diff --git a/cmd/iqos-xapp/iqos-xapp.go b/cmd/iqos-xapp/iqos-xapp.go index f0f25fa..e3dcad3 100644 --- a/cmd/iqos-xapp/iqos-xapp.go +++ b/cmd/iqos-xapp/iqos-xapp.go @@ -22,7 +22,7 @@ func main() { // set manager configuration cfg := manager.Config{ AppID: "iqos-xapp", - CAPath: "/etc/iqos-xapp/certs/tls.cacrt", + CAPath: "/etc/iqos-xapp/certs/ca.pem", KeyPath: "/etc/iqos-xapp/certs/tls.key", CertPath: "/etc/iqos-xapp/certs/tls.crt", E2tEndpoint: "onos-e2t", diff --git a/deploys/helm-chart/TODO b/deploys/helm-chart/TODO deleted file mode 100644 index e69de29..0000000 diff --git a/deploys/helm-chart/iqos-chart/files/certs/README.md b/deploys/helm-chart/iqos-chart/files/certs/README.md new file mode 100644 index 0000000..e9c994f --- /dev/null +++ b/deploys/helm-chart/iqos-chart/files/certs/README.md @@ -0,0 +1,23 @@ + + +## Self-signed Certificates (Test Environment Only!!) +This folder contains self-signed certificates for use in testing. _DO NOT USE THESE +CERTIFICATES IN PRODUCTION!_ + +The certificates were generated based on the script +[generate_certs.sh](/deployments/helm-chart/qmai/files/certs/generate_certs.sh), as shown below: + +```bash +generate-certs.sh qmai.gercom.ufpa.br +``` + +In this folder they **must** be (re)named +* tls.cacrt +* tls.crt +* tls.key + +Use +```bash +openssl x509 -in tls.crt -text -noout +``` +to verify the contents (especially the subject). \ No newline at end of file diff --git a/deploys/helm-chart/iqos-chart/files/certs/generate_certs.sh b/deploys/helm-chart/iqos-chart/files/certs/generate_certs.sh new file mode 100755 index 0000000..3bea1b4 --- /dev/null +++ b/deploys/helm-chart/iqos-chart/files/certs/generate_certs.sh @@ -0,0 +1,73 @@ +# Credits to Open Networking Foundation (ONF) +# Original script in: https://github.com/onosproject/gnxi-simulators/blob/master/pkg/certs/generate_certs.sh + +#!