summaryrefslogtreecommitdiffstats
path: root/docs/sections/services/dfc
diff options
context:
space:
mode:
Diffstat (limited to 'docs/sections/services/dfc')
-rw-r--r--docs/sections/services/dfc/architecture.rst18
-rw-r--r--docs/sections/services/dfc/certificates.rst115
-rw-r--r--docs/sections/services/dfc/configuration.rst10
-rw-r--r--docs/sections/services/dfc/consumedapis.rst72
-rw-r--r--docs/sections/services/dfc/index.rst2
5 files changed, 216 insertions, 1 deletions
diff --git a/docs/sections/services/dfc/architecture.rst b/docs/sections/services/dfc/architecture.rst
index 73597541..ac0c8d14 100644
--- a/docs/sections/services/dfc/architecture.rst
+++ b/docs/sections/services/dfc/architecture.rst
@@ -39,4 +39,20 @@ The event is received from the Message Router (MR), the files are fetched from a
(DR).
Both fetching of a file and publishing is retried a number of times with an increasing delay between each attempt.
After a number of attempts, the DFC will log an error message and give up. Failing of processing of one file does not
-affect the handling of others. \ No newline at end of file
+affect the handling of others.
+
+Maven GroupId:
+==============
+
+org.onap.dcaegen2.collectors
+
+Maven Parent ArtifactId:
+========================
+
+dcae-collectors
+
+Maven Children Artifacts:
+=========================
+
+1. datafile-app-server: DFC server
+
diff --git a/docs/sections/services/dfc/certificates.rst b/docs/sections/services/dfc/certificates.rst
new file mode 100644
index 00000000..17bfb2f3
--- /dev/null
+++ b/docs/sections/services/dfc/certificates.rst
@@ -0,0 +1,115 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Certificates
+============
+
+Configuration of Certificates in test environment(For FTP over TLS):
+
+DFC supports two protocols: FTPES and SFTP.
+For FTPES, it is mutual authentication with certificates.
+In our test environment, we use vsftpd to simulate xNF, and we generate self-signed
+keys & certificates on both vsftpd server and DFC.
+
+1. Generate key/certificate with openssl for DFC:
+-------------------------------------------------
+.. code:: bash
+
+ openssl genrsa -out dfc.key 2048
+ openssl req -new -out dfc.csr -key dfc.key
+ openssl x509 -req -days 365 -in dfc.csr -signkey dfc.key -out dfc.crt
+
+2. Generate key & certificate with openssl for vsftpd:
+------------------------------------------------------
+.. code:: bash
+
+ openssl genrsa -out ftp.key 2048
+ openssl req -new -out ftp.csr -key ftp.key
+ openssl x509 -req -days 365 -in ftp.csr -signkey ftp.key -out ftp.crt
+
+3. Configure java keystore in DFC:
+----------------------------------
+We have two keystore files, one for TrustManager, one for KeyManager.
+
+**For TrustManager:**
+
+1. First, convert your certificate in a DER format :
+
+ .. code:: bash
+
+ openssl x509 -outform der -in ftp.crt -out ftp.der
+
+2. And after, import it in the keystore :
+
+ .. code:: bash
+
+ keytool -import -alias ftp -keystore ftp.jks -file ftp.der
+
+**For KeyManager:**
+
+1. First, create a jks keystore:
+
+ .. code:: bash
+
+ keytool -keystore dfc.jks -genkey -alias dfc
+
+2. Second, import dfc.crt and dfc.key to dfc.jks. This is a bit troublesome.
+
+ 1). Step one: Convert x509 Cert and Key to a pkcs12 file
+
+ .. code:: bash
+
+ openssl pkcs12 -export -in dfc.crt -inkey dfc.key -out dfc.p12 -name [some-alias]
+
+ Note: Make sure you put a password on the p12 file - otherwise you'll get a null reference exception when you try to import it.
+
+ Note 2: You might want to add the -chainoption to preserve the full certificate chain.
