summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorVictor Morales <victor.morales@intel.com>2017-07-31 18:40:39 -0500
committerVictor Morales <victor.morales@intel.com>2017-07-31 18:40:39 -0500
commit455beceeac70836e49b41f85e9399037e0255751 (patch)
treec4940b2777e7cd064d1b5a6b0f230d4053da83e5
parentf48e43230eeaa5dc19ce5ec914bb8216922fc7cc (diff)
Update AAI setup
This change includes instructions to setup a development environment for a AAI project provided in the wiki entry: * https://wiki.onap.org/pages/viewpage.action?pageId=10782088 Change-Id: I1e60d6cc1d2fd12c56990aded6f385f11dca5b9c Signed-off-by: Victor Morales <victor.morales@intel.com>
-rwxr-xr-xbootstrap/vagrant-onap/lib/aai91
-rw-r--r--bootstrap/vagrant-onap/lib/files/aai.pem102
-rw-r--r--bootstrap/vagrant-onap/lib/files/haproxy.cfg120
-rw-r--r--bootstrap/vagrant-onap/lib/files/settings.template27
-rwxr-xr-xbootstrap/vagrant-onap/lib/functions4
5 files changed, 313 insertions, 31 deletions
diff --git a/bootstrap/vagrant-onap/lib/aai b/bootstrap/vagrant-onap/lib/aai
index d048c2b8c..336a446aa 100755
--- a/bootstrap/vagrant-onap/lib/aai
+++ b/bootstrap/vagrant-onap/lib/aai
@@ -6,25 +6,88 @@ source /var/onap/functions
source /var/onap/asserts
hbase_version=1.2.3
+src_folder=$git_src_folder/aai
+aai_repos=("aai-common" "aai-config" "aai-data" "aai-service" "data-router" "logging-service" "model-loader" "resources" "rest-client" "router-core" "search-data-service" "sparky-be" "sparky-fe" "test-config" "traversal")
+
+# install_hadoop() - Function that installs Hadoop
+function install_hadoop {
+ local release=titan
+ local version=1.0.0
+ local filename=$release-$version-hadoop1
+ local dest_folder=/opt/hadoop/current
+
+ if [ ! -d $dest_folder ]; then
+ curl http://s3.thinkaurelius.com/downloads/$release/$filename.zip -o /tmp/${filename}.zip
+ install_package unzip
+ mkdir -p $dest_folder
+ unzip /tmp/${filename}.zip -d $dest_folder
+ pushd $dest_folder/${filename}
+ ./bin/titan.sh start
+ popd
+ fi
+}
+
+# install_haproxy() - Function that install HAProxy
+function install_haproxy {
+ install_package haproxy
+ sed -i "s|ENABLED=0|ENABLED=1|g" /etc/default/haproxy
+# cp /var/onap/files/haproxy.cfg /etc/haproxy/
+ cp /var/onap/files/aai.pem /etc/ssl/private/
+ chmod 640 /etc/ssl/private/aai.pem
+ chown root:ssl-cert /etc/ssl/private/aai.pem
+ mkdir /usr/local/etc/haproxy
+ echo "127.0.0.1 localhost aai-traversal.api.simpledemo.openecomp.org aai-resources.api.simpledemo.openecomp.org" >> /etc/hosts
+
+ service haproxy restart
+}
# clone_all_aai_repos() - Function that clones AAI source repo.
function clone_all_aai_repos {
- local src_folder=/opt/aai
-
- for dirc in aai-common aai-config aai-data aai-service data-router logging-service model-loader resources rest-client router-core search-data-service sparky-be sparky-fe test-config traversal; do
+ for dirc in ${aai_repos[@]}; do
clone_repo aai/$dirc $src_folder/$dirc
done
}
-# compile_all_aai_repos() - Function that compiles AAI source repo.
-function compile_all_aai_repos {
- local src_folder=/opt/aai
+# compile_aai_repos() - Function that compiles AAI source repo.
