Set JKS parameters in ONOS using ENV rather than custom onos-service script.
Change-Id: I9604895b41960bca6f195bdfe1d7e386bf31573c
diff --git a/roles/onos-cord-install/tasks/main.yml b/roles/onos-cord-install/tasks/main.yml
index 27ef7a0..2337cad 100644
--- a/roles/onos-cord-install/tasks/main.yml
+++ b/roles/onos-cord-install/tasks/main.yml
@@ -28,7 +28,6 @@
dest: "{{ head_onos_cord_dir }}/{{ item }}"
with_items:
- Dockerfile
- - onos-service
- org.ops4j.pax.logging.cfg
- docker-compose.yml
diff --git a/roles/onos-cord-install/templates/Dockerfile.j2 b/roles/onos-cord-install/templates/Dockerfile.j2
index 3886943..9fe6fb1 100644
--- a/roles/onos-cord-install/templates/Dockerfile.j2
+++ b/roles/onos-cord-install/templates/Dockerfile.j2
@@ -20,9 +20,8 @@
-file /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.der \
-keystore /usr/local/share/ca-certificates/cord_ca_certs.jks
-# Updated onos-service to use the jks
-COPY onos-service /root/onos/bin/onos-service
-RUN chmod 755 /root/onos/bin/onos-service
+# Let ONOS know where the keystore is
+ENV JAVA_OPTS="-Djavax.net.ssl.trustStore=/usr/local/share/ca-certificates/cord_ca_certs.jks -Djavax.net.ssl.trustStorePassword={{ trust_store_pw }}"
# Configure ONOS to log with log4j to ElasticStack
COPY org.ops4j.pax.logging.cfg /root/onos/apache-karaf-3.0.5/etc/org.ops4j.pax.logging.cfg
diff --git a/roles/onos-cord-install/templates/onos-service.j2 b/roles/onos-cord-install/templates/onos-service.j2
deleted file mode 100644
index 00a337e..0000000
--- a/roles/onos-cord-install/templates/onos-service.j2
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/bash
-# -----------------------------------------------------------------------------
-# Starts ONOS Apache Karaf container
-# -----------------------------------------------------------------------------
-
-# uncomment the following line for performance testing
-#export JAVA_OPTS="${JAVA_OPTS:--Xms8G -Xmx8G -XX:+UseConcMarkSweepGC -XX:+CMSIncrementalMode -XX:+PrintGCDetails -XX:+PrintGCTimeStamps}"
-
-# uncomment the following line for Netty TLS encryption
-# Do modify the keystore location/password and truststore location/password accordingly
-#export JAVA_OPTS="${JAVA_OPTS:--DenableNettyTLS=true -Djavax.net.ssl.keyStore=/home/ubuntu/onos.jks -Djavax.net.ssl.keyStorePassword=222222 -Djavax.net.ssl.trustStore=/home/ubuntu/onos.jks -Djavax.net.ssl.trustStorePassword=222222}"
-
-export JAVA_OPTS="-Djavax.net.ssl.trustStore=/usr/local/share/ca-certificates/cord_ca_certs.jks -Djavax.net.ssl.trustStorePassword={{ trust_store_pw }}"
-
-set -e # exit on error
-set -u # exit on undefined variable
-
-# If ONOS_HOME is set, respect its value.
-# If ONOS_HOME is not set (e.g. in the init or service environment),
-# set it based on this script's path.
-ONOS_HOME=${ONOS_HOME:-$(cd $(dirname $0)/.. >/dev/null 2>&1 && pwd)}
-KARAF_ARGS=
-SYS_APPS=drivers
-ONOS_APPS=${ONOS_APPS:-} # Empty means don't activate any new apps
-
-cd $ONOS_HOME
-
-# Parse out arguments destinted for karaf invocation v. arguments that
-# will be processed in line
-while [ $# -gt 0 ]; do
- case $1 in
- apps-clean)
- # Deactivate all applications
- find ${ONOS_HOME}/apps -name "active" -exec rm \{\} \;
- ;;
- *)
- KARAF_ARGS+=" $1"
- ;;
- esac
- shift
-done
-
-# Activate the system required applications (SYS_APPS) as well as any
-# specified applications in the var ONOS_APPS
-for app in ${SYS_APPS//,/ } ${ONOS_APPS//,/ }; do
- if [[ "$app" =~ \. ]]; then
- touch ${ONOS_HOME}/apps/$app/active
- else
- touch ${ONOS_HOME}/apps/org.onosproject.$app/active
- fi
-done
-
-exec ${ONOS_HOME}/apache-karaf-3.0.5/bin/karaf $KARAF_ARGS