Coverage for configure/configure.py : 62%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# ============LICENSE_START=======================================================
2# org.onap.dcae
3# ================================================================================
4# Copyright (c) 2018-2020 AT&T Intellectual Property. All rights reserved.
5# Copyright (c) 2019 Pantheon.tech. All rights reserved.
6# Copyright (c) 2020-2021 Nokia. All rights reserved.
7# ================================================================================
8# Licensed under the Apache License, Version 2.0 (the "License");
9# you may not use this file except in compliance with the License.
10# You may obtain a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS,
16# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
17# See the License for the specific language governing permissions and
18# limitations under the License.
19# ============LICENSE_END=========================================================
21_CONFIG_PATH = "/opt/onap/config.txt" # Path to config file on the Cloudify Manager host
22_CONSUL_KEY = "k8s-plugin" # Key under which CM configuration is stored in Consul
24# Default configuration values
25DCAE_NAMESPACE = "dcae"
26CONSUL_DNS_NAME = "consul"
27DEFAULT_K8S_LOCATION = "central"
28DEFAULT_MAX_WAIT = 1800
30FB_LOG_PATH = "/var/log/onap"
31FB_DATA_PATH = "/usr/share/filebeat/data"
32FB_CONFIG_PATH = "/usr/share/filebeat/filebeat.yml"
33FB_CONFIG_SUBPATH = "filebeat.yml"
34FB_CONFIG_MAP = "filebeat-conf"
35FB_IMAGE = "docker.elastic.co/beats/filebeat:5.5.0"
37TLS_CERT_PATH = "/opt/app/osaaf"
38TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.dcaegen2.deployments.tls-init-container:2.1.0"
39TLS_COMP_CERT_PATH = "/opt/dcae/cacert"
40TLS_CA_CONFIGMAP = "dcae-cacert-configmap"
42EXT_TLS_IMAGE = "nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-client:2.1.0"
43EXT_TLS_REQUEST_URL = "https://oom-cert-service:8443/v1/certificate/"
44EXT_TLS_TIMEOUT = "30000"
45EXT_TLS_COUNTRY = "US"
46EXT_TLS_ORGANIZATION = "Linux-Foundation"
47EXT_TLS_STATE = "California"
48EXT_TLS_ORGANIZATIONAL_UNIT = "ONAP"
49EXT_TLS_LOCATION = "San-Francisco"
50EXT_TLS_CERT_SECRET_NAME = "oom-cert-service-client-tls-secret"
51EXT_TLS_KEYSTORE_PASSWORD = "secret"
52EXT_TLS_TRUSTSTORE_PASSWORD = "secret"
54CERT_POST_PROCESSOR_IMAGE = "nexus3.onap.org:10001/onap/org.onap.oom.platform.cert-service.oom-certservice-post-processor:2.1.0"
55CBS_BASE_URL = "https://config-binding-service:10443/service_component_all"
57CMPV2_ISSUER_ENABLED = "false"
58CMPV2_ISSUER_NAME = "cmpv2-issuer-onap"
60def _set_defaults():
61 """ Set default configuration parameters """
62 return {
63 "namespace" : DCAE_NAMESPACE, # k8s namespace to use for DCAE
64 "consul_dns_name" : CONSUL_DNS_NAME, # k8s internal DNS name for Consul
65 "default_k8s_location" : DEFAULT_K8S_LOCATION, # default k8s location to deploy components
66 "image_pull_secrets" : [], # list of k8s secrets for accessing Docker registries
67 "max_wait": DEFAULT_MAX_WAIT, # Default maximum time to wait for component to become healthy (secs)
68 "filebeat": { # Configuration for setting up filebeat container
69 "log_path" : FB_LOG_PATH, # mount point for log volume in filebeat container
70 "data_path" : FB_DATA_PATH, # mount point for data volume in filebeat container
71 "config_path" : FB_CONFIG_PATH, # mount point for config volume in filebeat container
72 "config_subpath" : FB_CONFIG_SUBPATH, # subpath for config data in filebeat container
73 "config_map" : FB_CONFIG_MAP, # ConfigMap holding the filebeat configuration
74 "image": FB_IMAGE # Docker image to use for filebeat
75 },
76 "tls": { # Configuration for setting up TLS
77 "cert_path" : TLS_CERT_PATH, # mount point for certificate volume in TLS init container
78 "image": TLS_IMAGE, # Docker image to use for TLS init container
79 "component_cert_dir": TLS_COMP_CERT_PATH # default mount point for certificate volume in component container
80 },
81 "external_cert": {
82 "image_tag": EXT_TLS_IMAGE, # Docker image to use for external TLS init container
83 "request_url" : EXT_TLS_REQUEST_URL, # URL to Cert Service API
84 "timeout" : EXT_TLS_TIMEOUT, # Request timeout
85 "country" : EXT_TLS_COUNTRY, # Country name in ISO 3166-1 alpha-2 format, for which certificate will be created
86 "organization" : EXT_TLS_ORGANIZATION, # Organization name, for which certificate will be created
87 "state" : EXT_TLS_STATE, # State name, for which certificate will be created
88 "organizational_unit" : EXT_TLS_ORGANIZATIONAL_UNIT, # Organizational unit name, for which certificate will be created
89 "location" : EXT_TLS_LOCATION, # Location name, for which certificate will be created
90 "cert_secret_name": EXT_TLS_CERT_SECRET_NAME, # Name of secret containing keystore and truststore for secure communication of Cert Service Client and Cert Service
91 "keystore_password" : EXT_TLS_KEYSTORE_PASSWORD, # Password to keystore file
92 "truststore_password" : EXT_TLS_TRUSTSTORE_PASSWORD # Password to truststore file
93 },
94 "cert_post_processor": {
95 "image_tag": CERT_POST_PROCESSOR_IMAGE # Docker image to use for cert post processor init container
96 },
97 "cbs": {
98 "base_url" : CBS_BASE_URL # URL prefix for accessing config binding service
99 },
100 "cmpv2_issuer": {
101 "enabled": CMPV2_ISSUER_ENABLED,
102 "name": CMPV2_ISSUER_NAME
103 }
104 }
106def configure(config_path=_CONFIG_PATH, key = _CONSUL_KEY):
107 """
108 Get configuration information from local file and Consul.
109 Note that the Cloudify context ("ctx") isn't available at
110 module load time.
111 """
113 from cloudify.exceptions import NonRecoverableError
114 try:
115 import configparser
116 except ImportError:
117 import ConfigParser as configparser
118 from k8splugin import discovery
119 config = _set_defaults()
121 try:
122 # Get Consul address from a config file
123 c = configparser.ConfigParser()
124 c.read(config_path)
125 config["consul_host"] = c.get('consul','address')
127 # Get the rest of the config from Consul
128 conn = discovery.create_kv_conn(config["consul_host"])
129 val = discovery.get_kv_value(conn, key)
131 # Merge Consul results into the config
132 config.update(val)
134 except discovery.DiscoveryKVEntryNotFoundError as e:
135 # Don't reraise error, assume defaults are wanted.
136 pass
138 except Exception as e:
139 raise NonRecoverableError(e)
141 return config