From f30d5c2d6c1102c5f4ccf285444ffe6aafed6bba Mon Sep 17 00:00:00 2001 From: Jorge Hernandez Date: Wed, 12 Sep 2018 07:30:36 -0500 Subject: [PATCH] use https for healthchecks and vfw script Change-Id: I98f1bd5a354802ebf4be2356b97ec1bbdecce116 Signed-off-by: Jorge Hernandez Issue-ID: POLICY-1111 --- .../config/consul-agent-config/policy-health.json | 12 ++++++------ .../drools/resources/scripts/update-vfw-op-policy.sh | 16 ++++++++-------- .../eteshare/config/integration_robot_properties.py | 2 +- 3 files changed, 15 insertions(+), 15 deletions(-) diff --git a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json index 22d135b6dd..62a6f31223 100644 --- a/kubernetes/consul/resources/config/consul-agent-config/policy-health.json +++ b/kubernetes/consul/resources/config/consul-agent-config/policy-health.json @@ -12,7 +12,7 @@ { "id": "policy-nexus-local-status", "name": "Policy Nexus Local Status", - "http": "http://nexus:8081/nexus/service/local/status?pretty", + "http": "http://nexus:8081/nexus/service/local/status", "method": "GET", "header": { "Authorization": ["Basic YWRtaW46YWRtaW4xMjM="], @@ -27,7 +27,7 @@ { "id": "policy-nexus-internal-metrics", "name": "Policy Nexus Internal Metrics", - "http": "http://nexus:8081/nexus/internal/metrics?pretty", + "http": "http://nexus:8081/nexus/internal/metrics", "method": "GET", "header": { "Authorization": ["Basic YWRtaW46YWRtaW4xMjM="], @@ -42,7 +42,7 @@ { "id": "policy-nexus-internal-healthcheck", "name": "Policy Nexus Internal Healthcheck", - "http": "http://nexus:8081/nexus/internal/healthcheck?pretty", + "http": "http://nexus:8081/nexus/internal/healthcheck", "method": "GET", "header": { "Authorization": ["Basic YWRtaW46YWRtaW4xMjM="], @@ -64,7 +64,7 @@ { "id": "drools", "name": "Drools Health Check", - "http": "http://drools:6969/healthcheck?pretty", + "http": "https://drools:6969/healthcheck", "method": "GET", "header": { "Authorization": ["Basic aGVhbHRoY2hlY2s6emIhWHp0RzM0"], @@ -79,7 +79,7 @@ { "id": "pap", "name": "PAP Health Check", - "http": "http://pap:9091/pap/test?pretty", + "http": "https://pap:9091/pap/test", "method": "GET", "header": { "Authorization": ["Basic dGVzdHBhcDphbHBoYTEyMw=="], @@ -94,7 +94,7 @@ { "id": "pdp", "name": "PDP Health Check", - "http": "http://pdp:8081/pdp/test?pretty", + "http": "https://pdp:8081/pdp/test", "method": "GET", "header": { "Authorization": ["Basic dGVzdHBkcDphbHBoYTEyMw=="], diff --git a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh index a6c054dbc1..c44c8f0f52 100644 --- a/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh +++ b/kubernetes/policy/charts/drools/resources/scripts/update-vfw-op-policy.sh @@ -30,12 +30,12 @@ echo "Removing the vFW Policy from PDP.." echo echo -curl -v -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ +curl -v -k -X DELETE --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", "policyComponent" : "PDP", "policyName": "com.BRMSParamvFirewall", "policyType": "BRMS_Param" -}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy +}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/deletePolicy sleep 20 @@ -45,7 +45,7 @@ echo echo "Updating vFW Operational Policy .." echo -curl -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ +curl -v -k -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "policyConfigType": "BRMS_PARAM", "policyName": "com.BRMSParamvFirewall", "policyDescription": "BRMS Param vFirewall policy", @@ -60,7 +60,7 @@ curl -v -X PUT --header 'Content-Type: application/json' --header 'Accept: text/ "controlLoopYaml": "controlLoop%3A%0D%0A++version%3A+2.0.0%0D%0A++controlLoopName%3A+ControlLoop-vFirewall-d0a1dfc6-94f5-4fd4-a5b5-4630b438850a%0D%0A++trigger_policy%3A+unique-policy-id-1-modifyConfig%0D%0A++timeout%3A+1200%0D%0A++abatement%3A+false%0D%0A+%0D%0Apolicies%3A%0D%0A++-+id%3A+unique-policy-id-1-modifyConfig%0D%0A++++name%3A+modify+packet+gen+config%0D%0A++++description%3A%0D%0A++++actor%3A+APPC%0D%0A++++recipe%3A+ModifyConfig%0D%0A++++target%3A%0D%0A++++++%23+TBD+-+Cannot+be+known+until+instantiation+is+done%0D%0A++++++resourceID%3A+'${RESOURCE_ID}'%0D%0A++++++type%3A+VNF%0D%0A++++retry%3A+0%0D%0A++++timeout%3A+300%0D%0A++++success%3A+final_success%0D%0A++++failure%3A+final_failure%0D%0A++++failure_timeout%3A+final_failure_timeout%0D%0A++++failure_retries%3A+final_failure_retries%0D%0A++++failure_exception%3A+final_failure_exception%0D%0A++++failure_guard%3A+final_failure_guard" } } -}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy +}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/updatePolicy sleep 5 @@ -70,11 +70,11 @@ echo "Pushing the vFW Policy .." echo echo -curl -v --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ +curl -v -k --silent -X PUT --header 'Content-Type: application/json' --header 'Accept: text/plain' --header 'ClientAuth: cHl0aG9uOnRlc3Q=' --header 'Authorization: Basic dGVzdHBkcDphbHBoYTEyMw==' --header 'Environment: TEST' -d '{ "pdpGroup": "default", "policyName": "com.BRMSParamvFirewall", "policyType": "BRMS_Param" -}' http://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy +}' https://${K8S_HOST}:${POLICY_PDP_PORT}/pdp/api/pushPolicy sleep 20 @@ -95,7 +95,7 @@ echo "PDP-D amsterdam maven coordinates .." echo echo -curl -vvv --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool +curl -vvv -k --silent --user @1b3rt:31nst31n -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools | python -m json.tool echo @@ -104,4 +104,4 @@ echo "PDP-D control loop updated .." echo echo -curl -v --silent --user @1b3rt:31nst31n -X GET http://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool +curl -v -k --silent --user @1b3rt:31nst31n -X GET https://${K8S_HOST}:${POLICY_DROOLS_PORT}/policy/pdp/engine/controllers/amsterdam/drools/facts/closedloop-amsterdam/org.onap.policy.controlloop.Params | python -m json.tool diff --git a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py index a4a359a9dd..bcdd42bd14 100644 --- a/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py +++ b/kubernetes/robot/resources/config/eteshare/config/integration_robot_properties.py @@ -105,7 +105,7 @@ GLOBAL_PACKET_GENERATOR_USERNAME = "admin" GLOBAL_PACKET_GENERATOR_PASSWORD = "admin" GLOBAL_PGN_PORT = "2831" # policy info - everything is from the private oam network (also called onap private network) -GLOBAL_POLICY_SERVER_PROTOCOL = "http" +GLOBAL_POLICY_SERVER_PROTOCOL = "https" GLOBAL_POLICY_SERVER_PORT = "8081" GLOBAL_POLICY_HEALTHCHECK_PORT = "6969" GLOBAL_POLICY_AUTH = "dGVzdHBkcDphbHBoYTEyMw==" -- 2.16.6