aboutsummaryrefslogtreecommitdiffstats
path: root/sanitycheck/pnfsimulator-secured/certservice
diff options
context:
space:
mode:
Diffstat (limited to 'sanitycheck/pnfsimulator-secured/certservice')
-rw-r--r--sanitycheck/pnfsimulator-secured/certservice/Makefile11
-rw-r--r--sanitycheck/pnfsimulator-secured/certservice/README.md24
-rw-r--r--sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml11
-rw-r--r--sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml22
-rw-r--r--sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env18
5 files changed, 69 insertions, 17 deletions
diff --git a/sanitycheck/pnfsimulator-secured/certservice/Makefile b/sanitycheck/pnfsimulator-secured/certservice/Makefile
index 2d3754c..f6667e2 100644
--- a/sanitycheck/pnfsimulator-secured/certservice/Makefile
+++ b/sanitycheck/pnfsimulator-secured/certservice/Makefile
@@ -11,7 +11,6 @@ restart-pnfsim: --clean-pnfsim start-pnfsim
clean-all: --clean-pnfsim --clean-env
-
--start-certservice-and-ejbca: --create-certservice-internal-certs --start-certservice-ejbca-containers --configure-ejbca
--start-certservice-ejbca-containers:
@@ -34,25 +33,27 @@ clean-all: --clean-pnfsim --clean-env
@echo 'Waiting for client certifiactes...'
@until ls -1 ./resources/certservice-client/client-volume-for-pnfsim | grep "store" 1>/dev/null; do sleep 3; done
@until ls -1 ./resources/certservice-client/client-volume-for-ves | grep "store" 1>/dev/null; do sleep 3; done
+ @until ls -1 ./resources/certservice-client/client-volume-for-httpserver | grep "store" 1>/dev/null; do sleep 3; done
--create-client-volumes:
mkdir -p ./resources/certservice-client/client-volume-for-pnfsim -m 777
mkdir -p ./resources/certservice-client/client-volume-for-ves -m 777
+ mkdir -p ./resources/certservice-client/client-volume-for-httpserver -m 777
--start-local-secured-ves:
docker-compose -f docker-compose-ves-dmaap.yml up
--clean-pnfsim:
docker-compose -f docker-compose-pnfsim.yml down
- rm -rf ./resources/certservice-client/client-volume-for-pnfsim/trust.jks || true
- rm -rf ./resources/certservice-client/client-volume-for-pnfsim/cert.p12 || true
- rm -rf ./resources/certservice-client/client-volume-for-pnfsim/p12.pass || true
- rm -rf ./resources/certservice-client/client-volume-for-pnfsim/trust.pass || true
+ rm -rf ./resources/certservice-client/client-volume-for-pnfsim || true
+ rm -rf ./resources/certservice-client/client-volume-for-httpserver || true
+
--clean-env:
docker-compose -f docker-compose-ves-dmaap.yml down
docker-compose -f docker-compose-certservice-clients.yml down
rm -rf ./resources/certservice-client/client-volume-for-pnfsim || true
rm -rf ./resources/certservice-client/client-volume-for-ves || true
+ rm -rf ./resources/certservice-client/client-volume-for-httpserver || true
docker-compose -f docker-compose-certservice-ejbca.yml down
make -C resources/certs clear
diff --git a/sanitycheck/pnfsimulator-secured/certservice/README.md b/sanitycheck/pnfsimulator-secured/certservice/README.md
index 16a4793..2708041 100644
--- a/sanitycheck/pnfsimulator-secured/certservice/README.md
+++ b/sanitycheck/pnfsimulator-secured/certservice/README.md
@@ -6,22 +6,23 @@ This readme describes how to run PNF Simulator with certificates fetched using O
Using Makefile in this directory following can be achieved:
* Setup environment for PNF Simulator, i.e.:
- * Create certificates that will be used for internal communication between CertService and CertService Clients.
- Generated internal certificates should be present in `resources/certs` directory.
+ * Create certificates that will be used for internal communication between CertService and CertService Clients.
+ Generated internal certificates should be present in `resources/certs` directory.
* Start and configure EJBCA
* Start and configure AAF Cert Service.
- * Run Cert Service Clients to fetch certificates for VES and PNF Simulator. Certificates will be stored for the components
-in `resources/certservice-client/client-volume-for-ves` and `resources/certservice-client/client-volume-for-pnfsim` accordingly.
- * Start VES and DMaaP Simulator. Fetched certificates will be mounted to VES.
