From 23f606075360a376a8fdb9f7fb1f3505c3100c1a Mon Sep 17 00:00:00 2001 From: marcinrzepeckiwroc Date: Tue, 22 Dec 2020 16:23:58 +0100 Subject: Extend PNF simulator with HTTP server Issue-ID: INT-1814 Change-Id: I06eeb81e46d6a96976f64eece6bbf7209665c1d2 Signed-off-by: marcinrzepeckiwroc --- httpserver/Dockerfile | 19 ++ httpserver/Makefile | 18 ++ httpserver/README.md | 17 ++ httpserver/docker-compose.yml | 20 ++ httpserver/resources/.htaccess | 5 + httpserver/resources/.htpasswd | 1 + httpserver/resources/apache-config.conf | 49 +++++ httpserver/resources/apache2.conf | 228 +++++++++++++++++++++ httpserver/resources/cert/key.pem | 28 +++ httpserver/resources/cert/keystore.pem | 26 +++ httpserver/resources/cert/truststore.pem | 28 +++ httpserver/resources/upload.php | 18 ++ pnfsimulator/templates/notificationHttpServer.json | 52 +++++ sanitycheck/Makefile | 17 +- sanitycheck/README.md | 16 +- sanitycheck/dmaap-simulator/README.md | 1 - sanitycheck/events/eventToVesWithHttpServer.json | 36 ++++ .../events/fewEventsToVesWithHttpServer.json | 24 +++ .../pnfsimulator-secured/certservice/Makefile | 11 +- .../pnfsimulator-secured/certservice/README.md | 24 +-- .../docker-compose-certservice-clients.yml | 11 + .../certservice/docker-compose-pnfsim.yml | 22 ++ .../client-configuration-for-httpserver.env | 18 ++ .../E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz | Bin 0 -> 2046 bytes sanitycheck/ves/README.md | 3 +- 25 files changed, 671 insertions(+), 21 deletions(-) create mode 100644 httpserver/Dockerfile create mode 100644 httpserver/Makefile create mode 100644 httpserver/README.md create mode 100644 httpserver/docker-compose.yml create mode 100644 httpserver/resources/.htaccess create mode 100644 httpserver/resources/.htpasswd create mode 100644 httpserver/resources/apache-config.conf create mode 100644 httpserver/resources/apache2.conf create mode 100644 httpserver/resources/cert/key.pem create mode 100644 httpserver/resources/cert/keystore.pem create mode 100644 httpserver/resources/cert/truststore.pem create mode 100644 httpserver/resources/upload.php create mode 100644 pnfsimulator/templates/notificationHttpServer.json create mode 100644 sanitycheck/events/eventToVesWithHttpServer.json create mode 100644 sanitycheck/events/fewEventsToVesWithHttpServer.json create mode 100644 sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env create mode 100644 sanitycheck/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz diff --git a/httpserver/Dockerfile b/httpserver/Dockerfile new file mode 100644 index 0000000..893b5ba --- /dev/null +++ b/httpserver/Dockerfile @@ -0,0 +1,19 @@ +FROM httpd:2.4 + +RUN apt-get update && apt-get -y install nano vim libapache2-mod-php php php-curl + +RUN a2enmod mpm_prefork +RUN a2dismod mpm_event +RUN a2enmod rewrite +RUN a2enmod ssl + +ENV APACHE_LOG_DIR /var/log/apache2 +ENV APACHE_LOCK_DIR /var/lock/apache2 +ENV APACHE_PID_FILE /var/run/apache2.pid + +ADD resources/.htpasswd /usr/local/apache2/passwd/.htpasswd +ADD resources/.htaccess /usr/local/apache2/htdocs/.htaccess +ADD resources/upload.php /usr/local/apache2/conf/upload.php +ADD resources/apache-config.conf /etc/apache2/sites-enabled/000-default.conf +ADD resources/apache2.conf /etc/apache2/apache2.conf +ADD resources/cert/ /etc/apache2/certs/ diff --git a/httpserver/Makefile b/httpserver/Makefile new file mode 100644 index 0000000..8b64af5 --- /dev/null +++ b/httpserver/Makefile @@ -0,0 +1,18 @@ +default: + @echo "There is no default target. Use: make " + +build-http-server: + @echo "##### Build http server docker image #####" + docker build . -t http-server + @echo "##### DONE #####" + +start-http-server: + @echo "##### Start Http Server #####" + docker-compose -f docker-compose.yml up + @echo "##### DONE #####" + +stop-http-server: + @echo "##### Stop Http Server #####" + docker-compose -f docker-compose.yml down + rm -rf ~/httpservervolumes/ || true + @echo "##### DONE #####" diff --git a/httpserver/README.md b/httpserver/README.md new file mode 100644 index 0000000..3b6fda4 --- /dev/null +++ b/httpserver/README.md @@ -0,0 +1,17 @@ +Http server +--------------- + +### Build an image +``` +make build-http-server +``` + +### Start http server +``` +make start-http-server +``` + +### Stop http server +``` +make stop-http-server +``` diff --git a/httpserver/docker-compose.yml b/httpserver/docker-compose.yml new file mode 100644 index 0000000..c4479af --- /dev/null +++ b/httpserver/docker-compose.yml @@ -0,0 +1,20 @@ +version: "2.1" + +services: + http-server: + image: http-server + ports: + - "7080:80" + - "7443:443" + volumes: + - ~/httpservervolumes/:/usr/local/apache2/htdocs + - ./resources/.htaccess:/usr/local/apache2/htdocs/.htaccess + - ./logs:/var/log/apache2 + command: bash -c " + echo 'Http Server start'; + while [[ $$(ls -1 /etc/apache2/certs/ | wc -l) != '3' ]]; do echo 'Waiting for certs...'; sleep 3; done; + chmod 777 /usr/local/apache2/htdocs; + cp /usr/local/apache2/conf/upload.php /usr/local/apache2/htdocs/upload.php; + /usr/sbin/apache2ctl -D FOREGROUND; + " + restart: on-failure diff --git a/httpserver/resources/.htaccess b/httpserver/resources/.htaccess new file mode 100644 index 0000000..f8ba228 --- /dev/null +++ b/httpserver/resources/.htaccess @@ -0,0 +1,5 @@ + AuthType Basic + AuthName "Secure file" + AuthBasicProvider file + AuthUserFile "/usr/local/apache2/passwd/.htpasswd" + Require valid-user diff --git a/httpserver/resources/.htpasswd b/httpserver/resources/.htpasswd new file mode 100644 index 0000000..e991d18 --- /dev/null +++ b/httpserver/resources/.htpasswd @@ -0,0 +1 @@ +demo:$apr1$UhwaUkTW$lTHMzOU2TyNn6qM8P/zS3. diff --git a/httpserver/resources/apache-config.conf b/httpserver/resources/apache-config.conf new file mode 100644 index 0000000..910e20f --- /dev/null +++ b/httpserver/resources/apache-config.conf @@ -0,0 +1,49 @@ + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + Options Indexes FollowSymLinks MultiViews + AllowOverride AuthConfig + Require all granted + + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + + + + ServerAdmin httpserver-onap.org + ServerName httpserver-onap.org + + DocumentRoot /usr/local/apache2/htdocs + + SSLVerifyClient optional + SSLVerifyDepth 2 + SSLOptions +FakeBasicAuth +StrictRequire + + Require ssl-verify-client + + Options Indexes FollowSymLinks MultiViews + AuthType Basic + AuthName "Secure file" + AuthBasicProvider file + AuthUserFile "/usr/local/apache2/passwd/.htpasswd" + Require valid-user + + + SSLCACertificateFile /etc/apache2/certs/truststore.pem + SSLCertificateFile /etc/apache2/certs/keystore.pem + SSLCertificateKeyFile /etc/apache2/certs/key.pem + SSLEngine on + SSLProtocol -all +TLSv1.2 + SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 + SSLHonorCipherOrder off + SSLSessionTickets off + + ErrorLog ${APACHE_LOG_DIR}/error.log + CustomLog ${APACHE_LOG_DIR}/access.log combined + + diff --git a/httpserver/resources/apache2.conf b/httpserver/resources/apache2.conf new file mode 100644 index 0000000..e43e3f6 --- /dev/null +++ b/httpserver/resources/apache2.conf @@ -0,0 +1,228 @@ +# This is the main Apache server configuration file. It contains the +# configuration directives that give the server its instructions. +# See http://httpd.apache.org/docs/2.4/ for detailed information about +# the directives and /usr/share/doc/apache2/README.Debian about Debian specific +# hints. +# +# +# Summary of how the Apache 2 configuration works in Debian: +# The Apache 2 web server configuration in Debian is quite different to +# upstream's suggested way to configure the web server. This is because Debian's +# default Apache2 installation attempts to make adding and removing modules, +# virtual hosts, and extra configuration directives as flexible as possible, in +# order to make automating the changes and administering the server as easy as +# possible. + +# It is split into several files forming the configuration hierarchy outlined +# below, all located in the /etc/apache2/ directory: +# +# /etc/apache2/ +# |-- apache2.conf +# | `-- ports.conf +# |-- mods-enabled +# | |-- *.load +# | `-- *.conf +# |-- conf-enabled +# | `-- *.conf +# `-- sites-enabled +# `-- *.conf +# +# +# * apache2.conf is the main configuration file (this file). It puts the pieces +# together by including all remaining configuration files when starting up the +# web server. +# +# * ports.conf is always included from the main configuration file. It is +# supposed to determine listening ports for incoming connections which can be +# customized anytime. +# +# * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ +# directories contain particular configuration snippets which manage modules, +# global configuration fragments, or virtual host configurations, +# respectively. +# +# They are activated by symlinking available configuration files from their +# respective *-available/ counterparts. These should be managed by using our +# helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See +# their respective man pages for detailed information. +# +# * The binary is called apache2. Due to the use of environment variables, in +# the default configuration, apache2 needs to be started/stopped with +# /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not +# work with the default configuration. + + +# Global configuration +# + +# +# ServerRoot: The top of the directory tree under which the server's +# configuration, error, and log files are kept. +# +# NOTE! If you intend to place this on an NFS (or otherwise network) +# mounted filesystem then please read the Mutex documentation (available +# at ); +# you will save yourself a lot of trouble. +# +# Do NOT add a slash at the end of the directory path. +# +#ServerRoot "/etc/apache2" + +# +# The accept serialization lock file MUST BE STORED ON A LOCAL DISK. +# +#Mutex file:${APACHE_LOCK_DIR} default + +# +# The directory where shm and other runtime files will be stored. +# + +DefaultRuntimeDir ${APACHE_RUN_DIR} + +# +# PidFile: The file in which the server should record its process +# identification number when it starts. +# This needs to be set in /etc/apache2/envvars +# +PidFile ${APACHE_PID_FILE} + +# +# Timeout: The number of seconds before receives and sends time out. +# +Timeout 300 + +# +# KeepAlive: Whether or not to allow persistent connections (more than +# one request per connection). Set to "Off" to deactivate. +# +KeepAlive On + +# +# MaxKeepAliveRequests: The maximum number of requests to allow +# during a persistent connection. Set to 0 to allow an unlimited amount. +# We recommend you leave this number high, for maximum performance. +# +MaxKeepAliveRequests 100 + +# +# KeepAliveTimeout: Number of seconds to wait for the next request from the +# same client on the same connection. +# +KeepAliveTimeout 5 + + +# These need to be set in /etc/apache2/envvars +User ${APACHE_RUN_USER} +Group ${APACHE_RUN_GROUP} + +# +# HostnameLookups: Log the names of clients or just their IP addresses +# e.g., www.apache.org (on) or 204.62.129.132 (off). +# The default is off because it'd be overall better for the net if people +# had to knowingly turn this feature on, since enabling it means that +# each client request will result in AT LEAST one lookup request to the +# nameserver. +# +HostnameLookups Off + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +# +ErrorLog ${APACHE_LOG_DIR}/error.log + +# +# LogLevel: Control the severity of messages logged to the error_log. +# Available values: trace8, ..., trace1, debug, info, notice, warn, +# error, crit, alert, emerg. +# It is also possible to configure the log level for particular modules, e.g. +# "LogLevel info ssl:warn" +# +LogLevel warn + +# Include module configuration: +IncludeOptional mods-enabled/*.load +IncludeOptional mods-enabled/*.conf + +# Include list of ports to listen on +Include ports.conf + + +# Sets the default security model of the Apache2 HTTPD server. It does +# not allow access to the root filesystem outside of /usr/share and /var/www. +# The former is used by web applications packaged in Debian, +# the latter may be used for local directories served by the web server. If +# your system is serving content from a sub-directory in /srv you must allow +# access here, or in any related virtual host. + + Options FollowSymLinks + AllowOverride None + Require all denied + + + + AllowOverride None + Require all granted + + + + Options Indexes FollowSymLinks + AllowOverride None + Require all granted + + +# +# Options Indexes FollowSymLinks +# AllowOverride None +# Require all granted +# + + + + +# AccessFileName: The name of the file to look for in each directory +# for additional configuration directives. See also the AllowOverride +# directive. +# +AccessFileName .htaccess + +# +# The following lines prevent .htaccess and .htpasswd files from being +# viewed by Web clients. +# + + Require all denied + + + +# +# The following directives define some format nicknames for use with +# a CustomLog directive. +# +# These deviate from the Common Log Format definitions in that they use %O +# (the actual bytes sent including headers) instead of %b (the size of the +# requested file), because the latter makes it impossible to detect partial +# requests. +# +# Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. +# Use mod_remoteip