+function compile_aai_repos {
+ local repos=("aai-common" "resources" "logging-service" "traversal")
+ if [[ "$compile_repo" == "True" ]]; then
+ repos=aai_repos
+ fi
- for dirc in aai-common aai-config aai-data aai-service data-router logging-service model-loader resources rest-client router-core search-data-service sparky-be sparky-fe test-config traversal; do
+ for dirc in ${repos[@]}; do
compile_src $src_folder/$dirc
done
}
+# setup_titan() - Function that configures AAI services to connect to Hadoop Titan
+function setup_titan {
+ local $subdirectory=bundleconfig-local/etc/appprops
+ install_python_package crudini
+
+ for dirc in resources/aai-resources traversal/aai-travers; do
+ for file in titan-cached.properties titan-realtime.properties; do
+ crudini --set --existing $src_folder/$dirc/$subdirectory/$file "" storage.backend cassandra
+ crudini --set --existing $src_folder/$dirc/$subdirectory/$file "" storage.hostname localhost
+ done
+ done
+
+ # Addthe schema to the local isntance
+ pushd $src_folder
+ java -DAJSC_HOME=$src_folder/resources/aai-resources -DBUNDLECONFIG_DIR="bundleconfig-local" -cp aai-common/aai-core/target/aai-core-1.1.0-SNAPSHOT.jar:resources/aai-resources/target/aai-resources.jar:resources/aai-resources/target/userjars/* org.openecomp.aai.dbgen.GenTester
+ popd
+}
+
+# start_aai_microservices() - Function that starts AAI microservices
+function start_aai_microservices {
+ MAVEN_OPTS="-Xms1024m -Xmx5120m -XX:PermSize=2024m -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=9446,server=y,suspend=n"
+ for svc in resources traversal; do
+ pushd $src_folder/resources
+ mvn -P runAjsc
+ popd
+ done
+}
+
# pull_hbase_image() - Pull HBase container image from a Docker Registry Hub
function pull_hbase_image {
docker_openecomp_login
@@ -109,13 +172,17 @@ function wait_for_sdc {
# init_aai() - Function that initialize AAI services
function init_aai {
- mkdir -p /opt/openecomp/aai/logs
- mkdir -p /opt/openecomp/aai/data
+ install_hadoop
+ install_haproxy
clone_all_aai_repos
- if [[ "$compile_repo" == "True" ]]; then
- compile_all_aai_repos
- fi
+ compile_aai_repos
+
+ setup_titan
+ start_aai_microservices
+
+ mkdir -p /opt/openecomp/aai/logs
+ mkdir -p /opt/openecomp/aai/data
install_hbase
diff --git a/bootstrap/vagrant-onap/lib/files/aai.pem b/bootstrap/vagrant-onap/lib/files/aai.pem
