diff options
-rwxr-xr-x | docs/sections/design-components/component-specification/docker-specification.rst | 2 | ||||
-rw-r--r-- | docs/sections/tls_enablement.rst | 10 |
2 files changed, 6 insertions, 6 deletions
diff --git a/docs/sections/design-components/component-specification/docker-specification.rst b/docs/sections/design-components/component-specification/docker-specification.rst index 20ce340d..63fef9b8 100755 --- a/docs/sections/design-components/component-specification/docker-specification.rst +++ b/docs/sections/design-components/component-specification/docker-specification.rst @@ -295,7 +295,7 @@ for internal and external communication. | | | ernal communication should be added to the main container |
| | | i.e ``true`` |
+--------------------------------+---------+---------------------------------------------------------------------------+
-| use_external_tls | boolean | *Optional*. A boolean that indicates whether the component uses AAF Cert\ |
+| use_external_tls | boolean | *Optional*. A boolean that indicates whether the component uses OOM Cert\ |
| | | Service to acquire operator certificate to protect external (between xNFs |
| | | and ONAP) traffic. For a time being only operator certificate from CMPv2 |
| | | server is supported. |
diff --git a/docs/sections/tls_enablement.rst b/docs/sections/tls_enablement.rst index 0407d4e9..85ba13d0 100644 --- a/docs/sections/tls_enablement.rst +++ b/docs/sections/tls_enablement.rst @@ -123,7 +123,7 @@ From k8splugin 3.4.1 when external TLS is enabled (use_external_tls=true), keyst 1. Certificate setup: - To create certificate artifacts, AAF CertService must obtain the certificate details. Common name and list of Subject Alternative Names (SANs) are set in blueprint as described in step 3. + To create certificate artifacts, OOM CertService must obtain the certificate details. Common name and list of Subject Alternative Names (SANs) are set in blueprint as described in step 3. The following parameters with default values are stored in OOM in k8splugin configuration file (k8splugin.json) in group ``external_cert``: * A string ``image_tag`` that indicates CertService client image name and version @@ -142,8 +142,8 @@ From k8splugin 3.4.1 when external TLS is enabled (use_external_tls=true), keyst .. code-block:: JSON { - "image_tag": "nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:$VERSION", - "request_url": "https://aaf-cert-service:8443/v1/certificate/", + "image_tag": "nexus3.onap.org:10001/onap/org.onap.oom.platform.certservice.oom-certservice-client:$VERSION", + "request_url": "https://oom-cert-service:8443/v1/certificate/", "timeout": "30000", "country": "US", "organization": "Linux-Foundation", @@ -161,7 +161,7 @@ From k8splugin 3.4.1 when external TLS is enabled (use_external_tls=true), keyst 2. Certificate generation and retrieval: When a DCAE component that needs an external TLS certificate is launched, a Kubernetes init container runs before the main - component container is launched. The init container contacts the AAF CertService. + component container is launched. The init container contacts the OOM CertService. DCAE service components (sometimes called "microservices") are deployed via Cloudify using blueprints. This is described in more detail in the next section. @@ -198,7 +198,7 @@ From k8splugin 3.4.1 when external TLS is enabled (use_external_tls=true), keyst During deployment Kubernetes plugin (referenced in blueprint) will check if the ``external_cert`` property is set and ``use_external_tls`` is set to true, then the plugin will add some elements to the Kubernetes Deployment for the component: * A Kubernetes volume (``tls-volume``) that will hold the certificate artifacts * A Kubernetes initContainer (``cert-service-client``) - * A Kubernetes volumeMount for the initContainer that mounts the ``tls-volume`` volume at ``/etc/onap/aaf/certservice/certs/``. + * A Kubernetes volumeMount for the initContainer that mounts the ``tls-volume`` volume at ``/etc/onap/oom/certservice/certs/``. * A Kubernetes volumeMount for the main container that mounts the ``tls-info`` volume at the mount point specified in the ``external_cert_directory`` property. Kurbernetes volumeMount tls-info is shared with TLS init container for internal traffic. |