diff options
author | Tal Gitelman <tg851x@intl.att.com> | 2017-08-16 13:44:31 +0300 |
---|---|---|
committer | Tal Gitelman <tg851x@intl.att.com> | 2017-08-16 13:44:31 +0300 |
commit | fa222906b5b31c34ee165e290de94dd19c8f18b3 (patch) | |
tree | cb610145234fbbb27200cb055cc8f1cf0a6c9f6a /utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks | |
parent | 11f0704f4f1186ae33230e80376aa9459dcfd737 (diff) |
[SDC-154] - sdc-simulator docker task
Change-Id: If1ba67353698c4baa91efa0abf6ccb89f208f2f6
Signed-off-by: Tal Gitelman <tg851x@intl.att.com>
Diffstat (limited to 'utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks')
16 files changed, 754 insertions, 0 deletions
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/attributes/default.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/attributes/default.rb new file mode 100644 index 0000000000..6e9bbe36f5 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/attributes/default.rb @@ -0,0 +1,2 @@ +# +# diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/keystore b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/keystore Binary files differnew file mode 100644 index 0000000000..08f6cda8a7 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/keystore diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/logback.xml b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/logback.xml new file mode 100644 index 0000000000..ba16783536 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/logback.xml @@ -0,0 +1,328 @@ +<?xml version="1.0" encoding="UTF-8"?> +<configuration scan="true" scanPeriod="5 seconds"> + + <property scope="system" name="ECOMP-component-name" value="SDC" /> + <property scope="system" name="ECOMP-subcomponent-name" value="SDC-BE" /> + <property file="${config.home}/catalog-be/configuration.yaml" /> + <property scope="context" name="enable-all-log" value="false" /> + + <!-- value used by pattern field list (| - is inter-field separator, || - unavailable or not applicable field value) (m - mandatory, o- optional)--> + <!--timestamp(m)| requestID(m)| serviceInstanceID(o)| threadID(m)| physicalServerName(o)| serviceName(m)| userID(m)| logLevel(m)| severity(o)| serverIpAddress(m)| serverName(m)| clientIpAddress(o)| className(m)| timer(o)| detailedMessage(o)--> + <property name="default-log-pattern" + value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{BeginTimestamp}|%X{EndTimestamp}|%X{uuid}|%X{serviceInstanceID}|%thread|%X{ServerName}|%X{ServiceName}|${ECOMP-subcomponent-name}|%X{userId}|%X{TargetEntity}|%X{TargetServiceName}|%X{StatusCode}|%X{ResponseCode}|%X{ResponseDescription}|%X{InstanceUUID}|%level|%X{alarmSeverity}|%X{localAddr}|%X{ElapsedTime}|${beFqdn}|%X{remoteAddr}|%logger{35}|%X{timer}|ActivityType=<%M>, Desc=<%msg>%n" /> + + <property name="asdc-debug-log-pattern" value="%d{yyyy-MM-dd'T'HH:mm:ss.SSSXXX}|%X{RequestId}|%msg %n"/> + + <!-- All log --> + <if condition='property("enable-all-log").equalsIgnoreCase("true")'> + <then> + <appender name="ALL_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log + </file> + + <rollingPolicy + class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <appender name="ASYNC_ALL" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="ALL_ROLLING" /> + </appender> + </then> + </if> + + <!-- Error log --> + <appender name="ERROR_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log + </file> + + <!-- Audit messages filter - deny audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- Transaction messages filter - deny Transaction messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- deny all events with a level below INFO, that is TRACE and DEBUG --> + <filter class="ch.qos.logback.classic.filter.ThresholdFilter"> + <level>INFO</level> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Debug log --> + <appender name="DEBUG_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log + </file> + + <!-- No need to deny audit messages - they are INFO only, will be denied + anyway --> + <!-- Transaction messages filter - deny Transaction messages, there are + some DEBUG level messages among them --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- accept DEBUG and TRACE level --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator"> + <expression> + e.level.toInt() <= DEBUG.toInt() + </expression> + </evaluator> + <OnMismatch>DENY</OnMismatch> + <!--<OnMatch>NEUTRAL</OnMatch>--> + <OnMatch>ACCEPT</OnMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + + <!-- ASDC debug by package--> + <appender name="PACKAGE_DEBUG_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug_by_package.log + </file> + + <!-- No need to deny audit messages - they are INFO only, will be denied + anyway --> + <!