new file mode 100644
index 000000000..d446705c7
--- /dev/null
+++ b/bootstrap/vagrant-onap/lib/files/aai.pem
@@ -0,0 +1,102 @@
+Bag Attributes
+ friendlyName: aaiopenecomp
+ localKeyID: 54 69 6D 65 20 31 34 39 35 35 31 32 38 30 33 36 34 39
+subject=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=SimpleDemo/CN=aai.api.simpledemo.openecomp.org/emailAddress=aai-host@api.simpledemo.openecomp.org
+issuer=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Server CA X1/emailAddress=simpledemo@openecomp.org
+-----BEGIN CERTIFICATE-----
+MIIEiTCCA3GgAwIBAgIJAIPKfDLcn3MpMA0GCSqGSIb3DQEBCwUAMIGtMQswCQYD
+VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV
+BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzEqMCgGA1UEAwwhT3Bl
+bkVDT01QIHNpbXBsZWRlbW8gU2VydmVyIENBIFgxMScwJQYJKoZIhvcNAQkBFhhz
+aW1wbGVkZW1vQG9wZW5lY29tcC5vcmcwHhcNMTYxMTMwMTUzODM5WhcNMTcxMTMw
+MTUzODM5WjCBuTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApC
+ZWRtaW5zdGVyMRIwEAYDVQQKDAlPcGVuRUNPTVAxEzARBgNVBAsMClNpbXBsZURl
+bW8xKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAub3JnMTQw
+MgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAu
+b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrQl8A0rT0Jjlos
+Mr/7LEhT5UOif4GGPOk+3NCIxT3lOqAbUf+d9ZXyT2jWFRiKWua03vQ+Dxc8c2h2
+RRuH8LwEiOiWqPjWRxNqsARzZMI3ryHFCFBZh0FcpjH9kEeKVlLDYuV68k+ZucKd
+NiqUNn61lD7kbmEGwvzKwf91FrJ09+CBMx1OnWKm3gCNKDqAEFMZCOdn2MgesJYB
+/03lzPBS1jDfBXImXRcTBzpgA+wdCLn0cIQ1eLWUwS5tUqUJNh36nHdVyJ0P2Yjd
+JLuxhFcmBKOz1ShyyO+BBtKBO8EGbU6qKflOiwOw0Fsn8LjKcrHQ58NPui5y04BU
+Rypf3QIDAQABo4GdMIGaMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgO4MB0G
+A1UdDgQWBBQyMUOsE2J+CKzK0qd8KFBD2gaWyjBbBgNVHSAEVDBSMFAGBFUdIAAw
+SDBGBggrBgEFBQcCAjA6GjhLZWVwIGF3YXkgZnJvbSBjaGlsZHJlbi4gIFRoaXMg
+Y2VydGlmaWNhdGUgaXMgbm90IGEgdG95LjANBgkqhkiG9w0BAQsFAAOCAQEAnkoy
+2tWJOyyyIQwtVojUxv1GWQPnw3WCUcKpuX4CJhHXLxNErW1fBg7bmo08BNmBPPpq
+WrJsy5lbBgUo9kgpViux5Stfy1rRIRsRLfl/icgCvJmUAxkmRCZL7yUvwG4K7s+8
+DwT+nW/XuWNP6Hd/qHccexB6COJ8KwvTdVoxAkCdX8qw4MCb/f7Kb1yle/vwBM5Q
+UUONCJ4bEns1vnb9DGlNDUJNwCfwORAaVJpVS38Mv4UnSTmb2KMePtCWcx/dNsYR
+2XrSGqLDnTvHwOpyhbfFTmackysGoSuDytORXy8YbwEiF13BwEK8i3rgNN0Z2ojf
+cpmE2xxmaa+A2uuN6g==
+-----END CERTIFICATE-----
+Bag Attributes
+ friendlyName: root
+ 2.16.840.1.113894.746875.1.1: <Unsupported tag 6>
