summaryrefslogtreecommitdiffstats
path: root/docs/sections/apis/DFC.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/sections/apis/DFC.rst')
-rw-r--r--docs/sections/apis/DFC.rst187
1 files changed, 7 insertions, 180 deletions
diff --git a/docs/sections/apis/DFC.rst b/docs/sections/apis/DFC.rst
index 57e2914c..f345d93f 100644
--- a/docs/sections/apis/DFC.rst
+++ b/docs/sections/apis/DFC.rst
@@ -2,7 +2,7 @@
DFC (DataFile Collector)
========================
-:Date: 2018-09-21
+:Date: 2019-04-24
.. contents::
:depth: 3
@@ -16,184 +16,11 @@ Component description can be found under `DFC`_.
.. _DFC: ../../sections/services/dfc/index.html
-Paths
-=====
+Offered APIs
+============
-GET /events/unauthenticated.VES_NOTIFICATION_OUTPUT
----------------------------------------------------
+.. csv-table::
+ :header: "API name", "Swagger JSON"
+ :widths: 10,5
-Description
-~~~~~~~~~~~
-
-Reads fileReady events from DMaaP (Data Movement as a Platform)
-
-
-Responses
-~~~~~~~~~
-
-+-----------+---------------------+
-| HTTP Code | Description |
-+===========+=====================+
-| **200** | successful response |
-+-----------+---------------------+
-
-
-
-POST /publish
--------------
-
-Description
-~~~~~~~~~~~
-
-Publish the collected file/s as a stream to DataRouter
- - file as stream
- - compression
- - fileFormatType
- - fileFormatVersion
-
-
-Responses
-~~~~~~~~~
-
-+-----------+---------------------+
-| HTTP Code | Description |
-+===========+=====================+
-| **200** | successful response |
-+-----------+---------------------+
-
-Compiling DFC
-=============
-
-Whole project (top level of DFC directory) and each module (sub module directory) can be compiled using
-`mvn clean install` command.
-
-Configuration file: Config/datafile_endpoints.json
-
-Maven GroupId:
-==============
-
-org.onap.dcaegen2.collectors
-
-Maven Parent ArtifactId:
-========================
-
-dcae-collectors
-
-Maven Children Artifacts:
-=========================
-
-1. datafile-app-server: DFC server
-2. datafile-dmaap-client: Contains implementation of DmaaP client
-3. datafile-commons: Common code for whole DFC modules
-4. docker-compose: Contains the docker-compose
-
-Configuration of Certificates in test environment(For FTP over TLS):
-====================================================================
-
-DFC supports two protocols: FTPES and SFTP.
-For FTPES, it is mutual authentication with certificates.
-In our test environment, we use vsftpd to simulate xNF, and we generate self-signed
-keys & certificates on both vsftpd server and DFC.
-
-1. Generate key/certificate with openssl for DFC:
--------------------------------------------------
-.. code:: bash
-
- openssl genrsa -out dfc.key 2048
- openssl req -new -out dfc.csr -key dfc.key
- openssl x509 -req -days 365 -in dfc.csr -signkey dfc.key -out dfc.crt
-
-2. Generate key & certificate with openssl for vsftpd:
-------------------------------------------------------
-.. code:: bash
-
- openssl genrsa -out ftp.key 2048
- openssl req -new -out ftp.csr -key ftp.key
- openssl x509 -req -days 365 -in ftp.csr -signkey ftp.key -out ftp.crt
-
-3. Configure java keystore in DFC:
-----------------------------------
-We have two keystore files, one for TrustManager, one for KeyManager.
-
-**For TrustManager:**
-
-1. First, convert your certificate in a DER format :
-
- .. code:: bash
-
- openssl x509 -outform der -in ftp.crt -out ftp.der
-
-2. And after, import it in the keystore :
-
- .. code:: bash
-
- keytool -import -alias ftp -keystore ftp.jks -file ftp.der
-
-**For KeyManager:**
-
-1. First, create a jks keystore:
-
- .. code:: bash
-
- keytool -keystore dfc.jks -genkey -alias dfc
-
-2. Second, import dfc.crt and dfc.key to dfc.jks. This is a bit troublesome.
-
- 1). Step one: Convert x509 Cert and Key to a pkcs12 file
-
- .. code:: bash
-
- openssl pkcs12 -export -in dfc.crt -inkey dfc.key -out dfc.p12 -name [some-alias]
-
- Note: Make sure you put a password on the p12 file - otherwise you'll get a null reference exception when yy to import it. (In case anyone else had this headache).
-
- Note 2: You might want to add the -chainoption to preserve the full certificate chain.
-
- 2). Step two: Convert the pkcs12 file to a java keystore:
-
- .. code:: bash
-
- keytool -importkeystore -deststorepass [changeit] -destkeypass [changeit] -destkeystore dfc.jks -srckeystore dfc.p12 -srcstoretype PKCS12 -srcstorepass [some-password] -alias [some-alias]
-
-3. Finished
-
-4. Configure vsftpd:
---------------------
- update /etc/vsftpd/vsftpd.conf:
-
- .. code-block:: bash
-
- rsa_cert_file=/etc/ssl/private/ftp.crt
- rsa_private_key_file=/etc/ssl/private/ftp.key
- ssl_enable=YES
- allow_anon_ssl=NO
- force_local_data_ssl=YES
- force_local_logins_ssl=YES
-
- ssl_tlsv1=YES
- ssl_sslv2=YES
- ssl_sslv3=YES
-
- require_ssl_reuse=NO
- ssl_ciphers=HIGH
-
- require_cert=YES
- ssl_request_cert=YES
- ca_certs_file=/home/vsftpd/myuser/dfc.crt
-
-5. Configure config/datafile_endpoints.json:
---------------------------------------------
- Update the file accordingly:
-
- .. code-block:: javascript
-
- "ftpesConfiguration": {
- "keyCert": "/config/dfc.jks",
- "keyPassword": "[yourpassword]",
- "trustedCA": "/config/ftp.jks",
- "trustedCAPassword": "[yourpassword]"
- }
-
-6. This has been tested with vsftpd and dfc, with self-signed certificates.
----------------------------------------------------------------------------
- In real deployment, we should use ONAP-CA signed certificate for DFC, and vendor-CA signed certificate for xNF
+ "Datafile Collector API", ":download:`link <DFC.json>`"