summaryrefslogtreecommitdiffstats
path: root/kubernetes/oof/components/oof-cmso/resources
diff options
context:
space:
mode:
authorkrishnaa96 <krishna.moorthy6@wipro.com>2020-08-11 10:26:50 +0530
committerkrishnaa96 <krishna.moorthy6@wipro.com>2020-09-16 18:34:44 +0530
commitdbcd1cacf9d08b2d17b569736effb389c6f99d13 (patch)
tree9a3af346400f6d7f0c30fc8813b2527b835f4134 /kubernetes/oof/components/oof-cmso/resources
parent27aae18cdee00c873e3617a6a3b5fb2d294b9b98 (diff)
[OOF] Use certInitializer for OOF pods
Remove Hardcoded certificates from OOF Resturcture OOF charts Issue-ID: OPTFRA-803 Signed-off-by: krishnaa96 <krishna.moorthy6@wipro.com> Change-Id: Ibe886a44fcbf22bb3443fbb8ec8e37ddc7636ffe
Diffstat (limited to 'kubernetes/oof/components/oof-cmso/resources')
-rw-r--r--kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties1
-rw-r--r--kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml55
2 files changed, 56 insertions, 0 deletions
diff --git a/kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties b/kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties
new file mode 100644
index 0000000000..e7fc221a20
--- /dev/null
+++ b/kubernetes/oof/components/oof-cmso/resources/certs/AAFUserRoles.properties
@@ -0,0 +1 @@
+/**=org.onap.oof.access|*|get ALL \ No newline at end of file
diff --git a/kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml b/kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml
new file mode 100644
index 0000000000..50586783e9
--- /dev/null
+++ b/kubernetes/oof/components/oof-cmso/resources/log/filebeat/filebeat.yml
@@ -0,0 +1,55 @@
+# Copyright © 2018 Amdocs, Bell Canada, AT&T
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+filebeat.prospectors:
+#it is mandatory, in our case it's log
+- input_type: log
+ #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory.
+ paths:
+ - /var/log/onap/*/*/*/*.log
+ - /var/log/onap/*/*/*.log
+ - /var/log/onap/*/*.log
+ #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive
+ ignore_older: 48h
+ # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit
+ clean_inactive: 96h
+
+
+# Name of the registry file. If a relative path is used, it is considered relative to the
+# data path. Else full qualified file name.
+#filebeat.registry_file: ${path.data}/registry
+
+
+output.logstash:
+ #List of logstash server ip addresses with port number.
+ #But, in our case, this will be the loadbalancer IP address.
+ #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately.
+ hosts: ["{{.Values.config.log.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.log.logstashPort}}"]
+ #If enable will do load balancing among availabe Logstash, automatically.
+ loadbalance: true
+
+ #The list of root certificates for server verifications.
+ #If certificate_authorities is empty or not set, the trusted
+ #certificate authorities of the host system are used.
+ #ssl.certificate_authorities: $ssl.certificate_authorities
+
+ #The path to the certificate for SSL client authentication. If the certificate is not specified,
+ #client authentication is not available.
+ #ssl.certificate: $ssl.certificate
+
+ #The client certificate key used for client authentication.
+ #ssl.key: $ssl.key
+
+ #The passphrase used to decrypt an encrypted key stored in the configured key file
+ #ssl.key_passphrase: $ssl.key_passphrase