+subject=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Server CA X1/emailAddress=simpledemo@openecomp.org
+issuer=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Root Certification Authority/emailAddress=simpledemo@openecomp.org
+-----BEGIN CERTIFICATE-----
+MIIFpTCCA42gAwIBAgIJAJqx8dKnCZZoMA0GCSqGSIb3DQEBCwUAMIG9MQswCQYD
+VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV
+BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzE6MDgGA1UEAwwxT3Bl
+bkVDT01QIHNpbXBsZWRlbW8gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEn
+MCUGCSqGSIb3DQEJARYYc2ltcGxlZGVtb0BvcGVuZWNvbXAub3JnMB4XDTE2MTEy
+ODIxMTQyNloXDTIxMTEyNzIxMTQyNlowga0xCzAJBgNVBAYTAlVTMQswCQYDVQQI
+DAJOSjETMBEGA1UEBwwKQmVkbWluc3RlcjESMBAGA1UECgwJT3BlbkVDT01QMRMw
+EQYDVQQLDApzaW1wbGVkZW1vMSowKAYDVQQDDCFPcGVuRUNPTVAgc2ltcGxlZGVt
+byBTZXJ2ZXIgQ0EgWDExJzAlBgkqhkiG9w0BCQEWGHNpbXBsZWRlbW9Ab3BlbmVj
+b21wLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALr4rivKQuRk
+YNf5Ig40e1nqj6s6LB1vgMOYbKfRziOFpPcUpsHPOhusHowiUsrU1vdFSzPz6Ej7
+PjlmNSg2Qka8YCn9kd6QgM7U0KcPJvIucBp+qjifH3EvP0jgDPhDeVRYxzV454dv
+5kQ9uCpswJP7YAnX51dkWeH8nwPUoagt31bOl9LXENSrgxEThxdLYMJnQJWk2CmV
+otXM4tT1dxyJxFUrZ6uJCEAYw5VtlplqihHf8lHy+sWQavtsLz/4dc+sGeXSTfoI
+voKvoh3uZ5gEhGV8yfJxk1veX5y5/AxP80vQ+smWYjTnQL5QQ57y4bciez4XVBmQ
+SWimWtOi4e8CAwEAAaOBtTCBsjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHQ4EFgQUTqdsYgGNGubdJHq9tsaJhM9HE5wwcAYDVR0gBGkwZzBl
+BgRVHSAAMF0wWwYIKwYBBQUHAgIwTxpNSWYgeW91IHRydXN0IHRoaXMgY2VydCB0
+aGVuIHdlIGhhdmUgYSBicmlkZ2UgdGhhdCB5b3UgbWlnaHQgYmUgaW50ZXJlc3Rl
+ZCBpbi4wDQYJKoZIhvcNAQELBQADggIBAKNNlRqFuE/JgV1BHyYK0xoSXH4aZP/7
+IoHtDVcSaZAOOuFOUrwVMUbzRBebbb6RpFwt/X+NLFUGysd+XNLF7W7lzxKtmFNX
+n4OpNkBe0y5O7yurus8rERHzu3jiOSgVo+WzDlGpYSRnG3hI2qPWqD+Puzx/WwI8
+XUTuzEQQ3gUSyVFfXHpay3VpYmLZiLJ9WKY5SDw7Ie6Sxrju4Qm1HwnFY8wHZGcs
+2KMQzorJ1ZNQf523yUTghbT0rKaSFaD8zugPtI2ONfFG/QgrkQXo78opzPsHnHwa
+SxGSiAgeLbwAUCvPNl27zr6k6+7TcNjV0VUivAs0OG3VEAdgi7UWYB+30KfWwHwE
+zGmvd4IAGqIqlqLcSVArN5z8JK1B5nfjQn5UrclU1vK+dnuiKE2X4rKuBTRYRFR/
+km+mj4koYFPKFHndmJl1uv2OCJK9l5CSIuKWeI1qv8BASKqgNdoT/SKBXqxgYlCb
+o+j4IDjxrxChRO+e5vl9lA7INfRrbljCkUjfLRa+v2q9tWQ3+EQUwwnSrSfihh2T
+j0Tksr6b8dDsvMlCdOKG1B+JPcEXORSFKNXVTEfjqpJG8s16kFAocWt3S6xO0k1t
+qbQp+3tWQgW2TGnX0rMZzB6NGRNfWhlYmq2zHgXkiCIZ26Ztgt/LNbwEvN3+VlLo
+z/Rd+SKtlrfb
+-----END CERTIFICATE-----
+Bag Attributes
+ friendlyName: aaiopenecomp
