From de34a84dcf0d1b9218b5df894c4bec2c5b98544b Mon Sep 17 00:00:00 2001 From: =?utf8?q?Michael=20D=C3=9Crre?= Date: Thu, 11 Feb 2021 14:57:30 +0100 Subject: [PATCH] update sdnc-image MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit update dockerfile and startodl.sh Issue-ID: SDNC-1479 Signed-off-by: Michael DÜrre Change-Id: Ieb2db8a752c891e7f0e45a16dd36961866e9a439 Signed-off-by: Michael DÜrre Former-commit-id: 0a99e36c726a89206bb54768d5a0aaa0a646d7d1 --- installation/sdnc/pom.xml | 1 + installation/sdnc/src/main/docker/Dockerfile | 8 +--- .../sdnc/src/main/docker/standalone.Dockerfile | 14 ++----- installation/sdnc/src/main/scripts/installCerts.py | 25 ------------- installation/sdnc/src/main/scripts/startODL.sh | 43 +++++++++++----------- 5 files changed, 29 insertions(+), 62 deletions(-) diff --git a/installation/sdnc/pom.xml b/installation/sdnc/pom.xml index f3ca800c..57b560e9 100644 --- a/installation/sdnc/pom.xml +++ b/installation/sdnc/pom.xml @@ -155,6 +155,7 @@ sdnc-container + admin itsASecret sdnctl gamma diff --git a/installation/sdnc/src/main/docker/Dockerfile b/installation/sdnc/src/main/docker/Dockerfile index 4ff33ace..de928934 100755 --- a/installation/sdnc/src/main/docker/Dockerfile +++ b/installation/sdnc/src/main/docker/Dockerfile @@ -23,10 +23,6 @@ ENV SDNC_STORE_DIR /opt/onap/sdnc/data/stores ENV SSL_CERTS_DIR /etc/ssl/certs ENV JAVA_SECURITY_DIR $SSL_CERTS_DIR/java ENV SDNC_NORTHBOUND_REPO mvn:org.onap.sdnc.northbound/sdnc-northbound-all/${sdnc.northbound.version}/xml/features -#CCSDKFEATUREVERSION specified in base image -ENV SDNR_NORTHBOUND_REPO mvn:org.onap.ccsdk.features.sdnr.northbound/sdnr-northbound-all/$CCSDKFEATUREVERSION/xml/features -ENV SDNR_WT_REPO mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator/$CCSDKFEATUREVERSION/xml/features -ENV SDNR_DM_REPO mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator-devicemanager/$CCSDKFEATUREVERSION/xml/features ENV SDNC_KEYSTORE ${sdnc.keystore} ENV SDNC_KEYPASS ${sdnc.keypass} ENV SDNC_SECUREPORT ${sdnc.secureport} @@ -37,8 +33,8 @@ COPY --from=stage0 --chown=odl:odl /opt /opt # Add SDNC repositories to boot repositories RUN cp $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig -RUN sed -i -e "\|featuresRepositories|s|$|,${SDNC_NORTHBOUND_REPO}, ${SDNR_NORTHBOUND_REPO}, ${SDNR_WT_REPO}, ${SDNR_DM_REPO}|" $ODL_HOME/etc/org.apache.karaf.features.cfg -RUN sed -i -e "\|featuresBoot[^a-zA-Z]|s|$|,sdnc-northbound-all, sdnr-northbound-all, a1-adapter-northbound|" $ODL_HOME/etc/org.apache.karaf.features.cfg +RUN sed -i -e "\|featuresRepositories|s|$|,${SDNC_NORTHBOUND_REPO}|" $ODL_HOME/etc/org.apache.karaf.features.cfg +RUN sed -i -e "\|featuresBoot[^a-zA-Z]|s|$|,sdnc-northbound-all|" $ODL_HOME/etc/org.apache.karaf.features.cfg RUN sed -i "s/odl-restconf-all/odl-restconf-all,odl-netconf-topology/g" $ODL_HOME/etc/org.apache.karaf.features.cfg # install AAF configs diff --git a/installation/sdnc/src/main/docker/standalone.Dockerfile b/installation/sdnc/src/main/docker/standalone.Dockerfile index 5f0f8254..fe6aa083 100755 --- a/installation/sdnc/src/main/docker/standalone.Dockerfile +++ b/installation/sdnc/src/main/docker/standalone.Dockerfile @@ -1,6 +1,6 @@ # Prepare stage for multistage image build ## START OF STAGE0 ## -FROM onap/ccsdk-odlsli-alpine-image:latest AS stage0 +FROM onap/ccsdk-odlsli-alpine-image:${ccsdk.docker.version} AS stage0 USER root @@ -14,21 +14,15 @@ COPY system /tmp/system RUN rsync -a /tmp/system $ODL_HOME ## END OF STAGE0 ## -FROM onap/ccsdk-odlsli-alpine-image:latest +FROM onap/ccsdk-odlsli-alpine-image:${ccsdk.docker.version} LABEL maintainer="SDN-C Team (sdnc@lists.onap.org)" -#ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk -#ENV ODL_HOME /opt/opendaylight ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties ENV SDNC_STORE_DIR /opt/onap/sdnc/data/stores ENV SSL_CERTS_DIR /etc/ssl/certs ENV JAVA_SECURITY_DIR $SSL_CERTS_DIR/java ENV SDNC_NORTHBOUND_REPO mvn:org.onap.sdnc.northbound/sdnc-northbound-all/${sdnc.northbound.version}/xml/features -#CCSDKFEATUREVERSION specified in base image -ENV SDNR_NORTHBOUND_REPO mvn:org.onap.ccsdk.features.sdnr.northbound/sdnr-northbound-all/$CCSDKFEATUREVERSION/xml/features -ENV SDNR_WT_REPO mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator/$CCSDKFEATUREVERSION/xml/features -ENV SDNR_DM_REPO mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator-devicemanager/$CCSDKFEATUREVERSION/xml/features ENV SDNC_KEYSTORE ${sdnc.keystore} ENV SDNC_KEYPASS ${sdnc.keypass} ENV SDNC_SECUREPORT ${sdnc.secureport} @@ -39,8 +33,8 @@ COPY --from=stage0 --chown=odl:odl /opt /opt # Add SDNC repositories to boot repositories RUN cp $ODL_HOME/etc/org.apache.karaf.features.cfg $ODL_HOME/etc/org.apache.karaf.features.cfg.orig -RUN sed -i -e "\|featuresRepositories|s|$|,${SDNC_NORTHBOUND_REPO}, ${SDNR_NORTHBOUND_REPO}, ${SDNR_WT_REPO}, ${SDNR_DM_REPO}|" $ODL_HOME/etc/org.apache.karaf.features.cfg -RUN sed -i -e "\|featuresBoot[^a-zA-Z]|s|$|,sdnc-northbound-all, sdnr-northbound-all, a1-adapter-northbound|" $ODL_HOME/etc/org.apache.karaf.features.cfg +RUN sed -i -e "\|featuresRepositories|s|$|,${SDNC_NORTHBOUND_REPO}|" $ODL_HOME/etc/org.apache.karaf.features.cfg +RUN sed -i -e "\|featuresBoot[^a-zA-Z]|s|$|,sdnc-northbound-all|" $ODL_HOME/etc/org.apache.karaf.features.cfg RUN sed -i "s/odl-restconf-all/odl-restconf-all,odl-netconf-topology/g" $ODL_HOME/etc/org.apache.karaf.features.cfg # Install ssl and java certificates diff --git a/installation/sdnc/src/main/scripts/installCerts.py b/installation/sdnc/src/main/scripts/installCerts.py index 6ca3bbc9..677d2c9b 100644 --- a/installation/sdnc/src/main/scripts/installCerts.py +++ b/installation/sdnc/src/main/scripts/installCerts.py @@ -51,7 +51,6 @@ zipFileList = [] username = os.environ['ODL_ADMIN_USERNAME'] password = os.environ['ODL_ADMIN_PASSWORD'] -newpassword = os.environ.get('ODL_ADMIN_NEWPASSWORD') TIMEOUT=1000 INTERVAL=30 timePassed=0 @@ -338,29 +337,6 @@ def process_jks_files(count): logging.error("UnExpected Error while processing JKS files at {0}, Caused by: {1}".format(Path, e)) writeCertInstallStatus("NOTOK") -def replaceAdminPassword(username, password, newpassword): - if