docs/sections/configuration.rst

   1 .. This work is licensed under a Creative Commons Attribution 4.0 International License.
   2 .. http://creativecommons.org/licenses/by/4.0
   3 .. Copyright 2020 NOKIA
   4
   5 Configuration
   6 =============
   7
   8 Standalone docker container
   9 ---------------------------
  10
  11 Certification Service Client image:
  12
  13 .. code-block::
  14
  15   nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
  16
  17
  18 1. Create file with environments as in example below.
  19
  20 .. code-block::
  21
  22   #Client envs
  23   REQUEST_URL=http://aaf-cert-service:8080/v1/certificate/
  24   REQUEST_TIMEOUT=1000
  25   OUTPUT_PATH=/var/certs
  26   CA_NAME=RA
  27   #Csr config envs
  28   COMMON_NAME=onap.org
  29   ORGANIZATION=Linux-Foundation
  30   ORGANIZATION_UNIT=ONAP
  31   LOCATION=San-Francisco
  32   STATE=California
  33   COUNTRY=US
  34   SANS=test.onap.org:onap.com
  35
  36
  37 2. Run docker container with environments file and docker network (API and client must be running in same network).
  38
  39 .. code-block:: bash
  40
  41   AAFCERT_CLIENT_IMAGE=nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
  42   DOCKER_ENV_FILE= <path to environment file>
  43   NETWORK_CERT_SERVICE= <docker network of cert service>
  44   DOCKER_VOLUME="<absolute path to local dir>:<output path>"
  45
  46   docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE
  47
  48
  49
  50 Init Container for K8s
  51 ----------------------
  52
  53 Example deployment:
  54
  55 .. code-block:: yaml
  56
  57     ...
  58   kind: Deployment
  59   metadata:
  60     ...
  61   spec:
  62   ...
  63     template:
  64     ...
  65       spec:
  66         containers:
  67           - image: sample.image
  68             name: sample.name
  69             ...
  70             volumeMounts:
  71               - mountPath: /var/certs #CERTS CAN BE FOUND IN THIS DIRECTORY
  72                 name: certs
  73             ...
  74         initContainers:
  75           - name: cert-service-client
  76             image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
  77             imagePullPolicy: Always
  78             env:
  79               - name: REQUEST_URL
  80                 value: http://aaf-cert-service:8080/v1/certificate/
  81               - name: REQUEST_TIMEOUT
  82                 value: "1000"
  83               - name: OUTPUT_PATH
  84                 value: /var/certs
  85               - name: CA_NAME
  86                 value: RA
  87               - name: COMMON_NAME
  88                 value: onap.org
  89               - name: ORGANIZATION
  90                 value: Linux-Foundation
  91               - name: ORGANIZATION_UNIT
  92                 value: ONAP
  93               - name: LOCATION
  94                 value: San-Francisco
  95               - name: STATE
  96                 value: California
  97               - name: COUNTRY
  98                 value: US
  99               - name: SANS
 100                 value: test.onap.org:onap.com
 101             volumeMounts:
 102               - mountPath: /var/certs
 103                 name: certs
 104           ...
 105         volumes:
 106           -emptyDir: {}
 107            name: certs
 108         ...
 109
 110