osdu-delfi updates

docs/api/partition_openapi.yaml

+swagger: '2.0'
+info:
+  description: API documentation for Partition service
+  version: '1.0.0'
+  title: Partition
+  contact:
+    name: OSDU Support
+    email: devportal-help@osdu.com
+  license:
+    name: Apache 2.0
+    url: 'http://www.apache.org/licenses/LICENSE-2.0'
+basePath: /api/partition/v1
+tags:
+  - name: partition-api
+    description: Partition Api
+  - name: health-check
+    description: Health Check
+paths:
+  /_ah/liveness_check:
+    get:
+      tags:
+        - health-check
+      summary: livenessCheck
+      operationId: livenessCheckUsingGET
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      responses:
+        '200':
+          description: OK
+          schema:
+            type: string
+        '401':
+          description: Unauthorized
+        '403':
+          description: Forbidden
+        '404':
+          description: Not Found
+      security:
+        - JWT:
+            - global
+  /_ah/readiness_check:
+    get:
+      tags:
+        - health-check
+      summary: readinessCheck
+      operationId: readinessCheckUsingGET
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      responses:
+        '200':
+          description: OK
+          schema:
+            type: string
+        '401':
+          description: Unauthorized
+        '403':
+          description: Forbidden
+        '404':
+          description: Not Found
+      security:
+        - JWT:
+            - global
+  '/partitions/{partitionId}':
+    get:
+      tags:
+        - partition-api
+      summary: get
+      operationId: getUsingGET
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      parameters:
+        - name: partitionId
+          in: path
+          description: partitionId
+          required: true
+          type: string
+      responses:
+        '200':
+          description: OK
+          schema:
+            $ref: '#/definitions/PartitionInfo'
+        '401':
+          description: Unauthorized
+        '403':
+          description: Forbidden
+        '404':
+          description: Not Found
+      security:
+        - JWT:
+            - global
+    post:
+      tags:
+        - partition-api
+      summary: create
+      operationId: createUsingPOST
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      parameters:
+        - name: partitionId
+          in: path
+          description: partitionId
+          required: true
+          type: string
+        - in: body
+          name: partitionInfo
+          description: partitionInfo
+          required: true
+          schema:
+            $ref: '#/definitions/PartitionInfo'
+      responses:
+        '200':
+          description: OK
+          schema:
+            $ref: '#/definitions/PartitionInfo'
+        '201':
+          description: Created
+        '401':
+          description: Unauthorized
+        '403':
+          description: Forbidden
+        '404':
+          description: Not Found
+      security:
+        - JWT:
+            - global
+    delete:
+      tags:
+        - partition-api
+      summary: delete
+      operationId: deleteUsingDELETE
+      consumes:
+        - application/json
+      produces:
+        - application/json
+      parameters:
+        - name: partitionId
+          in: path
+          description: partitionId
+          required: true
+          type: string
+      responses:
+        '204':
+          description: No Content
+        '401':
+          description: Unauthorized
+        '403':
+          description: Forbidden
+      security:
+        - JWT:
+            - global
+securityDefinitions:
+  JWT:
+    type: oauth2
+    name: Authorization
+    in: header
+definitions:
+  PartitionInfo:
+    type: object
+    properties:
+      labels:
+        type: object
+        description: 'Free form key value pair object for any data partition specific values'
+    example:
+      id: 'common'
+      compliance-ruleset: 'shared'
+      elastic-username: 'elastic'
+      cosmos-endpoint: 'https://ado-dev-n-abc123-cosmosdb.documents.azure.com:443/'
+      elastic-endpoint: 'https://partition-dev.evd.ece-osdu.cloud.osdu-ds.com:9243'
+      storage-account-name: 'myStorageAccount'
\ No newline at end of file

