mirror of https://github.com/apache/cloudstack.git
starting off with the listener logic.This will ensure that every new console proxy vm that starts, will potentially look for any custom certs uploaded to our db. If they exist, we will send a command to the agent, so that the cert is uploaded, and the ssl context is re-initialized.
This commit is contained in:
abhishek
parent
822ee2d899
commit
cb4a80b8ac
|
|
@ -121,8 +121,8 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
|
|||
|
||||
if (dirCreated)
|
||||
{
|
||||
s_logger.info("Directory: " + strDirectoy + " created");
|
||||
|
||||
if(s_logger.isDebugEnabled())
|
||||
s_logger.info("Directory: " + strDirectoy + " created");
|
||||
//copy cert to the dir
|
||||
FileWriter fstream = new FileWriter("/etc/cloud/consoleproxy/cert/customcert");
|
||||
BufferedWriter out = new BufferedWriter(fstream);
|
||||
|
|
@ -131,14 +131,13 @@ public class ConsoleProxyResource extends ServerResourceBase implements ServerRe
|
|||
out.close();
|
||||
success = true;
|
||||
}
|
||||
|
||||
return new Answer(cmd, success, "Cert string in the console proxy resource status:");
|
||||
return new Answer(cmd, success, "Custom certificate update required status");
|
||||
}catch (Exception e)
|
||||
{
|
||||
s_logger.error("Unable to read the cert string in console proxy resource",e);
|
||||
success = false;
|
||||
}
|
||||
return new Answer(cmd, success, "Cert string in the console proxy resource status:");
|
||||
return new Answer(cmd, success, "Custom certificate response from the updatecertificate flow");
|
||||
}
|
||||
|
||||
protected Answer execute(final CheckConsoleProxyLoadCommand cmd) {
|
||||
|
|
|
|||
|
|
@ -6950,9 +6950,9 @@ public class ManagementServerImpl implements ManagementServer {
|
|||
String certificatePath = cmd.getPath();
|
||||
Long certVOId = _certDao.persistCustomCertToDb(certificatePath);//0 implies failure
|
||||
|
||||
if (certVOId!=null && certVOId!=0) {
|
||||
//certficate uploaded to db successfully
|
||||
|
||||
if (certVOId!=null && certVOId!=0)
|
||||
{
|
||||
//certficate uploaded to db successfully
|
||||
//get a list of all Console proxies from the cp table
|
||||
List<ConsoleProxyVO> cpList = _consoleProxyDao.listAll();
|
||||
|
||||
|
|
@ -6964,12 +6964,11 @@ public class ManagementServerImpl implements ManagementServer {
|
|||
UpdateCertificateCommand certCmd = new UpdateCertificateCommand(_certDao.findById(certVOId).getCertificate());
|
||||
try {
|
||||
Answer updateCertAns = _agentMgr.send(cpHost.getId(), certCmd);
|
||||
|
||||
if(updateCertAns.getResult() == true)
|
||||
{
|
||||
//we have the cert copied over on cpvm
|
||||
long eventId = saveScheduledEvent(User.UID_SYSTEM, Account.ACCOUNT_ID_SYSTEM, EventTypes.EVENT_PROXY_REBOOT, "stopping console proxy with Id: "+cp.getId());
|
||||
boolean cpReboot = _consoleProxyMgr.rebootProxy(cp.getId(), eventId);
|
||||
long eventId = saveScheduledEvent(User.UID_SYSTEM, Account.ACCOUNT_ID_SYSTEM, EventTypes.EVENT_PROXY_REBOOT, "rebooting console proxy with Id: "+cp.getId());
|
||||
_consoleProxyMgr.rebootProxy(cp.getId(), eventId);
|
||||
//when cp reboots, the context will be reinit with the new cert
|
||||
}
|
||||
} catch (AgentUnavailableException e) {
|
||||
|
|
@ -6979,10 +6978,13 @@ public class ManagementServerImpl implements ManagementServer {
|
|||
}
|
||||
|
||||
}
|
||||
|
||||
|
||||
return true;
|
||||
}
|
||||
else
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
|
|
|||
|
|
@ -118,7 +118,7 @@ CREATE TABLE `cloud`.`account_network_ref` (
|
|||
|
||||
CREATE TABLE `cloud`.`certificate` (
|
||||
`id` bigint unsigned NOT NULL AUTO_INCREMENT COMMENT 'id',
|
||||
`certificate` text COMMENT 'the actual custom certificate being stored in the db',
|
||||
`certificate` text NOT NULL UNIQUE COMMENT 'the actual custom certificate being stored in the db',
|
||||
PRIMARY KEY (`id`)
|
||||
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue