-template.drl" -F "importParametersJson={\"serviceName\":\"ClosedLoopControlName\",\"serviceType\":\"BRMSPARAM\"}" 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/policyEngineImport' 
 
 echo "PRELOAD_POLICIES is $PRELOAD_POLICIES"
 
@@ -42,7 +56,7 @@
 			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+Eace933104d443b496b8.nodes.heat.vpg%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
 		}
 	}
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 sleep 2
 
@@ -62,7 +76,7 @@
 			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vDNS-6f37f56d-a87d-4b85-b6a9-cc953cf779b3%0D%0A++trigger_policy%3A+unique-policy-id-1-scale-up%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-scale-up%0D%0A++++name%3A+Create+a+new+VF+Module%0D%0A++++description%3A%0D%0A++++actor%3A+SO%0D%0A++++recipe%3A+VF+Module+Create%0D%0A++++target%3A%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
 		}
 	}
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 sleep 2
 
@@ -82,7 +96,7 @@
 			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-VOLTE-2179b738-fd36-4843-a71a-a8c24c70c55b%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+VFC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
 		}
 	}
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 sleep 2
 
@@ -102,7 +116,7 @@
 			"controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vCPE-48f0c2c3-a172-4192-9ae3-052274181b6e%0D%0A++trigger_policy%3A+unique-policy-id-1-restart%0D%0A++timeout%3A+3600%0D%0A++abatement%3A+true%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-restart%0D%0A++++name%3A+Restart+the+VM%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+Restart%0D%0A++++target%3A%0D%0A++++++type%3A+VM%0D%0A++++retry%3A+3%0D%0A++++timeout%3A+1200%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard"
 		}
 	}
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 #########################################Create Micro Service Config policies##########################################
 
@@ -116,7 +130,7 @@
 	"policyConfigType": "MicroService",
 	"policyName": "com.MicroServicevFirewall",
 	"onapName": "DCAE"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 
 sleep 2
@@ -127,7 +141,7 @@
 	"policyConfigType": "MicroService",
 	"policyName": "com.MicroServicevDNS",
 	"onapName": "DCAE"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 
 sleep 2
@@ -138,7 +152,7 @@
 	"policyConfigType": "MicroService",
 	"policyName": "com.MicroServicevCPE",
 	"onapName": "DCAE"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 
 #########################################Creating Decision Guard policy######################################### 
@@ -165,7 +179,7 @@
 			"guardActiveEnd": "00:00:00-05:00" 
 		} 
 	} 
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/createPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/createPolicy'
 
 #########################################Push Decision policy#########################################
 
@@ -176,7 +190,7 @@
   "pdpGroup": "default", 
   "policyName": "com.AllPermitGuard", 
   "policyType": "DECISION" 
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy'
 
 #########################################Pushing BRMS Param policies##########################################
 
@@ -189,7 +203,7 @@
   "pdpGroup": "default",
   "policyName": "com.BRMSParamvFirewall",
   "policyType": "BRMS_Param"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy'
 
 sleep 2
 
@@ -198,7 +212,7 @@
   "pdpGroup": "default",
   "policyName": "com.BRMSParamvDNS",
   "policyType": "BRMS_Param"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy'
 
 sleep 2
 
@@ -207,7 +221,7 @@
   "pdpGroup": "default",
   "policyName": "com.BRMSParamVOLTE",
   "policyType": "BRMS_Param"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy'
 
 sleep 2
 
@@ -216,7 +230,7 @@
   "pdpGroup": "default",
   "policyName": "com.BRMSParamvCPE",
   "policyType": "BRMS_Param"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy'
 
 #########################################Pushing MicroService Config policies##########################################
 
@@ -229,7 +243,7 @@
   "pdpGroup": "default",
   "policyName": "com.MicroServicevFirewall",
   "policyType": "MicroService"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy'
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy'
 
 sleep 10
 
@@ -238,7 +252,7 @@
   "pdpGroup": "default",
   "policyName": "com.MicroServicevDNS",
   "policyType": "MicroService"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' 
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' 
 
