From 4b7026e95b93f2077f18d0681d55bbac022b5396 Mon Sep 17 00:00:00 2001 From: Keren Joseph Date: Tue, 12 Sep 2017 10:13:15 +0300 Subject: Revert "moving certs and keys to k8s secrets" This reverts commit 59ffd500ea34c201fbb3edc39e64655fa8381be0. Tested locally and does not work. DmaaP fails to come up causing many other pods to crash loop. failed to start container "dmaap": Error response from daemon: {"message":"invalid header field value "oci runtime error: container_linux.go:247:starting container process caused "process_linux.go:359: container init caused "rootfs_linux.go:53: mounting "/var/lib/kubelet/pods/9ae222e0-98a9-11e7-badd-02cfc855c3b9 /volumes/kubernetes.io~secret/mykey" to rootfs "/var/lib/docker/aufs/mnt /b92c56185f3371cb1f091679780d40797dd2c6124cd00cb8fe68da2b247363a8" at "/var/lib/docker/aufs/mnt/.../appl/dmaapMR1/etc/keyfile" caused "not a directory"""n""} Issue-ID: OOM-293 Change-Id: I348ffa14718bd6e89e99f2859cf6612c10370559 Signed-off-by: Mandeep Khinda --- .../aai/templates/data-router-deployment.yaml | 10 -------- .../aai/templates/modelloader-deployment.yaml | 5 ---- .../templates/search-data-service-deployment.yaml | 5 ---- kubernetes/aai/templates/sparky-be-deployment.yaml | 15 ------------ kubernetes/config/.helmignore | 3 +-- kubernetes/config/certs/aai/aai-os-cert.p12 | Bin 4357 -> 0 bytes kubernetes/config/certs/aai/client-cert-onap.p12 | Bin 2556 -> 0 bytes kubernetes/config/certs/aai/inventory-ui-keystore | Bin 7201 -> 0 bytes kubernetes/config/certs/aai/tomcat_keystore | Bin 2214 -> 0 bytes kubernetes/config/certs/message-router/mykey | 27 --------------------- kubernetes/config/certs/mso/aai.crt | 27 --------------------- kubernetes/config/certs/mso/encryption.key | 1 - kubernetes/config/certs/policy/policy-keystore | Bin 5640 -> 0 bytes .../appconfig/auth/client-cert-onap.p12 | Bin 0 -> 2556 bytes .../aai/data-router/appconfig/auth/tomcat_keystore | Bin 0 -> 2214 bytes .../model-loader/appconfig/auth/aai-os-cert.p12 | Bin 0 -> 4357 bytes .../sparky-be/appconfig/auth/inventory-ui-keystore | Bin 0 -> 7201 bytes .../init/src/config/message-router/dmaap/mykey | 27 +++++++++++++++++++++ .../config/docker/init/src/config/mso/mso/aai.crt | 27 +++++++++++++++++++++ .../docker/init/src/config/mso/mso/encryption.key | 1 + .../opt/policy/config/drools/policy-keystore | Bin 0 -> 5640 bytes .../templates/message-router-dmaap.yaml | 4 +-- kubernetes/mso/templates/mso-deployment.yaml | 10 -------- kubernetes/oneclick/createAll.bash | 10 -------- kubernetes/oneclick/deleteAll.bash | 14 +---------- kubernetes/policy/templates/dep-drools.yaml | 5 ---- 26 files changed, 59 insertions(+), 132 deletions(-) delete mode 100644 kubernetes/config/certs/aai/aai-os-cert.p12 delete mode 100644 kubernetes/config/certs/aai/client-cert-onap.p12 delete mode 100644 kubernetes/config/certs/aai/inventory-ui-keystore delete mode 100644 kubernetes/config/certs/aai/tomcat_keystore delete mode 100755 kubernetes/config/certs/message-router/mykey delete mode 100755 