Coverage for configure/configure.py : 59%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# ============LICENSE_START=======================================================
2# org.onap.dcae
3# ================================================================================
4# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
5# Copyright (c) 2019 Pantheon.tech. All rights reserved.
6# Copyright (c) 2020 Nokia. All rights reserved.
7# ================================================================================
8# Licensed under the Apache License, Version 2.0 (the "License");
9# you may not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS,
16# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19# ============LICENSE_END=========================================================
21_CONFIG_PATH = "/opt/onap/config.txt" # Path to config file on the Cloudify Manager host
22_CONSUL_KEY = "k8s-plugin" # Key under which CM configuration is stored in Consul
24# Default configuration values
25DCAE_NAMESPACE = "dcae"
26CONSUL_DNS_NAME = "consul"
27DEFAULT_K8S_LOCATION = "central"
28DEFAULT_MAX_WAIT = 1800
30FB_LOG_PATH = "/var/log/onap"
31FB_DATA_PATH = "/usr/share/filebeat/data"
32FB_CONFIG_PATH = "/usr/share/filebeat/filebeat.yml"
33FB_CONFIG_SUBPATH = "filebeat.yml"
34FB_CONFIG_MAP = "filebeat-conf"
35FB_IMAGE = "docker.elastic.co/beats/filebeat:5.5.0"
37TLS_CERT_PATH = "/opt/app/osaaf"
38TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0"
39TLS_COMP_CERT_PATH = "/opt/dcae/cacert"
40TLS_CA_CONFIGMAP = "dcae-cacert-configmap"
42EXT_TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.aaf.certservice.aaf-certservice-client:1.2.0"
43EXT_TLS_REQUEST_URL = "https://aaf-cert-service:8443/v1/certificate/"
44EXT_TLS_TIMEOUT = "30000"
45EXT_TLS_COUNTRY = "US"
46EXT_TLS_ORGANIZATION = "Linux-Foundation"
47EXT_TLS_STATE = "California"
48EXT_TLS_ORGANIZATIONAL_UNIT = "ONAP"
49EXT_TLS_LOCATION = "San-Francisco"
50EXT_TLS_KEYSTORE_PASSWORD = "secret"
51EXT_TLS_TRUSTSTORE_PASSWORD = "secret"
53CBS_BASE_URL = "https://config-binding-service:10443/service_component_all"
55def _set_defaults():
56 """ Set default configuration parameters """
57 return {
58 "namespace" : DCAE_NAMESPACE, # k8s namespace to use for DCAE
59 "consul_dns_name" : CONSUL_DNS_NAME, # k8s internal DNS name for Consul
60 "default_k8s_location" : DEFAULT_K8S_LOCATION, # default k8s location to deploy components
61 "image_pull_secrets" : [], # list of k8s secrets for accessing Docker registries
62 "max_wait": DEFAULT_MAX_WAIT, # Default maximum time to wait for component to become healthy (secs)
63 "filebeat": { # Configuration for setting up filebeat container
64 "log_path" : FB_LOG_PATH, # mount point for log volume in filebeat container
65 "data_path" : FB_DATA_PATH, # mount point for data volume in filebeat container
66 "config_path" : FB_CONFIG_PATH, # mount point for config volume in filebeat container
67 "config_subpath" : FB_CONFIG_SUBPATH, # subpath for config data in filebeat container
68 "config_map" : FB_CONFIG_MAP, # ConfigMap holding the filebeat configuration
69 "image": FB_IMAGE # Docker image to use for filebeat
70 },
71 "tls": { # Configuration for setting up TLS
72 "cert_path" : TLS_CERT_PATH, # mount point for certificate volume in TLS init container
73 "image": TLS_IMAGE, # Docker image to use for TLS init container
74 "component_cert_dir": TLS_COMP_CERT_PATH # default mount point for certificate volume in component container
75 },
76 "external_cert": {
77 "image_tag": EXT_TLS_IMAGE, # Docker image to use for external TLS init container
78 "request_url" : EXT_TLS_REQUEST_URL, # URL to Cert Service API
79 "timeout" : EXT_TLS_TIMEOUT, # Request timeout
80 "country" : EXT_TLS_COUNTRY, # Country name in ISO 3166-1 alpha-2 format, for which certificate will be created
81 "organization" : EXT_TLS_ORGANIZATION, # Organization name, for which certificate will be created
82 "state" : EXT_TLS_STATE, # State name, for which certificate will be created
83 "organizational_unit" : EXT_TLS_ORGANIZATIONAL_UNIT, # Organizational unit name, for which certificate will be created
84 "location" : EXT_TLS_LOCATION, # Location name, for which certificate will be created
85 "keystore_password" : EXT_TLS_KEYSTORE_PASSWORD, # Password to keystore file
86 "truststore_password" : EXT_TLS_TRUSTSTORE_PASSWORD # Password to truststore file
87 },
88 "cbs": {
89 "base_url" : CBS_BASE_URL # URL prefix for accessing config binding service
90 }
92 }
94def configure(config_path=_CONFIG_PATH, key = _CONSUL_KEY):
95 """
96 Get configuration information from local file and Consul.
97 Note that the Cloudify context ("ctx") isn't available at
98 module load time.
99 """
101 from cloudify.exceptions import NonRecoverableError
102 try:
103 import configparser
104 except ImportError:
105 import ConfigParser as configparser
106 from k8splugin import discovery
107 config = _set_defaults()
109 try:
110 # Get Consul address from a config file
111 c = configparser.ConfigParser()
112 c.read(config_path)
113 config["consul_host"] = c.get('consul','address')
115 # Get the rest of the config from Consul
116 conn = discovery.create_kv_conn(config["consul_host"])
117 val = discovery.get_kv_value(conn, key)
119 # Merge Consul results into the config
120 config.update(val)
122 except discovery.DiscoveryKVEntryNotFoundError as e:
123 # Don't reraise error, assume defaults are wanted.
124 pass
126 except Exception as e:
127 raise NonRecoverableError(e)
129 return config