You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by jl...@apache.org on 2014/03/09 22:07:55 UTC
git commit: updated refs/heads/4.3-forward to 2fe7aee
Repository: cloudstack
Updated Branches:
refs/heads/4.3-forward 164ea3e84 -> 2fe7aeea2
CLOUDSTACK-6204: Removing realhostip.com dependency
For more info, see https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes
Author: Amogh Vasekar <am...@citrix.com>
Signed-off-by: John Kinsella <jl...@stratosec.co> 1394399081 -0700
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/2fe7aeea
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/2fe7aeea
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/2fe7aeea
Branch: refs/heads/4.3-forward
Commit: 2fe7aeea23ddef25224e3e248f0a91513a14811f
Parents: 164ea3e
Author: John Kinsella <jl...@stratosec.co>
Authored: Sun Mar 9 14:04:41 2014 -0700
Committer: John Kinsella <jl...@stratosec.co>
Committed: Sun Mar 9 14:04:41 2014 -0700
----------------------------------------------------------------------
.../cloudstack/storage/image/TemplateServiceImpl.java | 13 +++++++++++--
.../driver/CloudStackImageStoreDriverImpl.java | 12 ++++++++----
server/src/com/cloud/configuration/Config.java | 4 ++--
.../cloud/consoleproxy/ConsoleProxyManagerImpl.java | 11 ++++++++---
.../storage/secondary/SecondaryStorageManagerImpl.java | 7 +++++++
setup/db/db/schema-421to430.sql | 4 ++++
systemvm/conf/consoleproxy.properties | 2 +-
7 files changed, 41 insertions(+), 12 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
----------------------------------------------------------------------
diff --git a/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java b/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
index a649bb7..1dd2881 100644
--- a/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
+++ b/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
@@ -793,12 +793,21 @@ public class TemplateServiceImpl implements TemplateService {
String scheme = "http";
boolean _sslCopy = false;
String sslCfg = _configDao.getValue(Config.SecStorageEncryptCopy.toString());
+ String _ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
if ( sslCfg != null ){
_sslCopy = Boolean.parseBoolean(sslCfg);
}
+ if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
+ s_logger.warn("Empty secondary storage url domain, ignoring SSL");
+ _sslCopy = false;
+ }
if (_sslCopy) {
- hostname = ipAddress.replace(".", "-");
- hostname = hostname + ".realhostip.com";
+ if(_ssvmUrlDomain.startsWith("*")) {
+ hostname = ipAddress.replace(".", "-");
+ hostname = hostname + _ssvmUrlDomain.substring(1);
+ } else {
+ hostname = _ssvmUrlDomain;
+ }
scheme = "https";
}
return scheme + "://" + hostname + "/copy/SecStorage/" + dir + "/" + path;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
----------------------------------------------------------------------
diff --git a/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java b/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
index 52cad3b..1af0eba 100644
--- a/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
+++ b/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
@@ -92,12 +92,16 @@ public class CloudStackImageStoreDriverImpl extends BaseImageStoreDriverImpl {
if ( sslCfg != null ){
_sslCopy = Boolean.parseBoolean(sslCfg);
}
+ if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
+ s_logger.warn("Empty secondary storage url domain, ignoring SSL");
+ _sslCopy = false;
+ }
if (_sslCopy) {
- hostname = ipAddress.replace(".", "-");
- if(_ssvmUrlDomain != null && _ssvmUrlDomain.length() > 0){
- hostname = hostname + "." + _ssvmUrlDomain;
+ if(_ssvmUrlDomain.startsWith("*")) {
+ hostname = ipAddress.replace(".", "-");
+ hostname = hostname + _ssvmUrlDomain.substring(1);
} else {
- hostname = hostname + ".realhostip.com";
+ hostname = _ssvmUrlDomain;
}
scheme = "https";
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/server/src/com/cloud/configuration/Config.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 2d55f46..6ebb7e6 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -118,7 +118,7 @@ public enum Config {
ConsoleProxyCapacityScanInterval("Console Proxy", AgentManager.class, String.class, "consoleproxy.capacityscan.interval", "30000", "The time interval(in millisecond) to scan whether or not system needs more console proxy to ensure minimal standby capacity", null),
ConsoleProxyCmdPort("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.cmd.port", "8001", "Console proxy command port that is used to communicate with management server", null),
ConsoleProxyRestart("Console Proxy", AgentManager.class, Boolean.class, "consoleproxy.restart", "true", "Console proxy restart flag, defaulted to true", null),
- ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "realhostip.com", "Console proxy url domain", null),
+ ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "", "Console proxy url domain", null),
ConsoleProxyLoadscanInterval("Console Proxy", AgentManager.class, String.class, "consoleproxy.loadscan.interval", "10000", "The time interval(in milliseconds) to scan console proxy working-load info", null),
ConsoleProxySessionMax("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.session.max", String.valueOf(ConsoleProxyManager.DEFAULT_PROXY_CAPACITY), "The max number of viewer sessions console proxy is configured to serve for", null),
ConsoleProxySessionTimeout("Console Proxy", AgentManager.class, Integer.class, "consoleproxy.session.timeout", "300000", "Timeout(in milliseconds) that console proxy tries to maintain a viewer session before it times out the session for no activity", null),
@@ -185,7 +185,7 @@ public enum Config {
