From 958c32d2d7a3e5cbd9bc672645cdeb95a49b719a Mon Sep 17 00:00:00 2001 From: Yuli Shlosberg Date: Thu, 15 Feb 2018 12:04:46 +0200 Subject: OOM Alignment BE,FE,KBN Change-Id: I8ff609a6be919d5709ce95af5a6a903aeb7afc43 Issue-ID: SDC-918 Signed-off-by: Yuli Shlosberg --- .../cookbooks/sdc-catalog-fe/attributes/default.rb | 2 + .../default/FE-ecomp-error-configuration.yaml | 48 +++++ .../sdc-catalog-fe/files/default/FE-logback.xml | 227 +++++++++++++++++++++ .../files/default/FE-rest-configuration.yaml | 11 + .../sdc-catalog-fe/files/default/keystore | Bin 0 -> 4255 bytes .../recipes/FE_1_cleanup_jettydir.rb | 33 +++ .../recipes/FE_2_setup_configuration.rb | 42 ++++ .../sdc-catalog-fe/recipes/FE_3_errors_config.rb | 7 + .../sdc-catalog-fe/recipes/FE_4_logback.rb | 7 + .../recipes/FE_5_rest_configuration.rb | 7 + .../sdc-catalog-fe/recipes/FE_6_locate_keystore.rb | 14 ++ .../recipes/FE_7_create_jetty_modules.rb | 41 ++++ .../recipes/FE_8_prepareProbeFile.rb | 5 + .../templates/default/FE-configuration.yaml.erb | 102 +++++++++ .../templates/default/FE-http-ini.erb | 29 +++ .../templates/default/FE-https-ini.erb | 13 ++ .../default/FE-onboarding-configuration.yaml.erb | 9 + .../default/FE-plugins-configuration.yaml.erb | 22 ++ .../templates/default/ready-probe.sh.erb | 8 + .../sdc-catalog-fe/templates/default/ssl-ini.erb | 90 ++++++++ 20 files changed, 717 insertions(+) create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_locate_keystore.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_8_prepareProbeFile.rb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb create mode 100644 catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb (limited to 'catalog-fe/sdc-frontend/chef-repo') diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb new file mode 100644 index 0000000000..6e9bbe36f5 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb @@ -0,0 +1,2 @@ +# +# diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml new file mode 100644 index 0000000000..8982b2424f --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-ecomp-error-configuration.yaml @@ -0,0 +1,48 @@ +########################################### +# Note the conventions of the field values: +# type can be one of: CONFIG_ERROR, SYSTEM_ERROR, DATA_ERROR, CONNECTION_PROBLEM +# severity can be one of: WARN, ERROR, FATAL +# alarmSeverity can be one of: CRITICAL,MAJOR,MINOR,INFORMATIONAL,NONE +# code is a unique integer in range of 3003-9999 (3000-3002 are occupied for internal usage) +# The above enumeration values are out-of-the-box and can be changed in code. +# In case of config and code mismatch, the appropriate error will be printed to log +# +# Range of FE codes - 8000-9999 + + +errors: + FeHealthCheckConnectionError: { + type: CONNECTION_PROBLEM, + code: ASDC_8000, + severity: ERROR, + description: "Connection error during FE Health Check", + alarmSeverity: CRITICAL + } + FeHttpLoggingError: { + type: SYSTEM_ERROR, + code: ASDC_8001, + severity: ERROR, + description: "Error when logging FE HTTP request/response", + alarmSeverity: MINOR + } + FePortalServletError: { + type: SYSTEM_ERROR, + code: ASDC_8002, + severity: ERROR, + description: "Error when trying to access FE Portal page", + alarmSeverity: MAJOR + } + FeHealthCheckGeneralError: { + type: SYSTEM_ERROR, + code: ASDC_8004, + severity: ERROR, + description: "General error during FE Health Check", + alarmSeverity: CRITICAL + } + FeHealthCheckRecovery: { + type: RECOVERY, + code: ASDC_8005, + severity: INFO, + description: "BE Health Check Recovery", + alarmSeverity: INFORMATIONAL + } \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml new file mode 100644 index 0000000000..2f793f386b --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-logback.xml @@ -0,0 +1,227 @@ + + + + + + + + + + + + + + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/all.log.%i + + 1 + 10 + + + + 20MB + + + ${default-log-pattern} + + + + + + + + + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log + + + + + + AUDIT_MARKER + + NEUTRAL + DENY + + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + + INFO + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/error.log.%i + + 1 + 10 + + + + 20MB + + + ${default-log-pattern} + + + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log + + + + + + + TRANSACTION_MARKER + + NEUTRAL + DENY + + + + + + + e.level.toInt() <= DEBUG.toInt() + + + DENY + NEUTRAL + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/debug.log.%i + + 1 + 10 + + + + 20MB + + + ${default-log-pattern} + + + + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log + + + + + + AUDIT_MARKER + + DENY + ACCEPT + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/audit.log.