diff options
author | dengyh <dengyuanhong@chinamobile.com> | 2020-06-19 11:04:24 +0800 |
---|---|---|
committer | Yuanhong Deng <dengyuanhong@chinamobile.com> | 2020-06-23 03:06:54 +0000 |
commit | cb01ac28c8ebddd297f4689f4ef0300d490e6f82 (patch) | |
tree | fdca1c515b1f941f352b0b27c4c1a5e18914448c | |
parent | e907a196483aeb96b3e25b32df592ef74463e41d (diff) |
Implementation of HTTPS support for VFC-nslcm project interface
Change-Id: I268bc463ab69cd4a79fd5801db09bad3e11b6eb1
Issue-ID: VFC-1676
Signed-off-by: dengyh <dengyuanhong@chinamobile.com>
-rwxr-xr-x | docker/instance_config.sh | 4 | ||||
-rw-r--r-- | lcm/pub/config/config.py | 8 | ||||
-rw-r--r-- | requirements.txt | 2 | ||||
-rwxr-xr-x | run.sh | 12 | ||||
-rwxr-xr-x | stop.sh | 7 |
5 files changed, 24 insertions, 9 deletions
diff --git a/docker/instance_config.sh b/docker/instance_config.sh index 9b593312..25488fbf 100755 --- a/docker/instance_config.sh +++ b/docker/instance_config.sh @@ -37,6 +37,10 @@ if [ $SERVICE_IP ]; then sed -i "s|\"ip\": \".*\"|\"ip\": \"$SERVICE_IP\"|" vfc/nfvo/lcm/lcm/pub/config/config.py fi +if [ $SSL_ENABLED ]; then + sed -i "s|SSL_ENABLED.*|SSL_ENABLED = '$SSL_ENABLED'|" vfc/nfvo/lcm/lcm/pub/config/config.py +fi + # Configure MYSQL MYSQL_IP=`echo $MYSQL_ADDR | cut -d: -f 1` MYSQL_PORT=`echo $MYSQL_ADDR | cut -d: -f 2` diff --git a/lcm/pub/config/config.py b/lcm/pub/config/config.py index d453480b..5b3fecbb 100644 --- a/lcm/pub/config/config.py +++ b/lcm/pub/config/config.py @@ -36,11 +36,17 @@ FORWARDED_FOR_FIELDS = ["HTTP_X_FORWARDED_FOR", "HTTP_X_FORWARDED_HOST", "HTTP_X_FORWARDED_SERVER"] # [register] -REG_TO_MSB_WHEN_START = False +REG_TO_MSB_WHEN_START = True +SSL_ENABLED = "true" REG_TO_MSB_REG_URL = "/api/microservices/v1/services" +if SSL_ENABLED == "true": + enable_ssl = "true" +else: + enable_ssl = "false" REG_TO_MSB_REG_PARAM = { "serviceName": "nslcm", "version": "v1", + "enable_ssl": enable_ssl, "url": "/api/nslcm/v1", "protocol": "REST", "visualRange": "1", diff --git a/requirements.txt b/requirements.txt index 505116c2..bf99936c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -37,4 +37,4 @@ swagger-spec-validator>=2.1.0 onappylog==1.0.9 # uwsgi for parallel processing -# uwsgi +uwsgi @@ -18,11 +18,11 @@ if [ ! -x $logDir ]; then mkdir -p $logDir fi -nohup python manage.py runserver 0.0.0.0:8403 > /dev/null & +# nohup python manage.py runserver 0.0.0.0:8403 > /dev/null & # nohup uwsgi --http :8403 -t 120 --module lcm.wsgi --master --processes 4 & -# if [ "${SSL_ENABLED}" = "true" ]; then -# nohup uwsgi --https :8403,lcm/pub/ssl/cert/foobar.crt,lcm/pub/ssl/cert/foobar.key, -t 120 --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 & -# else -# nohup uwsgi --http :8403 -t 120 --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 & -# fi +if [ "${SSL_ENABLED}" = "true" ]; then + nohup uwsgi --https :8403,lcm/pub/ssl/cert/foobar.crt,lcm/pub/ssl/cert/foobar.key, -t 120 --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 & +else + nohup uwsgi --http :8403 -t 120 --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 & +fi @@ -12,5 +12,10 @@ # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. -ps auxww | grep "manage.py runserver 0.0.0.0:8403" | awk '{print $1}' | xargs kill -9 +# ps auxww | grep "manage.py runserver 0.0.0.0:8403" | awk '{print $1}' | xargs kill -9 # ps auxww |grep 'uwsgi --http' |awk '{print $1}' |xargs kill -9 +if [ "${SSL_ENABLED}" = "true" ]; then + ps auxww |grep 'uwsgi --https :8403' |awk '{print $1}' |xargs kill -9 +else + ps auxww |grep 'uwsgi --http :8403' |awk '{print $1}' |xargs kill -9 +fi
\ No newline at end of file |