From bd2c6126ce400ff0e17d1f64840e4ade0ba26fd9 Mon Sep 17 00:00:00 2001 From: st782s Date: Fri, 28 Sep 2018 17:56:29 -0400 Subject: Portal HTTPs support Issue-ID: PORTAL-389 Change-Id: Ibdb91bcf1164d6c79312597416a0fa3214361f8f Signed-off-by: st782s --- .../resources/certs/keystoreONAP.keystore | Bin 0 -> 2228 bytes .../resources/certs/truststoreONAPall.jks | Bin 0 -> 117990 bytes .../charts/portal-app/resources/server/server.xml | 147 +++++++++++++++++++++ .../charts/portal-app/templates/configmap.yaml | 2 + .../charts/portal-app/templates/deployment.yaml | 21 ++- kubernetes/portal/charts/portal-app/values.yaml | 3 + kubernetes/portal/values.yaml | 5 +- 7 files changed, 175 insertions(+), 3 deletions(-) create mode 100644 kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore create mode 100644 kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks create mode 100644 kubernetes/portal/charts/portal-app/resources/server/server.xml diff --git a/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore new file mode 100644 index 0000000000..ff0f0d76a4 Binary files /dev/null and b/kubernetes/portal/charts/portal-app/resources/certs/keystoreONAP.keystore differ diff --git a/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks new file mode 100644 index 0000000000..ff844b109d Binary files /dev/null and b/kubernetes/portal/charts/portal-app/resources/certs/truststoreONAPall.jks differ diff --git a/kubernetes/portal/charts/portal-app/resources/server/server.xml b/kubernetes/portal/charts/portal-app/resources/server/server.xml new file mode 100644 index 0000000000..09c2f8405f --- /dev/null +++ b/kubernetes/portal/charts/portal-app/resources/server/server.xml @@ -0,0 +1,147 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/kubernetes/portal/charts/portal-app/templates/configmap.yaml b/kubernetes/portal/charts/portal-app/templates/configmap.yaml index 178e91c5fc..d4ef698f71 100644 --- a/kubernetes/portal/charts/portal-app/templates/configmap.yaml +++ b/kubernetes/portal/charts/portal-app/templates/configmap.yaml @@ -24,3 +24,5 @@ metadata: heritage: {{ .Release.Service }} data: {{ tpl (.Files.Glob "resources/config/deliveries/properties/ONAPPORTAL/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/server/*").AsConfig . | indent 2 }} +{{ tpl (.Files.Glob "resources/certs/*").AsConfig . | indent 2 }} diff --git a/kubernetes/portal/charts/portal-app/templates/deployment.yaml b/kubernetes/portal/charts/portal-app/templates/deployment.yaml index 2ab570aab2..3fc2741556 100644 --- a/kubernetes/portal/charts/portal-app/templates/deployment.yaml +++ b/kubernetes/portal/charts/portal-app/templates/deployment.yaml @@ -55,10 +55,20 @@ spec: - "" - -n - "" + env: + - name: javax.net.ssl.keyStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.keyStorePassword + value: {{ .Values.global.keypass }} + - name: javax.net.ssl.trustStore + value: {{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}} + - name: javax.net.ssl.trustStorePassword + value: {{ .Values.global.keypass }} ports: - containerPort: {{ .Values.service.internalPort }} - containerPort: {{ .Values.service.internalPort2 }} - containerPort: {{ .Values.service.internalPort3 }} + - containerPort: {{ .Values.service.internalPort4 }} {{- if eq .Values.liveness.enabled true }} livenessProbe: tcpSocket: @@ -93,8 +103,15 @@ spec: - name: properties-onapportal mountPath: "{{ .Values.global.env.tomcatDir }}/webapps/ONAPPORTAL/WEB-INF/classes/logback.xml" subPath: logback.xml - - name: portal-tomcat-logs - mountPath: "{{ .Values.global.env.tomcatDir }}/logs" + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/conf/server.xml" + subPath: server.xml + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.keystoreFile}}" + subPath: {{ .Values.global.keystoreFile}} + - name: properties-onapportal + mountPath: "{{ .Values.global.env.tomcatDir }}/{{ .Values.global.truststoreFile}}" + subPath: {{ .Values.global.truststoreFile}} - name: var-log-onap mountPath: /var/log/onap resources: diff --git a/kubernetes/portal/charts/portal-app/values.yaml b/kubernetes/portal/charts/portal-app/values.yaml index a71e0c4da3..0aba001fa4 100644 --- a/kubernetes/portal/charts/portal-app/values.yaml +++ b/kubernetes/portal/charts/portal-app/values.yaml @@ -63,6 +63,9 @@ service: externalPort3: 8010 internalPort3: 8009 nodePort3: 14 + externalPort4: 8443 + internalPort4: 8443 + nodePort4: 16 mariadb: service: diff --git a/kubernetes/portal/values.yaml b/kubernetes/portal/values.yaml index ac575b3c30..ecb7d5ecf6 100644 --- a/kubernetes/portal/values.yaml +++ b/kubernetes/portal/values.yaml @@ -20,11 +20,14 @@ global: portalPort: "8989" # application's front end hostname. Must be resolvable on the client side environment portalHostName: "portal.api.simpledemo.onap.org" + keystoreFile: "keystoreONAP.keystore" + truststoreFile: "keystoreONAPall.jks" + keypass: "changeit" config: logstashServiceName: log-ls logstashPort: 5044 - + portal-mariadb: nameOverride: portal-db -- cgit 1.2.3-korg