diff options
Diffstat (limited to 'auth/docker')
-rw-r--r-- | auth/docker/.gitignore | 1 | ||||
-rw-r--r-- | auth/docker/Dockerfile.client | 15 | ||||
-rw-r--r-- | auth/docker/Dockerfile.config | 5 | ||||
-rw-r--r-- | auth/docker/README.txt | 21 | ||||
-rw-r--r-- | auth/docker/aaf.props | 11 | ||||
-rw-r--r-- | auth/docker/aaf.sh | 16 | ||||
-rw-r--r-- | auth/docker/agent.sh | 69 | ||||
-rw-r--r-- | auth/docker/d.props.init | 9 | ||||
-rw-r--r-- | auth/docker/dbounce.sh | 4 | ||||
-rwxr-xr-x | auth/docker/dbuild.sh | 14 | ||||
-rw-r--r-- | auth/docker/dclean.sh | 1 |
11 files changed, 146 insertions, 20 deletions
diff --git a/auth/docker/.gitignore b/auth/docker/.gitignore index a03737d0..c058b043 100644 --- a/auth/docker/.gitignore +++ b/auth/docker/.gitignore @@ -1,2 +1,3 @@ local d.props +aaf.props diff --git a/auth/docker/Dockerfile.client b/auth/docker/Dockerfile.client new file mode 100644 index 00000000..64ed4c03 --- /dev/null +++ b/auth/docker/Dockerfile.client @@ -0,0 +1,15 @@ +FROM rmannfv/aaf-base:xenial +MAINTAINER AAF Team, AT&T 2018 +ENV VERSION=${AAF_VERSION} + +LABEL description="aaf_agent" +LABEL version=${AAF_VERSION} + +COPY logs /opt/app/aaf_config/logs +COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh +COPY bin/aaf-cadi*full.jar /opt/app/aaf_config/bin/ +COPY public/*all.jks /opt/app/aaf_config/public/ + +ENTRYPOINT ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"] +CMD [] + diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config index 1855fae2..60e82ad1 100644 --- a/auth/docker/Dockerfile.config +++ b/auth/docker/Dockerfile.config @@ -2,7 +2,7 @@ FROM rmannfv/aaf-base:xenial MAINTAINER AAF Team, AT&T 2018 ENV VERSION=${AAF_VERSION} -LABEL description="aaf_agent" +LABEL description="aaf_config" LABEL version=${AAF_VERSION} COPY data/sample.identities.dat /opt/app/aaf_config/data/ @@ -10,7 +10,8 @@ COPY etc /opt/app/aaf_config/etc COPY local /opt/app/aaf_config/local COPY public /opt/app/aaf_config/public COPY logs /opt/app/aaf_config/logs -COPY bin /opt/app/aaf_config/bin +COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh +COPY bin/aaf-cadi-aaf-${VERSION}-full.jar /opt/app/aaf_config/bin/ ENTRYPOINT ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"] CMD [] diff --git a/auth/docker/README.txt b/auth/docker/README.txt index 32ed3489..3eb554b1 100644 --- a/auth/docker/README.txt +++ b/auth/docker/README.txt @@ -1,24 +1,33 @@ +# +# Edit the following in <your ONAP authz dir>/auth/sample/local +# +aaf.props +org.osaaf.aaf.cm.ca.props (leave out Password) + +# cd to main docker dir +cd ../../docker + # Start the container in bash mode, so it stays up sh agent.sh bash - # in another shell, find out your Container name docker container ls | grep aaf_agent +# CD to directory with CA info in it. +# (example) +cd /opt/app/osaaf/CA/intermediate_7 + # copy keystore for this AAF Env -docker container cp -L org.osaaf.aaf.p12 <Your Container>:/opt/app/osaaf/local +docker container cp -L org.osaaf.aaf.p12 aaf_agent_<Your ID>:/opt/app/osaaf/local # (in Agent Window) agent