-
Bug
-
Resolution: Done
-
Medium
-
Dublin Release
-
None
-
None
Steps to reproduce the error:
1. With oom install following onap components: aaf, aai, consul, dcagen2, dmaap, msb
2.Turned on security flag in PRH(security.enableDmaapCertAuth=true):
based on : https://wiki.onap.org/display/DW/Cloudify+Blueprint+validation+under+OOM
- Using kubectl find the pod for bootstrap and exec into it:
kubectl get pods -n onap |grep bootstrap
kubectl exec -it -n onap dev-dcaegen2-dcae-bootstrap-5bd74b6bf6-7lt9s /bin/bash
cfy deployments list
cfy deployments delete -f prh
cfy blueprint delete prh
/ modification of the file with config deployment (security.enableAaiCert Auth = true)
cfy blueprint upload -b prh k8s-prh.yaml
cfy deployments create -b prh -i /inputs/k8s-prh-inputs.yaml prh
//delete prh pod and deployment from k8s
cfy executions start -d prh install
3. check if the flag has been switched on correctly:
Consule:(http://<consule_ip>:30270/ui/#/dc1/kv/dcae-prh/edit):
"security.enableAaiCertAuth": true,
4. PRH performing scenario:
4.1 Put pnf into AAI database:
curl -X PUT \
https://10.183.36.30:30233/aai/v11/network/pnfs/pnf/NOK6061ZW3 \
-H 'Accept: application/json' \
-H 'Authorization: Basic QUFJOkFBSQ==' \
-H 'Cache-Control: no-cache' \
-H 'Content-Type: application/json' \
-H 'Postman-Token: 2e9211ac-99e9-415f-90a4-032769a53710' \
-H 'Real-Time: true' \
-H 'X-FromAppId: jimmy-postman' \
-H 'X-TransactionId: 9999' \
-d '{
"pnf-name": "NOK6061ZW3",
"pnf-name2": "example-pnf-name2-val-58071",
"pnf-name2-source": "example-pnf-name2-source-val-22408",
"pnf-id": "example-pnf-id-val-55834",
"equip-type": "example-equip-type-val-5497",
"equip-vendor": "example-equip-vendor-val-85730",
"equip-model": "example-equip-model-val-38526",
"management-option": "example-management-option-val-15776",
"ipaddress-v4-oam": "example-ipaddress-v4-oam-val-33556",
"sw-version": "example-sw-version-val-64239",
"in-maint": true,
"frame-id": "example-frame-id-val-76733",
"serial-number": "example-serial-number-val-79366",
"ipaddress-v4-loopback-0": "example-ipaddress-v4-loopback0-val-34781",
"ipaddress-v6-loopback-0": "example-ipaddress-v6-loopback0-val-29979",
"ipaddress-v4-aim": "example-ipaddress-v4-aim-val-53703",
"ipaddress-v6-aim": "example-ipaddress-v6-aim-val-93386",
"ipaddress-v6-oam": "example-ipaddress-v6-oam-val-92665",
"inv-status": "example-inv-status-val-8477",
"prov-status": "example-prov-status-val-68268",
"nf-role": "example-nf-role-val-68489"
}'
4.2 Trigger VES with json event
curl -X POST http://<ves_ip>:30235/eventListener/v7 -H 'Content-Type: application/json' -d '{"event":{"commonEventHeader":{"startEpochMicrosec":1540212137393,"sourceId":"val13","eventId":"registration_40212137","nfcNamingCode":"oam","internalHeaderFields":
,"eventType":"pnfRegistration","priority":"Normal","version":"4.0.1","reportingEntityName":"NOK6061ZW3","sequence":0,"domain":"pnfRegistration","lastEpochMicrosec":1540212137393,"eventName":"pnfRegistration_Nokia_5gDu","vesEventListenerVersion":"7.0.1","sourceName":"NOK6061ZW3","nfNamingCode":"gNB"},"pnfRegistrationFields":
{"unitType":"val8","serialNumber":"6061ZW3","pnfRegistrationFieldsVersion":"2.0","manufactureDate":"1540212137393","modelNumber":"val6","lastServiceDate":"1540212137393","unitFamily":"BBU","vendorName":"Nokia","oamV4IpAddress":"val3","oamV6IpAddress":"val4","softwareVersion":"val7"}}}'
4.3 Observing PRH logs:
kubectl get pods -n onap |grep prh
kubectl exec -it -n onap dep-dcae-prh-57f6df5d7b-v6gt9 /bin/sh
cat /var/log/ONAP/prh/prh-app-server/cd /var/log/ONAP/prh/prh-app-server
Stack Trace attached as a file.
5. Problem:
Prh can not find the file with the password for the key.
kubectl exec -it -n onap dep-dcae-prh-57f6df5d7b-v6gt9 /bin/sh
cd /opt/app/prh/etc/cert
In this path should be file key.pass