summaryrefslogtreecommitdiffstats
path: root/docs
diff options
context:
space:
mode:
authorVijay Venkatesh Kumar <vv770d@att.com>2020-04-13 18:00:26 +0000
committerGerrit Code Review <gerrit@onap.org>2020-04-13 18:00:26 +0000
commit06d45b681f12fcb88fcca76bcc6170eaf020560b (patch)
treea07c98ded83da95a9c44a6f67a9616b8cd7dbf55 /docs
parent0fbf888a2d6acfc67f7e555fdaec485ecb8c6ff9 (diff)
parent9979aa39e0b9ddbc8741b809c7aa79d11c18cfbf (diff)
Merge "Add description of turn off TLS"
Diffstat (limited to 'docs')
-rw-r--r--docs/sections/services/ves-hv/index.rst1
-rw-r--r--docs/sections/services/ves-hv/running-insecure.rst58
-rw-r--r--docs/sections/services/ves-hv/troubleshooting.rst2
3 files changed, 61 insertions, 0 deletions
diff --git a/docs/sections/services/ves-hv/index.rst b/docs/sections/services/ves-hv/index.rst
index 144f557e..8c1105a1 100644
--- a/docs/sections/services/ves-hv/index.rst
+++ b/docs/sections/services/ves-hv/index.rst
@@ -34,6 +34,7 @@ High Volume VES Collector overview and functions
run-time-configuration
HV-VES Offered APIs <../../apis/ves-hv/index>
authorization
+ running-insecure
example-event
healthcheck-and-monitoring
troubleshooting
diff --git a/docs/sections/services/ves-hv/running-insecure.rst b/docs/sections/services/ves-hv/running-insecure.rst
new file mode 100644
index 00000000..8d366ac2
--- /dev/null
+++ b/docs/sections/services/ves-hv/running-insecure.rst
@@ -0,0 +1,58 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+.. _running_insecure:
+
+Running insecure HV-VES in test environments
+============================================
+
+HV-VES application is configured by default to use TLS/SSL encryption on TCP connection. However it is posible to turn off TLS/SSL authorization by overriding Cloudify blueprint inputs.
+
+
+Accessing bootstrap container with Kubernetes command line tool
+---------------------------------------------------------------
+
+To find bootstrap pod, execute the following command:
+
+::
+
+ kubectl -n <onap namespace> get pods | grep bootstrap
+
+To run command line in bootstrap pod, execute:
+
+::
+
+ kubectl -n <onap namespace> exec -it <bootstrap-pod-name> bash
+
+
+Disable TLS/SSL by overriding Cloudify blueprint inputs
+-------------------------------------------------------
+
+1. If You have a running HV-VES instance, uninstall HV-VES and delete current deployment:
+
+::
+
+ cfy executions start -d hv-ves uninstall
+ cfy deployments delete hv-ves
+
+2. Create new deployment with inputs from yaml file and override 'security_ssl_disable' value:
+
+::
+
+ cfy deployments create -b hv-ves -i inputs/k8s-hv_ves-inputs.yaml -i security_ssl_disable=True hv-ves
+
+To verify inputs, You can execute:
+
+::
+
+ cfy deployments inputs hv-ves
+
+3. Install HV-VES deployment:
+
+::
+
+ cfy executions start -d hv-ves install
+
+
+
+
diff --git a/docs/sections/services/ves-hv/troubleshooting.rst b/docs/sections/services/ves-hv/troubleshooting.rst
index d6cf9f1e..15ce44c3 100644
--- a/docs/sections/services/ves-hv/troubleshooting.rst
+++ b/docs/sections/services/ves-hv/troubleshooting.rst
@@ -213,6 +213,8 @@ They can be changed by specifying ``security.keys.trustStore`` or ``security.key
For testing purposes there is possibility to use plain TCP protocol. In order to do this navigate with your browser to consul-ui service and than pick KEY/VALUE tab. Select dcae-hv-ves-collector and change ``security.sslDisable`` to true. Update of configuration should let start TCP server without SSL/TLS configured.
+In order to disable TLS/SSL by overriding Cloudify blueprint inputs, see :ref:`running_insecure`.
+
====
**Invalid credentials**