summaryrefslogtreecommitdiffstats
path: root/k8s/configure
diff options
context:
space:
mode:
authorJack Lucas <jflucas@research.att.com>2019-06-25 18:52:55 -0400
committerJack Lucas <jflucas@research.att.com>2019-07-01 11:07:30 -0400
commit9c094d0581c46d3d107facdc55cb2cc7a1d9f765 (patch)
tree7bb29d659b23295d3a3f67f7e1be054a8eb51544 /k8s/configure
parenta9e0e1c94d9b1fee783ce2db3df962b6fec5149b (diff)
Add TLS support for client-only apps
Also enhance unit tests to do more robust checking of results. Issue-ID: DCAEGEN2-1550 Change-Id: Icf6e5357d828e19db73bb58b98fd60e9f111d0dc Signed-off-by: Jack Lucas <jflucas@research.att.com>
Diffstat (limited to 'k8s/configure')
-rw-r--r--k8s/configure/configure.py14
1 files changed, 12 insertions, 2 deletions
diff --git a/k8s/configure/configure.py b/k8s/configure/configure.py
index e15939a..9f7929e 100644
--- a/k8s/configure/configure.py
+++ b/k8s/configure/configure.py
@@ -35,6 +35,10 @@ FB_IMAGE = "docker.elastic.co/beats/filebeat:5.5.0"
TLS_CERT_PATH = "/opt/tls/shared"
TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-container:1.0.0"
+TLS_CA_CERT_PATH = "/opt/dcae/cacert/cacert.pem"
+TLS_CA_CONFIGMAP = "dcae-cacert-configmap"
+
+CBS_BASE_URL = "https://config-binding-service:10443/service_component_all"
def _set_defaults():
""" Set default configuration parameters """
@@ -51,10 +55,16 @@ def _set_defaults():
"config_map" : FB_CONFIG_MAP, # ConfigMap holding the filebeat configuration
"image": FB_IMAGE # Docker image to use for filebeat
},
- "tls": { # Configuration for setting up TLS init container
+ "tls": { # Configuration for setting up TLS
"cert_path" : TLS_CERT_PATH, # mount point for certificate volume in TLS init container
- "image": TLS_IMAGE # Docker image to use for TLS init container
+ "image": TLS_IMAGE, # Docker image to use for TLS init container
+ "component_ca_cert_path": TLS_CA_CERT_PATH, # Mount point for CA cert for components that are clients only
+ "ca_cert_configmap": TLS_CA_CONFIGMAP # ConfigMap holding CA cert for components that are clients only
+ },
+ "cbs": {
+ "base_url" : CBS_BASE_URL # URL prefix for accessing config binding service
}
+
}
def configure(config_path=_CONFIG_PATH, key = _CONSUL_KEY):