DFC can handle multiple stream identifiers. For each stream identifier/feed combination the user must provide the\r
** stream identifier**, **feed name**, and **feed location**.\r
\r
-**Note!** The **feed name** provided should be used by the consumer/s to set up the subscription to the feed. \r
+**Note!** The **feed name** provided should be used by the consumer/s to set up the subscription to the feed.\r
\r
The **stream identifier** shall be defined as an item under the **streams_publishes** tag in the "**applicationConfig**"\r
-section. \r
+section.\r
\r
.. code-block:: yaml\r
\r
Under this tag the internal "**feed identifier**" for the feed shall also be added to get the\r
info about the feed substituted in by CBS (that's what the <<>> tags are for).\r
\r
-The **feed name** and **feed location** are defined as inputs for the user to provide in helm chart values.yaml. An example snapshot on default configuration is provided below. \r
+The **feed name** and **feed location** are defined as inputs for the user to provide in helm chart values.yaml. An example snapshot on default configuration is provided below.\r
\r
.. code-block:: yaml\r
- \r
+\r
# DataRouter Feed Configuration\r
drFeedConfig:\r
- feedName: bulk_pm_feed\r
feedVersion: "0.0"\r
asprClassification: unclassified\r
feedDescription: DFC Feed Creation\r
- \r
+\r
# DataRouter Publisher Configuration\r
drPubConfig:\r
- feedName: bulk_pm_feed\r
**StrictHostChecking** is a SSH connection option which prevents Man in the Middle (MitM) attacks. If it is enabled, client checks HostName and public key provided by server and compares it with keys stored locally. Only if matching entry is found, SSH connection can be established.\r
By default in DataFile Collector this option is enabled (true) and requires to provide known_hosts list to DFC container.\r
\r
-**Important: DFC requires public keys in sha-rsa KeyAlgorithm** \r
+**Important: DFC requires public keys in sha-rsa KeyAlgorithm**\r
\r
**Known_hosts file** is a list in following format:\r
\r
\r
<HostName/HostIP> <KeyAlgorithms> <Public Key>\r
\r
-e.g: \r
+e.g:\r
\r
.. code-block:: bash\r
\r
3. Mount newly created Config Map as Volume to DFC by editing DFC deployment. **DFC deployment contains 3 containers, pay attention to mount the file to the appropriate container.**\r
\r
.. code-block:: yaml\r
- \r
+\r
...\r
kind: Deployment\r
metadata:\r
Known_hosts file path can be controlled by Environment Variable *KNOWN_HOSTS_FILE_PATH*. Full (absolute) path has to be provided. Sample deployment with changed known_hosts file path can be seen below.\r
\r
.. code-block:: yaml\r
- \r
+\r
...\r
kind: Deployment\r
metadata:\r
spec:\r
containers:\r
- image: <DFC image>\r
- envs: \r
+ envs:\r
- name: KNOWN_HOSTS_FILE_PATH\r
value: /home/datafile/.ssh/new/path/<known_hosts file name, e.g. my_custom_keys>\r
...\r
\r
kubectl -n onap edit cm onap-dcae-dfc-known-hosts\r
\r
-To delete and create again Config Map execute: \r
+To delete and create again Config Map execute:\r
\r
.. code-block:: bash\r
\r
\r
**WARNING: such operation is not recommended as it decreases DFC security and exposes DFC to MitM attacks.**\r
\r
-.. code-block:: bash\r
+.. code-block:: yaml\r
\r
"sftp.security.strictHostKeyChecking": false\r
\r
----------------------\r
The TLS connection in the external interface is enabled by default. To disable TLS, use the following application property:\r
\r
-.. code-block:: bash\r
+.. code-block:: yaml\r
\r
"dmaap.certificateConfig.enableCertAuth": false\r
\r