+ localKeyID: 54 69 6D 65 20 31 34 39 35 35 31 32 38 30 33 36 34 39
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBCtCXwDStPQmO
+Wiwyv/ssSFPlQ6J/gYY86T7c0IjFPeU6oBtR/531lfJPaNYVGIpa5rTe9D4PFzxz
+aHZFG4fwvASI6Jao+NZHE2qwBHNkwjevIcUIUFmHQVymMf2QR4pWUsNi5XryT5m5
+wp02KpQ2frWUPuRuYQbC/MrB/3UWsnT34IEzHU6dYqbeAI0oOoAQUxkI52fYyB6w
+lgH/TeXM8FLWMN8FciZdFxMHOmAD7B0IufRwhDV4tZTBLm1SpQk2Hfqcd1XInQ/Z
+iN0ku7GEVyYEo7PVKHLI74EG0oE7wQZtTqop+U6LA7DQWyfwuMpysdDnw0+6LnLT
+gFRHKl/dAgMBAAECggEBAJko2HkeIW01mUhdWOXnFgR7WjzzXZEmlffr41lVBr7f
+rejGsQZs9cms73R7rCdOsi8PDoA6bqaQfADg571K659fvYVWbHqh+3im+iWvUlKm
+GYIVG/vNrEq43CZsUU7Qw/xba/QiOFraNxCATTV1sORPwgddouXEi5XW9ZPX9/FJ
+wORx4L/K0DfHX1rr+rtOoHCJdZYhn3Ij87kmR8Mwg0fNeWhHqtxUEyM/itRjCvOe
+mgt2V8DORhmq12L4+5QJctBrkBVRp9Rh6YSZZBGnKbTSgf4q648BdkJDLSK4cguT
+D6BAw3gxj5V4wt5W0wn2JpjadFwnixrTzvMP/yAqfK0CgYEA93nBAoUPw8nzQkwk
+8iWBjfJ999Rw92hnnvk3xbcQcGfgUYuB4dxwe6FQTmFIVylt81er1YUvMb3ao7fo
+5ZcGnI5p1idjsd27kbZJLxb5Oh919hKu5IfkfYsVgnC0UdKCTgH5CaH0U4ATuXwt
+RL6qm0XcLALs5y2OO6z3s+mYhisCgYEAx7EQ8MA45bkXnRQiHBhGcIIcr2sRDfVJ
+OhHmGxx3EcYgtsIYKTqtQOyIt/nQxo6iyNL9bzfzBTybFJLuj63ZG1Ef4LosJedl
+eAU2NsKv5MlKYDSdNbLAJ0Op9I2Xu/pXQecPwY/3MkIQArdQCLevMLEGywCsuJTn
+BjkJNDkb9hcCgYAhoFiaiAwJVYKJSqFmibQd3opBR4uGApi54DE021gPff3b9rHS
+R8q88cFgtRVISqfW/d2qaKtt/dcckdvCfo/2a99zqux/+ZoIBZXSITQCMs4rfoRn
+JxPj/ycQD1JhH9J22QvGxEvXoLqNZJMeGS5DZO2yyT75dpYyA6Gwv5fq+wKBgQC5
+AhV917lfLELyZurLOLpaFlHZO8rLMcusH1UfHRo7v2IjsGOOHyzRD9QDD1IcA55R
+jRj8Z8uhuGq9fvvC5gBVTK3KGPI6E85wifOWfH1V7CAaTeSxEXDxb8EQL/a6U89v
+4VE5tdYCHC6VNZzS1staw0hV38QmJt57Z3Bdj+OV9QKBgE/b9fxpo+SVQ37BzNNY
+SEKTTijaddz8fdomApg6a2eFJL93Ej/op7N7gnHtPWMivPnRRza9ZjfnG+aZ7n2J
+sWyBiZK9xliS2TsF3l3q9Z0Vaq3i1nOlV7Bd20ZS8KjQjDtKnIRfLkQDkvmXbU5L
+emwkdsQZbpPFJch3mCGtI7JW
+-----END PRIVATE KEY-----
diff --git a/bootstrap/vagrant-onap/lib/files/haproxy.cfg b/bootstrap/vagrant-onap/lib/files/haproxy.cfg
new file mode 100644
index 000000000..9ee24e629
--- /dev/null
+++ b/bootstrap/vagrant-onap/lib/files/haproxy.cfg
@@ -0,0 +1,120 @@
+global
+ log /dev/log local0
+ stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin
+ stats timeout 30s
+ user root
+ group root
+ daemon
+ #################################
+ # Default SSL material locations#
+ #################################
+ ca-base /etc/ssl/certs
+ crt-base /etc/ssl/private
+
+ # Default ciphers to use on SSL-enabled listening sockets.
