def _serve(self):
# Load stored authentication keys
self.keys = self.get_config_json("keys") or {}
jsonify._instance = jsonify.GenericJSON(
sort_keys=True,
indent=4,
separators=(',', ': '),
)
cert = self.get_config_json("cert") or '/etc/ceph/ceph-mgr-restful.crt'
pkey = self.get_config_json("pkey") or '/etc/ceph/ceph-mgr-restful.key'
# Create the HTTPS werkzeug server serving pecan app
self.server = make_server(
host='0.0.0.0',
port=8003,
app=make_app(
root='restful.api.Root',
hooks=lambda: [ErrorHook()],
),
ssl_context=(cert, pkey),
)
self.server.serve_forever()
def _serve(self):
# Load stored authentication keys
self.refresh_keys()
jsonify._instance = jsonify.GenericJSON(
sort_keys=True,
indent=4,
separators=(',', ': '),
)
server_addr = self.get_localized_config('server_addr', '::')
if server_addr is None:
raise CannotServe(
'no server_addr configured; try "ceph config-key set mgr/restful/server_addr <ip>"'
)
server_port = int(self.get_localized_config('server_port', '8003'))
self.log.info('server_addr: %s server_port: %d', server_addr,
server_port)
cert = self.get_localized_config("crt")
if cert is not None:
cert_tmp = tempfile.NamedTemporaryFile()
cert_tmp.write(cert)
cert_tmp.flush()
cert_fname = cert_tmp.name
else:
cert_fname = self.get_localized_config('crt_file')
pkey = self.get_localized_config("key")
if pkey is not None:
pkey_tmp = tempfile.NamedTemporaryFile()
pkey_tmp.write(pkey)
pkey_tmp.flush()
pkey_fname = pkey_tmp.name
else:
pkey_fname = self.get_localized_config('key_file')
if not cert_fname or not pkey_fname:
raise CannotServe('no certificate configured')
if not os.path.isfile(cert_fname):
raise CannotServe('certificate %s does not exist' % cert_fname)
if not os.path.isfile(pkey_fname):
raise CannotServe('private key %s does not exist' % pkey_fname)
# Create the HTTPS werkzeug server serving pecan app
self.server = make_server(
host=server_addr,
port=server_port,
app=make_app(
root='restful.api.Root',
hooks=[ErrorHook()], # use a callable if pecan >= 0.3.2
),
ssl_context=(cert_fname, pkey_fname),
)
self.server.serve_forever()
def _serve(self):
# Load stored authentication keys
self.refresh_keys()
jsonify._instance = jsonify.GenericJSON(
sort_keys=True,
indent=4,
separators=(',', ': '),
)
server_addr = self.get_localized_config('server_addr') or '127.0.0.1'
server_port = int(self.get_localized_config('server_port') or '8003')
self.log.info('server_addr: %s server_port: %d', server_addr,
server_port)
cert = self.get_localized_config("crt")
if cert is not None:
cert_tmp = tempfile.NamedTemporaryFile()
cert_tmp.write(cert)
cert_tmp.flush()
cert_fname = cert_tmp.name
else:
cert_fname = self.get_localized_config(
'crt_file') or '/etc/ceph/ceph-mgr-restful.crt'
pkey = self.get_localized_config("key")
if pkey is not None:
pkey_tmp = tempfile.NamedTemporaryFile()
pkey_tmp.write(pkey)
pkey_tmp.flush()
pkey_fname = pkey_tmp.name
else:
pkey_fname = self.get_localized_config(
'key_file') or '/etc/ceph/ceph-mgr-restful.key'
# Create the HTTPS werkzeug server serving pecan app
self.server = make_server(
host=server_addr,
port=server_port,
app=make_app(
root='restful.api.Root',
hooks=lambda: [ErrorHook()],
),
ssl_context=(cert_fname, pkey_fname),
)
self.server.serve_forever()
def _serve(self):
# Load stored authentication keys
self.refresh_keys()
jsonify._instance = jsonify.GenericJSON(
sort_keys=True,
indent=4,
separators=(',', ': '),
)
server_addr = self.get_localized_module_option('server_addr', '::')
if server_addr is None:
raise CannotServe(
'no server_addr configured; try "ceph config-key set mgr/restful/server_addr <ip>"'
)
server_port = int(
self.get_localized_module_option('server_port', '8003'))
self.log.info('server_addr: %s server_port: %d', server_addr,
server_port)
cert = self.get_localized_store("crt")
if cert is not None:
cert_tmp = tempfile.NamedTemporaryFile()
cert_tmp.write(cert.encode('utf-8'))
cert_tmp.flush()
cert_fname = cert_tmp.name
else:
cert_fname = self.get_localized_store('crt_file')
pkey = self.get_localized_store("key")
if pkey is not None:
pkey_tmp = tempfile.NamedTemporaryFile()
pkey_tmp.write(pkey.encode('utf-8'))
pkey_tmp.flush()
pkey_fname = pkey_tmp.name
else:
pkey_fname = self.get_localized_module_option('key_file')
self.enable_auth = self.get_localized_module_option(
'enable_auth', True)
if not cert_fname or not pkey_fname:
raise CannotServe('no certificate configured')
if not os.path.isfile(cert_fname):
raise CannotServe('certificate %s does not exist' % cert_fname)
if not os.path.isfile(pkey_fname):
raise CannotServe('private key %s does not exist' % pkey_fname)
# Publish the URI that others may use to access the service we're
# about to start serving
addr = self.get_mgr_ip() if server_addr == "::" else server_addr
self.set_uri(build_url(scheme='https', host=addr, port=server_port))
# Create the HTTPS werkzeug server serving pecan app
self.server = make_server(
host=server_addr,
port=server_port,
app=make_app(
root='restful.api.Root',
hooks=[ErrorHook()], # use a callable if pecan >= 0.3.2
),
ssl_context=(cert_fname, pkey_fname),
)
sock_fd_flag = fcntl.fcntl(self.server.socket.fileno(), fcntl.F_GETFD)
if not (sock_fd_flag & fcntl.FD_CLOEXEC):
self.log.debug("set server socket close-on-exec")
fcntl.fcntl(self.server.socket.fileno(), fcntl.F_SETFD,
sock_fd_flag | fcntl.FD_CLOEXEC)
if self.stop_server:
self.log.debug('made server, but stop flag set')
else:
self.log.debug('made server, serving forever')
self.server.serve_forever()
