summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorefiacor <fiachra.corcoran@est.tech>2019-05-14 09:10:20 +0000
committerefiacor <fiachra.corcoran@est.tech>2019-05-14 09:10:20 +0000
commit16669c578d7a3938a0aff5830e7f608e8d8eabdf (patch)
tree591e162d63792dd45b68aba21b4950f666e103a4
parent294fadee5e72be0ec54485a56471906a83195d50 (diff)
Disable unsecure DMaaP NodePorts
Change-Id: I6d59e09b0273241c5c98cc60e323940bf84bacdd Issue-ID: DMAAP-1152 Signed-off-by: efiacor <fiachra.corcoran@est.tech>
-rw-r--r--kubernetes/dmaap/components/dmaap-bc/templates/service.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml2
-rw-r--r--kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml6
-rw-r--r--kubernetes/dmaap/components/message-router/templates/service.yaml2
-rw-r--r--kubernetes/dmaap/values.yaml4
5 files changed, 14 insertions, 2 deletions
diff --git a/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml
index 4b51d44fa2..200988a3e2 100644
--- a/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml
+++ b/kubernetes/dmaap/components/dmaap-bc/templates/service.yaml
@@ -27,10 +27,12 @@ spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
+ {{- if .Values.global.allow_http }}
- port: {{ .Values.service.externalPort }}
targetPort: {{ .Values.service.internalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.name }}
+ {{- end}}
- port: {{ .Values.service.externalPort2 }}
targetPort: {{ .Values.service.internalPort2 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml
index c935ce4ca6..633898c213 100644
--- a/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-node/templates/service.yaml
@@ -28,10 +28,12 @@ spec:
type: {{.Values.config.dmaapDrNode.servicetype}}
ports:
{{if eq .Values.config.dmaapDrNode.servicetype "NodePort" -}}
+ {{- if .Values.global.allow_http }}
- port: {{.Values.config.dmaapDrNode.externalPort}}
targetPort: {{.Values.config.dmaapDrNode.internalPort}}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{.Values.config.dmaapDrNode.nodePort}}
name: {{.Values.config.dmaapDrNode.name}}
+ {{- end}}
- port: {{.Values.config.dmaapDrNode.externalPort2}}
targetPort: {{.Values.config.dmaapDrNode.internalPort2}}
nodePort: {{ .Values.global.nodePortPrefixExt | default .Values.nodePortPrefixExt }}{{.Values.config.dmaapDrNode.nodePort2}}
diff --git a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml
index 691c9dcc9f..0b40389b55 100644
--- a/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml
+++ b/kubernetes/dmaap/components/dmaap-dr-prov/templates/service.yaml
@@ -30,7 +30,7 @@ metadata:
"version": "v1",
"url": "/",
"protocol": "REST",
- "port": "{{.Values.config.dmaapDrProv.externalPort}}",
+ "port": "{{.Values.config.dmaapDrProv.externalPort2}}",
"visualRange":"1"
}
]'
@@ -38,11 +38,13 @@ metadata:
spec:
type: {{.Values.config.dmaapDrProv.servicetype}}
ports:
- {{if eq .Values.config.dmaapDrProv.servicetype "NodePort" -}}
+ {{- if eq .Values.config.dmaapDrProv.servicetype "NodePort" }}
+ {{- if .Values.global.allow_http }}
- port: {{.Values.config.dmaapDrProv.externalPort}}
targetPort: {{.Values.config.dmaapDrProv.internalPort}}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort}}
name: {{.Values.config.dmaapDrProv.name}}
+ {{- end}}
- port: {{.Values.config.dmaapDrProv.externalPort2}}
targetPort: {{.Values.config.dmaapDrProv.internalPort2}}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{.Values.config.dmaapDrProv.nodePort2}}
diff --git a/kubernetes/dmaap/components/message-router/templates/service.yaml b/kubernetes/dmaap/components/message-router/templates/service.yaml
index dfd90b28f2..1bce881a8e 100644
--- a/kubernetes/dmaap/components/message-router/templates/service.yaml
+++ b/kubernetes/dmaap/components/message-router/templates/service.yaml
@@ -39,9 +39,11 @@ spec:
type: {{ .Values.service.type }}
ports:
{{if eq .Values.service.type "NodePort" -}}
+ {{- if .Values.global.allow_http }}
- port: {{ .Values.service.externalPort }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort }}
name: {{ .Values.service.portName }}-{{ .Values.service.externalPort }}
+ {{- end}}
- port: {{ .Values.service.externalPort2 }}
nodePort: {{ .Values.global.nodePortPrefix | default .Values.nodePortPrefix }}{{ .Values.service.nodePort2 }}
name: {{ .Values.service.portName }}-{{ .Values.service.externalPort2 }}
diff --git a/kubernetes/dmaap/values.yaml b/kubernetes/dmaap/values.yaml
index aa5165d443..333a3e3f6d 100644
--- a/kubernetes/dmaap/values.yaml
+++ b/kubernetes/dmaap/values.yaml
@@ -23,6 +23,10 @@ global:
loggingRepository: docker.elastic.co
loggingImage: beats/filebeat:5.5.0
clientImage: onap/dmaap/dbc-client:1.0.9
+
+#Global DMaaP app config
+ allow_http: false
+
# application configuration
config:
logstashServiceName: log-ls