Handling Credentials
To prevent clear text credentials in property files and at the same time use docker secrets to push those data into the container we decided to use the option with environment variable. Therefore we establish the possibility to set a property value in the config files as a env var, e.g.
| Code Block |
|---|
[es]
esHosts=http://sdnrdb:9200
esArchiveLifetimeSeconds=2592001
esCluster=
esArchiveCheckIntervalSeconds=0
esNode=elasticsearchnode
esAuthUsername=${ESUSER}
esAuthPassword=${ESPASSWD} |
or
| Code Block |
|---|
[dcae]
dcaeUserCredentials=${DCAEUSER}:${DCAEPASSWD}
dcaeUrl=off
dcaeHeartbeatPeriodSeconds=120
dcaeTestCollector=no |
These values will stay in the config and won't be replaced with its values.
Overview
| cluster side | feature | config paramters | description |
|---|
| web service | Helpserver | - |
|
| odlux | - |
|
|
|
|
devicemanager
| WebsocketManager | - |
|
| APIGateway | DBConfig - url(s) (multiple possible)
- credentials
| needed for mediatorserver entries/ mediatorserver request forwarding |
RestConfig | for forwarding RESTCONF-Request to devicemanager cluster |
AAIConfig: | showing some infos of AAI in GUI |
Helpserver | - | odlux | - | WebsocketManager | - | | mountpoint-registrar | RestConfig | for creating new mountpoints pushed by DMaaP Messages |
DMaaPConfig
TransportType=HTTPNOAUTHLatitude =47.778998Longitude =-122.182883Version =1.0ServiceName =dmaap-v1.dev.dmaap.dt.saat.acsi.att.com/events
Environment =TESTPartner =SubContextPath =/Protocol =httpMethodType =GETusername =password =contenttype =application/jsonauthKey=ABC123authDate=2016-05-10T13:13:50-0700host=172.18.0.6:3904topic=unauthenticated.VES_PNFREG_OUTPUTgroup=myGid=C1timeout=20000limit=10000getting access to DMaaP Message Bus looking for VES-Messages | | DataProvider | DBConfig - url(s) (multiple possible)
- credentials
- esArchiveLimit=2592000 [in seconds]
- esArchiveFolder=./backup
| reading and writing db entries pushed by the GUI / backend |
devicemanager
|
devicemanager-X
| NotifyConfig: | forwarding netconf notifications to websocketmanager RPC to broadcast them to the GUI |
AAIConfig - aaiHeaders=["X-TransactionId: 9999"]
- aaiUrl=http://localhost:81
- aaiUserCredentials=AAI:AAI
- aaiDeleteOnMountpointRemove=false
- aaiTrustAllCerts=false
- aaiApiVersion=aai/v13
- aaiPropertiesFile=aaiclient.properties
- aaiApplicationId=SDNR
- aaiPcks12ClientCertFile=/opt/logs/externals/data/stores/keystore.client.p12
- aaiPcks12ClientCertPassphrase=adminadmin
- aaiClientConnectionTimeout=30000
|
|
PMConfig | collect historical performance data |
DCAEConfig - dcaeUserCredentials=admin:admin
- dcaeUrl=off
- dcaeHeartbeatPeriodSeconds=120
- dcaeTestCollector=no
|
|
| AAFConfig? |
|
| mountpoint-state-provider | DMaaPConfig dmaapEnabled=true
TransportType=HTTPNOAUTH
host=172.18.0.6:3904
topic=unauthenticated.SDNR_MOUNTPOINT_STATE_INFO
contenttype=application/json
timeout=20000
limit=10000
maxBatchSize=100
maxAgeMs=250
MessageSentThreadOccurance=50 | to provide base mountpoint information to dmaap |
| mountpoint-registrar | RestConfig Ex: baseUrl=http://localhost:8181
sdnrUser=admin
sdnrPasswd=admin | for creating new mountpoints pushed by DMaaP Messages |
| DMaaPConfig - TransportType=HTTPNOAUTH
- host=172.18.0.6:3904
- topic=unauthenticated.VES_PNFREG_OUTPUT
- contenttype =application/json
- group=myG
- id=C1
- timeout=20000
- limit=10000
| getting access to DMaaP Message Bus looking for VES-Messages. The default TransportType used is HTTPNOAUTH. For other TransportTypes such as DME2, HTTP, AUTH_KEY, please see below -
TransportType=HTTP |
|---|
host | topic | contenttype | username | password | group | id | timeout | limit |
TransportType=DME2 |
|---|
ServiceName | topic | username | password | DME2preferredRouterFilePath | Partner || routeOffer | Protocol | MethodType | contenttype | Latitude | Longitude | AFT_ENVIRONMENT | Version | Environment | SubContextPath | sessionstickinessrequired | group | id | timeout | limit |
TransportType=AUTHKEY |
|---|
host | topic | contenttype | username | password | authKey | authDate | group | id | timeout | limit |
|
| Database |
|
|
|