kubernetes/config/certs/mso/aai.crt delete mode 100644 kubernetes/config/certs/mso/encryption.key delete mode 100755 kubernetes/config/certs/policy/policy-keystore create mode 100644 kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/client-cert-onap.p12 create mode 100644 kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/tomcat_keystore create mode 100644 kubernetes/config/docker/init/src/config/aai/model-loader/appconfig/auth/aai-os-cert.p12 create mode 100644 kubernetes/config/docker/init/src/config/aai/sparky-be/appconfig/auth/inventory-ui-keystore create mode 100755 kubernetes/config/docker/init/src/config/message-router/dmaap/mykey create mode 100755 kubernetes/config/docker/init/src/config/mso/mso/aai.crt create mode 100644 kubernetes/config/docker/init/src/config/mso/mso/encryption.key create mode 100755 kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore diff --git a/kubernetes/aai/templates/data-router-deployment.yaml b/kubernetes/aai/templates/data-router-deployment.yaml index 0033208642..f823061c33 100644 --- a/kubernetes/aai/templates/data-router-deployment.yaml +++ b/kubernetes/aai/templates/data-router-deployment.yaml @@ -35,10 +35,6 @@ spec: volumeMounts: - mountPath: /opt/app/data-router/config/ name: data-router-config - - mountPath: /opt/app/data-router/config/auth/tomcat_keystore - name: data-router-tomcat-key - - mountPath: /opt/app/data-router/config/auth/client-cert-onap.p12 - name: data-router-client-cert - mountPath: /opt/app/data-router/dynamic/ name: data-router-dynamic - mountPath: /logs/ @@ -60,12 +56,6 @@ spec: - name: data-router-logs hostPath: path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/data-router/logs/" - - name: data-router-tomcat-key - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai - - name: data-router-client-cert - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai restartPolicy: Always imagePullSecrets: - name: "{{ .Values.nsPrefix }}-docker-registry-key" diff --git a/kubernetes/aai/templates/modelloader-deployment.yaml b/kubernetes/aai/templates/modelloader-deployment.yaml index ec6a9178a7..5391273d9d 100644 --- a/kubernetes/aai/templates/modelloader-deployment.yaml +++ b/kubernetes/aai/templates/modelloader-deployment.yaml @@ -20,8 +20,6 @@ spec: volumeMounts: - mountPath: /opt/app/model-loader/config/ name: aai-model-loader-config - - mountPath: /opt/app/model-loader/config/auth/aai-os-cert.p12 - name: aai-os-cert - mountPath: /logs/ name: aai-model-loader-logs image: "{{ .Values.image.modelLoaderImage }}:{{ .Values.image.modelLoaderVersion }}" @@ -37,9 +35,6 @@ spec: - name: aai-model-loader-logs hostPath: path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/model-loader/logs/" - - name: aai-os-cert - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai restartPolicy: Always imagePullSecrets: - name: "{{ .Values.nsPrefix }}-docker-registry-key" diff --git a/kubernetes/aai/templates/search-data-service-deployment.yaml b/kubernetes/aai/templates/search-data-service-deployment.yaml index 