Exemple de configurations YAML
elm-application-config, Assistance TLSv1.3
apiVersion: v1
kind: ConfigMap
metadata:
name: elm-application-config
namespace: example
data:
appconfig: |
{
"common": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"appSpecific": {
"JTS": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"QM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"RM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"CCM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"GC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"DCC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"ENI": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"RB": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"LQE": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"LDX": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"JAS": {
"security": {
"SSL_PROTOCOL": "TLSv1.3"
}
}
}
}elm-application-config, Support TLSv1.2 pour NIST SP 800-131
apiVersion: v1
kind: ConfigMap
metadata:
name: elm-application-config
namespace: example
data:
appconfig: |
{
"common": {
"security": {
"SSL_PROTOCOL": "TLSv1.2-strict",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"appSpecific": {
"JTS": {
"security": {
"SSL_PROTOCOL": "TLSv1.2-strict",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"QM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"RM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"CCM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"GC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"DCC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"ENI": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"RB": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"LQE": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"LDX": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"JAS": {
"security": {
"SSL_PROTOCOL": "TLSv1.3"
}
}
}
}elm-application-config, JVM_ARGS
apiVersion: v1
kind: ConfigMap
metadata:
name: elm-application-config
namespace: example
data:
appconfig: |
{
"common": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
}
}elm-application-config, prise en charge de la configuration par application ( TLSv1.3 ) pour certaines applications au sein d'une instance d' ELM
L'exemple montre une instance d' ELM créée avec JTS, JAS, GC, CCM, LQE, RB des applications
apiVersion: v1
kind: ConfigMap
metadata:
name: elm-application-config
namespace: example
data:
appconfig: |
{
"common": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"appSpecific": {
"JTS": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"JAS": {
"security": {
"SSL_PROTOCOL": "TLSv1.3"
}
},
"CCM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"GC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"DCC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"RB": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"LQE": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
}
}
} elm-application-config, prise en charge de la norme « TLSv1.2 » (NIST SP 800-131) pour certaines applications dans l'instance d' ELM
L'exemple montre une instance d' ELM créée avec JTS, JAS, GC, CCM, LQE, RB des applications
apiVersion: v1
kind: ConfigMap
metadata:
name: elm-application-config
namespace: example
data:
appconfig: |
{
"common": {
"security": {
"SSL_PROTOCOL": "TLSv1.2-strict",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"appSpecific": {
"JTS": {
"security": {
"SSL_PROTOCOL": "TLSv1.2-strict",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"CCM": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"GC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"DCC": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"RB": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"LQE": {
"security": {
"SSL_PROTOCOL": "TLSv1.3",
"SSL_CIPHERS": "CIPHER1 CIPHER2"
}
},
"JAS": {
"security": {
"SSL_PROTOCOL": "TLSv1.3"
}
}
}
} elm-application-config, JVM_ARGS pour certaines applications dans une instance d' ELM
L'exemple montre l'instance de l' ELM créée avec JTS, JAS, GC, CCM, LQE, RB les applications
apiVersion: v1
kind: ConfigMap
metadata:
name: elm-application-config
namespace: example
data:
appconfig: |
{
"appSpecific": {
"JTS": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
},
"CCM": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
},
"GC": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
},
"DCC": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
},
"RB": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
},
"LQE": {
"jvmconfig": {
"JVM_ARGS": "-Dcom.ibm.team.repository.servlet.disableHostHeaderValidation=false -Dcom.ibm.team.repository.servlet.extraValidHostNames=ibm-elm-ccm,ibm-elm-jts,ibm-elm-dcc,ibm-elm-qm,ibm-elm-rm,ibm-elm-gc,ibm-elm-jas,ibm-elm-jrs,ibm-elm-ldx,ibm-elm-lqe,ibm-elm-relm -Djazz.connector.sslEnabledProtocols=TLSv1.2 -Dcom.ibm.team.repository.transport.client.protocol=TLSv1.2 -Dcom.ibm.jsse2.sp800-131=strict -Dcom.ibm.rational.rpe.tls12only=true -Dcom.ibm.jsse2.overrideDefaultTLS=true"
}
},
"JAS": {
"jvmconfig": {
"JVM_ARGS": "TLSv1.3"
}
}
}
}