diff options
Diffstat (limited to 'kubernetes/appc')
8 files changed, 97 insertions, 38 deletions
diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh index 3cbee8db5f..705f3effb5 100755 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/bin/startODL.sh @@ -50,15 +50,12 @@ function enable_odl_cluster(){ } ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} -ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-admin} SDNC_HOME=${SDNC_HOME:-/opt/onap/ccsdk} APPC_HOME=${APPC_HOME:-/opt/onap/appc} SLEEP_TIME=${SLEEP_TIME:-120} MYSQL_PASSWD=${MYSQL_PASSWD:-{{.Values.config.mariadbRootPassword}}} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} -ENABLE_AAF=${ENABLE_AAF:-false} -AAF_EXT_IP=${AAF_EXT_IP:-{{.Values.config.aafExtIP}}} -AAF_EXT_FQDN=${AAF_EXT_FQDN:-{{.Values.config.aafExtFQDN}}} +ENABLE_AAF=${ENABLE_AAF:-true} appcInstallStartTime=$(date +%s) @@ -149,7 +146,6 @@ then echo "Copying the aaa shiro configuration into opendaylight" if $ENABLE_AAF then - echo "${AAF_EXT_IP} ${AAF_EXT_FQDN}" >> /etc/hosts cp ${APPC_HOME}/data/properties/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml else cp ${APPC_HOME}/data/aaa-app-config.xml ${ODL_HOME}/etc/opendaylight/datastore/initial/config/aaa-app-config.xml diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml index 3dd78d3cdf..81834eaafc 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaa-app-config.xml @@ -80,37 +80,37 @@ <urls> <pair-key>/auth/**</pair-key> <!-- <pair-value>authcBasic, roles[admin], dynamicAuthorization</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/restconf/config/aaa-cert-mdsal**</pair-key> <!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/restconf/operational/aaa-cert-mdsal**</pair-key> <!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/restconf/operations/aaa-cert-rpc**</pair-key> <!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/restconf/config/aaa-authn-model**</pair-key> <!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/restconf/operational/aaa-authn-model**</pair-key> <!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/restconf/operations/cluster-admin**</pair-key> <!-- <pair-value>authcBasic, roles[admin]</pair-value> --> - <pair-value>authcBasic, roles[org.onap.appc.odl|odl-admin|*]</pair-value> + <pair-value>authcBasic, roles[org.onap.appc.odl|odl-api|*]</pair-value> </urls> <urls> <pair-key>/**</pair-key> diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties index afd1e9569a..70285069ff 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/aaiclient.properties @@ -26,12 +26,13 @@ # # Certificate keystore and truststore # -org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/ccsdk/data/stores/truststore.onap.client.jks -org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=adminadmin -org.onap.ccsdk.sli.adaptors.aai.host.certificate.ignore=true +org.onap.ccsdk.sli.adaptors.aai.ssl.trust=/opt/onap/appc/data/stores/truststoreONAPall.jks +org.onap.ccsdk.sli.adaptors.aai.ssl.trust.psswd=changeit +org.onap.ccsdk.sli.adaptors.aai.ssl.key=/opt/onap/appc/data/stores/truststoreONAPall.jks +org.onap.ccsdk.sli.adaptors.aai.ssl.key.psswd=changeit -org.onap.ccsdk.sli.adaptors.aai.client.name=SDNC -org.onap.ccsdk.sli.adaptors.aai.client.psswd=SDNC +org.onap.ccsdk.sli.adaptors.aai.client.name=appc@appc.onap.org +org.onap.ccsdk.sli.adaptors.aai.client.psswd=demo123456! org.onap.ccsdk.sli.adaptors.aai.application=openECOMP connection.timeout=60000 diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties index 47c6788f9f..8553fcda02 100644 --- a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/appc.properties @@ -31,10 +31,10 @@ appc.demo.threads.queuesize.min=1 appc.demo.threads.queuesize.max=1000 appc.demo.threads.poolsize.min=1 appc.demo.threads.poolsize.max=2 -appc.demo.provider.user=admin +appc.demo.provider.user={{.Values.config.odlUser}} appc.demo.provider.pass={{.Values.config.odlPassword}} appc.demo.provider.url=http://localhost:8181/restconf/operations/appc-provider -appc.provider.vfodl.url=http://admin:{{.Values.config.odlPassword}}@{{.Values.service.name}}:{{.Values.service.externalPort}}/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/sample-plugin:sample-plugin/pg-streams/ +appc.provider.vfodl.url=http://{{.Values.config.odlUser}}:{{.Values.config.odlPassword}}@{{.Values.service.name}}:{{.Values.service.externalPort}}/restconf/config/network-topology:network-topology/topology/topology-netconf/node/NODE_NAME/yang-ext:mount/sample-plugin:sample-plugin/pg-streams/ # The properties right below are needed to properly call the Master DG to serve demo purposes appc.service.logic.module.name=APPC @@ -79,7 +79,7 @@ appc.LCM.poolMembers=message-router.{{.Release.Namespace}}:3904 appc.LCM.topic.read=APPC-LCM-READ appc.LCM.topic.write=APPC-LCM-WRITE appc.LCM.client.name=APPC-EVENT-LISTENER-TEST -appc.LCM.provider.user=admin +appc.LCM.provider.user={{.Values.config.odlUser}} appc.LCM.provider.pass={{.Values.config.odlPassword}} appc.LCM.provider.url=http://localhost:8181/restconf/operations/appc-provider-lcm appc.LCM.scopeOverlap.endpoint=http://localhost:8181/restconf/operations/interfaces-service:execute-service @@ -87,7 +87,7 @@ appc.LCM.scopeOverlap.endpoint=http://localhost:8181/restconf/operations/interfa # properties from appc-netconf-adapter-bundle, appc-dg-common, appc-dmaap-adapter-bundle poolMembers=message-router.