diff options
Diffstat (limited to 'kubernetes/dmaap/components/dmaap-dr-node/resources/config')
6 files changed, 392 insertions, 0 deletions
diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties new file mode 100644 index 0000000000..90c413738c --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/drNodeCadi.properties @@ -0,0 +1,23 @@ +cadi_x509_issuers=CN=intermediateCA_1, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_7, OU=OSAAF, O=ONAP, C=US:CN=intermediateCA_9, OU=OSAAF, O=ONAP, C=US +cadi_keyfile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.keyfile +cadi_keystore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +cadi_keystore_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_key_password=]3V)($O&.Mv]W{f8^]6SxGNL +cadi_alias=dmaap-dr-node@dmaap-dr.onap.org +cadi_truststore=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +cadi_truststore_password=(Rd,&{]%ePdp}4JZjqoJ2G+g + +aaf_env=DEV +aaf_locate_url=https://aaf-onap-test.osaaf.org:8095 +aaf_oauth2_introspect_url=https://AAF_LOCATE_URL/AAF_NS.introspect:2.1/introspect +aaf_oauth2_token_url=https://AAF_LOCATE_URL/AAF_NS.token:2.1/token +aaf_url=https://AAF_LOCATE_URL/AAF_NS.service:2.1 +cadi_protocols=TLSv1.1,TLSv1.2 +cm_url=https://AAF_LOCATE_URL/AAF_NS.cm:2.1 +fs_url=https://AAF_LOCATE_URL/AAF_NS.fs.2.1 +gui_url=https://AAF_LOCATE_URL/AAF_NS.gui.2.1 + +cadi_latitude=53.423 +cadi_longitude=7.940 + +cadi_loglevel=INFO
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh new file mode 100644 index 0000000000..1289ecae86 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/createFeed.sh @@ -0,0 +1,14 @@ +#!/bin/sh + +dr_prov_url="{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.internalPort2}}" +ct_header="Content-Type:application/vnd.dmaap-dr.feed" +obo_header="X-DMAAP-DR-ON-BEHALF-OF:dradmin" +feed_payload=/opt/app/datartr/etc/dedicatedFeed.json + +sleep 20 + +if curl -k https://${dr_prov_url}/internal/prov | awk 'BEGIN{ORS=""} {print}' | egrep "\"feeds\":\s+\[\]"; then + curl -X POST -H ${ct_header} -H ${obo_header} --data-ascii @${feed_payload} --post301 --location-trusted -k https://${dr_prov_url}; +else + echo "NO feed creation required"; +fi diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json new file mode 100644 index 0000000000..a96f46d528 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/feeds/dedicatedFeed.json @@ -0,0 +1,18 @@ +{ + "name": "Default PM Feed", + "version": "m1.0", + "description": "Default feed provisioned for PM File collector", + "business_description": "Default Feed", + "suspend": false, + "deleted": false, + "changeowner": true, + "authorization": { + "classification": "unclassified", + "endpoint_addrs": [], + "endpoint_ids": [ + { + "password": "dradmin", + "id": "dradmin" + }] + } +}
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml new file mode 100644 index 0000000000..f1cf7394b6 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/log/filebeat/filebeat.yml @@ -0,0 +1,60 @@ +# ============LICENSE_START======================================================= +# Copyright (C) 2019 The Nordix Foundation. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# SPDX-License-Identifier: Apache-2.0 +# ============LICENSE_END========================================================= + +filebeat.prospectors: +#it is mandatory, in our case it's log +- input_type: log + #This is the canolical path as mentioned in logback.xml, *.* means it will monitor all files in the directory. + paths: + - /var/log/onap/*/*/*/*.log + - /var/log/onap/*/*/*.log + - /var/log/onap/*/*.log + - /opt/app/datartr/logs/*.log + #Files older than this should be ignored.In our case it will be 48 hours i.e. 2 days. It is a helping flag for clean_inactive + ignore_older: 48h + # Remove the registry entry for a file that is more than the specified time. In our case it will be 96 hours, i.e. 4 days. It will help to keep registry records with in limit + clean_inactive: 96h + + +# Name of the registry file. If a relative path is used, it is considered relative to the +# data path. Else full qualified file name. +#filebeat.registry_file: ${path.data}/registry + + +output.logstash: + #List of logstash server ip addresses with port number. + #But, in our case, this will be the loadbalancer IP address. + #For the below property to work the loadbalancer or logstash should expose 5044 port to listen the filebeat events or port in the property should be changed appropriately. + hosts: ["{{.Values.config.logstashServiceName}}.