def addServerCerts(self, serverName, info):
self._logger.info(
"thrift interface recevied a call to addServerCerts - %s" %
(serverName))
if serverName is None or not isinstance(serverName, basestring):
raise EzFrontendCertException(
message=
"Error in adding server cert. serverName must be a STRING")
if info is None or info.certificateContents is None or info.keyContents is None:
raise EzFrontendCertException(
message=
"Error in adding server cert. info, info.certificateContents, info.keyContents should not be None."
)
if not isinstance(info.certificateContents, str) or not isinstance(
info.keyContents, str):
raise EzFrontendCertException(
message=
"Error in adding server cert. info.certificateContents and info.keyContents must be a STRING"
)
try:
self.ac.put(serverName, info.certificateContents, info.keyContents)
self.kz.ensure_path(sslconfig_node(serverName))
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
except Exception as e:
self._logger.exception(
"Exception in adding server certs for %s: %s" %
(serverName, str(e)))
raise EzFrontendCertException(
message="Internal error in adding server cert for %s." %
(serverName))
def removeUpstreamServerRegistration(self, registration):
"""
Parameters:
- registration
"""
self._logger.info("thrift interface received a call to removeUpstreamServerRegistration with a registration value of %s" % (registration))
self._validateUpstreamServerRegistration(registration)
self._validateNoConflictingUpstreamPath(registration)
nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration)
serverName = ezRPRegistration.get_ngx_server_name(registration)
sslConfigNodeName = ezRPKazoo.KZSSLCONFLOC + '/' + serverName
with self.lock:
lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE,"another contender")
with lock:
if not self.kz.exists(nodeName):
raise RegistrationNotFoundException("no registration found for %s" % (nodeName))
else:
self._logger.info("removeUpstreamServerRegistration removing %s" % (nodeName))
self.kz.delete(nodeName)
if self.kz.exists(sslConfigNodeName) and self._isServerUnique(registration):
try:
#remove certs if server registration is unique
self.kz.delete(sslConfigNodeName)
self.ac.remove(serverName)
self._logger.info("removed certs for server %s" % serverName)
except EzRPCertStoreException as ex:
self._logger.exception('Exception in removing certs for server %s' % serverName)
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def addUpstreamServerRegistration(self, registration):
"""
Parameters:
- registration
"""
self._logger.info(
"thrift interface received a call to addUpstreamServerRegistration with a registration value of %s"
% (registration))
self._validateUpstreamServerRegistration(registration)
self._validateNoConflictingUpstreamPath(registration)
nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(
registration)
nodeData = self._serializeUpstreamServerRegistration(registration)
with self.lock:
lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE, "another contender")
with lock:
self._logger.info("addUpstreamServerRegistration registering")
if not self.kz.exists(nodeName):
self._logger.info(
"Adding node in zookeeper\n\tNode Name: %s\n\tNode Data:%s"
% (nodeName, nodeData))
self.kz.create(nodeName, nodeData)
else:
self.kz.set(nodeName, nodeData)
self._logger.info(
"Updating node in zookeeper\n\tNode Name: %s\n\tNode Data:%s"
% (nodeName, nodeData))
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
def removeAllProxyRegistrations():
self._logger.log("thrift interface received a call to removeAllProxyRegistration")
allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC)
with self.lock:
for fn in allNodes:
self._logger.log("removeAllProxyRegistrations is deleting %s from zookeeper" % (ezRPKazoo.KZCONFLOC+'/'+fn))
self.kz.delete(ezRPKazoo.KZCONFLOC+'/'+fn)
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def _addUpstreamAndServer(self,upstream_number,registration):
upstream_group_name = 'server'+str(upstream_number)
upstream_name = registration.UpstreamHostAndPort
upstream_timeout = registration.timeout
upstream_timeout_tries = registration.timeoutTries
upstream_upload_file_size = registration.uploadFileSize
server_name = registration.UserFacingUrlPrefix.split('/',1)[0]
loc = self.Location(registration.UserFacingUrlPrefix.split('/',1)[1], upstream_group_name, server_name, registration.UpstreamPath, upstream_name.split(':',1)[0], upstream_name.split(':',1)[1], upstream_timeout, upstream_timeout_tries, upstream_upload_file_size, registration.sticky, registration.disableChunkedTransferEncoding)
