[DCAE] Revert TLS disabling for external DCAE MSs

For Kohn we still base on AAF CM to provide TLS on the external DCAE services: - dcae-ves-collector - dcae-hv-ves-collector - dcae-datafile-collector - dcae-pm-mapper connection to dmaap-dr-node For London this will be changed to use Ingress TLS Issue-ID: OOM-2775 Signed-off-by: Andreas Geissler <andreas-geissler@telekom.de> Change-Id: I1deb6492483c6ae2db7b5437319dc722d78727c0 (cherry picked from commit 3502e73a2762fc50f9ba3ae5d65a3efe5f05bead)
author: Andreas Geissler <andreas-geissler@telekom.de> 2022-11-14 13:37:48 +0100
committer: Fiachra Corcoran <fiachra.corcoran@est.tech> 2022-11-22 13:43:41 +0000
commit: 470aff07d7efc0243810b6e524e70b36e0194286 (patch)
tree: cdb00b067eee99c36df4254c01173cab6bab26bb
parent: 86e6b74061d6b56a68a24dbac9a3c1cf140876ed (diff)
5 files changed, 13 insertions, 5 deletions
diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
index d990e4d299..cbe02a1bf9 100644
--- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml
@@ -69,7 +69,7 @@ certDirectory: /opt/app/datafile/etc/cert
 # TLS role -- set to true if microservice acts as server
 # If true, an init container will retrieve a server cert
 # and key from AAF and mount them in certDirectory.
-tlsServer: false
+tlsServer: true
 
 # CMPv2 certificate
 # It is used only when:
@@ -97,6 +97,7 @@ certificates:
 readinessCheck:
   wait_for:
     containers:
+      - aaf-cm
       - dmaap-bc
       - dmaap-provisioning-job
       - message-router
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml
index 162b624397..8c6fad9c64 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml
@@ -27,6 +27,9 @@ dependencies:
   - name: common
     version: ~11.x-0
     repository: '@local'
+  - name: readinessCheck
+    version: ~11.x-0
+    repository: '@local'
   - name: repositoryGenerator
     version: ~11.x-0
     repository: '@local'
diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
index 5d04aff9c8..da3f47358b 100644
--- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml
@@ -59,7 +59,7 @@ certDirectory: /etc/ves-hv/ssl
 # TLS role -- set to true if microservice acts as server
 # If true, an init container will retrieve a server cert
 # and key from AAF and mount them in certDirectory.
-tlsServer: false
+tlsServer: true
 
 secrets:
   - uid: hv-ves-kafka-secret
@@ -95,6 +95,9 @@ certificates:
         create: true
 
 # dependencies
+readinessCheck:
+  wait_for:
+    - aaf-cm
 
 # probe configuration
 readiness:
@@ -133,7 +136,7 @@ applicationConfig:
   server.idleTimeoutSec: 300
   server.listenPort: 6061
   cbs.requestIntervalSec: 5
-  security.sslDisable: true
+  security.sslDisable: false
   security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks
   security.keys.keyStorePasswordFile: /etc/ves-hv/ssl/jks.pass
   security.keys.trustStoreFile: /etc/ves-hv/ssl/trust.jks
diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
index da4c638623..a2479b62e2 100644
--- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml
@@ -139,7 +139,7 @@ applicationConfig:
   key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass
   trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks
   trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass
-  dmaap_dr_delete_endpoint: http://dmaap-dr-node:8080/delete
+  dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete
   streams_publishes:
     dmaap_publisher:
       type: message_router
diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
index 60d23230f8..e0b2b12087 100644
--- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
+++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml
@@ -59,7 +59,7 @@ certDirectory: /opt/app/dcae-certificate
 # TLS role -- set to true if microservice acts as server
 # If true, an init container will retrieve a server cert
 # and key from AAF and mount them in certDirectory.
-tlsServer: false
+tlsServer: true
 
 # CMPv2 certificate
 # It is used only when:
@@ -86,6 +86,7 @@ certificates:
 # dependencies
 readinessCheck:
   wait_for:
+    - aaf-cm
     - message-router
 
 # probe configuration
author	Andreas Geissler <andreas-geissler@telekom.de>	2022-11-14 13:37:48 +0100
committer	Fiachra Corcoran <fiachra.corcoran@est.tech>	2022-11-22 13:43:41 +0000
commit	470aff07d7efc0243810b6e524e70b36e0194286 (patch)
tree	cdb00b067eee99c36df4254c01173cab6bab26bb
parent	86e6b74061d6b56a68a24dbac9a3c1cf140876ed (diff)