Make OOM workable with Dublin
Issue-ID: AAF-809
Change-Id: I7c2c221e69a87f3bdf6dbf37fc93c1a14a055686
Signed-off-by: Instrumental <jonathan.gathman@att.com>
diff --git a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
index d704e1a..943b92f 100644
--- a/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
+++ b/auth/auth-core/src/main/java/org/onap/aaf/auth/org/OrganizationFactory.java
@@ -71,7 +71,7 @@
String realm = env.getProperty(Config.AAF_DEFAULT_REALM,"people.osaaf.org");
defaultOrg = cnst.newInstance(env,realm);
} catch (ClassNotFoundException | InstantiationException | IllegalAccessException | NoSuchMethodException | SecurityException | IllegalArgumentException | InvocationTargetException e) {
- env.warn().log("Not Organization Moduled linked in",e);
+ env.warn().log("Default Organization Module not linked in",e);
}
}
if (defaultOrg == null) {
diff --git a/auth/docker/Dockerfile.agent b/auth/docker/Dockerfile.agent
index b62f7b4..669665c 100644
--- a/auth/docker/Dockerfile.agent
+++ b/auth/docker/Dockerfile.agent
@@ -25,11 +25,12 @@
LABEL version=${AAF_VERSION}
COPY bin/client.sh /opt/app/aaf_config/bin/agent.sh
+COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh
COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
COPY bin/aaf-cadi-servlet-sample-*-sample.jar /opt/app/aaf_config/bin/
COPY logs /opt/app/aaf_config/logs
COPY cert/*trust*.b64 /opt/app/aaf_config/cert/
-
-RUN if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi
+RUN chmod 755 /opt/app/aaf_config/bin/* &&\
+ if [ -n "${DUSER}" ]; then chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi
CMD []
diff --git a/auth/docker/Dockerfile.base b/auth/docker/Dockerfile.base
index 35ade62..e7ae643 100644
--- a/auth/docker/Dockerfile.base
+++ b/auth/docker/Dockerfile.base
@@ -22,8 +22,8 @@
MAINTAINER AAF Team, AT&T 2018
LABEL description="aaf_base"
-RUN apk add --no-cache bash
-RUN apk add --no-cache openssl
-RUN apk add --no-cache curl
-RUN if [ -n "${DUSER}" ]; then addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; fi
+RUN apk add --no-cache bash &&\
+ apk add --no-cache openssl &&\
+ apk add --no-cache curl &&\
+ if [ -n "${DUSER}" ]; then addgroup ${DUSER} && adduser ${DUSER} -G ${DUSER} -D -s /bin/bash; fi
diff --git a/auth/docker/Dockerfile.config b/auth/docker/Dockerfile.config
index 27b2fff..7b159d7 100644
--- a/auth/docker/Dockerfile.config
+++ b/auth/docker/Dockerfile.config
@@ -32,11 +32,12 @@
COPY public /opt/app/aaf_config/public
COPY CA /opt/app/aaf_config/CA
COPY bin/service.sh /opt/app/aaf_config/bin/agent.sh
-COPY bin/pod_wait.sh /opt/app/aaf_config/bin/
+COPY bin/pod_wait.sh /opt/app/aaf_config/bin/pod_wait.sh
COPY bin/aaf-auth-cmd-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
COPY bin/aaf-auth-batch-${AAF_VERSION}-full.jar /opt/app/aaf_config/bin/
-RUN mkdir -p /opt/app/osaaf
-RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/osaaf && chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi
+RUN mkdir -p /opt/app/osaaf &&\
+ chmod 755 /opt/app/aaf_config/bin/*.sh &&\
+ if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/osaaf && chown -R ${DUSER}:${DUSER} /opt/app/aaf_config; fi
CMD ["/bin/bash","/opt/app/aaf_config/bin/agent.sh"]
diff --git a/auth/docker/Dockerfile.hello b/auth/docker/Dockerfile.hello
index 0d2a062..2002822 100644
