Update AAI setup

This change includes instructions to setup a development
environment for a AAI project provided in the wiki entry:

* https://wiki.onap.org/pages/viewpage.action?pageId=10782088

Change-Id: I1e60d6cc1d2fd12c56990aded6f385f11dca5b9c
Signed-off-by: Victor Morales <victor.morales@intel.com>

diff --git a/bootstrap/vagrant-onap/lib/aai b/bootstrap/vagrant-onap/lib/aai
index d048c2b..336a446 100755 (executable)
--- a/bootstrap/vagrant-onap/lib/aai
+++ b/bootstrap/vagrant-onap/lib/aai
@@ -6,25 +6,88 @@ source /var/onap/functions
 source /var/onap/asserts
 
 hbase_version=1.2.3
+src_folder=$git_src_folder/aai
+aai_repos=("aai-common" "aai-config" "aai-data" "aai-service" "data-router" "logging-service" "model-loader" "resources" "rest-client" "router-core" "search-data-service" "sparky-be" "sparky-fe" "test-config" "traversal")
+
+# install_hadoop() - Function that installs Hadoop
+function install_hadoop {
+    local release=titan
+    local version=1.0.0
+    local filename=$release-$version-hadoop1
+    local dest_folder=/opt/hadoop/current
+
+    if [ ! -d $dest_folder ]; then
+        curl http://s3.thinkaurelius.com/downloads/$release/$filename.zip -o /tmp/${filename}.zip
+        install_package unzip
+        mkdir -p $dest_folder
+        unzip /tmp/${filename}.zip -d $dest_folder
+        pushd $dest_folder/${filename}
+        ./bin/titan.sh start
+        popd
+    fi
+}
+
+# install_haproxy() - Function that install HAProxy
+function install_haproxy {
+    install_package haproxy
+    sed -i "s|ENABLED=0|ENABLED=1|g" /etc/default/haproxy
+#    cp /var/onap/files/haproxy.cfg /etc/haproxy/
+    cp /var/onap/files/aai.pem /etc/ssl/private/
+    chmod 640 /etc/ssl/private/aai.pem
+    chown root:ssl-cert /etc/ssl/private/aai.pem
+    mkdir /usr/local/etc/haproxy
+    echo "127.0.0.1 localhost aai-traversal.api.simpledemo.openecomp.org aai-resources.api.simpledemo.openecomp.org" >> /etc/hosts
+
+    service haproxy restart
+}
 
 # clone_all_aai_repos() - Function that clones AAI source repo.
 function clone_all_aai_repos {
-    local src_folder=/opt/aai
-
-    for dirc in aai-common aai-config aai-data aai-service data-router logging-service model-loader resources rest-client router-core search-data-service sparky-be sparky-fe test-config traversal; do
+    for dirc in ${aai_repos[@]}; do
         clone_repo aai/$dirc $src_folder/$dirc
     done
 }
 
-# compile_all_aai_repos() - Function that compiles AAI source repo.
-function compile_all_aai_repos {
-    local src_folder=/opt/aai
+# compile_aai_repos() - Function that compiles AAI source repo.
+function compile_aai_repos {
+    local repos=("aai-common" "resources" "logging-service" "traversal")
+    if [[ "$compile_repo" == "True" ]]; then
+        repos=aai_repos
+    fi
 
-    for dirc in aai-common aai-config aai-data aai-service data-router logging-service model-loader resources rest-client router-core search-data-service sparky-be sparky-fe test-config traversal; do
+    for dirc in ${repos[@]}; do
         compile_src $src_folder/$dirc
     done
 }
 
