aboutsummaryrefslogtreecommitdiffstats
path: root/sanitycheck/vesclient-secured/certman
diff options
context:
space:
mode:
Diffstat (limited to 'sanitycheck/vesclient-secured/certman')
-rw-r--r--sanitycheck/vesclient-secured/certman/Makefile8
-rw-r--r--sanitycheck/vesclient-secured/certman/README.md91
-rw-r--r--sanitycheck/vesclient-secured/certman/docker-compose.yml69
3 files changed, 168 insertions, 0 deletions
diff --git a/sanitycheck/vesclient-secured/certman/Makefile b/sanitycheck/vesclient-secured/certman/Makefile
new file mode 100644
index 0000000..d75b5d0
--- /dev/null
+++ b/sanitycheck/vesclient-secured/certman/Makefile
@@ -0,0 +1,8 @@
+default:
+ @echo "There is no default target. Use: make <specific_target>"
+
+start-ves-client:
+ docker-compose -f docker-compose.yml up
+
+clean-ves-client:
+ docker-compose -f docker-compose.yml down
diff --git a/sanitycheck/vesclient-secured/certman/README.md b/sanitycheck/vesclient-secured/certman/README.md
new file mode 100644
index 0000000..92985f8
--- /dev/null
+++ b/sanitycheck/vesclient-secured/certman/README.md
@@ -0,0 +1,91 @@
+## Fetching from AAF Certman
+This readme describes how to run VES client with certificates fetched using AAF Certman
+
+### Description
+
+docker-compose.yml prepares VES client container for HTTPS communication with VES.
+
+When docker-compose starts certs-init container fills connected volume with certificates, truststores, keystores,
+passwords etc. Next ves-client container starts and connects to the same volume. On startup it should read password
+values from proper files and set them in system environment variables. With these variables and files in volume
+application is ready to work on HTTPS.
+
+### Prerequisites
+
+certs-init container works with external AAF on cloud. Due to that fact it must have set correct IPs to workers that
+has access to AAF. In docker-compose.yml fields with mentioned IPs are:
+
+ * aaf-locate.onap
+ * aaf-cm.onap
+ * aaf-service.onap
+
+### Start
+
+Run VES client:
+
+```
+make start-ves-client
+```
+
+### Send event
+
+**ATTENTION**
+
+``sanitycheck/events/eventToVes.json`` file which is request for sending event to VES must have correct ``vesServerURL``
+field before sending event.
+IP of ``vesServerURL`` should be the same as given in docker-compose-certman.yml in ``aaf-locate.onap`` field.
+To use secured connection remember about setting protocol to https:// and port to proper secured port of VES.
+
+To send event from VES client to VES use this command from ``ne-simulator/sanitycheck`` directory:
+
+````
+make generate-event
+````
+
+Sample ``sanitycheck/events/eventToVes.json`` file content is:
+
+```json
+{
+ "vesServerUrl": "https://10.183.35.177:30417/eventListener/v7",
+ "event": {
+ "event": {
+ "commonEventHeader": {
+ "version": "4.0.1",
+ "vesEventListenerVersion": "7.0.1",
+ "domain": "fault",
+ "eventName": "Fault_Vscf:Acs-Ericcson_PilotNumberPoolExhaustion",
+ "eventId": "fault0000245",
+ "sequence": 1,
+ "priority": "High",
+ "reportingEntityId": "cc305d54-75b4-431b-adb2-eb6b9e541234",
+ "reportingEntityName": "ibcx0001vm002oam001",
+ "sourceId": "de305d54-75b4-431b-adb2-eb6b9e546014",
+ "sourceName": "scfx0001vm002cap001",
+ "nfVendorName": "Ericsson",
+ "nfNamingCode": "scfx",
+ "nfcNamingCode": "ssc",
+ "startEpochMicrosec": 1413378172000000,
+ "lastEpochMicrosec": 1413378172000000,
+ "timeZoneOffset": "UTC-05:30"
+ },
+ "faultFields": {
+ "faultFieldsVersion": "4.0",
+ "alarmCondition": "PilotNumberPoolExhaustion",
+ "eventSourceType": "other",
+ "specificProblem": "Calls cannot complete - pilot numbers are unavailable",
+ "eventSeverity": "CRITICAL",
+ "vfStatus": "Active",
+ "alarmAdditionalInformation": {
+ "PilotNumberPoolSize": "1000"
+ }
+ }
+ }
+ }
+}
+```
+
+### Stop
+To remove VES client containers use:
+```
+make clean-ves-client
+```
diff --git a/sanitycheck/vesclient-secured/certman/docker-compose.yml b/sanitycheck/vesclient-secured/certman/docker-compose.yml
new file mode 100644
index 0000000..2714751
--- /dev/null
+++ b/sanitycheck/vesclient-secured/certman/docker-compose.yml
@@ -0,0 +1,69 @@
+version: '3'
+
+networks:
+ tls-init-network:
+
+volumes:
+ certs-volume:
+
+services:
+ certs-init:
+ image: nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0
+ extra_hosts:
+ #set worker IP with access to AAF
+ aaf-locate.onap: <WORKER_IP> #for example 10.183.35.177
+ aaf-cm.onap: <WORKER_IP> #for example 10.183.35.177
+ aaf-service.onap: <WORKER_IP> #for example 10.183.35.177
+ environment:
+ - aaf_locate_url=https://aaf-locate.onap:31111
+ - aaf_url_cm=https://aaf-cm.onap:31114
+ - aaf_url=https://aaf-service.onap:31110
+ networks:
+ - tls-init-network
+ volumes:
+ - certs-volume:/opt/app/osaaf
+ mongo:
+ image: mongo
+ restart: always
+ environment:
+ MONGO_INITDB_ROOT_USERNAME: root
+ MONGO_INITDB_ROOT_PASSWORD: zXcVbN123!
+ MONGO_INITDB_DATABASE: pnf_simulator
+ networks:
+ - tls-init-network
+ volumes:
+ - ../../../../ves-client/db:/docker-entrypoint-initdb.d
+ ports:
+ - "27017:27017"
+
+ mongo-express:
+ image: mongo-express
+ restart: always
+ ports:
+ - 8081:8081
+ networks:
+ - tls-init-network
+ environment:
+ ME_CONFIG_MONGODB_ADMINUSERNAME: root
+ ME_CONFIG_MONGODB_ADMINPASSWORD: zXcVbN123!
+
+ ves-client:
+ image: onap/org.onap.integration.nfsimulator.vesclient
+ ports:
+ - "5000:5000"
+ command: bash -c "
+ while [[ $$(ls -1 /app/store | wc -l) != '10' ]]; do echo 'Waiting for certs...'; sleep 3; done
+ && java -Dspring.config.location=file:/app/application.properties -cp /app/libs/*:/app/vesclient.jar org.onap.integration.simulators.nfsimulator.vesclient.Main
+ "
+ volumes:
+ - ../../../../ves-client/logs:/var/log
+ - ../../../../ves-client/templates:/app/templates
+ - ../../../../ves-client/src/main/resources/application.properties:/app/application.properties
+ - certs-volume:/app/store
+ networks:
+ - tls-init-network
+ restart: on-failure
+ depends_on:
+ - certs-init
+ - mongo
+ - mongo-express