instead. +# +LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined +LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined +LogFormat "%h %l %u %t \"%r\" %>s %O" common +LogFormat "%{Referer}i -> %U" referer +LogFormat "%{User-agent}i" agent + +# Include of directories ignores editors' and dpkg's backup files, +# see README.Debian for details. + +# Include generic snippets of statements +IncludeOptional conf-enabled/*.conf + +# Include the virtual host configurations: +IncludeOptional sites-enabled/*.conf + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet +ServerName httpserver.onap.org diff --git a/httpserver/resources/cert/key.pem b/httpserver/resources/cert/key.pem new file mode 100644 index 0000000..b56438e --- /dev/null +++ b/httpserver/resources/cert/key.pem @@ -0,0 +1,28 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCqgpwzCGIg4buO +aAZ/MQlt2pVeIKYCgY+7HK4DH1DooF8q04lJptKlqOWBCN9OUUGzM8eOYhQgpkyE +chdgwtbLNhZ5IigEjy2Mn1T6jWuASpm/uurSDRkWZQWQB2Kyk3Fkz3iepYX1dOdI +L2vIEnZPovTgEAZPsx4XRXtulpu01oZjizRV538Kcppfo0o8yM42fFecKuh2UZjR +kcIG1Bo+JaMJ//m8FHBslYrzxbE60Fs8ey66AUo+dK3S+P8c+r0vso7ql8QtKcrW +HMfx2HNwq0T/nU1QiH+NhTmDMl9YgAY7SK1LBQFv7JxW0ipLrPDZPfFT479Z7ngw +GcgMsFKZAgMBAAECggEAVST/huRKzAysscH0bJM6GCcsq2I2Q84azd7Wbiy3JFLg +8uvLBIJPcfXTFQovKFafLjNPFSSY1Gz2jLTEQ8dHpxYNRtPtk8lDf5MYxjzUT63w +9LMMC3QK8QnlKzTk7jN+Tk7j9qTFLfsAeyVi9vdxKPdAvJqD7EyPXCOQLXr7qeMd +Z13q9gMPEb4fwJ1p/edZyxaL1yxiTukk1kgd6PZLaktBJ929YAGuGGRsPIpJffo4 +iOmUDlRqypLgyEVrDGvuS3omA5zSRnmhF8Nka4EsOCzY0aIV/Bgpnyfb3pfVECjf +GNLeq01Jpq7MCBxujx7anfh6lTvP0xDkeqb3+vEfmQKBgQDVetxjr8ZMGUWzY0q6 +wKGtVCmzQ96MiMIaIUW1rBI5/wMbmr8sLF1jZyt5+sSUlTTqktmSqQQg+dPifZz8 +qrVJNxPCfCdqIz1weYjML29BI7SOk1frl7KrJf1qLPmL4Vy9mpJju+B1LnafvJMe +5hEbGHFkBPyy8xDWZzCOsxHzcwKBgQDMeMNyw3bI3MPRg9KuV6R2nZNnvPjxmBSK +2W+jpj48TCl2z46cnCkGNwlP97+nGoJfabRoTC+jlshpnv/Fipt6xAioLwXfUxCL +GckY0ictMJdFHiHu2sisp9n0PW1JXdcdHwvOonb5ZVTcTdULRnbKH1VhGPiQCE0r +SvD+oogWwwKBgGO8JJ7GDiSbYf7vEoixWld6DIld2elaMyS2CrVXkKRbyX3qDAp9 +J5w7JQq154VrN++nb9Ke9/jX/u+/s8ovjsaH3slr65YgpKGZhhmux5FtNvutRtQg +aS6gbwZdwLBjN0q1nlLOAY19iZoTJcC3x6IbB06tLcoE2Qbx6rOgYXCVAoGAZqPQ +aNGZ1SaM3aVwore4BRsAnbiMtqoC1dhkZB/VaetJfSyfiBoTtdz2vb+94yI5g6/K +MfjciR/tpqd7+Suk9LFnLxW7uuk1ir385orHw7V6meWQXxhQV+tCS4pyS7vheerV +wHppgrPNL3Gamjha9QdZko44aATix/KsmwX3joUCgYEAo4w5L7yqGLMgTfkxDmOy +C9UFhKesrOZBPP6qDZz34jvaCiipWq6Gwd7wnoC2zrgtASGIIKcXAaNqzfvw7gEz +5wKSvw8lwmPJQvMntUJin1TqNgRo7xPOx1C1BnDF9UU4auv8nR89BbYhX+40fkuj +3DlFmSndvwhil6gy/1srmIs= +-----END RSA PRIVATE KEY----- diff --git a/httpserver/resources/cert/keystore.pem b/httpserver/resources/cert/keystore.pem new file mode 100644 index 0000000..2ab3eed --- /dev/null +++ b/httpserver/resources/cert/keystore.pem @@ -0,0 +1,26 @@ +-----BEGIN CERTIFICATE----- +MIIEcTCCAtmgAwIBAgIUe6XM/Mon47supO+rWFSbiFBeNiswDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRkODRmYTRhODhkNTA3ZGIxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjAxMjI4MTIzNjU3WhcNMjIxMjI4MTIyODEyWjCBgjEcMBoGA1UE +AwwTaHR0cHNlcnZlci1vbmFwLm9yZzENMAsGA1UECwwET05BUDEZMBcGA1UECgwQ +TGludXgtRm91bmRhdGlvbjEWMBQGA1UEBwwNU2FuLUZyYW5jaXNjbzETMBEGA1UE +CAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IB +DwAwggEKAoIBAQCqgpwzCGIg4buOaAZ/MQlt2pVeIKYCgY+7HK4DH1DooF8q04lJ +ptKlqOWBCN9OUUGzM8eOYhQgpkyEchdgwtbLNhZ5IigEjy2Mn1T6jWuASpm/uurS +DRkWZQWQB2Kyk3Fkz3iepYX1dOdIL2vIEnZPovTgEAZPsx4XRXtulpu01oZjizRV +538Kcppfo0o8yM42fFecKuh2UZjRkcIG1Bo+JaMJ//m8FHBslYrzxbE60Fs8ey66 +AUo+dK3S+P8c+r0vso7ql8QtKcrWHMfx2HNwq0T/nU1QiH+NhTmDMl9YgAY7SK1L +BQFv7JxW0ipLrPDZPfFT479Z7ngwGcgMsFKZAgMBAAGjfzB9MAwGA1UdEwEB/wQC +MAAwHwYDVR0jBBgwFoAUd1DNCRzI4WLLgdg4GnsxyxfCkrQwHQYDVR0lBBYwFAYI +KwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBSAtkT7PNLyP3voHno7YcJXYfO4 +ETAOBgNVHQ8BAf8EBAMCBeAwDQYJKoZIhvcNAQELBQADggGBAIBgig4otdzAQedD +ke9vWQMbBRA1yaPytR4BGigAQiLFRvDzq2qZR+LL2/+fTb0njzk2Npw6cAGcA/gQ +/+P3eGpktJldC8y5YRj0aHeay8pUNn9pU62hjY25CQuTSY5wRKIkGYfOQkEclZ8+ +d8jlNgYRQU6aqRnJsO2uTn4pjgeFtGFaApmX9qaAc8pLXB7vJOuSCP0YrQsV7YOv +Ew921NwMiJU/PSMLgCir0j1MCGeEp2Vlu0qPkJMfHh2li+pFw7jfGKwCf1RAtjGu +fqJjrdFx/AGXh0e858dW8y4wcS3Q4ED6zk9VMlKRLm8cwjcY6aVUlh7Tj+xpu+x8 +rExBbG27xzs5VK2Kcdniuy4dvyQZ9tlah/GLbnFkPqqIy6BhSFNbzqlq+fmTb1O+ +f/rNHJPfKmlvJFSCHkBcOO3rl66bwrzrg5qgWt1O4aF5bO7T9OmihJLMQp1TGZSA +wBWySAcZhtpzLrxyaChOHO7vdM3mHDZSfsKkNpBB6j7uSx+EAw== +-----END CERTIFICATE----- diff --git a/httpserver/resources/cert/truststore.pem b/httpserver/resources/cert/truststore.pem new file mode 