+# setup_titan() - Function that configures AAI services to connect to Hadoop Titan
+function setup_titan {
+    local $subdirectory=bundleconfig-local/etc/appprops
+    install_python_package crudini
+
+    for dirc in resources/aai-resources traversal/aai-travers; do
+        for file in titan-cached.properties titan-realtime.properties; do
+            crudini --set --existing $src_folder/$dirc/$subdirectory/$file "" storage.backend cassandra
+            crudini --set --existing $src_folder/$dirc/$subdirectory/$file "" storage.hostname localhost
+        done
+    done
+
+    # Addthe schema to the local isntance
+    pushd $src_folder
+    java -DAJSC_HOME=$src_folder/resources/aai-resources -DBUNDLECONFIG_DIR="bundleconfig-local" -cp aai-common/aai-core/target/aai-core-1.1.0-SNAPSHOT.jar:resources/aai-resources/target/aai-resources.jar:resources/aai-resources/target/userjars/* org.openecomp.aai.dbgen.GenTester
+    popd
+}
+
+# start_aai_microservices() - Function that starts AAI microservices
+function start_aai_microservices {
+    MAVEN_OPTS="-Xms1024m -Xmx5120m -XX:PermSize=2024m -Xdebug -Xnoagent -Djava.compiler=NONE -Xrunjdwp:transport=dt_socket,address=9446,server=y,suspend=n"
+    for svc in resources traversal; do
+        pushd $src_folder/resources
+        mvn -P runAjsc
+        popd
+    done
+}
+
 # pull_hbase_image() - Pull HBase container image from a Docker Registry Hub
 function pull_hbase_image {
     docker_openecomp_login
@@ -109,13 +172,17 @@ function wait_for_sdc {
 
 # init_aai() - Function that initialize AAI services
 function init_aai {
-    mkdir -p /opt/openecomp/aai/logs
-    mkdir -p /opt/openecomp/aai/data
+    install_hadoop
+    install_haproxy
 
     clone_all_aai_repos
-    if [[ "$compile_repo" == "True" ]]; then
-        compile_all_aai_repos
-    fi
+    compile_aai_repos
+
+    setup_titan
+    start_aai_microservices
+
+    mkdir -p /opt/openecomp/aai/logs
+    mkdir -p /opt/openecomp/aai/data
 
     install_hbase
 

diff --git a/bootstrap/vagrant-onap/lib/files/aai.pem b/bootstrap/vagrant-onap/lib/files/aai.pem
new file mode 100644 (file)
index 0000000..d446705
--- /dev/null
+++ b/bootstrap/vagrant-onap/lib/files/aai.pem
@@ -0,0 +1,102 @@
+Bag Attributes
+    friendlyName: aaiopenecomp
+    localKeyID: 54 69 6D 65 20 31 34 39 35 35 31 32 38 30 33 36 34 39 
+subject=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=SimpleDemo/CN=aai.api.simpledemo.openecomp.org/emailAddress=aai-host@api.simpledemo.openecomp.org
+issuer=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Server CA X1/emailAddress=simpledemo@openecomp.org
+-----BEGIN CERTIFICATE-----
+MIIEiTCCA3GgAwIBAgIJAIPKfDLcn3MpMA0GCSqGSIb3DQEBCwUAMIGtMQswCQYD
+VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV
+BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzEqMCgGA1UEAwwhT3Bl
+bkVDT01QIHNpbXBsZWRlbW8gU2VydmVyIENBIFgxMScwJQYJKoZIhvcNAQkBFhhz
+aW1wbGVkZW1vQG9wZW5lY29tcC5vcmcwHhcNMTYxMTMwMTUzODM5WhcNMTcxMTMw
+MTUzODM5WjCBuTELMAkGA1UEBhMCVVMxCzAJBgNVBAgMAk5KMRMwEQYDVQQHDApC
+ZWRtaW5zdGVyMRIwEAYDVQQKDAlPcGVuRUNPTVAxEzARBgNVBAsMClNpbXBsZURl
+bW8xKTAnBgNVBAMMIGFhaS5hcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAub3JnMTQw
+MgYJKoZIhvcNAQkBFiVhYWktaG9zdEBhcGkuc2ltcGxlZGVtby5vcGVuZWNvbXAu
+b3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQrQl8A0rT0Jjlos
+Mr/7LEhT5UOif4GGPOk+3NCIxT3lOqAbUf+d9ZXyT2jWFRiKWua03vQ+Dxc8c2h2
+RRuH8LwEiOiWqPjWRxNqsARzZMI3ryHFCFBZh0FcpjH9kEeKVlLDYuV68k+ZucKd
+NiqUNn61lD7kbmEGwvzKwf91FrJ09+CBMx1OnWKm3gCNKDqAEFMZCOdn2MgesJYB
+/03lzPBS1jDfBXImXRcTBzpgA+wdCLn0cIQ1eLWUwS5tUqUJNh36nHdVyJ0P2Yjd
+JLuxhFcmBKOz1ShyyO+BBtKBO8EGbU6qKflOiwOw0Fsn8LjKcrHQ58NPui5y04BU
+Rypf3QIDAQABo4GdMIGaMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgO4MB0G
+A1UdDgQWBBQyMUOsE2J+CKzK0qd8KFBD2gaWyjBbBgNVHSAEVDBSMFAGBFUdIAAw
+SDBGBggrBgEFBQcCAjA6GjhLZWVwIGF3YXkgZnJvbSBjaGlsZHJlbi4gIFRoaXMg
+Y2VydGlmaWNhdGUgaXMgbm90IGEgdG95LjANBgkqhkiG9w0BAQsFAAOCAQEAnkoy
+2tWJOyyyIQwtVojUxv1GWQPnw3WCUcKpuX4CJhHXLxNErW1fBg7bmo08BNmBPPpq
+WrJsy5lbBgUo9kgpViux5Stfy1rRIRsRLfl/icgCvJmUAxkmRCZL7yUvwG4K7s+8
+DwT+nW/XuWNP6Hd/qHccexB6COJ8KwvTdVoxAkCdX8qw4MCb/f7Kb1yle/vwBM5Q
+UUONCJ4bEns1vnb9DGlNDUJNwCfwORAaVJpVS38Mv4UnSTmb2KMePtCWcx/dNsYR
