1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
2 .. http://creativecommons.org/licenses/by/4.0
3 .. Copyright 2020 Huawei Technologies Co., Ltd.
8 In SO (Service Orchestration) every component running on docker engine and respective containers. here we can see how so is working with Dokcer.
10 CA(Certificate Authority)
11 =========================
13 Certificate Authorities/ CAs, issue Digital Certificates. Digital Certificates are verifiable small data files that contain identity credentials to help websites, people, and devices represent their authentic online identity (authentic because the CA has verified the identity). CAs play a critical role in how the Internet operates and how transparent, trusted transactions can take place online. CAs issue millions of Digital Certificates each year, and these certificates are used to protect information, encrypt billions of transactions, and enable secure communication.
17 /so/packages/docker/src/main/docker/docker-files/ca-certificates/onap-ca.crt
19 Example CA cirtifiacte:-
21 -----BEGIN CERTIFICATE-----
22 MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0Ix
23 EzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYD
24 VQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcn..XRpb24gQXV0aG9y
25 aXR5MRQwEgYDVQQDEwtCZXN0IENBIEx0ZDAeFw0wMD..TUwMTZaFw0wMTAy
26 MDQxOTUwMTZaMIGHMQswCQYDVQQGEwJHQjETMBEGA1..29tZS1TdGF0ZTEU
27 MBIGA1UEChMLQmVzdCBDQSBMdGQxNzA1BgNVBAsTLk..DEgUHVibGljIFBy
28 aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFD..AMTC0Jlc3QgQ0Eg
29 THRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCg..Tz2mr7SZiAMfQyu
30 vBjM9OiJjRazXBZ1BjP5CE/Wm/Rr500PRK+Lh9x5eJ../ANBE0sTK0ZsDGM
31 ak2m1g7oruI3dY3VHqIxFTz0Ta1d+NAjwnLe4nOb7/..k05ShhBrJGBKKxb
32 8n104o/5p8HAsZPdzbFMIyNjJzBM2o5y5A13wiLitE..fyYkQzaxCw0Awzl
33 kVHiIyCuaF4wj571pSzkv6sv+4IDMbT/XpCo8L6wTa..sh+etLD6FtTjYbb
34 rvZ8RQM1tlKdoMHg2qxraAV++HNBYmNWs0duEdjUbJ..XI9TtnS4o1Ckj7P
35 OfljiQIDAQABo4HnMIHkMB0GA1UdDgQWBBQ8urMCRL..5AkIp9NJHJw5TCB
36 tAYDVR0jBIGsMIGpgBQ8urMCRLYYMHUKU5AkIp9NJH..aSBijCBhzELMAkG
37 A1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFD..AoTC0Jlc3QgQ0Eg
38 THRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcm..ENlcnRpZmljYXRp
39 b24gQXV0aG9yaXR5MRQwEgYDVQQDEwtCZXN0IENBIE..DAMBgNVHRMEBTAD
40 AQH/MA0GCSqGSIb3DQEBBAUAA4IBAQC1uYBcsSncwA..DCsQer772C2ucpX
41 xQUE/C0pWWm6gDkwd5D0DSMDJRqV/weoZ4wC6B73f5..bLhGYHaXJeSD6Kr
42 XcoOwLdSaGmJYslLKZB3ZIDEp0wYTGhgteb6JFiTtn..sf2xdrYfPCiIB7g
43 BMAV7Gzdc4VspS6ljrAhbiiawdBiQlQmsBeFz9JkF4..b3l8BoGN+qMa56Y
44 It8una2gY4l2O//on88r5IWJlm1L0oA8e4fR2yrBHX..adsGeFKkyNrwGi/
45 7vQMfXdGsRrXNGRGnX+vWDZ3/zWI0joDtCkNnqEpVn..HoX
46 -----END CERTIFICATE-----
52 Every component has its own over-ride yaml file. We can over-ride the file according the Configurations and Dependencies required for Deploying.
