diff options
author | Areli, Fuss (af732p) <af732p@att.com> | 2018-04-09 18:27:46 +0300 |
---|---|---|
committer | Michael Lando <ml636r@att.com> | 2018-04-11 08:42:06 +0000 |
commit | 204f26d848150fceb55ec587eed57ad92afe20e4 (patch) | |
tree | d4a0c8965fe8610e185ee810a29aaf5f38d5818e | |
parent | 9d525f580b866778dc3417a06d98b96c70857efe (diff) |
Add support of http and https
Add support of http and https
Change-Id: I8c79155037ddaa5f904ecd85de797675a6be9436
Issue-ID: SDC-1180
Signed-off-by: Areli, Fuss (af732p) <af732p@att.com>
11 files changed, 186 insertions, 54 deletions
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb index ece1066f55..afd26b3348 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_4_jetty_Modules.rb @@ -1,17 +1,55 @@ +#Set the http module option +if node['disableHttp'] + http_option = "#--module=http" +else + http_option = "--module=http" +end + + bash "create-jetty-modules" do cwd "#{ENV['JETTY_BASE']}" code <<-EOH - cd "#{ENV['JETTY_BASE']}" - java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy - java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,logging,setuid + cd "#{ENV['JETTY_BASE']}" + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-start=deploy + java -jar "#{ENV['JETTY_HOME']}"/start.jar --add-to-startd=http,https,logging,setuid EOH end + +template "http-ini" do + path "#{ENV['JETTY_BASE']}/start.d/http.ini" + source "http-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :http_option => http_option , + :http_port => "#{node['BE'][:http_port]}" + }) + +end + + +template "https-ini" do + path "#{ENV['JETTY_BASE']}/start.d/https.ini" + source "https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables :https_port => "#{node['BE'][:https_port]}" +end + + template "ssl-ini" do - path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" - source "ssl-ini.erb" - owner "jetty" - group "jetty" - mode "0755" - variables :BE_https_port => "#{node['BE'][:https_port]}" + path "#{ENV['JETTY_BASE']}/start.d/ssl.ini" + source "ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :https_port => "#{node['BE'][:https_port]}" , + :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , + :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , + :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" + }) end diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb index 29715177be..28f611267c 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_5_setup_elasticsearch.rb @@ -1,14 +1,13 @@ clusterName = node['elasticsearch'][:cluster_name]+node.chef_environment template "elasticsearch.yml-config" do - path "#{ENV['JETTY_BASE']}/config/elasticsearch.yml" - source "BE-elasticsearch.yml.erb" - owner "jetty" - group "jetty" - mode "0755" - variables({ - :cluster_name => "#{clusterName}", - :es_host_ip => node['Nodes']['ES'] - }) + path "#{ENV['JETTY_BASE']}/config/elasticsearch.yml" + source "BE-elasticsearch.yml.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :cluster_name => "#{clusterName}", + :es_host_ip => node['Nodes']['ES'] + }) end - diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/http-ini.erb index 233a6b8852..8f2669032b 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-http-ini.erb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/http-ini.erb @@ -1,6 +1,6 @@ # --------------------------------------- # Module: http ---module=http +<%= @http_option %> ### HTTP Connector Configuration @@ -8,7 +8,7 @@ # jetty.http.host=0.0.0.0 ## Connector port to listen on -jetty.http.port=<%= @FE_http_port %> +jetty.http.port=<%= @http_port %> ## Connector idle timeout in milliseconds jetty.http.idleTimeout=30000 diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb new file mode 100644 index 0000000000..9999a4109b --- /dev/null +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/https-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb index adfc0d0ce2..1f1ff5d394 100644 --- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb +++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/ssl-ini.erb @@ -8,7 +8,7 @@ # jetty.ssl.host=0.0.0.0 ## Connector port to listen on -jetty.ssl.port=<%= @BE_https_port %> +jetty.ssl.port=<%= @https_port %> ## Connector idle timeout in milliseconds # jetty.ssl.idleTimeout=30000 @@ -45,11 +45,11 @@ jetty.ssl.port=<%= @BE_https_port %> # jetty.sslContext.keyStorePath=etc/keystore ## Truststore file path (relative to $jetty.base) -# jetty.sslContext.trustStorePath=etc/keystore +#jetty.sslContext.trustStorePath=etc/truststore ## Keystore password # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 -jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok +jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> ## Keystore type and provider # jetty.sslContext.keyStoreType=JKS @@ -57,11 +57,11 @@ jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok ## KeyManager password # jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g -jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok +jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> ## Truststore password # jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 -jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok +jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> ## Truststore type and provider # jetty.sslContext.trustStoreType=JKS diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb index 6e9bbe36f5..272a1166ab 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/attributes/default.rb @@ -1,2 +1,9 @@ # -# +default['BE'][:http_port] = 8080 +default['BE'][:https_port] = 8443 +default['FE'][:http_port] = 8181 +default['FE'][:https_port] = 9443 +default['disableHttp'] = true +default['jetty'][:keystore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" +default['jetty'][:keymanager_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" +default['jetty'][:truststore_pwd] = "OBF:1cp61iuj194s194u194w194y1is31cok" diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb index 32b121eefd..6c782428b0 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_7_create_jetty_modules.rb @@ -1,3 +1,12 @@ +# +#Set the http module option +if node['disableHttp'] + http_option = "#--module=http" +else + http_option = "--module=http" +end + + bash "create-jetty-modules" do cwd "#{ENV['JETTY_BASE']}" code <<-EOH @@ -8,24 +17,26 @@ EOH end - -template "FE-http-ini" do +template "http-ini" do path "#{ENV['JETTY_BASE']}/start.d/http.ini" - source "FE-http-ini.erb" + source "http-ini.erb" owner "jetty" group "jetty" mode "0755" - variables :FE_http_port => "#{node['FE'][:http_port]}" + variables ({ + :http_option => http_option , + :http_port => "#{node['FE'][:http_port]}" + }) end -template "FE-https-ini" do +template "https-ini" do path "#{ENV['JETTY_BASE']}/start.d/https.ini" - source "FE-https-ini.erb" + source "https-ini.erb" owner "jetty" group "jetty" mode "0755" - variables :FE_https_port => "#{node['FE'][:https_port]}" + variables :https_port => "#{node['FE'][:https_port]}" end @@ -35,7 +46,10 @@ template "ssl-ini" do owner "jetty" group "jetty" mode "0755" - variables :https_port => "#{node['FE'][:https_port]}" + variables ({ + :https_port => "#{node['FE'][:https_port]}" , + :jetty_keystore_pwd => "#{node['jetty'][:keystore_pwd]}" , + :jetty_keymanager_pwd => "#{node['jetty'][:keymanager_pwd]}" , + :jetty_truststore_pwd => "#{node['jetty'][:truststore_pwd]}" + }) end - - diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb deleted file mode 100644 index d2542fc360..0000000000 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/FE-https-ini.erb +++ /dev/null @@ -1,13 +0,0 @@ -# --------------------------------------- -# Module: https ---module=https - -## HTTPS Configuration -# HTTP port to listen on -https.port=<%= @FE_https_port %> - -# HTTPS idle timeout in milliseconds -jetty.https.idleTimeout=300000 - -# HTTPS Socket.soLingerTime in seconds. (-1 to disable) -# https.soLingerTime=-1 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb new file mode 100644 index 0000000000..8f2669032b --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/http-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: http +<%= @http_option %> + +### HTTP Connector Configuration + +## Connector host/address to bind to +# jetty.http.host=0.0.0.0 + +## Connector port to listen on +jetty.http.port=<%= @http_port %> + +## Connector idle timeout in milliseconds +jetty.http.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.http.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.http.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.http.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.http.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.http.acceptorPriorityDelta=0 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb new file mode 100644 index 0000000000..9999a4109b --- /dev/null +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/https-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb index effbfa7918..70bf6d6d27 100644 --- a/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb +++ b/catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/templates/default/ssl-ini.erb @@ -45,11 +45,11 @@ jetty.ssl.port=<%= @https_port %> # jetty.sslContext.keyStorePath=etc/keystore ## Truststore file path (relative to $jetty.base) -# jetty.sslContext.trustStorePath=etc/keystore +# jetty.sslContext.trustStorePath=etc/truststore ## Keystore password # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 -jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok +jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> ## Keystore type and provider # jetty.sslContext.keyStoreType=JKS @@ -57,11 +57,11 @@ jetty.sslContext.keyStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok ## KeyManager password # jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g -jetty.sslContext.keyManagerPassword=OBF:1cp61iuj194s194u194w194y1is31cok +jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> ## Truststore password # jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 -jetty.sslContext.trustStorePassword=OBF:1cp61iuj194s194u194w194y1is31cok +jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> ## Truststore type and provider # jetty.sslContext.trustStoreType=JKS |