%i + + 1 + 10 + + + + 20MB + + + ${default-log-pattern} + + + + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log + + + + + + TRANSACTION_MARKER + + DENY + ACCEPT + + + + ${log.home}/${ECOMP-component-name}/${ECOMP-subcomponent-name}/transaction.log.%i + + 1 + 10 + + + + 20MB + + + ${default-log-pattern} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml new file mode 100644 index 0000000000..ecedafea56 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/FE-rest-configuration.yaml @@ -0,0 +1,11 @@ +# rest read timeout - means no timeout +readTimeoutInSec: 0 + +# whether to ignore certificate +ignoreCertificate: false + +# the connection pool size +connectionPoolSize: 10 + +# create connection timeout +connectTimeoutInSec: 10 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore new file mode 100644 index 0000000000..c4083931dc Binary files /dev/null and b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/files/default/keystore differ diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb new file mode 100644 index 0000000000..7449518f87 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_1_cleanup_jettydir.rb @@ -0,0 +1,33 @@ +directory "FE_tempdir_creation" do + path "#{ENV['JETTY_BASE']}/temp" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +directory "FE_create_config_dir" do + path "#{ENV['JETTY_BASE']}/config" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +directory "FE_create_catalog-fe" do + path "#{ENV['JETTY_BASE']}/config/catalog-fe" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + + +directory "FE_create_catalog-fe" do + path "#{ENV['JETTY_BASE']}/config/onboarding-fe" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb new file mode 100644 index 0000000000..abefd28588 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_2_setup_configuration.rb @@ -0,0 +1,42 @@ +template "catalog-fe-config" do + path "#{ENV['JETTY_BASE']}/config/catalog-fe/configuration.yaml" + source "FE-configuration.yaml.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :fe_host_ip => node['Nodes']['FE'], + :be_host_ip => node['Nodes']['BE'], + :kb_host_ip => node['Nodes']['KB'], + :catalog_port => node['BE'][:http_port], + :ssl_port => node['BE'][:https_port] + }) +end + +template "plugins-fe-config" do + path "#{ENV['JETTY_BASE']}/config/catalog-fe/plugins-configuration.yaml" + source "FE-plugins-configuration.yaml.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :dcae_discovery_url => node['Plugins']['DCAE']['dcae_discovery_url'], + :dcae_source_url => node['Plugins']['DCAE']['dcae_source_url'], + :workflow_discovery_url => node['Plugins']['WORKFLOW']['workflow_discovery_url'], + :workflow_source_url => node['Plugins']['WORKFLOW']['workflow_source_url'] + }) +end + + +template "onboarding-fe-config" do + path "#{ENV['JETTY_BASE']}/config/onboarding-fe/onboarding_configuration.yaml" + source "FE-onboarding-configuration.yaml.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :catalog_ip => node['Nodes']['BE'], + :catalog_port => node['BE'][:http_port], + :ssl_port => node['BE'][:https_port] +}) +end \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb new file mode 100644 index 0000000000..54dee2ef26 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_3_errors_config.rb @@ -0,0 +1,7 @@ +cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-fe/ecomp-error-configuration.yaml" do + source "FE-ecomp-error-configuration.yaml" + mode 0755 + owner "jetty" + group "jetty" +end + diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb new file mode 100644 index 0000000000..67c511408c --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_4_logback.rb @@ -0,0 +1,7 @@ +cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-fe/logback.xml" do + source "FE-logback.xml" + mode 0755 + owner "jetty" + group "jetty" +end + diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb new file mode 100644 index 0000000000..cf7575c546 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_5_rest_configuration.rb @@ -0,0 +1,7 @@ +cookbook_file "#{ENV['JETTY_BASE']}/config/catalog-fe/rest-configuration-info.yaml" do + source "FE-rest-configuration.yaml" + mode 0755 + owner "jetty" + group "jetty" +end + diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_locate_keystore.