newpassword is None: - logging.info('Not to replace password for user %s', username) - else: - logging.info('Replace password for user %s', username) - try: - jsondata = '{\"password\": \"{newpassword}\"}'.format(newpassword=newpassword) - url = '/auth/v1/users/{username}@sdn'.format(username=username) - loggin.info("Url %s data $s", url, jsondata) - conn = http.client.HTTPConnection("localhost",odl_port) - req = conn.request("PUT", url, jsondata, headers=headers) - res = conn.getresponse() - res.read() - httpStatus = res.status - if httpStatus == 200: - logging.debug("New password provided successfully for user %s", username) - else: - logging.debug("Password change was not possible. Problem code was: %d", httpStatus) - except: - logging.error("Cannot execute REST call to set password.") - writeCertInstallStatus("NOTOK") - - def readCertProperties(): ''' This function searches for manually copied zip file @@ -371,7 +347,6 @@ def readCertProperties(): connected = makeHealthcheckCall(headers, timePassed) logging.info('Connected status: %s', connected) if connected: - replaceAdminPassword(username, password, newpassword) count = 0 if os.path.isfile(Path + "/certs.properties"): with open(Path + "/certs.properties", "r") as f: diff --git a/installation/sdnc/src/main/scripts/startODL.sh b/installation/sdnc/src/main/scripts/startODL.sh index dbbe4030..5e294ddf 100755 --- a/installation/sdnc/src/main/scripts/startODL.sh +++ b/installation/sdnc/src/main/scripts/startODL.sh @@ -82,7 +82,7 @@ cleanupFeatureBoot() { sed -i "/featuresBoot/ s/,ccsdk-sli-core-all.*$//g" "$ODL_FEATURES_BOOT_FILE" } -initialize_sdnr() { +initialize_sdnrdb() { printf "SDN-R Database Initialization" INITCMD="$JAVA_HOME/bin/java -jar " INITCMD="${INITCMD} $ODL_HOME/system/org/onap/ccsdk/features/sdnr/wt/sdnr-wt-data-provider-setup/$CCSDKFEATUREVERSION/sdnr-dmt.jar " @@ -100,19 +100,19 @@ initialize_sdnr() { install_sdnrwt_features() { # Repository setup provided via sdnc dockerfile if $SDNRWT; then - addRepository "$SDNRDM_BASE_REPO" if $SDNRONLY; then cleanupFeatureBoot fi - if $SDNRDM; then - addToFeatureBoot "$SDNRDM_BOOTFEATURES" - else - addToFeatureBoot "$SDNRWT_BOOTFEATURES" + addToFeatureBoot "$SDNRDM_BOOTFEATURES" + if ! $SDNRDM; then + addToFeatureBoot "$SDNRODLUX_BOOTFEATURES" fi fi } - +install_sdnr_oauth_features() { + addToFeatureBoot "$SDNROAUTH_BOOTFEATURES" +} install_sdnr_northbound_features() { addToFeatureBoot "$SDNR_NORTHBOUND_BOOTFEATURES" } @@ -211,18 +211,13 @@ enable_odl_cluster() { printf "Installing SDNC/R from startODL.sh script\n" ODL_HOME=${ODL_HOME:-/opt/opendaylight/current} ODL_FEATURES_BOOT_FILE=$ODL_HOME/etc/org.apache.karaf.features.cfg -# -ODL_REMOVEIDMDB=${ODL_REMOVEIDMDB:-false} ODL_ADMIN_USERNAME=${ODL_ADMIN_USERNAME:-admin} -if $ODL_REMOVEIDMDB ; then - printf "Remove odl idmdb" - rm "$ODL_HOME"/data/idmlight.db.mv.db - ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-admin} -else - ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} +# do not start container if ADMIN_PASSWORD is not set +if [ -z "$ODL_ADMIN_PASSWORD" ]; then + echo "ODL_ADMIN_PASSWORD is not set" + exit 1 fi -ODL_ADMIN_PASSWORD=${ODL_ADMIN_PASSWORD:-Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U} SDNC_HOME=${SDNC_HOME:-/opt/onap/sdnc} SDNC_BIN=${SDNC_BIN:-/opt/onap/sdnc/bin} # Whether to intialize MYSql DB or not. Default is to initialize @@ -231,19 +226,20 @@ CCSDK_HOME=${CCSDK_HOME:-/opt/onap/ccsdk} JDEBUG=${JDEBUG:-false} MYSQL_ROOT_PASSWORD=${MYSQL_ROOT_PASSWORD:-openECOMP1.0} ENABLE_ODL_CLUSTER=${ENABLE_ODL_CLUSTER:-false} +ENABLE_OAUTH=${ENABLE_OAUTH:-false} +ENABLE_ODLUX_RBAC=${ENABLE_ODLUX_RBAC:-false} GEO_ENABLED=${GEO_ENABLED:-false} SDNC_AAF_ENABLED=${SDNC_AAF_ENABLED:-false} IS_PRIMARY_CLUSTER=${IS_PRIMARY_CLUSTER:-false} MY_ODL_CLUSTER=${MY_ODL_CLUSTER:-127.0.0.1} INSTALLED_DIR=${INSTALLED_FILE:-/opt/opendaylight/current/daexim} SDNRWT=${SDNRWT:-false} -SDNRWT_BOOTFEATURES=${SDNRWT_BOOTFEATURES:-sdnr-wt-feature-aggregator} +SDNRODLUX_BOOTFEATURES=${SDNRODLUX_BOOTFEATURES:-sdnr-wt-helpserver-feature,sdnr-wt-odlux-core-feature,sdnr-wt-odlux-apps-feature} +SDNROAUTH_BOOTFEATURES=${SDNROAUTH_BOOTFEATURES:-sdnr-wt-feature-aggregator-oauth} SDNRDM=${SDNRDM:-false} -# Add devicemanager base and specific repositories -SDNRDM_BASE_REPO=${SDNRDM_BASE_REPO:-mvn:org.onap.ccsdk.features.sdnr.wt/sdnr-wt-feature-aggregator-devicemanager-base/$CCSDKFEATUREVERSION/xml/features} # Add devicemanager features SDNRDM_SDM_LIST=${SDNRDM_SDM_LIST:-sdnr-wt-feature-aggregator-devicemanager} -SDNRDM_BOOTFEATURES=${SDNRDM_BOOTFEATURES:-sdnr-wt-feature-aggregator-devicemanager-base, ${SDNRDM_SDM_LIST}} +SDNRDM_BOOTFEATURES=${SDNRDM_BOOTFEATURES:-sdnr-wt-feature-aggregator-devicemanager-base,${SDNRDM_SDM_LIST}} # Whether to Initialize the ElasticSearch DB. SDNRINIT=${SDNRINIT:-false} SDNRONLY=${SDNRONLY:-false} @@ -253,6 +249,7 @@ SDNRDBCOMMAND=${SDNRDBCOMMAND:--c init -db $SDNRDBURL -dbu $SDNRDBUSERNAME -dbp SDNR_NORTHBOUND=${SDNR_NORTHBOUND:-false} SDNR_NORTHBOUND_BOOTFEATURES=${SDNR_NORTHBOUND_BOOTFEATURES:-sdnr-northbound-all} NOTOK=1 +#export for installCerts.py export ODL_ADMIN_PASSWORD ODL_ADMIN_USERNAME if $JDEBUG ; then @@ -280,6 +277,8 @@ printf "%s\n" " CCSDKFEATUREVERSION=$CCSDKFEATUREVERSION" printf "%s\n" " ENABLE_ODL_CLUSTER=$ENABLE_ODL_CLUSTER" printf "%s\n" " ODL_REMOVEIDMDB=$ODL_REMOVEIDMDB" printf "%s\n" " SDNC_REPLICAS=$SDNC_REPLICAS" +printf "%s\n" " ENABLE_OAUTH=$ENABLE_OAUTH" +printf "%s\n" " ENABLE_ODLUX_RBAC=$ENABLE_ODLUX_RBAC" printf "%s\n" " SDNRWT=$SDNRWT" printf "%s\n" " SDNRDM=$SDNRDM" printf "%s\n" " SDNRONLY=$SDNRONLY" @@ -313,7 +312,7 @@ fi if $SDNRINIT ; then #One time intialization action - initialize_sdnr + initialize_sdnrdb init_result=$? printf "%s\n" "Result of init script: $init_result" if $SDNRWT ; then @@ -361,6 +360,8 @@ then fi if $SDNRWT ; then install_sdnrwt_features ; fi + if $ENABLE_OAUTH ; then install_sdnr_oauth_features ; fi + # The enable_odl_cluster call should not be moved above this line as the cleanFeatureBoot will overwrite entries. Ex: odl-jolokia if $ENABLE_ODL_CLUSTER ; then enable_odl_cluster ; fi -- 2.16.6