X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdmaap%2Fcomponents%2Fdmaap-bc%2Fresources%2Fconfig%2Fdmaapbc.properties;h=d46442889352d3e437c1b18c700df7561ac1b0fd;hb=8c26e59d30a185186cf33988a0dbb859409f73eb;hp=294ffa6bc3f9b39b7439983a76da2a3e2487336a;hpb=95840bfa23fb50bbcc8109a8a223ff2b247c6001;p=oom.git diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index 294ffa6bc3..d464428893 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,12 +12,7 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - -##################################################### -# -# ONAP Casablanca oom configurable deployment params: -# -##################################################### +*/}} ##################################################### @@ -24,38 +20,48 @@ # Hooks for specific environment configurations # ##################################################### -# Indicator for whether to use AAF -UseAAF: true +# Indicator for whether to use AAF for authentication +UseAAF: {{ .Values.global.aafEnabled }} -# csit: stubs out some southbound APIs for csit -csit: No +# Stub out southbound calls for Unit Test cases to run. e.g. not timeout +# Comment out in other environments to get default (No) +#UnitTest: Yes -# name of this DMaaP instance (deprecated) -#DmaapName: demo ##################################################### # # Settings for Southbound API: Datarouter # ##################################################### -# FQDN of DR Prov Server (deprecated) -#DR.provhost: dcae-drps.domain.not.set # URI to retrieve dynamic DR configuration ProvisioningURI: /internal/prov # indicator for handling feed delete: # DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) -# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments. +# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments. Feed.deleteHandling: SimulateDelete +########################################################### +# The following properties default to match ONAP DR instance. +# However, there are some non-ONAP DR instances that require other values. +# Sets the X-DR-ON-BEHALF-OF HTTP Header value +#DR.onBehalfHeader: +# Value for the Content-Type Header in DR Feed API +#DR.feedContentType: +# Value for the Content-Type Header in DR Subscription API +#DR.subContentType: +# +# END OF properties helpful for non-ONAP DR instance. +############################################################ + ##################################################### # # Settings for Soutbound API: Postgresql # ##################################################### -# flag indieonapdemodbates if we are using postgresql -UsePGSQL: true +# flag indicates if we are using postgresql +UsePGSQL: {{ .Values.PG.enabled }} # postgres host name # Need to connect to PG primary service, designated by service.name2 @@ -65,10 +71,10 @@ DB.host: {{ .Values.postgres.service.name2 }} #DB.schema: {{ .Values.postgres.config.pgDatabase }} # postgres user name -#DB.user: {{ .Values.postgres.config.pgUserName }} +DB.user: ${PG_USER} # postgres user password -DB.cred: {{ .Values.postgres.config.pgUserPassword }} +DB.cred: ${PG_PASSWORD} ##################################################### @@ -86,6 +92,9 @@ MR.multisite: false # In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR MR.CentralCname: {{ .Values.dmaapMessageRouterService }} +# Indicator for whether we want hostname verification on SSL connection to MR +MR.hostnameVerify: false + # MR Client Delete Level thoroughness: # 0 = don't delete # 1 = delete from persistent store @@ -101,6 +110,15 @@ MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client # MR topic ProjectID (used in certain topic name generation formats) MR.projectID: mr +# Use Basic Authentication when provisioning topics +MR.authentication: basicAuth + +# MR topic name style (default is FQTN_LEGACY_FORMAT) +#MR.topicStyle: FQTN_LEGACY_FORMAT +# +# end of MR Related Properties +################################################################################ + ##################################################### # @@ -133,14 +151,20 @@ aaf.AdminPassword: {{ .Values.adminPwd }} # Identity that is owner of any created namespaces for topics aaf.NsOwnerIdentity: {{ .Values.adminUser }} -# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF -CredentialCodeKeyfile: etc/LocalKey # this overrides the Class used for Decryption. # This allows for a plugin encryption/decryption method if needed. # Call this Class for decryption at runtime. #AafDecryption.Class: com.company.proprietaryDecryptor +# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF +# Not used in ONAP, but possibly used with Decryption override class. +#CredentialCodeKeyfile: etc/LocalKey + +# +# endof AAF Properties +#################################################### + ##################################################### # @@ -153,7 +177,7 @@ ApiNamespace: org.onap.dmaap-bc.api # If API authorization is required, then implement a class to enforce it. # This overrides the Class used for API permission check. -#ApiPermission.Class: com.company.policy.DecisionPolicy +ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll ##################################################### # @@ -169,9 +193,51 @@ MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org # pwd for Identity used to publish MM prov cmds MM.ProvUserPwd: demo123456! -# AAF Role of MirrorMaker agent subscribed to prov cmds +# AAF Role of MirrorMaker agent subscribed to prov cmds. MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent +##################################################### +# +# Certificate Management +# +##################################################### + +# Indicates how we are expecting certificates to be provided: +# cadi - a set of artifacts will be downloaded from AAF at deployment time, and details will be in a cadi properties file +# legacy (default) - artifacts will be installed manually or some other way and details will be in this file +CertificateManagement: cadi + +# When CertificateManagement is cadi, then this is where all the cadi properties will be. +# Note that the cadi properties include where the cert is, and the encrypted passwords to read. +cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props + +########################################################################################### +# When CertificateManagement is legacy, we need to provide more details about cert handling: +#CertificateManagement: legacy +# the type of keystore for https (for legacy CertificateManagment only) +#KeyStoreType: jks + +# path to the keystore file (for legacy CertificateManagment only) +#KeyStoreFile: etc/keystore + +# password for the https keystore (for legacy CertificateManagment only) +#KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF +# password for the private key in the https keystore (for legacy CertificateManagment only) +#KeyPassword: changeit + +# type of truststore for https (for legacy CertificateManagment only) +#TrustStoreType: jks + +# path to the truststore for https (for legacy CertificateManagment only) +#TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks + +# password for the https truststore (for legacy CertificateManagment only) +#TrustStorePassword: changeit +# +# END OF legacy CertificateManagement properties +########################################################################################### + + ##################################################### # # HTTP Server Configuration @@ -188,30 +254,24 @@ IntHttpPort: 8080 # set to 0 if no certificates are available. IntHttpsPort: 8443 -# external port number for https taking port mapping into account -ExtHttpsPort: 443 - -# the type of keystore for https -KeyStoreType: jks - -# path to the keystore file -KeyStoreFile: etc/keystore - -# password for the https keystore -KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF -# password for the private key in the https keystore -KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF -# type of truststore for https -TrustStoreType: jks - -# path to the truststore for https -TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks - -# password for the https truststore -TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* - -# path to the file used to trigger an orderly shutdown -QuiesceFile: etc/SHUTDOWN inHttpsPort: 0 + +##################################################### +# +# Deprecated +# +##################################################### +# csit: stubs out some southbound APIs for csit (deprecated) +#csit: No +# name of this DMaaP instance (deprecated) +#DmaapName: demo +# external port number for https taking port mapping into account (deprecated) +#ExtHttpsPort: 443 +# path to the file used to trigger an orderly shutdown (deprecated) +#QuiesceFile: etc/SHUTDOWN +# FQDN of DR Prov Server (deprecated) +#DR.provhost: dcae-drps.domain.not.set +# root of topic namespace (decrecated) +#topicNsRoot: org.onap.dcae.dmaap