 sleep 10
 
@@ -247,4 +261,4 @@
   "pdpGroup": "default",
   "policyName": "com.MicroServicevCPE",
   "policyType": "MicroService"
-}' 'http://pdp.{{.Values.nsPrefix}}:8081/pdp/api/pushPolicy' 
+}' 'http://{{.Release.Name}}-{{.Values.global.pdp.nameOverride}}:8081/pdp/api/pushPolicy' 
diff --git a/kubernetes/policy/templates/NOTES.txt b/kubernetes/policy/templates/NOTES.txt
new file mode 100644
index 0000000..91d8ed4
--- /dev/null
+++ b/kubernetes/policy/templates/NOTES.txt
@@ -0,0 +1,19 @@
+1. Get the application URL by running these commands:
+{{- if .Values.ingress.enabled }}
+{{- range .Values.ingress.hosts }}
+  http://{{ . }}
+{{- end }}
+{{- else if contains "NodePort" .Values.service.type }}
+  export NODE_PORT=$(kubectl get --namespace {{ include "common.namespace" . }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "common.name" . }})
+  export NODE_IP=$(kubectl get nodes --namespace {{ include "common.namespace" . }} -o jsonpath="{.items[0].status.addresses[0].address}")
+  echo http://$NODE_IP:$NODE_PORT
+{{- else if contains "LoadBalancer" .Values.service.type }}
+     NOTE: It may take a few minutes for the LoadBalancer IP to be available.
+           You can watch the status of by running 'kubectl get svc -w {{ include "common.name" . }}'
+  export SERVICE_IP=$(kubectl get svc --namespace {{ include "common.namespace" . }} {{ include "common.name" . }} -o jsonpath='{.status.loadBalancer.ingress[0].ip}')
+  echo http://$SERVICE_IP:{{ .Values.service.externalPort }}
+{{- else if contains "ClusterIP" .Values.service.type }}
+  export POD_NAME=$(kubectl get pods --namespace {{ include "common.namespace" . }} -l "app={{ template "so.name" . }},release={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
+  echo "Visit http://127.0.0.1:8080 to use your application"
+  kubectl port-forward $POD_NAME 8080:{{ .Values.service.internalPort }}
+{{- end }}
diff --git a/kubernetes/policy/templates/all-services.yaml b/kubernetes/policy/templates/all-services.yaml
deleted file mode 100644
index f8e435b..0000000
--- a/kubernetes/policy/templates/all-services.yaml
+++ /dev/null
@@ -1,145 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyMariadb }}
-apiVersion: v1
-kind: Service
-metadata:
-  name: mariadb
-  namespace: "{{ .Values.nsPrefix }}"
-  labels:
-    app: mariadb
-spec:
-  ports:
-  - name: 3306-port
-    port: 3306
-  selector:
-    app: mariadb
-  clusterIP: None
-#{{ end }}
-#{{ if not .Values.disablePolicyNexus }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: nexus
-  name: nexus
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  ports:
-  - name: nexus-port
-    port: 8081
-  selector:
-    app: nexus
-  clusterIP: None
-#{{ end }}
-#{{ if not .Values.disablePolicyDrools }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  labels:
-    app: drools
-  name: drools
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  ports:
-  - name: "drools-port"
-    port: 6969
-    nodePort: {{ .Values.nodePortPrefix }}17
-  - name: "drools-port2"
-    port: 9696
-    nodePort: {{ .Values.nodePortPrefix }}21
-  selector:
-    app: drools
-  type: NodePort
-#{{ end }}
-#{{ if not .Values.disablePolicyPap }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: pap
-  namespace: "{{ .Values.nsPrefix }}"
-  labels:
-    app: pap
-spec:
-  ports:
-  - name: 8443-port
-    port: 8443
-    nodePort: {{ .Values.nodePortPrefix }}19
-  - name: 9091-port
-    port: 9091
-    nodePort: {{ .Values.nodePortPrefix }}18
-  selector:
-    app: pap
-  type: NodePort
-#{{ end }}
-#{{ if not .Values.disablePolicyPdp }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: pdp
-  namespace: "{{ .Values.nsPrefix }}"
-  labels:
-    app: pdp
-  annotations:
-    msb.onap.org/service-info: '[
-      {
-          "serviceName": "policy-pdp",
-          "version": "v1",
-          "url": "/pdp",
-          "protocol": "REST",
-          "port": "8081",
-          "visualRange":"1"
-      },
-      {
-          "serviceName": "policy-pdp-deprecated",
-          "version": "v1",
-          "url": "/pdp",
-          "protocol": "REST",
-          "port": "8081",
-          "visualRange":"1",
-          "path":"/pdp"
-      }
-      ]'
-spec:
-  ports:
-  - name: 8081-port
-    port: 8081
-    nodePort: {{ .Values.nodePortPrefix }}20
-  selector:
-    app: pdp
-  type: NodePort
-#{{ end }}
-#{{ if not .Values.disablePolicyBrmsgw }}
----
-apiVersion: v1
-kind: Service
-metadata:
-  name: brmsgw
-  namespace: "{{ .Values.nsPrefix }}"
-  labels:
-    app: brmsgw
-spec:
-  ports:
-  - name: 9989-port
-    port: 9989
-    nodePort: {{ .Values.nodePortPrefix }}16
-  selector:
-    app: brmsgw
-  type: NodePort
-#{{ end }}
diff --git a/kubernetes/policy/templates/configmap.yaml b/kubernetes/policy/templates/configmap.yaml
new file mode 100644
index 0000000..3a9564a
--- /dev/null
+++ b/kubernetes/policy/templates/configmap.yaml
