Gitiles
Code Review Sign In
gerrit.nordix.org / onap / so / 1a031c0f696370d41f3373a39c54aeba7d35d994 / . / docs / developer_info / Docker-Config_Understanding.rst
blob: e684c6c480cc24fd03de0931799c02427a0a4c48 [file] [log] [blame]
MD IRSHAD SHEIKHc5ee0b22020-10-06 12:35:31 +0530[diff] [blame]1.. This work is licensed under a Creative Commons Attribution 4.0 International License.
2.. http://creativecommons.org/licenses/by/4.0
3.. Copyright 2020 Huawei Technologies Co., Ltd.
4
5Docker-config
6=============
7
8In SO (Service Orchestration) every component running on docker engine and respective containers. here we can see how so is working with Dokcer.
9
10CA(Certificate Authority)
11=========================
12
13Certificate Authorities/ CAs, issue Digital Certificates. Digital Certificates are verifiable small data files that contain identity credentials to help websites, people, and devices represent their authentic online identity (authentic because the CA has verified the identity). CAs play a critical role in how the Internet operates and how transparent, trusted transactions can take place online. CAs issue millions of Digital Certificates each year, and these certificates are used to protect information, encrypt billions of transactions, and enable secure communication.
14
15CA(file)
16
17/so/packages/docker/src/main/docker/docker-files/ca-certificates/onap-ca.crt
18
19Example CA cirtifiacte:-
20
21-----BEGIN CERTIFICATE-----
22MIIEczCCA1ugAwIBAgIBADANBgkqhkiG9w0BAQQFAD..AkGA1UEBhMCR0Ix
23EzARBgNVBAgTClNvbWUtU3RhdGUxFDASBgNVBAoTC0..0EgTHRkMTcwNQYD
24VQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcn..XRpb24gQXV0aG9y
25aXR5MRQwEgYDVQQDEwtCZXN0IENBIEx0ZDAeFw0wMD..TUwMTZaFw0wMTAy
26MDQxOTUwMTZaMIGHMQswCQYDVQQGEwJHQjETMBEGA1..29tZS1TdGF0ZTEU
27MBIGA1UEChMLQmVzdCBDQSBMdGQxNzA1BgNVBAsTLk..DEgUHVibGljIFBy
28aW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxFD..AMTC0Jlc3QgQ0Eg
29THRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCg..Tz2mr7SZiAMfQyu
30vBjM9OiJjRazXBZ1BjP5CE/Wm/Rr500PRK+Lh9x5eJ../ANBE0sTK0ZsDGM
31ak2m1g7oruI3dY3VHqIxFTz0Ta1d+NAjwnLe4nOb7/..k05ShhBrJGBKKxb
328n104o/5p8HAsZPdzbFMIyNjJzBM2o5y5A13wiLitE..fyYkQzaxCw0Awzl
33kVHiIyCuaF4wj571pSzkv6sv+4IDMbT/XpCo8L6wTa..sh+etLD6FtTjYbb
34rvZ8RQM1tlKdoMHg2qxraAV++HNBYmNWs0duEdjUbJ..XI9TtnS4o1Ckj7P
35OfljiQIDAQABo4HnMIHkMB0GA1UdDgQWBBQ8urMCRL..5AkIp9NJHJw5TCB
36tAYDVR0jBIGsMIGpgBQ8urMCRLYYMHUKU5AkIp9NJH..aSBijCBhzELMAkG
37A1UEBhMCR0IxEzARBgNVBAgTClNvbWUtU3RhdGUxFD..AoTC0Jlc3QgQ0Eg
38THRkMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcm..ENlcnRpZmljYXRp
39b24gQXV0aG9yaXR5MRQwEgYDVQQDEwtCZXN0IENBIE..DAMBgNVHRMEBTAD
40AQH/MA0GCSqGSIb3DQEBBAUAA4IBAQC1uYBcsSncwA..DCsQer772C2ucpX
41xQUE/C0pWWm6gDkwd5D0DSMDJRqV/weoZ4wC6B73f5..bLhGYHaXJeSD6Kr
42XcoOwLdSaGmJYslLKZB3ZIDEp0wYTGhgteb6JFiTtn..sf2xdrYfPCiIB7g
43BMAV7Gzdc4VspS6ljrAhbiiawdBiQlQmsBeFz9JkF4..b3l8BoGN+qMa56Y
44It8una2gY4l2O//on88r5IWJlm1L0oA8e4fR2yrBHX..adsGeFKkyNrwGi/
457vQMfXdGsRrXNGRGnX+vWDZ3/zWI0joDtCkNnqEpVn..HoX
46-----END CERTIFICATE-----
47
48
49Configurations:-
50================
51
52Every component has its own over-ride yaml file. We can over-ride the file according the Configurations and Dependencies required for Deploying.