{{.Release.Namespace}}:{{.Values.config.logstashPort}}"] + #If enable will do load balancing among available Logstash, automatically. + loadbalance: true + + #The list of root certificates for server verifications. + #If certificate_authorities is empty or not set, the trusted + #certificate authorities of the host system are used. + #ssl.certificate_authorities: $ssl.certificate_authorities + + #The path to the certificate for SSL client authentication. If the certificate is not specified, + #client authentication is not available. + #ssl.certificate: $ssl.certificate + + #The client certificate key used for client authentication. + #ssl.key: $ssl.key + + #The passphrase used to decrypt an encrypted key stored in the configured key file + #ssl.key_passphrase: $ssl.key_passphrase
\ No newline at end of file diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml new file mode 100644 index 0000000000..25a2c6e093 --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/logback.xml @@ -0,0 +1,148 @@ +<!-- + ============LICENSE_START======================================================= + Copyright (C) 2019 Nordix Foundation. + ================================================================================ + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + SPDX-License-Identifier: Apache-2.0 + ============LICENSE_END========================================================= +--> +<configuration scan="true" scanPeriod="3 seconds" debug="true"> + + <property name="generalLogName" value="apicalls" /> + <property name="errorLogName" value="errors" /> + <property name="jettyAndNodeLogName" value="node"/> + + <property name="defaultPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|%msg%n" /> + <property name="jettyAndNodeLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%logger|%thread|%.-5level|%msg%n" /> + <property name="debugLoggerPattern" value="%d{MM/dd-HH:mm:ss.SSS}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{ServiceName}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ServerFQDN}|%X{RemoteHost}|%X{Timer}|[%caller{3}]|%msg%n" /> + + <property name="logDirectory" value="/opt/app/datartr/logs" /> + + <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender"> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <!-- ============================================================================ --> + <!-- EELF Appenders --> + <!-- ============================================================================ --> + + <appender name="EELF" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${generalLogName}.log</file> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>INFO</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${generalLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELF" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELF" /> + </appender> + + <appender name="EELFError" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${errorLogName}.log</file> + <filter class="ch.qos.logback.classic.filter.LevelFilter"> + <level>ERROR</level> + <onMatch>ACCEPT</onMatch> + <onMismatch>DENY</onMismatch> + </filter> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${errorLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${defaultPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFError" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="EELFError"/> + </appender> + + <!-- ============================================================================ --> + <appender name="jettyAndNodelog" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/${jettyAndNodeLogName}.log</file> + <filter class="org.onap.dmaap.datarouter.node.eelf.EELFFilter" /> + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/${jettyAndNodeLogName}.%i.log.zip + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${jettyAndNodeLoggerPattern}</pattern> + </encoder> + </appender> + + <appender name="asyncEELFjettyAndNodelog" class="ch.qos.logback.classic.AsyncAppender"> + <queueSize>256</queueSize> + <appender-ref ref="jettyAndNodelog" /> + <includeCallerData>true</includeCallerData> + </appender> + + <!-- ============================================================================ --> + <!-- EELF loggers --> + <!