You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2022/04/04 12:18:24 UTC
[GitHub] [cloudstack] weizhouapache opened a new pull request, #6200: KVM: Enable SSL if keystore exists
weizhouapache opened a new pull request, #6200:
URL: https://github.com/apache/cloudstack/pull/6200
### Description
This PR enables SSL in kvm agent if keystore exists.
This fixes the issue in URL check of direct-download templates
<!--- Describe your changes in DETAIL - And how has behaviour functionally changed. -->
<!-- For new features, provide link to FS, dev ML discussion etc. -->
<!-- In case of bug fix, the expected and actual behaviours, steps to reproduce. -->
<!-- When "Fixes: #<id>" is specified, the issue/PR will automatically be closed when this PR gets merged -->
<!-- For addressing multiple issues/PRs, use multiple "Fixes: #<id>" -->
<!-- Fixes: # -->
<!--- ********************************************************************************* -->
<!--- NOTE: AUTOMATATION USES THE DESCRIPTIONS TO SET LABELS AND PRODUCE DOCUMENTATION. -->
<!--- PLEASE PUT AN 'X' in only **ONE** box -->
<!--- ********************************************************************************* -->
### Types of changes
- [ ] Breaking change (fix or feature that would cause existing functionality to change)
- [ ] New feature (non-breaking change which adds functionality)
- [x] Bug fix (non-breaking change which fixes an issue)
- [ ] Enhancement (improves an existing feature and functionality)
- [ ] Cleanup (Code refactoring and cleanup, that may add test cases)
### Feature/Enhancement Scale or Bug Severity
#### Feature/Enhancement Scale
- [ ] Major
- [ ] Minor
#### Bug Severity
- [ ] BLOCKER
- [ ] Critical
- [ ] Major
- [ ] Minor
- [ ] Trivial
### Screenshots (if appropriate):
### How Has This Been Tested?
<!-- Please describe in detail how you tested your changes. -->
<!-- Include details of your testing environment, and the tests you ran to -->
<!-- see how your change affects other areas of the code, etc. -->
<!-- Please read the [CONTRIBUTING](https://github.com/apache/cloudstack/blob/main/CONTRIBUTING.md) document -->
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1087484577
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105941486
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1087561232
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1103594262
<b>Trillian Build Failed (tid-3939)<b/>
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105638622
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102984899
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 3221
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1103671475
@weizhouapache a Trillian-Jenkins test job (ubuntu20 mgmt + kvm-ubuntu20) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105641085
@weizhouapache a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105594583
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 3264
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105507480
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105507139
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102953725
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
nvazquez commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105219692
@blueorangutan test
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1103570722
@weizhouapache a Trillian-Jenkins test job (ubuntu20 mgmt + kvm-ubuntu20) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1088093317
<b>Trillian test result (tid-3807)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 32581 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6200-t3807-kvm-centos7.zip
