CLOUDSTACK-6204: removing realhostip dependency

Moving default transport for console proxy, SSVM to http. See https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes for more info. jlk ported Amogh's patch for 4.3 to master - code base is different enough that patch has multiple issues. Author: Amogh Vasekar <Amogh Vasekar <amogh.vasekar@citrix.com> Signed-off-by: John Kinsella <jlk@stratosec.co> 1394398017 -0700
2025-10-26 08:42:29 +01:00 · 2014-03-09 13:46:57 -07:00 · 2014-03-09 13:46:57 -07:00 · 09c375379d
commit 09c375379d
parent cb26b4c337
8 changed files with 52 additions and 20 deletions
--- a/core/src/com/cloud/info/ConsoleProxyInfo.java
+++ b/core/src/com/cloud/info/ConsoleProxyInfo.java
@ -32,16 +32,17 @@ public class ConsoleProxyInfo {
        this.sslEnabled = sslEnabled;

        if (sslEnabled) {
-            StringBuffer sb = new StringBuffer(proxyIpAddress);
-            for (int i = 0; i < sb.length(); i++)
+            StringBuffer sb = new StringBuffer();
+            if (consoleProxyUrlDomain.startsWith("*")) {
+                sb.append(proxyIpAddress);
+                for (int i = 0; i < proxyIpAddress.length(); i++)
                    if (sb.charAt(i) == '.')
                        sb.setCharAt(i, '-');
-            if (consoleProxyUrlDomain != null && consoleProxyUrlDomain.length() > 0) {
-                sb.append(".");
+                sb.append(consoleProxyUrlDomain.substring(1));//skip the *
+            } else {
+                //LB address
                sb.append(consoleProxyUrlDomain);
-            } else
-                sb.append(".realhostip.com");
-
+            }
            proxyAddress = sb.toString();
            proxyPort = port;
            this.proxyUrlPort = proxyUrlPort;
--- a/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
+++ b/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
@ -777,12 +777,21 @@ public class TemplateServiceImpl implements TemplateService {
        String scheme = "http";
        boolean _sslCopy = false;
        String sslCfg = _configDao.getValue(Config.SecStorageEncryptCopy.toString());
+        String _ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
        if (sslCfg != null) {
            _sslCopy = Boolean.parseBoolean(sslCfg);
        }
+        if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
+            s_logger.warn("Empty secondary storage url domain, ignoring SSL");
+            _sslCopy = false;
+        }
        if (_sslCopy) {
+            if(_ssvmUrlDomain.startsWith("*")) {
                hostname = ipAddress.replace(".", "-");
-            hostname = hostname + ".realhostip.com";
+                hostname = hostname + _ssvmUrlDomain.substring(1);
+            } else {
+                hostname = _ssvmUrlDomain;
+            }
            scheme = "https";
        }
        return scheme + "://" + hostname + "/copy/SecStorage/" + dir + "/" + path;
--- a/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
+++ b/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
@ -93,12 +93,16 @@ public class CloudStackImageStoreDriverImpl extends BaseImageStoreDriverImpl {
        if (sslCfg != null) {
            _sslCopy = Boolean.parseBoolean(sslCfg);
        }
+        if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
+            s_logger.warn("Empty secondary storage url domain, ignoring SSL");
+            _sslCopy = false;
+        }
        if (_sslCopy) {
+            if(_ssvmUrlDomain.startsWith("*")) {
                hostname = ipAddress.replace(".", "-");
-            if (_ssvmUrlDomain != null && _ssvmUrlDomain.length() > 0) {
-                hostname = hostname + "." + _ssvmUrlDomain;
+                hostname = hostname + _ssvmUrlDomain.substring(1);
            } else {
-                hostname = hostname + ".realhostip.com";
+                hostname = _ssvmUrlDomain;
            }
            scheme = "https";
        }
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@ -439,7 +439,7 @@ public enum Config {
            "Console proxy command port that is used to communicate with management server",
            null),
    ConsoleProxyRestart("Console Proxy", AgentManager.class, Boolean.class, "consoleproxy.restart", "true", "Console proxy restart flag, defaulted to true", null),
-    ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "realhostip.com", "Console proxy url domain", null),
+    ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "", "Console proxy url domain", null),
    ConsoleProxyLoadscanInterval(
            "Console Proxy",
            AgentManager.class,
@ -782,7 +782,7 @@ public enum Config {
            ManagementServer.class,
            String.class,
            "secstorage.ssl.cert.domain",
-            "realhostip.com",
+            "",
            "SSL certificate used to encrypt copy traffic between zones",
            null),
    SecStorageCapacityStandby(
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@ -233,6 +233,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy

    private int _proxySessionTimeoutValue = DEFAULT_PROXY_SESSION_TIMEOUT;
    private boolean _sslEnabled = true;
+    private String _consoleProxyUrlDomain;

    // global load picture at zone basis
    private SystemVmLoadScanner<Long> _loadScanner;
@ -384,9 +385,9 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
        assert (ksVo != null);

        if (_staticPublicIp == null) {
-            return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), ksVo.getDomainSuffix());
+            return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), _consoleProxyUrlDomain);
        } else {
-            return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, ksVo.getDomainSuffix());
+            return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, _consoleProxyUrlDomain);
        }
    }

@ -1191,6 +1192,12 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
            _sslEnabled = true;
        }

+        _consoleProxyUrlDomain = configs.get(Config.ConsoleProxyUrlDomain.key());
+        if( _sslEnabled && (_consoleProxyUrlDomain == null || _consoleProxyUrlDomain.isEmpty())) {
+            s_logger.warn("Empty console proxy domain, explicitly disabling SSL");
+            _sslEnabled = false;
+        }
+
        value = configs.get(Config.ConsoleProxyCapacityScanInterval.key());
        _capacityScanInterval = NumbersUtil.parseLong(value, DEFAULT_CAPACITY_SCAN_INTERVAL);

--- a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
+++ b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
@ -807,6 +807,13 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
            _useSSlCopy = true;
        }

+        //default to HTTP in case of missing domain
+        String ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
+        if(_useSSlCopy && (ssvmUrlDomain == null || ssvmUrlDomain.isEmpty())){
+            s_logger.warn("Empty secondary storage url domain, explicitly disabling SSL");
+            _useSSlCopy = false;
+        }
+
        _allowedInternalSites = _configDao.getValue("secstorage.allowed.internal.sites");

        String value = configs.get("secstorage.capacityscan.interval");
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@ -110,6 +110,10 @@ CREATE TABLE `cloud`.`async_job_join_map` (
  INDEX `i_async_job_join_map__expiration`(`expiration`)
 ) ENGINE=InnoDB DEFAULT CHARSET=utf8;

+#realhostip changes, before changing table and adding default value
+UPDATE `cloud`.`configuration` SET value = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="consoleproxy.url.domain") AS `temptable` WHERE `temptable`.`name`="consoleproxy.url.domain")) WHERE `name`="consoleproxy.url.domain";
+UPDATE `cloud`.`configuration` SET `value` = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="secstorage.ssl.cert.domain") AS `temptable` WHERE `temptable`.`name`="secstorage.ssl.cert.domain")) WHERE `name`="secstorage.ssl.cert.domain";
+
 ALTER TABLE `cloud`.`configuration` ADD COLUMN `default_value` VARCHAR(4095) COMMENT 'Default value for a configuration parameter';
 ALTER TABLE `cloud`.`configuration` ADD COLUMN `updated` datetime COMMENT 'Time this was updated by the server. null means this row is obsolete.';
 ALTER TABLE `cloud`.`configuration` ADD COLUMN `scope` VARCHAR(255) DEFAULT NULL COMMENT 'Can this parameter be scoped';
--- a/systemvm/conf/consoleproxy.properties
+++ b/systemvm/conf/consoleproxy.properties
@ -16,7 +16,7 @@
 # under the License.

 consoleproxy.tcpListenPort=0
-consoleproxy.httpListenPort=8088
+consoleproxy.httpListenPort=80
 consoleproxy.httpCmdListenPort=8001
 consoleproxy.jarDir=./applet/
 consoleproxy.viewerLinger=180