-- Transaction messages filter - deny Transaction messages, there are + some DEBUG level messages among them --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>NEUTRAL</onMismatch> + <onMatch>DENY</onMatch> + </filter> + + <!-- accept DEBUG and TRACE level --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.GEventEvaluator"> + <expression> + e.level.toInt() <= DEBUG.toInt() + </expression> + </evaluator> + <OnMismatch>DENY</OnMismatch> + <OnMatch>NEUTRAL</OnMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug_by_package.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${asdc-debug-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Audit log --> + <appender name="AUDIT_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log + </file> + + <!-- Audit messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>AUDIT_MARKER</marker> + <marker>AUDIT</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Metrics log --> + <appender name="METRICS_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/metrics.log + </file> + + <!-- Metric messages filter - accept metric messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>METRICS</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/metrics.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- SdncTransaction log --> + <appender name="TRANSACTION_ROLLING" + class="ch.qos.logback.core.rolling.RollingFileAppender"> + + <file>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log + </file> + + <!-- Transaction messages filter - accept audit messages --> + <filter class="ch.qos.logback.core.filter.EvaluatorFilter"> + <evaluator class="ch.qos.logback.classic.boolex.OnMarkerEvaluator"> + <marker>TRANSACTION_MARKER</marker> + </evaluator> + <onMismatch>DENY</onMismatch> + <onMatch>ACCEPT</onMatch> + </filter> + + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log.%i + </fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>10</maxIndex> + </rollingPolicy> + + <triggeringPolicy + class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>20MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + + <!-- Asynchronicity Configurations --> + <appender name="ASYNC_DEBUG" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="DEBUG_ROLLING" /> + </appender> + + <appender name="ASYNC_TRANSACTION" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="TRANSACTION_ROLLING" /> + </appender> + + <appender name="ASYNC_ERROR" class="ch.qos.logback.classic.AsyncAppender"> + <appender-ref ref="ERROR_ROLLING" /> + </appender> + + <!-- <appender name="DISPATCHER" class="ch.qos.logback.classic.sift.SiftingAppender"> + <discriminator class="org.openecomp.core.logging.logback.EventTypeDiscriminator"/> + <sift> + <appender name="Audit" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <file>${logDirectory}/audit.log</file> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <fileNamePattern>${logDirectory}/audit.%i.log.zip</fileNamePattern> + <minIndex>1</minIndex> + <maxIndex>9</maxIndex> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <maxFileSize>5MB</maxFileSize> + </triggeringPolicy> + <encoder> + <pattern>${default-log-pattern}</pattern> + </encoder> + </appender> + </sift> + </appender>--> + + <root level="INFO"> + <appender-ref ref="ASYNC_ERROR" /> + <appender-ref ref="ASYNC_DEBUG" /> + <appender-ref ref="AUDIT_ROLLING" /> + <appender-ref ref="ASYNC_TRANSACTION" /> + <appender-ref ref="METRICS_ROLLING" /> + <if condition='property("enable-all-log").equalsIgnoreCase("true")'> + <then> + <appender-ref ref="ALL_ROLLING" /> + </then> + </if> + </root> + + <logger name="org.openecomp.sdc" level="INFO" /> +</configuration>
\ No newline at end of file diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/webseal.conf b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/webseal.conf new file mode 100644 index 0000000000..a7026e39fa --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/files/default/webseal.conf @@ -0,0 +1,49 @@ +{ + webseal { + fe="http://localhost:8181" + users = [ + { + userId="cs0008" + password="123123a" + firstName="Carlos" + lastName="Santana" + role="Designer" + email="csantana@sdc.com" + }, + { + userId="op0001" + password="123123a" + firstName="Aretha" + lastName="Franklin" + role="Ops" + email="afranklin@sdc.com" + }, + { + userId="jh0003" + password="123123a" + firstName="Jimmy" + lastName="Hendrix" + role="Admin" + email="admin@sdc.com" + }, + { + userId="jm0007" + password="123123a" + firstName="Johnny" + lastName="Depp" + role="Tester" + email="tester@sdc.com" + }, + { + userId="gv0001" + password="123123a" + firstName="David" + lastName="Shadmi" + role="Governor" + email="governor@sdc.com" + } + ] + } + +} + diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_1_cleanup_jettydir.