You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@stratos.apache.org by re...@apache.org on 2015/10/05 08:21:55 UTC
[2/3] stratos git commit: fixing nginx template with SSL keys and
certs
fixing nginx template with SSL keys and certs
Project: http://git-wip-us.apache.org/repos/asf/stratos/repo
Commit: http://git-wip-us.apache.org/repos/asf/stratos/commit/6911c914
Tree: http://git-wip-us.apache.org/repos/asf/stratos/tree/6911c914
Diff: http://git-wip-us.apache.org/repos/asf/stratos/diff/6911c914
Branch: refs/heads/stratos-4.1.x
Commit: 6911c914fc03333e3d2ce0ee2612d1d63119b4a0
Parents: 9051bdd
Author: reka <rt...@gmail.com>
Authored: Mon Oct 5 11:50:24 2015 +0530
Committer: reka <rt...@gmail.com>
Committed: Mon Oct 5 11:50:24 2015 +0530
----------------------------------------------------------------------
.../nginx/extension/NginxConfigWriter.java | 125 ++-----------------
.../src/main/templates/nginx.cfg.template | 7 +-
2 files changed, 13 insertions(+), 119 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/stratos/blob/6911c914/extensions/load-balancer/modules/nginx-extension/src/main/java/org/apache/stratos/nginx/extension/NginxConfigWriter.java
----------------------------------------------------------------------
diff --git a/extensions/load-balancer/modules/nginx-extension/src/main/java/org/apache/stratos/nginx/extension/NginxConfigWriter.java b/extensions/load-balancer/modules/nginx-extension/src/main/java/org/apache/stratos/nginx/extension/NginxConfigWriter.java
index 8617d13..1ffd434 100644
--- a/extensions/load-balancer/modules/nginx-extension/src/main/java/org/apache/stratos/nginx/extension/NginxConfigWriter.java
+++ b/extensions/load-balancer/modules/nginx-extension/src/main/java/org/apache/stratos/nginx/extension/NginxConfigWriter.java
@@ -31,7 +31,6 @@ import java.io.BufferedWriter;
import java.io.FileWriter;
import java.io.IOException;
import java.io.StringWriter;
-import java.lang.reflect.Array;
import java.util.*;
/**
@@ -121,7 +120,7 @@ public class NginxConfigWriter {
for (Service service : topology.getServices()) {
for (Cluster cluster : service.getClusters()) {
Map<String, List> existingHostNameToServerMap = hostnameToPortMap.
- get(String.valueOf(availPort.getProxy()));
+ get(String.valueOf(availPort.getProxy()));
if(existingHostNameToServerMap == null) {
existingHostNameToServerMap = new HashMap<String, List>();
}
@@ -213,127 +212,19 @@ public class NginxConfigWriter {
List<String> serverList = new ArrayList<String>();
existingHostNameToServerMap.put(hostname, serverList);
}
- // Start upstream server block
- existingHostNameToServerMap.get(hostname).add(member.getHostName() + ":" +
- selectedPort.getValue());
+ // Adding member to hostname map against specific port
+ // that should contain this particular member
+ List<String> ipPortMapping = existingHostNameToServerMap.get(hostname);
+ String server = member.getHostName() + ":" + selectedPort.getValue();
- }
- }
- }
- }
- }
-
- /**
- * Generate configuration for a cluster with the following format:
- * <p/>
- * <transport> {
- * upstream <cluster-hostname> {
- * server <hostname>:<port>;
- * server <hostname>:<port>;
- * }
- * server {
- * listen <proxy-port>;
- * server_name <cluster-hostname>;
- * location / {
- * proxy_pass http://<cluster-hostname>
- * }
- * location /nginx_status {
- * stub_status on;
- * access_log off;
- * allow 127.0.0.1;
- * deny all;
- * }
- * }
- * }
- *
- * @param cluster
- * @param availPort
- * @param text
- */
- private void generateConfigurationForCluster(Cluster cluster, Port availPort, StringBuilder text) {
-
- for (String hostname : cluster.getHostNames()) {
- boolean memberFound = false;
- //Checking whether at-least one member is available to create
- // the upstream and server blocks
- for (Member member : cluster.getMembers()) {
- Collection<Port> ports = member.getPorts();
- for (Port port : ports) {
- if ((port.getProtocol().equals(availPort.getProtocol())) &&
- (port.getProxy() == availPort.getProxy())) {
- memberFound = true;
- break;
- }
- }