MaxTemplateAndIsoSize("Advanced", ManagementServer.class, Long.class, "max.template.iso.size", "50", "The maximum size for a downloaded template or ISO (in GB).", null),
SecStorageAllowedInternalDownloadSites("Advanced", ManagementServer.class, String.class, "secstorage.allowed.internal.sites", null, "Comma separated list of cidrs internal to the datacenter that can host template download servers, please note 0.0.0.0 is not a valid site", null),
SecStorageEncryptCopy("Advanced", ManagementServer.class, Boolean.class, "secstorage.encrypt.copy", "false", "Use SSL method used to encrypt copy traffic between zones", "true,false"),
- SecStorageSecureCopyCert("Advanced", ManagementServer.class, String.class, "secstorage.ssl.cert.domain", "realhostip.com", "SSL certificate used to encrypt copy traffic between zones", null),
+ SecStorageSecureCopyCert("Advanced", ManagementServer.class, String.class, "secstorage.ssl.cert.domain", "", "SSL certificate used to encrypt copy traffic between zones", null),
SecStorageCapacityStandby("Advanced", AgentManager.class, Integer.class, "secstorage.capacity.standby", "10", "The minimal number of command execution sessions that system is able to serve immediately(standby capacity)", null),
SecStorageSessionMax("Advanced", AgentManager.class, Integer.class, "secstorage.session.max", "50", "The max number of command execution sessions that a SSVM can handle", null),
SecStorageCmdExecutionTimeMax("Advanced", AgentManager.class, Integer.class, "secstorage.cmd.execution.time.max", "30", "The max command execution time in minute", null),
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index c8769d4..fa5d682 100755
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -249,6 +249,7 @@ VirtualMachineGuru, SystemVmLoadScanHandler<Long>, ResourceStateAdapter {
private int _proxySessionTimeoutValue = DEFAULT_PROXY_SESSION_TIMEOUT;
private boolean _sslEnabled = true;
+ private String _consoleProxyUrlDomain;
// global load picture at zone basis
private SystemVmLoadScanner<Long> _loadScanner;
@@ -402,9 +403,9 @@ VirtualMachineGuru, SystemVmLoadScanHandler<Long>, ResourceStateAdapter {
assert (ksVo != null);
if (_staticPublicIp == null) {
- return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), ksVo.getDomainSuffix());
+ return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), _consoleProxyUrlDomain);
} else {
- return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, ksVo.getDomainSuffix());
+ return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, _consoleProxyUrlDomain);
}
}
@@ -1220,7 +1221,11 @@ VirtualMachineGuru, SystemVmLoadScanHandler<Long>, ResourceStateAdapter {
if (value != null && value.equalsIgnoreCase("true")) {
_sslEnabled = true;
}
-
+ _consoleProxyUrlDomain = configs.get(Config.ConsoleProxyUrlDomain.key());
+ if( _sslEnabled && (_consoleProxyUrlDomain == null || _consoleProxyUrlDomain.isEmpty())) {
+ s_logger.warn("Empty console proxy domain, explicitly disabling SSL");
+ _sslEnabled = false;
+ }
value = configs.get(Config.ConsoleProxyCapacityScanInterval.key());
_capacityScanInterval = NumbersUtil.parseLong(value, DEFAULT_CAPACITY_SCAN_INTERVAL);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java b/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
index 611550e..88b3908 100755
--- a/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
+++ b/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java
@@ -812,6 +812,13 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
_useSSlCopy = true;
}
+ //default to HTTP in case of missing domain
+ String ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
+ if(_useSSlCopy && (ssvmUrlDomain == null || ssvmUrlDomain.isEmpty())){
+ s_logger.warn("Empty secondary storage url domain, explicitly disabling SSL");
+ _useSSlCopy = false;
+ }
+
_allowedInternalSites = _configDao.getValue("secstorage.allowed.internal.sites");
String value = configs.get("secstorage.capacityscan.interval");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index 3811a5a..6a8ec49 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -110,6 +110,10 @@ CREATE TABLE `cloud`.`async_job_join_map` (
INDEX `i_async_job_join_map__expiration`(`expiration`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+#realhostip changes, before changing table and adding default value
+UPDATE `cloud`.`configuration` SET value = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="consoleproxy.url.domain") AS `temptable` WHERE `temptable`.`name`="consoleproxy.url.domain")) WHERE `name`="consoleproxy.url.domain";
+UPDATE `cloud`.`configuration` SET `value` = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="secstorage.ssl.cert.domain") AS `temptable` WHERE `temptable`.`name`="secstorage.ssl.cert.domain")) WHERE `name`="secstorage.ssl.cert.domain";
+
ALTER TABLE `cloud`.`configuration` ADD COLUMN `default_value` VARCHAR(4095) COMMENT 'Default value for a configuration parameter';
ALTER TABLE `cloud`.`configuration` ADD COLUMN `updated` datetime COMMENT 'Time this was updated by the server. null means this row is obsolete.';
ALTER TABLE `cloud`.`configuration` ADD COLUMN `scope` VARCHAR(255) DEFAULT NULL COMMENT 'Can this parameter be scoped';
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/2fe7aeea/systemvm/conf/consoleproxy.properties
----------------------------------------------------------------------
diff --git a/systemvm/conf/consoleproxy.properties b/systemvm/conf/consoleproxy.properties
index bb452f5..a3cddbc 100644
--- a/systemvm/conf/consoleproxy.properties
+++ b/systemvm/conf/consoleproxy.properties
@@ -16,7 +16,7 @@
# under the License.
consoleproxy.tcpListenPort=0
-consoleproxy.httpListenPort=8088
+consoleproxy.httpListenPort=80
consoleproxy.httpCmdListenPort=8001
consoleproxy.jarDir=./applet/
consoleproxy.viewerLinger=180