diff options
author | Yuli Shlosberg <ys9693@att.com> | 2018-02-15 12:04:46 +0200 |
---|---|---|
committer | Yuli Shlosberg <ys9693@att.com> | 2018-02-21 17:28:40 +0200 |
commit | 958c32d2d7a3e5cbd9bc672645cdeb95a49b719a (patch) | |
tree | 1ba5b0d1dbece6daa5618a005d6281bbd5c7c1dc /catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates | |
parent | 4cc47ac3abe00eda7c04b9955e56dafc819e2657 (diff) |
OOM Alignment BE,FE,KBN
Change-Id: I8ff609a6be919d5709ce95af5a6a903aeb7afc43
Issue-ID: SDC-918
Signed-off-by: Yuli Shlosberg <ys9693@att.com>
Diffstat (limited to 'catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates')
7 files changed, 273 insertions, 0 deletions
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb new file mode 100644 index 0000000000..ea2d9033ab --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb @@ -0,0 +1,102 @@ +# Needed for logging purposes. To be populated by DevOps - currently dummy +feFqdn: <%= @fe_host_ip %> + +# catalog backend hostname +beHost: <%= @be_host_ip %> + +# catalog backend http port +beHttpPort: <%= @catalog_port %> + +# catalog backend http context +beContext: /sdc2/rest/v1/catalog/upload/resources + +# catalog backend protocol +<% if node[:disableHttp] -%> +beProtocol: https +<% else %> +beProtocol: http +<% end -%> + +# catalog backend ssl port +beSslPort: <%= @ssl_port %> + +# threadpool size for handling requests +threadpoolSize: 50 + +# request processing timeout (seconds) +requestTimeout: 10 + +# Determines the health check read timeout when invoking health check towards the LB (or BE whatever is configured): +healthCheckSocketTimeoutInMs: 5000 + +healthCheckIntervalInSeconds: 5 + +onboarding: + host: <%= @fe_host_ip %> + <% if node[:disableHttp] -%> + protocol: https + port: <%= node['FE'][:https_port] %> + <% else %> + protocol: http + port: <%= node['FE'][:http_port] %> + <% end -%> + healthCheckUri: "/onboarding/v1.0/healthcheck" + +dcae: + host: <%= @fe_host_ip %> + <% if node[:disableHttp] -%> + protocol: https + port: <%= node['FE'][:https_port] %> + <% else %> + protocol: http + port: <%= node['FE'][:http_port] %> + <% end -%> + healthCheckUri: "/dcae/healthCheck" + +identificationHeaderFields: + - + - &HTTP_IV_USER HTTP_IV_USER + - &iv-user iv-user + - + - &USER_ID USER_ID + - &user-id user-id + - + - &HTTP_CSP_ATTUID HTTP_CSP_ATTUID + - &csp-attuid csp-attuid + +optionalHeaderFields: + - + - &HTTP_CSP_FIRSTNAME HTTP_CSP_FIRSTNAME + - &csp-firstname csp-firstname + - + - &HTTP_CSP_LASTNAME HTTP_CSP_LASTNAME + - &csp-lastname csp-lastname + - + - &HTTP_IV_REMOTE_ADDRESS HTTP_IV_REMOTE_ADDRESS + - &iv-remote-address iv-remote-address + - + - &HTTP_CSP_EMAIL HTTP_CSP_EMAIL + - &csp-email csp-email + +version: 1.0 +released: 2012-11-30 + +# Connection parameters +connection: + url: jdbc:mysql://localhost:3306/db + poolSize: 17 + +# Protocols +protocols: + - http + - https + + +systemMonitoring: + enabled: false + isProxy: true + probeIntervalInSeconds: 15 + +kibanaHost: <%= @kb_host_ip %> +kibanaPort: 5601 +kibanaProtocol: http diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb new file mode 100644 index 0000000000..233a6b8852 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +--module=http + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port=<%= @FE_http_port %> + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb new file mode 100644 index 0000000000..d2542fc360 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb @@ -0,0 +1,13 @@ +# --------------------------------------- +# Module: https +--module=https + +## HTTPS Configuration +# HTTP port to listen on +https.port=<%= @FE_https_port %> + +# HTTPS idle timeout in milliseconds +jetty.https.idleTimeout=300000 + +# HTTPS Socket.soLingerTime in seconds. (-1 to disable) +# https.soLingerTime=-1 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb new file mode 100644 index 0000000000..71ed876ee7 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb @@ -0,0 +1,9 @@ +notifications: + pollingIntervalMsec: 2000 + selectionSize: 100 + beHost: <%= @catalog_ip %> + <% if node[:disableHttp] -%> + beHttpPort: <%= node['BE'][:https_port] %> + <% else %> + beHttpPort: <%= node['BE'][:http_port] %> + <% end -%>
\ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb new file mode 100644 index 0000000000..a21a7abbe5 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb @@ -0,0 +1,22 @@ +pluginsList: + - pluginId: DCAE + pluginDiscoveryUrl: <%= @dcae_discovery_url %> + pluginSourceUrl: <%= @dcae_source_url %> + pluginStateUrl: "dcae" + pluginDisplayOptions: + context: + displayName: "Monitoring" + displayContext: ["SERVICE"] + displayRoles: ["DESIGNER"] + - pluginId: WORKFLOW + pluginDiscoveryUrl: <%= @workflow_discovery_url %> + pluginSourceUrl: <%= @workflow_source_url %> + pluginStateUrl: "workflowDesigner" + pluginDisplayOptions: + tab: + displayName: "WORKFLOW" + displayRoles: ["DESIGNER", "TESTER"] + context: + displayName: "Workflow Designer" + displayContext: ["VF"] + displayRoles: ["DESIGNER", "TESTER"]
\ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb new file mode 100644 index 0000000000..b5cbb149dd --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb @@ -0,0 +1,8 @@ +#!/bin/bash + +health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' http://localhost:8181/sdc1/rest/healthCheck) +if [[ "$health_Check_http_code" -eq 500 ]]; then + exit 200 +else + exit $health_Check_http_code +fi
\ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb new file mode 100644 index 0000000000..effbfa7918 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb @@ -0,0 +1,90 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +# jetty.sslContext.keyStorePath=etc/keystore + +## Truststore file path (relative to $jetty.base) +# jetty.sslContext.trustStorePath=etc/keystore + +## Keystore password +# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g +jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok + +## Truststore password +# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +# jetty.sslContext.needClientAuth=false + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 |