+2XrSGqLDnTvHwOpyhbfFTmackysGoSuDytORXy8YbwEiF13BwEK8i3rgNN0Z2ojf
+cpmE2xxmaa+A2uuN6g==
+-----END CERTIFICATE-----
+Bag Attributes
+    friendlyName: root
+    2.16.840.1.113894.746875.1.1: <Unsupported tag 6>
+subject=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Server CA X1/emailAddress=simpledemo@openecomp.org
+issuer=/C=US/ST=NJ/L=Bedminster/O=OpenECOMP/OU=simpledemo/CN=OpenECOMP simpledemo Root Certification Authority/emailAddress=simpledemo@openecomp.org
+-----BEGIN CERTIFICATE-----
+MIIFpTCCA42gAwIBAgIJAJqx8dKnCZZoMA0GCSqGSIb3DQEBCwUAMIG9MQswCQYD
+VQQGEwJVUzELMAkGA1UECAwCTkoxEzARBgNVBAcMCkJlZG1pbnN0ZXIxEjAQBgNV
+BAoMCU9wZW5FQ09NUDETMBEGA1UECwwKc2ltcGxlZGVtbzE6MDgGA1UEAwwxT3Bl
+bkVDT01QIHNpbXBsZWRlbW8gUm9vdCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTEn
+MCUGCSqGSIb3DQEJARYYc2ltcGxlZGVtb0BvcGVuZWNvbXAub3JnMB4XDTE2MTEy
+ODIxMTQyNloXDTIxMTEyNzIxMTQyNlowga0xCzAJBgNVBAYTAlVTMQswCQYDVQQI
+DAJOSjETMBEGA1UEBwwKQmVkbWluc3RlcjESMBAGA1UECgwJT3BlbkVDT01QMRMw
+EQYDVQQLDApzaW1wbGVkZW1vMSowKAYDVQQDDCFPcGVuRUNPTVAgc2ltcGxlZGVt
+byBTZXJ2ZXIgQ0EgWDExJzAlBgkqhkiG9w0BCQEWGHNpbXBsZWRlbW9Ab3BlbmVj
+b21wLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALr4rivKQuRk
+YNf5Ig40e1nqj6s6LB1vgMOYbKfRziOFpPcUpsHPOhusHowiUsrU1vdFSzPz6Ej7
+PjlmNSg2Qka8YCn9kd6QgM7U0KcPJvIucBp+qjifH3EvP0jgDPhDeVRYxzV454dv
+5kQ9uCpswJP7YAnX51dkWeH8nwPUoagt31bOl9LXENSrgxEThxdLYMJnQJWk2CmV
+otXM4tT1dxyJxFUrZ6uJCEAYw5VtlplqihHf8lHy+sWQavtsLz/4dc+sGeXSTfoI
+voKvoh3uZ5gEhGV8yfJxk1veX5y5/AxP80vQ+smWYjTnQL5QQ57y4bciez4XVBmQ
+SWimWtOi4e8CAwEAAaOBtTCBsjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
+AwIBhjAdBgNVHQ4EFgQUTqdsYgGNGubdJHq9tsaJhM9HE5wwcAYDVR0gBGkwZzBl
+BgRVHSAAMF0wWwYIKwYBBQUHAgIwTxpNSWYgeW91IHRydXN0IHRoaXMgY2VydCB0
+aGVuIHdlIGhhdmUgYSBicmlkZ2UgdGhhdCB5b3UgbWlnaHQgYmUgaW50ZXJlc3Rl
+ZCBpbi4wDQYJKoZIhvcNAQELBQADggIBAKNNlRqFuE/JgV1BHyYK0xoSXH4aZP/7
+IoHtDVcSaZAOOuFOUrwVMUbzRBebbb6RpFwt/X+NLFUGysd+XNLF7W7lzxKtmFNX
+n4OpNkBe0y5O7yurus8rERHzu3jiOSgVo+WzDlGpYSRnG3hI2qPWqD+Puzx/WwI8
+XUTuzEQQ3gUSyVFfXHpay3VpYmLZiLJ9WKY5SDw7Ie6Sxrju4Qm1HwnFY8wHZGcs
+2KMQzorJ1ZNQf523yUTghbT0rKaSFaD8zugPtI2ONfFG/QgrkQXo78opzPsHnHwa
+SxGSiAgeLbwAUCvPNl27zr6k6+7TcNjV0VUivAs0OG3VEAdgi7UWYB+30KfWwHwE
