You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by jl...@apache.org on 2014/03/09 22:08:11 UTC
git commit: updated refs/heads/master to 09c3753
Repository: cloudstack
Updated Branches:
refs/heads/master cb26b4c33 -> 09c375379
CLOUDSTACK-6204: removing realhostip dependency
Moving default transport for console proxy, SSVM to http.
See
https://cwiki.apache.org/confluence/display/CLOUDSTACK/Realhost+IP+changes
for more info.
jlk ported Amogh's patch for 4.3 to master - code base is different
enough that patch has multiple issues.
Author: Amogh Vasekar <Amogh Vasekar <am...@citrix.com>
Signed-off-by: John Kinsella <jl...@stratosec.co> 1394398017 -0700
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/09c37537
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/09c37537
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/09c37537
Branch: refs/heads/master
Commit: 09c375379ddae2d85ce9549bb6a58860c53bfecd
Parents: cb26b4c
Author: John Kinsella <jl...@stratosec.co>
Authored: Sun Mar 9 13:46:57 2014 -0700
Committer: John Kinsella <jl...@stratosec.co>
Committed: Sun Mar 9 13:46:57 2014 -0700
----------------------------------------------------------------------
core/src/com/cloud/info/ConsoleProxyInfo.java | 19 ++++++++++---------
.../storage/image/TemplateServiceImpl.java | 13 +++++++++++--
.../driver/CloudStackImageStoreDriverImpl.java | 12 ++++++++----
server/src/com/cloud/configuration/Config.java | 4 ++--
.../consoleproxy/ConsoleProxyManagerImpl.java | 11 +++++++++--
.../SecondaryStorageManagerImpl.java | 7 +++++++
setup/db/db/schema-421to430.sql | 4 ++++
systemvm/conf/consoleproxy.properties | 2 +-
8 files changed, 52 insertions(+), 20 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/core/src/com/cloud/info/ConsoleProxyInfo.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/info/ConsoleProxyInfo.java b/core/src/com/cloud/info/ConsoleProxyInfo.java
index 9a94474..0e57b75 100644
--- a/core/src/com/cloud/info/ConsoleProxyInfo.java
+++ b/core/src/com/cloud/info/ConsoleProxyInfo.java
@@ -32,16 +32,17 @@ public class ConsoleProxyInfo {
this.sslEnabled = sslEnabled;
if (sslEnabled) {
- StringBuffer sb = new StringBuffer(proxyIpAddress);
- for (int i = 0; i < sb.length(); i++)
- if (sb.charAt(i) == '.')
- sb.setCharAt(i, '-');
- if (consoleProxyUrlDomain != null && consoleProxyUrlDomain.length() > 0) {
- sb.append(".");
+ StringBuffer sb = new StringBuffer();
+ if (consoleProxyUrlDomain.startsWith("*")) {
+ sb.append(proxyIpAddress);
+ for (int i = 0; i < proxyIpAddress.length(); i++)
+ if (sb.charAt(i) == '.')