54 Over-ride yaml for api-handler
55 ==============================
57 Path:- /docker-config/volumes/so/config/api-handler-infra/onapheat/override.yaml
68 msoKey: 07a7159d3bf51a0e53be7a8f89699be7
73 endpoint: http://request-db-adapter:8083
74 auth: Basic YnBlbDpwYXNzd29yZDEk
78 endpoint: http://catalog-db-adapter:8082
80 auth: Basic YnBlbDpwYXNzd29yZDEk
82 path: /src/main/resources/
86 orchestrationUri: /mso/async/services/ALaCarteOrchestrator
93 camundaURL: http://bpmn-infra:8081
94 camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
101 auth: F3473596C526938329DF877495B494DC374D1C4198ED3AD305EA3ADCBBDA1862
105 endpoint: http://c1.vm1.mso.simpledemo.onap.org:28090
111 endpoint: https://aai.api.simpledemo.onap.org:8443
112 auth: 2630606608347B7124C244AB0FE34F6F
114 endpoint: http://nbi.onap:8080/nbi/api/v3
116 operational-environment:
119 password: VjR5NDcxSzA=
120 host: http://c1.vm1.mso.simpledemo.onap.org:28090
121 auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
123 topic: com.att.ecomp.mso.operationalEnvironmentEvent
128 jdbcUrl: jdbc:mariadb://mariadb:3306/catalogdb
129 username: cataloguser
131 driver-class-name: org.mariadb.jdbc.Driver
132 pool-name: catdb-pool
137 dialect: org.hibernate.dialect.MySQL5Dialect
139 naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
140 enable-lazy-load-no-trans: true
147 username: sitecontrol
148 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
149 role: SiteControl-Client
152 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
155 username: infraportal
156 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
157 role: InfraPortal-Client
159 username: InfraPortalClient
160 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
161 role: InfraPortal-Client
164 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
168 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
174 jdbcUrl: jdbc:mariadb://mariadb:3306/requestdb
175 username: requestuser
177 driver-class-name: org.mariadb.jdbc.Driver
178 pool-name: reqdb-pool
183 cloud-owner: CloudOwner
186 encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
191 =======================
192 cd /home/root1/docker-config/
197 sudo docker-compose up -d
201 root1@slave-node:~/docker-config$ sudo docker-compose up -d
202 docker-config_mariadb_1 is up-to-date
203 Starting docker-config_catalog-db-adapter_1 ... done
204 Starting docker-config_request-db-adapter_1 ... done
205 Starting docker-config_bpmn-infra_1 ... done
206 Starting docker-config_vfc-adapter_1 ... done
207 Starting docker-config_sdc-controller_1 ... done
208 Starting docker-config_sdnc-adapter_1 ... done
209 Starting docker-config_openstack-adapter_1 ... done
210 Starting docker-config_api-handler-infra_1 ... done
211 Starting docker-config_so-monitoring_1 ... done
212 Starting docker-config_nssmf-adapter_1 ... done
222 root1@slave-node:~/docker-config$ sudo docker ps
223 CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
224 d930caf28508 nexus3.onap.org:10001/onap/so/openstack-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 30 seconds 0.0.0.0:8087->8087/tcp docker-config_openstack-adapter_1
225 599af283319e nexus3.onap.org:10001/onap/so/vfc-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 30 seconds 0.0.0.0:8084->8084/tcp docker-config_vfc-adapter_1
226 5549305c8dd6 nexus3.onap.org:10001/onap/so/api-handler-infra "/app/wait-for.sh -q…" 5 weeks ago Up 27 seconds 0.0.0.0:8080->8080/tcp docker-config_api-handler-infra_1
227 59d3aa684ecb nexus3.onap.org:10001/onap/so/sdnc-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 29 seconds 0.0.0.0:8086->8086/tcp docker-config_sdnc-adapter_1
228 ade4cef97bd3 nexus3.onap.org:10001/onap/so/bpmn-infra "/app/wait-for.sh -q…" 5 weeks ago Up 29 seconds 0.0.0.0:8081->8081/tcp docker-config_bpmn-infra_1
229 e9558560c4d7 nexus3.onap.org:10001/onap/so/sdc-controller "/app/wait-for.sh -q…" 5 weeks ago Up 25 seconds 0.0.0.0:8085->8085/tcp docker-config_sdc-controller_1
230 ae27ec2f8b04 nexus3.onap.org:10001/onap/so/so-monitoring "/app/wait-for.sh -q…" 5 weeks ago Up 26 seconds 0.0.0.0:8088->8088/tcp docker-config_so-monitoring_1
231 8d2c64d48f1a nexus3.onap.org:10001/onap/so/request-db-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 32 seconds 0.0.0.0:8083->8083/tcp docker-config_request-db-adapter_1
232 a126dd29c540 nexus3.onap.org:10001/mariadb:10.1.11 "/docker-entrypoint.…" 5 weeks ago Up 17 minutes 0.0.0.0:32768->3306/tcp docker-config_mariadb_1
234 Inspect a docker image
235 ======================
236 This command shows interesting information about the structure of the mso image. Note that an image is NOT a running container. It is the template that a container is created from.
