summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorplatania <platania@research.att.com>2017-03-14 14:14:15 -0400
committerplatania <platania@research.att.com>2017-03-14 14:14:15 -0400
commit2b556b22a1c446670a9e7f7030b24da136dbf45b (patch)
treeaf01a03ebed5af60e1b8db31a874d7d7d5c88e20
parent44d0a39cc49142c407170463076910bac919a934 (diff)
disable unexpected updates in robot VM
Change-Id: I24280be8f3bdc5237554b8e46fe9a7909a97795c Signed-off-by: platania <platania@research.att.com>
-rw-r--r--boot/.DS_Storebin6148 -> 0 bytes
-rw-r--r--boot/bind_options39
-rw-r--r--boot/bind_zones110
-rw-r--r--heat/OpenECOMP/openecomp_rackspace.yaml1
4 files changed, 150 insertions, 0 deletions
diff --git a/boot/.DS_Store b/boot/.DS_Store
deleted file mode 100644
index 5008ddfc..00000000
--- a/boot/.DS_Store
+++ /dev/null
Binary files differ
diff --git a/boot/bind_options b/boot/bind_options
new file mode 100644
index 00000000..d65cc323
--- /dev/null
+++ b/boot/bind_options
@@ -0,0 +1,39 @@
+acl "trusted" {
+ #x.x.x.x;
+};
+options {
+ directory "/var/cache/bind";
+
+ recursion yes; # enables recursive queries
+ allow-recursion { netmask; }; # allows recursive queries from "trusted” clients i.e. LB only
+ listen-on { dns_ip_addr; }; # ns1 IP address - listen on this address only
+ allow-transfer { none; }; # disable zone transfers by default
+
+ forwarders {
+ 8.8.8.8;
+ 8.8.4.4;
+ };
+
+ // If there is a firewall between you and nameservers you want
+ // to talk to, you may need to fix the firewall to allow multiple
+ // ports to talk. See http://www.kb.cert.org/vuls/id/800113
+
+ // If your ISP provided one or more IP addresses for stable
+ // nameservers, you probably want to use them as forwarders.
+ // Uncomment the following block, and insert the addresses replacing
+ // the all-0's placeholder.
+
+ // forwarders {
+ // 0.0.0.0;
+ // };
+
+ //========================================================================
+ // If BIND logs error messages about the root key being expired,
+ // you will need to update your keys. See https://www.isc.org/bind-keys
+ //========================================================================
+ dnssec-validation auto;
+
+ auth-nxdomain no; # conform to RFC1035
+ listen-on-v6 { any; };
+};
+
diff --git a/boot/bind_zones b/boot/bind_zones
new file mode 100644
index 00000000..1c0b27e7
--- /dev/null
+++ b/boot/bind_zones
@@ -0,0 +1,110 @@
+;
+; BIND data file for local loopback interface
+;
+$TTL 604800
+@ IN SOA simpledemo.openecomp.org. admin.simpledemo.openecomp.org. (
+ 20170221 ; Serial
+ 604800 ; Refresh
+ 86400 ; Retry
+ 2419200 ; Expire
+ 604800 ) ; Negative Cache TTL
+;
+; name servers - NS records
+ IN NS simpledemo.openecomp.org.
+
+; name servers - A records
+simpledemo.openecomp.org. IN A dns_ip_addr
+
+;
+vm1.aai.simpledemo.openecomp.org. IN A aai_ip_addr
+c1.vm1.aai.simpledemo.openecomp.org. IN A aai_ip_addr
+c2.vm1.aai.simpledemo.openecomp.org. IN A aai_ip_addr
+c3.vm1.aai.simpledemo.openecomp.org. IN A aai_ip_addr
+
+vm1.appc.simpledemo.openecomp.org. IN A appc_ip_addr
+c1.vm1.appc.simpledemo.openecomp.org. IN A appc_ip_addr
+c2.vm1.appc.simpledemo.openecomp.org. IN A appc_ip_addr
+
+vm1.sdc.simpledemo.openecomp.org. IN A sdc_ip_addr
+c1.vm1.sdc.simpledemo.openecomp.org. IN A sdc_ip_addr
+c2.vm1.sdc.simpledemo.openecomp.org. IN A sdc_ip_addr
+c3.vm1.sdc.simpledemo.openecomp.org. IN A sdc_ip_addr
+c4.vm1.sdc.simpledemo.openecomp.org. IN A sdc_ip_addr
+
+vm1.dcae.simpledemo.openecomp.org. IN A dcae_ip_addr
+c1.vm1.dcae.simpledemo.openecomp.org. IN A dcae_ip_addr