@@ -0,0 +1,38 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-log-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/xacml-pap-rest/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-sdk-log-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/log/ep_sdk_app/logback.xml").AsConfig . | indent 2 }}
+---
+apiVersion: v1
+kind: ConfigMap
+metadata:
+  name: {{ include "common.fullname" . }}-pe-configmap
+  namespace: {{ include "common.namespace" . }}
+data:
+{{ tpl (.Files.Glob "resources/config/pe/*").AsConfig . | indent 2 }}
+
diff --git a/kubernetes/policy/templates/dep-brmsgw.yaml b/kubernetes/policy/templates/dep-brmsgw.yaml
deleted file mode 100644
index 54b5565..0000000
--- a/kubernetes/policy/templates/dep-brmsgw.yaml
+++ /dev/null
@@ -1,71 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyBrmsgw }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: policy-brmsgw
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  replicas: {{ .Values.brmsgwReplicas }}
-  selector:
-    matchLabels:
-      app: brmsgw
-  template:
-    metadata:
-      labels:
-        app: brmsgw
-      name: policy-brmsgw
-    spec:
-      initContainers:
-      - command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - pap
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: brmsgw-readiness
-      containers:
-      - command:
-        - /bin/bash
-        - ./do-start.sh
-        - brmsgw
-        image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion}}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: brmsgw
-        volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        - mountPath: /tmp/policy-install/config
-          name: pe
-      volumes:
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: pe
-          configMap:
-            name: policy-dep-pe-configmap
-            defaultMode: 0755
-      imagePullSecrets:
-      - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-#{{ end }}
diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml
deleted file mode 100644
index ec0413a..0000000
--- a/kubernetes/policy/templates/dep-drools.yaml
+++ /dev/null
@@ -1,152 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyDrools }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: policy-drools
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  replicas: {{ .Values.droolsReplicas }}
-  selector:
-    matchLabels:
-      app: drools
-  template:
-    metadata:
-      labels:
-        app: drools
-      name: policy-drools
-    spec:
-      initContainers:
-      - command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - mariadb
-        - --container-name
-        - nexus
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: drools-readiness
-      hostAliases:
-      - ip: "{{ .Values.aaiServiceClusterIp }}"
-        hostnames:
-        - "aai.api.simpledemo.openecomp.org"
-      containers:
-      - command:
-        - /bin/bash
-        - -c
-        - ./do-start.sh
-        image: "{{ .Values.image.policyDrools }}:{{ .Values.image.policyDroolsVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: drools
-        ports:
-        - containerPort: 6969
-        readinessProbe:
-          tcpSocket:
-            port: 6969
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        - mountPath: /tmp/policy-install/config/policy-keystore
-          name: drools-secret
-          subPath: policy-keystore
-        - mountPath: /tmp/policy-install/config/feature-healthcheck.conf
-          name: drools-secret
-          subPath: feature-healthcheck.conf
-        - mountPath: /tmp/policy-install/config/base.conf
-          name: drools-config
-          subPath: base.conf
-        - mountPath: /tmp/policy-install/config/policy-management.conf
-          name: drools-config
-          subPath: policy-management.conf
-        - mountPath: /tmp/policy-install/config/drools-tweaks.sh
-          name: drools-config
-          subPath: drools-tweaks.sh
-        - mountPath: /usr/share/maven/conf/settings.xml
-          name: drools-settingsxml
-          subPath: settings.xml
-        - mountPath: /var/log/onap
-          name: policy-logs
-        - mountPath: /tmp/logback.xml
-          name: policy-logback
-          subPath: logback.xml
-        lifecycle:
-          postStart:
-            exec:
-              command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/config/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
-      - image: {{ .Values.image.filebeat }}
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: filebeat-onap
-        volumeMounts:
-        - mountPath: /usr/share/filebeat/filebeat.yml
-          name: filebeat-conf
-          subPath: filebeat.yml
-        - mountPath: /var/log/onap
-          name: policy-logs
-        - mountPath: /usr/share/filebeat/data
-          name: policy-data-filebeat
-      volumes:
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: filebeat-conf
-          configMap:
-            name: policy-filebeat-configmap
-        - name: policy-logs
-          emptyDir: {}
