1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
|
.. This work is licensed under a Creative Commons Attribution 4.0 International License.
.. http://creativecommons.org/licenses/by/4.0
.. Copyright 2020 Huawei Technologies Co., Ltd.
Docker-config
=============
In SO (Service Orchestration) every component running on docker engine and respective containers. here we can see how so is working with Dokcer.
CA(Certificate Authority)
=========================
Certificate Authorities/ CAs, issue Digital Certificates. Digital Certificates are verifiable small data files that contain identity credentials to help websites, people, and devices represent their authentic online identity (authentic because the CA has verified the identity). CAs play a critical role in how the Internet operates and how transparent, trusted transactions can take place online. CAs issue millions of Digital Certificates each year, and these certificates are used to protect information, encrypt billions of transactions, and enable secure communication.
CA(file)
/so/packages/docker/src/main/docker/docker-files/ca-certificates/onap-ca.crt
Example CA cirtifiacte:-
-----BEGIN CERTIFICATE-----
MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0Ix
EzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYD
VQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcn..XRpb24gQXV0aG9y
aXR5MRQwEgYDVQQDEwtCZXN0IENBIEx0ZDAeFw0wMD..TUwMTZaFw0wMTAy
MDQxOTUwMTZaMIGHMQswCQYDVQQGEwJHQjETMBEGA1..29tZS1TdGF0ZTEU
MBIGA1UEChMLQmVzdCBDQSBMdGQxNzA1BgNVBAsTLk..DEgUHVibGljIFBy
aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFD..AMTC0Jlc3QgQ0Eg
THRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCg..Tz2mr7SZiAMfQyu
vBjM9OiJjRazXBZ1BjP5CE/Wm/Rr500PRK+Lh9x5eJ../ANBE0sTK0ZsDGM
ak2m1g7oruI3dY3VHqIxFTz0Ta1d+NAjwnLe4nOb7/..k05ShhBrJGBKKxb
8n104o/5p8HAsZPdzbFMIyNjJzBM2o5y5A13wiLitE..fyYkQzaxCw0Awzl
kVHiIyCuaF4wj571pSzkv6sv+4IDMbT/XpCo8L6wTa..sh+etLD6FtTjYbb
rvZ8RQM1tlKdoMHg2qxraAV++HNBYmNWs0duEdjUbJ..XI9TtnS4o1Ckj7P
OfljiQIDAQABo4HnMIHkMB0GA1UdDgQWBBQ8urMCRL..5AkIp9NJHJw5TCB
tAYDVR0jBIGsMIGpgBQ8urMCRLYYMHUKU5AkIp9NJH..aSBijCBhzELMAkG
A1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFD..AoTC0Jlc3QgQ0Eg
THRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcm..ENlcnRpZmljYXRp
b24gQXV0aG9yaXR5MRQwEgYDVQQDEwtCZXN0IENBIE..DAMBgNVHRMEBTAD
AQH/MA0GCSqGSIb3DQEBBAUAA4IBAQC1uYBcsSncwA..DCsQer772C2ucpX
xQUE/C0pWWm6gDkwd5D0DSMDJRqV/weoZ4wC6B73f5..bLhGYHaXJeSD6Kr
XcoOwLdSaGmJYslLKZB3ZIDEp0wYTGhgteb6JFiTtn..sf2xdrYfPCiIB7g
BMAV7Gzdc4VspS6ljrAhbiiawdBiQlQmsBeFz9JkF4..b3l8BoGN+qMa56Y
It8una2gY4l2O//on88r5IWJlm1L0oA8e4fR2yrBHX..adsGeFKkyNrwGi/
7vQMfXdGsRrXNGRGnX+vWDZ3/zWI0joDtCkNnqEpVn..HoX
-----END CERTIFICATE-----
Configurations:-
================
Every component has its own over-ride yaml file. We can over-ride the file according the Configurations and Dependencies required for Deploying.
