Gitiles
Code Review Sign In
gerrit.opencord.org / platform-install / 3896c47f49e7741de6e53b2251ac0914b805013d / . / roles / onos-cord-install / templates / Dockerfile.j2
blob: 6fa2a7991e3f23001cac3df64f871bbf005d0f67 [file] [log] [blame]
Matteo Scandolo3896c472017-08-01 13:31:42 -0700[diff] [blame^]1
2# Copyright 2017-present Open Networking Foundation
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16
Scott Baker58e88a82016-11-18 13:39:09 -0800[diff] [blame]17# ONOS dockerfile with XOS/CORD additions
18
19FROM {{ onos_docker_image }}
20MAINTAINER Zack Williams <zdw@cs.arizona.edu>
21
22# Add SSL certs
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]23COPY cord_root_ca.crt /usr/local/share/ca-certificates/cord_root_ca.crt
Zack Williamsc989f262017-05-11 13:02:59 -0700[diff] [blame]24COPY cord_{{ site_name }}_im_ca.crt /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.crt
Scott Baker58e88a82016-11-18 13:39:09 -0800[diff] [blame]25RUN update-ca-certificates
26
27# Create Java KeyStore from certs
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]28RUN openssl x509 -in /usr/local/share/ca-certificates/cord_root_ca.crt \
29 -outform der -out /usr/local/share/ca-certificates/cord_root_ca.der && \
Zack Williamsc989f262017-05-11 13:02:59 -0700[diff] [blame]30 openssl x509 -in /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.crt \
31 -outform der -out /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.der && \
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]32 keytool -import -noprompt -storepass {{ trust_store_pw }} -alias cord_root_ca \
33 -file /usr/local/share/ca-certificates/cord_root_ca.der \
34 -keystore /usr/local/share/ca-certificates/cord_ca_certs.jks && \
Zack Williamsc989f262017-05-11 13:02:59 -0700[diff] [blame]35 keytool -import -noprompt -storepass {{ trust_store_pw }} -alias cord_{{ site_name }}_im_ca \
36 -file /usr/local/share/ca-certificates/cord_{{ site_name }}_im_ca.der \
Zack Williamsc047c872017-01-11 08:38:15 -0700[diff] [blame]37 -keystore /usr/local/share/ca-certificates/cord_ca_certs.jks
Scott Baker58e88a82016-11-18 13:39:09 -0800[diff] [blame]38
Jonathan Hart75ac6e92017-07-25 11:23:08 -0700[diff] [blame]39# Let ONOS know where the keystore is
40ENV JAVA_OPTS="-Djavax.net.ssl.trustStore=/usr/local/share/ca-certificates/cord_ca_certs.jks -Djavax.net.ssl.trustStorePassword={{ trust_store_pw }}"
Scott Baker58e88a82016-11-18 13:39:09 -0800[diff] [blame]41
Zack Williams30c01f92017-02-19 23:38:52 -0700[diff] [blame]42# Configure ONOS to log with log4j to ElasticStack
43COPY org.ops4j.pax.logging.cfg /root/onos/apache-karaf-3.0.5/etc/org.ops4j.pax.logging.cfg
44