From 384b7b14722c5a2e351d61b3779869d680cebf8f Mon Sep 17 00:00:00 2001 From: tkogut Date: Fri, 16 Oct 2020 13:01:29 +0200 Subject: Adjust PNF simulator to use strict hostname checking. Use separate keystore/truststore for ves. Add network for communication between ves and pnfsim. Issue-ID: INT-1744 Signed-off-by: tkogut Change-Id: I6626ac6d6f74e739aeb93879eddfd44f9e9383ea --- .../docker-compose-certservice.yml | 93 ---------------------- 1 file changed, 93 deletions(-) delete mode 100644 sanitycheck/pnfsimulator-secured/docker-compose-certservice.yml (limited to 'sanitycheck/pnfsimulator-secured/docker-compose-certservice.yml') diff --git a/sanitycheck/pnfsimulator-secured/docker-compose-certservice.yml b/sanitycheck/pnfsimulator-secured/docker-compose-certservice.yml deleted file mode 100644 index e7d4cb6..0000000 --- a/sanitycheck/pnfsimulator-secured/docker-compose-certservice.yml +++ /dev/null @@ -1,93 +0,0 @@ -version: "2.1" - -networks: - certservice-network: - driver: bridge - name: certservice-network - pnf-simulator-network: - driver: bridge - name: pnf-simulator-network - -services: - - oom-cert-service: - image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-api:2.1.0 - volumes: - - ./certservice/certservice-resources/cmpServers.json:/etc/onap/oom/certservice/cmpServers.json - - ./certservice/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks - - ./certservice/certs/root.crt:/etc/onap/oom/certservice/certs/root.crt - - ./certservice/certs/certServiceServer-keystore.jks:/etc/onap/oom/certservice/certs/certServiceServer-keystore.jks - - ./certservice/certs/certServiceServer-keystore.p12:/etc/onap/oom/certservice/certs/certServiceServer-keystore.p12 - container_name: oomcert-service - ports: - - "8443:8443" - healthcheck: - test: ["CMD-SHELL", "curl https://localhost:8443/actuator/health --cacert /etc/onap/oom/certservice/certs/root.crt --cert-type p12 --cert /etc/onap/oom/certservice/certs/certServiceServer-keystore.p12 --pass secret"] - interval: 10s - timeout: 3s - retries: 15 - networks: - - certservice-network - - oom-cert-client: - image: nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0 - container_name: oomcert-client - env_file: ./certservice/client-resources/client-configuration.env - networks: - - certservice-network - volumes: - - ./certservice/client-resources/client-volume:/var/certs:rw - - ./certservice/certs/truststore.jks:/etc/onap/oom/certservice/certs/truststore.jks - - ./certservice/certs/certServiceClient-keystore.jks:/etc/onap/oom/certservice/certs/certServiceClient-keystore.jks - depends_on: - oom-cert-service: - condition: service_healthy - - mongo: - image: mongo - restart: always - networks: - - pnf-simulator-network - environment: - MONGO_INITDB_ROOT_USERNAME: root - MONGO_INITDB_ROOT_PASSWORD: zXcVbN123! - MONGO_INITDB_DATABASE: pnf_simulator - volumes: - - ../../pnfsimulator/db:/docker-entrypoint-initdb.d - ports: - - "27017:27017" - - mongo-express: - image: mongo-express - restart: always - networks: - - pnf-simulator-network - ports: - - 8081:8081 - environment: - ME_CONFIG_MONGODB_ADMINUSERNAME: root - ME_CONFIG_MONGODB_ADMINPASSWORD: zXcVbN123! - - pnf-simulator: - image: nexus3.onap.org:10003/onap/org.onap.integration.simulators.pnfsimulator - ports: - - "5000:5000" - networks: - - pnf-simulator-network - command: bash -c " - while [[ $$(ls -1 /app/store | wc -l) != '4' ]]; do echo 'Waiting for certs...'; sleep 3; done - && cp /app/store/truststore.jks /app/store/trust.jks - && cp /app/store/keystore.jks /app/store/cert.p12 - && export CLIENT_CERT_PASS=$$(cat /app/store/keystore.pass) - && export TRUST_CERT_PASS=$$(cat /app/store/truststore.pass) - && java -Dspring.config.location=file:/app/application.properties -cp /app/libs/*:/app/pnf-simulator.jar org.onap.pnfsimulator.Main - " - volumes: - - ../../pnfsimulator/logs:/var/log - - ../../pnfsimulator/templates:/app/templates - - ../../pnfsimulator/src/main/resources/application.properties:/app/application.properties - - ./certservice/client-resources/client-volume/:/app/store/ - restart: on-failure - depends_on: - - mongo - - mongo-express -- cgit 1.2.3-korg