From 47201b60365a87b993a8a93d0b1c1bb03cbca1d6 Mon Sep 17 00:00:00 2001 From: Stavros Kanarakis Date: Wed, 10 Apr 2019 13:04:11 +0300 Subject: Support for HTTPS certificates-based communication with A&AI and DMaaP Also, upgraded DCAE-SDK to the latest 1.1.4 version Change-Id: Ica59ab3107d9c0bcbf4dbaacf5063d4ceb8ed4b9 Issue-ID: DCAEGEN2-1354 Signed-off-by: Stavros Kanarakis --- .../dpo/blueprints/bbs-event-processor-input.yaml | 6 ++-- .../k8s-bbs-event-processor.yaml-template | 34 +++++++++++++++++++--- .../dpo/spec/bbs-event-processor-spec.json | 2 +- 3 files changed, 34 insertions(+), 8 deletions(-) (limited to 'components/bbs-event-processor/dpo') diff --git a/components/bbs-event-processor/dpo/blueprints/bbs-event-processor-input.yaml b/components/bbs-event-processor/dpo/blueprints/bbs-event-processor-input.yaml index a7adbbb2..f503eb82 100644 --- a/components/bbs-event-processor/dpo/blueprints/bbs-event-processor-input.yaml +++ b/components/bbs-event-processor/dpo/blueprints/bbs-event-processor-input.yaml @@ -17,9 +17,9 @@ tag_version: nexus3.onap.org:10001/onap/org.onap.dcaegen2.services.components.bbs-event-processor:1.0.0-SNAPSHOT -pnf_reregistration_url: http:message-router:3904/events/unauthenticated.PNF_UPDATE -cpe_authentication_url: http:message-router:3904/events/unauthenticated.CPE_AUTHENTICATION -close_loop_url: http:message-router:3904/events/unauthenticated.DCAE_CL_OUTPUT +pnf_reregistration_url: https:message-router:3905/events/unauthenticated.PNF_UPDATE +cpe_authentication_url: https:message-router:3905/events/unauthenticated.CPE_AUTHENTICATION +close_loop_url: https:message-router:3905/events/unauthenticated.DCAE_CL_OUTPUT application_rereg_policy_scope: policyScopeReReg application_rereg_cl_control_name: clControlNameReReg application_cpeAuth_policy_scope: policyScopeCpeAuth diff --git a/components/bbs-event-processor/dpo/blueprints/k8s-bbs-event-processor.yaml-template b/components/bbs-event-processor/dpo/blueprints/k8s-bbs-event-processor.yaml-template index 2d2c7a5d..eaf6275a 100644 --- a/components/bbs-event-processor/dpo/blueprints/k8s-bbs-event-processor.yaml-template +++ b/components/bbs-event-processor/dpo/blueprints/k8s-bbs-event-processor.yaml-template @@ -26,13 +26,17 @@ imports: inputs: aai_enrichment_host: type: string - default: "aai" + default: "aai.onap" aai_enrichment_port: type: integer default: 8443 aai_enrichment_protocol: type: string default: "https" + aai_secure_enable_cert: + type: boolean + description: enable certificates-based connection with AAI + default: true tag_version: type: string replicas: @@ -90,10 +94,20 @@ inputs: application_logging_level: type: string default: "INFO" + dmaap_username: + type: string + default: admin + dmaap_password: + type: string + default: admin dmaap_consumer_id: type: string dmaap_consumer_group: type: string + dmaap_secure_enable_cert: + type: boolean + description: enable certificates-based connection with DMaaP + default: true node_templates: bbs-event-processor: type: dcae.nodes.ContainerizedPlatformComponent @@ -102,18 +116,24 @@ node_templates: streams_subscribes: pnf_reregistration: type: message_router + aaf_username: { get_input: dmaap_username } + aaf_password: { get_input: dmaap_password } dmaap_info: topic_url: { get_input: pnf_reregistration_url } cpe_authentication: type: message_router + aaf_username: { get_input: dmaap_username } + aaf_password: { get_input: dmaap_password } dmaap_info: topic_url: { get_input: cpe_authentication_url } streams_publishes: close_loop: type: message_router + aaf_username: { get_input: dmaap_username } + aaf_password: { get_input: dmaap_password } dmaap_info: topic_url: { get_input: close_loop_url } - dmaap.protocol: "http" + dmaap.protocol: "https" dmaap.contentType: "application/json" dmaap.consumer.consumerId: { get_input: dmaap_consumer_id } dmaap.consumer.consumerGroup: { get_input: dmaap_consumer_group } @@ -142,6 +162,12 @@ node_templates: application.cpeAuth.configKey: "cpe_authentication" application.closeLoop.configKey: "close_loop" application.loggingLevel: { get_input: application_logging_level } + application.ssl.keyStorePath: "/opt/app/bbs-event-processor/etc/cert/cert.jks" + application.ssl.keyStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/jks.pass" + application.ssl.trustStorePath: "/opt/app/bbs-event-processor/etc/cert/trust.jks" + application.ssl.trustStorePasswordPath: "/opt/app/bbs-event-processor/etc/cert/trust.pass" + application.ssl.enableAaiCertAuth: { get_input: aai_secure_enable_cert } + application.ssl.enableDmaapCertAuth: { get_input: dmaap_secure_enable_cert } host_port: { get_input: host_port } container_port: @@ -160,5 +186,5 @@ node_templates: log_info: log_directory: "/opt/app/bbs-event-processor/logs" tls_info: - cert_directory: '/opt/app/bbs-event-processor/etc/cert/' - use_tls: false \ No newline at end of file + cert_directory: '/opt/app/bbs-event-processor/etc/cert' + use_tls: true \ No newline at end of file diff --git a/components/bbs-event-processor/dpo/spec/bbs-event-processor-spec.json b/components/bbs-event-processor/dpo/spec/bbs-event-processor-spec.json index 49b0e8f6..08fe4580 100644 --- a/components/bbs-event-processor/dpo/spec/bbs-event-processor-spec.json +++ b/components/bbs-event-processor/dpo/spec/bbs-event-processor-spec.json @@ -300,7 +300,7 @@ }, "artifacts": [ { - "uri": "nexus3.onap.org:10003/onap/org.onap.dcaegen2.services.components.bbs-event-processor:1.0.0-SNAPSHOT", + "uri": "nexus3.onap.org:10001/onap/org.onap.dcaegen2.services.components.bbs-event-processor:1.0.0-SNAPSHOT", "type": "docker image" } ] -- cgit 1.2.3-korg