--- a/auth/docker/Dockerfile.hello
+++ b/auth/docker/Dockerfile.hello
@@ -26,9 +26,10 @@
COPY bin/pod_wait.sh /opt/app/aaf/bin/
COPY etc /opt/app/osaaf/etc
-RUN mkdir -p /opt/app/aaf/status
-RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \
- && chown ${DUSER}:${DUSER} /opt/app/osaaf \
- && chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi
+RUN mkdir -p /opt/app/aaf/status && chmod 755 /opt/app/aaf/bin/* &&\
+ if [ -n "${DUSER}" ]; then \
+ chown ${DUSER}:${DUSER} /opt/app/aaf/status &&\
+ chown ${DUSER}:${DUSER} /opt/app/osaaf &&\
+ chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi
CMD []
diff --git a/auth/docker/Dockerfile.ms b/auth/docker/Dockerfile.ms
index ead958b..351c379 100644
--- a/auth/docker/Dockerfile.ms
+++ b/auth/docker/Dockerfile.ms
@@ -25,9 +25,10 @@
LABEL version=${AAF_VERSION}
COPY bin/pod_wait.sh /opt/app/aaf/bin/
-RUN mkdir -p /opt/app/osaaf
-RUN mkdir -p /opt/app/aaf/status
-RUN if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \
+RUN mkdir -p /opt/app/osaaf &&\
+ mkdir -p /opt/app/aaf/status &&\
+ chmod 755 /opt/app/aaf/bin/* &&\
+ if [ -n "${DUSER}" ]; then chown ${DUSER}:${DUSER} /opt/app/aaf/status \
&& chown ${DUSER}:${DUSER} /opt/app/osaaf \
&& chown -R ${DUSER}:${DUSER} /opt/app/aaf; fi
diff --git a/auth/helm/aaf/templates/aaf-cass.yaml b/auth/helm/aaf/templates/aaf-cass.yaml
index 552303c..cab7134 100644
--- a/auth/helm/aaf/templates/aaf-cass.yaml
+++ b/auth/helm/aaf/templates/aaf-cass.yaml
@@ -40,6 +40,10 @@
protocol: TCP
port: {{.Values.services.cass.native_trans_port}}
containerPort: {{.Values.services.cass.native_trans_port}}
+ - name: rpc
+ protocol: TCP
+ port: {{.Values.services.cass.rpc_port}}
+ containerPort: {{.Values.services.cass.rpc_port}}
---
apiVersion: apps/v1
kind: Deployment
diff --git a/auth/helm/aaf/templates/aaf-cm.yaml b/auth/helm/aaf/templates/aaf-cm.yaml
index 51b0043..ccc2e55 100644
--- a/auth/helm/aaf/templates/aaf-cm.yaml
+++ b/auth/helm/aaf/templates/aaf-cm.yaml
@@ -80,7 +80,7 @@
fieldRef:
fieldPath: metadata.namespace
- name: aaf_locate_url
- value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}"
+ value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}"
- name: aaf_locator_public_fqdn
value: "{{.Values.services.public_fqdn}}"
- name: aaf_locator_name
@@ -102,7 +102,7 @@
- name: aaf-cm
image: {{ .Values.image.repository }}onap/aaf/aaf_cm:{{ .Values.image.version }}
imagePullPolicy: IfNotPresent
- command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm aaf-locate && exec bin/cm"]
+ command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-cm nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-locate && exec bin/cm"]
volumeMounts:
- mountPath: "/opt/app/osaaf"
name: aaf-config-vol
diff --git a/auth/helm/aaf/templates/aaf-fs.yaml b/auth/helm/aaf/templates/aaf-fs.yaml
index f0c6e8e..7677b26 100644
--- a/auth/helm/aaf/templates/aaf-fs.yaml
+++ b/auth/helm/aaf/templates/aaf-fs.yaml
@@ -80,7 +80,7 @@
fieldRef:
fieldPath: status.podIP
- name: aaf_locate_url
- value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}"
+ value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}"
- name: CASSANDRA_CLUSTER
value: "{{.Values.services.cass.fqdn}}.{{.Values.services.ns}}"
# - name: CASSANDRA_USER
diff --git a/auth/helm/aaf/templates/aaf-gui.yaml b/auth/helm/aaf/templates/aaf-gui.yaml
