diff options
author | Jack Lucas <jflucas@research.att.com> | 2019-06-25 18:52:55 -0400 |
---|---|---|
committer | Jack Lucas <jflucas@research.att.com> | 2019-07-01 11:07:30 -0400 |
commit | 9c094d0581c46d3d107facdc55cb2cc7a1d9f765 (patch) | |
tree | 7bb29d659b23295d3a3f67f7e1be054a8eb51544 /k8s/configure/configure.py | |
parent | a9e0e1c94d9b1fee783ce2db3df962b6fec5149b (diff) |
Add TLS support for client-only apps
Also enhance unit tests to do more robust checking of results.
Issue-ID: DCAEGEN2-1550
Change-Id: Icf6e5357d828e19db73bb58b98fd60e9f111d0dc
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Diffstat (limited to 'k8s/configure/configure.py')
-rw-r--r-- | k8s/configure/configure.py | 14 |
1 files changed, 12 insertions, 2 deletions
diff --git a/k8s/configure/configure.py b/k8s/configure/configure.py index e15939a..9f7929e 100644 --- a/k8s/configure/configure.py +++ b/k8s/configure/configure.py @@ -35,6 +35,10 @@ FB_IMAGE = "docker.elastic.co/beats/filebeat:5.5.0" TLS_CERT_PATH = "/opt/tls/shared" TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.0" +TLS_CA_CERT_PATH = "/opt/dcae/cacert/cacert.pem" +TLS_CA_CONFIGMAP = "dcae-cacert-configmap" + +CBS_BASE_URL = "https://config-binding-service:10443/service_component_all" def _set_defaults(): """ Set default configuration parameters """ @@ -51,10 +55,16 @@ def _set_defaults(): "config_map" : FB_CONFIG_MAP, # ConfigMap holding the filebeat configuration "image": FB_IMAGE # Docker image to use for filebeat }, - "tls": { # Configuration for setting up TLS init container + "tls": { # Configuration for setting up TLS "cert_path" : TLS_CERT_PATH, # mount point for certificate volume in TLS init container - "image": TLS_IMAGE # Docker image to use for TLS init container + "image": TLS_IMAGE, # Docker image to use for TLS init container + "component_ca_cert_path": TLS_CA_CERT_PATH, # Mount point for CA cert for components that are clients only + "ca_cert_configmap": TLS_CA_CONFIGMAP # ConfigMap holding CA cert for components that are clients only + }, + "cbs": { + "base_url" : CBS_BASE_URL # URL prefix for accessing config binding service } + } def configure(config_path=_CONFIG_PATH, key = _CONSUL_KEY): |