aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--docs/sections/configuration.rst108
-rw-r--r--docs/sections/logging.rst51
2 files changed, 143 insertions, 16 deletions
diff --git a/docs/sections/configuration.rst b/docs/sections/configuration.rst
index 47f2dd87..d49c86bd 100644
--- a/docs/sections/configuration.rst
+++ b/docs/sections/configuration.rst
@@ -5,24 +5,106 @@
Configuration
=============
-.. note::
- * This section is used to describe the options a software component offers for configuration.
+Standalone docker container
+---------------------------
- * Configuration is typically: provided for platform-component and sdk projects;
- and referenced in developer and user guides.
-
- * This note must be removed after content has been added.
+Certification Service Client image:
+.. code-block::
+ nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
-Example ...
-You can provide the following in ``basic.conf``
+1. Create file with environments as in example below.
-``host=ADDRESS``
- The address of the host
+.. code-block::
-``port=PORT``
- The port used for signaling
+ #Client envs
+ REQUEST_URL=http://aaf-cert-service-service:8080/v1/certificate/
+ REQUEST_TIMEOUT=1000
+ OUTPUT_PATH=/var/certs
+ CA_NAME=RA
+ #Csr config envs
+ COMMON_NAME=onap.org
+ ORGANIZATION=Linux-Foundation
+ ORGANIZATION_UNIT=ONAP
+ LOCATION=San-Francisco
+ STATE=California
+ COUNTRY=US
+ SANS=test.onap.org:onap.com
- Optional. Default: ``8080``
+
+2. Run docker container with environments file and docker network (API and client must be running in same network).
+
+.. code-block:: bash
+
+ AAFCERT_CLIENT_IMAGE=nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
+ DOCKER_ENV_FILE= <path to environment file>
+ NETWORK_CERT_SERVICE= <docker network of cert service>
+ DOCKER_VOLUME="<absolute path to local dir>:<output path>"
+
+ docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE
+
+
+
+Init Container for K8s
+----------------------
+
+Example deployment:
+
+.. code-block:: yaml
+
+ ...
+ kind: Deployment
+ metadata:
+ ...
+ spec:
+ ...
+ template:
+ ...
+ spec:
+ containers:
+ - image: sample.image
+ name: sample.name
+ ...
+ volumeMounts:
+ - mountPath: /var/certs #CERTS CAN BE FOUND IN THIS DIRECTORY
+ name: certs
+ ...
+ initContainers:
+ - name: cert-service-client
+ image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
+ imagePullPolicy: Always
+ env:
+ - name: REQUEST_URL
+ value: http://aaf-cert-service-service:8080/v1/certificate/
+ - name: REQUEST_TIMEOUT
+ value: "1000"
+ - name: OUTPUT_PATH
+ value: /var/certs
+ - name: CA_NAME
+ value: RA
+ - name: COMMON_NAME
+ value: onap.org
+ - name: ORGANIZATION
+ value: Linux-Foundation
+ - name: ORGANIZATION_UNIT
+ value: ONAP
+ - name: LOCATION
+ value: San-Francisco
+ - name: STATE
+ value: California
+ - name: COUNTRY
+ value: US
+ - name: SANS
+ value: test.onap.org:onap.com
+ volumeMounts:
+ - mountPath: /var/certs
+ name: certs
+ ...
+ volumes:
+ -emptyDir: {}
+ name: certs
+ ...
+
+ \ No newline at end of file
diff --git a/docs/sections/logging.rst b/docs/sections/logging.rst
index 159b5132..422b70a0 100644
--- a/docs/sections/logging.rst
+++ b/docs/sections/logging.rst
@@ -5,8 +5,9 @@
Logging
=======
-Where to Access Information
----------------------------
+Certification Service API
+--------------------------
+
Certification Service logs are available in the Docker container
@@ -17,9 +18,53 @@ Path to logs:
/var/log/onap/aaf/certservice
Available log files:
-
* audit.log
* debug.log
* error.log
+Certification Service Client
+----------------------------
+To see logs use :
+
+- Docker:
+
+.. code-block:: bash
+
+ docker logs cert-service-client
+
+- Kubernetes:
+
+.. code-block:: bash
+
+ kubectl logs <pod-name> cert-service-client
+
+
+Logs are stored inside container log path:
+
+ /var/logs
+
+Client application exits with following exit codes:
+
+
++-------+------------------------------------------------+
+| Code | Information |
++=======+================================================+
+| 0 | Success |
++-------+------------------------------------------------+
+| 1 | Invalid client configuration |
++-------+------------------------------------------------+
+| 2 | Invalid CSR configuration |
++-------+------------------------------------------------+
+| 3 | Fail in key pair generation |
++-------+------------------------------------------------+
+| 4 | Fail in CSR generation |
++-------+------------------------------------------------+
+| 5 | CertService HTTP unsuccessful response |
++-------+------------------------------------------------+
+| 6 | Internal HTTP Client connection problem |
++-------+------------------------------------------------+
+| 7 | Fail in PKCS12 conversion |
++-------+------------------------------------------------+
+| 8 | Fail in Private Key to PEM Encoding |
++-------+------------------------------------------------+