53
54Over-ride yaml for api-handler
55==============================
56
57Path:- /docker-config/volumes/so/config/api-handler-infra/onapheat/override.yaml
58
59.. code-block:: bash
60
61 server:
62 port: 8080
63 tomcat:
64 max-threads: 50
65 ssl-enable: false
66
67 mso:
68 msoKey: 07a7159d3bf51a0e53be7a8f89699be7
69 logPath: logs
70 site-name: onapheat
71 adapters:
72 requestDb:
73 endpoint: http://request-db-adapter:8083
74 auth: Basic YnBlbDpwYXNzd29yZDEk
75 catalog:
76 db:
77 spring:
78 endpoint: http://catalog-db-adapter:8082
79 db:
80 auth: Basic YnBlbDpwYXNzd29yZDEk
81 config:
82 path: /src/main/resources/
83 infra:
84 default:
85 alacarte:
86 orchestrationUri: /mso/async/services/ALaCarteOrchestrator
87 recipeTimeout: 180
88 testApi: VNF_API
89 service:
90 macro:
91 default:
92 testApi: GR_API
93 camundaURL: http://bpmn-infra:8081
94 camundaAuth: AE2E9BE6EF9249085AF98689C4EE087736A5500629A72F35068FFB88813A023581DD6E765071F1C04075B36EA4213A
95 async:
96 core-pool-size: 50
97 max-pool-size: 50
98 queue-capacity: 500
99 sdc:
100 client:
101 auth: F3473596C526938329DF877495B494DC374D1C4198ED3AD305EA3ADCBBDA1862
102 activate:
103 instanceid: test
104 userid: cs0008
105 endpoint: http://c1.vm1.mso.simpledemo.onap.org:28090
106 tenant:
107 isolation:
108 retry:
109 count: 3
110 aai:
111 endpoint: https://aai.api.simpledemo.onap.org:8443
112 auth: 2630606608347B7124C244AB0FE34F6F
113 extApi:
114 endpoint: http://nbi.onap:8080/nbi/api/v3
115 so:
116 operational-environment:
117 dmaap:
118 username: testuser
119 password: VjR5NDcxSzA=
120 host: http://c1.vm1.mso.simpledemo.onap.org:28090
121 auth: 51EA5414022D7BE536E7516C4D1A6361416921849B72C0D6FC1C7F262FD9F2BBC2AD124190A332D9845A188AD80955567A4F975C84C221EEA8243BFD92FFE6896CDD1EA16ADD34E1E3D47D4A
122 publisher:
123 topic: com.att.ecomp.mso.operationalEnvironmentEvent
124
125 spring:
126 datasource:
127 hikari:
128 jdbcUrl: jdbc:mariadb://mariadb:3306/catalogdb
129 username: cataloguser
130 password: catalog123
131 driver-class-name: org.mariadb.jdbc.Driver
132 pool-name: catdb-pool
133 registerMbeans: true
134 jpa:
135 show-sql: true
136 hibernate:
137 dialect: org.hibernate.dialect.MySQL5Dialect
138 ddl-auto: validate
139 naming-strategy: org.hibernate.cfg.ImprovedNamingStrategy
140 enable-lazy-load-no-trans: true
141 jersey:
142 type: filter
143
144 security:
145 usercredentials:
146 -
147 username: sitecontrol
148 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
149 role: SiteControl-Client
150 -
151 username: gui
152 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
153 role: GUI-Client
154 -
155 username: infraportal
156 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
157 role: InfraPortal-Client
158 -
159 username: InfraPortalClient
160 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
161 role: InfraPortal-Client
162 -
163 username: bpel
164 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
165 role: BPEL-Client
166 -
167 username: mso_admin
168 password: '$2a$10$Fh9ffgPw2vnmsghsRD3ZauBL1aKXebigbq3BB1RPWtE62UDILsjke'
169 role: ACTUATOR
170
171 request:
172 datasource:
173 hikari:
174 jdbcUrl: jdbc:mariadb://mariadb:3306/requestdb
175 username: requestuser
176 password: request123
177 driver-class-name: org.mariadb.jdbc.Driver
178 pool-name: reqdb-pool
179 registerMbeans: true
180 org:
181 onap:
182 so:
183 cloud-owner: CloudOwner
184 adapters:
185 network:
186 encryptionKey: 07a7159d3bf51a0e53be7a8f89699be7
187
188
189
190Start the container
191=======================
192cd /home/root1/docker-config/
193
194CMD:-
195===
196
197sudo docker-compose up -d
198
199*Example Output:*
200
201root1@slave-node:~/docker-config$ sudo docker-compose up -d
202docker-config_mariadb_1 is up-to-date
203Starting docker-config_catalog-db-adapter_1 ... done
204Starting docker-config_request-db-adapter_1 ... done
205Starting docker-config_bpmn-infra_1 ... done
206Starting docker-config_vfc-adapter_1 ... done
207Starting docker-config_sdc-controller_1 ... done
208Starting docker-config_sdnc-adapter_1 ... done
209Starting docker-config_openstack-adapter_1 ... done
210Starting docker-config_api-handler-infra_1 ... done
211Starting docker-config_so-monitoring_1 ... done
212Starting docker-config_nssmf-adapter_1 ... done
213
214
215Example Output:
216===============
217
218docker ps
219
220*Example Output:*
221
222root1@slave-node:~/docker-config$ sudo docker ps
223CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
224d930caf28508 nexus3.onap.org:10001/onap/so/openstack-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 30 seconds 0.0.0.0:8087->8087/tcp docker-config_openstack-adapter_1
225599af283319e nexus3.onap.org:10001/onap/so/vfc-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 30 seconds 0.0.0.0:8084->8084/tcp docker-config_vfc-adapter_1
2265549305c8dd6 nexus3.onap.org:10001/onap/so/api-handler-infra "/app/wait-for.sh -q…" 5 weeks ago Up 27 seconds 0.0.0.0:8080->8080/tcp docker-config_api-handler-infra_1
22759d3aa684ecb nexus3.onap.org:10001/onap/so/sdnc-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 29 seconds 0.0.0.0:8086->8086/tcp docker-config_sdnc-adapter_1
228ade4cef97bd3 nexus3.onap.org:10001/onap/so/bpmn-infra "/app/wait-for.sh -q…" 5 weeks ago Up 29 seconds 0.0.0.0:8081->8081/tcp docker-config_bpmn-infra_1
229e9558560c4d7 nexus3.onap.org:10001/onap/so/sdc-controller "/app/wait-for.sh -q…" 5 weeks ago Up 25 seconds 0.0.0.0:8085->8085/tcp docker-config_sdc-controller_1
230ae27ec2f8b04 nexus3.onap.org:10001/onap/so/so-monitoring "/app/wait-for.sh -q…" 5 weeks ago Up 26 seconds 0.0.0.0:8088->8088/tcp docker-config_so-monitoring_1
2318d2c64d48f1a nexus3.onap.org:10001/onap/so/request-db-adapter "/app/wait-for.sh -q…" 5 weeks ago Up 32 seconds 0.0.0.0:8083->8083/tcp docker-config_request-db-adapter_1
232a126dd29c540 nexus3.onap.org:10001/mariadb:10.1.11 "/docker-entrypoint.…" 5 weeks ago Up 17 minutes 0.0.0.0:32768->3306/tcp docker-config_mariadb_1
233
234Inspect a docker image
235======================
236This command shows interesting information about the structure of the mso image. Note that an image is NOT a running container. It is the template that a container is created from.