8f4acef7cb..f2db9370fd 100644 --- a/kubernetes/aai/templates/search-data-service-deployment.yaml +++ b/kubernetes/aai/templates/search-data-service-deployment.yaml @@ -27,8 +27,6 @@ spec: volumeMounts: - mountPath: /opt/app/search-data-service/config/ name: aai-search-data-service-config - - mountPath: /opt/app/search-data-service/config/auth/tomcat_keystore - name: aai-tomcat-key - mountPath: /logs/ name: aai-search-data-service-logs ports: @@ -42,9 +40,6 @@ spec: - name: aai-search-data-service-config hostPath: path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/appconfig/" - - name: aai-tomcat-key - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai - name: aai-search-data-service-logs hostPath: path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/search-data-service/logs/" diff --git a/kubernetes/aai/templates/sparky-be-deployment.yaml b/kubernetes/aai/templates/sparky-be-deployment.yaml index f4c44e28ed..6a8ff9308d 100644 --- a/kubernetes/aai/templates/sparky-be-deployment.yaml +++ b/kubernetes/aai/templates/sparky-be-deployment.yaml @@ -27,12 +27,6 @@ spec: volumeMounts: - mountPath: /opt/app/sparky/config/ name: aai-sparky-be-config - - mountPath: /opt/app/sparky/config/auth/client-cert-onap.p12 - name: aai-sparky-be-client-cert - - mountPath: /opt/app/sparky/config/auth/aai-os-cert.p12 - name: aai-sparky-be-aai-os-cert - - mountPath: /opt/app/sparky/config/auth/inventory-ui-keystore - name: aai-sparky-be-inventory-key - mountPath: /logs/ name: aai-sparky-be-logs ports: @@ -49,15 +43,6 @@ spec: - name: aai-sparky-be-logs hostPath: path: "/dockerdata-nfs/{{ .Values.nsPrefix }}/aai/sparky-be/logs/" - - name: aai-sparky-be-client-cert - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai - - name: aai-sparky-be-aai-os-cert - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai - - name: aai-sparky-be-inventory-key - secret: - secretName: secret-{{ .Values.nsPrefix }}-aai restartPolicy: Always imagePullSecrets: - name: "{{ .Values.nsPrefix }}-docker-registry-key" diff --git a/kubernetes/config/.helmignore b/kubernetes/config/.helmignore index bc7bb96055..4c38baed31 100644 --- a/kubernetes/config/.helmignore +++ b/kubernetes/config/.helmignore @@ -22,5 +22,4 @@ #ignore config docker image files docker -createConfig.sh -certs +createConfig.sh \ No newline at end of file diff --git a/kubernetes/config/certs/aai/aai-os-cert.p12 b/kubernetes/config/certs/aai/aai-os-cert.p12 deleted file mode 100644 index ee57120fa0..0000000000 Binary files a/kubernetes/config/certs/aai/aai-os-cert.p12 and /dev/null differ diff --git a/kubernetes/config/certs/aai/client-cert-onap.p12 b/kubernetes/config/certs/aai/client-cert-onap.p12 deleted file mode 100644 index dbf4fcacec..0000000000 Binary files a/kubernetes/config/certs/aai/client-cert-onap.p12 and /dev/null differ diff --git a/kubernetes/config/certs/aai/inventory-ui-keystore b/kubernetes/config/certs/aai/inventory-ui-keystore deleted file mode 100644 index efa01f8d79..0000000000 Binary files