+ # For more information, see ciphers(1SSL). This list is from:
+ # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+ # An alternative list with additional directives can be obtained from
+ # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
+ tune.ssl.default-dh-param 2048
+
+defaults
+ log global
+ mode http
+ option httplog
+# option dontlognull
+# errorfile 400 /etc/haproxy/errors/400.http
+# errorfile 403 /etc/haproxy/errors/403.http
+# errorfile 408 /etc/haproxy/errors/408.http
+# errorfile 500 /etc/haproxy/errors/500.http
+# errorfile 502 /etc/haproxy/errors/502.http
+# errorfile 503 /etc/haproxy/errors/503.http
+# errorfile 504 /etc/haproxy/errors/504.http
+
+ option http-server-close
+ option forwardfor except 127.0.0.1
+ retries 6
+ option redispatch
+ maxconn 50000
+ timeout connect 50000
+ timeout client 480000
+ timeout server 480000
+ timeout http-keep-alive 30000
+
+
+frontend IST_8443
+ mode http
+ bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem
+# log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
+ log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
+ option httplog
+ log global
+ option logasap
+ option forwardfor
+ capture request header Host len 100
+ capture response header Host len 100
+ option log-separate-errors
+ option forwardfor
+ http-request set-header X-Forwarded-Proto https if { ssl_fc }
+ http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used }
+ http-request set-header X-AAI-SSL %[ssl_fc]
+ http-request set-header X-AAI-SSL-Client-Verify %[ssl_c_verify]
+ http-request set-header X-AAI-SSL-Client-DN %{+Q}[ssl_c_s_dn]
+ http-request set-header X-AAI-SSL-Client-CN %{+Q}[ssl_c_s_dn(cn)]
+ http-request set-header X-AAI-SSL-Issuer %{+Q}[ssl_c_i_dn]
+ http-request set-header X-AAI-SSL-Client-NotBefore %{+Q}[ssl_c_notbefore]
+ http-request set-header X-AAI-SSL-Client-NotAfter %{+Q}[ssl_c_notafter]
+ http-request set-header X-AAI-SSL-ClientCert-Base64 %{+Q}[ssl_c_der,base64]
+ http-request set-header X-AAI-SSL-Client-OU %{+Q}[ssl_c_s_dn(OU)]
+ http-request set-header X-AAI-SSL-Client-L %{+Q}[ssl_c_s_dn(L)]
+ http-request set-header X-AAI-SSL-Client-ST %{+Q}[ssl_c_s_dn(ST)]
+ http-request set-header X-AAI-SSL-Client-C %{+Q}[ssl_c_s_dn(C)]
+ http-request set-header X-AAI-SSL-Client-O %{+Q}[ssl_c_s_dn(O)]
+ reqadd X-Forwarded-Proto:\ https
+ reqadd X-Forwarded-Port:\ 8443
+
+#######################
+#ACLS FOR PORT 8446####
+#######################
+
+ acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$
+ acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$
+ acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$
+ acl is_named-query path_beg -i /aai/search/named-query
+ acl is_search-model path_beg -i /aai/search/model
+ use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model
+
+ default_backend IST_Default_8447
+
+
+#######################
+#DEFAULT BACKEND 847###
+#######################
+
+backend IST_Default_8447
+ balance roundrobin
+ http-request set-header X-Forwarded-Port %[src_port]
+ http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+ server aai-resources.api.simpledemo.openecomp.org aai-resources.api.simpledemo.openecomp.org:8447 port 8447 ssl verify none
+
+#######################
+# BACKEND 8446#########
+#######################
+
+backend IST_AAI_8446
+ balance roundrobin
+ http-request set-header X-Forwarded-Port %[src_port]
+ http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+ server aai-traversal.api.simpledemo.openecomp.org aai-traversal.api.simpledemo.openecomp.org:8446 port 8446 ssl verify none
+
+listen IST_AAI_STATS
+ mode http
+ bind *:8080
+ stats uri /stats
+ stats enable
+ stats refresh 30s
+ stats hide-version
+ stats auth admin:admin
+ stats show-legends
+ stats show-desc IST AAI APPLICATION NODES
+ stats admin if TRUE
diff --git a/bootstrap/vagrant-onap/lib/files/settings.template b/bootstrap/vagrant-onap/lib/files/settings.template
index 3b974c949..f441f950c 100644
--- a/bootstrap/vagrant-onap/lib/files/settings.template
+++ b/bootstrap/vagrant-onap/lib/files/settings.template
@@ -1,7 +1,6 @@
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
-
<!-- offline
| Determines whether maven should attempt to connect to the network when executing a build.