100644 index 0000000..e2509e9 --- /dev/null +++ b/httpserver/resources/cert/truststore.pem @@ -0,0 +1,28 @@ +-----BEGIN CERTIFICATE----- +MIIEszCCAxugAwIBAgIUQi4FHo9reCoqZM8C9hgp/ld8RMowDQYJKoZIhvcNAQEL +BQAwYTEjMCEGCgmSJomT8ixkAQEME2MtMDRkODRmYTRhODhkNTA3ZGIxFTATBgNV +BAMMDE1hbmFnZW1lbnRDQTEjMCEGA1UECgwaRUpCQ0EgQ29udGFpbmVyIFF1aWNr +c3RhcnQwHhcNMjAxMjI4MTIzNjU3WhcNMzAxMjI4MTIzNjU3WjBhMSMwIQYKCZIm +iZPyLGQBAQwTYy0wNGQ4NGZhNGE4OGQ1MDdkYjEVMBMGA1UEAwwMTWFuYWdlbWVu +dENBMSMwIQYDVQQKDBpFSkJDQSBDb250YWluZXIgUXVpY2tzdGFydDCCAaIwDQYJ +KoZIhvcNAQEBBQADggGPADCCAYoCggGBAKlGZ0r/WxJCAOzi39sFJsAcQwsdPxtR +WkSHI1gHKnHRsHdOJ/b8E/jGy16qWD18twvTt2DUGE4gFrG25HacqwOsklfSHaZl +fTJQrPCRLLVGZfLVusDJeaeT2LyEFDCkgyONErfxKRlo42aSQgcv4erhkUYeCKHq +qHP3a3s5xShBRZSCVGHtsJro4AkeJYHGHBTjhzigY49oMMMf9ZPjOCnfimeebcMM +SbBmvceGyi2QjzavhoqhLOY2MLBciyYGf6LyR0hRRQJhrsiSyVYVDUTVl/BjiRSc +HPfdciY37Db7gVSNIoc01jAHuf3gEZnLgSbmA+BOpuXLaI1qrDWVl6JmGWri19ru +JdrJ8xXUQUe5PXlJceQZEMPbIp3yMdwrLrY697iGMh1SKhwXLUBkbvXYFHQiiC+3 +5JHndEw/ISBMcF0fd/ykxma+IckKiQfm77Qfn+KCuHwqesbh99wMlDS9NL3SH9m9 +VBjYE7heB+jsh1NAZthomSUH+/VqgPik9QIDAQABo2MwYTAPBgNVHRMBAf8EBTAD +AQH/MB8GA1UdIwQYMBaAFHdQzQkcyOFiy4HYOBp7McsXwpK0MB0GA1UdDgQWBBR3 +UM0JHMjhYsuB2DgaezHLF8KStDAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQEL +BQADggGBADmXPjO/7I2SipGNhGU0Ask68eEL+Dz3V58JsKg+0bvtkeCUK64AAqyV +hus1GqU1IcGwuM+k8rEM0BYLnImeU5mZeLXg9Tbq6Li+9a5UlFNJOJB4F7VaKkx/ +EgafkKb9ptpkcsz2cHLP1ZaKtlywYYUWtDe+fGl9pw1CWkzrcDeKdvxFk+GgC67v +ZnIlYR3vkWxGMqkp2faCyCbaJxkOKzbBYvq9afXZuwd+6wzLXS2i+uNEUoNPVfXv +H0b2P4xKHtEROTk5nprSeJC3tRTBbPmVKqTx+O8lTtaL6Tew2x9/weUIHGTfVZZl +TOE5G0qiO7WHXcO17YkjEaKXOV/p9r2czIhzp2HXgCeP4SYhYaVrd3kn5gEelc8J +8vuVz0t5VD7R+xV1dwYE8w8CMDXov3rRbqpXGldcvjTXncOmbj3Zfy17xHYRxf+v +AdVVVBlx6O2mAx9YQNZCyMAUMUU6C4UzD4Jo4I6/EPCGaD3OqTANJgWYiBf/r+SP +UD0yuqV3pQ== +-----END CERTIFICATE----- diff --git a/httpserver/resources/upload.php b/httpserver/resources/upload.php new file mode 100644 index 0000000..31dbaa3 --- /dev/null +++ b/httpserver/resources/upload.php @@ -0,0 +1,18 @@ + diff --git a/pnfsimulator/templates/notificationHttpServer.json b/pnfsimulator/templates/notificationHttpServer.json new file mode 100644 index 0000000..f1bac68 --- /dev/null +++ b/pnfsimulator/templates/notificationHttpServer.json @@ -0,0 +1,52 @@ +{ + "event": { + "commonEventHeader": { + "version": "4.0.1", + "vesEventListenerVersion": "7.0.1", + "domain": "notification", + "eventName": "Notification_gnb-Nokia_FileReady", + "eventId": "FileReady_1797490e-10ae-4d48-9ea7-3d7d790b25e1", + "lastEpochMicrosec": 8745745764578, + "priority": "Normal", + "reportingEntityName": "NOK6061ZW3", + "sequence": 0, + "sourceName": "NOK6061ZW3", + "startEpochMicrosec": 8745745764578, + "timeZoneOffset": "UTC+05.30" + }, + "notificationFields": { + "changeIdentifier": "PM_MEAS_FILES", + "changeType": "FileReady", + "notificationFieldsVersion": "2.0", + "arrayOfNamedHashMap": [ + { + "name": "C_28532_measData_pm_98.xml", + "hashMap": { + "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "compression": "gzip", + "fileFormatType": "org.3GPP.32.435#measCollec", + "fileFormatVersion": "V10" + } + }, + { + "name": "C_28532_measData_pm_99.xml", + "hashMap": { + "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "compression": "gzip", + "fileFormatType": "org.3GPP.32.435#measCollec", + "fileFormatVersion": "V10" + } + }, + { + "name": "C_28532_measData_pm_100.xml", + "hashMap": { + "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "compression": "gzip", + "fileFormatType": "org.3GPP.32.435#measCollec", + "fileFormatVersion": "V10" + } + } + ] + } + } +} diff --git a/sanitycheck/Makefile b/sanitycheck/Makefile index 37f2669..3602875 100644 --- a/sanitycheck/Makefile +++ b/sanitycheck/Makefile @@ -19,11 +19,21 @@ stop: make -C ../pnfsimulator stop @echo "##### DONE #####" +upload-file-http-server: + @echo "##### Upload file to Http server #####" + curl -F "uploaded_file=@./resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz" -u demo:demo123456! http://localhost:7080/upload.php + @echo "\n##### DONE #####" + generate-event: @echo "##### Trigger PNF Simulator to generate event #####" curl -X POST http://localhost:5000/simulator/event -d @events/eventToVes.json --header "Content-Type: application/json" @echo "\n##### DONE #####" +generate-event-http-server: + @echo "##### Trigger PNF Simulator to generate event with Http Server #####" + curl -X POST