From 5775de7b0fc84a29511dc4a1a480c3ab32da2ade Mon Sep 17 00:00:00 2001 From: efiacor Date: Tue, 26 Mar 2019 14:29:01 +0000 Subject: DR AAF CADI integration Change-Id: I01548882f813e4029dddf7ddee2af12472163761 Issue-ID: DMAAP-1016 Signed-off-by: efiacor --- .../src/main/resources/database/sql_init_01.sql | 21 +++--- .../src/main/resources/docker-compose.yml | 4 +- .../node_data/aaf_certs/org.onap.dmaap-dr.keyfile | 27 ++++++++ .../src/main/resources/node_data/node.properties | 80 ++++++++++------------ .../prov_data/aaf_certs/org.onap.dmaap-dr.keyfile | 27 ++++++++ .../src/main/resources/prov_data/addSubscriber.txt | 23 +++---- .../main/resources/prov_data/provserver.properties | 19 +++++ 7 files changed, 134 insertions(+), 67 deletions(-) create mode 100755 datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile create mode 100755 datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile (limited to 'datarouter-docker-compose/src/main/resources') diff --git a/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql b/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql index 14c59a65..83dfd0bc 100644 --- a/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql +++ b/datarouter-docker-compose/src/main/resources/database/sql_init_01.sql @@ -4,7 +4,7 @@ CREATE TABLE FEEDS ( FEEDID INT UNSIGNED NOT NULL PRIMARY KEY, GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, NAME VARCHAR(255) NOT NULL, - VERSION VARCHAR(20) NOT NULL, + VERSION VARCHAR(20) NULL, DESCRIPTION VARCHAR(1000), BUSINESS_DESCRIPTION VARCHAR(1000) DEFAULT NULL, AUTH_CLASS VARCHAR(32) NOT NULL, @@ -16,13 +16,14 @@ CREATE TABLE FEEDS ( DELETED BOOLEAN DEFAULT FALSE, LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, SUSPENDED BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP + CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP, + AAF_INSTANCE VARCHAR(256) ); CREATE TABLE FEED_ENDPOINT_IDS ( FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20) NOT NULL, - PASSWORD VARCHAR(32) NOT NULL + USERID VARCHAR(60) NOT NULL, + PASSWORD VARCHAR(100) NOT NULL ); CREATE TABLE FEED_ENDPOINT_ADDRS ( @@ -35,8 +36,9 @@ CREATE TABLE SUBSCRIPTIONS ( FEEDID INT UNSIGNED NOT NULL, GROUPID INT(10) UNSIGNED NOT NULL DEFAULT 0, DELIVERY_URL VARCHAR(256), - DELIVERY_USER VARCHAR(20), - DELIVERY_PASSWORD VARCHAR(32), + FOLLOW_REDIRECTS TINYINT(1) NOT NULL DEFAULT 0, + DELIVERY_USER VARCHAR(60), + DELIVERY_PASSWORD VARCHAR(100), DELIVERY_USE100 BOOLEAN DEFAULT FALSE, METADATA_ONLY BOOLEAN DEFAULT FALSE, SUBSCRIBER VARCHAR(8) NOT NULL, @@ -45,8 +47,9 @@ CREATE TABLE SUBSCRIPTIONS ( LAST_MOD TIMESTAMP DEFAULT CURRENT_TIMESTAMP, SUSPENDED BOOLEAN DEFAULT FALSE, PRIVILEGED_SUBSCRIBER BOOLEAN DEFAULT FALSE, + CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP, DECOMPRESS BOOLEAN DEFAULT FALSE, - CREATED_DATE TIMESTAMP DEFAULT CURRENT_TIMESTAMP + AAF_INSTANCE VARCHAR(256) ); @@ -89,7 +92,7 @@ CREATE TABLE LOG_RECORDS ( CREATE TABLE INGRESS_ROUTES ( SEQUENCE INT UNSIGNED NOT NULL, FEEDID INT UNSIGNED NOT NULL, - USERID VARCHAR(20), + USERID VARCHAR(50), SUBNET VARCHAR(44), NODESET INT UNSIGNED NOT NULL ); @@ -144,6 +147,6 @@ INSERT INTO PARAMETERS VALUES ('PROV_MAXFEED_COUNT', '10000'), ('PROV_MAXSUB_COUNT', '100000'), ('PROV_REQUIRE_CERT', 'false'), - ('PROV_REQUIRE_SECURE', 'false'), + ('PROV_REQUIRE_SECURE', 'true'), ('_INT_VALUES', 'LOGROLL_INTERVAL|PROV_MAXFEED_COUNT|PROV_MAXSUB_COUNT|DELIVERY_INIT_RETRY_INTERVAL|DELIVERY_MAX_RETRY_INTERVAL|DELIVERY_RETRY_RATIO|DELIVERY_MAX_AGE|DELIVERY_FILE_PROCESS_INTERVAL') ; diff --git a/datarouter-docker-compose/src/main/resources/docker-compose.yml b/datarouter-docker-compose/src/main/resources/docker-compose.yml index 8784ee68..bd4726aa 100644 --- a/datarouter-docker-compose/src/main/resources/docker-compose.yml +++ b/datarouter-docker-compose/src/main/resources/docker-compose.yml @@ -68,7 +68,7 @@ services: datarouter-subscriber: image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber container_name: subscriber-node - hostname: subscriber.com + hostname: dmaap-dr-subscriber ports: - "7070:7070" volumes: @@ -76,7 +76,7 @@ services: networks: testing_net: aliases: - - subscriber.com + - dmaap-dr-subscriber mariadb_container: image: mariadb:10.2.14 diff --git a/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile b/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile new file mode 100755 index 00000000..85bfa61f --- /dev/null +++ b/datarouter-docker-compose/src/main/resources/node_data/aaf_certs/org.onap.dmaap-dr.keyfile @@ -0,0 +1,27 @@ +j4IkjDmzOE_ZdHuN_cePYmySXrhmqM4WuGp86_RTiBlJ1TTvUaP_SOSZOqH0fxjk32gRvxJ01_iO +mLtbQ-wZKk-fwCK_o6xrXJcN0G_Y8VGK2OMeqypm98ji25CSMvTdFLaohdPJwiRNMdmwwyF5q1Od +pKviCISBlQ49ytwy3Mv0x7aV3kjkDWSgpx9TiMbWoAKlddcdQMUTEMh0CT0nLGv9uhwmRQ4I8UuE +IzvR1Rit9HayMlXFND6n0IWggYqtAeRV-8wDrI2rAXGOrfLF0RC5-c0Wd0N000BWXvsT_nCYBCM6 +ffA5eAKCJmOVjJFzQTRXJq7Zhwij0CtEPgqqaipKUQhHaft9xeKXW3SPhREIn75F2u2uCcU1sNmd +ytAk7yBPwdEcCQD-KVE9ZB3_57H0WIEr45SpU5ZePJkt2YV85H2Tlc_hGK18gTAcvGqDO3qELmV5 +SBHX5X_ZNL93mOkt37R0SGRdMZVIPJXNTgl4fGAsapvU7Y7sGMYrf2Ea0D-3hctk-aOKuuPEI1Ug +0lqKjghJdvHYRFbm4C_7H-ai7UcBuixBd54Mp-hyBX-gjnFZuMHazFX2toKNe9RgDXIavHzTfF-l +8fjdQpTplc2ECLINf-X6gs7w0zPYv04kLKixwlFff4ZocoxelGDEBlYYGNNxQBZvQtUX_dZetXF1 +VPNnwTB7Sp0fqaXR2aVaZNFSZYeL7VdxkiT0becNRa9QE9s2gU7oO_KTE8JyAiJyO-ojAvSUi-p_ +rq2Ivmab_L4t6GwMpv-EmRcntUQ_PM4s_XvJL2RmmSPWoNvbgCS0IilpYi2CPnEEgxqX37-Unx8m +tYoNkiN-j9rA3Hr4EjEhrbOLf2wAh6RUeULerBpLKnf0Ans6UhjT7XVDaNvzxtAE-GrUCKHQ0ml2 +P_vzDBlGKobaRo-WQzQA-mZKGo1W4Q-qwFdusUflgfJ7iTrvw62jn30f4xGZcaP5Oa-9JvdZJggW +1UvAM-85LdjGTxuI9KXbqRLWZk46B-UF7mDOce6dbRXjY48bZWIHEXcpzPQg6QA02cO10TN5K89V +qXeCnz03ePf0u6YhMAOt5xiUvJpd1y_WI0jh4SH2dT26SegcuRTVLnEG0aL6ClypObwj3FLB1Pek +UESqziiG4mQf_rzBAdPqcjbP8oeM2-mz09VYNyUOQ-7gk6bMAMWVqBx0uDxgIwUzr2UMbahB2Kg6 +9V7yE7obAKZa8x5oMiDGnvgjL9QeHwhUsNbwhhgqTDnB10vj4gh8RkNK8OsxQ53Nofj2PQZfY0GJ +a6It7DCmnAgQ9N51RvCeodmmK9Zh3n_zoxt8gA-eV8zbidXZYQwYWx6ai7ooP7yol2bE_TLDDY9l +_oYO_db73wSmqgTvoAdmrQGO4NI_g2iYN-Gd4XK4V_xgYPKyY5tHNSd4OKr_UuYiSioyNxE4IK1t +zWyJ3tUXAyeq_ZjUDjabsnGnxmgujShRfK-rBh_1AapY3Oh99-aehETtcXihUmFX4lohowniWTA3 +MF1MMlRM5N1phF7xFgkAaZJfkQ-inqgWYvQ9XuW0LfumN4QeO8KnfknukSSgZ86PYTrgJKDIOKWn +UYsxSoE_U02WxQThW8ayrFtKRLGR2x9bMaKzaON0tfltwyQO7ttsKlSyORIWVrGO48CyEDxpDs8U +RDvN_SgFq1gWarCKLL0HDUdLGMfimZP7sPfVEKkprMlDp_gpx7kD7SaB1m7xuNjhBd-6I3gqSR7g +lizTgKmuGalPRGorxX72vlTEYqLtgNWok6e9qjMGhEYCf02li6Ksoxp4ZejN_9S1-FGlcuq3SE9f +Pm0HckGtPJ8u3u2mmLpT1QzzS0RG3XJU5kNJvZcSEG0GOsU7OnWTXoZnleFJvEoQrOuQeZJLyuxn +mnmd49xrTirtxkLB83L8HQdAHvY5Phx8LbR9NJYvkH1MIEbBrrfUUx-x_llROOAYdPxvtpYcMkSt +ApZwRgyvaBiwUirWbnlpmf8QV1MYMlZeBbbqPZIC4eaqcxOSmZa8ox4aR3XQg9zjCxm_jXdE \ No newline at end of file diff --git a/datarouter-docker-compose/src/main/resources/node_data/node.properties b/datarouter-docker-compose/src/main/resources/node_data/node.properties index 98b7137a..62b0f824 100644 --- a/datarouter-docker-compose/src/main/resources/node_data/node.properties +++ b/datarouter-docker-compose/src/main/resources/node_data/node.properties @@ -3,7 +3,6 @@ # * org.onap.dmaap # * =========================================================================== # * Copyright � 2017 AT&T Intellectual Property. All rights reserved. -# * Modifications Copyright (C) 2018 Nokia. All rights reserved. # * =========================================================================== # * Licensed under the Apache License, Version 2.0 (the "License"); # * you may not use this file except in compliance with the License. @@ -22,90 +21,83 @@ # * #------------------------------------------------------------------------------- # -# Configuration parameters fixed at startup for the DataRouter node +# Configuration parameters set at startup for the DataRouter node # # URL to retrieve dynamic configuration -# -#ProvisioningURL: ${DRTR_PROV_INTURL} -ProvisioningURL=https://dmaap-dr-prov:8443/internal/prov - +ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov # # URL to upload PUB/DEL/EXP logs -# -#LogUploadURL: ${DRTR_LOG_URL} -LogUploadURL=https://dmaap-dr-prov:8443/internal/logs - +LogUploadURL = https://dmaap-dr-prov:8443/internal/logs # # The port number for http as seen within the server -# -#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080} -IntHttpPort=8080 +IntHttpPort = 8080 # # The port number for https as seen within the server -# -IntHttpsPort=8443 +IntHttpsPort = 8443 # # The external port number for https taking port mapping into account +ExtHttpsPort = 443 # -ExtHttpsPort=443 -# -# The minimum interval between fetches of the dynamic configuration -# from the provisioning server -# -MinProvFetchInterval=10000 +# The minimum interval between fetches of the dynamic configuration from the provisioning server +MinProvFetchInterval = 10000 # # The minimum interval between saves of the redirection data file -# -MinRedirSaveInterval=10000 +MinRedirSaveInterval = 10000 # # The path to the