diff options
author | Avi Ziv <avi.ziv@amdocs.com> | 2018-03-15 13:21:44 +0200 |
---|---|---|
committer | Michael Lando <ml636r@att.com> | 2018-04-24 07:50:44 +0000 |
commit | c175a0de2f05d37c1c774684318a525eb96bb59b (patch) | |
tree | 0c8bd736fdbcb512fefce93ec841fd3537336206 /openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo | |
parent | 08d85958f46d1de9aec9cf459632b5be040063be (diff) |
Create on boarding docker
Add BE and Cassandra init docker images
Change-Id: Id9d767c73fc946819cec821b4634ce650cbb22fd
Issue-ID: SDC-781
Signed-off-by: Michael Lando <ml636r@att.com>
Diffstat (limited to 'openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo')
14 files changed, 645 insertions, 0 deletions
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb new file mode 100644 index 0000000000..47c3e2991a --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/attributes/default.rb @@ -0,0 +1,10 @@ +# +default['ONBOARDING_BE'][:http_port] = 8081 +default['ONBOARDING_BE'][:https_port] = 8445 +default['FE'][:http_port] = 8181 +default['FE'][:https_port] = 9443 +default['disableHttp'] = true +default['cassandra'][:truststore_password] = "Aa123456" +default['jetty'][:keystore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" +default['jetty'][:keymanager_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" +default['jetty'][:truststore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore Binary files differnew file mode 100644 index 0000000000..c4083931dc --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/keystore diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/logback.xml b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/logback.xml new file mode 100644 index 0000000000..c22d1811ce --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/files/default/logback.xml @@ -0,0 +1,328 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration scan="true" scanPeriod="5 seconds"> + + <property scope="system" name="ECOMP-component-name" value="SDC" /> + <property scope="system" name="ECOMP-subcomponent-name" value="ONBOARD-BE" /> + <property file="${config.home}/catalog-be/configuration.yaml" /> + <property scope="context" name="enable-all-log" value="false" /> + + <!-- value used by pattern field list (| - is inter-field separator, || - unavailable or not applicable field value) (m - mandatory, o- optional)--> + <!--timestamp(m)| requestID(m)| serviceInstanceID(o)| threadID(m)| physicalServerName(o)| serviceName(m)| userID(m)| logLevel(m)| severity(o)| serverIpAddress(m)| serverName(m)| clientIpAddress(o)| className(m)| timer(o)| detailedMessage(o)--> + <property name="default-log-pattern" + value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{BeginTimestamp}|%X{EndTimestamp}|%X{uuid}|%X{serviceInstanceID}|%thread|%X{ServerName}|%X{ServiceName}|${ECOMP-subcomponent-name}|%X{userId}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%level|%X{alarmSeverity}|%X{localAddr}|%X{ElapsedTime}|${beFqdn}|%X{remoteAddr}|%logger{35}|%X{timer}|ActivityType=<%M>, Desc=<%msg>%n" /> + + <property name="auditLoggerPattern" value="%X{BeginTimestamp}|%X{EndTimestamp}|%X{RequestId}|%X{ServiceInstanceId}|%thread|%X{VirtualServerName}|%X{ServiceName}|%X{PartnerName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%.-5level|%X{AlertSeverity}|%X{ServerIPAddress}|%X{ElapsedTime}|%X{ServerFQDN}|%X{RemoteHost}|%X{ClassName}|%X{Unused}|%X{ProcessKey}|%X{CustomField1}|%X{CustomField2}|%X{CustomField3}|%X{CustomField4}| ActivityType=<%M>, Desc=<%msg>%n" /> + + <property name="asdc-debug-log-pattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%msg %n"/> + + <!-- All log --> + <if condition='property("enable-all-log").equalsIgnoreCase("true")'> + <then> + <appender name="ALL_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log</file> + + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log.%i</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <appender name="ASYNC_ALL" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="ALL_ROLLING" /> + </appender> + </then> + </if> + + <!-- Error log --> + <appender name="ERROR_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log + </file> + + <!-- Audit messages filter - deny audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- Transaction messages filter - deny Transaction messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Debug log --> + <appender name="DEBUG_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log + </file> + + <!-- No need to deny audit messages - they are INFO only, will be denied + anyway --> + <!-- Transaction messages filter - deny Transaction messages, there are + some DEBUG level messages among them --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- accept DEBUG and TRACE level --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator"> + <expression> + e.level.toInt() <= DEBUG.toInt() + </expression> + </evaluator> + <OnMismatch>DENY</OnMismatch> + <!--<OnMatch>NEUTRAL</OnMatch>--> + <OnMatch>ACCEPT</OnMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + + <!-- ASDC debug by package--> + <appender name="PACKAGE_DEBUG_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug_by_package.log + </file> + + <!