Smoke tests completed. 92 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1103670268
@blueorangutan test ubuntu20 kvm-ubuntu20
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102726774
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102771617
## PR Coverage Report
|**CLASS**|**INSTRUCTION MISSED**|**INSTRUCTION COVERED**|**BRANCH MISSED**|**BRANCH COVERED**|**LINE MISSED**|**LINE COVERED**|
|-----|-----|-----|-----|-----|-----|-----|
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
|StorageManager|0|211|0|0|0|18|
|AgentAttache|1042|0|124|0|219|0|
|AgentManagerImpl|3463|0|380|0|714|0|
|ClusteredAgentManagerImpl|2361|0|242|0|536|0|
|NetworkOrchestrator|9636|0|1176|0|1901|0|
|VolumeOrchestrator|5170|0|560|0|977|0|
||
||
|NetworkDaoImpl|3307|0|116|0|467|0|
|SnapshotVO|172|58|12|0|48|20|
||
|SnapshotDaoImpl|768|0|8|0|128|0|
|Upgrade41610to41700|82|7|4|0|23|2|
||
|DirectDownloadCertificateHostMapDaoImpl|121|0|0|0|18|0|
|DirectDownloadCertificateHostMapVO|54|0|4|0|19|0|
||
|AncientDataMotionStrategy|1458|52|170|4|338|10|
|DefaultSnapshotStrategy|758|220|100|10|164|37|
|SnapshotDataFactoryImpl|152|58|15|5|37|13|
|DefaultVMSnapshotStrategy|486|677|52|30|100|140|
|ScaleIOVMSnapshotStrategy|1063|4|80|0|224|1|
|StorageStrategyFactoryImpl|37|77|1|5|8|18|
|SnapshotDataStoreDaoImpl|1683|60|44|2|292|13|
|DefaultHostListener|537|0|40|0|101|0|
||
|LibvirtComputingResource|8927|1961|1096|140|1992|444|
|LibvirtVMDef|37|114|6|4|11|36|
|LibvirtReadyCommandWrapper|8|37|2|2|1|10|
|LibvirtRevertSnapshotCommandWrapper|387|130|20|0|69|16|
|LibvirtUtilitiesHelper|115|58|4|2|27|8|
|IscsiAdmStorageAdaptor|981|0|52|0|178|0|
|IscsiAdmStoragePool|129|0|0|0|32|0|
|KVMStoragePoolManager|926|4|76|0|192|1|
|KVMStorageProcessor|5992|498|448|22|1239|71|
|LibvirtStorageAdaptor|3376|19|257|0|797|2|
|LibvirtStoragePool|239|89|15|9|64|29|
|LinstorStorageAdaptor|1076|0|50|0|246|0|
|ManagedNfsStorageAdaptor|446|0|20|0|125|0|
|ScaleIOStorageAdaptor|684|121|75|13|152|31|
||
|QemuImg|674|0|64|0|160|0|
||
||
||
||
|MockVmManagerImpl|1495|0|90|0|338|0|
|VmwareServerDiscoverer|1586|0|182|0|378|0|
|VmwareManagerImpl|2613|528|296|38|615|117|
|VmwareResource|20060|0|2242|0|4330|0|
|VmwareStorageProcessor|9886|9|940|0|2121|2|
|XcpServerDiscoverer|1554|101|176|6|345|21|
|CitrixResourceBase|14566|557|1452|34|3160|122|
|CitrixReadyCommandWrapper|58|37|3|1|15|11|
|ListVMsMetricsCmd|39|0|0|0|10|0|
||
|MetricsServiceImpl|1673|0|98|0|337|0|
|NetScalerControlCenterResource|1943|0|144|0|468|0|
|NetscalerResource|6882|0|806|0|1623|0|
|ElastistorHostListener|150|0|14|0|30|0|
|DateraPrimaryDataStoreDriver|3195|0|283|0|748|0|
|DateraHostListener|635|0|74|0|136|0|
|CloudStackPrimaryDataStoreDriverImpl|903|0|114|0|229|0|
|LinstorPrimaryDataStoreDriverImpl|1442|0|91|0|348|0|
||
||
||
|ScaleIOPrimaryDataStoreDriver|2537|0|246|0|537|0|
|ScaleIOHostListener|196|0|14|0|43|0|
|SolidFirePrimaryDataStoreDriver|3347|0|284|0|697|0|
|SolidFireHostListener|545|0|60|0|112|0|
|SolidFireSharedHostListener|407|0|30|0|82|0|
|SAMLUtils|202|465|41|11|53|108|
|ApiDBUtils|2361|0|206|0|588|0|
|ApiResponseHelper|11878|0|1242|0|2711|0|
|ParamProcessWorker|1027|0|147|0|237|0|
|QueryManagerImpl|14153|0|1242|0|2389|0|
|ViewResponseHelper|1662|0|150|0|305|0|
||
|UserVmJoinDaoImpl|1531|0|184|0|328|0|
|Config|152|5162|30|6|42|342|
|ConfigurationManagerImpl|18094|0|3042|0|3571|0|
|LibvirtServerDiscoverer|988|0|116|0|218|0|
|ConfigDriveNetworkElement|1466|0|173|0|306|0|
|NetworkHelperImpl|2019|0|264|0|428|0|
|NetworkACLServiceImpl|2698|0|302|0|520|0|
|ResourceManagerImpl|8512|0|982|0|1658|0|
|ManagementServerImpl|11764|0|1048|0|2349|0|
|StatsCollector|1875|0|104|0|308|0|
|StorageManagerImpl|8547|0|974|0|1704|0|