-        - name: policy-data-filebeat
-          emptyDir: {}
-        - name: policy-logback
-          configMap:
-            name: policy-drools-log-configmap
-        - name: drools-settingsxml
-          configMap:
-            name: policy-dep-drools-settings-configmap
-        - name: drools-config
-          configMap:
-            name: policy-dep-drools-configmap
-            items:
-            - key: base.conf
-              path: base.conf
-              mode: 0755
-            - key: policy-management.conf
-              path: policy-management.conf
-              mode: 0755
-            - key: drools-tweaks.sh
-              path: drools-tweaks.sh
-              mode: 0755
-        - name: drools-secret
-          secret:
-            secretName: policy-dep-drools-secret
-            items:
-            - key: policy-keystore
-              path: policy-keystore
-              mode: 0644
-            - key: feature-healthcheck.conf
-              path: feature-healthcheck.conf
-              mode: 0644
-      imagePullSecrets:
-      - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-#{{ end }}
diff --git a/kubernetes/policy/templates/dep-maria.yaml b/kubernetes/policy/templates/dep-maria.yaml
deleted file mode 100644
index 302a052..0000000
--- a/kubernetes/policy/templates/dep-maria.yaml
+++ /dev/null
@@ -1,54 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyMariadb }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: policy-mariadb
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  replicas: {{ .Values.mariadbReplicas }}
-  selector:
-    matchLabels:
-      app: mariadb
-  template:
-    metadata:
-      labels:
-        app: mariadb
-      name: policy-mariadb
-    spec:
-      hostname: mariadb
-      containers:
-      - image: "{{ .Values.image.policyDb }}:{{ .Values.image.policyDbVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: mariadb
-        ports:
-        - containerPort: 3306
-        volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        readinessProbe:
-          tcpSocket:
-            port: 3306
-          initialDelaySeconds: 5
-          periodSeconds: 10
-      volumes:
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
-      imagePullSecrets:
-      - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-#{{ end }}
diff --git a/kubernetes/policy/templates/dep-nexus.yaml b/kubernetes/policy/templates/dep-nexus.yaml
deleted file mode 100644
index de0aeb0..0000000
--- a/kubernetes/policy/templates/dep-nexus.yaml
+++ /dev/null
@@ -1,61 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyNexus }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: policy-nexus
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  replicas: {{ .Values.nexusReplicas }}
-  selector:
-    matchLabels:
-      app: nexus
-  template:
-    metadata:
-      labels:
-        app: nexus
-      name: policy-nexus
-    spec:
-      initContainers:
-      - command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - mariadb
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: nexus-readiness
-      containers:
-      - image: "{{ .Values.image.policyNexus }}:{{ .Values.image.policyNexusVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: nexus
-        volumeMounts:
-        - name: localtime
-          mountPath: /etc/localtime
-          readOnly: true
-      volumes:
-      - name: localtime
-        hostPath:
-          path: /etc/localtime
-      imagePullSecrets:
-      - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-#{{ end }}
diff --git a/kubernetes/policy/templates/dep-pap.yaml b/kubernetes/policy/templates/dep-pap.yaml
deleted file mode 100644
index 5a0d046..0000000
--- a/kubernetes/policy/templates/dep-pap.yaml
+++ /dev/null
@@ -1,131 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyPap }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: policy-pap
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  replicas: {{ .Values.papReplicas }}
-  selector:
-    matchLabels:
-      app: pap
-  template:
-    metadata:
-      labels:
-        app: pap
-      name: policy-pap
-    spec:
-      initContainers:
-      - command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - mariadb
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: pap-readiness
-      - command: ["/bin/bash", "-c", "echo $POD_IP > /config/ip_addr.txt"]
-        env:
-        - name: POD_IP
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: status.podIP
-        volumeMounts:
-        - mountPath: /config/
-          name: pe
-        image: {{ .Values.image.ubuntu }}
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: generate-ip-addr-txt
-      containers:
-      - command:
-        - /bin/bash
-        - ./do-start.sh
-        - pap
-        image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: pap
-        env:
-        - name: PRELOAD_POLICIES
-          value: "true"
-        ports:
-        - containerPort: 8443
