From 67eccc91050dd13e57a9228decaac85d318b3ce5 Mon Sep 17 00:00:00 2001 From: TamasBakai Date: Fri, 26 Apr 2019 10:58:08 +0000 Subject: DFC swagger updates Change-Id: Ie477e3448dea1fc27e5f13a2fce71b6af3f2ba53 Issue-ID: DCAEGEN2-1443 Signed-off-by: TamasBakai --- docs/sections/apis/DFC.rst | 187 ++------------------------------------------- 1 file changed, 7 insertions(+), 180 deletions(-) (limited to 'docs/sections/apis/DFC.rst') diff --git a/docs/sections/apis/DFC.rst b/docs/sections/apis/DFC.rst index 57e2914c..f345d93f 100644 --- a/docs/sections/apis/DFC.rst +++ b/docs/sections/apis/DFC.rst @@ -2,7 +2,7 @@ DFC (DataFile Collector) ======================== -:Date: 2018-09-21 +:Date: 2019-04-24 .. contents:: :depth: 3 @@ -16,184 +16,11 @@ Component description can be found under `DFC`_. .. _DFC: ../../sections/services/dfc/index.html -Paths -===== +Offered APIs +============ -GET /events/unauthenticated.VES_NOTIFICATION_OUTPUT ---------------------------------------------------- +.. csv-table:: + :header: "API name", "Swagger JSON" + :widths: 10,5 -Description -~~~~~~~~~~~ - -Reads fileReady events from DMaaP (Data Movement as a Platform) - - -Responses -~~~~~~~~~ - -+-----------+---------------------+ -| HTTP Code | Description | -+===========+=====================+ -| **200** | successful response | -+-----------+---------------------+ - - - -POST /publish -------------- - -Description -~~~~~~~~~~~ - -Publish the collected file/s as a stream to DataRouter - - file as stream - - compression - - fileFormatType - - fileFormatVersion - - -Responses -~~~~~~~~~ - -+-----------+---------------------+ -| HTTP Code | Description | -+===========+=====================+ -| **200** | successful response | -+-----------+---------------------+ - -Compiling DFC -============= - -Whole project (top level of DFC directory) and each module (sub module directory) can be compiled using -`mvn clean install` command. - -Configuration file: Config/datafile_endpoints.json - -Maven GroupId: -============== - -org.onap.dcaegen2.collectors - -Maven Parent ArtifactId: -======================== - -dcae-collectors - -Maven Children Artifacts: -========================= - -1. datafile-app-server: DFC server -2. datafile-dmaap-client: Contains implementation of DmaaP client -3. datafile-commons: Common code for whole DFC modules -4. docker-compose: Contains the docker-compose - -Configuration of Certificates in test environment(For FTP over TLS): -==================================================================== - -DFC supports two protocols: FTPES and SFTP. -For FTPES, it is mutual authentication with certificates. -In our test environment, we use vsftpd to simulate xNF, and we generate self-signed -keys & certificates on both vsftpd server and DFC. - -1. Generate key/certificate with openssl for DFC: -------------------------------------------------- -.. code:: bash - - openssl genrsa -out dfc.key 2048 - openssl req -new -out dfc.csr -key dfc.key - openssl x509 -req -days 365 -in dfc.csr -signkey dfc.key -out dfc.crt - -2. Generate key & certificate with openssl for vsftpd: ------------------------------------------------------- -.. code:: bash - - openssl genrsa -out ftp.key 2048 - openssl req -new -out ftp.csr -key ftp.key - openssl x509 -req -days 365 -in ftp.csr -signkey ftp.key -out ftp.crt - -3. Configure java keystore in DFC: ----------------------------------- -We have two keystore files, one for TrustManager, one for KeyManager. - -**For TrustManager:** - -1. First, convert your certificate in a DER format : - - .. code:: bash - - openssl x509 -outform der -in ftp.crt -out ftp.der - -2. And after, import it in the keystore : - - .. code:: bash - - keytool -import -alias ftp -keystore ftp.jks -file ftp.der - -**For KeyManager:** - -1. First, create a jks keystore: - - .. code:: bash - - keytool -keystore dfc.jks -genkey -alias dfc - -2. Second, import dfc.crt and dfc.key to dfc.jks. This is a bit troublesome. - - 1). Step one: Convert x509 Cert and Key to a pkcs12 file - - .. code:: bash - - openssl pkcs12 -export -in dfc.crt -inkey dfc.key -out dfc.p12 -name [some-alias] - - Note: Make sure you put a password on the p12 file - otherwise you'll get a null reference exception when yy to import it. (In case anyone else had this headache). - - Note 2: You might want to add the -chainoption to preserve the full certificate chain. - - 2). Step two: Convert the pkcs12 file to a java keystore: - - .. code:: bash - - keytool -importkeystore -deststorepass [changeit] -destkeypass [changeit] -destkeystore dfc.jks -srckeystore dfc.p12 -srcstoretype PKCS12 -srcstorepass [some-password] -alias [some-alias] - -3. Finished - -4. Configure vsftpd: --------------------- - update /etc/vsftpd/vsftpd.conf: - - .. code-block:: bash - - rsa_cert_file=/etc/ssl/private/ftp.crt - rsa_private_key_file=/etc/ssl/private/ftp.key - ssl_enable=YES - allow_anon_ssl=NO - force_local_data_ssl=YES - force_local_logins_ssl=YES - - ssl_tlsv1=YES - ssl_sslv2=YES - ssl_sslv3=YES - - require_ssl_reuse=NO - ssl_ciphers=HIGH - - require_cert=YES - ssl_request_cert=YES - ca_certs_file=/home/vsftpd/myuser/dfc.crt - -5. Configure config/datafile_endpoints.json: --------------------------------------------- - Update the file accordingly: - - .. code-block:: javascript - - "ftpesConfiguration": { - "keyCert": "/config/dfc.jks", - "keyPassword": "[yourpassword]", - "trustedCA": "/config/ftp.jks", - "trustedCAPassword": "[yourpassword]" - } - -6. This has been tested with vsftpd and dfc, with self-signed certificates. ---------------------------------------------------------------------------- - In real deployment, we should use ONAP-CA signed certificate for DFC, and vendor-CA signed certificate for xNF + "Datafile Collector API", ":download:`link `" -- cgit 1.2.3-korg