/bin/sh + +SUBJBASE="/C=BR/ST=PA/L=Belem/O=UFPA/OU=GERCOM/" +DEVICE=${1:-device1.opennetworking.org} +SUBJ=${SUBJBASE}"CN="${DEVICE} + +print_usage() { + echo "Generate a certificate." + echo + echo "Usage: " + echo " [-h | --help]" + echo "Options:" + echo " DEVICENAME e.g. device1.opennetworking.org or localhost" + echo " [-h | --help] Print this help" + echo ""; +} + +# Print usage +if [ "${1}" = "-h" -o "${1}" = "--help" ]; then + print_usage + exit 0 +fi + +if [ "${PWD##*/}" != "certs" ]; then + cd certs +fi + +rm -f ${DEVICE}.* + +## BEFORE +# Generate private key for CA +openssl genrsa -out ca.key 4096 + +# Generate a CA ceriticate +openssl req -x509 -new -nodes -key ca.key -sha256 -days 1825 -out tls.cacert -subj $SUBJ + +# Generate Server Private Key +openssl req \ + -newkey rsa:4096 \ + -nodes \ + -keyout tls.key \ + -noout \ + -subj $SUBJ \ + > /dev/null 2>&1 + +# Generate Req +openssl req \ + -key tls.key \ + -new -out ${DEVICE}.csr \ + -subj $SUBJ \ + > /dev/null 2>&1 + +# Generate x509 with signed CA +openssl x509 \ + -req \ + -in ${DEVICE}.csr \ + -CA tls.cacert \ + -CAkey ca.key \ + -CAcreateserial \ + -days 3650 \ + -sha256 \ + -out tls.crt \ + > /dev/null 2>&1 + +rm ${DEVICE}.csr ca.key tls.srl + +echo " == Certificate Generated: "${DEVICE}.crt" ==" +openssl verify -verbose -purpose sslserver -CAfile onfca.crt ${DEVICE}.crt > /dev/null 2>&1 +exit $? +#To see full details run 'openssl x509 -in "${TYPE}${INDEX}".crt -text -noout' \ No newline at end of file diff --git a/deploys/helm-chart/iqos-chart/files/certs/tls.cacert b/deploys/helm-chart/iqos-chart/files/certs/tls.cacert new file mode 100644 index 0000000..5d8761d --- /dev/null +++ b/deploys/helm-chart/iqos-chart/files/certs/tls.cacert @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFuzCCA6OgAwIBAgIUbju5aB5kxkJ/m7XjZ6spvrnPTVMwDQYJKoZIhvcNAQEL +BQAwbTELMAkGA1UEBhMCQlIxCzAJBgNVBAgMAlBBMQ4wDAYDVQQHDAVCZWxlbTEN +MAsGA1UECgwEVUZQQTEPMA0GA1UECwwGR0VSQ09NMSEwHwYDVQQDDBhpcW9zLXhh +cHAuZ2VyY29tLnVmcGEuYnIwHhcNMjQwMzAxMTkyMzMyWhcNMjkwMjI4MTkyMzMy +WjBtMQswCQYDVQQGEwJCUjELMAkGA1UECAwCUEExDjAMBgNVBAcMBUJlbGVtMQ0w +CwYDVQQKDARVRlBBMQ8wDQYDVQQLDAZHRVJDT00xITAfBgNVBAMMGGlxb3MteGFw +cC5nZXJjb20udWZwYS5icjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +AKjlb3XRymnGD1ivYWewnid1Us9tV8kzos8bNBOtgoJhS66pFFmC/ATLzGi6fbHJ +qf8pc5fkc9A1ZpEKO8bk6IxTzY4Sgs9vFVa3NiVh1cwvX+BWsz+V2hJuYFwzCAso +UIcXYshnpHN7SJvMJx6Z6AlGzIqJekyXHhOv0+ol6SaZQ7aJWRhMXxcdeMxHZekZ +DMNNNvaiyt+UVzErzN3qvDLu1VnNQpIqvfACqYGTe/+Jq1FoPh4UNTc9ST/z13Re +r/JoBnv2Pe/vFBUfPpBGP9hhmwRbmiCE+C+SpR9ykLNuElUnohFRqMGM+2mwrlD4 +WSjnxc9ybroTFg3Fv7ZQnBB+c20bRNN0Bq5Ai+u0rUkUp2ijbS7eB68nXcK5yjLl +05XVBi8cgfVh9a2QrS+OW5oe3Eox9kDdDgpXP/9vKNNGnlPjXNrhB+LT+pR/YOzO +/2BFANkVwZdJplwHFxq7WcVn0BqwDM0ahNas4J163QjX55cD5Mja8rSOnNmrvVR5 +r966IwGU0TWA8grM/xPM3VKs0ibt/cXr7BeQXkCKy77iI9HkDvuuqaPiD/nQD7AS +G488b81IxvXEMlI2NbLByhq8q9380m9mB3wG3eD2+kZhAx8ndhJ3M87JHP13EZlA +KC39VqDRrSmBEe1ZER9dmMq8DZhDqIZjqxDgas4GZZtXAgMBAAGjUzBRMB0GA1Ud +DgQWBBR+vsMRltwcMPWLdmCY5lVd4D8WdTAfBgNVHSMEGDAWgBR+vsMRltwcMPWL +dmCY5lVd4D8WdTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4ICAQCX +cIMmi+vp3zTfvnRfRaFcy6r9JC56gFj0O+aJXE3KnzGUP0yXLpluO/PHQViWIf2V +3AI0GqE+su++9suqdSKuiOOrJ+vD97e4klARS6cGdnM0MhF2IesrVfbEAjM8cqA9 +LAif+fs1Nd6BNLP5axeLLMrKsLNgqdmdBf/4rf03qgNx70D65mWU6ljqpdRaypoM +7xshDMI+plYRKZOJ69bbcl84pXIPbFMW52gPdR0e9Bv2CHm+mkBX/L8Ou4dYgPzD +hkPuoI9pCUfCLEI1Ejp3wJnhme/ph7IBl91/VUEC+O9Gbq3NzyFxq1gBVd+nlzO6 +yZ5NbihpO2KEmkYPWwwdP66W6anaUQmMYM0yYmRMZl1GTm5svF5WR0sxa6Vxh9Np +IgJxlbMkTxGm1UON9VzDMrB/4XsoXCbUk3yc8oJ9tAAm6v80+7UvIkYOHhnAMMzj +CroEcqpk7dJrcYZPgFWDnCOAvkwj2qa0uR2NujVk/vrBSIeg+DEKQ/WXHRpufeT3 +gMfFhBYJxS1kdHKJ5b2DvzwAQLYvlrvPZlIE2G+KvuGiR6oc0A7f5k3wg7RCMaUc +vtbhRcvjjYLoUilAz1cI33REgku/5zcw2aPMToB3GX/vL7COvUMLBqZ+94jHAvB5 +j0WjIAdGtSu/DWReu/k9Q4+i2KTWL+owPt/VBnlA1w== +-----END CERTIFICATE----- diff --git a/deploys/helm-chart/iqos-chart/files/certs/tls.crt b/deploys/helm-chart/iqos-chart/files/certs/tls.crt new file mode 100644 index 0000000..4a2b7b8 --- /dev/null +++ b/deploys/helm-chart/iqos-chart/files/certs/tls.