summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHaibin Huang <haibin.huang@intel.com>2019-04-01 09:43:16 +0800
committerHaibin Huang <haibin.huang@intel.com>2019-04-01 09:53:27 +0800
commit4caaeebda638befff570568313aa58135b6f91f3 (patch)
tree1ae2caf534f3d764fdb08f45688af7fb101f0eb5
parent31a6b223d123ff9fb26a6d0fa43ad327440cd5ca (diff)
Add https support for multicloud pike plugin
The https endpoint can be enabled by setting env: SSL_ENABLED=true Change-Id: Iae636bda8fa8ae9c77907e7171e1d93cb54795bc Issue-ID: MULTICLOUD-535 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
-rw-r--r--pike/docker/Dockerfile6
-rw-r--r--pike/pub/ssl/cert/cert.crt21
-rw-r--r--pike/pub/ssl/cert/cert.key27
-rwxr-xr-xpike/run.sh20
4 files changed, 71 insertions, 3 deletions
diff --git a/pike/docker/Dockerfile b/pike/docker/Dockerfile
index 4e861b79..441ff568 100644
--- a/pike/docker/Dockerfile
+++ b/pike/docker/Dockerfile
@@ -34,13 +34,15 @@ EXPOSE 9007
RUN groupadd -r onap && useradd -r -g onap onap
RUN apt-get update && \
- apt-get install -y memcached wget unzip gcc && \
+ apt-get install -y memcached wget unzip gcc libssl-dev && \
cd /opt/ && \
wget -O /opt/multicloud-openstack-pike.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.openstack&a=multicloud-openstack-pike&e=zip&v=1.3.0-SNAPSHOT" && \
unzip -q -o -B /opt/multicloud-openstack-pike.zip -d /opt/ && \
rm -f /opt/multicloud-openstack-pike.zip && \
pip install -r /opt/pike/requirements.txt && \
- apt-get --purge remove -y wget unzip gcc && \
+ apt-get --purge remove -y wget unzip gcc libssl-dev && \
+ mkdir -p /var/log/onap/multicloud/openstack/pike && \
+ chown onap:onap /var/log/onap -R && \
apt-get -y autoremove && \
chown onap:onap /opt/pike -R
diff --git a/pike/pub/ssl/cert/cert.crt b/pike/pub/ssl/cert/cert.crt
new file mode 100644
index 00000000..e82e66bb
--- /dev/null
+++ b/pike/pub/ssl/cert/cert.crt
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDgzCCAmsCCQD9YEV2Kl0P0zANBgkqhkiG9w0BAQsFADCBijELMAkGA1UEBhMC
+Q04xETAPBgNVBAgMCHNpY2h1YW5nMRAwDgYDVQQHDAdjaGVuZ2R1MQwwCgYDVQQK
+DAN6dGUxDjAMBgNVBAsMBXplbmFwMTgwNgYDVQQDDC9aVEUgT3BlblBhbGV0dGUg
+Um9vdCBDZXJ0aWZpY2F0ZSBBdXRob3JpdHkgMjAxNzAeFw0xNzAzMTcwMjA4MTRa
+Fw0yNzAzMTUwMjA4MTRaMHwxCzAJBgNVBAYTAkNOMREwDwYDVQQIDAhzaWNodWFu
+ZzEQMA4GA1UEBwwHY2hlbmdkdTEMMAoGA1UECgwDenRlMQ4wDAYDVQQLDAV6ZW5h
+cDEVMBMGA1UEAwwMKi56dGUuY29tLmNuMRMwEQYJKoZIhvcNAQkBFgRudWxsMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrViVMgvwA9yYBJvGsPtD0GF
+Yv0fCL4Uo7gewitKImP8D8UtV7eRXZrEDtvnB2/jg/SpCeHelzR2OWdnjsWCWLeW
+ERnff6Pm+tccKMQUqJllV477L+n45xlUw2Iv4w8k1M2AyQ+hqWOz9Tp+fp8XICAw
+wiqqKDEclo2/Psgf5SmptZbNmjv4moKUGLy3lkgOTXz/dw9BZcid77cyhhQt0RrI
+BLz/jBigkA0fWSeZIb4nTt/24JeeKLPjMUWeAwYebiS4pckICXkTpLl8/Owsqq3B
+tuf2Qk3Jag0UO5zvNbl09+o9VyQcdDwPHSrbXXVSCvOsFkxbVEqZzAH7VheKnwID
+AQABMA0GCSqGSIb3DQEBCwUAA4IBAQA7lw0gXfP+kfcU9cKkNmg5CtoKV2T7Xpnt
+jw1Tn0YuzxR3xQmFsfcXGCD5S540uQiwINZgk+NE2qzTJylShPnjUW6DvHnzdayy