docs/tutorial/Partition.md

+## Partition Service
+
+## Table of Contents <a name="TOC"></a>
+* [Introduction](#introduction)
+* [Checking Service Health](#checking-service-health)
+* [Partition API access](#partition-api-access)
+* [APIs](#apis)
+    * [Get partition details](#get-partition)
+    * [Create a new partition](#create-partition)
+    * [Delete an existing partition](#delete-partition)
+
+## Introduction <a name="introduction"></a>
+Partition service is responsible for creating and retrieving the partition specific properties (secret and non-secret) on behalf of other services.
+
+## Health Check <a name="checking-service-health"></a>
+An endpoint to check if service is up and running.
+```
+GET api/partition/v1/_ah/liveness_check
+```
+<details><summary>curl</summary>
+
+```
+curl --request GET \
+  --url 'https://<base_url>/api/partition/v1/_ah/liveness_check'
+```
+</details>
+
+## Partition API access <a name="partition-api-access"></a>
+As Partition service APIs are mostly consumed by other services, API access is limited to admins/service accounts only.
+
+## APIs <a name="apis"></a>
+### Get partition details<a name="get-partition"></a>
+Consuming services can use this API to get details of a partition. Partition details consists of a set of key-value pairs of properties.
+```
+GET api/partition/v1/partitions/{partitionId}
+```
+<details><summary>curl</summary>
+
+```
+curl --request GET \
+  --url 'https://<base_url>/api/partition/v1/partitions/common' \
+  --header 'Authorization: Bearer <JWT>' \
+  --header 'Content-Type: application/json'
+```
+</details>
+
+A sample output is shown below.
+<details><summary>Sample response</summary>
+
+```
+{
+    "elastic-username": "elastic",
+    "elastic-endpoint": "test-elastic-endpoint",
+    "compliance-ruleset": "shared",
+    "storage-account-name": "sampleAcc",
+    "elastic-password": "test-password",
+    "storage-account-key": "sampleKey",
+    "id": "common"
+}
+```
+
+</details>
+
+[Back to Table of Contents](#TOC)
+
+### Create a new partition<a name="create-partition"></a>
+This api can be used to create a new partition. A plausible use case would be partition provisioning infrastructure script.
+```
+POST api/partition/v1/partitions/{partitionId}
+```
+<details><summary>curl</summary>
+
+```
+curl --request POST \
+  --url 'https://<base_url>/api/partition/v1/partitions/mypartition' \
+  --header 'Authorization: Bearer <JWT>' \
+  --header 'Content-Type: application/json' \
+  --data-raw '{
+      "properties":
+      {
+          "elasticPassword": "test-password",
+          "elasticUsername": "elastic",
+          "elasticEndpoint": "test-elastic-endpoint",
+          "complianceRuleSet": "shared",
+          "storageAccountKey": "test-storage-key",
+          "id": "mypartition"
+      }
+  }'
+```
+</details>
+
+### Delete an existing partition<a name="delete-partition"></a>
+This api is used to delete an existing partition. A plausible use case would be partition teardown infrastructure script.
+```
+DELETE api/partition/v1/partitions/{partitionId}
+```
+<details><summary>curl</summary>
+
+```
+curl --request DELETE \
+  --url 'https://<base_url>/api/partition/v1/partitions/mypartition' \
+  --header 'Authorization: Bearer <JWT>' \
+  --header 'Content-Type: application/json'
+```
+</details>
\ No newline at end of file

maven/settings.xml

+<?xml version="1.0" encoding="UTF-8"?>
+<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
+          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
+    <servers>
+        <server>
+            <id>os-core</id>
+            <username>os-core</username>
+            <password>${VSTS_FEED_TOKEN}</password>
+        </server>
+    </servers>
+</settings>
\ No newline at end of file

partition-core/src/main/java/org/opengroup/osdu/partition/api/HealthCheck.java

@@ -21,7 +21,7 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
 @RestController
-@RequestMapping("/_ah")
+@RequestMapping(path= "/_ah", produces = "application/json")
 public class HealthCheck {
 
     @GetMapping("/liveness_check")

partition-core/src/main/java/org/opengroup/osdu/partition/api/PartitionApi.java

@@ -17,6 +17,7 @@ package org.opengroup.osdu.partition.api;
 import org.opengroup.osdu.partition.model.PartitionInfo;
 import org.opengroup.osdu.partition.provider.interfaces.IPartitionService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.*;
@@ -27,10 +28,11 @@ import java.util.Map;
 
 @RestController
 @RequestScope
-@RequestMapping("/partitions")
+@RequestMapping(path = "/partitions", produces = "application/json")
 public class PartitionApi {
 
     @Autowired
+    @Qualifier("cachedPartitionServiceImpl")
     private IPartitionService partitionService;
 
