</main>
<main>
<pair-key>anyroles</pair-key>
- <pair-value>org.opendaylight.aaa.shiro.filters.AnyRoleHttpAuthenticationFilter</pair-value>
+ <pair-value>org.onap.ccsdk.features.sdnr.wt.oauthprovider.filters.AnyRoleHttpAuthenticationFilter</pair-value>
</main>
<main>
<pair-key>authcBearer</pair-key>
- <pair-value>org.opendaylight.aaa.shiro.filters.ODLHttpAuthenticationFilter2</pair-value>
+ <pair-value>org.onap.ccsdk.features.sdnr.wt.oauthprovider.filters.BearerAndBasicHttpAuthenticationFilter</pair-value>
</main>
<!-- in order to track AAA challenge attempts -->
--- /dev/null
+../integration/network
\ No newline at end of file
--- /dev/null
+################################################################################
+# Copyright 2022 highstreet technologies and others
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+COMPOSE_PROJECT_NAME=o-ran-sc-f-release
+
+# Credentials
+
+ADMIN_USERNAME=admin
+ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
+# Network settings
+# Please update /etc/docker/daemon.json accordingly
+# https://docs.docker.com/config/daemon/ipv6/
+NETWORK_SUBNET_SMO=2001:db8:1:40::/96
+NETWORK_GATEWAY_SMO=2001:db8:1:40::1
+
+# Identity server
+IDENTITY_IMAGE=quay.io/keycloak/keycloak:12.0.4
+IDENTITY_PORT=8463
+IDENTITY_PROVIDER_URL=https://identity:8463
+
+# PERSISTENCE (including SDN-R Database)
+PERSISTENCE_IMAGE=docker.elastic.co/elasticsearch/elasticsearch-oss:7.9.3
+
+## ZooKeeper
+ZOOKEEPER_IMAGE=nexus3.onap.org:10001/onap/dmaap/zookeeper:6.0.3
+
+## Kafka
+KAFKA_IMAGE=nexus3.onap.org:10001/onap/dmaap/kafka111:1.0.4
+
+## DMaaP
+DMAAP_IMAGE=nexus3.onap.org:10001/onap/dmaap/dmaap-mr:1.1.18
--- /dev/null
+../../../integration/smo/common/dmaap
\ No newline at end of file
--- /dev/null
+../../../integration/smo/common/docker
\ No newline at end of file
--- /dev/null
+################################################################################
+# Copyright 2022 highstreet technologies GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+version: '3.8'
+services:
+
+ identity:
+ image: ${IDENTITY_IMAGE}
+ container_name: identity
+ ports:
+ - ${IDENTITY_PORT}:8443
+ environment:
+ - KEYCLOAK_USER=${ADMIN_USERNAME}
+ - KEYCLOAK_PASSWORD=${ADMIN_PASSWORD}
+ - JAVA_OPTS=-Djboss.bind.address.private=[::1] -Djboss.bind.address=[::1] -Djava.net.preferIPv6Addresses=true -Djava.net.preferIPv4Stack=false
+ - DB_VENDOR=h2
+ networks:
+ dmz:
+
+ persistence:
+ image: ${PERSISTENCE_IMAGE}
+ container_name: persistence
+ environment:
+ - discovery.type=single-node
+
+ zookeeper:
+ image: ${ZOOKEEPER_IMAGE}
+ container_name: zookeeper
+ ports:
+ - 2181:2181
+ environment:
+ ZOOKEEPER_REPLICAS: 1
+ ZOOKEEPER_TICK_TIME: 2000
+ ZOOKEEPER_SYNC_LIMIT: 5
+ ZOOKEEPER_INIT_LIMIT: 10
+ ZOOKEEPER_MAX_CLIENT_CNXNS: 200
+ ZOOKEEPER_AUTOPURGE_SNAP_RETAIN_COUNT: 3
+ ZOOKEEPER_AUTOPURGE_PURGE_INTERVAL: 24
+ ZOOKEEPER_CLIENT_PORT: 2181
+ KAFKA_OPTS: -Djava.security.auth.login.config=/etc/zookeeper/secrets/jaas/zk_server_jaas.conf -Dzookeeper.kerberos.removeHostFromPrincipal=true -Dzookeeper.kerberos.removeRealmFromPrincipal=true -Dzookeeper.authProvider.1=org.apache.zookeeper.server.auth.SASLAuthenticationProvider -Dzookeeper.requireClientAuthScheme=sasl
+ ZOOKEEPER_SERVER_ID:
+ volumes:
+ - ./zookeeper/zk_server_jaas.conf:/etc/zookeeper/secrets/jaas/zk_server_jaas.conf
+
+ kafka:
+ image: ${KAFKA_IMAGE}
+ container_name: kafka
+ ports:
+ - 9092:9092
+ environment:
+ enableCadi: 'false'
+ KAFKA_ZOOKEEPER_CONNECT: zookeeper:2181
+ KAFKA_ZOOKEEPER_CONNECTION_TIMEOUT_MS: 40000
+ KAFKA_ZOOKEEPER_SESSION_TIMEOUT_MS: 40000
+ KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: INTERNAL_PLAINTEXT:PLAINTEXT,EXTERNAL_PLAINTEXT:PLAINTEXT
+ KAFKA_ADVERTISED_LISTENERS: INTERNAL_PLAINTEXT://kafka:9092
+ KAFKA_LISTENERS: INTERNAL_PLAINTEXT://0.0.0.0:9092
+ KAFKA_INTER_BROKER_LISTENER_NAME: INTERNAL_PLAINTEXT
+ KAFKA_CONFLUENT_SUPPORT_METRICS_ENABLE: 'false'
+ KAFKA_OPTS: -Djava.security.auth.login.config=/etc/kafka/secrets/jaas/zk_client_jaas.conf
+ KAFKA_ZOOKEEPER_SET_ACL: 'true'
+ KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: 1
+ # Reduced the number of partitions only to avoid the timeout error for the first subscribe call in slow environment
+ KAFKA_OFFSETS_TOPIC_NUM_PARTITIONS: 1
+ volumes:
+ - ./kafka/zk_client_jaas.conf:/etc/kafka/secrets/jaas/zk_client_jaas.conf
+ depends_on:
+ - zookeeper
+
+ dmaap:
+ container_name: onap-dmaap
+ image: ${DMAAP_IMAGE}
+ ports:
+ - 3904:3904
+ - 3905:3905
+ environment:
+ enableCadi: 'false'
+ volumes:
+ - ./dmaap/MsgRtrApi.properties:/appl/dmaapMR1/bundleconfig/etc/appprops/MsgRtrApi.properties
+ - ./dmaap/logback.xml:/appl/dmaapMR1/bundleconfig/etc/logback.xml
+ - ./dmaap/cadi.properties:/appl/dmaapMR1/etc/cadi.properties
+ depends_on:
+ - zookeeper
+ - kafka
+
+networks:
+ dmz:
+ driver: bridge
+ name: dmz
+ enable_ipv6: false
+ default:
+ driver: bridge
+ name: smo
+ enable_ipv6: true
+ ipam:
+ driver: default
+ config:
+ - subnet: ${NETWORK_SUBNET_SMO}
+ gateway: ${NETWORK_GATEWAY_SMO}
--- /dev/null
+../../../integration/smo/common/kafka
\ No newline at end of file
--- /dev/null
+../../../integration/smo/common/zookeeper
\ No newline at end of file
--- /dev/null
+################################################################################
+# Copyright 2021 highstreet technologies and others
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+COMPOSE_PROJECT_NAME=o-ran-sc-g-release
+
+# Credentials
+ADMIN_USERNAME=admin
+ADMIN_PASSWORD=Kp8bJ4SXszM0WXlhak3eHlcse2gAw84vaoGGmJvUy2U
+
+# Network settings
+
+# Please update /etc/docker/daemon.json accordingly
+# https://docs.docker.com/config/daemon/ipv6/
+NETWORK_SUBNET_OAM_IPv6=2001:db8:1:50::/96
+NETWORK_GATEWAY_OAM_IPv6=2001:db8:1:50::1
+
+# Identity server
+IDENTITY_PROVIDER_URL=https://identity:8463
+
+# SDN Controller
+SDNC_IMAGE=nexus3.onap.org:10001/onap/sdnc-image:2.3.2
+SDNC_REST_PORT=8181
+SDNC_OAM_IPv6=2001:db8:1:50::23
+SDNC_CERT_DIR=/opt/opendaylight/current/certs
+
+# SDN Controller Web
+SDNC_WEB_IMAGE=nexus3.onap.org:10001/onap/sdnc-web-image:2.3.2
+SDNC_WEB_PORT=8453
+
+## VES Collector
+VES_COLLECTOR_IMAGE=nexus3.onap.org:10001/onap/org.onap.dcaegen2.collectors.ves.vescollector:1.10.1
+VES_COLLECTOR_OAM_IPv6=2001:db8:1:50::27
+VES_COMMON_HEADER_VERSION=7.2.1
+VES_ENDPOINT_PROTOCOL=https
+VES_ENDPOINT_PORT=8443
+VES_ENDPOINT_AUTH_METHOD=basic-auth
+VES_ENDPOINT_USERNAME=sample1
+VES_ENDPOINT_PASSWORD=sample1
\ No newline at end of file
--- /dev/null
+../../../integration/smo/oam/sdnr
\ No newline at end of file
--- /dev/null