+zGmvd4IAGqIqlqLcSVArN5z8JK1B5nfjQn5UrclU1vK+dnuiKE2X4rKuBTRYRFR/
+km+mj4koYFPKFHndmJl1uv2OCJK9l5CSIuKWeI1qv8BASKqgNdoT/SKBXqxgYlCb
+o+j4IDjxrxChRO+e5vl9lA7INfRrbljCkUjfLRa+v2q9tWQ3+EQUwwnSrSfihh2T
+j0Tksr6b8dDsvMlCdOKG1B+JPcEXORSFKNXVTEfjqpJG8s16kFAocWt3S6xO0k1t
+qbQp+3tWQgW2TGnX0rMZzB6NGRNfWhlYmq2zHgXkiCIZ26Ztgt/LNbwEvN3+VlLo
+z/Rd+SKtlrfb
+-----END CERTIFICATE-----
+Bag Attributes
+    friendlyName: aaiopenecomp
+    localKeyID: 54 69 6D 65 20 31 34 39 35 35 31 32 38 30 33 36 34 39 
+Key Attributes: <No Attributes>
+-----BEGIN PRIVATE KEY-----
+MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDBCtCXwDStPQmO
+Wiwyv/ssSFPlQ6J/gYY86T7c0IjFPeU6oBtR/531lfJPaNYVGIpa5rTe9D4PFzxz
+aHZFG4fwvASI6Jao+NZHE2qwBHNkwjevIcUIUFmHQVymMf2QR4pWUsNi5XryT5m5
+wp02KpQ2frWUPuRuYQbC/MrB/3UWsnT34IEzHU6dYqbeAI0oOoAQUxkI52fYyB6w
+lgH/TeXM8FLWMN8FciZdFxMHOmAD7B0IufRwhDV4tZTBLm1SpQk2Hfqcd1XInQ/Z
+iN0ku7GEVyYEo7PVKHLI74EG0oE7wQZtTqop+U6LA7DQWyfwuMpysdDnw0+6LnLT
+gFRHKl/dAgMBAAECggEBAJko2HkeIW01mUhdWOXnFgR7WjzzXZEmlffr41lVBr7f
+rejGsQZs9cms73R7rCdOsi8PDoA6bqaQfADg571K659fvYVWbHqh+3im+iWvUlKm
+GYIVG/vNrEq43CZsUU7Qw/xba/QiOFraNxCATTV1sORPwgddouXEi5XW9ZPX9/FJ
+wORx4L/K0DfHX1rr+rtOoHCJdZYhn3Ij87kmR8Mwg0fNeWhHqtxUEyM/itRjCvOe
+mgt2V8DORhmq12L4+5QJctBrkBVRp9Rh6YSZZBGnKbTSgf4q648BdkJDLSK4cguT
+D6BAw3gxj5V4wt5W0wn2JpjadFwnixrTzvMP/yAqfK0CgYEA93nBAoUPw8nzQkwk
+8iWBjfJ999Rw92hnnvk3xbcQcGfgUYuB4dxwe6FQTmFIVylt81er1YUvMb3ao7fo
+5ZcGnI5p1idjsd27kbZJLxb5Oh919hKu5IfkfYsVgnC0UdKCTgH5CaH0U4ATuXwt
+RL6qm0XcLALs5y2OO6z3s+mYhisCgYEAx7EQ8MA45bkXnRQiHBhGcIIcr2sRDfVJ
+OhHmGxx3EcYgtsIYKTqtQOyIt/nQxo6iyNL9bzfzBTybFJLuj63ZG1Ef4LosJedl
+eAU2NsKv5MlKYDSdNbLAJ0Op9I2Xu/pXQecPwY/3MkIQArdQCLevMLEGywCsuJTn
+BjkJNDkb9hcCgYAhoFiaiAwJVYKJSqFmibQd3opBR4uGApi54DE021gPff3b9rHS
+R8q88cFgtRVISqfW/d2qaKtt/dcckdvCfo/2a99zqux/+ZoIBZXSITQCMs4rfoRn
+JxPj/ycQD1JhH9J22QvGxEvXoLqNZJMeGS5DZO2yyT75dpYyA6Gwv5fq+wKBgQC5
+AhV917lfLELyZurLOLpaFlHZO8rLMcusH1UfHRo7v2IjsGOOHyzRD9QDD1IcA55R
+jRj8Z8uhuGq9fvvC5gBVTK3KGPI6E85wifOWfH1V7CAaTeSxEXDxb8EQL/a6U89v
+4VE5tdYCHC6VNZzS1staw0hV38QmJt57Z3Bdj+OV9QKBgE/b9fxpo+SVQ37BzNNY
+SEKTTijaddz8fdomApg6a2eFJL93Ej/op7N7gnHtPWMivPnRRza9ZjfnG+aZ7n2J
+sWyBiZK9xliS2TsF3l3q9Z0Vaq3i1nOlV7Bd20ZS8KjQjDtKnIRfLkQDkvmXbU5L
+emwkdsQZbpPFJch3mCGtI7JW
+-----END PRIVATE KEY-----