-        - containerPort: 9091
-        readinessProbe:
-          tcpSocket:
-            port: 9091
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        - mountPath: /tmp/policy-install/config/
-          name: pe
-        - mountPath: /var/log/onap
-          name: policy-logs
-        - mountPath: /tmp/policy-install/logback.xml
-          name: policy-sdk-logback
-          subPath: logback.xml
-        - mountPath: /tmp/logback.xml
-          name: policy-logback
-          subPath: logback.xml
-        lifecycle:
-          postStart:
-            exec:
-              command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
-      - image: {{ .Values.image.filebeat }}
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: filebeat-onap
-        volumeMounts:
-        - mountPath: /usr/share/filebeat/filebeat.yml
-          name: filebeat-conf
-          subPath: filebeat.yml
-        - mountPath: /var/log/onap
-          name: policy-logs
-        - mountPath: /usr/share/filebeat/data
-          name: policy-data-filebeat
-      volumes:
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: filebeat-conf
-          configMap:
-            name: policy-filebeat-configmap
-        - name: policy-logs
-          emptyDir: {}
-        - name: policy-data-filebeat
-          emptyDir: {}
-        - name: policy-logback
-          configMap:
-            name: policy-pap-log-configmap
-        - name: policy-sdk-logback
-          configMap:
-            name: policy-sdk-log-configmap
-        - name: pe
-          configMap:
-            name: policy-dep-pe-configmap
-            defaultMode: 0755
-      imagePullSecrets:
-      - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-#{{ end }}
diff --git a/kubernetes/policy/templates/dep-pdp.yaml b/kubernetes/policy/templates/dep-pdp.yaml
deleted file mode 100644
index 6b28ed0..0000000
--- a/kubernetes/policy/templates/dep-pdp.yaml
+++ /dev/null
@@ -1,108 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyPdp }}
-apiVersion: extensions/v1beta1
-kind: Deployment
-metadata:
-  name: policy-pdp
-  namespace: "{{ .Values.nsPrefix }}"
-spec:
-  replicas: {{ .Values.pdpReplicas }}
-  selector:
-    matchLabels:
-      app: pdp
-  template:
-    metadata:
-      labels:
-        app: pdp
-      name: policy-pdp
-    spec:
-      initContainers:
-      - command:
-        - /root/ready.py
-        args:
-        - --container-name
-        - pap
-        env:
-        - name: NAMESPACE
-          valueFrom:
-            fieldRef:
-              apiVersion: v1
-              fieldPath: metadata.namespace
-        image: "{{ .Values.image.readiness }}:{{ .Values.image.readinessVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: pdp-readiness
-      containers:
-      - command:
-        - /bin/bash
-        - ./do-start.sh
-        - pdp
-        image: "{{ .Values.image.policyPe }}:{{ .Values.image.policyPeVersion }}"
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: pdp
-        ports:
-        - containerPort: 8081
-        readinessProbe:
-          tcpSocket:
-            port: 8081
-          initialDelaySeconds: 5
-          periodSeconds: 10
-        volumeMounts:
-        - mountPath: /etc/localtime
-          name: localtime
-          readOnly: true
-        - mountPath: /tmp/policy-install/config
-          name: pe
-        - mountPath: /var/log/onap
-          name: policy-logs
-        - mountPath:  /tmp/logback.xml
-          name: policy-logback
-          subPath: logback.xml
-        lifecycle:
-          postStart:
-            exec:
-              command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pdp/webapps/pdp/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
-      - image: {{ .Values.image.filebeat }}
-        imagePullPolicy: {{ .Values.pullPolicy }}
-        name: filebeat-onap
-        volumeMounts:
-        - mountPath: /usr/share/filebeat/filebeat.yml
-          name: filebeat-conf
-          subPath: filebeat.yml
-        - mountPath: /var/log/onap
-          name: policy-logs
-        - mountPath: /usr/share/filebeat/data
-          name: policy-data-filebeat
-      volumes:
-        - name: localtime
-          hostPath:
-            path: /etc/localtime
-        - name: filebeat-conf
-          configMap:
-            name: policy-filebeat-configmap
-        - name: policy-logs
-          emptyDir: {}
-        - name: policy-data-filebeat
-          emptyDir: {}
-        - name: policy-logback
-          configMap:
-            name: policy-pdp-log-configmap
-        - name: pe
-          configMap:
-            name: policy-dep-pe-configmap
-            defaultMode: 0755
-      imagePullSecrets:
-      - name: "{{ .Values.nsPrefix }}-docker-registry-key"
-#{{ end }}
diff --git a/kubernetes/policy/templates/deployment.yaml b/kubernetes/policy/templates/deployment.yaml
new file mode 100644
index 0000000..88b3de3
--- /dev/null
+++ b/kubernetes/policy/templates/deployment.yaml