+ sb.setCharAt(i, '-');
+ sb.append(consoleProxyUrlDomain.substring(1));//skip the *
+ } else {
+ //LB address
sb.append(consoleProxyUrlDomain);
- } else
- sb.append(".realhostip.com");
-
+ }
proxyAddress = sb.toString();
proxyPort = port;
this.proxyUrlPort = proxyUrlPort;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
----------------------------------------------------------------------
diff --git a/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java b/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
index 166b523..4e6ab6b 100644
--- a/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
+++ b/engine/storage/image/src/org/apache/cloudstack/storage/image/TemplateServiceImpl.java
@@ -777,12 +777,21 @@ public class TemplateServiceImpl implements TemplateService {
String scheme = "http";
boolean _sslCopy = false;
String sslCfg = _configDao.getValue(Config.SecStorageEncryptCopy.toString());
+ String _ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
if (sslCfg != null) {
_sslCopy = Boolean.parseBoolean(sslCfg);
}
+ if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
+ s_logger.warn("Empty secondary storage url domain, ignoring SSL");
+ _sslCopy = false;
+ }
if (_sslCopy) {
- hostname = ipAddress.replace(".", "-");
- hostname = hostname + ".realhostip.com";
+ if(_ssvmUrlDomain.startsWith("*")) {
+ hostname = ipAddress.replace(".", "-");
+ hostname = hostname + _ssvmUrlDomain.substring(1);
+ } else {
+ hostname = _ssvmUrlDomain;
+ }
scheme = "https";
}
return scheme + "://" + hostname + "/copy/SecStorage/" + dir + "/" + path;
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
----------------------------------------------------------------------
diff --git a/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java b/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
index d6e1a01..c2e26d5 100644
--- a/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
+++ b/plugins/storage/image/default/src/org/apache/cloudstack/storage/datastore/driver/CloudStackImageStoreDriverImpl.java
@@ -93,12 +93,16 @@ public class CloudStackImageStoreDriverImpl extends BaseImageStoreDriverImpl {
if (sslCfg != null) {
_sslCopy = Boolean.parseBoolean(sslCfg);
}
+ if(_sslCopy && (_ssvmUrlDomain == null || _ssvmUrlDomain.isEmpty())){
+ s_logger.warn("Empty secondary storage url domain, ignoring SSL");
+ _sslCopy = false;
+ }
if (_sslCopy) {
- hostname = ipAddress.replace(".", "-");
- if (_ssvmUrlDomain != null && _ssvmUrlDomain.length() > 0) {
- hostname = hostname + "." + _ssvmUrlDomain;
+ if(_ssvmUrlDomain.startsWith("*")) {
+ hostname = ipAddress.replace(".", "-");
+ hostname = hostname + _ssvmUrlDomain.substring(1);
} else {
- hostname = hostname + ".realhostip.com";
+ hostname = _ssvmUrlDomain;
}
scheme = "https";
}
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/server/src/com/cloud/configuration/Config.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/configuration/Config.java b/server/src/com/cloud/configuration/Config.java
index 98e5d34..f2fe68a 100755
--- a/server/src/com/cloud/configuration/Config.java
+++ b/server/src/com/cloud/configuration/Config.java
@@ -439,7 +439,7 @@ public enum Config {
"Console proxy command port that is used to communicate with management server",
null),
ConsoleProxyRestart("Console Proxy", AgentManager.class, Boolean.class, "consoleproxy.restart", "true", "Console proxy restart flag, defaulted to true", null),
- ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "realhostip.com", "Console proxy url domain", null),
+ ConsoleProxyUrlDomain("Console Proxy", AgentManager.class, String.class, "consoleproxy.url.domain", "", "Console proxy url domain", null),
ConsoleProxyLoadscanInterval(
"Console Proxy",
AgentManager.class,
@@ -782,7 +782,7 @@ public enum Config {
ManagementServer.class,
String.class,
"secstorage.ssl.cert.domain",
- "realhostip.com",
+ "",
"SSL certificate used to encrypt copy traffic between zones",
null),
SecStorageCapacityStandby(
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
----------------------------------------------------------------------
diff --git a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index 3e4c57e..0512096 100755
--- a/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -233,6 +233,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
private int _proxySessionTimeoutValue = DEFAULT_PROXY_SESSION_TIMEOUT;