+ * Run Cert Service Clients to fetch certificates for VES and PNF Simulator. Certificates will be stored for the
+ components in `resources/certservice-client/client-volume-for-ves`
+ and `resources/certservice-client/client-volume-for-pnfsim` accordingly.
+ * Start VES and DMaaP Simulator. Fetched certificates will be mounted to VES.
* Start PNF Simulator. Fetched certificates will be mounted to PNF Simulator.
* Clean up.
-
+
### Prerequisites
##### VES collector local deployment prerequisites
-By default, the image of VES from Nexus supports only HTTP communication. A local image with enabled HTTPS must be
-build to use local VES as PNF simulator destination.
+By default, the image of VES from Nexus supports only HTTP communication. A local image with enabled HTTPS must be build
+to use local VES as PNF simulator destination.
1. Pull VES repository
2. In `<VES_PROJECT_ROOT>/etc/collector.properties` file set field `auth.method=certBasicAuth`
@@ -31,8 +32,6 @@ Local VES deployment uses also DMaaP simulator. Its image should be built locall
1. Go to `sanitycheck/dmaap-simulator` directory
2. Run: `make build`
-
-
### Setup environment
To set up whole environment for PNF Simulator, i.e.:
- deploy and configure EJBCA
@@ -52,7 +51,9 @@ To run PNF Simulator execute:
````
make start-pnfsim
````
-This command starts PNF Simulator with certificates fetched using CertService (certificates are fetched in the previous step)
+PNF Simulator starts together with the http server.
+This command starts PNF Simulator with certificates fetched using CertService (certificates are fetched in the previous
+step)
### Send event
@@ -61,7 +62,6 @@ Configure PNF simulator to use proper VES URL by executing this command from ``p
make reconfigure-ves-url
```
-
Send an event from PNF simulator to VES by executing this command from ``pnf-simulator/sanitycheck`` directory:
```
make generate-event
diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml
index fdfd6c6..a7b19e4 100644
--- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml
+++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml
@@ -26,3 +26,14 @@ services:
- ./resources/certservice-client/client-volume-for-pnfsim:/var/certs:rw
- ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks
- ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks
+
+ oom-cert-client-httpserver:
+ image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0
+ container_name: oomcert-client-for-httpserver
+ env_file: ./resources/certservice-client/client-configuration-for-httpserver.env
+ networks:
+ - onap
+ volumes:
+ - ./resources/certservice-client/client-volume-for-httpserver:/var/certs:rw
+ - ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks
+ - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks
diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml
index d5bb5e2..a46d29e 100644
--- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml
+++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml
@@ -35,6 +35,28 @@ services:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: zXcVbN123!
+ http-server:
+ image: http-server
+ ports:
+ - "7080:80"
+ - "7443:443"
+ networks:
+ - pnfsimulator
+ - public
+ volumes:
+ - ~/httpservervolumes/:/usr/local/apache2/htdocs
+ - ../../../httpserver/resources/.htaccess:/usr/local/apache2/htdocs/.htaccess
+ - ../../../httpserver/logs:/var/log/apache2
+ - ./resources/certservice-client/client-volume-for-httpserver/:/etc/apache2/certs/
+ command: bash -c "
+ echo 'Http Server start';
+ while [[ $$(ls -1 /etc/apache2/certs/ | wc -l) != '3' ]]; do echo 'Waiting for certs...'; sleep 3; done;
+ chmod 777 /usr/local/apache2/htdocs;
+ cp /usr/local/apache2/conf/upload.php /usr/local/apache2/htdocs/upload.php;
+ /usr/sbin/apache2ctl -D FOREGROUND;
+ "
+ restart: on-failure
+
pnf-simulator:
image: nexus3.onap.org:10003/onap/org.onap.integration.simulators.pnfsimulator
ports:
diff --git a/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env
new file mode 100644
index 0000000..8e8eb34
--- /dev/null
+++ b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env
@@ -0,0 +1,18 @@
+#Client envs
+REQUEST_URL=https://oom-cert-service:8443/v1/certificate/
+REQUEST_TIMEOUT=10000
+OUTPUT_PATH=/var/certs
+CA_NAME=RA
+OUTPUT_TYPE=PEM
+#Csr config envs
+COMMON_NAME=httpserver-onap.org
+ORGANIZATION=Linux-Foundation
+ORGANIZATION_UNIT=ONAP
+LOCATION=San-Francisco
+STATE=California
+COUNTRY=US
+#Tls config envs
+KEYSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks
+KEYSTORE_PASSWORD=secret
+TRUSTSTORE_PATH=/etc/onap/oom/certservice/certs/truststore.jks
+TRUSTSTORE_PASSWORD=secret