From b0841b8527bed94f329b8be2485411564789a637 Mon Sep 17 00:00:00 2001 From: Andreas Geissler Date: Fri, 16 Dec 2022 10:40:21 +0100 Subject: [DCAE] Remove AAF dependencies from external MSs Disable TLS settings in DCAE MSs (undo temporary fix of patch 132178) and remove AAF dependency in - dcae-ves-collector - dcae-hv-ves-collector - dcae-datafile-collector - dcae-pm-mapper - dcae-restconf-collector - dcae-ves-openapi-manager (update SDC connection) This patch will require changes in existing E2E tests Issue-ID: OOM-3068 Signed-off-by: Andreas Geissler Change-Id: Iad42ef84f7012f9e6a23c1a6b65cb4e9e1628077 --- .../components/dcae-datafile-collector/values.yaml | 3 +-- .../components/dcae-hv-ves-collector/Chart.yaml | 3 --- .../components/dcae-hv-ves-collector/values.yaml | 9 ++------- .../components/dcae-pm-mapper/values.yaml | 11 ++++++++--- .../components/dcae-restconf-collector/values.yaml | 14 ++++++++------ .../components/dcae-ves-collector/values.yaml | 5 ++--- .../components/dcae-ves-openapi-manager/values.yaml | 4 ++-- 7 files changed, 23 insertions(+), 26 deletions(-) (limited to 'kubernetes') diff --git a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml index cbe02a1bf9..d990e4d299 100644 --- a/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-datafile-collector/values.yaml @@ -69,7 +69,7 @@ certDirectory: /opt/app/datafile/etc/cert # TLS role -- set to true if microservice acts as server # If true, an init container will retrieve a server cert # and key from AAF and mount them in certDirectory. -tlsServer: true +tlsServer: false # CMPv2 certificate # It is used only when: @@ -97,7 +97,6 @@ certificates: readinessCheck: wait_for: containers: - - aaf-cm - dmaap-bc - dmaap-provisioning-job - message-router diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml index 59fda72e2a..502a6a88d6 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/Chart.yaml @@ -27,9 +27,6 @@ dependencies: - name: common version: ~12.x-0 repository: '@local' - - name: readinessCheck - version: ~12.x-0 - repository: '@local' - name: repositoryGenerator version: ~12.x-0 repository: '@local' diff --git a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml index da3f47358b..f788ab0369 100644 --- a/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-hv-ves-collector/values.yaml @@ -59,7 +59,7 @@ certDirectory: /etc/ves-hv/ssl # TLS role -- set to true if microservice acts as server # If true, an init container will retrieve a server cert # and key from AAF and mount them in certDirectory. -tlsServer: true +tlsServer: false secrets: - uid: hv-ves-kafka-secret @@ -94,11 +94,6 @@ certificates: key: password create: true -# dependencies -readinessCheck: - wait_for: - - aaf-cm - # probe configuration readiness: type: exec @@ -136,7 +131,7 @@ applicationConfig: server.idleTimeoutSec: 300 server.listenPort: 6061 cbs.requestIntervalSec: 5 - security.sslDisable: false + security.sslDisable: true security.keys.keyStoreFile: /etc/ves-hv/ssl/cert.jks security.keys.keyStorePasswordFile: /etc/ves-hv/ssl/jks.pass security.keys.trustStoreFile: /etc/ves-hv/ssl/trust.jks diff --git a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml index a2479b62e2..5cdd5db7b9 100644 --- a/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-pm-mapper/values.yaml @@ -135,11 +135,11 @@ applicationConfig: aaf_identity: "" aaf_password: "" pm-mapper-filter: "{ \"filters\":[] }" - key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks - key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass + #key_store_path: /opt/app/pm-mapper/etc/cert/cert.jks + #key_store_pass_path: /opt/app/pm-mapper/etc/cert/jks.pass trust_store_path: /opt/app/pm-mapper/etc/cert/trust.jks trust_store_pass_path: /opt/app/pm-mapper/etc/cert/trust.pass - dmaap_dr_delete_endpoint: https://dmaap-dr-node:8443/delete + dmaap_dr_delete_endpoint: http://dmaap-dr-node:8080/delete streams_publishes: dmaap_publisher: type: message_router @@ -160,6 +160,11 @@ applicationConfig: location: san-francisco delivery_url: http://dcae-pm-mapper:8081/delivery +applicationEnv: + #CBS_CLIENT_CONFIG_PATH: '/app-config-input/application_config.yaml' + #Temporary Dummy CBS Port Value until internal SDK library is updated + CONFIG_BINDING_SERVICE_SERVICE_PORT: '0000' + # DataRouter Feed Configuration drFeedConfig: - feedName: bulk_pm_feed diff --git a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml index d9fd33ff18..dcbedf4b2f 100644 --- a/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-restconf-collector/values.yaml @@ -132,12 +132,14 @@ applicationConfig: collector.rcc.inputQueue.maxPending: '8096' tomcat.maxthreads: '200' collector.rcc.service.port: '8080' - collector.rcc.service.secure.port: '8687' - collector.rcc.keystore.file.location: /opt/app/dcae-certificate/cert.jks - collector.rcc.keystore.passwordfile: /opt/app/dcae-certificate/jks.pass - collector.rcc.keystore.alias: dynamically generated - collector.rcc.truststore.file.location: /opt/app/dcae-certificate/trust.jks - collector.rcc.truststore.passwordfile: /opt/app/dcae-certificate/trust.pass + # Disabling of secure port not working (DCAEGEN2-3336) + collector.rcc.service.secure.port: '0' + #collector.rcc.service.secure.port: '8687' + #collector.rcc.keystore.file.location: /opt/app/dcae-certificate/cert.jks + #collector.rcc.keystore.passwordfile: /opt/app/dcae-certificate/jks.pass + #collector.rcc.keystore.alias: dynamically generated + #collector.rcc.truststore.file.location: /opt/app/dcae-certificate/trust.jks + #collector.rcc.truststore.passwordfile: /opt/app/dcae-certificate/trust.pass #collector.keystore.file.location: /opt/app/dcae-certificate/external/cert.jks #collector.keystore.passwordfile: /opt/app/dcae-certificate/external/jks.pass collector.header.authflag: '0' diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml index e0b2b12087..9e9750a56f 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-collector/values.yaml @@ -59,7 +59,7 @@ certDirectory: /opt/app/dcae-certificate # TLS role -- set to true if microservice acts as server # If true, an init container will retrieve a server cert # and key from AAF and mount them in certDirectory. -tlsServer: true +tlsServer: false # CMPv2 certificate # It is used only when: @@ -86,7 +86,6 @@ certificates: # dependencies readinessCheck: wait_for: - - aaf-cm - message-router # probe configuration @@ -141,7 +140,7 @@ applicationConfig: collector.service.port: "8080" collector.service.secure.port: "8443" event.transform.flag: "0" - auth.method: "certBasicAuth" + auth.method: "noAuth" header.authlist: "sample1,$2a$10$0buh.2WeYwN868YMwnNNEuNEAMNYVU9.FSMJGyIKV3dGET/7oGOi6|demouser,$2a$10$1cc.COcqV/d3iT2N7BjPG.S6ZKv2jpb9a5MV.o7lMih/GpjJRX.Ce" services_calls: [] streams_publishes: diff --git a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml index 4f1f18444c..d2f73e6814 100644 --- a/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml +++ b/kubernetes/dcaegen2-services/components/dcae-ves-openapi-manager/values.yaml @@ -51,7 +51,7 @@ service: port: *svc_port externalServices: - sdc_be_https: "sdc-be:8443" + sdc_be_https: "sdc-be:8080" schemaMap: filename: "schema-map.json" @@ -103,7 +103,7 @@ applicationConfig: eventDomainPath: /event/structure/commonEventHeader/structure/domain/value eventSchemaReferencePath: /event/structure/stndDefinedFields/structure/schemaReference/value distribution: - sdcAddress: ${SDC_ADDRESS:sdc-be.onap:30204} + sdcAddress: ${SDC_ADDRESS:sdc-be.onap:8080} user: dcae password: Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U pollingInterval: 20 -- cgit 1.2.3-korg