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_1_cleanup_jettydir.rb new file mode 100644 index 0000000000..95b90ca0a2 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_1_cleanup_jettydir.rb @@ -0,0 +1,57 @@ +directory "SDC_Simulator_tempdir_creation" do + path "/var/lib/jetty/temp" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +directory "SDC_Simulator_create_config_dir" do + path "/var/lib/jetty/config" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +directory "SDC_Simulator_create_sdc-simulator" do + path "/var/lib/jetty/config/sdc-simulator" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +#directory "SDC_Simulator_tempdir_cleanup" do +# path "/var/lib/jetty/tempdir" +# recursive true +# action :delete +#end + + +#directory "SDC_Simulator_webapps_cleanup" do +# path "/var/lib/jetty/webapps" +# recursive true +# action :delete +#end + + +#directory "SDC_Simulator_webapps_creation" do +# path "/var/lib/jetty/webapps" +# owner 'jetty' +# group 'jetty' +# mode '0755' +# action :create +#end + + +#directory "SDC_Simulator_create_catalog-fe" do +# path "/var/lib/jetty/config/onboarding-fe" +# owner 'jetty' +# group 'jetty' +# mode '0755' +# action :create +#end
\ No newline at end of file diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb new file mode 100644 index 0000000000..9a284deb8a --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb @@ -0,0 +1,16 @@ +cookbook_file "webseal.conf" do + path "/#{jetty_base}/config/sdc-simulator/" + source "webseal.conf" + owner "jetty" + group "jetty" + mode "0755" +end + + +cookbook_file "logback.xml" do + path "/#{jetty_base}/config/sdc-simulator/" + source "logback.xml" + owner "jetty" + group "jetty" + mode "0755" +end
\ No newline at end of file diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_3_errors_config.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_3_errors_config.rb new file mode 100644 index 0000000000..81211866a0 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_3_errors_config.rb @@ -0,0 +1,7 @@ +#cookbook_file "/var/lib/jetty/config/catalog-fe/ecomp-error-configuration.yaml" do +# source "FE-ecomp-error-configuration.yaml" +# mode 0755 +# owner "jetty" +# group "jetty" +#end + diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_4_logback.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_4_logback.rb new file mode 100644 index 0000000000..ba3097ce0b --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_4_logback.rb @@ -0,0 +1,7 @@ +#cookbook_file "/var/lib/jetty/config/catalog-fe/logback.xml" do +# source "FE-logback.xml" +# mode 0755 +# owner "jetty" +# group "jetty" +#end + diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_rest_configuration.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_rest_configuration.rb new file mode 100644 index 0000000000..710286a8dd --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_rest_configuration.rb @@ -0,0 +1,7 @@ +cookbook_file "/var/lib/jetty/config/catalog-fe/rest-configuration-info.yaml" do + source "FE-rest-configuration.yaml" + mode 0755 + owner "jetty" + group "jetty" +end + diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_6_create_jetty_modules.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_6_create_jetty_modules.rb new file mode 100644 index 0000000000..2800fd1808 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_6_create_jetty_modules.rb @@ -0,0 +1,45 @@ +jetty_base="/var/lib/jetty" +jetty_home="/usr/local/jetty" + +###### create Jetty modules +bash "create-jetty-modules" do +cwd "#{jetty_base}" +code <<-EOH + cd "#{jetty_base}" + java -jar "/#{jetty_home}"/start.jar --add-to-start=deploy + java -jar "/#{jetty_home}"/start.jar --add-to-startd=http,https,logging,setuid +EOH +not_if "ls /#{jetty_base}/start.d/https.ini" +end + + +###### configure Jetty modules +template "FE-http-ini" do + path "/#{jetty_base}/start.d/http.ini" + source "FE-http-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :FE_http_port => "#{node['FE'][:http_port]}" +end + + +template "FE-https-ini" do + path "/#{jetty_base}/start.d/https.ini" + source "FE-https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :FE_https_port => "#{node['FE'][:https_port]}" +end + + +template "FE-ssl-ini" do + path "/#{jetty_base}/start.d/ssl.ini" + source "FE-ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :FE_https_port => "#{node['FE'][:https_port]}" +end + diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_7_locate_keystore.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_7_locate_keystore.rb new file mode 100644 index 0000000000..3bb482d89a --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_7_locate_keystore.rb @@ -0,0 +1,16 @@ +jetty_base="/var/lib/jetty" + +directory "Jetty_etcdir_creation" do + path "/#{jetty_base}/etc" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +cookbook_file "/#{jetty_base}/etc/keystore" do + source "keystore" + owner "jetty" + group "jetty" + mode 0755 +end