Over-ride yaml for api-handler
==============================
Path:- /docker-config/volumes/so/config/api-handler-infra/onapheat/override.yaml
.. code-block:: bash
server:
port: 8080
tomcat:
max-threads: 50
ssl-enable: false
mso:
msoKey: 07a7159d3bf51a0e53be7a8f89699be7
logPath: logs
site-name: onapheat
adapters:
requestDb:
endpoint: http://request-db-adapter:8083
auth: Basic YnBlbDpwYXNzd29yZDEk
catalog:
db:
spring:
endpoint: http://catalog-db-adapter:8082
db:
auth: Basic YnBlbDpwYXNzd29yZDEk
config:
path: /src/main/resources/
infra:
default:
alacarte:
orchestrationUri: /mso/async/services/ALaCarteOrchestrator
recipeTimeout: 180
testApi: VNF_API
service:
macro:
default:
testApi: GR_API
camundaURL: http://bpmn-infra:8081
camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
async:
core-pool-size: 50
max-pool-size: 50
queue-capacity: 500
sdc:
client:
auth: F3473596C526938329DF877495B494DC374D1C4198ED3AD305EA3ADCBBDA1862
activate:
instanceid: test
userid: cs0008
endpoint: http://c1.vm1.mso.simpledemo.onap.org:28090
tenant:
isolation:
retry:
count: 3
aai:
endpoint: https://aai.api.simpledemo.onap.org:8443
auth: 2630606608347B7124C244AB0FE34F6F
extApi:
endpoint: http://nbi.onap:8080/nbi/api/v3
so:
operational-environment:
dmaap:
username: testuser
password: VjR5NDcxSzA=
host: http://c1.vm1.mso.simpledemo.onap.org:28090
auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
publisher:
topic: com.att.ecomp.mso.operationalEnvironmentEvent
spring:
datasource:
hikari:
jdbcUrl: jdbc:mariadb://mariadb:3306/catalogdb
username: cataloguser
password: catalog123
driver-class-name: org.mariadb.jdbc.Driver
pool-name: catdb-pool
registerMbeans: true
jpa:
show-sql: true
hibernate:
dialect: org.hibernate.dialect.MySQL5Dialect
ddl-auto: validate
naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
enable-lazy-load-no-trans: true
jersey:
type: filter
security:
usercredentials:
-
username: sitecontrol
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: SiteControl-Client
-
username: gui
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: GUI-Client
-
username: infraportal
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: InfraPortal-Client
-
username: InfraPortalClient
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: InfraPortal-Client
-
username: bpel
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: BPEL-Client
-
username: mso_admin
password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
role: ACTUATOR
request:
datasource:
hikari:
jdbcUrl: jdbc:mariadb://mariadb:3306/requestdb
username: requestuser
password: request123
driver-class-name: org.mariadb.jdbc.Driver
pool-name: reqdb-pool
registerMbeans: true
org:
onap:
so:
cloud-owner: CloudOwner
adapters:
network:
encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
Start the container
=======================
cd /home/root1/docker-config/
CMD:-
===
sudo docker-compose up -d
*Example Output:*
root1@slave-node:~/docker-config$ sudo docker-compose up -d
docker-config_mariadb_1 is up-to-date
Starting docker-config_catalog-db-adapter_1 ... done
Starting docker-config_request-db-adapter_1 ... done
Starting docker-config_bpmn-infra_1 ... done
Starting docker-config_vfc-adapter_1 ... done
Starting docker-config_sdc-controller_1 ... done
Starting docker-config_sdnc-adapter_1 ... done
Starting docker-config_openstack-adapter_1 ... done
Starting docker-config_api-handler-infra_1 ... done
Starting docker-config_so-monitoring_1 ... done
Starting docker-config_nssmf-adapter_1 ... done
Example Output:
===============
docker ps
*Example Output:*
root1@slave-node:~/docker-config$ sudo docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
d930caf28508 nexus3.onap.org:10001/onap/so/openstack-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 30 seconds 0.0.0.0:8087->8087/tcp docker-config_openstack-adapter_1
599af283319e nexus3.onap.org:10001/onap/so/vfc-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 30 seconds 0.0.0.0:8084->8084/tcp docker-config_vfc-adapter_1
5549305c8dd6 nexus3.onap.org:10001/onap/so/api-handler-infra "/app/wait-for.sh -q…" 5 weeks ago Up 27 seconds 0.0.0.0:8080->8080/tcp docker-config_api-handler-infra_1
59d3aa684ecb nexus3.onap.org:10001/onap/so/sdnc-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 29 seconds 0.0.0.0:8086->8086/tcp docker-config_sdnc-adapter_1
ade4cef97bd3 nexus3.onap.org:10001/onap/so/bpmn-infra "/app/wait-for.sh -q…" 5 weeks ago Up 29 seconds 0.0.0.0:8081->8081/tcp docker-config_bpmn-infra_1
e9558560c4d7 nexus3.onap.org:10001/onap/so/sdc-controller "/app/wait-for.sh -q…" 5 weeks ago Up 25 seconds 0.0.0.0:8085->8085/tcp docker-config_sdc-controller_1
ae27ec2f8b04 nexus3.onap.org:10001/onap/so/so-monitoring "/app/wait-for.sh -q…" 5 weeks ago Up 26 seconds 0.0.0.0:8088->8088/tcp docker-config_so-monitoring_1
8d2c64d48f1a nexus3.onap.org:10001/onap/so/request-db-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 32 seconds 0.0.0.0:8083->8083/tcp docker-config_request-db-adapter_1
a126dd29c540 nexus3.onap.org:10001/mariadb:10.1.11 "/docker-entrypoint.…" 5 weeks ago Up 17 minutes 0.0.0.0:32768->3306/tcp docker-config_mariadb_1
Inspect a docker image
======================
This command shows interesting information about the structure of the mso image. Note that an image is NOT a running container. It is the template that a container is created from.