index a977a9b..c7fb2a2 100644
--- a/auth/helm/aaf/templates/aaf-gui.yaml
+++ b/auth/helm/aaf/templates/aaf-gui.yaml
@@ -81,7 +81,7 @@
fieldRef:
fieldPath: metadata.namespace
- name: aaf_locate_url
- value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}"
+ value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}"
- name: aaf_locator_public_fqdn
value: "{{.Values.services.public_fqdn}}"
- name: aaf_locator_name
diff --git a/auth/helm/aaf/templates/aaf-locate.yaml b/auth/helm/aaf/templates/aaf-locate.yaml
index 1f9bdc4..b48c072 100644
--- a/auth/helm/aaf/templates/aaf-locate.yaml
+++ b/auth/helm/aaf/templates/aaf-locate.yaml
@@ -66,6 +66,8 @@
volumeMounts:
- mountPath: "/opt/app/osaaf"
name: aaf-config-vol
+ - mountPath: "/opt/app/aaf/status"
+ name: aaf-status-vol
env:
- name: AAF_ENV
value: "{{ .Values.services.aaf_env }}"
@@ -80,7 +82,7 @@
fieldRef:
fieldPath: metadata.namespace
- name: aaf_locate_url
- value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}"
+ value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}"
- name: aaf_locator_public_fqdn
value: "{{.Values.services.public_fqdn}}"
- name: aaf_locator_name
@@ -88,7 +90,7 @@
- name: aaf_locator_name_helm
value: "{{.Values.services.aaf_locator_name_helm}}"
- name: CASSANDRA_CLUSTER
- value: "{{.Values.services.cass.fqdn}}.{{.Values.services.ns}}"
+ value: "{{.Values.services.cass.fqdn}}.{{.Release.Namespace}}"
# - name: CASSANDRA_USER
# value: ""
# - name: CASSANDRA_PASSWORD
@@ -102,7 +104,7 @@
- name: aaf-locate
image: {{ .Values.image.repository }}onap/aaf/aaf_locate:{{ .Values.image.version }}
imagePullPolicy: IfNotPresent
- command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate aaf-service && exec bin/locate"]
+ command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-locate nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-service && exec bin/locate"]
volumeMounts:
- mountPath: "/opt/app/osaaf"
name: aaf-config-vol
diff --git a/auth/helm/aaf/templates/aaf-oauth.yaml b/auth/helm/aaf/templates/aaf-oauth.yaml
index ff9a18d..3e36d29 100644
--- a/auth/helm/aaf/templates/aaf-oauth.yaml
+++ b/auth/helm/aaf/templates/aaf-oauth.yaml
@@ -80,7 +80,7 @@
fieldRef:
fieldPath: metadata.namespace
- name: aaf_locate_url
- value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}"
+ value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}"
- name: aaf_locator_public_fqdn
value: "{{.Values.services.public_fqdn}}"
- name: aaf_locator_name
@@ -102,7 +102,7 @@
- name: aaf-oauth
image: {{ .Values.image.repository }}onap/aaf/aaf_oauth:{{ .Values.image.version }}
imagePullPolicy: IfNotPresent
- command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth aaf-service && exec bin/oauth"]
+ command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-oauth nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-service && exec bin/oauth"]
volumeMounts:
- mountPath: "/opt/app/osaaf"
name: aaf-config-vol
diff --git a/auth/helm/aaf/templates/aaf-service.yaml b/auth/helm/aaf/templates/aaf-service.yaml
index be6e1c8..5b9fe18 100644
--- a/auth/helm/aaf/templates/aaf-service.yaml
+++ b/auth/helm/aaf/templates/aaf-service.yaml
@@ -77,7 +77,7 @@
- name: aaf_locator_container_ns
value: "{{ .Release.Namespace }}"
- name: aaf_locate_url