a/kubernetes/config/certs/aai/inventory-ui-keystore and /dev/null differ diff --git a/kubernetes/config/certs/aai/tomcat_keystore b/kubernetes/config/certs/aai/tomcat_keystore deleted file mode 100644 index 9eec841aa2..0000000000 Binary files a/kubernetes/config/certs/aai/tomcat_keystore and /dev/null differ diff --git a/kubernetes/config/certs/message-router/mykey b/kubernetes/config/certs/message-router/mykey deleted file mode 100755 index c2b8b8779b..0000000000 --- a/kubernetes/config/certs/message-router/mykey +++ /dev/null @@ -1,27 +0,0 @@ -_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk -k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF -Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D -zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz -Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp -JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i -Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG -afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS -JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh -yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7 -VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ -fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT -rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz -bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K -Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh -QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e -h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB -9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9 -oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj -a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE -XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R -ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3 -JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3 -AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe -Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV -IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g -ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA \ No newline at end of file diff --git a/kubernetes/config/certs/mso/aai.crt b/kubernetes/config/certs/mso/aai.crt deleted file mode 100755 index 4ffa426c1e..0000000000 --- a/kubernetes/config/certs/mso/aai.crt +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIEiTCCA3GgAwIBAgIJAIPKfDLcn3MpMA0GCSqGSIb3DQEBCwUAMIGtMQswCQYD -VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV -BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzEqMCgGA1UEAwwhT3Bl -bkVDT01QIHNpbXBsZWRlbW8gU2VydmVyIENBIFgxMScwJQYJKoZIhvcNAQkBFhhz -aW1wbGVkZW1vQG9wZW5lY29tcC5vcmcwHhcNMTYxMTMwMTUzODM5WhcNMTcxMTMw -MTUzODM5WjCBuTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApC -ZWRtaW5zdGVyMRIwEAYDVQQKDAlPcGVuRUNPTVAxEzARBgNVBAsMClNpbXBsZURl -bW8xKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAub3JnMTQw -MgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAu -b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrQl8A0rT0Jjlos -Mr/7LEhT5UOif4GGPOk+3NCIxT3lOqAbUf+d9ZXyT2jWFRiKWua03vQ+Dxc8c2h2 -RRuH8LwEiOiWqPjWRxNqsARzZMI3ryHFCFBZh0FcpjH9kEeKVlLDYuV68k+ZucKd -NiqUNn61lD7kbmEGwvzKwf91FrJ09+CBMx1OnWKm3gCNKDqAEFMZCOdn2MgesJYB -/03lzPBS1jDfBXImXRcTBzpgA+wdCLn0cIQ1eLWUwS5tUqUJNh36nHdVyJ0P2Yjd -JLuxhFcmBKOz1ShyyO+BBtKBO8EGbU6qKflOiwOw0Fsn8LjKcrHQ58NPui5y04BU -Rypf3QIDAQABo4GdMIGaMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgO4MB0G -A1UdDgQWBBQyMUOsE2J+CKzK0qd8KFBD2gaWyjBbBgNVHSAEVDBSMFAGBFUdIAAw -SDBGBggrBgEFBQcCAjA6GjhLZWVwIGF3YXkgZnJvbSBjaGlsZHJlbi4gIFRoaXMg -Y2VydGlmaWNhdGUgaXMgbm90IGEgdG95LjANBgkqhkiG9w0BAQsFAAOCAQEAnkoy -2tWJOyyyIQwtVojUxv1GWQPnw3WCUcKpuX4CJhHXLxNErW1fBg7bmo08BNmBPPpq -WrJsy5lbBgUo9kgpViux5Stfy1rRIRsRLfl/icgCvJmUAxkmRCZL7yUvwG4K7s+8 -DwT+nW/XuWNP6Hd/qHccexB6COJ8KwvTdVoxAkCdX8qw4MCb/f7Kb1yle/vwBM5Q -UUONCJ4bEns1vnb9DGlNDUJNwCfwORAaVJpVS38Mv4UnSTmb2KMePtCWcx/dNsYR -2XrSGqLDnTvHwOpyhbfFTmackysGoSuDytORXy8YbwEiF13BwEK8i3rgNN0Z2ojf -cpmE2xxmaa+A2uuN6g== ------END CERTIFICATE----- \ No newline at end of file diff --git a/kubernetes/config/certs/mso/encryption.key b/kubernetes/config/certs/mso/encryption.key deleted file mode 100644 index eb52241e7f..0000000000 --- a/kubernetes/config/certs/mso/encryption.key +++ /dev/null @@ -1 +0,0 @@ -aa3871669d893c7fb8abbcda31b88b4f diff --git a/kubernetes/config/certs/policy/policy-keystore b/kubernetes/config/certs/policy/policy-keystore deleted file mode 100755 index ab25c3a341..0000000000 Binary files a/kubernetes/config/certs/policy/policy-keystore and /dev/null differ diff --git a/kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/client-cert-onap.p12 b/kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/client-cert-onap.p12 new file mode 100644 index 0000000000..dbf4fcacec Binary files /dev/null and b/kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/client-cert-onap.p12 differ diff --git a/kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/tomcat_keystore b/kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/tomcat_keystore new file mode 100644 index 0000000000..9eec841aa2 Binary files /dev/null and b/kubernetes/config/docker/init/src/config/aai/data-router/appconfig/auth/tomcat_keystore differ diff --git a/kubernetes/config/docker/init/src/config/aai/model-loader/appconfig/auth/aai-os-cert.p12 b/kubernetes/config/docker/init/src/config/aai/model-loader/appconfig/auth/aai-os-cert.p12 new file mode 100644 index 0000000000..ee57120fa0 Binary files /dev/null and b/kubernetes/config/docker/init/src/config/aai/model-loader/appconfig/auth/aai-os-cert.p12 differ diff --git a/kubernetes/config/docker/init/src/config/aai/sparky-be/appconfig/auth/inventory-ui-keystore b/kubernetes/config/docker/init/src/config/aai/sparky-be/appconfig/auth/inventory-ui-keystore new file mode 100644 index 0000000000..efa01f8d79 Binary files /dev/null and b/kubernetes/config/docker/init/src/config/aai/sparky-be/appconfig/auth/inventory-ui-keystore differ diff --git a/kubernetes/config/docker/init/src/config/message-router/dmaap/mykey b/kubernetes/config/docker/init/src/config/message-router/dmaap/mykey