...
- Cloudify deployments of service components should include following environments
- CONFIG_BINDING_SERVICE=<cbs_k8s_service_name>
- DCAE_CA_CERTPATH=/opt/dcae/cacert/cacert.pem (this will be default unless overridden by component via blueprint)
- CBS_CONFIG_URL=https://config-binding-service/service_component_all/<scn>
- #scn → Unique Servicecomponent name
- Enable AAF cacert distribution (step to be done regardless of tls_info setting in blueprint) under DCAE_CA_CERTPATH
...
- Verify if the new environment setting for TLS (below) added by K8s plugin is visible within POD.
- CONFIG_BINDING_SERVICE=<cbs_k8s_service_name>
- DCAE_CA_CERTPATH=<path>
- If DCAE_CA_CERTPATH is defined, use the cacert for establishing secure end-point to interface with CBS (port 10443)
- An optional CBS_CONFIG_URL will be exposed providing the exact URL to be used for configuration retrieval. Application/Libraries can use this URL directly instead of constructing URL from HOSTNAME (which refers to ServiceComponentName) and CONFIG_BINDING_SERVICE env's. By default, this URL will use HTTPS CBS interface
- If TLS env is undefined, use R4 service name and port (10000) to interface with CBS (HTTP)
...
- Switch to newer version of libraries (CBS SDK for java and python CBS utils)
- If not using library, component must use DCAE_CA_CERTPATH and 10443 for CBS HTTPS connection besides removing logic for Consul service discovery for CBS service.
- An optional CBS_CONFIG_URL will be exposed providing the exact URL to be used for configuration retrieval. Application/Libraries can use this URL directly instead of constructing URL from HOSTNAME (which refers to ServiceComponentName) and CONFIG_BINDING_SERVICE env's. By default, this URL will use HTTPS CBS interface
- Update blueprint to use newer version of k8s plugin in blueprints
...