-- ============================================================================ --> + <logger name="com.att.eelf" level="info" additivity="false"> + <appender-ref ref="asyncEELF" /> + </logger> + + <logger name="com.att.eelf.error" level="error" additivity="false"> + <appender-ref ref="asyncEELFError" /> + </logger> + + <logger name="log4j.logger.org.eclipse.jetty" additivity="false" level="info"> + <appender-ref ref="asyncEELFjettyAndNodelog"/> + </logger> + + <root level="INFO"> + <appender-ref ref="asyncEELF" /> + <appender-ref ref="asyncEELFError" /> + <appender-ref ref="asyncEELFjettyAndNodelog" /> + </root> + +</configuration> diff --git a/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties new file mode 100644 index 0000000000..f2896ccafa --- /dev/null +++ b/kubernetes/dmaap/components/dmaap-dr-node/resources/config/node.properties @@ -0,0 +1,129 @@ +#------------------------------------------------------------------------------- +# ============LICENSE_START================================================== +# * org.onap.dmaap +# * =========================================================================== +# * Copyright © 2017 AT&T Intellectual Property. All rights reserved. +# * =========================================================================== +# * Licensed under the Apache License, Version 2.0 (the "License"); +# * you may not use this file except in compliance with the License. +# * You may obtain a copy of the License at +# * +# * http://www.apache.org/licenses/LICENSE-2.0 +# * +# * Unless required by applicable law or agreed to in writing, software +# * distributed under the License is distributed on an "AS IS" BASIS, +# * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# * See the License for the specific language governing permissions and +# * limitations under the License. +# * ============LICENSE_END==================================================== +# * +# * ECOMP is a trademark and service mark of AT&T Intellectual Property. +# * +#------------------------------------------------------------------------------- +# +# Configuration parameters fixed at startup for the DataRouter node +# +# URL to retrieve dynamic configuration +# +#ProvisioningURL: ${DRTR_PROV_INTURL} +ProvisioningURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/prov + +# +# URL to upload PUB/DEL/EXP logs +# +#LogUploadURL: ${DRTR_LOG_URL} +LogUploadURL=https://{{.Values.config.dmaapDrProv.name}}:{{.Values.config.dmaapDrProv.externalPort2}}/internal/logs + +# +# The port number for http as seen within the server +# +#IntHttpPort: ${DRTR_NODE_INTHTTPPORT:-8080} +IntHttpPort={{.Values.config.dmaapDrNode.internalPort}} +# +# The port number for https as seen within the server +# +IntHttpsPort={{.Values.config.dmaapDrNode.internalPort2}} +# +# The external port number for https taking port mapping into account +# +ExtHttpsPort=443 +# +# The minimum interval between fetches of the dynamic configuration +# from the provisioning server +# +MinProvFetchInterval=10000 +# +# The minimum interval between saves of the redirection data file +# +MinRedirSaveInterval=10000 +# +# The path to the directory where log files are stored +# +LogDir=/opt/app/datartr/logs +# +# The retention interval (in days) for log files +# +LogRetention=30 +# +# The path to the directories where data and meta data files are stored +# +SpoolDir=/opt/app/datartr/spool +# +# The path to the redirection data file +# +#RedirectionFile: etc/redirections.dat +# +# The type of keystore for https +# +KeyStoreType=jks +# +# The path to the keystore for https +# +KeyStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.jks +# +# The password for the https keystore +# +KeyStorePassword=]3V)($O&.Mv]W{f8^]6SxGNL +# +# The password for the private key in the https keystore +# +KeyPassword=]3V)($O&.Mv]W{f8^]6SxGNL +# +# The type of truststore for https +# +TrustStoreType=jks +# +# The path to the truststore for https +# +TrustStoreFile=/opt/app/datartr/aaf_certs/org.onap.dmaap-dr.trust.jks +# +# The password for the https truststore +# +TrustStorePassword=(Rd,&{]%ePdp}4JZjqoJ2G+g +# +# The path to the file used to trigger an orderly shutdown +# +QuiesceFile=etc/SHUTDOWN +# +# The key used to generate passwords for node to node transfers +# +NodeAuthKey=Node123! +# +# DR_NODE DEFAULT ENABLED TLS PROTOCOLS +NodeHttpsProtocols = TLSv1.1|TLSv1.2 +# +# AAF type to generate permission string +AAFType = org.onap.dmaap-dr.feed +# +# AAF default instance to generate permission string - default should be legacy +AAFInstance = legacy +# +# AAF action to generate permission string - default should be publish +AAFAction = publish +# +# AAF URL to connect to AAF server +AafUrl = https://aaf-onap-test.osaaf.org:8095 +# +# AAF CADI enabled flag +CadiEnabled = false + |