diff options
| author |   Vijay Venkatesh Kumar <vv770d@att.com> | 2018-09-27 10:17:21 -0400 |
|---|---|---|
| committer | vagrant <vv770d@att.com> | 2018-10-09 13:52:34 +0000 |
| commit | 69aedf8e5bbe110f95defb06cedd8a212bd19eb7 (patch) | |
| tree | d5b5a2d141cb6479624436eb2c216ff16100292f | |
| parent | 20fdd615eeb9b4fa1594273b1fa3d7eca8992c8b (diff) | |
Add aaf tls certifiacte support
Updated registration input to match
k8s - https://git.onap.org/oom/tree/kubernetes/dcaegen2/charts/dcae-bootstrap/resources/inputs/k8s-policy_handler-inputs.yaml
Issue-ID: DCAEGEN2-716
Change-Id: I52041ddc168e31abe083eaed4a88bfc40a5a2780
Signed-off-by: Lusheng Ji <lji@research.att.com>
Signed-off-by: Vijay Venkatesh Kumar <vv770d@att.com>
| -rw-r--r-- | heat/docker-compose-1.yaml | 10 | ||||
| -rw-r--r-- | heat/docker-compose-2.yaml | 9 | ||||
| -rw-r--r-- | heat/docker-compose-3.yaml | 8 | ||||
| -rw-r--r-- | heat/docker-compose-4.yaml | 14 | ||||
| -rwxr-xr-x | heat/register.sh | 12 |
5 files changed, 50 insertions, 3 deletions
diff --git a/heat/docker-compose-1.yaml b/heat/docker-compose-1.yaml index edc6bba..72c84df 100644 --- a/heat/docker-compose-1.yaml +++ b/heat/docker-compose-1.yaml @@ -61,9 +61,19 @@ services: - "10000:10000" depends_on: - "consul" + - "tls-init" labels: - "SERVICE_10000_NAME=config_binding_service" - "SERVICE_10000_CHECK_HTTP=/healthcheck" - "SERVICE_10000_CHECK_INTERVAL=15s" - "SERVICE_10000_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" + + tls-init: + image: "{{ nexus_docker_repo }}/onap/org.onap.dcaegen2.deployments.tls-init-container:{{ dcae_docker_tls }}" + container_name: "tls-init" + hostname: "tls-init" + volumes: + - "./tls/shared:/opt/tls/shared" diff --git a/heat/docker-compose-2.yaml b/heat/docker-compose-2.yaml index 317aec4..dca210e 100644 --- a/heat/docker-compose-2.yaml +++ b/heat/docker-compose-2.yaml @@ -20,6 +20,8 @@ services: - "SERVICE_8080_CHECK_HTTP=/healthcheck" - "SERVICE_8080_CHECK_INTERVAL=15s" - "SERVICE_8080_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" mvp-dcaegen2-analytics-tca: @@ -51,6 +53,8 @@ services: - "SERVICE_11011_CHECK_HTTP=/cdap/ns/cdap_tca_hi_lo" - "SERVICE_11011_CHECK_INTERVAL=15s" - "SERVICE_11011_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" mvp-dcaegen2-analytics-holmes-engine-management: image: "{{ nexus_docker_repo }}/onap/holmes/engine-management:{{ holmes_docker_em }}" @@ -70,6 +74,8 @@ services: - "9102:9102" labels: - "SERVICE_9102_IGNORE=true" + volumes: + - "./tls/shared:/opt/tls/shared" mvp-dcaegen2-analytics-holmes-rule-management: image: "{{ nexus_docker_repo }}/onap/holmes/rule-management:{{ holmes_docker_rm }}" @@ -89,4 +95,5 @@ services: - "9101:9101" labels: - "SERVICE_9101_IGNORE=true" - + volumes: + - "./tls/shared:/opt/tls/shared" diff --git a/heat/docker-compose-3.yaml b/heat/docker-compose-3.yaml index 3eef2bc..6ef467c 100644 --- a/heat/docker-compose-3.yaml +++ b/heat/docker-compose-3.yaml @@ -16,6 +16,8 @@ services: - "SERVICE_8080_CHECK_HTTP=/dcae-service-types" - "SERVICE_8080_CHECK_INTERVAL=15s" - "SERVICE_8080_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" service-change-handler: @@ -33,6 +35,8 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/health.sh" - "SERVICE_CHECK_INTERVAL=15s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" deployment_handler: @@ -50,6 +54,8 @@ services: - "SERVICE_8443_CHECK_HTTP=/" - "SERVICE_8443_CHECK_INTERVAL=15s" - "SERVICE_8443_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/app/dh/etc/cert/" policy_handler: @@ -64,4 +70,6 @@ services: - "SERVICE_25577_CHECK_HTTP=/healthcheck" - "SERVICE_25577_CHECK_INTERVAL=15s" - "SERVICE_25577_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/app/policy_handler/etc/tls/certs/" diff --git a/heat/docker-compose-4.yaml b/heat/docker-compose-4.yaml index f284f29..11272dd 100644 --- a/heat/docker-compose-4.yaml +++ b/heat/docker-compose-4.yaml @@ -20,6 +20,8 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/app/snmptrap/bin/snmptrapd.sh status" - "SERVICE_CHECK_INTERVAL=300s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" prh: @@ -42,6 +44,8 @@ services: - "SERVICE_8082_CHECK_HTTP=/heartbeat" - "SERVICE_8082_CHECK_INTERVAL=15s" - "SERVICE_8082_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" hvves: @@ -64,6 +68,8 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/app/hvves/bin/healthcheck.sh" - "SERVICE_CHECK_INTERVAL=15s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" datafile: @@ -84,6 +90,8 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/app/datafile/bin/healthcheck.sh" - "SERVICE_CHECK_INTERVAL=15s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" mapper-universalvesadaptor: image: "{{ nexus_docker_repo }}/onap/org.onap.dcaegen2.services.mapper.vesadapter.universalvesadaptor:{{ dcae_docker_mua }}" @@ -103,6 +111,8 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/app/datafile/bin/healthcheck.sh" - "SERVICE_CHECK_INTERVAL=15s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" mapper-snmp: image: "{{ nexus_docker_repo }}/onap/org.onap.dcaegen2.services.mapper.vesadapter.snmpmapper:{{ dcae_docker_msnmp }}" @@ -122,6 +132,8 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/app/datafile/bin/healthcheck.sh" - "SERVICE_CHECK_INTERVAL=15s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" heartbeat: @@ -142,4 +154,6 @@ services: - "SERVICE_CHECK_DOCKER_SCRIPT=/opt/app/datafile/bin/healthcheck.sh" - "SERVICE_CHECK_INTERVAL=15s" - "SERVICE_CHECK_INITIAL_STATUS=passing" + volumes: + - "./tls/shared:/opt/tls/shared" diff --git a/heat/register.sh b/heat/register.sh index 6bd7b7b..66c4f72 100755 --- a/heat/register.sh +++ b/heat/register.sh @@ -197,7 +197,10 @@ REGKV=' "policy_handler": { "deploy_handler": { "target_entity": "deployment_handler", + "tls_ca_mode": "do_not_verify", "max_msg_length_mb": 5, + "url" : "https://{{ dcae_ip_addr }}:8188", + "tls_ca_mode" : "cert_directory", "query": { "cfy_tenant_name": "default_tenant" } @@ -214,6 +217,9 @@ REGKV=' }, "policy_engine": { "path_api": "/pdp/api/", + "path_notifications" : "/pdp/notifications", + "tls_ca_mode" : "cert_directory", + "tls_wss_ca_mode" : "cert_directory", "headers": { "Environment": "TEST", "ClientAuth": "cHl0aG9uOnRlc3Q=", @@ -222,8 +228,10 @@ REGKV=' "Authorization": "Basic dGVzdHBkcDphbHBoYTEyMw==" }, "path_pdp": "/pdp/", - "url": "http://{{ policy_ip_addr }}:8081", - "target_entity": "policy_engine" + "url": "https://{{ policy_ip_addr }}:8081", + "target_entity": "policy_engine", + "tls_wss_ca_mode": "do_not_verify", + "tls_ca_mode": "do_not_verify" } } }' |