     @PostMapping("/{partitionId}")

partition-core/src/main/java/org/opengroup/osdu/partition/provider/interfaces/IPartitionServiceCache.java

+// Copyright 2017-2020, Schlumberger
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.opengroup.osdu.partition.provider.interfaces;
+
+import org.opengroup.osdu.core.common.cache.ICache;
+import org.opengroup.osdu.partition.model.PartitionInfo;
+
+public interface IPartitionServiceCache extends ICache<String, PartitionInfo> {
+}

partition-core/src/main/java/org/opengroup/osdu/partition/service/CachedPartitionServiceImpl.java

+// Copyright 2017-2020, Schlumberger
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.opengroup.osdu.partition.service;
+
+import org.opengroup.osdu.partition.model.PartitionInfo;
+import org.opengroup.osdu.partition.provider.interfaces.IPartitionService;
+import org.opengroup.osdu.partition.provider.interfaces.IPartitionServiceCache;
+import org.springframework.beans.factory.annotation.Qualifier;
+import org.springframework.stereotype.Service;
+
+import javax.inject.Inject;
+
+@Service
+public class CachedPartitionServiceImpl implements IPartitionService {
+
+    @Inject
+    @Qualifier("partitionServiceImpl")
+    private IPartitionService partitionService;
+
+    @Inject
+    private IPartitionServiceCache partitionServiceCache;
+
+    @Override
+    public PartitionInfo createPartition(String partitionId, PartitionInfo partitionInfo) {
+        PartitionInfo pi = partitionService.createPartition(partitionId, partitionInfo);
+
+        if (pi != null) {
+            partitionServiceCache.put(partitionId, partitionInfo);
+        }
+
+        return pi;
+    }
+
+    @Override
+    public PartitionInfo getPartition(String partitionId) {
+        PartitionInfo pi = partitionServiceCache.get(partitionId);
+
+        if (pi == null) {
+            pi = partitionService.getPartition(partitionId);
+
+            if (pi != null) {
+                partitionServiceCache.put(partitionId, pi);
+            }
+        }
+
+        return pi;
+    }
+
+    @Override
+    public boolean deletePartition(String partitionId) {
+        if (partitionService.deletePartition(partitionId)) {
+            if (partitionServiceCache.get(partitionId) != null) {
+                partitionServiceCache.delete(partitionId);
+            }
+
+            return true;
+        }
+
+        return false;
+    }
+}

partition-core/src/test/java/org/opengroup/osdu/partition/service/CachedPartitionServiceImplTest.java

+// Copyright 2017-2020, Schlumberger
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package org.opengroup.osdu.partition.service;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.InjectMocks;
+import org.mockito.Mock;
+import org.mockito.junit.MockitoJUnitRunner;
+import org.opengroup.osdu.partition.model.PartitionInfo;
+import org.opengroup.osdu.partition.provider.interfaces.IPartitionService;
+import org.opengroup.osdu.partition.provider.interfaces.IPartitionServiceCache;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.*;
+
+@RunWith(MockitoJUnitRunner.class)
+public class CachedPartitionServiceImplTest {
+
+    @Mock
+    private IPartitionService partitionServiceImpl;
+
+    @Mock
+    private IPartitionServiceCache partitionServiceCache;
+
+    @InjectMocks
+    private CachedPartitionServiceImpl cachedPartitionServiceImpl;
+
+    @Test
+    public void createPartitionSucceed() {
+        String partId = "key";
+
+        PartitionInfo newPi = PartitionInfo.builder().build();
+        PartitionInfo retPi = PartitionInfo.builder().build();
+
+        when(partitionServiceImpl.createPartition(partId, newPi)).thenReturn(retPi);
+
+        cachedPartitionServiceImpl.createPartition(partId, newPi);
+
+        verify(partitionServiceImpl, times(1)).createPartition(partId, newPi);
+        verify(partitionServiceCache, times(1)).put(partId, retPi);
+    }
+
+    @Test
+    public void createPartitionFailed() {
+        String partId = "key";
+        PartitionInfo newPi = PartitionInfo.builder().build();
+
+        when(partitionServiceImpl.createPartition(partId, newPi)).thenReturn(null);
+
+        cachedPartitionServiceImpl.createPartition(partId, newPi);
+
+        verify(partitionServiceImpl, times(1)).createPartition(partId, newPi);
+        verify(partitionServiceCache, times(0)).put(any(), any());
+        verify(partitionServiceCache, times(0)).get(any());
+    }
+
+    @Test
+    public void getPartition() {
+        String partId = "key";
+
+        PartitionInfo retPi = PartitionInfo.builder().build();
+
+        when(partitionServiceImpl.getPartition(partId)).thenReturn(retPi);
+
+        cachedPartitionServiceImpl.getPartition(partId);
+
+        verify(partitionServiceCache, times(1)).get(partId);
+        verify(partitionServiceImpl, times(1)).getPartition(partId);
+        verify(partitionServiceCache, times(1)).put(partId, retPi);
+    }
+
+    @Test
+    public void deletePartition() {
+        String partId = "key";
+        PartitionInfo retPi = PartitionInfo.builder().build();
+
+        when(partitionServiceImpl.deletePartition(partId)).thenReturn(true);
+        when(partitionServiceCache.get(partId)).thenReturn(retPi);
+
+        cachedPartitionServiceImpl.deletePartition(partId);
+
+        verify(partitionServiceImpl, times(1)).deletePartition(partId);
+        verify(partitionServiceCache, times(1)).delete(partId);
+        verify(partitionServiceCache, times(1)).get(partId);
+    }
+
+}
\ No newline at end of file