http://localhost:5000/simulator/event -d @events/eventToVesWithHttpServer.json --header "Content-Type: application/json" + @echo "\n##### DONE #####" + reconfigure-ves-url: @echo "##### Change VES address configuration in PNF Simulator #####" curl -X PUT http://localhost:5000/simulator/config -d @events/vesAddressConfiguration.json --header "Content-Type: application/json" @@ -34,7 +44,12 @@ generate-multiple-events: curl -X POST http://localhost:5000/simulator/start -d @events/fewEventsToVes.json --header "Content-Type: application/json" @echo "\n##### DONE #####" +generate-multiple-events-http-server: + @echo "\n##### Trigger PNF Simulator to generate multiple events with http server#####" + curl -X POST http://localhost:5000/simulator/start -d @events/fewEventsToVesWithHttpServer.json --header "Content-Type: application/json" + @echo "\n##### DONE #####" + check-dmaap: @echo "##### Check dmaap simulator for collected events #####" make -C dmaap-simulator get-data - @echo "\n##### DONE #####" \ No newline at end of file + @echo "\n##### DONE #####" diff --git a/sanitycheck/README.md b/sanitycheck/README.md index ad5f3e3..61ed943 100644 --- a/sanitycheck/README.md +++ b/sanitycheck/README.md @@ -5,7 +5,8 @@ ``` ip a | grep docker0 | grep inet ``` -If the IP address is different than 172.17.0.1/16: + +If the IP address is different than 172.17.0.1/16: inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0 You have to change the IP address in file events/vesAddressConfiguration.json @@ -14,6 +15,11 @@ You have to change the IP address in file events/vesAddressConfiguration.json "vesServerUrl": "http://:8080/eventListener/v7" } ``` + +If you want use event with http server files: +``` +make upload-file-http-server +``` ### 1. Build Projects ``` make start @@ -32,6 +38,10 @@ make check-dmaap ``` make generate-event ``` +send event with files from Http Server +``` +generate-event-http-server +``` ### 3.2 Check dmaap sim should return list containing 1 event ``` @@ -43,6 +53,10 @@ this will send 4 event with interval 1 second ``` make generate-multiple-events ``` +this event will send 2 events with files from Http Server with interval 5 second +``` +make generate-multiple-events-http-server +``` ### 4.2 Check dmaap sim should return list containing 5 event (1 from point 3.1 and 4 from point 4.1) ``` diff --git a/sanitycheck/dmaap-simulator/README.md b/sanitycheck/dmaap-simulator/README.md index c06afdf..de0615a 100644 --- a/sanitycheck/dmaap-simulator/README.md +++ b/sanitycheck/dmaap-simulator/README.md @@ -1,7 +1,6 @@ DMaaP simulator --------------- - ### Build an image ``` make build diff --git a/sanitycheck/events/eventToVesWithHttpServer.json b/sanitycheck/events/eventToVesWithHttpServer.json new file mode 100644 index 0000000..3d128e6 --- /dev/null +++ b/sanitycheck/events/eventToVesWithHttpServer.json @@ -0,0 +1,36 @@ +{ + "event": { + "event": { + "commonEventHeader": { + "version": "4.0.1", + "vesEventListenerVersion": "7.0.1", + "domain": "notification", + "eventName": "Notification_gnb-Nokia_FileReady", + "eventId": "FileReady_1797490e-10ae-4d48-9ea7-3d7d790b25e1", + "lastEpochMicrosec": 8745745764578, + "priority": "Normal", + "reportingEntityName": "NOK6061ZW3", + "sequence": 0, + "sourceName": "NOK6061ZW3", + "startEpochMicrosec": 8745745764578, + "timeZoneOffset": "UTC+05.30" + }, + "notificationFields": { + "changeIdentifier": "PM_MEAS_FILES", + "changeType": "FileReady", + "notificationFieldsVersion": "2.0", + "arrayOfNamedHashMap": [ + { + "name": "C_28532_measData_pm_98.xml", + "hashMap": { + "location": "http://httpserver:httpserver@localhost:7080/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz", + "compression": "gzip", + "fileFormatType": "org.3GPP.32.435#measCollec", + "fileFormatVersion": "V10" + } + } + ] + } + } + } +} diff --git a/sanitycheck/events/fewEventsToVesWithHttpServer.json b/sanitycheck/events/fewEventsToVesWithHttpServer.json new file mode 100644 index 0000000..de3f100 --- /dev/null +++ b/sanitycheck/events/fewEventsToVesWithHttpServer.json @@ -0,0 +1,24 @@ +{ + "simulatorParams": { + "repeatCount": 2, + "repeatInterval": 5 + }, + "templateName": "notificationHttpServer.json", + "patch": { + "event": { + "commonEventHeader": { + "domain": "notification", + "eventName": "vFirewallBroadcastPackets", + "eventId": "#RandomString(10)", + "priority": "Normal", + "reportingEntityName": "myVNF", + "sequence": 1, + "sourceName": "ClosedLoopVNF", + "startEpochMicrosec": 