encrypt cadi_keystore_password # If you intend to use Certman to sign certs, it is a "local" CA # copy Signing Keystore into container -docker container cp -L org.osaaf.aaf.signer.p12 <Your Container>:/opt/app/osaaf/local +docker container cp -L org.osaaf.aaf.signer.p12 aaf_agent_<Your ID>:/opt/app/osaaf/local # (in Agent Window) agent encrypt cm_ca.local -# Add in Cassandra Password -agent encrypt cassandra.clusters.password - # Check to make sure all passwords are set grep "enc:" *.props diff --git a/auth/docker/aaf.props b/auth/docker/aaf.props new file mode 100644 index 00000000..5c654806 --- /dev/null +++ b/auth/docker/aaf.props @@ -0,0 +1,11 @@ +VERSION=2.1.2-SNAPSHOT +AAF_FQDN=meriadoc.mithril.sbc.com +DEPLOY_FQI=deployer@people.osaaf.org +APP_FQDN=meriadoc.mithril.sbc.com +APP_FQI=clamp@clamp.onap.org +VOLUME=clamp_aaf +DRIVER=local +LATITUDE=38.432899 +LONGITUDE=-90.43248 +AAF_AAF_FQDN_IP=192.168.99.100 +DEPLOY_PASSWORD=demo123456! diff --git a/auth/docker/aaf.sh b/auth/docker/aaf.sh new file mode 100644 index 00000000..441cf2b4 --- /dev/null +++ b/auth/docker/aaf.sh @@ -0,0 +1,16 @@ +#!/bin/bash +. ./d.props + +docker run \ + -it \ + --rm \ + --mount 'type=volume,src=aaf_config,dst='$CONF_ROOT_DIR',volume-driver=local' \ + --add-host="$HOSTNAME:$HOST_IP" \ + --add-host="aaf.osaaf.org:$HOST_IP" \ + --env AAF_ENV=${AAF_ENV} \ + --env AAF_REGISTER_AS=${AAF_REGISTER_AS} \ + --env LATITUDE=${LATITUDE} \ + --env LONGITUDE=${LONGITUDE} \ + --name aaf_config_$USER \ + ${ORG}/${PROJECT}/aaf_config:${VERSION} \ + /bin/bash "$@" diff --git a/auth/docker/agent.sh b/auth/docker/agent.sh index f734c629..aa3db663 100644 --- a/auth/docker/agent.sh +++ b/auth/docker/agent.sh @@ -1,12 +1,71 @@ #!/bin/bash -. ./d.props + +CADI_VERSION=2.1.2-SNAPSHOT + +# Fill out "aaf.props" if not filled out already +if [ ! -e aaf.props ]; then + > ./aaf.props +fi +for V in VERSION AAF_FQDN DEPLOY_FQI APP_FQDN APP_FQI VOLUME DRIVER LATITUDE LONGITUDE; do + if [ "$(grep $V ./aaf.props)" = "" ]; then + unset DEF + case $V in + AAF_FQDN) PROMPT="AAF's FQDN";; + DEPLOY_FQI) PROMPT="Deployer's FQI";; + APP_FQI) PROMPT="App's FQI";; + APP_FQDN) PROMPT="App's Root FQDN";; + VOLUME) PROMPT="APP's AAF Configuration Volume";; + DRIVER) PROMPT=$V;DEF=local;; + VERSION) PROMPT="CADI Version";DEF=$CADI_VERSION;; + LATITUDE|LONGITUDE) PROMPT="$V of Node";; + *) PROMPT=$V;; + esac + if [ "$DEF" = "" ]; then + PROMPT="$PROMPT: " + else + PROMPT="$PROMPT ($DEF): " + fi + read -p "$PROMPT" VAR + if [ "$VAR" = "" ]; then + if [ "$DEF" = "" ]; then + echo "agent.sh needs each value queried. Please start again." + exit + else + VAR=$DEF + fi + fi + echo "$V=$VAR" >> ./aaf.props + fi +done +. ./aaf.props + +# Need AAF_FQDN's IP, because not might not be available in mini-container +if [ "$AAF_AAF_FQDN_IP" = "" ]; then + AAF_AAF_FQDN_IP=$(host $AAF_FQDN | grep "has address" | tail -1 | cut -f 4 -d ' ') + if [ "$AAF_AAF_FQDN_IP" = "" ]; then + read -p "IP of $AAF_FQDN: " AAF_AAF_FQDN_IP + echo "AAF_AAF_FQDN_IP=$AAF_AAF_FQDN_IP" >> ./aaf.props + fi +fi + +# Make sure Container Volume exists +if [ "$(docker volume ls | grep ${VOLUME})" = "" ]; then + echo -n "Creating Volume: " + docker volume create -d ${DRIVER} ${VOLUME} +fi docker run \ -it \ --rm \ - --mount 'type=volume,src=aaf_config,dst='$CONF_ROOT_DIR',volume-driver=local' \ - --add-host="$HOSTNAME:$HOST_IP" \ - --add-host="aaf.osaaf.org:$HOST_IP" \ + --mount 'type=volume,src='${VOLUME}',dst=/opt/app/osaaf,volume-driver='${DRIVER} \ + --add-host="$AAF_FQDN:$AAF_AAF_FQDN_IP" \ + --env AAF_FQDN=${AAF_FQDN} \ + --env DEPLOY_FQI=${DEPLOY_FQI} \ + --env DEPLOY_PASSWORD=${DEPLOY_PASSWORD} \ + --env APP_FQI=${APP_FQI} \ + --env APP_FQDN=${APP_FQDN} \ + --env LATITUDE=${LATITUDE} \ + --env LONGITUDE=${LONGITUDE} \ --name aaf_agent_$USER \ - ${ORG}/${PROJECT}/aaf_config:${VERSION} \ + onap/aaf/aaf_agent:$VERSION \ /bin/bash "$@" diff --git a/auth/docker/d.props.init b/auth/docker/d.props.init index d65c11bb..b0ba63d8 100644 --- a/auth/docker/d.props.init +++ b/auth/docker/d.props.init @@ -6,7 +6,12 @@ VERSION=2.1.2-SNAPSHOT CONF_ROOT_DIR=/opt/app/osaaf # Local Env info -HOSTNAME= +HOSTNAME=aaf.osaaf.org HOST_IP= -CASS_HOST= +CASS_HOST=cass.aaf.osaaf.org:<Cass IP> +# AAF Machine info +AAF_ENV=DEV +AAF_REGISTER_AS=$HOSTNAME +LATITUDE= +LONGITUDE= diff --git a/auth/docker/dbounce.sh b/auth/docker/dbounce.sh index e6367957..82aedd0c 100644 --- a/auth/docker/dbounce.sh +++ b/auth/docker/dbounce.sh @@ -1,4 +1,4 @@ #!/bin/bash -sh ./dstop.sh "$@" -sh ./dstart.sh "$@" +bash ./dstop.sh "$@" +bash ./dstart.sh "$@" diff --git a/auth/docker/dbuild.sh b/auth/docker/dbuild.sh index ba7a8095..da0b9b64 100755 --- a/auth/docker/dbuild.sh +++ b/auth/docker/dbuild.sh @@ -9,14 +9,22 @@ fi . ./d.props -# Create the Config (Security) Image -sed -e 's/${AAF_VERSION}/'${VERSION}'/g' -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' Dockerfile.config >../sample/Dockerfile +# Create the AAF Config (Security) Images cd .. cp ../cadi/aaf/target/aaf-cadi-aaf-${VERSION}-full.jar sample/bin + +# AAF Config image (for AAF itself) +sed -e 's/${AAF_VERSION}/'${VERSION}'/g' -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' docker/Dockerfile.config > sample/Dockerfile docker build -t ${ORG}/${PROJECT}/aaf_config:${VERSION} sample + +# AAF Agent Image (for Clients) +sed -e 's/${AAF_VERSION}/'${VERSION}'/g' -e 's/${AAF_COMPONENT}/'${AAF_COMPONENT}'/g' docker/Dockerfile.client > sample/Dockerfile +docker build -t ${ORG}/${PROJECT}/aaf_agent:${VERSION} sample + +# Clean up rm sample/Dockerfile sample/bin/aaf-cadi-aaf-${VERSION}-full.jar cd - - +######## # Second, build a core Docker Image echo Building aaf_$AAF_COMPONENT... # Apply currrent Properties to Docker file, and put in place. diff --git a/auth/docker/dclean.sh b/auth/docker/dclean.sh index 0bca9ef7..b502c022 100644 --- a/auth/docker/dclean.sh +++ b/auth/docker/dclean.sh @@ -8,6 +8,7 @@ else AAF_COMPONENTS=$1 fi +docker image rm $ORG/$PROJECT/aaf_agent:${VERSION} docker image rm $ORG/$PROJECT/aaf_config:${VERSION} docker image rm $ORG/$PROJECT/aaf_core:${VERSION} |