provider/partition-azure/redis-deployment/master-deployment.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis-partition-master
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis-partition-master
+  template:
+    metadata:
+      name: redis-partition-master
+      labels:
+        app: redis-partition-master
+        master: "true"
+    spec:
+      volumes:
+      - hostPath:
+          path: /tmp/data/1
+        name: redis-directory-binding
+
+      restartPolicy: Always
+
+      containers:
+        - name: redis-partition-master
+          image: delfi.azurecr.io/redis-partition-cluster:latest
+
+          resources:
+            requests:
+              memory: "100Mi"
+              cpu: .2
+            limits:
+              memory: "200Mi"
+              cpu: .5
+
+          imagePullPolicy: Always
+
+          ports:
+          - containerPort: 6379
+
+          volumeMounts:
+          - mountPath: /redis-data
+            name: redis-directory-binding
+            readOnly: false
+
+          env:
+          - name: MASTER
+            value: "true"
+      imagePullSecrets:
+        - name: acr
\ No newline at end of file

provider/partition-azure/redis-deployment/redis-docker/Dockerfile

+FROM redis:latest
+
+MAINTAINER Alok Joshi
+
+RUN apt-get install bash \
+    sed
+
+RUN mkdir /redis-master && \
+    mkdir /redis-slave
+
+COPY redis-master.conf /redis-master/redis.conf
+COPY redis-slave.conf /redis-slave/redis.conf
+COPY entrypoint.sh /entrypoint.sh
+
+RUN chmod 777 /entrypoint.sh
+
+CMD [ "/entrypoint.sh" ]
+
+ENTRYPOINT [ "bash", "-c" ]
\ No newline at end of file

provider/partition-azure/redis-deployment/redis-docker/build-and-push.sh

+#!/bin/bash
+
+set -e
+
+export imageName="redis-partition-cluster"
+export tag="v1"
+
+docker login -u ${dockerId} -p ${dockerPassword} ${dockerId}.azurecr.io
+docker build -t ${dockerId}.azurecr.io/${imageName}:${tag} .
+echo 'Image built'
+
+docker push ${dockerId}.azurecr.io/${imageName}
+docker tag ${dockerId}.azurecr.io/${imageName}:${tag} ${dockerId}.azurecr.io/${imageName}:latest
+
+echo 'Added ${dockerId}.azurecr.io/${imageName}:latest tag to ${dockerId}.azurecr.io/${imageName}:${tag}'
+docker push ${dockerId}.azurecr.io/${imageName}:${tag}
+
+echo 'Pushing ${dockerId}.azurecr.io/${imageName}:${tag}'
+docker push ${dockerId}.azurecr.io/${imageName}:latest
+echo 'Pushed ${dockerId}.azurecr.io/${imageName}:latest'
\ No newline at end of file

