diff options
Diffstat (limited to 'sanitycheck/pnfsimulator-secured')
5 files changed, 69 insertions, 17 deletions
diff --git a/sanitycheck/pnfsimulator-secured/certservice/Makefile b/sanitycheck/pnfsimulator-secured/certservice/Makefile index 2d3754c..f6667e2 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/Makefile +++ b/sanitycheck/pnfsimulator-secured/certservice/Makefile @@ -11,7 +11,6 @@ restart-pnfsim: --clean-pnfsim start-pnfsim clean-all: --clean-pnfsim --clean-env - --start-certservice-and-ejbca: --create-certservice-internal-certs --start-certservice-ejbca-containers --configure-ejbca --start-certservice-ejbca-containers: @@ -34,25 +33,27 @@ clean-all: --clean-pnfsim --clean-env @echo 'Waiting for client certifiactes...' @until ls -1 ./resources/certservice-client/client-volume-for-pnfsim | grep "store" 1>/dev/null; do sleep 3; done @until ls -1 ./resources/certservice-client/client-volume-for-ves | grep "store" 1>/dev/null; do sleep 3; done + @until ls -1 ./resources/certservice-client/client-volume-for-httpserver | grep "store" 1>/dev/null; do sleep 3; done --create-client-volumes: mkdir -p ./resources/certservice-client/client-volume-for-pnfsim -m 777 mkdir -p ./resources/certservice-client/client-volume-for-ves -m 777 + mkdir -p ./resources/certservice-client/client-volume-for-httpserver -m 777 --start-local-secured-ves: docker-compose -f docker-compose-ves-dmaap.yml up --clean-pnfsim: docker-compose -f docker-compose-pnfsim.yml down - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/trust.jks || true - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/cert.p12 || true - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/p12.pass || true - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/trust.pass || true + rm -rf ./resources/certservice-client/client-volume-for-pnfsim || true + rm -rf ./resources/certservice-client/client-volume-for-httpserver || true + --clean-env: docker-compose -f docker-compose-ves-dmaap.yml down docker-compose -f docker-compose-certservice-clients.yml down rm -rf ./resources/certservice-client/client-volume-for-pnfsim || true rm -rf ./resources/certservice-client/client-volume-for-ves || true + rm -rf ./resources/certservice-client/client-volume-for-httpserver || true docker-compose -f docker-compose-certservice-ejbca.yml down make -C resources/certs clear diff --git a/sanitycheck/pnfsimulator-secured/certservice/README.md b/sanitycheck/pnfsimulator-secured/certservice/README.md index 16a4793..2708041 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/README.md +++ b/sanitycheck/pnfsimulator-secured/certservice/README.md @@ -6,22 +6,23 @@ This readme describes how to run PNF Simulator with certificates fetched using O Using Makefile in this directory following can be achieved: * Setup environment for PNF Simulator, i.e.: - * Create certificates that will be used for internal communication between CertService and CertService Clients. - Generated internal certificates should be present in `resources/certs` directory. + * Create certificates that will be used for internal communication between CertService and CertService Clients. + Generated internal certificates should be present in `resources/certs` directory. * Start and configure EJBCA * Start and configure AAF Cert Service. - * Run Cert Service Clients to fetch certificates for VES and PNF Simulator. Certificates will be stored for the components -in `resources/certservice-client/client-volume-for-ves` and `resources/certservice-client/client-volume-for-pnfsim` accordingly. - * Start VES and DMaaP Simulator. Fetched certificates will be mounted to VES. + * Run Cert Service Clients to fetch certificates for VES and PNF Simulator. Certificates will be stored for the + components in `resources/certservice-client/client-volume-for-ves` + and `resources/certservice-client/client-volume-for-pnfsim` accordingly. + * Start VES and DMaaP Simulator. Fetched certificates will be mounted to VES. * Start PNF Simulator. Fetched certificates will be mounted to PNF Simulator. * Clean up. - + ### Prerequisites ##### VES collector local deployment prerequisites -By default, the image of VES from Nexus supports only HTTP communication. A local image with enabled HTTPS must be -build to use local VES as PNF simulator destination. +By default, the image of VES from Nexus supports only HTTP communication. A local image with enabled HTTPS must be build +to use local VES as PNF simulator destination. 1. Pull VES repository 2. In `<VES_PROJECT_ROOT>/etc/collector.properties` file set field `auth.method=certBasicAuth` @@ -31,8 +32,6 @@ Local VES deployment uses also DMaaP simulator. Its image should be built locall 1. Go to `sanitycheck/dmaap-simulator` directory 2. Run: `make build` - - ### Setup environment To set up whole environment for PNF Simulator, i.e.: - deploy and configure EJBCA @@ -52,7 +51,9 @@ To run PNF Simulator execute: ```` make start-pnfsim ```` -This command starts PNF Simulator with certificates fetched using CertService (certificates are fetched in the previous step) +PNF Simulator starts together with the http server. +This command starts PNF Simulator with certificates fetched using CertService (certificates are fetched in the previous +step) ### Send event @@ -61,7 +62,6 @@ Configure PNF simulator to use proper VES URL by executing this command from ``p make reconfigure-ves-url ``` - Send an event from PNF simulator to VES by executing this command from ``pnf-simulator/sanitycheck`` directory: ``` make generate-event diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml index fdfd6c6..a7b19e4 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml @@ -26,3 +26,14 @@ services: - ./resources/certservice-client/client-volume-for-pnfsim:/var/certs:rw - ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks + + oom-cert-client-httpserver: + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + container_name: oomcert-client-for-httpserver + env_file: ./resources/certservice-client/client-configuration-for-httpserver.env + networks: + - onap + volumes: + - ./resources/certservice-client/client-volume-for-httpserver:/var/certs:rw + - ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks + - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml index d5bb5e2..a46d29e 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml @@ -35,6 +35,28 @@ services: ME_CONFIG_MONGODB_ADMINUSERNAME: root ME_CONFIG_MONGODB_ADMINPASSWORD: zXcVbN123! + http-server: + image: http-server + ports: + - "7080:80" + - "7443:443" + networks: + - pnfsimulator + - public + volumes: + - ~/httpservervolumes/:/usr/local/apache2/htdocs + - ../../../httpserver/resources/.htaccess:/usr/local/apache2/htdocs/.htaccess + - ../../../httpserver/logs:/var/log/apache2 + - ./resources/certservice-client/client-volume-for-httpserver/:/etc/apache2/certs/ + command: bash -c " + echo 'Http Server start'; + while [[ $$(ls -1 /etc/apache2/certs/ | wc -l) != '3' ]]; do echo 'Waiting for certs...'; sleep 3; done; + chmod 777 /usr/local/apache2/htdocs; + cp /usr/local/apache2/conf/upload.php /usr/local/apache2/htdocs/upload.php; + /usr/sbin/apache2ctl -D FOREGROUND; + " + restart: on-failure + pnf-simulator: image: nexus3.onap.org:10003/onap/org.onap.integration.simulators.pnfsimulator ports: diff --git a/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env new file mode 100644 index 0000000..8e8eb34 --- /dev/null +++ b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env @@ -0,0 +1,18 @@ +#Client envs +REQUEST_URL=https://oom-cert-service:8443/v1/certificate/ +REQUEST_TIMEOUT=10000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +OUTPUT_TYPE=PEM +#Csr config envs +COMMON_NAME=httpserver-onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +#Tls config envs +KEYSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/oom/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret |