mirror of
https://github.com/apache/cloudstack.git
synced 2025-10-26 08:42:29 +01:00
CLOUDSTACK-6204: removing realhostip dependency
Moving default transport for console proxy, SSVM to http. See https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes for more info. jlk ported Amogh's patch for 4.3 to master - code base is different enough that patch has multiple issues. Author: Amogh Vasekar <Amogh Vasekar <amogh.vasekar@citrix.com> Signed-off-by: John Kinsella <jlk@stratosec.co> 1394398017 -0700
This commit is contained in:
John Kinsella
parent
cb26b4c337
commit
09c375379d
@ -32,16 +32,17 @@ public class ConsoleProxyInfo {
|
|||||||
this.sslEnabled = sslEnabled;
|
this.sslEnabled = sslEnabled;
|
||||||
|
|
||||||
if (sslEnabled) {
|
if (sslEnabled) {
|
||||||
StringBuffer sb = new StringBuffer(proxyIpAddress);
|
StringBuffer sb = new StringBuffer();
|
||||||
for (int i = 0; i < sb.length(); i++)
|
if (consoleProxyUrlDomain.startsWith("*")) {
|
||||||
if (sb.charAt(i) == '.')
|
sb.append(proxyIpAddress);
|
||||||
sb.setCharAt(i, '-');
|
for (int i = 0; i < proxyIpAddress.length(); i++)
|
||||||
if (consoleProxyUrlDomain != null && consoleProxyUrlDomain.length() > 0) {
|
if (sb.charAt(i) == '.')
|
||||||
sb.append(".");
|
sb.setCharAt(i, '-');
|
||||||
|
sb.append(consoleProxyUrlDomain.substring(1));//skip the *
|
||||||
|
} else {
|
||||||
|
//LB address
|
||||||
sb.append(consoleProxyUrlDomain);
|
sb.append(consoleProxyUrlDomain);
|
||||||
} else
|
}
|
||||||
sb.append(".realhostip.com");
|
|
||||||
|
|
||||||
proxyAddress = sb.toString();
|
proxyAddress = sb.toString();
|
||||||
proxyPort = port;
|
proxyPort = port;
|
||||||
this.proxyUrlPort = proxyUrlPort;
|
this.proxyUrlPort = proxyUrlPort;
|
||||||
|
|||||||
@ -777,12 +777,21 @@ public class TemplateServiceImpl implements TemplateService {
|
|||||||
String scheme = "http";
|
String scheme = "http";
|
||||||
boolean _sslCopy = false;
|
boolean _sslCopy = false;
|
||||||
String sslCfg = _configDao.getValue(Config.SecStorageEncryptCopy.toString());
|
String sslCfg = _configDao.getValue(Config.SecStorageEncryptCopy.toString());
|
||||||
|
String _ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
|
||||||
if (sslCfg != null) {
|
if (sslCfg != null) {
|
||||||
_sslCopy = Boolean.parseBoolean(sslCfg);
|
_sslCopy = Boolean.parseBoolean(sslCfg);
|
||||||
}
|
}
|
||||||
|
if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
|
||||||
|
s_logger.warn("Empty secondary storage url domain, ignoring SSL");
|
||||||
|
_sslCopy = false;
|
||||||
|
}
|
||||||
if (_sslCopy) {
|
if (_sslCopy) {
|
||||||
hostname = ipAddress.replace(".", "-");
|
if(_ssvmUrlDomain.startsWith("*")) {
|
||||||
hostname = hostname + ".realhostip.com";
|
hostname = ipAddress.replace(".", "-");
|
||||||
|
hostname = hostname + _ssvmUrlDomain.substring(1);
|
||||||
|
} else {
|
||||||
|
hostname = _ssvmUrlDomain;
|
||||||
|
}
|
||||||
scheme = "https";
|
scheme = "https";
|
||||||
}
|
}
|
||||||
return scheme + "://" + hostname + "/copy/SecStorage/" + dir + "/" + path;
|
return scheme + "://" + hostname + "/copy/SecStorage/" + dir + "/" + path;
|
||||||
|
|||||||
@ -93,12 +93,16 @@ public class CloudStackImageStoreDriverImpl extends BaseImageStoreDriverImpl {
|
|||||||
if (sslCfg != null) {
|
if (sslCfg != null) {
|
||||||
_sslCopy = Boolean.parseBoolean(sslCfg);
|
_sslCopy = Boolean.parseBoolean(sslCfg);
|
||||||
}
|
}
|
||||||
|
if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
|
||||||
|
s_logger.warn("Empty secondary storage url domain, ignoring SSL");
|
||||||
|
_sslCopy = false;
|
||||||
|
}
|
||||||
if (_sslCopy) {
|
if (_sslCopy) {
|
||||||
hostname = ipAddress.replace(".", "-");
|
if(_ssvmUrlDomain.startsWith("*")) {
|
||||||
if (_ssvmUrlDomain != null && _ssvmUrlDomain.length() > 0) {
|
hostname = ipAddress.replace(".", "-");
|
||||||
hostname = hostname + "." + _ssvmUrlDomain;
|
hostname = hostname + _ssvmUrlDomain.substring(1);
|
||||||
} else {
|
} else {
|
||||||
hostname = hostname + ".realhostip.com";
|
hostname = _ssvmUrlDomain;
|
||||||
}
|
}
|
||||||
scheme = "https";
|
scheme = "https";
|
||||||
}
|
}
|
||||||
|
|||||||
@ -439,7 +439,7 @@ public enum Config {
|
|||||||
"Console proxy command port that is used to communicate with management server",
|
"Console proxy command port that is used to communicate with management server",
|
||||||
null),
|
null),
|
||||||
ConsoleProxyRestart("Console Proxy", AgentManager.class, Boolean.class, "consoleproxy.restart", "true", "Console proxy restart flag, defaulted to true", null),
|
ConsoleProxyRestart("Console Proxy", AgentManager.class, Boolean.class, "consoleproxy.restart", "true", "Console proxy restart flag, defaulted to true", null),
|
||||||
ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "realhostip.com", "Console proxy url domain", null),
|
ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "", "Console proxy url domain", null),
|
||||||
ConsoleProxyLoadscanInterval(
|
ConsoleProxyLoadscanInterval(
|
||||||
"Console Proxy",
|
"Console Proxy",
|
||||||
AgentManager.class,
|
AgentManager.class,
|
||||||
@ -782,7 +782,7 @@ public enum Config {
|
|||||||
ManagementServer.class,
|
ManagementServer.class,
|
||||||
String.class,
|
String.class,
|
||||||
"secstorage.ssl.cert.domain",
|
"secstorage.ssl.cert.domain",
|
||||||
"realhostip.com",
|
"",
|
||||||
"SSL certificate used to encrypt copy traffic between zones",
|
"SSL certificate used to encrypt copy traffic between zones",
|
||||||
null),
|
null),
|
||||||
SecStorageCapacityStandby(
|
SecStorageCapacityStandby(
|
||||||
|
|||||||
@ -233,6 +233,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
|
|||||||
|
|
||||||
private int _proxySessionTimeoutValue = DEFAULT_PROXY_SESSION_TIMEOUT;
|
private int _proxySessionTimeoutValue = DEFAULT_PROXY_SESSION_TIMEOUT;
|
||||||
private boolean _sslEnabled = true;
|
private boolean _sslEnabled = true;
|
||||||
|
private String _consoleProxyUrlDomain;
|
||||||
|
|
||||||
// global load picture at zone basis
|
// global load picture at zone basis
|
||||||
private SystemVmLoadScanner<Long> _loadScanner;
|
private SystemVmLoadScanner<Long> _loadScanner;
|
||||||
@ -384,9 +385,9 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
|
|||||||
assert (ksVo != null);
|
assert (ksVo != null);
|
||||||
|
|
||||||
if (_staticPublicIp == null) {
|
if (_staticPublicIp == null) {
|
||||||
return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), ksVo.getDomainSuffix());
|
return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), _consoleProxyUrlDomain);
|
||||||
} else {
|
} else {
|
||||||
return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, ksVo.getDomainSuffix());
|
return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, _consoleProxyUrlDomain);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1191,6 +1192,12 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
|
|||||||
_sslEnabled = true;
|
_sslEnabled = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
_consoleProxyUrlDomain = configs.get(Config.ConsoleProxyUrlDomain.key());
|
||||||
|
if( _sslEnabled && (_consoleProxyUrlDomain == null || _consoleProxyUrlDomain.isEmpty())) {
