From a1ceb60843508b0ef23f3f8ec29d8808722fada3 Mon Sep 17 00:00:00 2001 From: Michael Lando Date: Tue, 20 Feb 2018 16:14:11 +0200 Subject: add https support to simulato Change-Id: I16f68532a7e7a09fbf96c09dff19d857c03fedd8 Issue-ID: SDC-832 Signed-off-by: Michael Lando --- utils/webseal-simulator/pom.xml | 51 +++------------------- .../scripts/simulator_docker_run.sh | 4 +- utils/webseal-simulator/scripts/ws-compose.yaml | 21 +++++++++ .../sdc-simulator/Dockerfile.template | 25 ----------- .../recipes/SDC_Simulator_2_setup_configuration.rb | 11 ++++- .../SDC_Simulator_5_create_jetty_modules.rb | 26 ++++++++++- .../templates/default/SDC-Simulator-https-ini.erb | 29 ++++++++++++ .../templates/default/SDC-Simulator-ssl-ini.erb | 9 +++- .../default/SDC-Simulator-webseal.conf.erb | 2 +- utils/webseal-simulator/sdc-simulator/startup.sh | 24 +++++++--- 10 files changed, 119 insertions(+), 83 deletions(-) create mode 100644 utils/webseal-simulator/scripts/ws-compose.yaml delete mode 100644 utils/webseal-simulator/sdc-simulator/Dockerfile.template create mode 100644 utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb (limited to 'utils/webseal-simulator') diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml index 18e5b32bb9..c0e9fe6327 100644 --- a/utils/webseal-simulator/pom.xml +++ b/utils/webseal-simulator/pom.xml @@ -5,13 +5,10 @@ org.openecomp.sdc webseal-simulator war - 0.0.1-SNAPSHOT + 0.1.0-SNAPSHOT 9.2.10.v20150310 - ${project.version}-${maven.build.timestamp} - ${project.version}-latest - yyyyMMdd'T'HHmm https://nexus.onap.org UTF-8 @@ -83,7 +80,7 @@ - WSSimulator + WSSimulator-${project.version} @@ -99,20 +96,6 @@ - - org.eclipse.jetty - jetty-maven-plugin - ${jetty-version} - - / - - / - .*/.*jersey-[^/]\.jar$ - - WSSimulator.war - - - @@ -123,11 +106,6 @@ Release Repository ${nexus.proxy}/content/repositories/releases/ - - ecomp-staging - Staging Repository - ${nexus.proxy}/content/repositories/staging/ - ecomp-snapshots Snapshots Repository @@ -142,14 +120,6 @@ - - docker-staging - - ${project.version}-STAGING-${maven.build.timestamp} - ${project.version}-STAGING-latest - - - docker @@ -204,7 +174,7 @@ ${project.basedir}/target - WSSimulator.war + WSSimulator*.war @@ -236,7 +206,7 @@ io.fabric8 docker-maven-plugin - 0.23.0 + 0.24.0 true @@ -256,11 +226,10 @@ sdc-simulator try - ${basedir}\sdc-simulator + ${basedir}/sdc-simulator ${docker.tag} ${docker.latest.tag} - 1.1-STAGING-latest @@ -273,12 +242,7 @@ remove - - true - openecomp/sdc-simulator - - generate-images install @@ -286,17 +250,12 @@ build - push-images deploy - build push - - openecomp/sdc-simulator - diff --git a/utils/webseal-simulator/scripts/simulator_docker_run.sh b/utils/webseal-simulator/scripts/simulator_docker_run.sh index c7ded8d116..079dc1e578 100644 --- a/utils/webseal-simulator/scripts/simulator_docker_run.sh +++ b/utils/webseal-simulator/scripts/simulator_docker_run.sh @@ -70,8 +70,10 @@ echo "${PREFIX}" dir_perms +JAVA_OPTIONS=" -Xmx128m -Xms128m -Xss1m" + # SDC-Simulator -docker run --detach --name sdc-sim --env HOST_IP=${IP} --env ENVNAME="${DEP_ENV}" --env http_proxy=${http_proxy} --env https_proxy=${https_proxy} --env no_proxy=${no_proxy} --log-driver=json-file --log-opt max-size=100m --log-opt max-file=10 --ulimit memlock=-1:-1 --memory 256m --memory-swap=256m --ulimit nofile=4096:100000 --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/WS/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 8285:8080 ${PREFIX}/sdc-simulator:${RELEASE} +docker run --detach --name sdc-sim --env JAVA_OPTIONS="${JAVA_OPTIONS}" --env ENVNAME="${DEP_ENV}" --env http_proxy=${http_proxy} --env https_proxy=${https_proxy} --env no_proxy=${no_proxy} --volume /etc/localtime:/etc/localtime:ro --volume /data/logs/WS/:/var/lib/jetty/logs --volume /data/environments:/root/chef-solo/environments --publish 8285:8080 --publish 8286:8443 ${PREFIX}/sdc-simulator:${RELEASE} if [ $? -ne 0 ]; then diff --git a/utils/webseal-simulator/scripts/ws-compose.yaml b/utils/webseal-simulator/scripts/ws-compose.yaml new file mode 100644 index 0000000000..7c07f62c79 --- /dev/null +++ b/utils/webseal-simulator/scripts/ws-compose.yaml @@ -0,0 +1,21 @@ +version: '3' + +services: + WS: + container_name: sdc-sim + image: onap/sdc-simulator:latest + volumes: + - "/etc/localtime:/etc/localtime:ro" + - "/data/logs/WS/:/var/lib/jetty/logs" + - "/data/environments:/root/chef-solo/environments" + ports: + - "8286:8443" + - "8285:8080" + restart: always + environment: + HOST_IP: "10.0.2.15" + ENVNAME: "AUTO" + http_proxy: http://one.proxy.att.com:8080 + https_proxy: http://one.proxy.att.com:8080 + no_proxy: "localhost,127.0.0.1" + JAVA_OPTIONS: "-Xmx128m -Xms128m -Xss1m" diff --git a/utils/webseal-simulator/sdc-simulator/Dockerfile.template b/utils/webseal-simulator/sdc-simulator/Dockerfile.template deleted file mode 100644 index 673b56fd07..0000000000 --- a/utils/webseal-simulator/sdc-simulator/Dockerfile.template +++ /dev/null @@ -1,25 +0,0 @@ -FROM jetty - -RUN apt-get -y update -RUN apt-get -y install apt-utils -RUN apt-get -y install curl -RUN apt-get -y install vim - -COPY chef-solo /root/chef-solo/ -COPY chef-repo/cookbooks /root/chef-solo/cookbooks/ - -ENV BASE_NEXUS zl999y:ChangeMe@10.208.197.75:8443/repository/maven-public/org/openecomp/sdc - -# install chef-solo -RUN curl -L https://www.opscode.com/chef/install.sh | bash - -RUN cp /usr/local/jetty/resources/log4j.properties /var/lib/jetty/resources/log4j.properties - -ADD sdc-simulator-__SDC-RELEASE__.war /var/lib/jetty/webapps/ -RUN chown -R jetty:jetty /var/lib/jetty/webapps - -COPY startup.sh /root/ - -RUN chmod 770 /root/startup.sh - -ENTRYPOINT [ "/root/startup.sh" ] diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb index 85fedfd9e5..6c081d685d 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb @@ -1,5 +1,13 @@ jetty_base="/var/lib/jetty" +if !ENV['FE_URL'].nil? + fe_url="#{ENV['FE_URL']}" +elsif node['disableHttp'] + fe_url="https://#{node['Nodes']['FE']}:#{node['FE'][:https_port]}" +else + fe_url="http://#{node['Nodes']['FE']}:#{node['FE'][:http_port]}" +end + template "webseal.conf" do path "#{jetty_base}/config/sdc-simulator/webseal.conf" @@ -8,7 +16,6 @@ template "webseal.conf" do group "jetty" mode "0755" variables({ - :fe_host_ip => node['HOST_IP'], - :fe_http_port => "#{node['FE'][:http_port]}" + :fe_url =>"#{fe_url}" }) end diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb index 38b87fa65d..3dde6ee38f 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb @@ -1,7 +1,6 @@ jetty_base="/var/lib/jetty" jetty_home="/usr/local/jetty" -###### create Jetty modules bash "create-jetty-modules" do cwd "#{jetty_base}" code <<-EOH @@ -9,6 +8,29 @@ code <<-EOH java -jar "/#{jetty_home}"/start.jar --add-to-start=deploy java -jar "/#{jetty_home}"/start.jar --add-to-startd=http,https,logging,setuid EOH -not_if "ls /#{jetty_base}/start.d/https.ini" +end + +template "ssl-ini" do + path "/#{jetty_base}/start.d/ssl.ini" + source "SDC-Simulator-ssl-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables({ + :https_port => "8443", + :jetty_keystore_pwd => "OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4", + :jetty_keymanager_pwd => "OBF:1u2u1wml1z7s1z7a1wnl1u2g" + }) +end + +template "https-ini" do + path "/#{jetty_base}/start.d/https.ini" + source "SDC-Simulator-https-ini.erb" + owner "jetty" + group "jetty" + mode "0755" + variables ({ + :https_port => "8443" + }) end diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb new file mode 100644 index 0000000000..9999a4109b --- /dev/null +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb @@ -0,0 +1,29 @@ +# --------------------------------------- +# Module: https +--module=https + +### HTTPS Connector Configuration + +## Connector host/address to bind to +# jetty.https.host=0.0.0.0 + +## Connector port to listen on +jetty.https.port=<%= @https_port %> + +## Connector idle timeout in milliseconds +jetty.https.idleTimeout=30000 + +## Connector socket linger time in seconds (-1 to disable) +# jetty.https.soLingerTime=-1 + +## Number of acceptors (-1 picks default based on number of cores) +# jetty.https.acceptors=-1 + +## Number of selectors (-1 picks default based on number of cores) +# jetty.https.selectors=-1 + +## ServerSocketChannel backlog (0 picks platform default) +# jetty.https.acceptorQueueSize=0 + +## Thread priority delta to give to acceptor threads +# jetty.https.acceptorPriorityDelta=0 diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb index 426e0e44b5..86848bf282 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb @@ -8,7 +8,7 @@ # jetty.ssl.host=0.0.0.0 ## Connector port to listen on -jetty.ssl.port=<%= @FE_https_port %> +jetty.ssl.port=<%= @https_port %> ## Connector idle timeout in milliseconds # jetty.ssl.idleTimeout=30000 @@ -49,6 +49,7 @@ jetty.ssl.port=<%= @FE_https_port %> ## Keystore password # jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %> ## Keystore type and provider # jetty.sslContext.keyStoreType=JKS @@ -56,9 +57,11 @@ jetty.ssl.port=<%= @FE_https_port %> ## KeyManager password # jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g +jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %> ## Truststore password # jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4 +#jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %> ## Truststore type and provider # jetty.sslContext.trustStoreType=JKS @@ -81,3 +84,7 @@ jetty.ssl.port=<%= @FE_https_port %> ## Set the timeout (in seconds) of the SslSession cache timeout # jetty.sslContext.sslSessionTimeout=-1 + +## Allow SSL renegotiation +# jetty.sslContext.renegotiationAllowed=true +# jetty.sslContext.renegotiationLimit=5 diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb index d5e2cbeaac..e4c5d753fa 100644 --- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb +++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb @@ -1,6 +1,6 @@ { webseal { - fe="http://<%= @fe_host_ip %>:<%= @fe_http_port %>" + fe="<%= @fe_url %>" users = [ { userId="cs0008" diff --git a/utils/webseal-simulator/sdc-simulator/startup.sh b/utils/webseal-simulator/sdc-simulator/startup.sh index aca8b5e984..48b6a0d505 100644 --- a/utils/webseal-simulator/sdc-simulator/startup.sh +++ b/utils/webseal-simulator/sdc-simulator/startup.sh @@ -1,12 +1,26 @@ #!/bin/sh -export CHEFNAME=${ENVNAME} + + cd /root/chef-solo -echo "normal['HOST_IP'] = \"${HOST_IP}\"" > /root/chef-solo/cookbooks/sdc-simulator/attributes/default.rb -chef-solo -c solo.rb -E ${CHEFNAME} +chef-solo -c solo.rb -E ${ENVNAME} +rc=$? +if [[ $rc != 0 ]]; then + echo "Chef exaction failed." + exit $rc; +fi + +JAVA_OPTIONS=" ${JAVA_OPTIONS} \ + -Dconfig.home=${JETTY_BASE}/config/sdc-simulator \ + -Dlog.home=${JETTY_BASE}/logs \ + -Dlogback.configurationFile=${JETTY_BASE}/config/sdc-simulator/logback.xml \ + -Djetty.logging.dir=${JETTY_BASE}/logs" -sed -i '/^set -e/aJAVA_OPTIONS=\"-Xdebug -Xmx128m -Xms128m -Xss1m -Dconfig.home=${JETTY_BASE}/config/sdc-simulator -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/sdc-simulator/logback.xml -Djetty.logging.dir=${JETTY_BASE}/logs -Djetty.base=${JETTY_BASE} \"' /docker-entrypoint.sh -sed -i '/^set -e/aTMPDIR=${JETTY_BASE}\/temp' /docker-entrypoint.sh +echo "---------------------------------------------" +echo $TMPDIR +echo $JAVA_OPTIONS +echo $JETTY_BASE +echo "---------------------------------------------" cd /var/lib/jetty /docker-entrypoint.sh -- cgit 1.2.3-korg