237
238CMD:-
239=====
240sudo docker inspect onap/so/api-handler-infra
241
242
243Example Output:
244
245.. code-block:: bash
246
247
248 [
249 {
250 "Id": "sha256:2573165483e9ac87826da9c08984a9d0e1d93a90c681b22d9b4f90ed579350dc",
251 "RepoTags": [
252 "onap/so/api-handler-infra:1.3.0-SNAPSHOT",
253 "onap/so/api-handler-infra:1.3.0-SNAPSHOT-20190213T0846",
254 "onap/so/api-handler-infra:1.3.0-SNAPSHOT-latest",
255 "onap/so/api-handler-infra:latest"
256 ],
257 "RepoDigests": [],
258 "Parent": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
259 "Comment": "",
260 "Created": "2019-02-13T09:37:33.770342225Z",
261 "Container": "8be46c735d21935631130f9017c3747779aab26eab54a9149b1edde122f7576d",
262 "ContainerConfig": {
263 "Hostname": "ac4a12e21390",
264 "Domainname": "",
265 "User": "",
266 "AttachStdin": false,
267 "AttachStdout": false,
268 "AttachStderr": false,
269 "Tty": false,
270 "OpenStdin": false,
271 "StdinOnce": false,
272 "Env": [
273 "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin",
274 "LANG=C.UTF-8",
275 "JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk",
276 "JAVA_VERSION=8u191",
277 "JAVA_ALPINE_VERSION=8.191.12-r0",
278 "HTTP_PROXY=",
279 "HTTPS_PROXY=",
280 "http_proxy=",
281 "https_proxy="
282 ],
283 "Cmd": [
284 "/bin/sh",
285 "-c",
286 "#(nop) ",
287 "CMD [\"/app/start-app.sh\"]"
288 ],
289 "ArgsEscaped": true,
290 "Image": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
291 "Volumes": {
292 "/app/ca-certificates": {},
293 "/app/config": {}
294 },
295 "WorkingDir": "/app",
296 "Entrypoint": null,
297 "OnBuild": [],
298 "Labels": {}
299 },
300 "DockerVersion": "17.05.0-ce",
301 "Author": "",
302 "Config": {
303 "Hostname": "ac4a12e21390",
304 "Domainname": "",
305 "User": "",
306 "AttachStdin": false,
307 "AttachStdout": false,
308 "AttachStderr": false,
309 "Tty": false,
310 "OpenStdin": false,
311 "StdinOnce": false,
312 "Env": [
313 "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin",
314 "LANG=C.UTF-8",
315 "JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk",
316 "JAVA_VERSION=8u191",
317 "JAVA_ALPINE_VERSION=8.191.12-r0",
318 "HTTP_PROXY=",
319 "HTTPS_PROXY=",
320 "http_proxy=",
321 "https_proxy="
322 ],
323 "Cmd": [
324 "/app/start-app.sh"
325 ],
326 "ArgsEscaped": true,
327 "Image": "sha256:66b508441811ab4ed9968f8702a0d0a697f517bbc10d8d9076e5b98ae4437344",
328 "Volumes": {
329 "/app/ca-certificates": {},
330 "/app/config": {}
331 },
332 "WorkingDir": "/app",
333 "Entrypoint": null,
334 "OnBuild": [],
335 "Labels": {}
336 },
337 "Architecture": "amd64",
338 "Os": "linux",
339 "Size": 245926705,
340 "VirtualSize": 245926705,
341 "GraphDriver": {
342 "Data": null,
343 "Name": "aufs"
344 },
345 "RootFS": {
346 "Type": "layers",
347 "Layers": [
348 "sha256:503e53e365f34399c4d58d8f4e23c161106cfbce4400e3d0a0357967bad69390",
349 "sha256:744b4cd8cf79c70508aace3697b6c3b46bee2c14f1c14b6ff09fd0ba5735c6d4",
350 "sha256:4c6899b75fdbea2f44efe5a2f8d9f5319c1cf7e87151de0de1014aba6ce71244",
351 "sha256:2e076d24f6d1277456e33e58fc8adcfd69dfd9c025f61aa7b98d500e7195beb2",
352 "sha256:bb67f2d5f8196c22137a9e98dd4190339a65c839822d16954070eeb0b2a17aa2",
353 "sha256:afbbd0cc43999d5c5b0ff54dfd82365a3feb826e5c857d9b4a7cf378001cd4b3",
354 "sha256:1920a7ca0f8ae38a79a1339ce742aaf3d7a095922d96e37074df67cf031d5035",
355 "sha256:1261fbaef67c5be677dae1c0f50394587832ea9d8c7dc105df2f3db6dfb92a3a",
356 "sha256:a33d8ee5c18908807458ffe643184228c21d3c5d5c5df1251f0f7dfce512f7e8",
357 "sha256:80704fca12eddb4cc638cee105637266e04ab5706b4e285d4fc6cac990e96d63",
358 "sha256:55abe39073a47f29aedba790a92c351501f21b3628414fa49a073c010ee747d1",
359 "sha256:cc4136c2c52ad522bd492545d4dd18265676ca690aa755994adf64943b119b28",
360 "sha256:2163a1f989859fdb3af6e253b74094e92a0fc1ee59f5eb959971f94eb1f98094"
361 ]
362 }
363 }
364 ]