+c2.vm1.dcae.simpledemo.openecomp.org. IN A dcae_ip_addr
+c3.vm1.dcae.simpledemo.openecomp.org IN A dcae_ip_addr
+
+vm1.mso.simpledemo.openecomp.org. IN A mso_ip_addr
+c1.vm1.mso.simpledemo.openecomp.org. IN A mso_ip_addr
+c1.vm1.mso.simpledemo.openecomp.org. IN A mso_ip_addr
+
+vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c1.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c2.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c3.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c4.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c5.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c6.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c7.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+c8.vm1.policy.simpledemo.openecomp.org. IN A policy_ip_addr
+
+vm1.sdnc.simpledemo.openecomp.org. IN A sdnc_ip_addr
+c1.vm1.sdnc.simpledemo.openecomp.org. IN A sdnc_ip_addr
+c2.vm1.sdnc.simpledemo.openecomp.org. IN A sdnc_ip_addr
+c3.vm1.sdnc.simpledemo.openecomp.org. IN A sdnc_ip_addr
+c4.vm1.sdnc.simpledemo.openecomp.org. IN A sdnc_ip_addr
+
+vm1.vid.simpledemo.openecomp.org. IN A vid_ip_addr
+c1.vm1.vid.simpledemo.openecomp.org. IN A vid_ip_addr
+c2.vm1.vid.simpledemo.openecomp.org. IN A vid_ip_addr
+
+vm1.portal.simpledemo.openecomp.org. IN A portal_ip_addr
+c1.vm1.portal.simpledemo.openecomp.org. IN A portal_ip_addr
+c2.vm1.portal.simpledemo.openecomp.org. IN A portal_ip_addr
+
+vm1.aaf.simpledemo.openecomp.org. IN A aaf_ip_addr
+
+vm1.mr.simpledemo.openecomp.org. IN A mr_ip_addr
+
+
+;CNAMES
+;A&AI
+aai.api.simpledemo.openecomp.org. IN CNAME vm1.aai.simpledemo.openecomp.org.
+aai.hbase.simpledemo.openecomp.org. IN CNAME vm1.aai.simpledemo.openecomp.org.
+
+;APPC
+appc.api.simpledemo.openecomp.org. IN CNAME vm1.appc.simpledemo.openecomp.org.
+
+;ASDC
+sdc.api.simpledemo.openecomp.org. IN CNAME vm1.sdc.simpledemo.openecomp.org.
+
+;DCAE
+dcae.api.simpledemo.openecomp.org. IN CNAME vm1.dcae.simpledemo.openecomp.org.
+
+;MSO
+mso.api.simpledemo.openecomp.org. IN CNAME vm1.mso.simpledemo.openecomp.org.
+
+;Policy
+policy.api.simpledemo.openecomp.org. IN CNAME vm1.policy.simpledemo.openecomp.org.
+
+;SDNC
+sdnc.api.simpledemo.openecomp.org. IN CNAME vm1.sdnc.simpledemo.openecomp.org.
+
+;VID
+vid.api.simpledemo.openecomp.org. IN CNAME vm1.vid.simpledemo.openecomp.org.
+
+;PORTAL
+portal.api.simpledemo.openecomp.org. IN CNAME vm1.portal.simpledemo.openecomp.org.
+
+;Message Router
+;mr.api.simpledemo.openecomp.org. IN CNAME vm1.mr.simpledemo.openecomp.org.
+ueb.api.simpledemo.openecomp.org. IN CNAME vm1.mr.simpledemo.openecomp.org.
+mr.api.simpledemo.openecomp.org. IN A dcae_coll_ip_addr.102
+collector.api.simpledemo.openecomp.org. IN A dcae_coll_ip_addr.102
+;dbc.api.simpledemo.openecomp.org. IN CNAME vm1.mr.simpledemo.openecomp.org.
+;drprov.api.simpledemo.openecomp.org. IN CNAME vm1.mr.simpledemo.openecomp.org.
+
+;AAF
+aaf.api.simpledemo.openecomp.org. IN CNAME vm1.aaf.simpledemo.openecomp.org.
diff --git a/heat/OpenECOMP/openecomp_rackspace.yaml b/heat/OpenECOMP/openecomp_rackspace.yaml
index 613fb13c..fa25ac45 100644
--- a/heat/OpenECOMP/openecomp_rackspace.yaml
+++ b/heat/OpenECOMP/openecomp_rackspace.yaml
@@ -491,6 +491,7 @@ resources:
add-apt-repository -y ppa:openjdk-r/ppa
apt-get update
apt-get install -y apt-transport-https ca-certificates wget openjdk-8-jdk ntp ntpdate
+ echo "APT::Periodic::Unattended-Upgrade \"0\";" >> /etc/apt/apt.conf.d/10periodic
# Download scripts from Nexus
curl -k __nexus_repo__/org.openecomp.demo/boot/__artifacts_version__/robot_vm_init.sh -o /opt/robot_vm_init.sh