@@ -0,0 +1,162 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: extensions/v1beta1
+kind: Deployment
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  replicas: {{ .Values.replicaCount }}
+  template:
+    metadata:
+      labels:
+        app: {{ include "common.name" . }}
+        release: {{ .Release.Name }}
+    spec:
+      initContainers:
+      - command:
+        - /root/ready.py
+        args:
+        - --container-name
+        - {{ .Values.global.mariadb.nameOverride }}
+        env:
+        - name: NAMESPACE
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: metadata.namespace
+        image: "{{ .Values.global.readinessRepository }}/{{ .Values.global.readinessImage }}"
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: {{ include "common.name" . }}-readiness
+      - command: ["/bin/bash", "-c", "echo $POD_IP > /config/ip_addr.txt"]
+        env:
+        - name: POD_IP
+          valueFrom:
+            fieldRef:
+              apiVersion: v1
+              fieldPath: status.podIP
+        volumeMounts:
+        - mountPath: /config/
+          name: pe
+        image: {{ .Values.global.ubuntuImage }}
+        imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+        name: generate-ip-addr-txt
+      containers:
+        - command:
+          - /bin/bash
+          - ./do-start.sh
+          - pap
+          name: {{ include "common.name" . }}
+          image: "{{ .Values.global.repository | default .Values.repository }}/{{ .Values.image }}"
+          imagePullPolicy: {{ .Values.global.pullPolicy | default .Values.pullPolicy }}
+          ports:
+          - containerPort: {{ .Values.service.externalPort }}
+          - containerPort: {{ .Values.service.externalPort2 }}
+          {{- if eq .Values.liveness.enabled true }}
+          livenessProbe:
+            tcpSocket:
+              port: {{ .Values.service.externalPort }}
+            initialDelaySeconds: {{ .Values.liveness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.liveness.periodSeconds }}
+          {{ end -}}
+          readinessProbe:
+            tcpSocket:
+              port: {{ .Values.service.externalPort }}
+            initialDelaySeconds: {{ .Values.readiness.initialDelaySeconds }}
+            periodSeconds: {{ .Values.readiness.periodSeconds }}
+          env:
+          - name: PRELOAD_POLICIES
+            value: "{{ .Values.config.preloadPolicies }}"
+          volumeMounts:
+          - mountPath: /etc/localtime
+            name: localtime
+            readOnly: true
+          - mountPath: /tmp/policy-install/config/base.conf
+            name: pe
+            subPath: base.conf
+          - mountPath: /tmp/policy-install/config/
+            name: pe-pap
+          - mountPath: /tmp/policy-install/do-start.sh
+            name: pe-scripts
+            subPath: do-start.sh
+          - mountPath: /var/log/onap
+            name: policy-logs
+          - mountPath: /tmp/policy-install/logback.xml
+            name: policy-sdk-logback
+            subPath: logback.xml
+          - mountPath: /tmp/logback.xml
+            name: policy-logback
+            subPath: logback.xml
+          lifecycle:
+            postStart:
+              exec:
+                command: ["/bin/sh", "-c", "export LOG=wait_logback.log; touch $LOG; export SRC=/tmp/logback.xml; export DST=/opt/app/policy/servers/pap/webapps/pap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; export SRC=/tmp/policy-install/logback.xml; export DST=/opt/app/policy/servers/console/webapps/onap/WEB-INF/classes/; while [ ! -e $DST ]; do echo 'Waiting for $DST...' >> $LOG; sleep 5; done; sleep 2; /bin/cp -f $SRC $DST; echo 'Done' >> $LOG"]
+        - image: "{{ .Values.global.loggingRepository | default .Values.loggingRepository }}/{{ .Values.global.loggingImage | default .Values.loggingImage }}"
+          imagePullPolicy: {{ .Values.pullPolicy }}
+          name: filebeat-onap
+          volumeMounts:
+          - mountPath: /usr/share/filebeat/filebeat.yml
+            name: filebeat-conf
+            subPath: filebeat.yml
+          - mountPath: /var/log/onap
+            name: policy-logs
+          - mountPath: /usr/share/filebeat/data
+            name: policy-data-filebeat
+          resources:
+{{ toYaml .Values.resources | indent 12 }}
+        {{- if .Values.nodeSelector }}
+        nodeSelector:
+{{ toYaml .Values.nodeSelector | indent 10 }}
+        {{- end -}}
+        {{- if .Values.affinity }}
+        affinity:
+{{ toYaml .Values.affinity | indent 10 }}
+        {{- end }}
+      volumes:
+        - name: localtime
+          hostPath:
+            path: /etc/localtime
+        - name: filebeat-conf
+          configMap:
+            name: {{ .Release.Name }}-filebeat-configmap
+        - name: policy-logs
+          emptyDir: {}
+        - name: policy-data-filebeat
+          emptyDir: {}
+        - name: policy-logback
+          configMap:
+            name: {{ include "common.fullname" . }}-log-configmap
