summaryrefslogtreecommitdiffstats
path: root/docs/sections
diff options
context:
space:
mode:
authorTomasz Wrobel <tomasz.wrobel@nokia.com>2020-04-02 16:35:31 +0200
committerTomasz Wrobel <tomasz.wrobel@nokia.com>2020-04-09 08:43:11 +0200
commit9979aa39e0b9ddbc8741b809c7aa79d11c18cfbf (patch)
tree4ccd0cb32cc6761f420e09aecdabc1ccd6559135 /docs/sections
parent8d44c1bb2b6e7b7bf85341bb5123c4f2bff62b53 (diff)
Add description of turn off TLS
Add description of running insecure hv-ves in test environments by cloudify Issue-ID: DCAEGEN2-2143 Signed-off-by: Tomasz Wrobel <tomasz.wrobel@nokia.com> Change-Id: I02d60b50ebb139fda85f2d79a6a33e3b38547b1c
Diffstat (limited to 'docs/sections')
-rw-r--r--docs/sections/services/ves-hv/index.rst1
-rw-r--r--docs/sections/services/ves-hv/running-insecure.rst58
-rw-r--r--docs/sections/services/ves-hv/troubleshooting.rst2
3 files changed, 61 insertions, 0 deletions
diff --git a/docs/sections/services/ves-hv/index.rst b/docs/sections/services/ves-hv/index.rst
index 144f557e..8c1105a1 100644
--- a/docs/sections/services/ves-hv/index.rst
+++ b/docs/sections/services/ves-hv/index.rst
@@ -34,6 +34,7 @@ High Volume VES Collector overview and functions
run-time-configuration
HV-VES Offered APIs <../../apis/ves-hv/index>
authorization
+ running-insecure
example-event
healthcheck-and-monitoring
troubleshooting
diff --git a/docs/sections/services/ves-hv/running-insecure.rst b/docs/sections/services/ves-hv/running-insecure.rst
new file mode 100644
index 00000000..8d366ac2
--- /dev/null
+++ b/docs/sections/services/ves-hv/running-insecure.rst
@@ -0,0 +1,58 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+.. _running_insecure:
+
+Running insecure HV-VES in test environments
+============================================
+
+HV-VES application is configured by default to use TLS/SSL encryption on TCP connection. However it is posible to turn off TLS/SSL authorization by overriding Cloudify blueprint inputs.
+
+
+Accessing bootstrap container with Kubernetes command line tool
+---------------------------------------------------------------
+
+To find bootstrap pod, execute the following command:
+
+::
+
+ kubectl -n <onap namespace> get pods | grep bootstrap
+
+To run command line in bootstrap pod, execute:
+
+::
+
+ kubectl -n <onap namespace> exec -it <bootstrap-pod-name> bash
+
+
+Disable TLS/SSL by overriding Cloudify blueprint inputs
+-------------------------------------------------------
+
+1. If You have a running HV-VES instance, uninstall HV-VES and delete current deployment:
+
+::
+
+ cfy executions start -d hv-ves uninstall
+ cfy deployments delete hv-ves
+
+2. Create new deployment with inputs from yaml file and override 'security_ssl_disable' value:
+
+::
+
+ cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml -i security_ssl_disable=True hv-ves
+
+To verify inputs, You can execute:
+
+::
+
+ cfy deployments inputs hv-ves
+
+3. Install HV-VES deployment:
+
+::
+
+ cfy executions start -d hv-ves install
+
+
+
+
diff --git a/docs/sections/services/ves-hv/troubleshooting.rst b/docs/sections/services/ves-hv/troubleshooting.rst
index d6cf9f1e..15ce44c3 100644
--- a/docs/sections/services/ves-hv/troubleshooting.rst
+++ b/docs/sections/services/ves-hv/troubleshooting.rst
@@ -213,6 +213,8 @@ They can be changed by specifying ``security.keys.trustStore`` or ``security.key
For testing purposes there is possibility to use plain TCP protocol. In order to do this navigate with your browser to consul-ui service and than pick KEY/VALUE tab. Select dcae-hv-ves-collector and change ``security.sslDisable`` to true. Update of configuration should let start TCP server without SSL/TLS configured.
+In order to disable TLS/SSL by overriding Cloudify blueprint inputs, see :ref:`running_insecure`.
+
====
**Invalid credentials**