summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAreli, Fuss (af732p) <af732p@att.com>2018-04-09 18:15:42 +0300
committerMichael Lando <ml636r@att.com>2018-04-11 08:40:56 +0000
commit9d525f580b866778dc3417a06d98b96c70857efe (patch)
tree2e9d57d25c28f52857185e86f3d38e4b0c8183c2
parente2eef606174e0f996cdfb5590d1bd5f61b28731c (diff)
Replace ssl configuration
Replace ssl configuration from hardcoded into variable Change-Id: I1e393d311940944060d3f3f4e1093ee96eece777 Issue-ID: SDC-1176 Signed-off-by: Areli, Fuss (af732p) <af732p@att.com>
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb3
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb9
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb6
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-titan.properties.erb6
-rwxr-xr-xsdc-os-chef/scripts/docker_run.sh2
5 files changed, 15 insertions, 11 deletions
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb
index 4287ca8617..26d18c5db1 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/attributes/default.rb
@@ -1 +1,2 @@
-# \ No newline at end of file
+#
+default['cassandra'][:truststore_password] = "Aa123456"
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb
index fd7e2f8c5f..c04b11b815 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_2_setup_configuration.rb
@@ -12,7 +12,9 @@ template "titan.properties" do
:CASSANDRA_USR => node['cassandra'][:cassandra_user],
:rep_factor => replication_factor,
:DC_NAME => node['cassandra'][:cluster_name]+node.chef_environment,
- :titan_connection_timeout => node['cassandra']['titan_connection_timeout']
+ :titan_connection_timeout => node['cassandra']['titan_connection_timeout'],
+ :cassandra_traststore_password => node['cassandra'][:truststore_password],
+ :cassandra_ssl_enabled => "#{ENV['cassandra_ssl_enabled']}"
})
end
@@ -34,8 +36,9 @@ template "catalog-be-config" do
:socket_connect_timeout => node['cassandra']['socket_connect_timeout'],
:socket_read_timeout => node['cassandra']['socket_read_timeout'],
:cassandra_pwd => node['cassandra'][:cassandra_password],
- :cassandra_usr => node['cassandra'][:cassandra_user]
-
+ :cassandra_usr => node['cassandra'][:cassandra_user],
+ :cassandra_traststore_password => node['cassandra'][:truststore_password],
+ :cassandra_ssl_enabled => "#{ENV['cassandra_ssl_enabled']}"
})
end
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb
index 9bb4c33dec..6ed6406191 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-configuration.yaml.erb
@@ -77,9 +77,9 @@ cassandraConfig:
authenticate: true
username: <%= @cassandra_usr %>
password: <%= @cassandra_pwd %>
- ssl: false
- truststorePath : /config/.truststore
- truststorePassword : Aa123456
+ ssl: <%= @cassandra_ssl_enabled %>
+ truststorePath : /config/truststore
+ truststorePassword : <%= @cassandra_traststore_password %>
keySpaces:
- { name: dox, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @DC_NAME %>','<%= @rep_factor %>']}
- { name: sdcaudit, replicationStrategy: NetworkTopologyStrategy, replicationInfo: ['<%= @DC_NAME %>','<%= @rep_factor %>']}
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-titan.properties.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-titan.properties.erb
index cf885e62bb..cc518ad1b2 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-titan.properties.erb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-titan.properties.erb
@@ -6,9 +6,9 @@ storage.password=<%= @CASSANDRA_PWD %>
storage.connection-timeout=<%= @titan_connection_timeout %>
storage.cassandra.keyspace=sdctitan
-storage.cassandra.ssl.enabled=false
-storage.cassandra.ssl.truststore.location=/var/lib/jetty/config/.truststore
-storage.cassandra.ssl.truststore.password=Aa123456
+storage.cassandra.ssl.enabled=<%= @cassandra_ssl_enabled %>
+storage.cassandra.ssl.truststore.location=/var/lib/jetty/config/truststore
+storage.cassandra.ssl.truststore.password=<%= @cassandra_traststore_password %>
storage.cassandra.read-consistency-level=LOCAL_QUORUM
storage.cassandra.write-consistency-level=LOCAL_QUORUM
diff --git a/sdc-os-chef/scripts/docker_run.sh b/sdc-os-chef/scripts/docker_run.sh
index 5dd73d219d..b7d96d5c62 100755
--- a/sdc-os-chef/scripts/docker_run.sh
+++ b/sdc-os-chef/scripts/docker_run.sh
@@ -337,7 +337,7 @@ if [ ${LOCAL} = false ]; then
else
ADDITIONAL_ARGUMENTS=${DEBUG_PORT}
fi
-docker run --detach --name sdc-BE --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --env JAVA_OPTIONS="${BE_JAVA_OPTIONS}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume ${WORKSPACE}/data/logs/BE/:/var/lib/jetty/logs --volume ${WORKSPACE}/data/environments:/root/chef-solo/environments --publish 8443:8443 --publish 8080:8080 ${ADDITIONAL_ARGUMENTS} ${PREFIX}/sdc-backend:${RELEASE}
+docker run --detach --name sdc-BE --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --env cassandra_ssl_enabled="false" --env JAVA_OPTIONS="${BE_JAVA_OPTIONS}" --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume ${WORKSPACE}/data/logs/BE/:/var/lib/jetty/logs --volume ${WORKSPACE}/data/environments:/root/chef-solo/environments --publish 8443:8443 --publish 8080:8080 ${ADDITIONAL_ARGUMENTS} ${PREFIX}/sdc-backend:${RELEASE}
echo "please wait while BE is starting..."
monitor_docker sdc-BE