diff options
author | Krzysztof Opasiak <k.opasiak@samsung.com> | 2021-03-31 20:36:11 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2021-03-31 20:36:11 +0000 |
commit | 340267ab46f41493c1509b9d77a3ccbdb529eb27 (patch) | |
tree | b0f28ddbcdc8ce1a0897734ab400d98b8255a09f /kubernetes/dmaap/components/message-router/resources/config | |
parent | 20a7b21e9ceb5d2018d83b1a6b7b8672db84eaeb (diff) | |
parent | d060b429ac549682dce9dd8b1225aa6726b74181 (diff) |
Merge "[DMAAP][MR] Update hardcoded certificates" into guilin
Diffstat (limited to 'kubernetes/dmaap/components/message-router/resources/config')
3 files changed, 153 insertions, 19 deletions
diff --git a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties deleted file mode 100755 index dca56c823d..0000000000 --- a/kubernetes/dmaap/components/message-router/resources/config/dmaap/cadi.properties +++ /dev/null @@ -1,19 +0,0 @@ -aaf_locate_url=https://aaf-locate.{{ include "common.namespace" . }}:8095 -aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 -aaf_env=DEV -aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm - -cadi_truststore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.trust.jks -cadi_truststore_password=enc:mN6GiIzFQxKGDzAXDOs7b4j8DdIX02QrZ9QOWNRpxV3rD6whPCfizSMZkJwxi_FJ - -cadi_keyfile=/appl/dmaapMR1/etc/org.onap.dmaap.mr.keyfile - -cadi_alias=dmaapmr@mr.dmaap.onap.org -cadi_keystore=/appl/dmaapMR1/etc/org.onap.dmaap.mr.p12 -cadi_keystore_password=enc:_JJT2gAEkRzXla5xfDIHal8pIoIB5iIos3USvZQT6sL-l14LpI5fRFR_QIGUCh5W -cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US - -cadi_loglevel=INFO -cadi_protocols=TLSv1.1,TLSv1.2 -cadi_latitude=37.78187 -cadi_longitude=-122.26147
\ No newline at end of file diff --git a/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml b/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml new file mode 100644 index 0000000000..be174ab5bd --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/config/etc/ajsc-jetty.xml @@ -0,0 +1,138 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- {{/* + ============LICENSE_START======================================================= + org.onap.dmaap + ================================================================================ + Copyright © 2017-2021 AT&T Intellectual Property. All rights reserved. + Copyright © 2021 Orange Intellectual Property. All rights reserved. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + http://www.apache.org/licenses/LICENSE-2.0 + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + ============LICENSE_END========================================================= + ECOMP is a trademark and service mark of AT&T Intellectual Property. +*/}} +--> + +<!DOCTYPE Configure PUBLIC "-//Jetty//Configure//EN" "http://www.eclipse.org/jetty/configure_9_0.dtd"> +<Configure id="ajsc-server" class="org.eclipse.jetty.server.Server"> + <!-- DO NOT REMOVE!!!! This is setting up the AJSC Context --> + <New id="ajscContext" class="org.eclipse.jetty.webapp.WebAppContext"> + <Set name="contextPath"><SystemProperty name="AJSC_CONTEXT_PATH" /></Set> + <Set name="extractWAR">true</Set> + <Set name="tempDirectory"><SystemProperty name="AJSC_TEMP_DIR" /></Set> + <Set name="war"><SystemProperty name="AJSC_WAR_PATH" /></Set> + <Set name="descriptor"><SystemProperty name="AJSC_HOME" />/etc/runner-web.xml</Set> + <Set name="overrideDescriptor"><SystemProperty name="AJSC_HOME" />/etc/ajsc-override-web.xml</Set> + <Set name="throwUnavailableOnStartupException">true</Set> + <Set name="extraClasspath"><SystemProperty name="AJSC_HOME" />/extJars/json-20131018.jar</Set> + <Set name="servletHandler"> + <New class="org.eclipse.jetty.servlet.ServletHandler"> + <Set name="startWithUnavailable">false</Set> + </New> + </Set> + </New> + + <Set name="handler"> + <New