name_to_resolve, port_to_use = upstream_name.split(':',1)
try:
#try to resolve the upstream name
socket.gethostbyname(name_to_resolve)
if upstream_group_name not in self._upstreams:
self._upstreams[upstream_group_name] = {'location':loc.location,
'upstreams':[],
'sticky':bool(loc.sticky or False),
'timeout':int(loc.upstream_timeout or 0),
'timeout_tries':int(loc.upstream_timeout_tries or 0)
}
self._upstreams[upstream_group_name]['upstreams'].append(upstream_name)
except Exception as e:
self._logger.error("Exception (%s) resolving upstream %s. Dropping that upstream path [%s:%s]. Location %s will not be configured unless it has other (valid) upstreams" % (str(e), name_to_resolve, loc.upstream_host, loc.upstream_port, loc.location))
#remove from local upstream cache
if upstream_group_name in self._upstreams:
del self._upstreams[upstream_group_name]
#remove from zookeeper
try:
self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration))
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
except NoNodeError:
#node didn't exist before
pass
except Exception as e:
self._logger.error('Exception in removing unresolved registration: %s' % str(e))
raise
self._logger.info('Configuring Location %s' % str(loc))
if server_name not in self._servers:
self._servers[server_name] = {}
self._servers[server_name][loc.location] = loc
self._serversWithSpecializedCerts.discard(server_name)
if self.kz.exists(ezRPKazoo.KZSSLCONFLOC + '/' + server_name):
if os.path.isfile(os.path.join(self._newSslDir, server_name + '.crt')) and \
os.path.isfile(os.path.join(self._newSslDir, server_name + '.key')):
self._serversWithSpecializedCerts.add(server_name)
else:
self._logger.error('Certs for configured %s server are not present in %s. Registration will use defaults' % (server_name, gConfig.ssl_server_certs))
if server_name not in self._redirects:
self._redirects[server_name] = {}
if loc.location not in self._redirects[server_name]:
self._redirects[server_name][loc.location] = []
self._redirects[server_name][loc.location].append((loc.upstream_host,loc.upstream_port))
def removeServerCerts(self, serverName):
self._logger.info("thrift interface recevied a call to removeServerCerts - %s" % serverName)
if serverName is None or not isinstance(serverName, basestring):
raise EzFrontendCertException(message="Error in removing server cert. serverName must be a STRING")
try:
self.ac.remove(serverName)
self.kz.delete(sslconfig_node(serverName))
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
except Exception as e:
self._logger.exception("Exception in removing server certs for %s: %s\n%s" % (serverName, str(e)))
raise EzFrontendCertException(message="Internal error in removing server cert for %s." % (serverName))
def removeStaticContent(self, content):
'''
Delete the file from Accumulo
'''
self._logger.info("thrift interface received a call to removeStaticContent")
if self._sfh.removeStaticContent(content):
# reconfigure
self._logger.info('Triggering zookeeper watch node')
self.kz.ensure_path(ezRPKazoo.KZWATCHLOC)
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
else:
pass
def removeAllProxyRegistrations():
self._logger.log(
"thrift interface received a call to removeAllProxyRegistration")
allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC)
with self.lock:
for fn in allNodes:
self._logger.log(
"removeAllProxyRegistrations is deleting %s from zookeeper"
% (ezRPKazoo.KZCONFLOC + '/' + fn))
self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + fn)
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
def removeStaticContent(self, content):
'''
Delete the file from Accumulo
'''
self._logger.info(
"thrift interface received a call to removeStaticContent")
if self._sfh.removeStaticContent(content):
# reconfigure
self._logger.info('Triggering zookeeper watch node')
self.kz.ensure_path(ezRPKazoo.KZWATCHLOC)
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
else:
pass
def addServerCerts(self, serverName, info):
self._logger.info("thrift interface recevied a call to addServerCerts - %s" % (serverName))
if serverName is None or not isinstance(serverName, basestring):
raise EzFrontendCertException(message="Error in adding server cert. serverName must be a STRING")
if info is None or info.certificateContents is None or info.keyContents is None:
raise EzFrontendCertException(message="Error in adding server cert. info, info.certificateContents, info.keyContents should not be None.")
