From 3502e73a2762fc50f9ba3ae5d65a3efe5f05bead Mon Sep 17 00:00:00 2001 From: Andreas Geissler Date: Mon, 14 Nov 2022 13:37:48 +0100 Subject: [DCAE] Revert TLS disabling for external DCAE MSs For Kohn we still base on AAF CM to provide TLS on the external DCAE services: - dcae-ves-collector - dcae-hv-ves-collector - dcae-datafile-collector - dcae-pm-mapper connection to dmaap-dr-node For London this will be changed to use Ingress TLS Issue-ID: OOM-2775 Signed-off-by: Andreas Geissler Change-Id: I1deb6492483c6ae2db7b5437319dc722d78727c0 --- .../dcaegen2-services/components/dcae-hv-ves-collector/values.yaml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml') diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index 5d04aff9c8..da3f47358b 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -59,7 +59,7 @@ certDirectory: /etc/ves-hv/ssl # TLS role -- set to true if microservice acts as server # If true, an init container will retrieve a server cert # and key from AAF and mount them in certDirectory. -tlsServer: false +tlsServer: true secrets: - uid: hv-ves-kafka-secret @@ -95,6 +95,9 @@ certificates: create: true # dependencies +readinessCheck: + wait_for: + - aaf-cm # probe configuration readiness: @@ -133,7 +136,7 @@ applicationConfig: server.idleTimeoutSec: 300 server.listenPort: 6061 cbs.requestIntervalSec: 5 - security.sslDisable: true + security.sslDisable: false security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks security.keys.keyStorePasswordFile: /etc/ves-hv/ssl/jks.pass security.keys.trustStoreFile: /etc/ves-hv/ssl/trust.jks -- cgit 1.2.3-korg