|VolumeApiServiceImpl|10826|0|1498|0|2031|0|
|SnapshotManager|107|0|0|0|9|0|
|SnapshotManagerImpl|4186|0|410|0|751|0|
|TaggedResourceManagerImpl|473|0|58|0|96|0|
|TemplateManagerImpl|4996|0|696|0|1042|0|
|AccountManagerImpl|6427|0|900|0|1348|0|
|UserVmManagerImpl|20824|0|2576|0|3873|0|
|VMSnapshotManagerImpl|3135|0|292|0|623|0|
|BackupManagerImpl|2776|0|224|0|488|0|
|DirectDownloadManagerImpl|1679|0|186|0|361|0|
|UnmanagedVMsManagerImpl|4881|0|542|0|800|0|
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
||
|PremiumSecondaryStorageManagerImpl|775|0|64|0|116|0|
|SecondaryStorageManagerImpl|3494|149|343|11|623|32|
||
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] DaanHoogland commented on a diff in pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
DaanHoogland commented on code in PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#discussion_r849581494
##########
agent/src/main/java/com/cloud/agent/AgentShell.java:
##########
@@ -397,6 +399,24 @@ public void init(String[] args) throws ConfigurationException {
_backoff.configure("ConstantTimeBackoff", new HashMap<String, Object>());
}
+ private void enableSSL() {
+ final File agentFile = PropertiesUtil.findConfigFile("agent.properties");
+ if (agentFile == null) {
+ s_logger.info("Failed to find agent.properties file");
+ return;
+ }
+ String keystorePass = getProperty(null, "keystore.passphrase");
+ if (StringUtils.isBlank(keystorePass)) {
+ return;
+ }
+ final String keyStoreFile = agentFile.getParent() + "/" + KeyStoreUtils.KS_FILENAME;
+ File f = new File(keyStoreFile);
+ if (f.exists() && !f.isDirectory()) {
Review Comment:
should we log an else for this? we now have a passphrase and no keystore.
##########
agent/src/main/java/com/cloud/agent/AgentShell.java:
##########
@@ -397,6 +399,24 @@ public void init(String[] args) throws ConfigurationException {
_backoff.configure("ConstantTimeBackoff", new HashMap<String, Object>());
}
+ private void enableSSL() {
+ final File agentFile = PropertiesUtil.findConfigFile("agent.properties");
+ if (agentFile == null) {
+ s_logger.info("Failed to find agent.properties file");
+ return;
+ }
+ String keystorePass = getProperty(null, "keystore.passphrase");
+ if (StringUtils.isBlank(keystorePass)) {
+ return;
+ }
Review Comment:
we are not allowing a keystore without passphrase?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1104441894
<b>Trillian test result (tid-3940)</b>
Environment: kvm-ubuntu20 (x2), Advanced Networking with Mgmt server u20
Total time taken: 40036 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6200-t3940-kvm-ubuntu20.zip
Smoke tests completed. 93 look OK, 3 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
test_01_add_primary_storage_disabled_host | `Error` | 0.69 | test_primary_storage.py
test_01_primary_storage_nfs | `Error` | 0.19 | test_primary_storage.py
ContextSuite context=TestStorageTags>:setup | `Error` | 0.32 | test_primary_storage.py
test_01_deploy_vm_on_specific_host | `Error` | 1.22 | test_vm_deployment_planner.py
test_02_deploy_vm_on_specific_cluster | `Error` | 0.16 | test_vm_deployment_planner.py
test_03_deploy_vm_on_specific_pod | `Error` | 0.20 | test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster | `Error` | 1.26 | test_vm_deployment_planner.py
test_05_deploy_vm_on_cluster_override_pod | `Error` | 0.18 | test_vm_deployment_planner.py
test_hostha_enable_ha_when_host_in_maintenance | `Error` | 305.17 | test_hostha_kvm.py
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1104493597
@blueorangutan test ubuntu20 kvm-ubuntu20
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102727640
Found UI changes, kicking a new UI QA build
@blueorangutan ui
