summaryrefslogtreecommitdiffstats
path: root/kubernetes/dmaap/components/message-router/charts
diff options
context:
space:
mode:
authorKrzysztof Opasiak <k.opasiak@samsung.com>2021-03-31 20:36:11 +0000
committerGerrit Code Review <gerrit@onap.org>2021-03-31 20:36:11 +0000
commit340267ab46f41493c1509b9d77a3ccbdb529eb27 (patch)
treeb0f28ddbcdc8ce1a0897734ab400d98b8255a09f /kubernetes/dmaap/components/message-router/charts
parent20a7b21e9ceb5d2018d83b1a6b7b8672db84eaeb (diff)
parentd060b429ac549682dce9dd8b1225aa6726b74181 (diff)
Merge "[DMAAP][MR] Update hardcoded certificates" into guilin
Diffstat (limited to 'kubernetes/dmaap/components/message-router/charts')
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/cadi.properties (renamed from kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties)6
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.keyfile27
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.p12bin0 -> 4637 bytes
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.trust.jksbin0 -> 1413 bytes
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml13
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/secrets.yaml14
-rw-r--r--kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml25
7 files changed, 60 insertions, 25 deletions
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/cadi.properties
index 2bee404c0b..9d190f4c39 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/config/cadi.properties
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/cadi.properties
@@ -3,16 +3,16 @@ aaf_env=DEV
aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm
cadi_truststore=/etc/kafka/secrets/cert/org.onap.dmaap.mr.trust.jks
-cadi_truststore_password=enc:mN6GiIzFQxKGDzAXDOs7b4j8DdIX02QrZ9QOWNRpxV3rD6whPCfizSMZkJwxi_FJ
+cadi_truststore_password=enc:_ZrH3rkJPIOYVD7lAxlE_s2mGBNsWa4e7gHLlPz7_KC84_UQwc26MLEOoYS2ROxB
cadi_keyfile=/etc/kafka/secrets/cert/org.onap.dmaap.mr.keyfile
cadi_alias=dmaapmr@mr.dmaap.onap.org
cadi_keystore=/etc/kafka/secrets/cert/org.onap.dmaap.mr.p12
-cadi_keystore_password=enc:_JJT2gAEkRzXla5xfDIHal8pIoIB5iIos3USvZQT6sL-l14LpI5fRFR_QIGUCh5W
+cadi_keystore_password=enc:GbVFJzhyO_a-JqjrwLrlzBl63x4pKsygTWSATlYYKLsCRFSFP6x4MtwKEpGbbtrk
cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US
cadi_loglevel=INFO
cadi_protocols=TLSv1.1,TLSv1.2
cadi_latitude=37.78187
-cadi_longitude=-122.26147 \ No newline at end of file
+cadi_longitude=-122.26147
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.keyfile b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.keyfile
new file mode 100644
index 0000000000..7acb332c2e
--- /dev/null
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.keyfile
@@ -0,0 +1,27 @@
+SV2A4lpBx7lrU86oIEs5Vi994hdhdk3ZOzN-o8r3VHBOp6NQks-r494popXjGEeepzkPtV2x8OS0
+yKJzc19D8jRTLWnsI9_c2gl_6YjYQ7mPKqzGcbM8WtF9mBKtxs-P3e1KJj0hg0uyY4JFjUVOoLG8
+5eAXW1MvAqmoMg6pZy5ygF8qqaB-eOrW9KeMMQGxn6U4PWS-SBDhoROY6CGjirTAFbcDOdfSvmrV
+5gprS8aT5g3gUeGX9yJIIo3ZUrpgSE7kqUa__kxUoP7KJtXyHjpwGoCMwcaLkn7yD_9rrSvHRARc
+MGYG18NgZCdiDNM059D6TyTMTEObQzgLLsxPmOawaQsa-XIhvMLQO4WeFAyza8RiAwR_0czLouFv
+JUjKXgfJJuxYCfUU-YLI3ptsxrDeX73geeUUsbsDKQll6bjxdl4ehj8einnkcWklWikRAY2FDbmY