new file mode 100755 index 0000000000..c2b8b8779b --- /dev/null +++ b/kubernetes/config/docker/init/src/config/message-router/dmaap/mykey @@ -0,0 +1,27 @@ +_sNOLphPzrU7L0L3oWv0pYwgV_ddGF1XoBsQEIAp34jfP-fGJFPfFYaMpDEZ3gwH59rNw6qyMZHk +k-4irklvVcWk36lC3twNvc0DueRCVrws1bkuhOLCXdxHJx-YG-1xM8EJfRmzh79WPlPkbAdyPmFF +Ah44V0GjAnInPOFZA6MHP9rNx9B9qECHRfmvzU13vJCcgTsrmOr-CEiWfRsnzPjsICxpq9OaVT_D +zn6rNaroGm1OiZNCrCgvRkCUHPOOCw3j9G1GeaImoZNYtozbz9u4sj13PU-MxIIAa64b1bMMMjpz +Upc8lVPI4FnJKg6axMmEGn5zJ6JUq9mtOVyPj__2GEuDgpx5H4AwodXXVjFsVgR8UJwI_BvS2JVp +JoQk0J1RqXmAXVamlsMAfzmmbARXgmrBfnuhveZnh9ymFVU-YZeujdANniXAwBGI7c6hG_BXkH7i +Eyf4Fn41_SV78PskP6qgqJahr9r3bqdjNbKBztIKCOEVrE_w3IM5r02l-iStk_NBRkj6cq_7VCpG +afxZ2CtZMwuZMiypO_wOgbdpCSKNzsL-NH2b4b08OlKiWb263gz634KJmV5WEfCl-6eH-JUFbWOS +JwQfActLNT2ZQPl2MyZQNBzJEWoJRgS6k7tPRO-zqeUtYYHGHVMCxMuMHGQcoilNNHEFeBCG_fBh +yAKb9g9F86Cbx9voMLiyTX2T3rwVHiSJFOzfNxGmfN5JWOthIun_c5hEY1tLQ15BomzkDwk7BAj7 +VbRCrVD45B6xrmSTMBSWYmLyr6mnQxQqeh9cMbD-0ZAncE3roxRnRvPKjFFa208ykYUp2V83r_PJ +fV5I9ZPKSjk9DwFyrjkcQQEYDhdK6IFqcd6nEthjYVkmunu2fsX0bIOm9GGdIbKGqBnpdgBO5hyT +rBr9HSlZrHcGdti1R823ckDF0Ekcl6kioDr5NLIpLtg9zUEDRm3QrbX2mv5Zs8W0pYnOqglxy3lz +bJZTN7oR7VasHUtjmp0RT9nLZkUs5TZ6MHhlIq3ZsQ6w_Q9Rv1-ofxfwfCC4EBrWKbWAGCf6By4K +Ew8321-2YnodhmsK5BrT4zQ1DZlmUvK8BmYjZe7wTljKjgYcsLTBfX4eMhJ7MIW1kpnl8AbiBfXh +QzN56Mki51Q8PSQWHm0W9tnQ0z6wKdck6zBJ8JyNzewZahFKueDTn-9DOqIDfr3YHvQLLzeXyJ8e +h4AgjW-hvlLzRGtkCknjLIgXVa3rMTycseAwbW-mgdCqqkw3SdEG8feAcyntmvE8j2jbtSDStQMB +9JdvyNLuQdNG4pxpusgvVso0-8NQF0YVa9VFwg9U6IPSx5p8FcW68OAHt_fEgT4ZtiH7o9aur4o9 +oYqUh2lALCY-__9QLq1KkNjMKs33Jz9E8LbRerG9PLclkTrxCjYAeUWBjCwSI7OB7xkuaYDSjkjj +a46NLpdBN1GNcsFFcZ79GFAK0_DsyxGLX8Tq6q0Bvhs8whD8wlSxpTGxYkyqNX-vcb7SDN_0WkCE +XSdZWkqTHXcYbOvoCOb_e6SFAztuMenuHWY0utX0gBfx_X5lPDFyoYXErxFQHiA7t27keshXNa6R +ukQRRS8kMjre1U74sc-fRNXkXpl57rG4rgxaEX0eBeowa53KAsVvUAoSac2aC_nfzXrDvoyf9Xi3 +JpEZNhUDLpFCEycV4I7jGQ9wo9qNaosvlsr6kbLDNdb_1xrGVgjT3xEvRNJNPqslSAu-yD-UFhC3 +AmCdYUnugw_eEFqXCHTARcRkdPPvl2XsmEKY2IqEeO5tz4DyXQFaL-5hEVh6lYEU1EOWHk3UGIXe +Vc5_Ttp82qNLmlJPbZvgmNTJzYTHDQ_27KBcp7IVVZgPDjVKdWqQvZ18KhxvfF3Idgy82LBZniFV +IbtxllXiPRxoPQriSXMnXjh3XkvSDI2pFxXfEvLRn1tvcFOwPNCz3QfPIzYg8uYXN5bRt3ZOrR_g +ZhIlrc7HO0VbNbeqEVPKMZ-cjkqGj4VAuDKoQc0eQ6X_wCoAGO78nPpLeIvZPx1X3z5YoqNA \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/mso/mso/aai.crt b/kubernetes/config/docker/init/src/config/mso/mso/aai.crt new file mode 100755 index 0000000000..4ffa426c1e --- /dev/null +++ b/kubernetes/config/docker/init/src/config/mso/mso/aai.crt @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEiTCCA3GgAwIBAgIJAIPKfDLcn3MpMA0GCSqGSIb3DQEBCwUAMIGtMQswCQYD +VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV +BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzEqMCgGA1UEAwwhT3Bl +bkVDT01QIHNpbXBsZWRlbW8gU2VydmVyIENBIFgxMScwJQYJKoZIhvcNAQkBFhhz +aW1wbGVkZW1vQG9wZW5lY29tcC5vcmcwHhcNMTYxMTMwMTUzODM5WhcNMTcxMTMw +MTUzODM5WjCBuTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApC +ZWRtaW5zdGVyMRIwEAYDVQQKDAlPcGVuRUNPTVAxEzARBgNVBAsMClNpbXBsZURl +bW8xKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAub3JnMTQw +MgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAu +b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrQl8A0rT0Jjlos +Mr/7LEhT5UOif4GGPOk+3NCIxT3lOqAbUf+d9ZXyT2jWFRiKWua03vQ+Dxc8c2h2 +RRuH8LwEiOiWqPjWRxNqsARzZMI3ryHFCFBZh0FcpjH9kEeKVlLDYuV68k+ZucKd +NiqUNn61lD7kbmEGwvzKwf91FrJ09+CBMx1OnWKm3gCNKDqAEFMZCOdn2MgesJYB +/03lzPBS1jDfBXImXRcTBzpgA+wdCLn0cIQ1eLWUwS5tUqUJNh36nHdVyJ0P2Yjd +JLuxhFcmBKOz1ShyyO+BBtKBO8EGbU6qKflOiwOw0Fsn8LjKcrHQ58NPui5y04BU +Rypf3QIDAQABo4GdMIGaMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgO4MB0G +A1UdDgQWBBQyMUOsE2J+CKzK0qd8KFBD2gaWyjBbBgNVHSAEVDBSMFAGBFUdIAAw +SDBGBggrBgEFBQcCAjA6GjhLZWVwIGF3YXkgZnJvbSBjaGlsZHJlbi4gIFRoaXMg +Y2VydGlmaWNhdGUgaXMgbm90IGEgdG95LjANBgkqhkiG9w0BAQsFAAOCAQEAnkoy +2tWJOyyyIQwtVojUxv1GWQPnw3WCUcKpuX4CJhHXLxNErW1fBg7bmo08BNmBPPpq +WrJsy5lbBgUo9kgpViux5Stfy1rRIRsRLfl/icgCvJmUAxkmRCZL7yUvwG4K7s+8 +DwT+nW/XuWNP6Hd/qHccexB6COJ8KwvTdVoxAkCdX8qw4MCb/f7Kb1yle/vwBM5Q +UUONCJ4bEns1vnb9DGlNDUJNwCfwORAaVJpVS38Mv4UnSTmb2KMePtCWcx/dNsYR +2XrSGqLDnTvHwOpyhbfFTmackysGoSuDytORXy8YbwEiF13BwEK8i3rgNN0Z2ojf +cpmE2xxmaa+A2uuN6g== +-----END CERTIFICATE----- \ No newline at end of file diff --git a/kubernetes/config/docker/init/src/config/mso/mso/encryption.key b/kubernetes/config/docker/init/src/config/mso/mso/encryption.key new file mode 100644 index 0000000000..eb52241e7f --- /dev/null +++ b/kubernetes/config/docker/init/src/config/mso/mso/encryption.key @@ -0,0 +1 @@ +aa3871669d893c7fb8abbcda31b88b4f diff --git a/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore new file mode 100755 index 0000000000..ab25c3a341 Binary files /dev/null and b/kubernetes/config/docker/init/src/config/policy/opt/policy/config/drools/policy-keystore differ diff --git a/kubernetes/message-router/templates/message-router-dmaap.yaml b/kubernetes/message-router/templates/message-router-dmaap.yaml index 0579541cb1..59c57f85f6 100644 --- a/kubernetes/message-router/templates/message-router-dmaap.yaml +++ b/kubernetes/message-router/templates/message-router-dmaap.yaml @@ -69,7 +69,7 @@ spec: hostPath: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/message-router/dmaap/cadi.properties - name: mykey - secret: - secretName: secret-{{ .Values.nsPrefix }}-message-router + hostPath: + path: /dockerdata-nfs/{{ .Values.nsPrefix }}/message-router/dmaap/mykey imagePullSecrets: - name: "{{ .Values.nsPrefix }}-docker-registry-key" diff --git a/kubernetes/mso/templates/mso-deployment.yaml b/kubernetes/mso/templates/mso-deployment.yaml index 9414990201..0f3034f4cc 100644 --- a/kubernetes/mso/templates/mso-deployment.yaml +++ b/kubernetes/mso/templates/mso-deployment.yaml @@ -49,10 +49,6 @@ spec: volumeMounts: - mountPath: /shared name: mso - - mountPath: /shared/aai.crt - name: mso-aai-crt - - mountPath: /shared/encryption.key - name: mso-key - mountPath: /docker-files name: mso-docker-files env: @@ -76,11 +72,5 @@ spec: - name: mso-docker-files