...
As described above, all the Identities and Data are pushed into Containers (init or otherwise), which can start up and configure when data does not exist, or avoid overwriting when they do exist.
Processes to
...
copy data from AAF Test systems in WindRiver to be ready in ONAP Docker Images, when required for Testing, other.
The expectation is that this process
- Is done from the development machine of ONAP AAF PTL (or other responsible party within ONAP)
- This person already works with ONAP "aaf" project and has "authz" git repo setup and ready.
- This person has VPN Access to WindRiver and a Key to the AAF WindRiver Project for K8s environment, and specifically the "aaf-test" instance running there (should never be removed)
GOALS:
- Cause a Remote Backup
- Bring that Remote Backup locally, as added safeguard (Note: at times, people have removed the WindRiver AAF Test VM accidentally. Extra backups made reconstruction reasonably simple)
- Use Backup Data to update Identity and Initialized
- Cause a Remote Backup from the Containers
- Use filtered data from backup to populate Initialization Data within AAF Containers, ready for check-in to Repo
Steps 1-4 are accomplished with One local Shell Script, combined with Shell Scripts deployed on remote Directories and in Containers (see script to trace each one)
This is done via a shell script. Documented here is a template which the identified person can modify for their particular keys, but requires:
A) VPN Tunnel access to WindRiver, turned on
B) Private Key setup for WindRiver VM. This is typically stored locally in "pem" format. We'll call it "aaf-onap.pem" for the following template.
C) Your "/etc/hosts" directory has entry "10.12.5.145 aaf-onap-test.osaaf.org" (or whatever is the current IP with ONAP aaf-test VM)
D) This is being run from a subdirectory being worked by said user. This subdirectory should NOT be within a Repo Boundary. Here is a recommendation for this structure, assuming Unix
| /home/me | fictitious home directory |
| /home/me/open | Directory where I keep all Open Source work, including ONAP |
| /home/me/open/authz | Created by 'git clone "https://gerrit.onap.org/r/aaf/authz"' |
| /home/me/open/... | Don't forget all the other AAF and ONAP projects, like 'cadi', 'doc', 'oom', etc. |
| /home/me/open/backup | The directory we'll work with in this effort... |
WARNING: the "DAT Date" mechanism is simple, and doesn't adjust for Global Time zones. Just choose a time (like morning?) when WindRiver Day is the same as your location's Day
| Code Block | ||||
|---|---|---|---|---|
| ||||
#!/etc/bash
# NOTE: YOU much change this to point to YOUR personal locate for PEM based ONAP VM Key
PEM=/home/me/<directory for ONAP keys>/aaf-onap.pem
ssh -i $PEM ubuntu@aaf-onap-test.osaaf.org -t 'cd ~/authz/auth/auth-cass/docker;bash backup.sh'
ssh -i $PEM ubuntu@aaf-onap-test.osaaf.org -t 'cd ~/authz/auth/sample/data; bash pull.sh'
#DAT_TODAY="dat20190222.gz"
DAT_TODAY="dat$(date +%Y%m%d).gz"
scp -i $PEM ubuntu@aaf-onap-test.osaaf.org:~/authz/auth/auth-cass/docker/$DAT_TODAY .
scp -i $PEM ubuntu@aaf-onap-test.osaaf.org:~/authz/auth/sample/data/identities.dat .
if [ -e dats ]; then
rm dats/*
fi
tar -xvf $DAT_TODAY |
Results: In the directory, you should find the following (This sample is run on March 4, 2020. OBVIOUSLY, dates should vary)
| Code Block | ||||
|---|---|---|---|---|
| ||||
backup me$ bash pull.sh
Using 7 child processes
Starting copy of authz.locate with columns [name, hostname, port, latitude, longitude, major, minor, patch, pkg, port_key, protocol, subprotocol].
Processed: 16 rows; Rate: 92 rows/s; Avg. rate: 92 rows/s
16 rows exported to 1 files in 0.183 seconds.
Using 7 child processes
...
x dats/run_lock.dat
x dats/user_role.dat
x dats/x509.dat
backup me$ ls -altr
...
-rw-r--r-- 1 jon staff 533 Mar 4 08:09 pull.sh
-rw-r--r-- 1 jon staff 323591 Mar 4 08:06 dat20200304.gz
-rw-r--r-- 1 jon staff 4186 Mar 4 08:06 identities.dat
drwxr-xr-x 23 jon staff 736 Mar 4 08:06 dats
... |