private boolean _sslEnabled = true;
+ private String _consoleProxyUrlDomain;
// global load picture at zone basis
private SystemVmLoadScanner<Long> _loadScanner;
@@ -384,9 +385,9 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
assert (ksVo != null);
if (_staticPublicIp == null) {
- return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), ksVo.getDomainSuffix());
+ return new ConsoleProxyInfo(proxy.isSslEnabled(), proxy.getPublicIpAddress(), _consoleProxyPort, proxy.getPort(), _consoleProxyUrlDomain);
} else {
- return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, ksVo.getDomainSuffix());
+ return new ConsoleProxyInfo(proxy.isSslEnabled(), _staticPublicIp, _consoleProxyPort, _staticPort, _consoleProxyUrlDomain);
}
}
@@ -1191,6 +1192,12 @@ public class ConsoleProxyManagerImpl extends ManagerBase implements ConsoleProxy
_sslEnabled = true;
}
+ _consoleProxyUrlDomain = configs.get(Config.ConsoleProxyUrlDomain.key());
+ if( _sslEnabled && (_consoleProxyUrlDomain == null || _consoleProxyUrlDomain.isEmpty())) {
+ s_logger.warn("Empty console proxy domain, explicitly disabling SSL");
+ _sslEnabled = false;
+ }
+
value = configs.get(Config.ConsoleProxyCapacityScanInterval.key());
_capacityScanInterval = NumbersUtil.parseLong(value, DEFAULT_CAPACITY_SCAN_INTERVAL);
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
----------------------------------------------------------------------
diff --git a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
index dd0c267..f8edefa 100755
--- a/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
+++ b/services/secondary-storage/controller/src/org/apache/cloudstack/secondarystorage/SecondaryStorageManagerImpl.java
@@ -807,6 +807,13 @@ public class SecondaryStorageManagerImpl extends ManagerBase implements Secondar
_useSSlCopy = true;
}
+ //default to HTTP in case of missing domain
+ String ssvmUrlDomain = _configDao.getValue("secstorage.ssl.cert.domain");
+ if(_useSSlCopy && (ssvmUrlDomain == null || ssvmUrlDomain.isEmpty())){
+ s_logger.warn("Empty secondary storage url domain, explicitly disabling SSL");
+ _useSSlCopy = false;
+ }
+
_allowedInternalSites = _configDao.getValue("secstorage.allowed.internal.sites");
String value = configs.get("secstorage.capacityscan.interval");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/setup/db/db/schema-421to430.sql
----------------------------------------------------------------------
diff --git a/setup/db/db/schema-421to430.sql b/setup/db/db/schema-421to430.sql
index b49fd96..3f2ad02 100644
--- a/setup/db/db/schema-421to430.sql
+++ b/setup/db/db/schema-421to430.sql
@@ -110,6 +110,10 @@ CREATE TABLE `cloud`.`async_job_join_map` (
INDEX `i_async_job_join_map__expiration`(`expiration`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
+#realhostip changes, before changing table and adding default value
+UPDATE `cloud`.`configuration` SET value = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="consoleproxy.url.domain") AS `temptable` WHERE `temptable`.`name`="consoleproxy.url.domain")) WHERE `name`="consoleproxy.url.domain";
+UPDATE `cloud`.`configuration` SET `value` = CONCAT("*.",(SELECT `temptable`.`value` FROM (SELECT * FROM `cloud`.`configuration` WHERE `name`="secstorage.ssl.cert.domain") AS `temptable` WHERE `temptable`.`name`="secstorage.ssl.cert.domain")) WHERE `name`="secstorage.ssl.cert.domain";
+
ALTER TABLE `cloud`.`configuration` ADD COLUMN `default_value` VARCHAR(4095) COMMENT 'Default value for a configuration parameter';
ALTER TABLE `cloud`.`configuration` ADD COLUMN `updated` datetime COMMENT 'Time this was updated by the server. null means this row is obsolete.';
ALTER TABLE `cloud`.`configuration` ADD COLUMN `scope` VARCHAR(255) DEFAULT NULL COMMENT 'Can this parameter be scoped';
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/09c37537/systemvm/conf/consoleproxy.properties
----------------------------------------------------------------------
diff --git a/systemvm/conf/consoleproxy.properties b/systemvm/conf/consoleproxy.properties
index bb452f5..a3cddbc 100644
--- a/systemvm/conf/consoleproxy.properties
+++ b/systemvm/conf/consoleproxy.properties
@@ -16,7 +16,7 @@
# under the License.
consoleproxy.tcpListenPort=0
-consoleproxy.httpListenPort=8088
+consoleproxy.httpListenPort=80
consoleproxy.httpCmdListenPort=8001
consoleproxy.jarDir=./applet/
consoleproxy.viewerLinger=180