Handling Credentials
To prevent clear text credentials in property files and at the same time use docker secrets to push those data into the container we decided to use the option with environment variable. Therefore we establish the possibility to set a property value in the config files as a env var, e.g.
Code Block |
---|
[es]
esHosts=http://sdnrdb:9200
esArchiveLifetimeSeconds=2592001
esCluster=
esArchiveCheckIntervalSeconds=0
esNode=elasticsearchnode
esAuthUsername=${ESUSER}
esAuthPassword=${ESPASSWD} |
or
Code Block |
---|
[dcae]
dcaeUserCredentials=${DCAEUSER}:${DCAEPASSWD}
dcaeUrl=off
dcaeHeartbeatPeriodSeconds=120
dcaeTestCollector=no |
These values will stay in the config and won't be replaced with its values.
Overview
cluster side | feature | config paramters | description | ||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
web service | Helpserver | - | |||||||||||||||||||||||||||||||||||||||||||
odlux | - | ||||||||||||||||||||||||||||||||||||||||||||
devicemanager | WebsocketManager | - | |||||||||||||||||||||||||||||||||||||||||||
APIGateway | DBConfig
| needed for mediatorserver entries/ mediatorserver request forwarding | |||||||||||||||||||||||||||||||||||||||||||
RestConfig
| for forwarding RESTCONF-Request to devicemanager cluster | ||||||||||||||||||||||||||||||||||||||||||||
AAIConfig:
| showing some infos of AAI in GUI | Helpserver | - | odlux | - | devicemanagerWebsocketManager | -|||||||||||||||||||||||||||||||||||||||
DataProvider | DBConfig
| reading and writing db entries pushed by the GUI / backend | |||||||||||||||||||||||||||||||||||||||||||
devicemanager-X | NotifyConfig:
| forwarding netconf notifications to websocketmanager RPC to broadcast them to the GUI | |||||||||||||||||||||||||||||||||||||||||||
AAIConfig
| |||||||||||||||||||||||||||||||||||||||||||||
PMConfig
| collect historical performance data | ||||||||||||||||||||||||||||||||||||||||||||
DCAEConfig
| |||||||||||||||||||||||||||||||||||||||||||||
AAFConfig? | |||||||||||||||||||||||||||||||||||||||||||||
mountpoint-state-provider | DMaaPConfig dmaapEnabled=true | to provide base mountpoint information to dmaap | |||||||||||||||||||||||||||||||||||||||||||
mountpoint-registrar | RestConfig
Ex: baseUrl=http://localhost:8181 | for creating new mountpoints pushed by DMaaP Messages | |||||||||||||||||||||||||||||||||||||||||||
DMaaPConfig
| getting access to DMaaP Message Bus looking for VES-Messages. The default TransportType used is HTTPNOAUTH. For other TransportTypes such as DME2, HTTP, AUTH_KEY, please see below -
| ||||||||||||||||||||||||||||||||||||||||||||
Database |