- value: "https://{{.Values.services.locate.fqdn}}.{{.Values.services.ns}}:{{.Values.services.locate.internal_port}}"
+ value: "https://aaf-locate.{{.Release.Namespace }}:{{.Values.services.locate.internal_port}}"
- name: aaf_locator_public_fqdn
value: "{{.Values.services.public_fqdn}}"
- name: aaf_locator_name
@@ -99,7 +99,7 @@
- name: aaf-service
image: {{ .Values.image.repository }}onap/aaf/aaf_service:{{ .Values.image.version }}
imagePullPolicy: IfNotPresent
- command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-service aaf-cass && exec bin/service"]
+ command: ["/bin/bash","-c","cd /opt/app/aaf && /bin/bash bin/pod_wait.sh aaf-service nc aaf-cass.{{ .Release.Namespace }} {{ .Values.services.cass.native_trans_port }} aaf-cass && exec bin/service"]
volumeMounts:
- mountPath: "/opt/app/osaaf"
name: aaf-config-vol
diff --git a/auth/helm/aaf/values.yaml b/auth/helm/aaf/values.yaml
index c38bbdb..7919460 100644
--- a/auth/helm/aaf/values.yaml
+++ b/auth/helm/aaf/values.yaml
@@ -40,6 +40,7 @@
cadi_longitude: "-72.0"
cass:
replicas: 1
+ fqdn: "aaf-cass"
cluster_name: "osaaf"
heap_new_size: "512M"
max_heap_size: "1024M"
diff --git a/auth/sample/bin/client.sh b/auth/sample/bin/client.sh
index 0dff803..dbf0862 100755
--- a/auth/sample/bin/client.sh
+++ b/auth/sample/bin/client.sh
@@ -174,7 +174,7 @@
if [ -n "$INITIALIZED" ]; then
echo "Initialization complete"
else
- $JAVA_AGENT
+ $JAVA_AGENT_SELF validate $FQI $FQDN
fi
else
shift
@@ -209,7 +209,7 @@
;;
validate)
echo "## validate requested"
- $JAVA_AGENT_SELF validate
+ $JAVA_AGENT_SELF validate $FQI $FQDN
;;
renew)
echo "## Renew Certificate"
diff --git a/auth/sample/bin/pod_wait.sh b/auth/sample/bin/pod_wait.sh
index 3d6a1b9..5a10476 100644
--- a/auth/sample/bin/pod_wait.sh
+++ b/auth/sample/bin/pod_wait.sh
@@ -24,8 +24,6 @@
DIR="/opt/app/aaf/status"
APP=$1
shift
-OTHER=$1
-shift
function status {
if [ -d "$DIR" ]; then
@@ -62,6 +60,25 @@
done
}
+function wait_nc {
+ n=0
+ while [ $n -lt 40 ]; do
+ echo "Waiting for Network Access to $@"
+ status "Waiting for Network Access to $1 $2"
+ rv="$(nc -zvw 5 $1 $2 2>&1 | grep -e "[open|succeed]")"
+ echo $rv
+
+ if [[ "$rv" == *open* ]] || [[ "$rv" == *succeeded* ]]; then
+ status "Network Connectable to $1 $2"
+ n=10000
+ else
+ (( ++n ))
+ echo "Sleep 10 (iteration $n)"
+ sleep 10
+ fi
+ done
+}
+
function start {
n=0
while [ $n -lt 40 ]; do
@@ -80,30 +97,47 @@
done
}
-case "$OTHER" in
- sleep)
- echo "Sleeping $1"
- status "Sleeping $1"
- sleep $1
- shift
- status "ready"
- echo "Done"
+while [ ! -z "$1" ]; do
+ OTHER=$1
+ shift
+ case "$OTHER" in
+ nc)
+ H=$1
+ shift
+ P=$1
+ shift
+ wait_nc "$H" "$P"
+ if [ -z "$@" ]; then
+ echo "ready"
+ status "ready"
+ fi
+ ;;
+ sleep)
+ echo "Sleeping $1"
+ status "Sleeping $1"
+ sleep $1
+ shift
+ if [ -z "$@" ]; then
+ echo "ready"
+ status "ready"
+ fi
+ echo "Done"
+ ;;
+ remove)
+ echo "Removing $DIR/$APP-$HOSTNAME"
+ rm -f $DIR/$APP-$HOSTNAME
+ ;;
+ wait)
+ OTHER="$1"
+ shift
+ wait
+ ;;
+ *)
+ echo "App $APP is waiting to start until $OTHER is ready"
+ status "waiting for $OTHER"
+
+ start
+ break
;;
- stop)
- echo "Removing $DIR/$APP-$HOSTNAME"
- rm $DIR/$APP-$HOSTNAME
- ;;
- wait)
- OTHER="$1"
- shift
- wait
- ;;
- *)
- echo "App $APP is waiting to start until $OTHER is ready"
- status "waiting for $OTHER"
-
- start
- ;;
-esac
-
-eval "$@"