1531616794, + "lastEpochMicrosec": 1531719042, + "vesEventListenerVersion": "7.0.1", + "version": "4.0.1" + } + } + } +} diff --git a/sanitycheck/pnfsimulator-secured/certservice/Makefile b/sanitycheck/pnfsimulator-secured/certservice/Makefile index 2d3754c..f6667e2 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/Makefile +++ b/sanitycheck/pnfsimulator-secured/certservice/Makefile @@ -11,7 +11,6 @@ restart-pnfsim: --clean-pnfsim start-pnfsim clean-all: --clean-pnfsim --clean-env - --start-certservice-and-ejbca: --create-certservice-internal-certs --start-certservice-ejbca-containers --configure-ejbca --start-certservice-ejbca-containers: @@ -34,25 +33,27 @@ clean-all: --clean-pnfsim --clean-env @echo 'Waiting for client certifiactes...' @until ls -1 ./resources/certservice-client/client-volume-for-pnfsim | grep "store" 1>/dev/null; do sleep 3; done @until ls -1 ./resources/certservice-client/client-volume-for-ves | grep "store" 1>/dev/null; do sleep 3; done + @until ls -1 ./resources/certservice-client/client-volume-for-httpserver | grep "store" 1>/dev/null; do sleep 3; done --create-client-volumes: mkdir -p ./resources/certservice-client/client-volume-for-pnfsim -m 777 mkdir -p ./resources/certservice-client/client-volume-for-ves -m 777 + mkdir -p ./resources/certservice-client/client-volume-for-httpserver -m 777 --start-local-secured-ves: docker-compose -f docker-compose-ves-dmaap.yml up --clean-pnfsim: docker-compose -f docker-compose-pnfsim.yml down - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/trust.jks || true - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/cert.p12 || true - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/p12.pass || true - rm -rf ./resources/certservice-client/client-volume-for-pnfsim/trust.pass || true + rm -rf ./resources/certservice-client/client-volume-for-pnfsim || true + rm -rf ./resources/certservice-client/client-volume-for-httpserver || true + --clean-env: docker-compose -f docker-compose-ves-dmaap.yml down docker-compose -f docker-compose-certservice-clients.yml down rm -rf ./resources/certservice-client/client-volume-for-pnfsim || true rm -rf ./resources/certservice-client/client-volume-for-ves || true + rm -rf ./resources/certservice-client/client-volume-for-httpserver || true docker-compose -f docker-compose-certservice-ejbca.yml down make -C resources/certs clear diff --git a/sanitycheck/pnfsimulator-secured/certservice/README.md b/sanitycheck/pnfsimulator-secured/certservice/README.md index 16a4793..2708041 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/README.md +++ b/sanitycheck/pnfsimulator-secured/certservice/README.md @@ -6,22 +6,23 @@ This readme describes how to run PNF Simulator with certificates fetched using O Using Makefile in this directory following can be achieved: * Setup environment for PNF Simulator, i.e.: - * Create certificates that will be used for internal communication between CertService and CertService Clients. - Generated internal certificates should be present in `resources/certs` directory. + * Create certificates that will be used for internal communication between CertService and CertService Clients. + Generated internal certificates should be present in `resources/certs` directory. * Start and configure EJBCA * Start and configure AAF Cert Service. - * Run Cert Service Clients to fetch certificates for VES and PNF Simulator. Certificates will be stored for the components -in `resources/certservice-client/client-volume-for-ves` and `resources/certservice-client/client-volume-for-pnfsim` accordingly. - * Start VES and DMaaP Simulator. Fetched certificates will be mounted to VES. + * Run Cert Service Clients to fetch certificates for VES and PNF Simulator. Certificates will be stored for the + components in `resources/certservice-client/client-volume-for-ves` + and `resources/certservice-client/client-volume-for-pnfsim` accordingly. + * Start VES and DMaaP Simulator. Fetched certificates will be mounted to VES. * Start PNF Simulator. Fetched certificates will be mounted to PNF Simulator. * Clean up. - + ### Prerequisites ##### VES collector local deployment prerequisites -By default, the image of VES from Nexus supports only HTTP communication. A local image with enabled HTTPS must be -build to use local VES as PNF simulator destination. +By default, the image of VES from Nexus supports only HTTP communication. A local image with enabled HTTPS must be build +to use local VES as PNF simulator destination. 