+        - name: policy-sdk-logback
+          configMap:
+            name: {{ include "common.fullname" . }}-sdk-log-configmap
+        - name: pe
+          configMap:
+            name: {{ .Release.Name }}-pe-configmap
+            defaultMode: 0755
+        - name: pe-scripts
+          configMap:
+            name: {{ .Release.Name }}-pe-scripts-configmap
+            defaultMode: 0777
+        - name: pe-pap
+          configMap:
+            name: {{ include "common.fullname" . }}-pe-configmap
+            defaultMode: 0755
+      imagePullSecrets:
+      - name: "{{ include "common.namespace" . }}-docker-registry-key"
diff --git a/kubernetes/policy/templates/policy-log-configmap.yaml b/kubernetes/policy/templates/policy-log-configmap.yaml
deleted file mode 100644
index 3a62030..0000000
--- a/kubernetes/policy/templates/policy-log-configmap.yaml
+++ /dev/null
@@ -1,59 +0,0 @@
-# Copyright © 2017 Amdocs, Bell Canada
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#       http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-#{{ if not .Values.disablePolicyPap }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-pap-log-configmap
-  namespace: {{ .Values.nsPrefix }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/xacml-pap-rest/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-sdk-log-configmap
-  namespace: {{ .Values.nsPrefix }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/ep_sdk_app/*").AsConfig . | indent 2 }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-filebeat-configmap
-  namespace: {{ .Values.nsPrefix }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/filebeat/*").AsConfig . | indent 2 }}
-#{{ end }}
-#{{ if not .Values.disablePolicyPdp }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-pdp-log-configmap
-  namespace: {{ .Values.nsPrefix }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/xacml-pdp-rest/*").AsConfig . | indent 2 }}
-#{{ end }}
-#{{ if not .Values.disablePolicyDrools }}
----
-apiVersion: v1
-kind: ConfigMap
-metadata:
-  name: policy-drools-log-configmap
-  namespace: {{ .Values.nsPrefix }}
-data:
-{{ tpl (.Files.Glob "resources/config/log/drools/*").AsConfig . | indent 2 }}
-#{{ end }}
diff --git a/kubernetes/policy/templates/service.yaml b/kubernetes/policy/templates/service.yaml
new file mode 100644
index 0000000..4d79960
--- /dev/null
+++ b/kubernetes/policy/templates/service.yaml
@@ -0,0 +1,42 @@
+# Copyright © 2017 Amdocs, Bell Canada
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#       http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+apiVersion: v1
+kind: Service
+metadata:
+  name: {{ include "common.fullname" . }}
+  namespace: {{ include "common.namespace" . }}
+  labels:
+    app: {{ include "common.name" . }}
+    chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+    release: {{ .Release.Name }}
+    heritage: {{ .Release.Service }}
+spec:
+  type: {{ .Values.service.type }}
+  ports:
+    {{if eq .Values.service.type "NodePort" -}}
+    - port: {{ .Values.service.externalPort }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
+      name: {{ .Values.service.name }}-{{ .Values.service.externalPort }}
+    - port: {{ .Values.service.externalPort2 }}
+      nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
+      name: {{ .Values.service.name }}-{{ .Values.service.externalPort2 }}
+    {{- else -}}
+    - port: {{ .Values.service.externalPort }}
+      targetPort: {{ .Values.service.internalPort }}
+      name: {{ .Values.service.name }}
+    {{- end}}
+  selector:
+    app: {{ include "common.name" . }}
+    release: {{ .Release.Name }}
diff --git a/kubernetes/policy/values.yaml b/kubernetes/policy/values.yaml
index 49ad892..171ea10 100644
--- a/kubernetes/policy/values.yaml
+++ b/kubernetes/policy/values.yaml
@@ -12,33 +12,107 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-nsPrefix: onap
+#################################################################
+# Global configuration defaults.
+#################################################################
+global:
+  nodePortPrefix: 302
+  repositorySecret: eyJuZXh1czMub25hcC5vcmc6MTAwMDEiOnsidXNlcm5hbWUiOiJkb2NrZXIiLCJwYXNzd29yZCI6ImRvY2tlciIsImVtYWlsIjoiQCIsImF1dGgiOiJaRzlqYTJWeU9tUnZZMnRsY2c9PSJ9fQ==
+  readinessRepository: oomk8s
+  readinessImage: readiness-check:1.0.0
+  loggingRepository: docker.elastic.co
+  loggingImage: beats/filebeat:5.5.0
+  ubuntuImage: ubuntu:16.04
+  mariadb:
+    nameOverride: policydb
+  pdp:
+    nameOverride: pdp
+  pap:
+    nameOverride: pap
+  drools:
+    nameOverride: drools
+  brmwgw:
+    nameOverride: brmsgw
+  nexus:
+    nameOverride: nexus
+
+#################################################################
+# Application configuration defaults.
+#################################################################
+# application image
+repository: nexus3.onap.org:10001
+image: onap/policy-pe:1.2-SNAPSHOT-latest
 pullPolicy: Always
-nodePortPrefix: 302
 