provider/partition-azure/redis-deployment/redis-docker/entrypoint.sh

+#!/bin/bash
+
+#  @Description:
+#    Entrypoint script for deploying redis HA via Sentinel in a kubernetes cluster
+#    This script expects following environment variables to be set,
+#    1. SENTINEL: true if this is sentinel instance, else false.
+#    2. MASTER: true if this is master instance, this is helpful when starting the cluster for the first time.
+#    3. REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_HOST: this is service name of sentinel, check the yaml.
+#    4. REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_PORT: this is service port of sentinel.
+#    5. REDIS_HA_CLUSTER_STARTUP_REDIS_MASTER_SERVICE_SERVICE_HOST: this is master's service name, this is needed when sentinel starts for the first time.
+#    6. REDIS_HA_CLUSTER_STARTUP_REDIS_MASTER_SERVICE_SERVICE_PORT: this is master's port, is needed when sentinel starts for the first time.
+
+#  This method launches redis instance which assumes itself as master
+function launchmaster() {
+  echo "Starting Redis instance as Master.."
+
+  echo "while true; do   sleep 2;   export master=\$(hostname -i);   echo \"Master IP is Me : \${master}\";   echo \"Setting STARTUP_MASTER_IP in redis\";   redis-cli -a ${REDIS_DEFAULT_PASSWORD} -h \${master} set STARTUP_MASTER_IP \${master};   if [ \$? == \"0\" ]; then     echo \"Successfully set STARTUP_MASTER_IP\";     break;   fi;   echo \"Connecting to master \${master} failed.  Waiting...\";   sleep 5; done" > insert_master_ip.sh
+
+  bash insert_master_ip.sh &
+
+  sed -i "s/REDIS_DEFAULT_PASSWORD/${REDIS_DEFAULT_PASSWORD}/" /redis-master/redis.conf
+  redis-server /redis-master/redis.conf --protected-mode no
+
+}
+
+#  This method launches sentinels
+function launchsentinel() {
+  echo "Starting Sentinel.."
+  sleep_for_rand_int=$(awk -v min=2 -v max=7 'BEGIN{srand(); print int(min+rand()*(max-min+1))}')
+  sleep ${sleep_for_rand_int}
+
+  while true; do
+    echo "Trying to connect to Sentinel Service"
+    master=$(redis-cli -h ${REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_HOST} -p ${REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_PORT} --csv SENTINEL get-master-addr-by-name mymaster | tr ',' ' ' | cut -d' ' -f1)
+    if [[ -n ${master} ]]; then
+      echo "Connected to Sentinel Service and retrieved Redis Master IP as ${master}"
+      master="${master//\"}"
+    else
+      echo "Unable to connect to Sentinel Service, probably because I am first Sentinel to start. I will try to find STARTUP_MASTER_IP from the redis service"
+      master=$(redis-cli -a ${REDIS_DEFAULT_PASSWORD} -h ${REDIS_HA_CLUSTER_STARTUP_REDIS_MASTER_SERVICE_SERVICE_HOST} -p ${REDIS_HA_CLUSTER_STARTUP_REDIS_MASTER_SERVICE_SERVICE_PORT} get STARTUP_MASTER_IP)
+      if [[ -n ${master} ]]; then
+        echo "Retrieved Redis Master IP as ${master}"
+      else
+        echo "Unable to retrieve Master IP from the redis service. Waiting..."
+        sleep 10
+        continue
+      fi
+    fi
+
+    redis-cli -a ${REDIS_DEFAULT_PASSWORD} -h ${master} INFO
+    if [[ "$?" == "0" ]]; then
+      break
+    fi
+    echo "Connecting to master failed.  Waiting..."
+    sleep 10
+  done
+
+  sentinel_conf=sentinel.conf
+
+  echo "sentinel monitor mymaster ${master} 6379 2" > ${sentinel_conf}
+  echo "sentinel down-after-milliseconds mymaster 5000" >> ${sentinel_conf}
