Versions Compared

Old Version 9

changes.mady.by.user Jonathan Gathman

Saved on

compared with

New Version 10

changes.mady.by.user Jonathan Gathman

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

If you are testing locally (i.e. DEV Box), remember that TLS (Certs) out-of-the-box requires DNS Entries.  If the DNS (name) of, for instance, aaf.osaaf.org, doesn't exist, put it in your /etc/hosts, and TLS will use those instead of DNS

Working on Container Info

To use Container Info, you need to gain access to the volume with the "agent" container.  A script is available for you to.  Example.  See Helm "aaa-hello"

  • bash agent.sh 
    • This will read the "values.yaml" to get the parameters
  • Once in the Command prompt, an "Alias" is provided for you (to see how defined, cat ~/.bashrc)
  • You can run important tools, example
    • agent read 
      • Will read the FQI/FQDN Certificate Artifact (authorization record)
        2019-08-06T14:24:06.032+0000 INFO [cadi] AAFLocator enabled using https://aaf-locate.onap:8095
        AppID: aaf@aaf.osaaf.org
        Sponsor: aaf_admin@osaaf.org
        Machine: aaf-hello
        CA: local
        Types: pkcs12,script
        Namespace: org.osaaf.aaf
        Directory: /opt/app/osaaf/local
        O/S User: root
        Renew Days: 30
        Notification mailto:
        2019-08-06T14:24:07.124+0000: Trans Info
        Read Artifact 1080.7137ms

    • agent showpass
      • Will decrypt the passcodes etc.  Note: You must have logged in as the "Deployer" to do this (with perm to "showpass" (TODO more info on PERM)

        $ agent showpass

        cadi_truststore_password=Tx}WUvfbN#N,lL7h,fW&bU%a
        cadi_key_password=8LZ4aSEP^Qouq[J5m{{(h5+c
        cadi_keystore_password=8LZ4aSEP^Qouq[J5m{{(h5+c
        cadi_keystore_password_p12=8LZ4aSEP^Qouq[J5m{{(h5+c
        Challenge=*z(#X2[kTp3&Y)3HUzKKAw$s
        2019-08-06T14:26:27.500+0000: Trans Info
    • agent validate
      • Will check the configuration, and use to contact AAF for Permissions

        $ agent validate

        ...

        Success connecting to https://aaf-service.onap:8100
           Permissions for aaf@aaf.osaaf.org
        org.access|*|*
        org.osaaf.aaf.access|*|*
        org.osaaf.aaf.cache|*|clear
        org.osaaf.aaf.cache|all|clear
        org.osaaf.aaf.cache|role|clear
        org.osaaf.aaf.password|*|create,reset
        org.osaaf.people.access|*|*