id="Contexts" class="org.eclipse.jetty.server.handler.ContextHandlerCollection"> + <Set name="Handlers"> + <Array type="org.eclipse.jetty.webapp.WebAppContext"> + <Item> + <Ref refid="ajscContext" /> + </Item> + </Array> + </Set> + </New> + </Set> + + <Call name="addBean"> + <Arg> + <New id="DeploymentManager" class="org.eclipse.jetty.deploy.DeploymentManager"> + <Set name="contexts"> + <Ref refid="Contexts" /> + </Set> + <Call id="extAppHotDeployProvider" name="addAppProvider"> + <Arg> + <New class="org.eclipse.jetty.deploy.providers.WebAppProvider"> + <Set name="monitoredDirName"><SystemProperty name="AJSC_HOME" />/extApps</Set> + <Set name="scanInterval">10</Set> + <Set name="extractWars">true</Set> + </New> + </Arg> + </Call> + </New> + </Arg> + </Call> + + <Call name="addConnector"> + <Arg> + <New class="org.eclipse.jetty.server.ServerConnector"> + <Arg name="server"> + <Ref refid="ajsc-server" /> + </Arg> + <Set name="port"><SystemProperty name="AJSC_HTTP_PORT" default="8080" /></Set> + </New> + </Arg> + </Call> + + + <!-- SSL Keystore configuration --> + + <New id="sslContextFactory" class="org.eclipse.jetty.util.ssl.SslContextFactory"> + <Set name="KeyStorePath">/appl/dmaapMR1/bundleconfig/etc/sysprops/local/org.onap.dmaap.mr.jks</Set> + <Set name="KeyStorePassword">wHOPeeVegmGk6OoiuEyUPuJjNgrlvKza62Mf6c0Mm4gMb5fAETzpMBv1BT2yv9Mx</Set> + <Set name="KeyManagerPassword">wHOPeeVegmGk6OoiuEyUPuJjNgrlvKza62Mf6c0Mm4gMb5fAETzpMBv1BT2yv9Mx</Set> + <Set name="WantClientAuth">true</Set> + </New> + <Call id="sslConnector" name="addConnector"> + <Arg> + <New class="org.eclipse.jetty.server.ServerConnector"> + <Arg name="server"> + <Ref refid="ajsc-server" /> + </Arg> + <Arg name="factories"> + <Array type="org.eclipse.jetty.server.ConnectionFactory"> + <Item> + <New class="org.eclipse.jetty.server.SslConnectionFactory"> + <Arg name="next">http/1.1</Arg> + <Arg name="sslContextFactory"> + <Ref refid="sslContextFactory" /> + </Arg> + </New> + </Item> + <Item> + <New class="org.eclipse.jetty.server.HttpConnectionFactory"> + <Arg name="config"> + <New class="org.eclipse.jetty.server.HttpConfiguration"> + <Call name="addCustomizer"> + <Arg> + <New class="org.eclipse.jetty.server.SecureRequestCustomizer" /> + </Arg> + </Call> + </New> + </Arg> + </New> + </Item> + </Array> + </Arg> + <Set name="port"><SystemProperty name="AJSC_HTTPS_PORT" default="0" /></Set> + <Set name="idleTimeout">30000</Set> + </New> + </Arg> + </Call> + + + <Get name="ThreadPool"> + <Set name="minThreads"><SystemProperty name="AJSC_JETTY_ThreadCount_MIN" /></Set> + <Set name="maxThreads"><SystemProperty name="AJSC_JETTY_ThreadCount_MAX" /></Set> + <Set name="idleTimeout"><SystemProperty name="AJSC_JETTY_IDLETIME_MAX" /></Set> + <Set name="detailedDump">false</Set> + </Get> + +</Configure> diff --git a/kubernetes/dmaap/components/message-router/resources/config/etc/cadi.properties b/kubernetes/dmaap/components/message-router/resources/config/etc/cadi.properties new file mode 100644 index 0000000000..789a44de26 --- /dev/null +++ b/kubernetes/dmaap/components/message-router/resources/config/etc/cadi.properties @@ -0,0 +1,15 @@ +aaf_locate_url=https://aaf-locate.onap:8095 +aaf_url=https://AAF_LOCATE_URL/onap.org.osaaf.aaf.service:2.1 +aaf_env=DEV +aaf_lur=org.onap.aaf.cadi.aaf.v2_0.AAFLurPerm +cadi_truststore=/appl/dmaapMR1/bundleconfig/etc/sysprops/local/org.onap.dmaap.mr.trust.jks +cadi_truststore_password=Eav*,dKoFUukNM$;?HMfvc2; +cadi_keyfile=/appl/dmaapMR1/bundleconfig/etc/sysprops/local/org.onap.dmaap.mr.keyfile +cadi_alias=dmaapmr@mr.dmaap.onap.org +cadi_keystore=/appl/dmaapMR1/bundleconfig/etc/sysprops/local/org.onap.dmaap.mr.p12 +cadi_keystore_password=358ia?XLZ)nPeM?HFh3M6{Nc +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_loglevel=INFO +cadi_protocols=TLSv1.1,TLSv1.2 +cadi_latitude=37.78187 +cadi_longitude=-122.26147 |