[AAI] Service Mesh compatibility
This patch makes AAI to work on service mesh by removing https calls
from everywhere.
It allows also to use AAI on an environment without need of TLS.
Issue-ID: OOM-2670
Signed-off-by: Ondrej Frindrich <ondrej1.frindrich@orange.com>
Change-Id: I19adabc7b33c1ada243ec16f77dbf8fde19b1386
diff --git a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
index 772fa0d..41b8554 100644
--- a/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
+++ b/kubernetes/aai/components/aai-modelloader/resources/config/model-loader.properties
@@ -16,13 +16,19 @@
# Model Loader Distribution Client Configuration
*/}}
ml.distribution.ACTIVE_SERVER_TLS_AUTH=false
+{{ if ( include "common.needTLS" .) }}
ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8443
-ml.distribution.CONSUMER_GROUP=aai-ml-group
-ml.distribution.CONSUMER_ID=aai-ml
-ml.distribution.ENVIRONMENT_NAME=AUTO
+ml.distribution.ASDC_USE_HTTPS=true
ml.distribution.KEYSTORE_PASSWORD=
ml.distribution.KEYSTORE_FILE=asdc-client.jks
ml.distribution.PASSWORD=OBF:1ks51l8d1o3i1pcc1r2r1e211r391kls1pyj1z7u1njf1lx51go21hnj1y0k1mli1sop1k8o1j651vu91mxw1vun1mze1vv11j8x1k5i1sp11mjc1y161hlr1gm41m111nkj1z781pw31kku1r4p1e391r571pbm1o741l4x1ksp
+{{ else }}
+ml.distribution.ASDC_ADDRESS=sdc-be.{{.Release.Namespace}}:8080
+ml.distribution.ASDC_USE_HTTPS=false
+{{ end }}
+ml.distribution.CONSUMER_GROUP=aai-ml-group
+ml.distribution.CONSUMER_ID=aai-ml
+ml.distribution.ENVIRONMENT_NAME=AUTO
ml.distribution.POLLING_INTERVAL=30
ml.distribution.POLLING_TIMEOUT=20
ml.distribution.USER=aai
@@ -30,19 +36,26 @@
ml.distribution.MSG_BUS_ADDRESSES=message-router.{{.Release.Namespace}}
# Model Loader AAI REST Client Configuration
+{{ if ( include "common.needTLS" .) }}
ml.aai.BASE_URL=https://aai.{{.Release.Namespace}}:8443
+ml.aai.KEYSTORE_FILE=aai-os-cert.p12
+ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+{{ else }}
+ml.aai.BASE_URL=http://aai.{{.Release.Namespace}}:8080
+{{ end }}
ml.aai.MODEL_URL=/aai/v*/service-design-and-creation/models/model/
ml.aai.NAMED_QUERY_URL=/aai/v*/service-design-and-creation/named-queries/named-query/
ml.aai.VNF_IMAGE_URL=/aai/v*/service-design-and-creation/vnf-images
-ml.aai.KEYSTORE_FILE=aai-os-cert.p12
-ml.aai.KEYSTORE_PASSWORD=OBF:1i9a1u2a1unz1lr61wn51wn11lss1unz1u301i6o
+
ml.aai.AUTH_USER=ModelLoader
ml.aai.AUTH_PASSWORD=OBF:1qvu1v2h1sov1sar1wfw1j7j1wg21saj1sov1v1x1qxw
# Model Loader Babel REST Client Configuration\r
-ml.babel.BASE_URL=https://aai-babel.{{.Release.Namespace}}:9516
+ml.babel.BASE_URL={{ include "common.scheme" . }}://aai-babel.{{.Release.Namespace}}:9516
ml.babel.GENERATE_ARTIFACTS_URL=/services/babel-service/v1/app/generateArtifacts
+{{ if ( include "common.needTLS" .) }}
ml.babel.KEYSTORE_FILE=babel-client-cert.p12
ml.babel.KEYSTORE_PASSWORD=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
ml.babel.TRUSTSTORE_FILE=tomcat_keystore
ml.babel.TRUSTSTORE_PASSWORD=OBF:1y0q1uvc1uum1uvg1pil1pjl1uuq1uvk1uuu1y10
+{{ end }}
diff --git a/kubernetes/aai/components/aai-modelloader/values.yaml b/kubernetes/aai/components/aai-modelloader/values.yaml
index b235ba1..38eab95 100644
--- a/kubernetes/aai/components/aai-modelloader/values.yaml
+++ b/kubernetes/aai/components/aai-modelloader/values.yaml
@@ -50,11 +50,11 @@
service:
type: NodePort
- portName: aai-modelloader
+ portName: http
externalPort: 8080
internalPort: 8080
nodePort: 10
- portName2: aai-modelloader-ssl
+ portName2: https
externalPort2: 8443
internalPort2: 8443
nodePort2: 29