diff options
Diffstat (limited to 'plans/dmaap-datarouter/ssl-dr-suite')
5 files changed, 297 insertions, 5 deletions
diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml new file mode 100644 index 00000000..ed8a7c04 --- /dev/null +++ b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml @@ -0,0 +1,114 @@ +# +# ============LICENSE_START======================================================= +# Copyright (C) 2019 Nordix Foundation. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= +# +# +version: '2.1' +services: + datarouter-prov: + image: nexus3.onap.org:10001/onap/dmaap/datarouter-prov + container_name: datarouter-prov + hostname: dmaap-dr-prov + ports: + - "443:8443" + - "8443:8443" + - "8080:8080" + volumes: + - ./prov_data/provserver.properties:/opt/app/datartr/etc/provserver.properties + - ./prov_data/addSubscriber.txt:/opt/app/datartr/addSubscriber.txt + - ./prov_data/addFeed3.txt:/opt/app/datartr/addFeed3.txt + depends_on: + mariadb_container: + condition: service_healthy + healthcheck: + test: ["CMD", "curl", "-f", "http://dmaap-dr-prov:8080/internal/prov"] + interval: 10s + timeout: 30s + retries: 5 + networks: + testing_net: + aliases: + - dmaap-dr-prov + + datarouter-node: + image: nexus3.onap.org:10001/onap/dmaap/datarouter-node + container_name: datarouter-node + hostname: dmaap-dr-node + ports: + - "9443:8443" + - "9090:8080" + volumes: + - ./node_data/node.properties:/opt/app/datartr/etc/node.properties + depends_on: + datarouter-prov: + condition: service_healthy + networks: + testing_net: + aliases: + - dmaap-dr-node + + datarouter-subscriber: + image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber + container_name: subscriber-node + hostname: subscriber.com + ports: + - "7070:7070" + volumes: + - ./subscriber_data/subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + networks: + testing_net: + aliases: + - subscriber.com + + datarouter-subscriber2: + image: nexus3.onap.org:10001/onap/dmaap/datarouter-subscriber + container_name: subscriber-node2 + hostname: subscriber2.com + ports: + - "7071:7070" + volumes: + - ./subscriber_data/subscriber.properties:/opt/app/subscriber/etc/subscriber.properties + networks: + testing_net: + aliases: + - subscriber2.com + + mariadb_container: + image: mariadb:10.2.14 + container_name: mariadb + hostname: datarouter-mariadb + ports: + - "3306:3306" + environment: + MYSQL_ROOT_PASSWORD: datarouter + MYSQL_DATABASE: datarouter + MYSQL_USER: datarouter + MYSQL_PASSWORD: datarouter + healthcheck: + test: ["CMD", "mysqladmin" ,"ping", "-h", "localhost", "-u", "datarouter", "-pdatarouter", "--silent"] + interval: 10s + timeout: 30s + retries: 5 + networks: + testing_net: + aliases: + - datarouter-mariadb + +networks: + testing_net: + driver: bridge diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties new file mode 100644 index 00000000..1d7a5d42 --- /dev/null +++ b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties @@ -0,0 +1,87 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- +# +# Configuration parameters set at startup for the DataRouter node +# +# URL to retrieve dynamic configuration +ProvisioningURL = https://dmaap-dr-prov:8443/internal/prov +# +# URL to upload PUB/DEL/EXP logs +LogUploadURL = https://dmaap-dr-prov:8443/internal/logs +# +# The port number for http as seen within the server +IntHttpPort = 8080 +# +# The port number for https as seen within the server +IntHttpsPort = 8443 +# +# The external port number for https taking port mapping into account +ExtHttpsPort = 443 +# +# The minimum interval between fetches of the dynamic configuration from the provisioning server +MinProvFetchInterval = 10000 +# +# The minimum interval between saves of the redirection data file +MinRedirSaveInterval = 10000 +# +# The path to the directory where log files are stored +LogDir = /opt/app/datartr/logs +# +# The retention interval (in days) for log files +LogRetention = 30 +# +# The path to the directories where data and meta data files are stored +SpoolDir = /opt/app/datartr/spool +# +# The path to the redirection data file +RedirectionFile = etc/redirections.dat +# +# The type of keystore for https +KeyStoreType = PKCS12 +# +# The type of truststore for https +TrustStoreType = jks +# +# The path to the file used to trigger an orderly shutdown +QuiesceFile = etc/SHUTDOWN +# +# The key used to generate passwords for node to node transfers +NodeAuthKey = Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF CADI enabled flag +CadiEnabled = false +# +# AAF Props file path +AAFPropsFilePath = /opt/app/osaaf/local/org.onap.dmaap-dr.props diff --git a/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties new file mode 100755 index 00000000..3930bd09 --- /dev/null +++ b/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties @@ -0,0 +1,61 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# * Modifications Copyright (C) 2018 Nokia. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- + +#Jetty Server properties +org.onap.dmaap.datarouter.provserver.http.port = 8080 +org.onap.dmaap.datarouter.provserver.https.port = 8443 +org.onap.dmaap.datarouter.provserver.https.relaxation = true + +org.onap.dmaap.datarouter.provserver.aafprops.path = /opt/app/osaaf/local/org.onap.dmaap-dr.props + +org.onap.dmaap.datarouter.provserver.accesslog.dir = /opt/app/datartr/logs +org.onap.dmaap.datarouter.provserver.spooldir = /opt/app/datartr/spool +org.onap.dmaap.datarouter.provserver.dbscripts = /opt/app/datartr/etc/misc +org.onap.dmaap.datarouter.provserver.logretention = 30 + +#DMAAP-597 (Tech Dept) REST request source IP auth +# relaxation to accommodate OOM kubernetes deploy +org.onap.dmaap.datarouter.provserver.isaddressauthenabled = false + +#Localhost address config +org.onap.dmaap.datarouter.provserver.localhost = 127.0.0.1 + +# Database access +org.onap.dmaap.datarouter.db.driver = org.mariadb.jdbc.Driver +org.onap.dmaap.datarouter.db.url = jdbc:mariadb://datarouter-mariadb:3306/datarouter +org.onap.dmaap.datarouter.db.login = datarouter +org.onap.dmaap.datarouter.db.password = datarouter + +# PROV - DEFAULT ENABLED TLS PROTOCOLS +org.onap.dmaap.datarouter.provserver.https.include.protocols = TLSv1.1|TLSv1.2 + +# AAF config +org.onap.dmaap.datarouter.provserver.cadi.enabled = false + +org.onap.dmaap.datarouter.provserver.passwordencryption = PasswordEncryptionKey#@$%^&1234# +org.onap.dmaap.datarouter.provserver.aaf.feed.type = org.onap.dmaap-dr.feed +org.onap.dmaap.datarouter.provserver.aaf.sub.type = org.onap.dmaap-dr.sub +org.onap.dmaap.datarouter.provserver.aaf.instance = legacy +org.onap.dmaap.datarouter.provserver.aaf.action.publish = publish +org.onap.dmaap.datarouter.provserver.aaf.action.subscribe = subscribe
\ No newline at end of file diff --git a/plans/dmaap-datarouter/ssl-dr-suite/setup.sh b/plans/dmaap-datarouter/ssl-dr-suite/setup.sh index 39217991..e1f2cb46 100755 --- a/plans/dmaap-datarouter/ssl-dr-suite/setup.sh +++ b/plans/dmaap-datarouter/ssl-dr-suite/setup.sh @@ -18,6 +18,8 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= # + + source ${SCRIPTS}/common_functions.sh # Clone DMaaP Data Router repo @@ -28,6 +30,9 @@ git clone --depth 1 https://gerrit.onap.org/r/dmaap/datarouter -b master cd datarouter git pull cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources +cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/docker-compose.yml . +cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/provserver.properties ./prov_data/provserver.properties +cp $WORKSPACE/plans/dmaap-datarouter/ssl-dr-suite/docker-compose/node.properties ./node_data/node.properties # start DMaaP DR containers with docker compose and configuration from docker-compose.yml docker login -u docker -p docker nexus3.onap.org:10001 @@ -35,9 +40,10 @@ docker-compose up -d # Wait for initialization of Docker container for datarouter-node, datarouter-prov and mariadb for i in {1..10}; do - if [ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ] && \ - [ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ] && \ + if [ $(docker inspect --format '{{ .State.Running }}' subscriber-node2) ] && \ [ $(docker inspect --format '{{ .State.Running }}' subscriber-node) ] && \ + [ $(docker inspect --format '{{ .State.Running }}' datarouter-node) ] && \ + [ $(docker inspect --format '{{ .State.Running }}' datarouter-prov) ] && \ [ $(docker inspect --format '{{ .State.Running }}' mariadb) ] then echo "DR Service Running" @@ -48,14 +54,37 @@ for i in {1..10}; do fi done +# Wait for healthy container datarouter-prov +for i in {1..10}; do + if [ "$(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov)" = 'healthy' ] + then + echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) + echo "DR Service Running, datarouter-prov container is healthy" + break + else + echo datarouter-prov.State.Health.Status is $(docker inspect --format '{{ .State.Health.Status }}' datarouter-prov) + echo sleep $i + sleep $i + if [ $i = 10 ] + then + echo datarouter-prov container is not in healthy state - the test is not made, teardown... + cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources + docker-compose rm -sf + exit 1 + fi + fi +done + DR_PROV_IP=`get-instance-ip.sh datarouter-prov` DR_NODE_IP=`get-instance-ip.sh datarouter-node` DR_SUB_IP=`get-instance-ip.sh subscriber-node` +DR_SUB2_IP=`get-instance-ip.sh subscriber-node2` DR_GATEWAY_IP=$(docker inspect -f '{{range .NetworkSettings.Networks}}{{.Gateway}}{{end}}' datarouter-prov) echo DR_PROV_IP=${DR_PROV_IP} echo DR_NODE_IP=${DR_NODE_IP} echo DR_SUB_IP=${DR_SUB_IP} +echo DR_SUB2_IP=${DR_SUB2_IP} echo DR_GATEWAY_IP=${DR_GATEWAY_IP} sudo sed -i "$ a $DR_PROV_IP dmaap-dr-prov" /etc/hosts @@ -63,6 +92,7 @@ sudo sed -i "$ a $DR_NODE_IP dmaap-dr-node" /etc/hosts python $WORKSPACE/scripts/dmaap-datarouter/update_ca.py -docker exec -i datarouter-prov sh -c "curl -k -X PUT https://dmaap-dr-prov:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" +docker exec -i datarouter-prov sh -c "curl -k -X PUT https://$DR_PROV_IP:8443/internal/api/PROV_AUTH_ADDRESSES?val=dmaap-dr-prov\|$DR_GATEWAY_IP" -ROBOT_VARIABLES="-v DR_SUB_IP:${DR_SUB_IP}"
\ No newline at end of file +#Pass any variables required by Robot test suites in ROBOT_VARIABLES +ROBOT_VARIABLES="-v DR_PROV_IP:${DR_PROV_IP} -v DR_NODE_IP:${DR_NODE_IP} -v DR_SUB_IP:${DR_SUB_IP} -v DR_SUB2_IP:${DR_SUB2_IP}"
\ No newline at end of file diff --git a/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh b/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh index 3cf35373..d8ec4dc9 100755 --- a/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh +++ b/plans/dmaap-datarouter/ssl-dr-suite/teardown.sh @@ -22,5 +22,5 @@ cd $WORKSPACE/archives/dmaapdr/datarouter/datarouter-docker-compose/src/main/resources sudo sed -i".bak" '/dmaap-dr-prov/d' /etc/hosts sudo sed -i".bak" '/dmaap-dr-node/d' /etc/hosts -docker-compose down -v +docker-compose rm -sf python $WORKSPACE/scripts/dmaap-datarouter/remove_cert_from_ca.py |