1. Pull VES repository 2. In `/etc/collector.properties` file set field `auth.method=certBasicAuth` @@ -31,8 +32,6 @@ Local VES deployment uses also DMaaP simulator. Its image should be built locall 1. Go to `sanitycheck/dmaap-simulator` directory 2. Run: `make build` - - ### Setup environment To set up whole environment for PNF Simulator, i.e.: - deploy and configure EJBCA @@ -52,7 +51,9 @@ To run PNF Simulator execute: ```` make start-pnfsim ```` -This command starts PNF Simulator with certificates fetched using CertService (certificates are fetched in the previous step) +PNF Simulator starts together with the http server. +This command starts PNF Simulator with certificates fetched using CertService (certificates are fetched in the previous +step) ### Send event @@ -61,7 +62,6 @@ Configure PNF simulator to use proper VES URL by executing this command from ``p make reconfigure-ves-url ``` - Send an event from PNF simulator to VES by executing this command from ``pnf-simulator/sanitycheck`` directory: ``` make generate-event diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml index fdfd6c6..a7b19e4 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-certservice-clients.yml @@ -26,3 +26,14 @@ services: - ./resources/certservice-client/client-volume-for-pnfsim:/var/certs:rw - ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks + + oom-cert-client-httpserver: + image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 + container_name: oomcert-client-for-httpserver + env_file: ./resources/certservice-client/client-configuration-for-httpserver.env + networks: + - onap + volumes: + - ./resources/certservice-client/client-volume-for-httpserver:/var/certs:rw + - ./resources/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks + - ./resources/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks diff --git a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml index d5bb5e2..a46d29e 100644 --- a/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml +++ b/sanitycheck/pnfsimulator-secured/certservice/docker-compose-pnfsim.yml @@ -35,6 +35,28 @@ services: ME_CONFIG_MONGODB_ADMINUSERNAME: root ME_CONFIG_MONGODB_ADMINPASSWORD: zXcVbN123! + http-server: + image: http-server + ports: + - "7080:80" + - "7443:443" + networks: + - pnfsimulator + - public + volumes: + - ~/httpservervolumes/:/usr/local/apache2/htdocs + - ../../../httpserver/resources/.htaccess:/usr/local/apache2/htdocs/.htaccess + - ../../../httpserver/logs:/var/log/apache2 + - ./resources/certservice-client/client-volume-for-httpserver/:/etc/apache2/certs/ + command: bash -c " + echo 'Http Server start'; + while [[ $$(ls -1 /etc/apache2/certs/ | wc -l) != '3' ]]; do echo 'Waiting for certs...'; sleep 3; done; + chmod 777 /usr/local/apache2/htdocs; + cp /usr/local/apache2/conf/upload.php /usr/local/apache2/htdocs/upload.php; + /usr/sbin/apache2ctl -D FOREGROUND; + " + restart: on-failure + pnf-simulator: image: nexus3.onap.org:10003/onap/org.onap.integration.simulators.pnfsimulator ports: diff --git a/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env new file mode 100644 index 0000000..8e8eb34 --- /dev/null +++ b/sanitycheck/pnfsimulator-secured/certservice/resources/certservice-client/client-configuration-for-httpserver.env @@ -0,0 +1,18 @@ +#Client envs +REQUEST_URL=https://oom-cert-service:8443/v1/certificate/ +REQUEST_TIMEOUT=10000 +OUTPUT_PATH=/var/certs +CA_NAME=RA +OUTPUT_TYPE=PEM +#Csr config envs +COMMON_NAME=httpserver-onap.org +ORGANIZATION=Linux-Foundation +ORGANIZATION_UNIT=ONAP +LOCATION=San-Francisco +STATE=California +COUNTRY=US +#Tls config envs +KEYSTORE_PATH=/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks +KEYSTORE_PASSWORD=secret +TRUSTSTORE_PATH=/etc/onap/oom/certservice/certs/truststore.jks +TRUSTSTORE_PASSWORD=secret diff --git a/sanitycheck/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz b/sanitycheck/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz new file mode 100644 index 0000000..3af5ea8 Binary files /dev/null and b/sanitycheck/resources/E_VES_bulkPM_IF_3GPP_3_example_1.xml.gz differ diff --git a/sanitycheck/ves/README.md b/sanitycheck/ves/README.md index 29309a4..fc9e5dc 100644 --- a/sanitycheck/ves/README.md +++ b/sanitycheck/ves/README.md @@ -18,4 +18,5 @@ make health-check ### Stop ``` -make stop \ No newline at end of file +make stop +``` -- cgit 1.2.3-korg