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_locate_keystore.rb new file mode 100644 index 0000000000..12af1fff21 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_6_locate_keystore.rb @@ -0,0 +1,14 @@ +directory "Jetty_etcdir_creation" do + path "#{ENV['JETTY_BASE']}/etc" + owner 'jetty' + group 'jetty' + mode '0755' + action :create +end + +cookbook_file "#{ENV['JETTY_BASE']}/etc/keystore" do + source "keystore" + owner "jetty" + group "jetty" + mode 0755 +end diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb new file mode 100644 index 0000000000..32b121eefd --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb @@ -0,0 +1,41 @@ +bash "create-jetty-modules" do +cwd "#{ENV['JETTY_BASE']}" +code <<-EOH + cd "#{ENV['JETTY_BASE']}" + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,logging,setuid +EOH +end + + + +template "FE-http-ini" do + path "#{ENV['JETTY_BASE']}/start.d/http.ini" + source "FE-http-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :FE_http_port => "#{node['FE'][:http_port]}" +end + + +template "FE-https-ini" do + path "#{ENV['JETTY_BASE']}/start.d/https.ini" + source "FE-https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :FE_https_port => "#{node['FE'][:https_port]}" +end + + +template "ssl-ini" do + path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" + source "ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :https_port => "#{node['FE'][:https_port]}" +end + + diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_8_prepareProbeFile.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_8_prepareProbeFile.rb new file mode 100644 index 0000000000..14d08be94c --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_8_prepareProbeFile.rb @@ -0,0 +1,5 @@ +template "/var/lib/ready-probe.sh" do + source "ready-probe.sh.erb" + sensitive true + mode 0755 +end \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb new file mode 100644 index 0000000000..ea2d9033ab --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-configuration.yaml.erb @@ -0,0 +1,102 @@ +# Needed for logging purposes. To be populated by DevOps - currently dummy +feFqdn: <%= @fe_host_ip %> + +# catalog backend hostname +beHost: <%= @be_host_ip %> + +# catalog backend http port +beHttpPort: <%= @catalog_port %> + +# catalog backend http context +beContext: /sdc2/rest/v1/catalog/upload/resources + +# catalog backend protocol +<% if node[:disableHttp] -%> +beProtocol: https +<% else %> +beProtocol: http +<% end -%> + +# catalog backend ssl port +beSslPort: <%= @ssl_port %> + +# threadpool size for handling requests +threadpoolSize: 50 + +# request processing timeout (seconds) +requestTimeout: 10 + +# Determines the health check read timeout when invoking health check towards the LB (or BE whatever is configured): +healthCheckSocketTimeoutInMs: 5000 + +healthCheckIntervalInSeconds: 5 + +onboarding: + host: <%= @fe_host_ip %> + <% if node[:disableHttp] -%> + protocol: https + port: <%= node['FE'][:https_port] %> + <% else %> + protocol: http + port: <%= node['FE'][:http_port] %> + <% end -%> + healthCheckUri: "/onboarding/v1.0/healthcheck" + +dcae: + host: <%= @fe_host_ip %> + <% if node[:disableHttp] -%> + protocol: https + port: <%= node['FE'][:https_port] %> + <% else %> + protocol: http + port: <%= node['FE'][:http_port] %> + <% end -%> + healthCheckUri: "/dcae/healthCheck" + +identificationHeaderFields: + - + - &HTTP_IV_USER HTTP_IV_USER + - &iv-user iv-user + - + - &USER_ID USER_ID + - &user-id user-id + - + - &HTTP_CSP_ATTUID HTTP_CSP_ATTUID + - &csp-attuid csp-attuid + +optionalHeaderFields: + - + - &HTTP_CSP_FIRSTNAME HTTP_CSP_FIRSTNAME + - &csp-firstname csp-firstname + - + - &HTTP_CSP_LASTNAME HTTP_CSP_LASTNAME + - &csp-lastname csp-lastname + - + - &HTTP_IV_REMOTE_ADDRESS HTTP_IV_REMOTE_ADDRESS + - &iv-remote-address iv-remote-address + - + - &HTTP_CSP_EMAIL HTTP_CSP_EMAIL + - &csp-email csp-email + +version: 1.0 +released: 2012-11-30 + +# Connection parameters +connection: + url: jdbc:mysql://localhost:3306/db + poolSize: 17 + +# Protocols +protocols: + - http + - https + + +systemMonitoring: + enabled: false + isProxy: true + probeIntervalInSeconds: 15 + +kibanaHost: <%= @kb_host_ip %> +kibanaPort: 5601 +kibanaProtocol: http diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb new file mode 100644 index 0000000000..233a6b8852 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +--module=http + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port=<%= @FE_http_port %> + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb new file mode 100644 index 0000000000..d2542fc360 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb @@ -0,0 +1,13 @@ +# --------------------------------------- +# Module: https +--module=https + +## HTTPS Configuration +# HTTP port to listen on +https.port=<%= @FE_https_port %> + +# HTTPS idle timeout in milliseconds +jetty.https.idleTimeout=300000 + +# HTTPS Socket.soLingerTime in seconds. (-1 