diff --git a/bootstrap/vagrant-onap/lib/files/haproxy.cfg b/bootstrap/vagrant-onap/lib/files/haproxy.cfg
new file mode 100644 (file)
index 0000000..9ee24e6
--- /dev/null
+++ b/bootstrap/vagrant-onap/lib/files/haproxy.cfg
@@ -0,0 +1,120 @@
+global
+        log /dev/log    local0
+        stats socket /usr/local/etc/haproxy/haproxy.socket mode 660 level admin
+        stats timeout 30s
+        user root
+        group root
+        daemon
+        #################################
+        # Default SSL material locations#
+        #################################
+        ca-base /etc/ssl/certs
+        crt-base /etc/ssl/private
+
+        # Default ciphers to use on SSL-enabled listening sockets.
+        # For more information, see ciphers(1SSL). This list is from:
+        # https://hynek.me/articles/hardening-your-web-servers-ssl-ciphers/
+        # An alternative list with additional directives can be obtained from
+        # https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=haproxy
+        tune.ssl.default-dh-param 2048
+
+defaults
+        log     global
+        mode    http
+        option  httplog
+#       option  dontlognull
+#       errorfile 400 /etc/haproxy/errors/400.http
+#       errorfile 403 /etc/haproxy/errors/403.http
+#       errorfile 408 /etc/haproxy/errors/408.http
+#       errorfile 500 /etc/haproxy/errors/500.http
+#       errorfile 502 /etc/haproxy/errors/502.http
+#       errorfile 503 /etc/haproxy/errors/503.http
+#       errorfile 504 /etc/haproxy/errors/504.http
+
+        option  http-server-close
+        option forwardfor except 127.0.0.1
+        retries 6
+        option redispatch
+        maxconn 50000
+        timeout connect 50000
+        timeout client  480000
+        timeout server  480000
+        timeout http-keep-alive 30000
+
+
+frontend IST_8443
+        mode http
+        bind 0.0.0.0:8443 name https ssl crt /etc/ssl/private/aai.pem 
+#       log-format %ci:%cp\ [%t]\ %ft\ %b/%s\ %Tq/%Tw/%Tc/%Tr/%Tt\ %ST\ %B\ %CC\ %CS\ %tsc\ %ac/%fc/%bc/%sc/%rc\ %sq/%bq\ %hr\ %hs\ {%[ssl_c_verify],%{+Q}[ssl_c_s_dn],%{+Q}[ssl_c_i_dn]}\ %{+Q}r
+        log-format "%ci:%cp [%tr] %ft %b/%s %TR/%Tw/%Tc/%Tr/%Ta %ST %B %CC \ %CS %tsc %ac/%fc/%bc/%sc/%rc %sq/%bq %hr %hs %{+Q}r"
+        option httplog
+        log global
+        option logasap
+        option forwardfor
+        capture request header  Host len 100
+        capture response header Host len 100
+        option log-separate-errors
+        option forwardfor
+        http-request set-header X-Forwarded-Proto https if { ssl_fc }
+        http-request set-header X-AAI-Client-SSL TRUE if { ssl_c_used }
+        http-request set-header X-AAI-SSL                       %[ssl_fc]
+        http-request set-header X-AAI-SSL-Client-Verify         %[ssl_c_verify]
+        http-request set-header X-AAI-SSL-Client-DN             %{+Q}[ssl_c_s_dn]
+        http-request set-header X-AAI-SSL-Client-CN             %{+Q}[ssl_c_s_dn(cn)]
+        http-request set-header X-AAI-SSL-Issuer                %{+Q}[ssl_c_i_dn]
+        http-request set-header X-AAI-SSL-Client-NotBefore      %{+Q}[ssl_c_notbefore]
+        http-request set-header X-AAI-SSL-Client-NotAfter       %{+Q}[ssl_c_notafter]
+        http-request set-header X-AAI-SSL-ClientCert-Base64   %{+Q}[ssl_c_der,base64]
+        http-request set-header X-AAI-SSL-Client-OU             %{+Q}[ssl_c_s_dn(OU)]
+        http-request set-header X-AAI-SSL-Client-L              %{+Q}[ssl_c_s_dn(L)]
+        http-request set-header X-AAI-SSL-Client-ST             %{+Q}[ssl_c_s_dn(ST)]
+        http-request set-header X-AAI-SSL-Client-C              %{+Q}[ssl_c_s_dn(C)]
+        http-request set-header X-AAI-SSL-Client-O              %{+Q}[ssl_c_s_dn(O)]
+        reqadd X-Forwarded-Proto:\ https
+        reqadd X-Forwarded-Port:\ 8443
+
+#######################
+#ACLS FOR PORT 8446####
+#######################
+
+        acl is_Port_8446_generic path_reg -i ^/aai/v[0-9]+/search/generic-query$
+        acl is_Port_8446_nodes path_reg -i ^/aai/v[0-9]+/search/nodes-query$
+        acl is_Port_8446_version path_reg -i ^/aai/v[0-9]+/query$
+        acl is_named-query path_beg -i /aai/search/named-query
+        acl is_search-model path_beg -i /aai/search/model
+        use_backend IST_AAI_8446 if is_Port_8446_generic or is_Port_8446_nodes or is_Port_8446_version or is_named-query or is_search-model
+
+        default_backend IST_Default_8447
+
+
+#######################
+#DEFAULT BACKEND 847###
+#######################
+
+backend IST_Default_8447
+        balance roundrobin
+        http-request set-header X-Forwarded-Port %[src_port]
+        http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+        server aai-resources.api.simpledemo.openecomp.org  aai-resources.api.simpledemo.openecomp.org:8447  port 8447 ssl verify none
+
+#######################
+# BACKEND 8446#########
+#######################
+
+backend IST_AAI_8446
+        balance roundrobin
+        http-request set-header X-Forwarded-Port %[src_port]
+        http-response set-header Strict-Transport-Security max-age=16000000;\ includeSubDomains;\ preload;
+        server aai-traversal.api.simpledemo.openecomp.org aai-traversal.api.simpledemo.openecomp.org:8446  port 8446 ssl verify none
+
+listen IST_AAI_STATS
+        mode http
+        bind *:8080
+        stats uri /stats
+        stats enable
+        stats refresh 30s
+        stats hide-version
+        stats auth admin:admin
+        stats show-legends
+        stats show-desc IST AAI APPLICATION NODES
+        stats admin if TRUE