{{.Release.Namespace}}:3904 event.pool.members=message-router.{{.Release.Namespace}}:3904 -restconf.user=admin +restconf.user={{.Values.config.odlUser}} restconf.pass={{.Values.config.odlPassword}} @@ -126,5 +126,5 @@ appc.OAM.service=ueb appc.OAM.topic.read=testOAM appc.OAM.topic.write=testOAM appc.OAM.client.name=testOAM -appc.OAM.provider.user=admin +appc.OAM.provider.user={{.Values.config.odlUser}} appc.OAM.provider.pass={{.Values.config.odlPassword}} diff --git a/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties new file mode 100644 index 0000000000..7ce85c388e --- /dev/null +++ b/kubernetes/appc/resources/config/appc/opt/onap/appc/data/properties/cadi.properties @@ -0,0 +1,57 @@ +### +# ============LICENSE_START======================================================= +# APPC +# ================================================================================ +# Copyright (C) 2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### +#hostname=localhost + +cadi_loglevel=INFO + +############################################################ +# Properties Generated by AT&T Certificate Manager +# @copyright 2016, AT&T +############################################################ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/onap/appc/data/stores/org.onap.appc.keyfile +cadi_keystore=/opt/onap/appc/data/stores/org.onap.appc.p12 +cadi_keystore_password=enc:4DVUTKvRCCtebQrKskDsuKFIHLzOf2M9XxNOhVIK4xb +#cadi_key_password=enc:<KEY PASSWORD (optional if the same as KEYSTORE PASSWORD)> +cadi_alias=appc@appc.onap.org +cadi_truststore=/opt/onap/appc/data/stores/truststoreONAPall.jks +cadi_truststore_password=enc:O3Vtv5e77OQWJ_OiLC9Atj3ngyYfulRK519JYFmbKl7 + +## +## org.osaaf.location.props +## +## Localized Machine Information +## +# Almeda California ? +cadi_latitude=37.78187 +cadi_longitude=-122.26147 + +# Locate URL (which AAF Env) +aaf_locate_url=https://aaf-locate.{{.Release.Namespace}}:8095 + +# AAF URL +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.0 + +# AAF Environment Designation +aaf_env=DEV + +# OAuth2 Endpoints +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.0/token +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.0/introspect diff --git a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg index 0bbdbb7dcd..e68057f87a 100644 --- a/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg +++ b/kubernetes/appc/resources/config/log/org.ops4j.pax.logging.cfg @@ -1,19 +1,22 @@ ################################################################################ # -# Licensed to the Apache Software Foundation (ASF) under one or more -# contributor license agreements. See the NOTICE file distributed with -# this work for additional information regarding copyright ownership. -# The ASF licenses this file to You under the Apache License, Version 2.0 -# (the "License"); you may not use this file except in compliance with -# the License. You may obtain a copy of the License at +# ============LICENSE_START======================================================= +# ONAP : APPC +# ================================================================================ +# Copyright (C) 2017-2018 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= # ################################################################################ diff --git a/kubernetes/appc/templates/statefulset.yaml b/kubernetes/appc/templates/statefulset.yaml index 8ecda882de..6b0373fbc8 100644 --- a/kubernetes/appc/templates/statefulset.yaml +++ b/kubernetes/appc/templates/statefulset.yaml @@ -98,6 +98,9 @@ spec: - mountPath: /opt/onap/appc/data/properties/aaiclient.properties name: onap-appc-data-properties subPath: aaiclient.properties + - mountPath: /opt/onap/appc/data/properties/cadi.properties + name: onap-appc-data-properties + subPath: cadi.properties - mountPath: /opt/onap/appc/data/properties/aaa-app-config.xml name: onap-appc-data-properties subPath: aaa-app-config.xml diff --git a/kubernetes/appc/values.yaml b/kubernetes/appc/values.yaml index d37f50b59e..d6719c1e37 100644 --- a/kubernetes/appc/values.yaml +++ b/kubernetes/appc/values.yaml @@ -39,8 +39,6 @@ debugEnabled: false # application configuration config: - aafExtIP: 127.0.0.1 - aafExtFQDN: aaf-onap-beijing-test.osaaf.org ansibleServiceName: appc-ansible-server ansiblePort: 8000 mariadbRootPassword: secretpassword @@ -49,13 +47,13 @@ config: mysqlDatabase: my-database mariadbGaleraSVCName: appc-dbhost mariadbGaleraContName: appc-db - enableAAF: false - enableClustering: true + enableAAF: true + enableClustering: false configDir: /opt/onap/appc/data/properties dmaapTopic: SUCCESS logstashServiceName: log-ls logstashPort: 5044 - odlPassword: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U + odlPassword: demo123456! openStackType: OpenStackProvider openStackName: OpenStack openStackKeyStoneUrl: http://localhost:8181/apidoc/explorer/index.html @@ -63,6 +61,7 @@ config: openStackDomain: default openStackUserName: admin openStackEncryptedPassword: admin + odlUser: appc@appc.onap.org appc-ansible-server: service: |