telco-hub: policy name update

abraham2512 · abraham2512 · commit 5755a36d0489 · 2025-10-16T15:51:34.000-04:00
diff --git a/telco-hub/configuration/reference-crs/required/acm/observabilityRoutePolicy.yaml b/telco-hub/configuration/reference-crs/required/acm/observabilityRoutePolicy.yaml
@@ -2,65 +2,72 @@
 apiVersion: policy.open-cluster-management.io/v1
 kind: Policy
 metadata:
-    annotations:
-        policy.open-cluster-management.io/categories: CM Configuration Management
-        policy.open-cluster-management.io/controls: CM-2 Baseline Configuration
-        policy.open-cluster-management.io/standards: NIST SP 800-53
-        ran.openshift.io/ztp-deploy-wave: "1"
-    name: copy-acm-route
-    namespace: open-cluster-management-observability
+  annotations:
+    policy.open-cluster-management.io/categories: CM Configuration Management
+    policy.open-cluster-management.io/controls: CM-2 Baseline Configuration
+    policy.open-cluster-management.io/standards: NIST SP 800-53
+    ran.openshift.io/ztp-deploy-wave: "1"
+  name: obs-route-policy
+  namespace: open-cluster-management-observability
 spec:
-    remediationAction: enforce
-    disabled: false
-    policy-templates:
-        - objectDefinition:
-              apiVersion: policy.open-cluster-management.io/v1
-              kind: ConfigurationPolicy
-              metadata:
-                  name: copy-acm-route
-              spec:
-                  remediationAction: enforce
-                  severity: low
-                  namespaceselector:
-                      exclude:
-                          - kube-*
-                      include:
-                          - '*'
-                  object-templates-raw: |
-                    {{- range (lookup "cluster.open-cluster-management.io/v1" "ManagedCluster" "" "").items }}
-                    - metadataComplianceType: musthave
-                      objectDefinition:
-                        apiVersion: cluster.open-cluster-management.io/v1
-                        kind: ManagedCluster
-                        metadata:
-                          name: {{ .metadata.name }}
-                          annotations:
-                            acm-alertmanager-route: '{{ (lookup "route.openshift.io/v1" "Route" "open-cluster-management-observability" "alertmanager").spec.host }}'
-                    {{- end }}
+  remediationAction: enforce
+  disabled: false
+  policy-templates:
+    - objectDefinition:
+        apiVersion: policy.open-cluster-management.io/v1
+        kind: ConfigurationPolicy
+        metadata:
+          name: obs-route-policy
+        spec:
+          remediationAction: enforce
+          severity: low
+          namespaceSelector:
+            exclude:
+              - kube-*
+            include:
+              - '*'
+          object-templates-raw: |
+            {{- range (lookup "cluster.open-cluster-management.io/v1" "ManagedCluster" "" "").items }}
+            - metadataComplianceType: musthave
+              objectDefinition:
+                apiVersion: cluster.open-cluster-management.io/v1
+                kind: ManagedCluster
+                metadata:
+                  name: {{ .metadata.name }}
+                  annotations:
+                    acm-alertmanager-route: '{{ (lookup "route.openshift.io/v1" "Route" "open-cluster-management-observability" "alertmanager").spec.host }}'
+            {{- end }}
 ---
-apiVersion: apps.open-cluster-management.io/v1
-kind: PlacementRule
+apiVersion: cluster.open-cluster-management.io/v1beta1
+kind: Placement
 metadata:
-    name: copy-acm-route-placementrules
-    namespace: open-cluster-management-observability
+  name: obs-route-policy-placement
+  namespace: open-cluster-management-observability
 spec:
-    clusterSelector:
-        matchExpressions:
+  predicates:
+    - requiredClusterSelector:
+        labelSelector:
+          matchExpressions:
             - key: local-cluster
               operator: In
               values:
-                  - "true"
+                - "true"
+  tolerations:
+    - key: cluster.open-cluster-management.io/unavailable
+      operator: Exists
+    - key: cluster.open-cluster-management.io/unreachable
+      operator: Exists
 ---
 apiVersion: policy.open-cluster-management.io/v1
 kind: PlacementBinding
 metadata:
-    name: copy-acm-route-placementbinding
-    namespace: open-cluster-management-observability
+  name: obs-route-policy-placementbinding
+  namespace: open-cluster-management-observability
 placementRef:
-    name: copy-acm-route-placementrules
-    kind: PlacementRule
-    apiGroup: apps.open-cluster-management.io
+  name: obs-route-policy-placement
+  kind: Placement
+  apiGroup: cluster.open-cluster-management.io
 subjects:
-    - name: copy-acm-route
-      kind: Policy
-      apiGroup: policy.open-cluster-management.io
+  - name: obs-route-policy
+    kind: Policy
+    apiGroup: policy.open-cluster-management.io
diff --git a/telco-hub/configuration/reference-crs/required/acm/readme.md b/telco-hub/configuration/reference-crs/required/acm/readme.md
@@ -27,7 +27,6 @@
       Thanos secret.
 13. Create the `observabilityMCO.yaml`.
 14. When all the installation is done. Apply the `acmPerfSearch.yaml` .This will configure Search CR called `search-v2-operator` considering different performance and scale optimizations.
-15. When ACM Observability is configured on a managed cluster through the Core or RAN profile, the default ACM Observability configuration must be merged with the RAN monitoring tuning [ReduceMonitoringFootprint.yaml](../../../../../telco-ran/configuration/source-crs/ReduceMonitoringFootprint.yaml) or Core monitoring config [monitoring-config-cm.yaml](../../../../../telco-core/configuration/reference-crs/optional/other/monitoring-config-cm.yaml) respectively. To ensure that these changes persist, ACM has to stop managing the cluster-monitoring-config ConfigMap, which is set in this annotation [here](../../../../../telco-hub/configuration/reference-crs/required/acm/observabilityMCO.yaml#L13). Additionally, when mco-alerting is disabled, the [copy-acm-route](observabilityRoutePolicy.yaml) policy is provided for propagating the alertmanager route from the hub to all managedclusters.
+15. When ACM Observability is configured on a managed cluster through the Core or RAN profile, the default ACM Observability configuration must be merged with the RAN monitoring tuning [ReduceMonitoringFootprint.yaml](../../../../../telco-ran/configuration/source-crs/ReduceMonitoringFootprint.yaml) or Core monitoring config [monitoring-config-cm.yaml](../../../../../telco-core/configuration/reference-crs/optional/other/monitoring-config-cm.yaml) respectively. To ensure that these changes persist, ACM has to stop managing the cluster-monitoring-config ConfigMap, which is set in this annotation [here](../../../../../telco-hub/configuration/reference-crs/required/acm/observabilityMCO.yaml#L13). Additionally, when mco-alerting is disabled, the [obs-route-policy](observabilityRoutePolicy.yaml) is provided for propagating the alertmanager route from the hub acm route to all managedclusters through an annotation.
 
 Back to [Hub Cluster Setup](../../../../README.md).
-