-- No need to deny audit messages - they are INFO only, will be denied + anyway --> + <!-- Transaction messages filter - deny Transaction messages, there are + some DEBUG level messages among them --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- accept DEBUG and TRACE level --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator"> + <expression> + e.level.toInt() <= DEBUG.toInt() + </expression> + </evaluator> + <OnMismatch>DENY</OnMismatch> + <OnMatch>NEUTRAL</OnMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug_by_package.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${asdc-debug-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Audit log --> + <appender name="AUDIT_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log + </file> + + <!-- Audit messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + <marker>AUDIT</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${auditLoggerPattern}</pattern> + </encoder> + </appender> + + <!-- Metrics log --> + <appender name="METRICS_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/metrics.log + </file> + + <!-- Metric messages filter - accept metric messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>METRICS</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/metrics.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- SdncTransaction log --> + <appender name="TRANSACTION_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log + </file> + + <!-- Transaction messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Asynchronicity Configurations --> + <appender name="ASYNC_DEBUG" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="DEBUG_ROLLING" /> + </appender> + + <appender name="ASYNC_TRANSACTION" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="TRANSACTION_ROLLING" /> + </appender> + + <appender name="ASYNC_ERROR" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="ERROR_ROLLING" /> + </appender> + + <!-- <appender name="DISPATCHER" class="ch.qos.logback.classic.sift.SiftingAppender"> + <discriminator class="org.openecomp.core.logging.logback.EventTypeDiscriminator"/> + <sift> + <appender name="Audit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/audit.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/audit.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + </sift> + </appender>--> + + <root level="INFO"> + <appender-ref ref="ASYNC_ERROR" /> + <appender-ref ref="ASYNC_DEBUG" /> + <appender-ref ref="AUDIT_ROLLING" /> + <appender-ref ref="ASYNC_TRANSACTION" /> + <appender-ref ref="METRICS_ROLLING" /> + <if condition='property("enable-all-log").equalsIgnoreCase("true")'> + <then> + <appender-ref ref="ALL_ROLLING" /> + </then> + </if> + </root> + + <logger name="org.openecomp.sdc" level="INFO" /> +</configuration>
\ No newline at end of file diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_1_cleanup_jettydir.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_1_cleanup_jettydir.rb new file mode 100644 index 0000000000..2c703f2039 --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_1_cleanup_jettydir.rb @@ -0,0 +1,23 @@ +directory "tempdir_creation" do + path "#{ENV['JETTY_BASE']}/temp" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +directory "create_config_dir" do + path "#{ENV['JETTY_BASE']}/config" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +directory "onboarding-be" do + path "#{ENV['JETTY_BASE']}/config/onboarding-be" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb new file mode 100644 index 0000000000..e838543e7d --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_2_locate_keystore.rb @@ -0,0 +1,14 @@ +directory "Jetty_etcdir_creation" do + path "#{ENV['JETTY_BASE']}/etc" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +cookbook_file "#{ENV['JETTY_BASE']}/etc/keystore" do + source "keystore" + owner "jetty" + group "jetty" + mode 0755 +end diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_3_logback.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_3_logback.rb new file mode 100644 index 0000000000..823c3cd44e --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_3_logback.rb @@ -0,0 +1,7 @@ +cookbook_file "#{ENV['JETTY_BASE']}/config/onboarding-be/logback.xml" do + source "logback.xml" + mode 0755 + owner "jetty" + group "jetty" +end + diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb new file mode 100644 index 0000000000..82a066589b --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_4_setup_jetty_modules.rb @@ -0,0 +1,55 @@ +#Set the http module option +if node['disableHttp'] + http_option = "#--module=http" +else + http_option = "--module=http" +end + + +bash "create-jetty-modules" do +cwd "#{ENV['JETTY_BASE']}" +code <<-EOH + cd "#{ENV['JETTY_BASE']}" + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,logging,setuid +EOH +end + + +template "http-ini" do + path "#{ENV['JETTY_BASE']}/start.d/http.ini" + source "http-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :http_option => http_option , + :http_port => "#{node['ONBOARDING_BE'][:http_port]}" + }) + +end + + +template "https-ini" do + path "#{ENV['JETTY_BASE']}/start.d/https.ini" + source "https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :https_port => "#{node['ONBOARDING_BE'][:https_port]}" +end + + +template "ssl-ini" do + path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" + source "ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :https_port => "#{node['ONBOARDING_BE'][:https_port]}" , + :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , + :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , + :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" + }) +end diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_5_setup_configuration.