-# POLICY hotfix - Note this must be temporary
-# See https://jira.onap.org/browse/POLICY-510
-aaiServiceClusterIp: 10.43.255.254
-brmsgwReplicas: 1
-droolsReplicas: 1
-mariadbReplicas: 1
-nexusReplicas: 1
-papReplicas: 1
-pdpReplicas: 1
-image:
-  readiness: oomk8s/readiness-check
-  readinessVersion: 1.1.0
-  policyPe: nexus3.onap.org:10001/onap/policy/policy-pe
-  policyPeVersion: v1.1.1
-  policyDrools: nexus3.onap.org:10001/onap/policy/policy-drools
-  policyDroolsVersion: v1.1.1
-  policyDb: nexus3.onap.org:10001/onap/policy/policy-db
-  policyDbVersion: v1.1.1
-  policyNexus: nexus3.onap.org:10001/onap/policy/policy-nexus
-  policyNexusVersion: v1.1.1
-  ubuntu: ubuntu:16.04
-  filebeat: docker.elastic.co/beats/filebeat:5.5.0
+subChartsOnly:
+  enabled: true
 
+nameOverride: pap
+
+pdp:
+  nameOverride: pdp
+mariadb:
+  nameOverride: policydb
+drools:
+  nameOverride: drools
+brmwgw:
+  nameOverride: brmsgw
+nexus:
+  nameOverride: nexus
+
+# flag to enable debugging - application support required
+debugEnabled: false
+
+# application configuration
+# Example:
 config:
-  logstashServiceName: log-ls
-  logstashPort: 5044
+  preloadPolicies: true
+
+# default number of instances
+replicaCount: 1
+
+nodeSelector: {}
+
+affinity: {}
+
+# probe configuration parameters
+liveness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+  # necessary to disable liveness probe when setting breakpoints
+  # in debugger so K8s doesn't restart unresponsive container
+  enabled: true
+
+readiness:
+  initialDelaySeconds: 10
+  periodSeconds: 10
+
+service:
+  type: NodePort
+  name: pap
+  externalPort: 8443
+  nodePort: 19
+  externalPort2: 9091
+  nodePort2: 18
+
+ingress:
+  enabled: false
+
+resources: {}
+  # We usually recommend not to specify default resources and to leave this as a conscious
+  # choice for the user. This also increases chances charts run on environments with little
+  # resources, such as Minikube. If you do want to specify resources, uncomment the following
+  # lines, adjust them as necessary, and remove the curly braces after 'resources:'.
+  #
+  # Example:
+  # Configure resource requests and limits
+  # ref: http://kubernetes.io/docs/user-guide/compute-resources/
+  # Minimum memory for development is 2 CPU cores and 4GB memory
+  # Minimum memory for production is 4 CPU cores and 8GB memory
+#resources:
+#  limits:
+#    cpu: 2
+#    memory: 4Gi
+#  requests:
+#    cpu: 2
+#    memory: 4Gi