|
||||||
|
s_logger.warn("Empty console proxy domain, explicitly disabling SSL");
|
||||||
|
_sslEnabled = false;
|
||||||
|
}
|
||||||
|
|
||||||
value = configs.get(Config.ConsoleProxyCapacityScanInterval.key());
|
value = configs.get(Config.ConsoleProxyCapacityScanInterval.key());
|
||||||
_capacityScanInterval = NumbersUtil.parseLong(value, DEFAULT_CAPACITY_SCAN_INTERVAL);
|
_capacityScanInterval = NumbersUtil.parseLong(value, DEFAULT_CAPACITY_SCAN_INTERVAL);
|
||||||
|
|
||||||
|
|||||||
@ -807,6 +807,13 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
|
|||||||
_useSSlCopy = true;
|
_useSSlCopy = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
//default to HTTP in case of missing domain
|
||||||
|
String ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
|
||||||
|
if(_useSSlCopy && (ssvmUrlDomain == null || ssvmUrlDomain.isEmpty())){
|
||||||
|
s_logger.warn("Empty secondary storage url domain, explicitly disabling SSL");
|
||||||
|
_useSSlCopy = false;
|
||||||
|
}
|
||||||
|
|
||||||
_allowedInternalSites = _configDao.getValue("secstorage.allowed.internal.sites");
|
_allowedInternalSites = _configDao.getValue("secstorage.allowed.internal.sites");
|
||||||
|
|
||||||
String value = configs.get("secstorage.capacityscan.interval");
|
String value = configs.get("secstorage.capacityscan.interval");
|
||||||
|
|||||||
@ -110,6 +110,10 @@ CREATE TABLE `cloud`.`async_job_join_map` (
|
|||||||
INDEX `i_async_job_join_map__expiration`(`expiration`)
|
INDEX `i_async_job_join_map__expiration`(`expiration`)
|
||||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||||
|
|
||||||
|
#realhostip changes, before changing table and adding default value
|
||||||
|
UPDATE `cloud`.`configuration` SET value = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="consoleproxy.url.domain") AS `temptable` WHERE `temptable`.`name`="consoleproxy.url.domain")) WHERE `name`="consoleproxy.url.domain";
|
||||||
|
UPDATE `cloud`.`configuration` SET `value` = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="secstorage.ssl.cert.domain") AS `temptable` WHERE `temptable`.`name`="secstorage.ssl.cert.domain")) WHERE `name`="secstorage.ssl.cert.domain";
|
||||||
|
|
||||||
ALTER TABLE `cloud`.`configuration` ADD COLUMN `default_value` VARCHAR(4095) COMMENT 'Default value for a configuration parameter';
|
ALTER TABLE `cloud`.`configuration` ADD COLUMN `default_value` VARCHAR(4095) COMMENT 'Default value for a configuration parameter';
|
||||||
ALTER TABLE `cloud`.`configuration` ADD COLUMN `updated` datetime COMMENT 'Time this was updated by the server. null means this row is obsolete.';
|
ALTER TABLE `cloud`.`configuration` ADD COLUMN `updated` datetime COMMENT 'Time this was updated by the server. null means this row is obsolete.';
|
||||||
ALTER TABLE `cloud`.`configuration` ADD COLUMN `scope` VARCHAR(255) DEFAULT NULL COMMENT 'Can this parameter be scoped';
|
ALTER TABLE `cloud`.`configuration` ADD COLUMN `scope` VARCHAR(255) DEFAULT NULL COMMENT 'Can this parameter be scoped';
|
||||||
|
|||||||
@ -16,7 +16,7 @@
|
|||||||
# under the License.
|
# under the License.
|
||||||
|
|
||||||
consoleproxy.tcpListenPort=0
|
consoleproxy.tcpListenPort=0
|
||||||
consoleproxy.httpListenPort=8088
|
consoleproxy.httpListenPort=80
|
||||||
consoleproxy.httpCmdListenPort=8001
|
consoleproxy.httpCmdListenPort=8001
|
||||||
consoleproxy.jarDir=./applet/
|
consoleproxy.jarDir=./applet/
|
||||||
consoleproxy.viewerLinger=180
|
consoleproxy.viewerLinger=180
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user