+
+ 2). Step two: Convert the pkcs12 file to a java keystore:
+
+ .. code:: bash
+
+ keytool -importkeystore -deststorepass [changeit] -destkeypass [changeit] -destkeystore dfc.jks -srckeystore dfc.p12 -srcstoretype PKCS12 -srcstorepass [some-password] -alias [some-alias]
+
+3. Finished
+
+4. Configure vsftpd:
+--------------------
+ update /etc/vsftpd/vsftpd.conf:
+
+ .. code-block:: bash
+
+ rsa_cert_file=/etc/ssl/private/ftp.crt
+ rsa_private_key_file=/etc/ssl/private/ftp.key
+ ssl_enable=YES
+ allow_anon_ssl=NO
+ force_local_data_ssl=YES
+ force_local_logins_ssl=YES
+
+ ssl_tlsv1=YES
+ ssl_sslv2=YES
+ ssl_sslv3=YES
+
+ require_ssl_reuse=NO
+ ssl_ciphers=HIGH
+
+ require_cert=YES
+ ssl_request_cert=YES
+ ca_certs_file=/home/vsftpd/myuser/dfc.crt
+
+5. Configure config/datafile_endpoints.json:
+--------------------------------------------
+ Update the file accordingly:
+
+ .. code-block:: javascript
+
+ "ftpesConfiguration": {
+ "keyCert": "/config/dfc.jks",
+ "keyPassword": "[yourpassword]",
+ "trustedCA": "/config/ftp.jks",
+ "trustedCAPassword": "[yourpassword]"
+ }
+
+6. This has been tested with vsftpd and dfc, with self-signed certificates.
+---------------------------------------------------------------------------
+ In real deployment, we should use ONAP-CA signed certificate for DFC, and vendor-CA signed certificate for xNF
diff --git a/docs/sections/services/dfc/configuration.rst b/docs/sections/services/dfc/configuration.rst
index 22f50eeb..b8d0df95 100644
--- a/docs/sections/services/dfc/configuration.rst
+++ b/docs/sections/services/dfc/configuration.rst
@@ -7,6 +7,16 @@ Configuration
**datafile** configuration is controlled via a single JSON file called datafile_endpoints.json.
This is located under datafile-app-server/config.
+Compiling DFC
+=============
+
+Whole project (top level of DFC directory) and each module (sub module directory) can be compiled using
+`mvn clean install` command.
+
+Configuration file: Config/datafile_endpoints.json
+
+
+
JSON CONFIGURATION EXPLAINED
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
diff --git a/docs/sections/services/dfc/consumedapis.rst b/docs/sections/services/dfc/consumedapis.rst
new file mode 100644
index 00000000..0ab10498
--- /dev/null
+++ b/docs/sections/services/dfc/consumedapis.rst
@@ -0,0 +1,72 @@
+.. This work is licensed under a Creative Commons Attribution 4.0 International License.
+.. http://creativecommons.org/licenses/by/4.0
+
+Paths
+=====
+
+GET /events/unauthenticated.VES_NOTIFICATION_OUTPUT
+---------------------------------------------------
+
+Description
+~~~~~~~~~~~
+
+Reads fileReady events from DMaaP (Data Movement as a Platform)
+
+
+Responses
+~~~~~~~~~
+
++-----------+---------------------+
+| HTTP Code | Description |
++===========+=====================+
+| **200** | successful response |
++-----------+---------------------+
+
+GET /FEEDLOG_TOPIC/DEFAULT_FEED_ID?type=pub&filename=FILENAME
+-------------
+
+Description
+~~~~~~~~~~~
+
+Querying the Data Router to check whether a file has been published previously.
+
+Responses
+~~~~~~~~~
+
++-----------+------------+-----------------------+
+| HTTP Code | Body | Description |
++===========+============+=======================+
+| **400** | NA | error in query |
++-----------+------------+-----------------------+
+| **200** | [] | Not published yet |
++-----------+------------+-----------------------+
+| **200** | [$FILENAME]| Already published |
++-----------+------------+-----------------------+
+
+POST /publish
+-------------
+
+Description
+~~~~~~~~~~~
+
+Publish the collected file/s as a stream to DataRouter
+ - file as stream
+ - compression
+ - fileFormatType
+ - fileFormatVersion
+ - productName
+ - vendorName
+ - lastEpochMicrosec
+ - sourceName
+ - startEpochMicrosec
+ - timeZoneOffset
+
+
+Responses
+~~~~~~~~~
+
++-----------+---------------------+
+| HTTP Code | Description |
++===========+=====================+
+| **200** | successful response |
++-----------+---------------------+ \ No newline at end of file
diff --git a/docs/sections/services/dfc/index.rst b/docs/sections/services/dfc/index.rst
index 176c403c..780d63fc 100644
--- a/docs/sections/services/dfc/index.rst
+++ b/docs/sections/services/dfc/index.rst
@@ -14,6 +14,8 @@ DATAFILE COLLECTOR MS (DFC)
./delivery.rst
./logging.rst
./installation.rst
+ ./certificates.rst
./configuration.rst
+ ./consumedapis.rst
./administration.rst
./release-notes.rst