240 sudo docker inspect onap/so/api-handler-infra
250 "Id": "sha256:2573165483e9ac87826da9c08984a9d0e1d93a90c681b22d9b4f90ed579350dc",
252 "onap/so/api-handler-infra:1.3.0-SNAPSHOT",
253 "onap/so/api-handler-infra:1.3.0-SNAPSHOT-20190213T0846",
254 "onap/so/api-handler-infra:1.3.0-SNAPSHOT-latest",
255 "onap/so/api-handler-infra:latest"
258 "Parent": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
260 "Created": "2019-02-13T09:37:33.770342225Z",
261 "Container": "8be46c735d21935631130f9017c3747779aab26eab54a9149b1edde122f7576d",
263 "Hostname": "ac4a12e21390",
266 "AttachStdin": false,
267 "AttachStdout": false,
268 "AttachStderr": false,
273 "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin",
275 "JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk",
276 "JAVA_VERSION=8u191",
277 "JAVA_ALPINE_VERSION=8.191.12-r0",
287 "CMD [\"/app/start-app.sh\"]"
290 "Image": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
292 "/app/ca-certificates": {},
295 "WorkingDir": "/app",
300 "DockerVersion": "17.05.0-ce",
303 "Hostname": "ac4a12e21390",
306 "AttachStdin": false,
307 "AttachStdout": false,
308 "AttachStderr": false,
313 "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin",
315 "JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk",
316 "JAVA_VERSION=8u191",
317 "JAVA_ALPINE_VERSION=8.191.12-r0",
327 "Image": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
329 "/app/ca-certificates": {},
332 "WorkingDir": "/app",
337 "Architecture": "amd64",
340 "VirtualSize": 245926705,
348 "sha256:503e53e365f34399c4d58d8f4e23c161106cfbce4400e3d0a0357967bad69390",
349 "sha256:744b4cd8cf79c70508aace3697b6c3b46bee2c14f1c14b6ff09fd0ba5735c6d4",
350 "sha256:4c6899b75fdbea2f44efe5a2f8d9f5319c1cf7e87151de0de1014aba6ce71244",
351 "sha256:2e076d24f6d1277456e33e58fc8adcfd69dfd9c025f61aa7b98d500e7195beb2",
352 "sha256:bb67f2d5f8196c22137a9e98dd4190339a65c839822d16954070eeb0b2a17aa2",
353 "sha256:afbbd0cc43999d5c5b0ff54dfd82365a3feb826e5c857d9b4a7cf378001cd4b3",
354 "sha256:1920a7ca0f8ae38a79a1339ce742aaf3d7a095922d96e37074df67cf031d5035",
355 "sha256:1261fbaef67c5be677dae1c0f50394587832ea9d8c7dc105df2f3db6dfb92a3a",
356 "sha256:a33d8ee5c18908807458ffe643184228c21d3c5d5c5df1251f0f7dfce512f7e8",
357 "sha256:80704fca12eddb4cc638cee105637266e04ab5706b4e285d4fc6cac990e96d63",
358 "sha256:55abe39073a47f29aedba790a92c351501f21b3628414fa49a073c010ee747d1",
359 "sha256:cc4136c2c52ad522bd492545d4dd18265676ca690aa755994adf64943b119b28",
360 "sha256:2163a1f989859fdb3af6e253b74094e92a0fc1ee59f5eb959971f94eb1f98094"