+oKJmlKasZ8NCpv9lHAu+eggAMCbV1MH1mZVJqiED0gaenQAFGRAjyL7507CW9iCX
+jBEEWOITpBQXQAC8TsOTQB1cHqIHFOi0rmSoDKlnGXjmofD1u3r5PChLaz4PkvGu
+6CSYkOojbNYUcL4ghbFgY+dsDReN9v7nF8TQa2Vgx5cBYqqYHlBXfT1p9PP581Q8
+nWiSumRfQCwZzXdr7iUEKM3521GYKHLXfbs/aRtWAnd1ziHBpCuf
+-----END CERTIFICATE-----
diff --git a/pike/pub/ssl/cert/cert.key b/pike/pub/ssl/cert/cert.key
new file mode 100644
index 00000000..5ad935fe
--- /dev/null
+++ b/pike/pub/ssl/cert/cert.key
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAxrViVMgvwA9yYBJvGsPtD0GFYv0fCL4Uo7gewitKImP8D8Ut
+V7eRXZrEDtvnB2/jg/SpCeHelzR2OWdnjsWCWLeWERnff6Pm+tccKMQUqJllV477
+L+n45xlUw2Iv4w8k1M2AyQ+hqWOz9Tp+fp8XICAwwiqqKDEclo2/Psgf5SmptZbN
+mjv4moKUGLy3lkgOTXz/dw9BZcid77cyhhQt0RrIBLz/jBigkA0fWSeZIb4nTt/2
+4JeeKLPjMUWeAwYebiS4pckICXkTpLl8/Owsqq3Btuf2Qk3Jag0UO5zvNbl09+o9
+VyQcdDwPHSrbXXVSCvOsFkxbVEqZzAH7VheKnwIDAQABAoIBAAFcgsTz7ifRs0Xn
+Om2jg/9Dwqcv9sN3keqhO0y3QTXFG5f8ENh2AH/0rH0xkn6hjJx9056mtoCwslKo
+W7RFtCPpdhS96aMVO2LikGXTGhUhn+keqKfmYXcr3EHObWeP1f/DPKuj+MaRUU1P
+zkgNzPnCXrMl2a6Wz4xUgkfq1RUb1dv9C2cKGqHWYmUVx+mtATfTk4zXM/d47PRG
+gpkJP40fwfUBo0dTuPdU4NxkG4LlcaJQv23bNAqyaz1Jo9E5yu4jKeTOns0bfJCd
+Qvg9C91B3i3kcw1lBhk7qiS4vsdCLUrGRisIsveYC6rLgC3b+DNsRFZtxy0GetzN
+1IYe8oECgYEA+FZyUqrdM8KwdQLiEoKsTSQMKt3gZh608cYKtvwkWSiWe9zoPx0H
+KosyejrDd850XKqY3xOCf888H5benivrX9MmOtCxs5A/sVoooinJ7xTA7SaR3Qx6
+VpUZh6FewaG2QuWYSUmUEIbcSRhFX+qtWAtcG+HNzxU5x/cDjf/m3V8CgYEAzNbu
+F64VZ/Dl8caAj7huM9wEST4ZTOx7xJCbcz7DmAJs3/XjacpK4S1sfsPBHwrnbCIQ
+gO+AXbGUTuNze6QDR3uU/rRMk+qFZsuFHmNfwkJD0LWbsGP3FlHzVaW1oC1o8IgF
+A9d5PV0eDoUV9dOfdhGR/48VS1xXA0YPWETRGsECgYAxzHQEa8sL1CC6dieLerS+
+i1n9Rpz3HXU/fm0roIhRcLgsgnH4JgQH3f3zUNFdtwLSiks5gJoMsyvlUcW2hiwe
+/SKPbMYVsflzwRag3ixmSw0dAT0CzLvDnQaPkiaEQb9gztWo7J5KaiDGb52JzG+S
+VkTUOoWg3yrFFJ2b3hMXlQKBgQCWVT9UPb0UFaaM9OQxlme6w8SZhGvJGt4S+xY7
+VFr0WwNQswN+BqtB67Zuqng3sib6I139YsjQ+p0f8Ko2mb6WXcqRy/1PqZTSRpei
+H8iNp1hh+ocSw6r5xJdTylQsBGe57/nOQfuG36pJeb8ONYwYePivmHFGZ7SsgGSO
+oaLdgQKBgQDerPjMGy0QxLXj/GncsfiK+ailuYsk9xAP6qIK780Nbl4m0UcjPVbf
+vlgjL28HwtPYbWJCMp9rWKFfvavgxYALpgoEBC86UXfq7FHy8daBO69Juv/3smac
+XtZPL1ejc2upq+XVwvOchfNSrxeyna3IhH+R6AugHWBu50ljImPJ7g==
+-----END RSA PRIVATE KEY-----
diff --git a/pike/run.sh b/pike/run.sh
index e3df3b3c..043ff4c0 100755
--- a/pike/run.sh
+++ b/pike/run.sh
@@ -15,4 +15,22 @@
memcached -d -m 2048 -u root -c 1024 -p 11211 -P /tmp/memcached1.pid
export PYTHONPATH=lib/share
-uwsgi --http :9007 --module pike.wsgi --master --processes 4
+
+#nohup python manage.py runserver 0.0.0.0:9007 2>&1 &
+
+if [ ${SSL_ENABLED} = "true" ]; then
+ nohup uwsgi --https :9007,pike/pub/ssl/cert/cert.crt,pike/pub/ssl/cert/cert.key --module pike.wsgi --master --processes 4 &
+
+else
+ nohup uwsgi --http :9007 --module pike.wsgi --master --processes 4 &
+fi
+
+logDir="/var/log/onap/multicloud/openstack/pike"
+if [ ! -x $logDir ]; then
+ mkdir -p $logDir
+fi
+while [ ! -f $logDir/pike.log ]; do
+ sleep 1
+done
+
+tail -F $logDir/pike.log