+GvkSv3SoywIMMhQKPdccpqEnm_Gu5a8SVHklpqxh1s7ExWKdjJ026c9EwRUzJ5i1zkPzssUUH0Pd
+l07x2-2ROF8GTxEGECacfcDqaClG6SkyuSN1Xl3U0RTtTfesJo_Jvf2d268ejdC-XejCrQfvAxa4
+XNNTPhc_aY_xaG-9vBmH1rQXcNxS4NX-u3cBEGqtDeDy8x6ODhWGHwHpX4XH6kX_2HenGPHKW2rK
+J5CSP5QqmLP-idYI1zPuHRijSEMKNIYGQHuQmU5ZumnS9Qi7GXnY63Vvi1QKyTztImDSktbdzFD_
+AJDBwDtMHKe4f-NkNf3vPro_-8xeQPhPR7NkYq8HYnFhKQuHgMwzPpTaHhERLl5PJlVUEOf9Yk2u
+_7a1DAeM651FTNnpMiqEH2dqlk-fnJYA5GaNARf5bGhAJbex3Y0IHemsSuMShqORHQbQy4d0VGh6
+IsYwHEAufH0L6Kamo6LYcVMaDaHvxCUpZyYrGniZ7Bt65zl-E6s4kqPLwuoiyA2aVlmGZfwGHkXq
+teYutF2w2OzkhihDpcYQfPlavIxLUhVdXODzzHDkUwrdP2pvS7YSevk0hrNMiY9mAPlwwDV4MkiY
+ckPHcqkmRckLkp5Kt-_8GnR9rOCLHtgTOAP3xNi4i-JpSt7Eow-_g0Oedd5pcDB-qXV8SA0xs2Yb
+dTUOkrZ3-MvI0SfzSNuN5Uq5kkFjCUwWlcPIbIi19cuUbeM_88zKhtFtnmmxwtALNxs3fx0OjRXb
+4I9k_PsSP6rzoAljOshVlPUXScE0iA7M2yqjjfSSY50ROCIgVnJuL3m_tMr1CR83qwRLvgSgrzKm
+JvlUR4QzXfM2jpsQjUCxU3j4bangqg5mB0UFGoU8ONharVP1CrWI9YccgBePeuWvmseVwx8mkYWk
+FUHITpR0bHdSTHCWFC3N15ZjEj54dcGS-XNJyOtgisRFHHeob88_vljCfDQRp3LCU_FVFDRd4Pbf
+SwHtfvlWBfctm-N2XUx6WECNl2M40X6yDhqbYfbSdpOhc7ZpEoy57PTCBQrFkIK6_LexY8ruI794
+XSRRkg9DCr3Ph7ACOZDEeHFJuPy8h0BrCM9_YCLhtRLg03U0AOCM2mNriLN-ul2BRsL4exWmDwcs
+HTHXCycAoqctWKFruvonirdSSMYK1NkU1viqXQxs2qOHcYYagwIIzZFvcxuvBbAI90dCl_siy-iU
+f1MLLB8MSoxuATZtoIwJQopbyBoHby6-kYyRw-mD9EWg0ZprVRZAQ3U2Da42LZ3rZDiKTECJWtlk
+mSuNnQ69YXF6kSQrkfgpuWMYl6lqxaJWpkpenUkQq0NkzJhSvON6ktEMAFNR-t8ppk6nt0-fIEMQ
+WfbhUj3x3SSJL0kXYZZBe37rK0GhGOi9zrOImZ0EZ2erSMmkoU_sitmq5grDNSjWu5DynNAkRpdl
+mZbXprHJnki6LBB-_TeOBBT1TONDBB5SvrRnEM3UPMMJkIq-zLtD06w4uk7zrF5uC7B6K30M-126
+geHJwwiK-VfjswEU_fQn7oJ1ub3J4JWvR7wZsd7Y35txDzutSPHJX8s4hdOQEJnozvFoo7te \ No newline at end of file
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.p12 b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.p12
new file mode 100644
index 0000000000..7ff192b960
--- /dev/null
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.p12
Binary files differ
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.trust.jks b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.trust.jks
new file mode 100644
index 0000000000..20c00a5219
--- /dev/null
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/resources/certs/org.onap.dmaap.mr.trust.jks
Binary files differ
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml
index b5eed38e5d..a58c780894 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/configmap.yaml
@@ -15,18 +15,6 @@
*/}}
{{- if .Values.global.aafEnabled }}
-apiVersion: v1
-kind: ConfigMap
-metadata:
- name: {{ include "common.fullname" . }}-cadi-prop-configmap
- namespace: {{ include "common.namespace" . }}
- labels:
- app: {{ include "common.name" . }}
- chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
- release: {{ include "common.release" . }}
- heritage: {{ .Release.Service }}
-data:
-{{ tpl (.Files.Glob "resources/config/cadi.properties").AsConfig . | indent 2 }}
---
apiVersion: v1
kind: ConfigMap
@@ -57,7 +45,6 @@ data:
{{ tpl (.Files.Glob "resources/jaas/zk_client_jaas.conf").AsConfig . | indent 2 }}
---
{{- end }}
-
{{- if .Values.prometheus.jmx.enabled }}
apiVersion: v1