diff --git a/bootstrap/vagrant-onap/lib/files/settings.template b/bootstrap/vagrant-onap/lib/files/settings.template
index 3b974c9..f441f95 100644 (file)
--- a/bootstrap/vagrant-onap/lib/files/settings.template
+++ b/bootstrap/vagrant-onap/lib/files/settings.template
@@ -1,7 +1,6 @@
 <settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
           xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
-
   <!-- offline
    | Determines whether maven should attempt to connect to the network when executing a build.
    | This will have an effect on artifact downloads, artifact deployment, and others.
@@ -29,7 +28,6 @@
    | repository, to be used as an alternate download site. The mirror site will be the preferred
    | server for that repository.
    |-->
-
   <!-- profiles
    | This is a list of profiles which can be activated in a variety of ways, and which can modify
    | the build process. Profiles provided in the settings.xml are intended to provide local machine-
@@ -51,17 +49,18 @@
    |       variables for plugins in the POM.
    |
    |-->
-
-
-
-  
-  
   <profiles>
       <profile>
-          
+          <id>00_maven</id>
+          <repositories>
+              <repository>
+                  <id>00_maven</id>
+                  <url>https://maven.restlet.com</url>
+              </repository>
+          </repositories>
+      </profile>
+      <profile>
           <id>10_nexus</id>
-          <!--Enable snapshots for the built in central repo to direct -->
-          <!--all requests to nexus via the mirror -->
           <repositories>
               <repository>
                   <id>10_nexus</id>
@@ -70,7 +69,6 @@
                   <snapshots><enabled>true</enabled></snapshots>
               </repository>
           </repositories>
-          
           <pluginRepositories>
               <pluginRepository>
                   <id>10_nexus</id>
@@ -79,7 +77,6 @@
                   <snapshots><enabled>true</enabled></snapshots>
               </pluginRepository>
           </pluginRepositories>
-          
       </profile>
       <profile>
           <id>20_openecomp-public</id>
@@ -174,7 +171,6 @@
               </pluginRepository>
           </pluginRepositories>
       </profile>
-      
       <profile>
           <id>50_openecomp-snapshots</id>
           <repositories>
@@ -235,7 +231,6 @@
               </pluginRepository>
           </pluginRepositories>
       </profile>
-      
       <profile>
           <id>70_opendaylight-snapshots</id>
           <repositories>
@@ -266,8 +261,8 @@
           </pluginRepositories>
       </profile>
   </profiles>
-  
   <activeProfiles>
+      <activeProfile>00_maven</activeProfile>
       <activeProfile>10_nexus</activeProfile>
       <activeProfile>20_openecomp-public</activeProfile>
       <activeProfile>30_openecomp-staging</activeProfile>
@@ -275,7 +270,5 @@
       <activeProfile>50_openecomp-snapshots</activeProfile>
       <activeProfile>60_opendaylight-release</activeProfile>
       <activeProfile>70_opendaylight-snapshots</activeProfile>
-
   </activeProfiles>
-  
 </settings>

diff --git a/bootstrap/vagrant-onap/lib/functions b/bootstrap/vagrant-onap/lib/functions
index a2bb98e..7e6ff2e 100755 (executable)
--- a/bootstrap/vagrant-onap/lib/functions
+++ b/bootstrap/vagrant-onap/lib/functions
@@ -62,8 +62,6 @@ function clone_repo {
 function install_dev_tools {
     install_package apt-transport-https
     install_package ca-certificates
-    # ca-certificates-java is not a dependency in the Oracle JDK/JRE so this must be explicitly installed.
-    /var/lib/dpkg/info/ca-certificates-java.postinst configure
     install_package curl
 }
 
@@ -78,6 +76,8 @@ function install_java {
     install_package software-properties-common
     add-apt-repository -y ppa:openjdk-r/ppa
     install_package openjdk-8-jdk
+    # ca-certificates-java is not a dependency in the Oracle JDK/JRE so this must be explicitly installed.
+    /var/lib/dpkg/info/ca-certificates-java.postinst configure
 }
 
 # install_maven() - Install maven binaries