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_5_setup_configuration.rb new file mode 100644 index 0000000000..90e0802a94 --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_5_setup_configuration.rb @@ -0,0 +1,20 @@ +template "onboard-be-config" do + path "#{ENV['JETTY_BASE']}/config/onboarding-be/onboarding_configuration.yaml" + source "configuration.yaml.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :onboard_ip => node['ONBOARDING_BE_VIP'], + :onboard_port => node['ONBOARDING_BE'][:http_port], + :ssl_port => node['ONBOARDING_BE'][:https_port], + :cassandra_ip => node['Nodes']['CS'], + :DC_NAME => node['cassandra'][:cluster_name]+node.chef_environment, + :socket_connect_timeout => node['cassandra']['socket_connect_timeout'], + :socket_read_timeout => node['cassandra']['socket_read_timeout'], + :cassandra_pwd => node['cassandra'][:cassandra_password], + :cassandra_usr => node['cassandra'][:cassandra_user], + :cassandra_truststore_password => node['cassandra'][:truststore_password], + :cassandra_ssl_enabled => "#{ENV['cassandra_ssl_enabled']}" + }) +end
\ No newline at end of file diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_6_prepareProbeFile.rb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_6_prepareProbeFile.rb new file mode 100644 index 0000000000..edc8f9eebf --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_6_prepareProbeFile.rb @@ -0,0 +1,9 @@ +template "/var/lib/ready-probe.sh" do + source "ready-probe.sh.erb" + sensitive true + mode 0755 + variables({ + :onboard_port => "#{node['ONBOARDING_BE'][:http_port]}", + :ssl_port => "#{node['ONBOARDING_BE'][:https_port]}" + }) +end diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/configuration.yaml.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/configuration.yaml.erb new file mode 100644 index 0000000000..df1c7b516e --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/configuration.yaml.erb @@ -0,0 +1,20 @@ +notifications: + pollingIntervalMsec: 2000 + selectionSize: 100 + beHost: <%= @onboard_ip %> + beHttpPort: <%= @onboard_port %> + +cassandraConfig: + cassandraHosts: [<%= @cassandra_ip %>] + localDataCenter: <%= @DC_NAME %> + reconnectTimeout : 30000 + socketReadTimeout: <%= @socket_read_timeout %> + socketConnectTimeout: <%= @socket_connect_timeout %> + authenticate: true + username: <%= @cassandra_usr %> + password: <%= @cassandra_pwd %> + ssl: <%= @cassandra_ssl_enabled %> + truststorePath: /config/truststore + truststorePassword: <%= @cassandra_truststore_password %> + + diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/http-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/http-ini.erb new file mode 100644 index 0000000000..8f2669032b --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/http-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +<%= @http_option %> + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port=<%= @http_port %> + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/https-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/https-ini.erb new file mode 100644 index 0000000000..9999a4109b --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/https-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb new file mode 100644 index 0000000000..4e58227241 --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ready-probe.sh.erb @@ -0,0 +1,11 @@ +#!/bin/bash +<% if node[:disableHttp] -%> +health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "http://127.0.0.1:<%= @ssl_port %>/onboarding-api/v1.0/healthcheck") +<% else %> +health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' -X GET --header "USER_ID: cs0008" --header "Accept: application/json" "http://127.0.0.1:<%= @onboard_port %>/onboarding-api/v1.0/healthcheck") +<% end -%> +if [[ "$health_Check_http_code" -eq 200 ]]; then + exit 0 +else + exit $health_Check_http_code +fi diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb new file mode 100644 index 0000000000..1f1ff5d394 --- /dev/null +++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/templates/default/ssl-ini.erb @@ -0,0 +1,90 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +# jetty.sslContext.keyStorePath=etc/keystore + +## Truststore file path (relative to $jetty.base) +#jetty.sslContext.trustStorePath=etc/truststore + +## Keystore password +# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g +jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> + +## Truststore password +# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +# jetty.sslContext.needClientAuth=false + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 |