directory where log files are stored -# -LogDir=/opt/app/datartr/logs +LogDir = /opt/app/datartr/logs # # The retention interval (in days) for log files -# -LogRetention=30 +LogRetention = 30 # # The path to the directories where data and meta data files are stored -# -SpoolDir=/opt/app/datartr/spool +SpoolDir = /opt/app/datartr/spool # # The path to the redirection data file -# -#RedirectionFile: etc/redirections.dat +RedirectionFile = etc/redirections.dat # # The type of keystore for https -KeyStoreType: jks +KeyStoreType = jks # # The path to the keystore for https -# -KeyStoreFile:/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +KeyStoreFile = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks # # The password for the https keystore -# KeyStorePassword=]3V)($O&.Mv]W{f8^]6SxGNL # # The password for the private key in the https keystore -# KeyPassword=]3V)($O&.Mv]W{f8^]6SxGNL # # The type of truststore for https -# -TrustStoreType=jks +TrustStoreType = jks # # The path to the truststore for https -# -TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +TrustStoreFile = /opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks # # The password for the https truststore -# TrustStorePassword=(Rd,&{]%ePdp}4JZjqoJ2G+g # # The path to the file used to trigger an orderly shutdown -# -QuiesceFile=etc/SHUTDOWN +QuiesceFile = etc/SHUTDOWN # # The key used to generate passwords for node to node transfers +NodeAuthKey = Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF URL to connect to AAF server +AafUrl = https://aaf-onap-test.osaaf.org:8095 # -NodeAuthKey=Node123! +# AAF CADI enabled flag +CadiEnabled = false diff --git a/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile b/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile new file mode 100755 index 00000000..a586a72e --- /dev/null +++ b/datarouter-docker-compose/src/main/resources/prov_data/aaf_certs/org.onap.dmaap-dr.keyfile @@ -0,0 +1,27 @@ +VDu7g5rP2-JMemc6RwP0HqM4ILJnuja8R_bzdCG1u0_Z2EQJN_7ZNPDb28V6JCDF-59sX10_i9vT +-nw77ViAuwJO7ffSut8ipVhESeQxTokZsErzMFpeJZDhMM16W5LLtxwUs_tgh_EQIJSc-WcFUNYS +NagugzjmNE5-hUosLgnt7mZ1nX4zFER9Nq1ce0EQS--kAB9rxcRmoywPlBlHvPmP_caiwpa1SzJp +gbFF6smyLEWhjDhJkgvM_4FwaQCbJBVGcy2a3Lc9orHsz9S1RJTZ9CExhasM0qEp3kk0fMEFE9k6 +TomOpUBGizLfHPpg18KtXyM8zErj8qdS0KMwaCKtwGzCWw08MF5rVZrMYWLKDMOs8U2ESU7x28nV +KSrAsR11QD7vX4PTVTfjEpcHSGe-9nPD7TckY8_O-9l67v_OUW1Fw4MSESCN0RtT7ZlNYwDV0syA +X94rv1Y45N41tfX76jz8PDB9G-PF36BtkICJWK24zwuQDgpkURhCLPYzvBhPmCPyQil810X9s_bX +icmV2cSN3oYQRz5dNSjUYH1CDt9edAJt4p2PQhM3A2xXyw1FVvbAIYA7iF-3qYG9csroBzsCcS5C +hX8929jZHQWU5pygtpedEWhX__tnSrd-xIpxPnhOxrb-lNLva5JGKauU2DrGoLd_7RTwbuRdCiQo +uGFtYOtjLciPz81oEEpXQTReeSnvGyGiZNxRrKWMEmq-biyQd4DuRVmTDuLAG4rd92QWS6qUz0uf +9TtJiYlN3mNkxz3ahEGWLKR79rH9juJ3xqpcF-Rb7Y1bmiCDBv3DVVFiYIpwQuto1iSIYabL34Ql +QqX65E1c3uvPksN6Nl1nvAVxSKM94wAFsMiA9Rp8AN9pDSxtj7D3kZCG8I0YaIxF_s-OeJtr1RPx +ifv8vrwN23GUQCmpGBbyNXNe6zz-hz_HJdAsBr6WjLny9LQkeYszHGF-OL5ps6K5gHBRV0Ui1C7H +Gj7egsjnV_Lu5MpBxhTrquDrZKK3t38kf0zrV-zfSGzJlGbLS91h8bR-7FAZiNEzgXPWYi26w81i +W3Csx4oqsfKswp0pO80rggkFf9LL9pjCkSUTTVyF-toa9kY2h7JsVtqntP4Mjagp4Tnj01988kne +Mj8SLm2mJySTLdH5Hi4arKW943iCqYjEaZ7wXFNJSZ6vvBm3KC1XX6C0DjRrgQoKIHw_4JcGhvOU +P5LdpBT1AOcE8lIKrGGq8hyfJKLVUMec-NkzAT2aIl0YJoUcJv4fs-lKccGL4FDrq5y_yvD3xQ6v +xt7KTanFxntqLYmM72Y2eFwJGlDEHhm0SejAV64-odksA_zMLLuYwkq_KSj0If9AVpRXz7KzIj9P +9y-WMfAWKFfIyqGWXt5sYdMTQPG4qKCcFQBx3T0E6kiQMBuOZz0dR032eFPMexrymEowjosr2jt3 +ib8rFxmPMyyUWoV1iBafFMLf5PN2oapTq76gqeQQGGwpmYJB8cWlS1Eq_ZbzZpK2PSwX-fC6NSf3 +KtOV_r2VI3e_V6csnWTY8nxCJj9FlQCvLOzp964DNsBeUwDpsD7T_pgQy0THgAnq32ZtDvQfgeUE +TUJC7oQeOEY7QBWjbZkumds51j7oTlsp2dPForlHwBk_2Nd5VCwVRNa1QMS8WcghLYbUCX5zeplc +u2bopHn9GD614gt7f7wysDgTGegOCAuMoL7wA9TXN4BSfAF9mwpdtRFE4lT3N1xmfhKt9rM6Lu8T +RGvBOmTOTT5IwJrrE5mpvmESw05sHUcCZ9ENv-VhoeC3Ffk9uXqrDggQgaDs9XcXqzEPBp9wDPTt +UJpbtBGECSSTuXAZyUh3I0WFz96kVuHmQpDYVTpy1sxPjmgjgKyhu_6jLGSsYpVBH063n7KSKVdF +ROKojZN4-FsBlPhoOhNEd7x1OBfgCG79HKGk33jhESObZkPIrcTc17jiE-ud2D1B1_Fl-OJNR7Vh +GIk4WMZrH9NeVwDuIgBxF74plqg6tSl0Cdd4m7e3Drsq-wRfsU2gNTo5oL-2SgbsO5n3ubQf \ No newline at end of file diff --git a/datarouter-docker-compose/src/main/resources/prov_data/addSubscriber.txt b/datarouter-docker-compose/src/main/resources/prov_data/addSubscriber.txt index 45e12732..ccb55f6b 100644 --- a/datarouter-docker-compose/src/main/resources/prov_data/addSubscriber.txt +++ b/datarouter-docker-compose/src/main/resources/prov_data/addSubscriber.txt @@ -21,16 +21,15 @@ # * #------------------------------------------------------------------------------- { - "delivery" : - - { - "url" : "http://172.100.0.3:7070/", - "user" : "datarouter", - "password" : "datarouter", - "use100" : true - }, - "metadataOnly" : false, - "suspend" : false, - "groupid" : 29, - "subscriber" : "sg481n" +"delivery" : + { + "url" : "http://172.100.0.3:7070/", + "user" : "datarouter", + "password" : "datarouter", + "use100" : true + }, +"metadataOnly" : false, +"suspend" : false, +"groupid" : 29, +"subscriber" : "sg481n" } diff --git a/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties b/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties index 7e38f287..21b9bc49 100755 --- a/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties +++ b/datarouter-docker-compose/src/main/resources/prov_data/provserver.properties @@ -43,8 +43,27 @@ org.onap.dmaap.datarouter.provserver.logretention = 30 # relaxation to accommodate OOM kubernetes deploy org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false +#Localhost address config +org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 + # Database access org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/datarouter org.onap.dmaap.datarouter.db.login = datarouter org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe + +# AAF URL to connect to AAF server +org.onap.dmaap.datarouter.provserver.cadi.aaf.url = https://aaf-onap-test.osaaf.org:8095 \ No newline at end of file -- cgit 1.2.3-korg