if not isinstance(info.certificateContents, str) or not isinstance(info.keyContents, str):
raise EzFrontendCertException(message="Error in adding server cert. info.certificateContents and info.keyContents must be a STRING")
try:
self.ac.put(serverName, info.certificateContents, info.keyContents)
self.kz.ensure_path(sslconfig_node(serverName))
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
except Exception as e:
self._logger.exception("Exception in adding server certs for %s: %s" % (serverName, str(e)))
raise EzFrontendCertException(message="Internal error in adding server cert for %s." % (serverName))
def removeReverseProxiedPath(self, userFacingUrlPrefix):
"""
Parameters:
- userFacingUrlPrefix
"""
self._logger.info("thrift interface received a call to removeReverseProxiedPath with a path value of %s" % userFacingUrlPrefix)
prefixToRemove = zbase62.b2a(userFacingUrlPrefix)+ "_"
with self.lock:
allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC)
fileNamesToRemove = [x for x in allNodes if x.startswith(prefixToRemove)]
for fn in fileNamesToRemove:
self._logger.info("removeReverseProxiedPath is deleting %s from zookeeper" % (ezRPKazoo.KZCONFLOC+'/'+fn))
self.kz.delete(ezRPKazoo.KZCONFLOC+'/'+fn)
if len(fileNamesToRemove) > 0:
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeServerCerts(self, serverName):
self._logger.info(
"thrift interface recevied a call to removeServerCerts - %s" %
serverName)
if serverName is None or not isinstance(serverName, basestring):
raise EzFrontendCertException(
message=
"Error in removing server cert. serverName must be a STRING")
try:
self.ac.remove(serverName)
self.kz.delete(sslconfig_node(serverName))
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
except Exception as e:
self._logger.exception(
"Exception in removing server certs for %s: %s\n%s" %
(serverName, str(e)))
raise EzFrontendCertException(
message="Internal error in removing server cert for %s." %
(serverName))
def addUpstreamServerRegistration(self, registration):
"""
Parameters:
- registration
"""
self._logger.info("thrift interface received a call to addUpstreamServerRegistration with a registration value of %s" % (registration))
self._validateUpstreamServerRegistration(registration)
self._validateNoConflictingUpstreamPath(registration)
nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration)
nodeData = self._serializeUpstreamServerRegistration(registration)
with self.lock:
lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE,"another contender")
with lock:
self._logger.info("addUpstreamServerRegistration registering")
if not self.kz.exists(nodeName):
self._logger.info("Adding node in zookeeper\n\tNode Name: %s\n\tNode Data:%s" % (nodeName,nodeData))
self.kz.create(nodeName,nodeData)
else:
self.kz.set(nodeName,nodeData)
self._logger.info("Updating node in zookeeper\n\tNode Name: %s\n\tNode Data:%s" % (nodeName,nodeData))
self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeReverseProxiedPath(self, userFacingUrlPrefix):
"""
Parameters:
- userFacingUrlPrefix
"""
self._logger.info(
"thrift interface received a call to removeReverseProxiedPath with a path value of %s"
% userFacingUrlPrefix)
prefixToRemove = zbase62.b2a(userFacingUrlPrefix) + "_"
with self.lock:
allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC)
fileNamesToRemove = [
x for x in allNodes if x.startswith(prefixToRemove)
]
for fn in fileNamesToRemove:
self._logger.info(
"removeReverseProxiedPath is deleting %s from zookeeper" %
(ezRPKazoo.KZCONFLOC + '/' + fn))
self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + fn)
if len(fileNamesToRemove) > 0:
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
def removeUpstreamServerRegistration(self, registration):
"""
Parameters:
- registration
"""
self._logger.info(
"thrift interface received a call to removeUpstreamServerRegistration with a registration value of %s"
% (registration))
self._validateUpstreamServerRegistration(registration)