+  echo "sentinel failover-timeout mymaster 60000" >> ${sentinel_conf}
+  echo "sentinel parallel-syncs mymaster 1" >> ${sentinel_conf}
+  echo "bind 0.0.0.0" >> ${sentinel_conf}
+  echo "sentinel auth-pass mymaster ${REDIS_DEFAULT_PASSWORD}" >> ${sentinel_conf}
+
+  redis-sentinel ${sentinel_conf} --protected-mode no
+}
+
+#  This method launches slave instances
+function launchslave() {
+  echo "Starting Redis instance as Slave , Master IP $1"
+
+  while true; do
+    echo "Trying to retrieve the Master IP again, in case of failover master ip would have changed."
+    master=$(redis-cli -h ${REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_HOST} -p ${REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_PORT} --csv SENTINEL get-master-addr-by-name mymaster | tr ',' ' ' | cut -d' ' -f1)
+    if [[ -n ${master} ]]; then
+      master="${master//\"}"
+    else
+      echo "Failed to find master."
+      sleep 60
+      continue
+    fi
+    redis-cli -a ${REDIS_DEFAULT_PASSWORD} -h ${master} INFO
+    if [[ "$?" == "0" ]]; then
+      break
+    fi
+    echo "Connecting to master failed.  Waiting..."
+    sleep 10
+  done
+
+  sed -i "s/%master-ip%/${master}/" /redis-slave/redis.conf
+  sed -i "s/%master-port%/6379/" /redis-slave/redis.conf
+  sed -i "s/REDIS_DEFAULT_PASSWORD/${REDIS_DEFAULT_PASSWORD}/" /redis-slave/redis.conf
+  redis-server /redis-slave/redis.conf --protected-mode no
+}
+
+
+#  This method launches either slave or master based on some parameters
+function launchredis() {
+  echo "Launching Redis instance"
+
+  # Loop till I am able to launch slave or master
+  while true; do
+    # I will check if sentinel is up or not by connecting to it.
+    echo "Trying to connect to sentinel, to retireve master's ip"
+    master=$(redis-cli -h ${REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_HOST} -p ${REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_PORT} --csv SENTINEL get-master-addr-by-name mymaster | tr ',' ' ' | cut -d' ' -f1)
+
+    # Is this instance marked as MASTER, it will matter only when the cluster is starting up for first time.
+    if [[ "${MASTER}" == "true" ]]; then
+      echo "MASTER is set to true"
+      # If I am able get master ip, then i will connect to the master, else i will asume the role of master
+      if [[ -n ${master} ]]; then
+        echo "Connected to Sentinel, this means it is not first time start, hence will start as a slave"
+        launchslave ${master}
+        exit 0
+      else
+        launchmaster
+        exit 0
+      fi
+    fi
+
+    # If I am not master, then i am definitely slave.
+    if [[ -n ${master} ]]; then
+      echo "Connected to Sentinel and Retrieved Master IP ${master}"
+      launchslave ${master}
+      exit 0
+    else
+      echo "Connecting to sentinel failed, Waiting..."
+      sleep 10
+    fi
+  done
+}
+
+export REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_HOST="redis-partition-sentinel-service"
+export REDIS_HA_CLUSTER_SENTINEL_SERVICE_SERVICE_PORT="26379"
+export REDIS_HA_CLUSTER_STARTUP_REDIS_MASTER_SERVICE_SERVICE_HOST="redis-partition-master-service"
+export REDIS_HA_CLUSTER_STARTUP_REDIS_MASTER_SERVICE_SERVICE_PORT="6379"
+
+# TODO: should not be hardcoded
+export REDIS_DEFAULT_PASSWORD="admin"
+
+if [[ "${SENTINEL}" == "true" ]]; then
+  launchsentinel
+  exit 0
+fi
+
+launchredis
\ No newline at end of file