+################################################################################
+# Copyright 2021 highstreet technologies GmbH
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+version: '3.8'
+services:
+ sdnc-web:
+ image: ${SDNC_WEB_IMAGE}
+ container_name: sdnc-web
+ ports:
+ - ${SDNC_WEB_PORT}:${SDNC_WEB_PORT}
+ environment:
+ - WEBPROTOCOL=HTTPS
+ - WEBPORT=${SDNC_WEB_PORT}
+ - SDNRPROTOCOL=http
+ - SDNRHOST=sdnr
+ - SDNRPORT=${SDNC_REST_PORT}
+ - SSL_CERT_DIR=/opt/app/osaaf/local/certs
+ - SSL_CERTIFICATE=cert.pem
+ - SSL_CERTIFICATE_KEY=key.pem
+ - ENABLE_OAUTH=true
+ - ENABLE_ODLUX_RBAC=false
+ volumes:
+ - ./web:/opt/app/osaaf/local/certs
+ networks:
+ dmz:
+ smo:
+
+ sdnr:
+ image: ${SDNC_IMAGE}
+ container_name: sdnr
+ ports:
+ - ${SDNC_REST_PORT}:8181
+ - 6666:6666
+ - 4335:4335
+ environment:
+ - LOG4J_FORMAT_MSG_NO_LOOKUPS=true
+ - KARAF_CONSOLE_LOG_LEVEL=INFO
+ - ENABLE_ODL_CLUSTER=false
+ - ENABLE_OAUTH=true
+ - ODL_CERT_DIR=${SDNC_CERT_DIR}
+ - ODL_ADMIN_PASSWORD=${ADMIN_PASSWORD}
+ - SDNC_CONFIG_DIR=/opt/onap/ccsdk/data/properties
+ - SDNC_REPLICAS=0
+ - CCSDK_REPLICAS=0
+ - DOMAIN=""
+ - SDNRWT=true
+ - SDNRONLY=true
+ - SDNRINIT=true
+ - SDNRDM=true
+ - SDNRDBURL=http://persistence:9200
+ - SDNRDBTRUSTALLCERTS=true
+ - SDNR_NETCONF_CALLHOME_ENABLED=true
+ - A1_ADAPTER_NORTHBOUND=false
+ - JAVA_OPTS=-Xms256m -Xmx4g
+ - IDENTITY_PROVIDER_URL=${IDENTITY_PROVIDER_URL}
+ - SDNC_WEB_URL=https://sdnc-web:${SDNC_WEB_PORT}
+
+ - SDNR_VES_COLLECTOR_ENABLED=true
+ - SDNR_VES_COLLECTOR_TLS_ENABLED=true
+ - SDNR_VES_COLLECTOR_TRUST_ALL_CERTS=true
+ - SDNR_VES_COLLECTOR_IP=ves-collector
+ - SDNR_VES_COLLECTOR_PORT=$VES_ENDPOINT_PORT
+ - SDNR_VES_COLLECTOR_VERSION=v7
+ - SDNR_VES_COLLECTOR_REPORTING_ENTITY_NAME=ONAP SDN-R
+ - SDNR_VES_COLLECTOR_EVENTLOG_MSG_DETAIL=LONG
+ - SDNR_VES_COLLECTOR_USERNAME=${VES_ENDPOINT_USERNAME}
+ - SDNR_VES_COLLECTOR_PASSWORD=${VES_ENDPOINT_PASSWORD}
+ volumes:
+ - ./controller/oauth-aaa-app-config.xml:/opt/onap/sdnc/data/oauth-aaa-app-config.xml
+ - ./controller/oauth-provider.config.json:/opt/opendaylight/etc/oauth-provider.config.json
+ - ./controller/devicemanager.properties:/opt/opendaylight/etc/devicemanager.properties
+ - ./controller/mountpoint-registrar.properties:/opt/opendaylight/etc/mountpoint-registrar.properties
+ - ./controller/certs/certs.properties:${SDNC_CERT_DIR}/certs.properties
+ - ./controller/certs/keys0.zip:${SDNC_CERT_DIR}/keys0.zip
+ networks:
+ dmz:
+ smo:
+ default:
+ ipv6_address: ${SDNC_OAM_IPv6}
+
+ ves-collector:
+ image: ${VES_COLLECTOR_IMAGE}
+ container_name: ves-collector
+ environment:
+ DMAAPHOST: onap-dmaap
+ ports:
+ - 8443:8443
+ volumes:
+ - ./ves-collector/collector.properties:/opt/app/VESCollector/etc/collector.properties
+ - ./ves-collector/ves-dmaap-config.json:/opt/app/VESCollector/etc/ves-dmaap-config.json
+ - ./ves-collector/externalRepo:/opt/app/VESCollector/etc/externalRepo
+ networks:
+ smo:
+ default:
+ ipv6_address: ${VES_COLLECTOR_OAM_IPv6}
+
+networks:
+ dmz:
+ external: true
+ smo:
+ external: true
+ default:
+ driver: bridge
+ name: oam
+ enable_ipv6: true
+ ipam:
+ driver: default
+ config:
+ - subnet: ${NETWORK_SUBNET_OAM_IPv6}
+ gateway: ${NETWORK_GATEWAY_OAM_IPv6}
--- /dev/null
+../../../integration/smo/oam/sdnc-web
\ No newline at end of file