+ esac
+done
diff --git a/auth/sample/bin/service.sh b/auth/sample/bin/service.sh
index 54a1cc5..1a289d3 100644
--- a/auth/sample/bin/service.sh
+++ b/auth/sample/bin/service.sh
@@ -21,6 +21,24 @@
# This script is run when starting aaf_config Container.
# It needs to cover the cases where the initial data doesn't exist, and when it has already been configured (don't overwrite)
#
+
+echo "# Properties passed in"
+ for P in `env`; do
+ if [[ "$P" == cadi* ]] || [[ "$P" == aaf* ]] || [[ "$P" == HOSTNAME* ]]; then
+ S="${P/_helm/.helm}"
+ S="${S/_oom/.oom}"
+ echo "$S"
+ fi
+ done
+
+# Set from CAP Based PROPS, if necessary
+aaf_env=${aaf_env:-"${AAF_ENV}"}
+aaf_release=${aaf_release:-"${VERSION}"}
+cadi_latitude=${cadi_latitude:-"${LATITUDE}"}
+cadi_longitude=${cadi_longitude:-"${LONGITUDE}"}
+cadi_x509_issuers=${cadi_x509_issuers:-"${CADI_X509_ISSUERS}"}
+aaf_locate_url=${aaf_locate_url:-"https://${HOSTNAME}:8095"}
+
JAVA=/usr/bin/java
OSAAF=/opt/app/osaaf
@@ -126,15 +144,8 @@
done
TMP=$(mktemp)
- echo aaf_env=${AAF_ENV} >> ${TMP}
- echo aaf_release=${VERSION} >> ${TMP}
- echo cadi_latitude=${LATITUDE} >> ${TMP}
- echo cadi_longitude=${LONGITUDE} >> ${TMP}
- echo cadi_x509_issuers=${CADI_X509_ISSUERS} >> ${TMP}
- AAF_LOCATE_URL=${aaf_locate_url:="https://${HOSTNAME}:8095"}
- echo aaf_locate_url=${AAF_LOCATE_URL} >> ${TMP}
for P in `env`; do
- if [[ "$P" == aaf_locator* ]]; then
+ if [[ "$P" == aaf_* ]] || [[ "$P" == cadi_* ]]; then
S="${P/_helm/.helm}"
S="${S/_oom/.oom}"
echo "$S" >> ${TMP}
@@ -154,7 +165,7 @@
CASS_HOST=${CASS_HOST:="aaf-cass"}
CASS_PASS=$($JAVA_CADI digest "${CASSANDRA_PASSWORD:-cassandra}" $LOCAL/org.osaaf.aaf.keyfile)
CASS_NAME=${CASS_HOST/:*/}
- sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTERS:=$CASS_HOST}/" \
+ sed -i.backup -e "s/\\(cassandra.clusters=\\).*/\\1${CASSANDRA_CLUSTER:=$CASS_HOST}/" \
-e "s/\\(cassandra.clusters.user=\\).*/\\1${CASSANDRA_USER:=cassandra}/" \
-e "s/\\(cassandra.clusters.password=enc:\\).*/\\1$CASS_PASS/" \
-e "s/\\(cassandra.clusters.port=\\).*/\\1${CASSANDRA_PORT:=9042}/" \