provider/partition-azure/redis-deployment/redis-service.yaml

+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    name: redis-partition-sentinel-service
+  name: redis-partition-sentinel-service
+spec:
+  ports:
+  - port: 26379
+  selector:
+    app: redis-partition-sentinel
+
+---
+
+apiVersion: v1
+kind: Service
+metadata:
+  labels:
+    name: redis-partition-master-service
+  name: redis-partition-master-service
+spec:
+  ports:
+  - port: 6379
+  selector:
+    app: redis-partition-master
\ No newline at end of file

provider/partition-azure/redis-deployment/sentinel-deployment.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis-partition-sentinel
+spec:
+  replicas: 3
+  selector:
+    matchLabels:
+      app: redis-partition-sentinel
+  template:
+    metadata:
+      name: redis-partition-sentinel
+      labels:
+        app: redis-partition-sentinel
+    spec:
+      restartPolicy: Always
+
+      containers:
+        - name: redis-partition-sentinel
+          image: delfi.azurecr.io/redis-partition-cluster:latest
+
+          resources:
+            requests:
+              memory: "100Mi"
+              cpu: .2
+            limits:
+              memory: "200Mi"
+              cpu: .5
+
+          imagePullPolicy: Always
+
+          ports:
+          - containerPort: 26379
+
+          env:
+          - name: SENTINEL
+            value: "true"
+      imagePullSecrets:
+       - name: acr
\ No newline at end of file

provider/partition-azure/redis-deployment/slave-deployment.yaml

+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: redis-partition-slave
+spec:
+  replicas: 1
+  selector:
+    matchLabels:
+      app: redis-partition-slave
+  template:
+    metadata:
+      name: redis-partition-slave
+      labels:
+        app: redis-partition-slave
+        slave: "true"
+    spec:
+      volumes:
+      - hostPath:
+          path: /tmp/data/2
+        name: redis-directory-binding
+
+      restartPolicy: Always
+
+      containers:
+        - name: redis-partition-slave
+          image: delfi.azurecr.io/redis-partition-cluster:latest
+
+          resources:
+            requests:
+              memory: "100Mi"
+              cpu: .2
+            limits:
+              memory: "200Mi"
+              cpu: .5
+
+          imagePullPolicy: Always
+
+          ports:
+          - containerPort: 6379
+
+          volumeMounts:
+          - mountPath: /redis-data
+            name: redis-directory-binding
+            readOnly: false
+      imagePullSecrets:
+        - name: acr
\ No newline at end of file

provider/partition-azure/src/main/java/org/opengroup/osdu/partition/provider/azure/service/PartitionServiceCacheImpl.java

+package org.opengroup.osdu.partition.provider.azure.service;
+
+import org.opengroup.osdu.core.common.cache.RedisCache;
+import org.opengroup.osdu.partition.model.PartitionInfo;
+import org.opengroup.osdu.partition.provider.interfaces.IPartitionServiceCache;
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.stereotype.Service;
+
+@Service
+public class PartitionServiceCacheImpl extends RedisCache<String, PartitionInfo> implements IPartitionServiceCache {
+    public PartitionServiceCacheImpl(@Value("${REDIS_HOST}") final String host
+            , @Value("${REDIS_PORT}") final int port) {
+        super(host, port, 60*60, String.class, PartitionInfo.class);
+    }
+}

provider/partition-azure/src/main/java/org/opengroup/osdu/partition/provider/azure/service/PartitionServiceImpl.java

@@ -36,6 +36,9 @@ public class PartitionServiceImpl implements IPartitionService {
     @Autowired
     private ThreadPoolService threadPoolService;
 
+    private static final String APP_DEV_SP_USERNAME = "app-dev-sp-username";
+    private static final String SERVICE_PRINCIPAL_ID = "sp-appid";
+
     @Override
     public PartitionInfo createPartition(String partitionId, PartitionInfo partitionInfo) {
         if (this.partitionExists(partitionId)) {
@@ -91,6 +94,7 @@ public class PartitionServiceImpl implements IPartitionService {
             String outKey = key.replaceFirst(String.format("%s-", partitionId), "");
             out.put(outKey, KeyVaultFacade.getKeyVaultSecret(this.secretClient, key));
         }
+        out.put(SERVICE_PRINCIPAL_ID, KeyVaultFacade.getKeyVaultSecret(this.secretClient, APP_DEV_SP_USERNAME));
         return out;
     }
 

provider/partition-azure/src/main/resources/application.properties

@@ -24,4 +24,8 @@ azure.application-insights.instrumentation-key=${appinsights_key}
 # Azure service connection properties
 AZURE_CLIENT_ID=${AZURE_CLIENT_ID}
 AZURE_CLIENT_SECRET=${AZURE_CLIENT_SECRET}
-AZURE_TENANT_ID=${AZURE_TENANT_ID}
+AZURE_TENANT_ID=${AZURE_TENANT_ID}
\ No newline at end of file
+
+# Redis cluster properties
+REDIS_HOST=${REDIS_PARTITION_HOST:127.0.0.1}
+REDIS_PORT=${REDIS_PARTITION_PORT:6379}
\ No newline at end of file