- if(memberFound) {
- break;
- }
- }
- if(memberFound) {
- // Start upstream block
- text.append(TAB).append("upstream ").append(hostname).append(" {").append(NEW_LINE);
- for (Member member : cluster.getMembers()) {
- Port selectedPort = null;
- Collection<Port> ports = member.getPorts();
- for (Port port : ports) {
- if ((port.getProtocol().equals(availPort.getProtocol())) &&
- (port.getProxy() == availPort.getProxy())) {
- selectedPort = port;
- break;
+ if(!ipPortMapping.contains(server)) {
+ ipPortMapping.add(server);
}
- }
- if (selectedPort != null) {
- if (log.isDebugEnabled()) {
- log.debug("The selected Port for cluster: " + cluster.getClusterId()
- + " is " + selectedPort.getValue() + " " +
- selectedPort.getProtocol() + " " + selectedPort.getProxy());
- }
- // Start upstream server block
- text.append(TAB).append(TAB).append("server ").append(member.getHostName()).append(":")
- .append(selectedPort.getValue()).append(";").append(NEW_LINE);
- // End upstream server block
}
}
- text.append(TAB).append("}").append(NEW_LINE);
- // End upstream block
-
- // Start server block
- text.append(NEW_LINE);
- text.append(TAB).append("server {").append(NEW_LINE);
- if (availPort.getProtocol().equals("https")) {
- text.append(TAB).append(TAB).append("listen ").append(availPort.getProxy()).append(" ssl;").append(NEW_LINE);
- } else {
- text.append(TAB).append(TAB).append("listen ").append(availPort.getProxy()).append(";").append(NEW_LINE);
- }
- text.append(TAB).append(TAB).append("server_name ").append(hostname).append(";").append(NEW_LINE);
-
- text.append(TAB).append(TAB).append("location / {").append(NEW_LINE);
- if (availPort.getProtocol().equals("https")) {
- text.append(TAB).append(TAB).append(TAB).append("proxy_pass").append(TAB)
- .append("https://").append(hostname).append(";").append(NEW_LINE);
- } else {
- text.append(TAB).append(TAB).append(TAB).append("proxy_pass").append(TAB)
- .append("http://").append(hostname).append(";").append(NEW_LINE);
- }
- text.append(TAB).append(TAB).append("}").append(NEW_LINE);
-
- text.append(TAB).append(TAB).append("location /nginx_status {").append(NEW_LINE);
- text.append(TAB).append(TAB).append(TAB).append("stub_status on;").append(NEW_LINE);
- text.append(TAB).append(TAB).append(TAB).append("access_log off;").append(NEW_LINE);
- text.append(TAB).append(TAB).append(TAB).append("allow 127.0.0.1;").append(NEW_LINE);
- text.append(TAB).append(TAB).append(TAB).append("deny all;").append(NEW_LINE);
- text.append(TAB).append(TAB).append("}").append(NEW_LINE);
-
- if (availPort.getProtocol().equals("https")) {
- text.append(TAB).append(TAB).append("ssl on;").append(NEW_LINE);
- text.append(TAB).append(TAB).append("ssl_certificate ").append(System.getProperty("nginx.cert.path")).append(";").append(NEW_LINE);
- text.append(TAB).append(TAB).append("ssl_certificate_key ").append(System.getProperty("nginx.key.path")).append(";").append(NEW_LINE);
- }
-
- text.append(TAB).append("}").append(NEW_LINE);
- // End server block
}
}
}
+
}
http://git-wip-us.apache.org/repos/asf/stratos/blob/6911c914/extensions/load-balancer/modules/nginx-extension/src/main/templates/nginx.cfg.template
----------------------------------------------------------------------
diff --git a/extensions/load-balancer/modules/nginx-extension/src/main/templates/nginx.cfg.template b/extensions/load-balancer/modules/nginx-extension/src/main/templates/nginx.cfg.template
index 3d4bbd7..a26467e 100644
--- a/extensions/load-balancer/modules/nginx-extension/src/main/templates/nginx.cfg.template
+++ b/extensions/load-balancer/modules/nginx-extension/src/main/templates/nginx.cfg.template
@@ -32,7 +32,11 @@ http {
proxy_set_header Host $http_host;
proxy_read_timeout 5m;
proxy_send_timeout 5m;
+ #if ($port.protocol == "https")
+ proxy_pass https://$hostname;
+ #else
proxy_pass http://$hostname;
+ #end
}
location /nginx_status {
stub_status on;
@@ -44,9 +48,8 @@ http {
ssl on;
ssl_certificate /etc/nginx/ssl/server.cert;
ssl_certificate_key /etc/nginx/ssl/server.key;
-
#end
+ }
#end
}
#end
-