diff options
author | dengyh <dengyuanhong@chinamobile.com> | 2020-06-23 16:59:57 +0800 |
---|---|---|
committer | Yuanhong Deng <dengyuanhong@chinamobile.com> | 2020-06-28 04:24:39 +0000 |
commit | 007b688fd4064f65e09bfac2f2ec941a642875c2 (patch) | |
tree | c89acd18dfbc3c1d3a5c1b21f8d04ffacf7b6bba | |
parent | e1e33f410b870a7d4f44b1d4eab48cabe5f53d51 (diff) |
Implementation of HTTPS support for VFC-vnfmgr project interface
Change-Id: I7ee9e2691e2584aa196fa158d7b15c7fd841c577
Issue-ID: VFC-1676
Signed-off-by: dengyh <dengyuanhong@chinamobile.com>
-rwxr-xr-x | mgr/docker/instance_config.sh | 4 | ||||
-rw-r--r-- | mgr/mgr/pub/config/config.py | 6 | ||||
-rwxr-xr-x | mgr/run.sh | 12 | ||||
-rwxr-xr-x | mgr/stop.sh | 8 |
4 files changed, 23 insertions, 7 deletions
diff --git a/mgr/docker/instance_config.sh b/mgr/docker/instance_config.sh index e1ad7e1..81f46be 100755 --- a/mgr/docker/instance_config.sh +++ b/mgr/docker/instance_config.sh @@ -24,6 +24,10 @@ if [ $SERVICE_IP ]; then sed -i "s|\"ip\": \".*\"|\"ip\": \"$SERVICE_IP\"|" vfc/gvnfm/vnfmgr/mgr/mgr/pub/config/config.py fi +if [ $SSL_ENABLED ]; then + sed -i "s|SSL_ENABLED = .*|SSL_ENABLED = '$SSL_ENABLED'|" vfc/gvnfm/vnfmgr/mgr/mgr/pub/config/config.py +fi + # Configure MYSQL MYSQL_IP=`echo $MYSQL_ADDR | cut -d: -f 1` MYSQL_PORT=`echo $MYSQL_ADDR | cut -d: -f 2` diff --git a/mgr/mgr/pub/config/config.py b/mgr/mgr/pub/config/config.py index c67effd..8ac51d1 100644 --- a/mgr/mgr/pub/config/config.py +++ b/mgr/mgr/pub/config/config.py @@ -37,10 +37,16 @@ FORWARDED_FOR_FIELDS = ["HTTP_X_FORWARDED_FOR", "HTTP_X_FORWARDED_HOST", # [register] REG_TO_MSB_WHEN_START = True +SSL_ENABLED = "true" REG_TO_MSB_REG_URL = "/api/microservices/v1/services" +if SSL_ENABLED == "true": + enable_ssl = "true" +else: + enable_ssl = "false" REG_TO_MSB_REG_PARAM = { "serviceName": "vnfmgr", "version": "v1", + "enable_ssl": enable_ssl, "url": "/api/vnfmgr/v1", "protocol": "REST", "visualRange": "1", @@ -18,10 +18,10 @@ if [ ! -x $logDir ]; then mkdir -p $logDir fi -nohup python manage.py runserver 0.0.0.0:8803 > /dev/null & +# nohup python manage.py runserver 0.0.0.0:8803 > /dev/null & -# if [ "${SSL_ENABLED}" = "true" ]; then -# nohup uwsgi --https :8803,mgr/pub/ssl/cert/foobar.crt,mgr/pub/ssl/cert/foobar.key, -t 120 --enable-threads --module mgr.wsgi --master --processes 4 & -# else -# nohup uwsgi --http :8803 -t 120 --enable-threads --module mgr.wsgi --master --processes 4 & -# fi +if [ "${SSL_ENABLED}" = "true" ]; then + nohup uwsgi --https :8803,mgr/pub/ssl/cert/foobar.crt,mgr/pub/ssl/cert/foobar.key, -t 120 --enable-threads --module mgr.wsgi --master --processes 4 & +else + nohup uwsgi --http :8803 -t 120 --enable-threads --module mgr.wsgi --master --processes 4 & +fi diff --git a/mgr/stop.sh b/mgr/stop.sh index 44d1940..34ebf54 100755 --- a/mgr/stop.sh +++ b/mgr/stop.sh @@ -13,5 +13,11 @@ # See the License for the specific language governing permissions and # limitations under the License. -ps auxww | grep 'manage.py runserver 0.0.0.0:8803' | awk '{print $1}' | xargs kill -9 +# ps auxww | grep 'manage.py runserver 0.0.0.0:8803' | awk '{print $1}' | xargs kill -9 # ps auxww |grep 'uwsgi --http' |awk '{print $1}' |xargs kill -9 + +if [ "${SSL_ENABLED}" = "true" ]; then + ps auxww |grep 'uwsgi --https :8803' |awk '{print $1}' |xargs kill -9 +else + ps auxww |grep 'uwsgi --http :8803' |awk '{print $1}' |xargs kill -9 +fi
\ No newline at end of file |