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1087545090
Packaging result: :heavy_check_mark: el7 :heavy_check_mark: el8 :heavy_check_mark: debian :heavy_check_mark: suse15. SL-JID 3067
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1087485524
@weizhouapache a Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] nvazquez merged pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
nvazquez merged PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#discussion_r853146096
##########
agent/src/main/java/com/cloud/agent/AgentShell.java:
##########
@@ -397,6 +399,24 @@ public void init(String[] args) throws ConfigurationException {
_backoff.configure("ConstantTimeBackoff", new HashMap<String, Object>());
}
+ private void enableSSL() {
+ final File agentFile = PropertiesUtil.findConfigFile("agent.properties");
+ if (agentFile == null) {
+ s_logger.info("Failed to find agent.properties file");
+ return;
+ }
+ String keystorePass = getProperty(null, "keystore.passphrase");
+ if (StringUtils.isBlank(keystorePass)) {
+ return;
+ }
+ final String keyStoreFile = agentFile.getParent() + "/" + KeyStoreUtils.KS_FILENAME;
+ File f = new File(keyStoreFile);
+ if (f.exists() && !f.isDirectory()) {
Review Comment:
added. thanks @DaanHoogland
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1103570450
@blueorangutan test ubuntu20 kvm-ubuntu20
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] acs-robot commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
acs-robot commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102727659
Found Java/XML changes, kicking packaging job
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1087562196
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1106591807
<b>Trillian test result (tid-3977)</b>
Environment: kvm-centos7 (x2), Advanced Networking with Mgmt server 7
Total time taken: 41440 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr6200-t3977-kvm-centos7.zip
Smoke tests completed. 96 look OK, 0 have errors
Only failed tests results shown below:
Test | Result | Time (s) | Test File
--- | --- | --- | ---
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1102952943
@blueorangutan package
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] weizhouapache commented on a diff in pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
weizhouapache commented on code in PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#discussion_r853140379
##########
agent/src/main/java/com/cloud/agent/AgentShell.java:
##########
@@ -397,6 +399,24 @@ public void init(String[] args) throws ConfigurationException {
_backoff.configure("ConstantTimeBackoff", new HashMap<String, Object>());
}
+ private void enableSSL() {
+ final File agentFile = PropertiesUtil.findConfigFile("agent.properties");
+ if (agentFile == null) {
+ s_logger.info("Failed to find agent.properties file");
+ return;
+ }
+ String keystorePass = getProperty(null, "keystore.passphrase");
+ if (StringUtils.isBlank(keystorePass)) {
+ return;
+ }
Review Comment:
@DaanHoogland no, each keystore has non-empty passphrase
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105951064
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [cloudstack] blueorangutan commented on pull request #6200: KVM: Enable SSL if keystore exists
Posted by GitBox <gi...@apache.org>.
blueorangutan commented on PR #6200:
URL: https://github.com/apache/cloudstack/pull/6200#issuecomment-1105220276
@nvazquez a Trillian-Jenkins test job (centos7 mgmt + kvm-centos7) has been kicked to run smoke tests
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: commits-unsubscribe@cloudstack.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org