summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAreli, Fuss (af732p) <af732p@att.com>2018-04-09 18:27:46 +0300
committerMichael Lando <ml636r@att.com>2018-04-11 08:42:06 +0000
commit204f26d848150fceb55ec587eed57ad92afe20e4 (patch)
treed4a0c8965fe8610e185ee810a29aaf5f38d5818e
parent9d525f580b866778dc3417a06d98b96c70857efe (diff)
Add support of http and https
Add support of http and https Change-Id: I8c79155037ddaa5f904ecd85de797675a6be9436 Issue-ID: SDC-1180 Signed-off-by: Areli, Fuss (af732p) <af732p@att.com>
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb56
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb19
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/http-ini.erb (renamed from catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb)4
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb29
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb10
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb9
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb34
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb13
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb29
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb29
-rw-r--r--catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb8
11 files changed, 186 insertions, 54 deletions
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
index ece1066f55..afd26b3348 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb
@@ -1,17 +1,55 @@
+#Set the http module option
+if node['disableHttp']
+ http_option = "#--module=http"
+else
+ http_option = "--module=http"
+end
+
+
bash "create-jetty-modules" do
cwd "#{ENV['JETTY_BASE']}"
code <<-EOH
- cd "#{ENV['JETTY_BASE']}"
- java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy
- java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,logging,setuid
+ cd "#{ENV['JETTY_BASE']}"
+ java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy
+ java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,logging,setuid
EOH
end
+
+template "http-ini" do
+ path "#{ENV['JETTY_BASE']}/start.d/http.ini"
+ source "http-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables ({
+ :http_option => http_option ,
+ :http_port => "#{node['BE'][:http_port]}"
+ })
+
+end
+
+
+template "https-ini" do
+ path "#{ENV['JETTY_BASE']}/start.d/https.ini"
+ source "https-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables :https_port => "#{node['BE'][:https_port]}"
+end
+
+
template "ssl-ini" do
- path "#{ENV['JETTY_BASE']}/start.d/ssl.ini"
- source "ssl-ini.erb"
- owner "jetty"
- group "jetty"
- mode "0755"
- variables :BE_https_port => "#{node['BE'][:https_port]}"
+ path "#{ENV['JETTY_BASE']}/start.d/ssl.ini"
+ source "ssl-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables ({
+ :https_port => "#{node['BE'][:https_port]}" ,
+ :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
+ :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
+ :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
+ })
end
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb
index 29715177be..28f611267c 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb
@@ -1,14 +1,13 @@
clusterName = node['elasticsearch'][:cluster_name]+node.chef_environment
template "elasticsearch.yml-config" do
- path "#{ENV['JETTY_BASE']}/config/elasticsearch.yml"
- source "BE-elasticsearch.yml.erb"
- owner "jetty"
- group "jetty"
- mode "0755"
- variables({
- :cluster_name => "#{clusterName}",
- :es_host_ip => node['Nodes']['ES']
- })
+ path "#{ENV['JETTY_BASE']}/config/elasticsearch.yml"
+ source "BE-elasticsearch.yml.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables ({
+ :cluster_name => "#{clusterName}",
+ :es_host_ip => node['Nodes']['ES']
+ })
end
-
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/http-ini.erb
index 233a6b8852..8f2669032b 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/http-ini.erb
@@ -1,6 +1,6 @@
# ---------------------------------------
# Module: http
---module=http
+<%= @http_option %>
### HTTP Connector Configuration
@@ -8,7 +8,7 @@
# jetty.http.host=0.0.0.0
## Connector port to listen on
-jetty.http.port=<%= @FE_http_port %>
+jetty.http.port=<%= @http_port %>
## Connector idle timeout in milliseconds
jetty.http.idleTimeout=30000
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb
new file mode 100644
index 0000000000..9999a4109b
--- /dev/null
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb
@@ -0,0 +1,29 @@
+# ---------------------------------------
+# Module: https
+--module=https
+
+### HTTPS Connector Configuration
+
+## Connector host/address to bind to
+# jetty.https.host=0.0.0.0
+
+## Connector port to listen on
+jetty.https.port=<%= @https_port %>
+
+## Connector idle timeout in milliseconds
+jetty.https.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.https.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.https.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.https.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.https.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.https.acceptorPriorityDelta=0
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
index adfc0d0ce2..1f1ff5d394 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb
@@ -8,7 +8,7 @@
# jetty.ssl.host=0.0.0.0
## Connector port to listen on
-jetty.ssl.port=<%= @BE_https_port %>
+jetty.ssl.port=<%= @https_port %>
## Connector idle timeout in milliseconds
# jetty.ssl.idleTimeout=30000
@@ -45,11 +45,11 @@ jetty.ssl.port=<%= @BE_https_port %>
# jetty.sslContext.keyStorePath=etc/keystore
## Truststore file path (relative to $jetty.base)
-# jetty.sslContext.trustStorePath=etc/keystore
+#jetty.sslContext.trustStorePath=etc/truststore
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
-jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
+jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