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFqjCCA5KgAwIBAgIUXWcRZM4UQYWxpPFPJv1W7YV7tR8wDQYJKoZIhvcNAQEL +BQAwbTELMAkGA1UEBhMCQlIxCzAJBgNVBAgMAlBBMQ4wDAYDVQQHDAVCZWxlbTEN +MAsGA1UECgwEVUZQQTEPMA0GA1UECwwGR0VSQ09NMSEwHwYDVQQDDBhpcW9zLXhh +cHAuZ2VyY29tLnVmcGEuYnIwHhcNMjQwMzAxMTkyMzMyWhcNMzQwMjI3MTkyMzMy +WjBtMQswCQYDVQQGEwJCUjELMAkGA1UECAwCUEExDjAMBgNVBAcMBUJlbGVtMQ0w +CwYDVQQKDARVRlBBMQ8wDQYDVQQLDAZHRVJDT00xITAfBgNVBAMMGGlxb3MteGFw +cC5nZXJjb20udWZwYS5icjCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIB +AOeFq5qotj0bzV81LbiX1034T/baWJiR4um8SnuQXfznbfQYolK0k7eYZCz2F9jA +JcsgrBXtWg6UkmzX13WzRBJtyiIvFSsAvNXAINs0PuCEfgFl9Kv+gMyo5yujkzSM +VeNyw8Galg9PUpBmS6SoiNpzwJ4cexSALz6i6c7fQ9rVCPKwpd/GRzOxk9ut4wRo +dsnYNktMPYGzzOwTPlGO0ZhUARL1ePPD34uyw/NWzVDJ3PXK9c8R+HCQasw99Q3+ +ePanvXxCViNlJV/H8uuKob/SzZlJ1lrzJrZrD97nIjlD92Jk4A4XxfsFawOetXwS +BPMwswDPdkPN1ykrDNnVrhDJvJtKWmll6I3ysEywcWG47w/kSkyEfWykErkHPbPq +R2WLR11Qy8gtLF4QJxVHqz+5yv6TdowoOlhW3njBRoehoYQjwsgPHhRYhrCvO3yg +sbvaID5+eJe0qOu+486f8fQ6aDTJ8xAmw04zS+eNorkHBCVB6Tu+B8OBxcHOeosm +LemZ+KNT95mblHiDBdX4uMHdn+wDsXctubq3nAJx3SozEbS4YxzR3vMqUUEtCUcm +iACot7S8y8QPUi2zjJpp3e83CgVDLY1Oo6Ar8++6fbJfg5HS/AUwSIB/XL7ScdS7 +jdmtPRVN41IlfYOzafxjQus41G4TogPFGo1DVnJvDOQHAgMBAAGjQjBAMB0GA1Ud +DgQWBBQBDk3mIo9Z7a7JxGh5UepoDpqjNTAfBgNVHSMEGDAWgBR+vsMRltwcMPWL +dmCY5lVd4D8WdTANBgkqhkiG9w0BAQsFAAOCAgEAEXX4/jrusPSgZUIw4nF12lvb +pt0o2pATNcH1Jm5w8NYHg7oktLQEz5O4GZjgOSM3tiadN6DrXumZxF0AFjxJRc9j +2edZrm4TP87i9dUoQBW6oxPtBqPI/DhgBuHAz6vKkMx6s6csbfWRpI10kHCnQse5 +SwDmJdSDjEkdz170s/bExvSRIhO8IuHYRPWdXUQ3gydnjmubDBjPH2EvaxAeX9Ia +wXklfipFmr3mRMZ10F8BrOVk8hBSv26RZX1VbO+VuqavEJ6bgbtRUnivNT7PHWLA +H9eS4xuKciU6BFr3pyDUAIANYu+Rt6UFbi+lK+IJT3zuBC/Iycb9EgWMzGaym6sy +P2BsbiGm/7P2xG1+g6hPTIaukGycKEMHGAj5b09ixX2FQnocy0MleiBPWU+E1FvQ +nhWQUnVdLFIlq47hB8Q3Zlr5aQ3ZxW2fSmpgv//i8f9vLW2eTls2Oo/cFNkSdjTZ +py8ONXAodY2Ruolfy8afhRi5oMBuDy8yc/ursQxkKAknOkLRjQ9K5Oth9vw2AGGN +IT1rqH6DEAFmivRGxClBqGwmdRUS+5xsmu7+juGrFg442p2Gn4Wbt1orlKEjc1wL +oJ0O/TVFeQ7MIMZ0Q2SPuuDv/oKIh8qpJmk3SHAHTC5JeIA+JBN545XWQ/VllGMM +vES0B9koni8IuPR9rFk= +-----END CERTIFICATE----- diff --git a/deploys/helm-chart/iqos-chart/files/certs/tls.key b/deploys/helm-chart/iqos-chart/files/certs/tls.key new file mode 100644 index 0000000..703ceb5 --- /dev/null +++ b/deploys/helm-chart/iqos-chart/files/certs/tls.key @@ -0,0 +1,52 @@ +-----BEGIN PRIVATE KEY----- +MIIJQgIBADANBgkqhkiG9w0BAQEFAASCCSwwggkoAgEAAoICAQDnhauaqLY9G81f +NS24l9dN+E/22liYkeLpvEp7kF385230GKJStJO3mGQs9hfYwCXLIKwV7VoOlJJs +19d1s0QSbcoiLxUrALzVwCDbND7ghH4BZfSr/oDMqOcro5M0jFXjcsPBmpYPT1KQ +ZkukqIjac8CeHHsUgC8+ounO30Pa1QjysKXfxkczsZPbreMEaHbJ2DZLTD2Bs8zs +Ez5RjtGYVAES9Xjzw9+LssPzVs1Qydz1yvXPEfhwkGrMPfUN/nj2p718QlYjZSVf +x/LriqG/0s2ZSdZa8ya2aw/e5yI5Q/diZOAOF8X7BWsDnrV8EgTzMLMAz3ZDzdcp +KwzZ1a4QybybSlppZeiN8rBMsHFhuO8P5EpMhH1spBK5Bz2z6kdli0ddUMvILSxe +ECcVR6s/ucr+k3aMKDpYVt54wUaHoaGEI8LIDx4UWIawrzt8oLG72iA+fniXtKjr +vuPOn/H0Omg0yfMQJsNOM0vnjaK5BwQlQek7vgfDgcXBznqLJi3pmfijU/eZm5R4 +gwXV+LjB3Z/sA7F3Lbm6t5wCcd0qMxG0uGMc0d7zKlFBLQlHJogAqLe0vMvED1It +s4yaad3vNwoFQy2NTqOgK/Pvun2yX4OR0vwFMEiAf1y+0nHUu43ZrT0VTeNSJX2D +s2n8Y0LrONRuE6IDxRqNQ1ZybwzkBwIDAQABAoICAAEVl1pwsbwIUAZRS9UicHqL +ZXXQdhgZSCcQpvlRvCqDHzHEpOEXuqRF4NVX9tVn4lAY2T5fDAwZGe3Ly+MmvEnw +QHopgma0U3Uy1FSQt8yr8/bn0rp7tw4o/7AszTrA1Ne0XkmQ5kh3hJXdjMl6ziYr +xoFXEgfWDL8KhYO0Iv3VHF/lRyC3dL3N2bkK82Ro8tezgLRDPqZHlgYPea3bG+JO +l02V7bx7bWz+PUqYMd7Bt7jTNM1oa2qgb9zyd8i98G01F1uaIQvtubwH1FHSNMme +0fdcGshL7uimXdQpmUzveNWH+U6rJUe7wApksEmwhz+9cphJ4HVsSG+HUF3RCjgn +9ly7Wsx0P2U0hN+f+V6X4kDG15QjGL1axrWgiKZqFf+8SxoARqr4F+6qox2W7ShY +x5oS8Ee/sQ0RPGecGMK2HET5ah0mewoy7+QisO2dBPOoWdU79B7dUHS5qBKibK4U +t1xOLXGC2ng3Pta/9fSXclRbpxIptsunENgf0dpNG1s1PB0fqPT/3ISzh0fRi9Lj +UREMKBdX9IaSaGW8BQQ6u/xSdI1XybVpwdO9vdi72n1Nuvgre9PWKVOLEl+oM0fX +5Ek4zruEMvPPfWMzQ1K167turFf7VLl1WF5sGQZ9JOzfFaHLwvzUs1J6qule0nSc +A2/T2eB9mSlW0Mss3Zl5AoIBAQD0kyg6V7aN2PfAmZPO7poEggZsZ2okqwFADRMg +G/cX1tTtUrSPvdytlZa6Z86qnqTzrFVfY4odbW/e7MZGMrBH5J/1nRt4ze27fXP2 +EILpNaQ8BFK32cH5nkAi/fRDdrHRIchoOq+xXFdOmS3ZRXpUyPZ51vnv0dsZprwJ +rxKZJ5CJa5VuBiRUmEvIxOkxxJn+dW6pX6EVwAtuqA/UeHDbAj4jNhxh+hpMafXO +mB4MobuAtFrdt/VAViZ2bSvvxc5Eo1f1IBeHzenE0wR4rXDm7Ywwxb5ZePMwN8Ym +meHCFtHHwzbUglS7bga/XR5ZTWOA2b4Q1KYn3Aeqcluanm5pAoIBAQDyVmrpexjV +rzQJhsdfLPVFuJ0+Uet+vMaEonq/YISnGKGcGWOKDZORjnQDaBHlT4/wAMINLo9X +MCxLiEZtPSWIRig7U05m/FIAiNRDJXB4aj6oN8o43UK32vV3Lw0NxjmCQIVTDmb5 +1979lKhzI4+KH+pcH8Fb+8ayrTRiQn814GpFhXsRA30HEw7lLMID/z0FtUh747K/ +ciH5DQkEdulG1G6R2hd1vEaGCaFDQ09A0eQKXNxL92pdJJX9HGoPTE/JYSk4CQUO +B/pU5JJOxI4XPOdRIKXpW6iuafj6JZSWhN80zGX/4lNwsp9LwrMra0cbg6WfnTeA +V+tSQjPvK1DvAoIBAQDsNyj2WHsPu0tmcK4qgZat3etYTfVdXvBBLZ+YNopLMwnK +AUQ1RHncCYtflB0t+zVzx7FZBOmDjIws8eB6MkDB3xWDgm7jGXmPyRXzxXS6yz1J +Xh+KRD4t2eM2KLL/aadKRmeqC2xfT8FfP2Dh5VHGi6ZKfRA+yR/lQX2BmN7Mn0Lh +BtB3SGVUcxdW3KAhmjHlawQrgBozyJ0CDj3jx0OwsxTSq1N0abt2rCxlkdQL/TT8 +lLTiSecMcWiKntx9oz2aW2z7ajhvyLgMioZaC6Hs1+e7v3EeN0wh+OxfoeZCsAmC +94+AZjRyJk1MDCLgu3bsHuGMneWwv7mDrRm+V2BpAoIBABxW3snPC2hxxLQYftgy +ebxdioXvLorzqIN6PMCEmP6xcrS+g1VxoQA0mHyNfwpB86Mtc4P3HewkRgnPNe0w +aWM2UR4e79w7RZuqZKg1iKGMSyeA3rUnqtW1VV9KsUwbEj6ZLP45gPFWvU0KRWix +j+enM9DyJbqMBwB+INIc1KOISuU2Zt3meoiJQgSq50VwY8J3ILLcPdsFjdOCIrvS +7BTMYuHLj1LFYbnrBmDHTk1WPkS390sq89VQofmniP+g/POf2SIka+LoK+4hjLqJ +YdR12tcx6jUP8vnyips2KdowT6ns/UCfRwK24MoLSsiZEwe0rXms+QCZR3unIkul +1SECggEAI82Me3c3EWIcVxjCTRVhqtNqoFbV98MgxkLCnPdZfn6JyPdwDhhoKcvh +p+EMov6s3SHAdlkIT/kAyuT85ND4iPwsH2m8J8+5X/RUZNbbiFKV4bSIveUAfPMI +R4O6/L5VZuoyZ+3j62nte7/Cm7dcyK/oUvXfWmDvAgLFFyyI8kyZRW1yS4fwLvKy +4PZ3usqz8P3anog8k+nYw30qSJJal3vmY1F9dkP0QwiVQD7lK7TBelkhdi4h56ag +CfpJJTLSoNuFGOIbMmovaBMF4KdXO00FJzrUhIgym6bq3OvnqCYP0duMRAtuASFS +ACyB/vYp0FwDxf6we3+0WNEe7ZSulA== +-----END PRIVATE KEY----- diff --git a/deploys/helm-chart/iqos-chart/values.yaml b/deploys/helm-chart/iqos-chart/values.yaml index 7b3c81f..2644577 100644 --- a/deploys/helm-chart/iqos-chart/values.yaml +++ b/deploys/helm-chart/iqos-chart/values.yaml @@ -23,6 +23,15 @@ service: enabled: false port: 31701 +config: + iqos-xapp: + # e2tEndpoint: "onos-e2t:5150" (TODO) + # kpmVersion: "v2" + configJson: + reportPeriod: + interval: 1000 # 1000 ms ?? + granularity: 1000 # 1000 ms ?? + slices: # (TODO) resources: {} @@ -41,3 +50,15 @@ ingress: autoscaling: enabled: false minReplicas: 1 + +logging: + loggers: + root: + level: info + output: + stdout: + sink: stdout + sinks: + stdout: + type: stdout + stdout: {} \ No newline at end of file