summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTait,Trevor(rt0435) <rtait@amdocs.com>2018-12-10 11:37:25 -0500
committerTait,Trevor(rt0435) <rtait@amdocs.com>2018-12-10 13:21:52 -0500
commitc40d75739834fe2bd237d543cc9f8549931620af (patch)
tree1f4ee5164e92339a560e97ab2bf853689555d2cf
parent94363e1c6343e093bd6fa6ada854243bb8d7e1a6 (diff)
Update OOM to for HTTPS for Network Discovery
Issue-ID: SDNC-375 Change-Id: Ib1c045f08654e39d613a57f37cd336c129875604 Signed-off-by: Tait,Trevor(rt0435) <rtait@amdocs.com>
-rw-r--r--kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties8
-rw-r--r--kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/auth/tomcat_keystorebin0 -> 2214 bytes
-rw-r--r--kubernetes/pomba/charts/pomba-networkdiscovery/templates/deployment.yaml4
-rw-r--r--kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml13
-rw-r--r--kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml4
5 files changed, 25 insertions, 4 deletions
diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties
index a59cf41b33..cccba6b7bc 100644
--- a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties
+++ b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/application.properties
@@ -31,6 +31,14 @@ server.tomcat.max-idle-time=60000
#Servlet context parameters
server.context_parameters.p-name=value #context parameter with p-name as key and value as value.
+#Enable HTTPS
+server.port={{ .Values.config.serverSslPort }}
+server.ssl.key-store={{ .Values.config.serverSslKeyStore }}
+server.ssl.key-store-password={{ .Values.config.serverSslKeyStorePassword }}
+server.ssl.client-auth={{ .Values.config.serverSslClientAuth }}
+server.ssl.enabled={{ .Values.config.serverSslEnabled }}
+server.ssl.enabled-protocols={{ .Values.config.serverSslEnabledProtocols }}
+
# Basic Authentication
basicAuth.username={{ .Values.config.networkDiscoveryUserId }}
basicAuth.password={{ .Values.config.networkDiscoveryPassword }}
diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/auth/tomcat_keystore b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/auth/tomcat_keystore
new file mode 100644
index 0000000000..9eec841aa2
--- /dev/null
+++ b/kubernetes/pomba/charts/pomba-networkdiscovery/resources/config/auth/tomcat_keystore
Binary files differ
diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/templates/deployment.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/templates/deployment.yaml
index 91b4c5a254..7b955b4286 100644
--- a/kubernetes/pomba/charts/pomba-networkdiscovery/templates/deployment.yaml
+++ b/kubernetes/pomba/charts/pomba-networkdiscovery/templates/deployment.yaml
@@ -68,6 +68,10 @@ spec:
name: {{ include "common.fullname" . }}-auth-secret
subPath: client-cert-onap.p12
readOnly: true
+ - mountPath: /opt/app/config/auth/tomcat_keystore
+ name: {{ include "common.fullname" . }}-auth-secret
+ subPath: tomcat_keystore
+ readOnly: true
resources:
{{ include "common.resources" . | indent 12 }}
diff --git a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml
index 35369e7ba8..33eb2b82ed 100644
--- a/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml
+++ b/kubernetes/pomba/charts/pomba-networkdiscovery/values.yaml
@@ -34,6 +34,15 @@ debugEnabled: false
# Example:
config:
# Network Discovery Micro Service REST Client Configuration
+
+ #Enable HTTPS
+ serverSslPort: 8443
+ serverSslKeyStore: /opt/app/config/auth/tomcat_keystore
+ serverSslKeyStorePassword: password(OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10)
+ serverSslClientAuth: want
+ serverSslEnabled: true
+ serverSslEnabledProtocols: TLSv1.1,TLSv1.2
+
# Basic Authorization credentials for Network Discovery Micro Service Rest Service
networkDiscoveryUserId: admin
networkDiscoveryPassword: OBF:1u2a1toa1w8v1tok1u30
@@ -77,8 +86,8 @@ service:
#service being defined.
type: NodePort
name: pomba-networkdiscovery
- externalPort: 8080
- internalPort: 8080
+ externalPort: 8443
+ internalPort: 8443
nodePort: 99
# nodePort: <replace with unused node port suffix eg. 23>
# optional port name override - default can be defined in service.yaml
diff --git a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml
index ff1f6c86af..9e4a8807cb 100644
--- a/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml
+++ b/kubernetes/pomba/charts/pomba-networkdiscoveryctxbuilder/values.yaml
@@ -52,7 +52,7 @@ config:
# Network Discovery Micro Service REST Client Configuration
networkDiscoveryServiceName: pomba-networkdiscovery
networkDiscoveryPort: 9531
- networkDiscoveryHttpProtocol: http
+ networkDiscoveryHttpProtocol: https
networkDiscoveryPath: /network-discovery/v1/network/resource
# Wait for Network Discovery MicroService response in milliseconds
networkDiscoveryTimeOutInMilliseconds: 60000
@@ -116,4 +116,4 @@ resources:
requests:
cpu: 200m
memory: 800Mi
- unlimited: {} \ No newline at end of file
+ unlimited: {}