From 3efae0b0708a357ad6c965414152941e21c9813f Mon Sep 17 00:00:00 2001 From: Michael Mokry Date: Wed, 22 Aug 2018 10:58:31 -0500 Subject: OOM changes to support PE https Made changes to the conf files and scripts to set installation variables and use https in urls Made changes to push-policies.sh and drools base.conf Change-Id: If06b91c7cd2f26f08dfabc1054b03f2813224ace Issue-ID: POLICY-781 Signed-off-by: Michael Mokry --- .../policy/charts/brmsgw/resources/config/pe/brmsgw.conf | 4 ++-- .../resources/config/opt/policy/config/drools/base.conf | 1 + kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf | 4 ++-- kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf | 2 +- .../charts/policy-common/resources/config/pe/base.conf | 1 + .../policy-common/resources/config/scripts/do-start.sh | 12 +++++++++--- 6 files changed, 16 insertions(+), 8 deletions(-) (limited to 'kubernetes/policy/charts') diff --git a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf index e7c6298759..2f65c87bc2 100644 --- a/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf +++ b/kubernetes/policy/charts/brmsgw/resources/config/pe/brmsgw.conf @@ -18,8 +18,8 @@ BRMSGW_JMX_PORT=9989 COMPONENT_X_MX_MB=1024 COMPONENT_X_MS_MB=1024 -REST_PAP_URL=http://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ -REST_PDP_ID=http://{{ .Values.global.pdp.nameOverride }}:{{.Values.config.pdpPort}}/pdp/ +REST_PAP_URL=https://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ +REST_PDP_ID=https://{{ .Values.global.pdp.nameOverride }}:{{.Values.config.pdpPort}}/pdp/ PDP_HTTP_USER_ID=testpdp PDP_HTTP_PASSWORD=alpha123 diff --git a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf index 1236176514..6962f9de31 100644 --- a/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf +++ b/kubernetes/policy/charts/drools/resources/config/opt/policy/config/drools/base.conf @@ -18,6 +18,7 @@ POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap/policy/pdpd JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 KEYSTORE_PASSWD=Pol1cy_0nap +TRUSTSTORE_PASSWD=Pol1cy_0nap # Telemetry credentials diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf index 8e0b88213d..52480e59ff 100644 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdp.conf @@ -29,8 +29,8 @@ TOMCAT_X_MX_MB=1024 UEB_CLUSTER=message-router -REST_PAP_URL=http://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ -REST_PDP_ID=http://${{"{{"}}FQDN{{"}}"}}:{{.Values.service.externalPort}}/pdp/ +REST_PAP_URL=https://{{ .Values.global.pap.nameOverride }}:{{.Values.config.papPort}}/pap/ +REST_PDP_ID=https://${{"{{"}}FQDN{{"}}"}}:{{.Values.service.externalPort}}/pdp/ REST_PDP_CONFIG=/opt/app/policy/servers/pdp/bin/config REST_PDP_WEBAPPS=/opt/app/policy/servers/pdp/webapps REST_PDP_REGISTER=true diff --git a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf index 7f894fd4a9..e7171c280e 100644 --- a/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf +++ b/kubernetes/policy/charts/pdp/resources/config/pe/pdplp.conf @@ -17,7 +17,7 @@ LOGPARSER_JMX_PORT=9997 LOGPARSER_X_MS_MB=1024 LOGPARSER_X_MX_MB=1024 -SERVER=http://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/ +SERVER=https://{{ include "common.servicename" . }}:{{.Values.service.externalPort}}/pdp/ LOGPATH=/var/log/onap/policy/pdpx/pdp-rest.log PARSERLOGPATH=/opt/app/policy/servers/pdplp/bin/IntegrityMonitor.log diff --git a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf index c5dd8ca2a7..be18e55746 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf +++ b/kubernetes/policy/charts/policy-common/resources/config/pe/base.conf @@ -16,6 +16,7 @@ JAVA_HOME=/usr/lib/jvm/java-8-openjdk-amd64 POLICY_HOME=/opt/app/policy POLICY_LOGS=/var/log/onap KEYSTORE_PASSWD=Pol1cy_0nap +TRUSTSTORE_PASSWD=Pol1cy_0nap JDBC_DRIVER=org.mariadb.jdbc.Driver JDBC_URL=jdbc:mariadb://{{ .Values.global.mariadb.nameOverride }}:{{.Values.config.mariadbPort}}/onap_sdk?connectTimeout=30000&socketTimeout=60000&log=true&sessionVariables=max_statement_time=30 diff --git a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh index defae52b4b..fc27782a2d 100644 --- a/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh +++ b/kubernetes/policy/charts/policy-common/resources/config/scripts/do-start.sh @@ -59,9 +59,15 @@ else . /opt/app/policy/etc/profile.d/env.sh # install keystore - #changed to use http instead of http, so keystore no longer needed - #cp config/policy-keystore.jks $POLICY_HOME/etc/ssl/policy-keystore - + # override the policy keystore and truststore if present + if [[ -f config/policy-keystore ]]; then + cp config/policy-keystore $POLICY_HOME/etc/ssl + fi + + if [[ -f config/policy-truststore ]]; then + cp -f config/policy-truststore $[POLICY_HOME]/etc/ssl + fi + if [[ -f config/$container-tweaks.sh ]] ; then # file may not be executable; running it as an # argument to bash avoids needing execute perms. -- cgit 1.2.3-korg