CMD:-
=====
sudo docker inspect onap/so/api-handler-infra
Example Output:
.. code-block:: bash
[
{
"Id": "sha256:2573165483e9ac87826da9c08984a9d0e1d93a90c681b22d9b4f90ed579350dc",
"RepoTags": [
"onap/so/api-handler-infra:1.3.0-SNAPSHOT",
"onap/so/api-handler-infra:1.3.0-SNAPSHOT-20190213T0846",
"onap/so/api-handler-infra:1.3.0-SNAPSHOT-latest",
"onap/so/api-handler-infra:latest"
],
"RepoDigests": [],
"Parent": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
"Comment": "",
"Created": "2019-02-13T09:37:33.770342225Z",
"Container": "8be46c735d21935631130f9017c3747779aab26eab54a9149b1edde122f7576d",
"ContainerConfig": {
"Hostname": "ac4a12e21390",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin",
"LANG=C.UTF-8",
"JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk",
"JAVA_VERSION=8u191",
"JAVA_ALPINE_VERSION=8.191.12-r0",
"HTTP_PROXY=",
"HTTPS_PROXY=",
"http_proxy=",
"https_proxy="
],
"Cmd": [
"/bin/sh",
"-c",
"#(nop) ",
"CMD [\"/app/start-app.sh\"]"
],
"ArgsEscaped": true,
"Image": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
"Volumes": {
"/app/ca-certificates": {},
"/app/config": {}
},
"WorkingDir": "/app",
"Entrypoint": null,
"OnBuild": [],
"Labels": {}
},
"DockerVersion": "17.05.0-ce",
"Author": "",
"Config": {
"Hostname": "ac4a12e21390",
"Domainname": "",
"User": "",
"AttachStdin": false,
"AttachStdout": false,
"AttachStderr": false,
"Tty": false,
"OpenStdin": false,
"StdinOnce": false,
"Env": [
"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin",
"LANG=C.UTF-8",
"JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk",
"JAVA_VERSION=8u191",
"JAVA_ALPINE_VERSION=8.191.12-r0",
"HTTP_PROXY=",
"HTTPS_PROXY=",
"http_proxy=",
"https_proxy="
],
"Cmd": [
"/app/start-app.sh"
],
"ArgsEscaped": true,
"Image": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
"Volumes": {
"/app/ca-certificates": {},
"/app/config": {}
},
"WorkingDir": "/app",
"Entrypoint": null,
"OnBuild": [],
"Labels": {}
},
"Architecture": "amd64",
"Os": "linux",
"Size": 245926705,
"VirtualSize": 245926705,
"GraphDriver": {
"Data": null,
"Name": "aufs"
},
"RootFS": {
"Type": "layers",
"Layers": [
"sha256:503e53e365f34399c4d58d8f4e23c161106cfbce4400e3d0a0357967bad69390",
"sha256:744b4cd8cf79c70508aace3697b6c3b46bee2c14f1c14b6ff09fd0ba5735c6d4",
"sha256:4c6899b75fdbea2f44efe5a2f8d9f5319c1cf7e87151de0de1014aba6ce71244",
"sha256:2e076d24f6d1277456e33e58fc8adcfd69dfd9c025f61aa7b98d500e7195beb2",
"sha256:bb67f2d5f8196c22137a9e98dd4190339a65c839822d16954070eeb0b2a17aa2",
"sha256:afbbd0cc43999d5c5b0ff54dfd82365a3feb826e5c857d9b4a7cf378001cd4b3",
"sha256:1920a7ca0f8ae38a79a1339ce742aaf3d7a095922d96e37074df67cf031d5035",
"sha256:1261fbaef67c5be677dae1c0f50394587832ea9d8c7dc105df2f3db6dfb92a3a",
"sha256:a33d8ee5c18908807458ffe643184228c21d3c5d5c5df1251f0f7dfce512f7e8",
"sha256:80704fca12eddb4cc638cee105637266e04ab5706b4e285d4fc6cac990e96d63",
"sha256:55abe39073a47f29aedba790a92c351501f21b3628414fa49a073c010ee747d1",
"sha256:cc4136c2c52ad522bd492545d4dd18265676ca690aa755994adf64943b119b28",
"sha256:2163a1f989859fdb3af6e253b74094e92a0fc1ee59f5eb959971f94eb1f98094"
]
}
}
]
|