kind: ConfigMap
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/secrets.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/secrets.yaml
index 033d8d5441..9f78c7b2a4 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/secrets.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/secrets.yaml
@@ -15,3 +15,17 @@
*/}}
{{ include "common.secretFast" . }}
+---
+apiVersion: v1
+kind: Secret
+metadata:
+ name: {{ include "common.fullname" . }}-certs
+ namespace: {{ include "common.namespace" . }}
+ labels:
+ app: {{ include "common.name" . }}
+ chart: {{ .Chart.Name }}-{{ .Chart.Version | replace "+" "_" }}
+ release: {{ include "common.release" . }}
+ heritage: {{ .Release.Service }}
+type: Opaque
+data:
+{{ tpl (.Files.Glob "resources/certs/*").AsSecrets . | indent 2 }}
diff --git a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
index e08c78a582..071bc6709e 100644
--- a/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
+++ b/kubernetes/dmaap/components/message-router/charts/message-router-kafka/templates/statefulset.yaml
@@ -146,7 +146,7 @@ spec:
- containerPort: {{ .Values.jmx.port }}
name: jmx
{{- end }}
- {{ if eq .Values.liveness.enabled true }}
+ {{ if eq .Values.liveness.enabled true }}
livenessProbe:
tcpSocket:
port: {{ .Values.service.internalPort }}
@@ -170,8 +170,6 @@ spec:
value: {{ include "common.release" . }}-{{.Values.zookeeper.name}}-0.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-1.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}},{{ include "common.release" . }}-{{.Values.zookeeper.name}}-2.{{.Values.zookeeper.name}}.{{.Release.Namespace}}.svc.cluster.local:{{.Values.zookeeper.port}}
- name: KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE
value: "{{ .Values.kafka.enableSupport }}"
- - name: KAFKA_OPTS
- value: "{{ .Values.kafka.jaasOptions }}"
{{- if .Values.global.aafEnabled }}
- name: KAFKA_OPTS
value: "{{ .Values.kafka.jaasOptionsAaf }}"
@@ -218,7 +216,16 @@ spec:
{{- if .Values.global.aafEnabled }}
- mountPath: /etc/kafka/data/cadi.properties
subPath: cadi.properties
- name: cadi
+ name: certs
+ - mountPath: /etc/kafka/secrets/cert/org.onap.dmaap.mr.trust.jks
+ subPath: org.onap.dmaap.mr.trust.jks
+ name: certs
+ - mountPath: /etc/kafka/secrets/cert/org.onap.dmaap.mr.p12
+ subPath: org.onap.dmaap.mr.p12
+ name: certs
+ - mountPath: /etc/kafka/secrets/cert/org.onap.dmaap.mr.keyfile
+ subPath: org.onap.dmaap.mr.keyfile
+ name: certs
{{ end }}
- name: jaas-config
mountPath: /etc/kafka/secrets/jaas
@@ -239,18 +246,18 @@ spec:
hostPath:
path: /var/run/docker.sock
{{- if .Values.global.aafEnabled }}
- - name: cadi
- configMap:
- name: {{ include "common.fullname" . }}-cadi-prop-configmap
+ - name: certs
+ secret:
+ secretName: {{ include "common.fullname" . }}-certs
{{ end }}
- name: jaas
configMap:
name: {{ include "common.fullname" . }}-jaas-configmap
- {{- if .Values.prometheus.jmx.enabled }}
+ {{- if .Values.prometheus.jmx.enabled }}
- name: jmx-config
configMap:
name: {{ include "common.fullname" . }}-prometheus-configmap
- {{- end }}
+ {{- end }}
{{ if not .Values.persistence.enabled }}
- name: kafka-data
emptyDir: {}