hostPath: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/mso/docker-files - - name: mso-aai-crt - secret: - secretName: secret-{{ .Values.nsPrefix }}-mso - - name: mso-key - secret: - secretName: secret-{{ .Values.nsPrefix }}-mso imagePullSecrets: - name: "{{ .Values.nsPrefix }}-docker-registry-key" diff --git a/kubernetes/oneclick/createAll.bash b/kubernetes/oneclick/createAll.bash index 5012a52d20..7be2e6a7de 100755 --- a/kubernetes/oneclick/createAll.bash +++ b/kubernetes/oneclick/createAll.bash @@ -39,14 +39,6 @@ create_registry_key() { check_return_code $cmd } -create_certs_secret() { - if [ -d $LOCATION/config/certs/$i/ ]; then - printf "\nCreating certs and keys secret **********\n" - _CERTS_FILES=$(find $LOCATION/config/certs/$2/ -type f | awk '$0="--from-file="$0' ORS=' ') - kubectl create secret generic secret-$1-$2 $_CERTS_FILES -n $1-$2 - fi -} - create_onap_helm() { HELM_VALUES_ADDITION="" if [[ ! -z $HELM_VALUES_FILEPATH ]]; then @@ -140,8 +132,6 @@ for i in ${HELM_APPS[@]}; do printf "\nCreating registry secret **********\n" create_registry_key $NS $i ${NS}-docker-registry-key $ONAP_DOCKER_REGISTRY $DU $DP $ONAP_DOCKER_MAIL - create_certs_secret $NS $i - printf "\nCreating deployments and services **********\n" create_onap_helm $NS $i $start diff --git a/kubernetes/oneclick/deleteAll.bash b/kubernetes/oneclick/deleteAll.bash index f7c48fd18d..40d070124a 100755 --- a/kubernetes/oneclick/deleteAll.bash +++ b/kubernetes/oneclick/deleteAll.bash @@ -16,13 +16,6 @@ delete_registry_key() { kubectl --namespace $1-$2 delete secret ${1}-docker-registry-key } -delete_certs_secret() { - if [ -d $LOCATION/config/certs/$i/ ]; then - kubectl delete secret secret-$1-$2 -n $1-$2 - fi -} - - delete_app_helm() { helm delete $1-$2 --purge } @@ -43,9 +36,8 @@ EOF NS= INCL_SVC=false APP= -LOCATION="../" -while getopts ":n:u:s:a:l:" PARAM; do +while getopts ":n:u:s:a:" PARAM; do case $PARAM in u) usage @@ -61,9 +53,6 @@ while getopts ":n:u:s:a:l:" PARAM; do exit 1 fi ;; - l) - LOCATION=${OPTARG} - ;; ?) usage exit @@ -85,7 +74,6 @@ printf "\n********** Cleaning up ONAP: ${ONAP_APPS[*]}\n" for i in ${HELM_APPS[@]}; do - delete_certs_secret $NS $i delete_app_helm $NS $i delete_namespace $NS $i diff --git a/kubernetes/policy/templates/dep-drools.yaml b/kubernetes/policy/templates/dep-drools.yaml index 7da046e156..75055c10d8 100644 --- a/kubernetes/policy/templates/dep-drools.yaml +++ b/kubernetes/policy/templates/dep-drools.yaml @@ -66,8 +66,6 @@ spec: volumeMounts: - mountPath: /tmp/policy-install/config name: drools - - mountPath: /tmp/policy-install/config/policy-keystore - name: drools-keystore - mountPath: /usr/share/maven/conf/settings.xml name: drools-settingsxml volumes: @@ -77,8 +75,5 @@ spec: - name: drools hostPath: path: /dockerdata-nfs/{{ .Values.nsPrefix }}/policy/opt/policy/config/drools/ - - name: drools-keystore - secret: - secretName: secret-{{ .Values.nsPrefix }}-policy imagePullSecrets: - name: "{{ .Values.nsPrefix }}-docker-registry-key" -- cgit 1.2.3-korg