to disable) +# https.soLingerTime=-1 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb new file mode 100644 index 0000000000..71ed876ee7 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-onboarding-configuration.yaml.erb @@ -0,0 +1,9 @@ +notifications: + pollingIntervalMsec: 2000 + selectionSize: 100 + beHost: <%= @catalog_ip %> + <% if node[:disableHttp] -%> + beHttpPort: <%= node['BE'][:https_port] %> + <% else %> + beHttpPort: <%= node['BE'][:http_port] %> + <% end -%> \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb new file mode 100644 index 0000000000..a21a7abbe5 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-plugins-configuration.yaml.erb @@ -0,0 +1,22 @@ +pluginsList: + - pluginId: DCAE + pluginDiscoveryUrl: <%= @dcae_discovery_url %> + pluginSourceUrl: <%= @dcae_source_url %> + pluginStateUrl: "dcae" + pluginDisplayOptions: + context: + displayName: "Monitoring" + displayContext: ["SERVICE"] + displayRoles: ["DESIGNER"] + - pluginId: WORKFLOW + pluginDiscoveryUrl: <%= @workflow_discovery_url %> + pluginSourceUrl: <%= @workflow_source_url %> + pluginStateUrl: "workflowDesigner" + pluginDisplayOptions: + tab: + displayName: "WORKFLOW" + displayRoles: ["DESIGNER", "TESTER"] + context: + displayName: "Workflow Designer" + displayContext: ["VF"] + displayRoles: ["DESIGNER", "TESTER"] \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb new file mode 100644 index 0000000000..b5cbb149dd --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ready-probe.sh.erb @@ -0,0 +1,8 @@ +#!/bin/bash + +health_Check_http_code=$(curl --max-time 5 -o /dev/null -w '%{http_code}' http://localhost:8181/sdc1/rest/healthCheck) +if [[ "$health_Check_http_code" -eq 500 ]]; then + exit 200 +else + exit $health_Check_http_code +fi \ No newline at end of file diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb new file mode 100644 index 0000000000..effbfa7918 --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb @@ -0,0 +1,90 @@ +# --------------------------------------- +# Module: ssl +--module=ssl + +### TLS(SSL) Connector Configuration + +## Connector host/address to bind to +# jetty.ssl.host=0.0.0.0 + +## Connector port to listen on +jetty.ssl.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +# jetty.ssl.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.ssl.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.ssl.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.ssl.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.ssl.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.ssl.acceptorPriorityDelta=0 + +## Whether request host names are checked to match any SNI names +# jetty.ssl.sniHostCheck=true + +## max age in seconds for a Strict-Transport-Security response header (default -1) +# jetty.ssl.stsMaxAgeSeconds=31536000 + +## include subdomain property in any Strict-Transport-Security header (default false) +# jetty.ssl.stsIncludeSubdomains=true + +### SslContextFactory Configuration +## Note that OBF passwords are not secure, just protected from casual observation +## See http://www.eclipse.org/jetty/documentation/current/configuring-security-secure-passwords.html + +## Keystore file path (relative to $jetty.base) +# jetty.sslContext.keyStorePath=etc/keystore + +## Truststore file path (relative to $jetty.base) +# jetty.sslContext.trustStorePath=etc/keystore + +## Keystore password +# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok + +## Keystore type and provider +# jetty.sslContext.keyStoreType=JKS +# jetty.sslContext.keyStoreProvider= + +## KeyManager password +# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g +jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok + +## Truststore password +# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok + +## Truststore type and provider +# jetty.sslContext.trustStoreType=JKS +# jetty.sslContext.trustStoreProvider= + +## whether client certificate authentication is required +# jetty.sslContext.needClientAuth=false + +## Whether client certificate authentication is desired +# jetty.sslContext.wantClientAuth=false + +## Whether cipher order is significant (since java 8 only) +# jetty.sslContext.useCipherSuitesOrder=true + +## To configure Includes / Excludes for Cipher Suites or Protocols see tweak-ssl.xml example at +## https://www.eclipse.org/jetty/documentation/current/configuring-ssl.html#configuring-sslcontextfactory-cipherSuites + +## Set the size of the SslSession cache +# jetty.sslContext.sslSessionCacheSize=-1 + +## Set the timeout (in seconds) of the SslSession cache timeout +# jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 -- cgit 1.2.3-korg