Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Authenticated topic provisioning via dmaap-bc does not succeed, and so mirrormaker pod is unable to start.
  • dmaap-bc pod log says "/opt/app/dmaapbc/ok_to_exit does not exist.  Sticking around..."   
  • If you login to a shell on dmaap-bc pod and examine /opt/app/dmaapbc/logs/ONAP/error.log, there will be an Error about service credentials not being valid for  AAF connection. 
  • Authenticated access to the dmaap-bc API will fail.  In particular, robot DMaaP Bus Controller Health Check With Basic Auth will fail.  (as reported in 
    Jira Legacy
    serverSystem Jira
    serverId4733707d-2057-3a0f-ae5e-4fd8aff50176
    keyDMAAP-1178
    )


Resolution:

  1.  Deploy AAF separately first.
  2. In AAF GUI add:

role create org.onap.dmaap-bc.service
perm grant org.onap.dmaap-bc.api.access * read org.onap.dmaap-bc.service
perm grantgrant org.onap.dmaap.mr.access * * org.onap.dmaap-bc.service
perm grantgrant org.onap.dmaap.mr.topic * view org.onap.dmaap-bc.service
perm createcreate org.onap.dmaap.mr.topic * * org.onap.dmaap-bc.service
perm create org.onap.dmaap-dr.feed * * org.onap.dmaap-bc.service
perm create org.onap.dmaap-dr.sub * * org.onap.dmaap-bc.service
perm createcreate org.onap.dmaap.mr.topicFactory :org.onap.dmaap.mr.topic:org.onap.dmaap.mrcreate create,destroy org.onap.dmaap-bc.service
role user add org.onap.dmaap-bc.serviceservice dmaap-bc@dmaap-bc.onap.org
role user add org.onap.dmaap-bc.api.ControllerController dmaap-bc@dmaap-bc.onap.org

...