Versions Compared

Old Version 35

changes.mady.by.user Bogumil Zebek

Saved on

compared with

New Version Current

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Create a repository in gerrit
    1. Create a ticket at https://jira.linuxfoundation.org/servicedesk/customer/portal/2/create/102?q=create%20repository&q_time=1581674068823
  2. Configure pom.xml in project
    1.  An example: https://gerrit.onap.org/r/gitweb?p=aaf/certservice.git;a=blob;f=certService/pom.xml;h=3f17f3904b45f48007c7cf10cb54b2b814447226;hb=HEAD
  3. Configure Jenkins Jobs
    1. https://gerrit.onap.org/r/c/ci-management/ /101668
    2. Contact person:
      1. jwagantall@linuxfoundation.org
  4. Documentation
    1. An example:  https://gerrit.onap.org/r/#/c/cli/ /101293/
    2. Contact person:
      1. sofia.wallin@est.tech
      2. jwagantall@linuxfoundation.org

Records

  • CertService with TLS installation Poc <Polish> 

View file
nameInstalacja CertService z TLS.mp4
height250

How to create CSR and PK for certificate endpoint

...

How to run CertService Client

As standalone docker:

Create file with environments as in example below.

Code Block
titleclient_docker.env
#Client envs
REQUEST_URL=http://aaf-cert-service-service:8080/v1/certificate/
REQUEST_TIMEOUT=1000
OUTPUT_PATH=/var/certs
CA_NAME=RA
#Csr config envs
COMMON_NAME=onap.org
ORGANIZATION=Linux-Foundation
ORGANIZATION_UNIT=ONAP
LOCATION=San-Francisco
STATE=California
COUNTRY=US
SANS=test.onap.org:onap.com

Run docker container with environments file and docker network (API and client must be running in same network).

Code Block
AAFCERT_CLIENT_IMAGE=nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
DOCKER_ENV_FILE= <path to environment file>
NETWORK_CERT_SERVICE= <docker network of cert service>
DOCKER_VOLUME="<absolute path to local dir>:<output path>"

docker run --env-file $DOCKER_ENV_FILE --network $NETWORK_CERT_SERVICE --volume $DOCKER_VOLUME $AAFCERT_CLIENT_IMAGE

As init container for K8s:

Code Block
titleSample deployment
... 
kind: Deployment
metadata:
  ...
spec:
...
  template:
  ...
    spec:
      initContainers:
        - name: cert-service-client
          image: nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:latest
          imagePullPolicy: Always
          env:
            - name: REQUEST_URL
              value: http://aaf-cert-service-service:8080/v1/certificate/
            - name: REQUEST_TIMEOUT
              value: "1000"
            - name: OUTPUT_PATH
              value: /var/certs
            - name: CA_NAME
              value: RA
            - name: COMMON_NAME
              value: onap.org
            - name: ORGANIZATION
              value: Linux-Foundation
            - name: ORGANIZATION_UNIT
              value: ONAP
            - name: LOCATION
              value: San-Francisco
            - name: STATE
              value: California
            - name: COUNTRY
              value: US
            - name: SANS
              value: test.onap.org:onap.com
          volumeMounts:
            - mountPath: /var/certs
              name: certs
		...

Client's exiting codes:

...

Success

...

All necessary information could be find in official documentation, see Read The Docs.

Client's exiting codes:

Exiting codes could be find in official documentation, see Read The Docs