As of March 29, 2019 (AAF 2.1.8, dbc-client 1.0.5, dmaap-bc 1.1.2, message-router 1.1.12)

AAF 2.1.8 bootstrap is missing some required permissions. 

Symptoms: 



Resolution:

  1.  Deploy AAF separately first.

  2. In AAF GUI add:

role create org.onap.dmaap-bc.service
perm grant org.onap.dmaap-bc.api.access * read org.onap.dmaap-bc.service
perm grant org.onap.dmaap.mr.access * * org.onap.dmaap-bc.service
perm grant org.onap.dmaap.mr.topic * view org.onap.dmaap-bc.service
perm create org.onap.dmaap.mr.topic * * org.onap.dmaap-bc.service
perm create org.onap.dmaap-dr.feed * * org.onap.dmaap-bc.service
perm create org.onap.dmaap-dr.sub * * org.onap.dmaap-bc.service
perm create org.onap.dmaap.mr.topicFactory :org.onap.dmaap.mr.topic:org.onap.dmaap.mr create,destroy org.onap.dmaap-bc.service
role user add org.onap.dmaap-bc.service dmaap-bc@dmaap-bc.onap.org
role user add org.onap.dmaap-bc.api.Controller dmaap-bc@dmaap-bc.onap.org

       3. Deploy dmaap

NOTES:

  1. the message-router-mirrormaker pod is dependent on topic provisioning and AAF permissions being granted, which is done as a result of the message-router post-install job.  Sometimes this sequence takes a while and the message-router-mirrormaker pod status gets in a crashback loop.  Patience: if all the steps above are taken, it should eventually reach a ready state.  However, it will never succeed if the full topic provisioning wasn't successful.

  2. depending on your environment, the deployment of all the components takes a while and can easily exceed the default helm timeout.  Recommend adding --timeout 900 to your helm install command line.