# jetty.sslContext.keyStoreType=JKS
@@ -57,11 +57,11 @@ jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
## KeyManager password
# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g
-jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok
+jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
## Truststore password
# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
-jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
+jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
# jetty.sslContext.trustStoreType=JKS
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
index 6e9bbe36f5..272a1166ab 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb
@@ -1,2 +1,9 @@
#
-#
+default['BE'][:http_port] = 8080
+default['BE'][:https_port] = 8443
+default['FE'][:http_port] = 8181
+default['FE'][:https_port] = 9443
+default['disableHttp'] = true
+default['jetty'][:keystore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
+default['jetty'][:keymanager_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
+default['jetty'][:truststore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok"
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
index 32b121eefd..6c782428b0 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb
@@ -1,3 +1,12 @@
+#
+#Set the http module option
+if node['disableHttp']
+ http_option = "#--module=http"
+else
+ http_option = "--module=http"
+end
+
+
bash "create-jetty-modules" do
cwd "#{ENV['JETTY_BASE']}"
code <<-EOH
@@ -8,24 +17,26 @@ EOH
end
-
-template "FE-http-ini" do
+template "http-ini" do
path "#{ENV['JETTY_BASE']}/start.d/http.ini"
- source "FE-http-ini.erb"
+ source "http-ini.erb"
owner "jetty"
group "jetty"
mode "0755"
- variables :FE_http_port => "#{node['FE'][:http_port]}"
+ variables ({
+ :http_option => http_option ,
+ :http_port => "#{node['FE'][:http_port]}"
+ })
end
-template "FE-https-ini" do
+template "https-ini" do
path "#{ENV['JETTY_BASE']}/start.d/https.ini"
- source "FE-https-ini.erb"
+ source "https-ini.erb"
owner "jetty"
group "jetty"
mode "0755"
- variables :FE_https_port => "#{node['FE'][:https_port]}"
+ variables :https_port => "#{node['FE'][:https_port]}"
end
@@ -35,7 +46,10 @@ template "ssl-ini" do
owner "jetty"
group "jetty"
mode "0755"
- variables :https_port => "#{node['FE'][:https_port]}"
+ variables ({
+ :https_port => "#{node['FE'][:https_port]}" ,
+ :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" ,
+ :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" ,
+ :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}"
+ })
end
-
-
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb
deleted file mode 100644
index d2542fc360..0000000000
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb
+++ /dev/null
@@ -1,13 +0,0 @@
-# ---------------------------------------
-# Module: https
---module=https
-
-## HTTPS Configuration
-# HTTP port to listen on
-https.port=<%= @FE_https_port %>
-
-# HTTPS idle timeout in milliseconds
-jetty.https.idleTimeout=300000
-
-# HTTPS Socket.soLingerTime in seconds. (-1 to disable)
-# https.soLingerTime=-1
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb
new file mode 100644
index 0000000000..8f2669032b
--- /dev/null
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb
@@ -0,0 +1,29 @@
+# ---------------------------------------
+# Module: http
+<%= @http_option %>
+
+### HTTP Connector Configuration
+
+## Connector host/address to bind to
+# jetty.http.host=0.0.0.0
+
+## Connector port to listen on
+jetty.http.port=<%= @http_port %>
+
+## Connector idle timeout in milliseconds
+jetty.http.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.http.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.http.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.http.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.http.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.http.acceptorPriorityDelta=0
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb
new file mode 100644
index 0000000000..9999a4109b
--- /dev/null
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb
@@ -0,0 +1,29 @@
+# ---------------------------------------
+# Module: https
+--module=https
+
+### HTTPS Connector Configuration
+
+## Connector host/address to bind to
+# jetty.https.host=0.0.0.0
+
+## Connector port to listen on
+jetty.https.port=<%= @https_port %>
+
+## Connector idle timeout in milliseconds
+jetty.https.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.https.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.https.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.https.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.https.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.https.acceptorPriorityDelta=0
diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
index effbfa7918..70bf6d6d27 100644
--- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
+++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb
@@ -45,11 +45,11 @@ jetty.ssl.port=<%= @https_port %>
# jetty.sslContext.keyStorePath=etc/keystore
## Truststore file path (relative to $jetty.base)
-# jetty.sslContext.trustStorePath=etc/keystore
+# jetty.sslContext.trustStorePath=etc/truststore
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
-jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
+jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
# jetty.sslContext.keyStoreType=JKS
@@ -57,11 +57,11 @@ jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
## KeyManager password
# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g
-jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok
+jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
## Truststore password
# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
-jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok
+jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
# jetty.sslContext.trustStoreType=JKS