X-Git-Url: https://gerrit.onap.org/r/gitweb?a=blobdiff_plain;f=kubernetes%2Fdmaap%2Fcomponents%2Fdmaap-bc%2Fresources%2Fconfig%2Fdmaapbc.properties;h=e13098bcf1342277f11be231fe5daa94ba5736e4;hb=ffd944b874af386000d157e58be0475561021340;hp=dc9298de650f48c12857335b5a9d4c4745c4354e;hpb=f22ae65d1f1fb3b27a082e57e466d7672c1c90d6;p=oom.git diff --git a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties index dc9298de65..e13098bcf1 100644 --- a/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties +++ b/kubernetes/dmaap/components/dmaap-bc/resources/config/dmaapbc.properties @@ -1,3 +1,4 @@ +{{/* # Copyright © 2018 AT&T, Amdocs, Bell Canada Intellectual Property. All rights reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -11,51 +12,51 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. - +*/}} ##################################################### # -# ONAP Casablanca oom configurable deployment params: +# Hooks for specific environment configurations # ##################################################### - +# Indicator for whether to use AAF for authentication +UseAAF: false ##################################################### # -# Hooks for specific environment configurations +# HTTP Server Configuration # ##################################################### -# Indicator for whether to use AAF -UseAAF: true -# csit: stubs out some southbound APIs for csit -csit: No +# Allow http access to dbcapi +HttpAllowed: true + +# listen to http port within this container (server) +IntHttpPort: 8080 -# name of this DMaaP instance (deprecated) -#DmaapName: demo +# listen to https port within this container (server) +# set to 0 if no certificates are available. +IntHttpsPort: 0 ##################################################### # # Settings for Southbound API: Datarouter # ##################################################### -# FQDN of DR Prov Server (deprecated) -#DR.provhost: dcae-drps.domain.not.set - # URI to retrieve dynamic DR configuration ProvisioningURI: /internal/prov # indicator for handling feed delete: # DeleteOnDR - means use the DR API to DELETE a feed. (default for backwards compatibility) -# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cfy environments. -Feed.deleteHandling: SimulateDelete +# SimulateDelete - means preserve the feed on DR (after cleaning it up), and mark as DELETED in DBCL. Better for cloudify environments. +Feed.deleteHandling: DeleteOnDR ##################################################### # # Settings for Soutbound API: Postgresql # ##################################################### -# flag indicates if we are using postgresql -UsePGSQL: {{ .Values.PG.enabled }} +# flag indicates if we are using postgresql or an in memory db +UsePGSQL: {{ .Values.usePostgres }} # postgres host name # Need to connect to PG primary service, designated by service.name2 @@ -63,13 +64,11 @@ DB.host: {{ .Values.postgres.service.name2 }} # postgres schema name #DB.schema: {{ .Values.postgres.config.pgDatabase }} - # postgres user name -#DB.user: {{ .Values.postgres.config.pgUserName }} +DB.user: ${PG_USER} # postgres user password -DB.cred: {{ .Values.postgres.config.pgUserPassword }} - +DB.cred: ${PG_PASSWORD} ##################################################### # @@ -82,136 +81,52 @@ DB.cred: {{ .Values.postgres.config.pgUserPassword }} MR.multisite: false # FQDN of primary message router. -# In ONAP Casablanca, there is only 1 message router service, so use that. -# In a multi-site, MR cluster deployment, use the CNAME DNS entry which resolves to the primary central MR +# In ONAP, there is only 1 message router service, so use that. MR.CentralCname: {{ .Values.dmaapMessageRouterService }} +# Indicator for whether we want hostname verification on SSL connection to MR +MR.hostnameVerify: false + # MR Client Delete Level thoroughness: # 0 = don't delete # 1 = delete from persistent store # 2 = delete from persistent store (DB) and authorization store (AAF) MR.ClientDeleteLevel: 1 -# namespace of MR Topic Factory -MR.TopicFactoryNS: org.onap.dmaap.mr.topicFactory - -# AAF Role assigned to Topic Manager Identity -MR.TopicMgrRole: org.onap.dmaap-bc-topic-mgr.client - -# MR topic ProjectID (used in certain topic name generation formats) -MR.projectID: mr - - -##################################################### -# -# Settings for Southbound API: CADI -# -##################################################### -# path to cadi.properties -cadi.properties: /opt/app/osaaf/local/org.onap.dmaap-bc.props - -##################################################### -# -# Settings for Southbound API: AAF proxy -# -##################################################### -# URL of the AAF server -aaf.URL: {{ .Values.aafURL }} - -# TopicMgr Identity -aaf.TopicMgrUser: {{ .Values.topicMgrUser }} - -# Password for TopicMgr identity -aaf.TopicMgrPassword: {{ .Values.topicMgrPwd }} - -# Buscontroller Admin Identity -aaf.AdminUser: {{ .Values.adminUser }} +# Use Basic Authentication when provisioning topics +MR.authentication: none -# Admin Password -aaf.AdminPassword: {{ .Values.adminPwd }} - -# Identity that is owner of any created namespaces for topics -aaf.NsOwnerIdentity: {{ .Values.adminUser }} - -# location of the codec keyfile used to decrypt passwords in this properties file before they are passed to AAF -CredentialCodeKeyfile: etc/LocalKey - -# this overrides the Class used for Decryption. -# This allows for a plugin encryption/decryption method if needed. -# Call this Class for decryption at runtime. -#AafDecryption.Class: com.company.proprietaryDecryptor - - -##################################################### -# -# Settings for authorization of DBCAPI -# -##################################################### -# Namespace for URI values for the API used to create AAF permissions -# e.g. if ApiNamespace is X.Y.dmaapbc.api then for URI /mr_clients we create AAF perm X.Y.dmaapbc.api.mr_clients -ApiNamespace: org.onap.dmaap-bc.api - -# If API authorization is required, then implement a class to enforce it. -# This overrides the Class used for API permission check. ApiPermission.Class: org.onap.dmaap.dbcapi.authentication.AllowAll - -##################################################### # -# Settings for Southbound API: MirrorMaker provisioning -# -##################################################### -# AAF Role of client publishing MM prov cmds -MM.ProvRole: org.onap.dmaap-bc-mm-prov.prov - -# AAF identity when publishing MM prov cmds -MM.ProvUserMechId: dmaap-bc-mm-prov@dmaap-bc-mm-prov.onap.org - -# pwd for Identity used to publish MM prov cmds -MM.ProvUserPwd: demo123456! - -# AAF Role of MirrorMaker agent subscribed to prov cmds -MM.AgentRole: org.onal.dmaap-bc-mm-prov.agent +# end of MR Related Properties +################################################################################ ##################################################### # -# HTTP Server Configuration +# Certificate Management # ##################################################### +# When CertificateManagement is legacy, we need to provide more details about cert handling: +#CertificateManagement: legacy +# the type of keystore for https (for legacy CertificateManagment only) +#KeyStoreType: jks -# Allow http access to dbcapi -HttpAllowed: true - -# listen to http port within this container (server) -IntHttpPort: 8080 - -# listen to https port within this container (server) -# set to 0 if no certificates are available. -IntHttpsPort: 8443 - -# external port number for https taking port mapping into account -ExtHttpsPort: 443 - -# the type of keystore for https -KeyStoreType: jks +# path to the keystore file (for legacy CertificateManagment only) +#KeyStoreFile: etc/keystore -# path to the keystore file -KeyStoreFile: etc/keystore +# password for the https keystore (for legacy CertificateManagment only) +#KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF +# password for the private key in the https keystore (for legacy CertificateManagment only) +#KeyPassword: changeit -# password for the https keystore -KeyStorePassword: Y@Y5f&gm?PAz,CVQL,lk[VAF -# password for the private key in the https keystore -KeyPassword: Y@Y5f&gm?PAz,CVQL,lk[VAF +# type of truststore for https (for legacy CertificateManagment only) +#TrustStoreType: jks -# type of truststore for https -TrustStoreType: jks +# path to the truststore for https (for legacy CertificateManagment only) +#TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks -# path to the truststore for https -TrustStoreFile: etc/org.onap.dmaap-bc.trust.jks - -# password for the https truststore -TrustStorePassword: 8b&R5%l$l:@jSWz@FCs;rhY* - -# path to the file used to trigger an orderly shutdown -QuiesceFile: etc/SHUTDOWN - -inHttpsPort: 0 +# password for the https truststore (for legacy CertificateManagment only) +#TrustStorePassword: changeit +# +# END OF legacy CertificateManagement properties +##########################################################################################