| This will have an effect on artifact downloads, artifact deployment, and others.
@@ -29,7 +28,6 @@
| repository, to be used as an alternate download site. The mirror site will be the preferred
| server for that repository.
|-->
-
<!-- profiles
| This is a list of profiles which can be activated in a variety of ways, and which can modify
| the build process. Profiles provided in the settings.xml are intended to provide local machine-
@@ -51,17 +49,18 @@
| variables for plugins in the POM.
|
|-->
-
-
-
-
-
<profiles>
<profile>
-
+ <id>00_maven</id>
+ <repositories>
+ <repository>
+ <id>00_maven</id>
+ <url>https://maven.restlet.com</url>
+ </repository>
+ </repositories>
+ </profile>
+ <profile>
<id>10_nexus</id>
- <!--Enable snapshots for the built in central repo to direct -->
- <!--all requests to nexus via the mirror -->
<repositories>
<repository>
<id>10_nexus</id>
@@ -70,7 +69,6 @@
<snapshots><enabled>true</enabled></snapshots>
</repository>
</repositories>
-
<pluginRepositories>
<pluginRepository>
<id>10_nexus</id>
@@ -79,7 +77,6 @@
<snapshots><enabled>true</enabled></snapshots>
</pluginRepository>
</pluginRepositories>
-
</profile>
<profile>
<id>20_openecomp-public</id>
@@ -174,7 +171,6 @@
</pluginRepository>
</pluginRepositories>
</profile>
-
<profile>
<id>50_openecomp-snapshots</id>
<repositories>
@@ -235,7 +231,6 @@
</pluginRepository>
</pluginRepositories>
</profile>
-
<profile>
<id>70_opendaylight-snapshots</id>
<repositories>
@@ -266,8 +261,8 @@
</pluginRepositories>
</profile>
</profiles>
-
<activeProfiles>
+ <activeProfile>00_maven</activeProfile>
<activeProfile>10_nexus</activeProfile>
<activeProfile>20_openecomp-public</activeProfile>
<activeProfile>30_openecomp-staging</activeProfile>
@@ -275,7 +270,5 @@
<activeProfile>50_openecomp-snapshots</activeProfile>
<activeProfile>60_opendaylight-release</activeProfile>
<activeProfile>70_opendaylight-snapshots</activeProfile>
-
</activeProfiles>
-
</settings>
diff --git a/bootstrap/vagrant-onap/lib/functions b/bootstrap/vagrant-onap/lib/functions
index a2bb98e29..7e6ff2e98 100755
--- a/bootstrap/vagrant-onap/lib/functions
+++ b/bootstrap/vagrant-onap/lib/functions
@@ -62,8 +62,6 @@ function clone_repo {
function install_dev_tools {
install_package apt-transport-https
install_package ca-certificates
- # ca-certificates-java is not a dependency in the Oracle JDK/JRE so this must be explicitly installed.
- /var/lib/dpkg/info/ca-certificates-java.postinst configure
install_package curl
}
@@ -78,6 +76,8 @@ function install_java {
install_package software-properties-common
add-apt-repository -y ppa:openjdk-r/ppa
install_package openjdk-8-jdk
+ # ca-certificates-java is not a dependency in the Oracle JDK/JRE so this must be explicitly installed.
+ /var/lib/dpkg/info/ca-certificates-java.postinst configure
}
# install_maven() - Install maven binaries