self._validateNoConflictingUpstreamPath(registration)
nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(
registration)
serverName = ezRPRegistration.get_ngx_server_name(registration)
sslConfigNodeName = ezRPKazoo.KZSSLCONFLOC + '/' + serverName
with self.lock:
lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE, "another contender")
with lock:
if not self.kz.exists(nodeName):
raise RegistrationNotFoundException(
"no registration found for %s" % (nodeName))
else:
self._logger.info(
"removeUpstreamServerRegistration removing %s" %
(nodeName))
self.kz.delete(nodeName)
if self.kz.exists(sslConfigNodeName
) and self._isServerUnique(registration):
try:
#remove certs if server registration is unique
self.kz.delete(sslConfigNodeName)
self.ac.remove(serverName)
self._logger.info("removed certs for server %s" %
serverName)
except EzRPCertStoreException as ex:
self._logger.exception(
'Exception in removing certs for server %s' %
serverName)
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
def _addUpstreamAndServer(self, upstream_number, registration):
upstream_group_name = 'server' + str(upstream_number)
upstream_name = registration.UpstreamHostAndPort
upstream_timeout = registration.timeout
upstream_timeout_tries = registration.timeoutTries
upstream_upload_file_size = registration.uploadFileSize
static_content_type = registration.contentServiceType
server_name = registration.UserFacingUrlPrefix.split('/', 1)[0]
loc = self.Location(
registration.UserFacingUrlPrefix.split('/', 1)[1],
upstream_group_name, server_name, registration.UpstreamPath,
upstream_name.split(':', 1)[0],
upstream_name.split(':', 1)[1], upstream_timeout,
upstream_timeout_tries, upstream_upload_file_size,
registration.sticky, registration.disableChunkedTransferEncoding,
registration.authOperations,
registration.validateUpstreamConnection, static_content_type)
name_to_resolve, port_to_use = upstream_name.split(':', 1)
try:
#try to resolve the upstream name
socket.gethostbyname(name_to_resolve)
if upstream_group_name not in self._upstreams:
self._upstreams[upstream_group_name] = {
'location': loc.location,
'upstreams': [],
'sticky': bool(loc.sticky or False),
'timeout': int(loc.upstream_timeout or 0),
'timeout_tries': int(loc.upstream_timeout_tries or 0)
}
self._upstreams[upstream_group_name]['upstreams'].append(
upstream_name)
except Exception as e:
self._logger.error(
"Exception (%s) resolving upstream %s. Dropping that upstream path [%s:%s]. Location %s will not be configured unless it has other (valid) upstreams"
% (str(e), name_to_resolve, loc.upstream_host,
loc.upstream_port, loc.location))
#remove from local upstream cache
if upstream_group_name in self._upstreams:
del self._upstreams[upstream_group_name]
#remove from zookeeper
try:
self.kz.delete(ezRPKazoo.KZCONFLOC + '/' +
ezRPRegistration.getNodeName(registration))
self.kz.set(ezRPKazoo.KZWATCHLOC,
str(gConfig.current_milli_time()))
except NoNodeError:
#node didn't exist before
pass
except Exception as e:
self._logger.error(
'Exception in removing unresolved registration: %s' %
str(e))
raise
self._logger.info('Configuring Location %s' % str(loc))
if server_name not in self._servers:
self._servers[server_name] = {}
self._servers[server_name][loc.location] = loc
self._serversWithSpecializedCerts.discard(server_name)
if self.kz.exists(ezRPKazoo.KZSSLCONFLOC + '/' + server_name):
if os.path.isfile(os.path.join(self._newSslDir, server_name + '.crt')) and \
os.path.isfile(os.path.join(self._newSslDir, server_name + '.key')):
self._serversWithSpecializedCerts.add(server_name)
else:
self._logger.error(
'Certs for configured %s server are not present in %s. Registration will use defaults'
% (server_name, gConfig.ssl_server_certs))
if server_name not in self._redirects:
self._redirects[server_name] = {}
if loc.location not in self._redirects[server_name]:
self._redirects[server_name][loc.location] = []
self._redirects[server_name][loc.location].append(
(loc.upstream_host, loc.upstream_port))