\ No newline at end of file diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-configuration.yaml.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-configuration.yaml.erb new file mode 100644 index 0000000000..6a6ea29608 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-configuration.yaml.erb @@ -0,0 +1,85 @@ +# Needed for logging purposes. To be populated by DevOps - currently dummy +feFqdn: <%= @fe_host_ip %> + +# catalog backend hostname +beHost: <%= @be_host_ip %> + +# catalog backend http port +beHttpPort: <%= @catalog_port %> + +# catalog backend http context +beContext: /sdc2/rest/v1/catalog/upload/resources + +# catalog backend protocol +beProtocol: http + +# catalog backend ssl port +beSslPort: <%= @ssl_port %> + +# threadpool size for handling requests +threadpoolSize: 50 + +# request processing timeout (seconds) +requestTimeout: 10 + +healthCheckSocketTimeoutInMs: 5000 + +healthCheckIntervalInSeconds: 5 + +onboarding: + protocol: http + host: <%= @fe_host_ip %> + port: 8181 + healthCheckUri: "/onboarding/v1.0/healthcheck" + +identificationHeaderFields: + - + - &HTTP_IV_USER HTTP_IV_USER + - &iv-user iv-user + - + - &USER_ID USER_ID + - &user-id user-id + - + - &HTTP_CSP_ATTUID HTTP_CSP_ATTUID + - &csp-attuid csp-attuid + - + - &HTTP_CSP_WSTYPE HTTP_CSP_WSTYPE + - &csp-wstype csp-wstype + +optionalHeaderFields: + - + - &HTTP_CSP_FIRSTNAME HTTP_CSP_FIRSTNAME + - &csp-firstname csp-firstname + - + - &HTTP_CSP_LASTNAME HTTP_CSP_LASTNAME + - &csp-lastname csp-lastname + - + - &HTTP_IV_REMOTE_ADDRESS HTTP_IV_REMOTE_ADDRESS + - &iv-remote-address iv-remote-address + - + - &HTTP_CSP_EMAIL HTTP_CSP_EMAIL + - &csp-email csp-email + + +version: 1.0 +released: 2012-11-30 + +# Connection parameters +connection: + url: jdbc:mysql://localhost:3306/db + poolSize: 17 + +# Protocols +protocols: + - http + - https + + +systemMonitoring: + enabled: false + isProxy: true + probeIntervalInSeconds: 15 + +kibanaHost: localhost +kibanaPort: 5601 +kibanaProtocol: http diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-http-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-http-ini.erb new file mode 100644 index 0000000000..34a73fdf55 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-http-ini.erb @@ -0,0 +1,32 @@ +# --------------------------------------- +# Module: http +--module=http + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port=<%= @FE_http_port %> + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 + +## HTTP Compliance: RFC7230, RFC2616, LEGACY +# jetty.http.compliance=RFC7230 diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-https-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-https-ini.erb new file mode 100644 index 0000000000..f8ca5252b0 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-https-ini.erb @@ -0,0 +1,15 @@ +# --------------------------------------- +# Module: https +--module=https + +## HTTPS Configuration +# HTTP port to listen on +https.port=<%= @FE_https_port %> + +# HTTPS idle timeout in milliseconds +jetty.https.idleTimeout=300000 + +# HTTPS Socket.soLingerTime in seconds. (-1 to disable) +# https.soLingerTime=-1 + + diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-onboarding-configuration.yaml.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-onboarding-configuration.yaml.erb new file mode 100644 index 0000000000..4646661dfb --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-onboarding-configuration.yaml.erb @@ -0,0 +1,5 @@ +notifications: + pollingIntervalMsec: 2000 + selectionSize: 100 + beHost: <%= @catalog_ip %> + beHttpPort: <%= @catalog_port %>
\ No newline at end of file diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-ssl-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-ssl-ini.erb new file mode 100644 index 0000000000..426e0e44b5 --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/FE-ssl-ini.erb @@ -0,0 +1,83 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port=<%= @FE_https_port %> + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +# jetty.sslContext.keyStorePath=etc/keystore + +## Truststore file path (relative to $jetty.base) +# jetty.sslContext.trustStorePath=etc/keystore + +## Keystore password +# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g + +## Truststore password +# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +# jetty.sslContext.needClientAuth=false + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 |