def addServerCerts(self, serverName, info): self._logger.info( "thrift interface recevied a call to addServerCerts - %s" % (serverName)) if serverName is None or not isinstance(serverName, basestring): raise EzFrontendCertException( message= "Error in adding server cert. serverName must be a STRING") if info is None or info.certificateContents is None or info.keyContents is None: raise EzFrontendCertException( message= "Error in adding server cert. info, info.certificateContents, info.keyContents should not be None." ) if not isinstance(info.certificateContents, str) or not isinstance( info.keyContents, str): raise EzFrontendCertException( message= "Error in adding server cert. info.certificateContents and info.keyContents must be a STRING" ) try: self.ac.put(serverName, info.certificateContents, info.keyContents) self.kz.ensure_path(sslconfig_node(serverName)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) except Exception as e: self._logger.exception( "Exception in adding server certs for %s: %s" % (serverName, str(e))) raise EzFrontendCertException( message="Internal error in adding server cert for %s." % (serverName))
def removeUpstreamServerRegistration(self, registration): """ Parameters: - registration """ self._logger.info("thrift interface received a call to removeUpstreamServerRegistration with a registration value of %s" % (registration)) self._validateUpstreamServerRegistration(registration) self._validateNoConflictingUpstreamPath(registration) nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration) serverName = ezRPRegistration.get_ngx_server_name(registration) sslConfigNodeName = ezRPKazoo.KZSSLCONFLOC + '/' + serverName with self.lock: lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE,"another contender") with lock: if not self.kz.exists(nodeName): raise RegistrationNotFoundException("no registration found for %s" % (nodeName)) else: self._logger.info("removeUpstreamServerRegistration removing %s" % (nodeName)) self.kz.delete(nodeName) if self.kz.exists(sslConfigNodeName) and self._isServerUnique(registration): try: #remove certs if server registration is unique self.kz.delete(sslConfigNodeName) self.ac.remove(serverName) self._logger.info("removed certs for server %s" % serverName) except EzRPCertStoreException as ex: self._logger.exception('Exception in removing certs for server %s' % serverName) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def addUpstreamServerRegistration(self, registration): """ Parameters: - registration """ self._logger.info( "thrift interface received a call to addUpstreamServerRegistration with a registration value of %s" % (registration)) self._validateUpstreamServerRegistration(registration) self._validateNoConflictingUpstreamPath(registration) nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName( registration) nodeData = self._serializeUpstreamServerRegistration(registration) with self.lock: lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE, "another contender") with lock: self._logger.info("addUpstreamServerRegistration registering") if not self.kz.exists(nodeName): self._logger.info( "Adding node in zookeeper\n\tNode Name: %s\n\tNode Data:%s" % (nodeName, nodeData)) self.kz.create(nodeName, nodeData) else: self.kz.set(nodeName, nodeData) self._logger.info( "Updating node in zookeeper\n\tNode Name: %s\n\tNode Data:%s" % (nodeName, nodeData)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeAllProxyRegistrations(): self._logger.log("thrift interface received a call to removeAllProxyRegistration") allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC) with self.lock: for fn in allNodes: self._logger.log("removeAllProxyRegistrations is deleting %s from zookeeper" % (ezRPKazoo.KZCONFLOC+'/'+fn)) self.kz.delete(ezRPKazoo.KZCONFLOC+'/'+fn) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def _addUpstreamAndServer(self,upstream_number,registration): upstream_group_name = 'server'+str(upstream_number) upstream_name = registration.UpstreamHostAndPort upstream_timeout = registration.timeout upstream_timeout_tries = registration.timeoutTries upstream_upload_file_size = registration.uploadFileSize server_name = registration.UserFacingUrlPrefix.split('/',1)[0] loc = self.Location(registration.UserFacingUrlPrefix.split('/',1)[1], upstream_group_name, server_name, registration.UpstreamPath, upstream_name.split(':',1)[0], upstream_name.split(':',1)[1], upstream_timeout, upstream_timeout_tries, upstream_upload_file_size, registration.sticky, registration.disableChunkedTransferEncoding) name_to_resolve, port_to_use = upstream_name.split(':',1) try: #try to resolve the upstream name socket.gethostbyname(name_to_resolve) if upstream_group_name not in self._upstreams: self._upstreams[upstream_group_name] = {'location':loc.location, 'upstreams':[], 'sticky':bool(loc.sticky or False), 'timeout':int(loc.upstream_timeout or 0), 'timeout_tries':int(loc.upstream_timeout_tries or 0) } self._upstreams[upstream_group_name]['upstreams'].append(upstream_name) except Exception as e: self._logger.error("Exception (%s) resolving upstream %s. Dropping that upstream path [%s:%s]. Location %s will not be configured unless it has other (valid) upstreams" % (str(e), name_to_resolve, loc.upstream_host, loc.upstream_port, loc.location)) #remove from local upstream cache if upstream_group_name in self._upstreams: del self._upstreams[upstream_group_name] #remove from zookeeper try: self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) except NoNodeError: #node didn't exist before pass except Exception as e: self._logger.error('Exception in removing unresolved registration: %s' % str(e)) raise self._logger.info('Configuring Location %s' % str(loc)) if server_name not in self._servers: self._servers[server_name] = {} self._servers[server_name][loc.location] = loc self._serversWithSpecializedCerts.discard(server_name) if self.kz.exists(ezRPKazoo.KZSSLCONFLOC + '/' + server_name): if os.path.isfile(os.path.join(self._newSslDir, server_name + '.crt')) and \ os.path.isfile(os.path.join(self._newSslDir, server_name + '.key')): self._serversWithSpecializedCerts.add(server_name) else: self._logger.error('Certs for configured %s server are not present in %s. Registration will use defaults' % (server_name, gConfig.ssl_server_certs)) if server_name not in self._redirects: self._redirects[server_name] = {} if loc.location not in self._redirects[server_name]: self._redirects[server_name][loc.location] = [] self._redirects[server_name][loc.location].append((loc.upstream_host,loc.upstream_port))
def removeServerCerts(self, serverName): self._logger.info("thrift interface recevied a call to removeServerCerts - %s" % serverName) if serverName is None or not isinstance(serverName, basestring): raise EzFrontendCertException(message="Error in removing server cert. serverName must be a STRING") try: self.ac.remove(serverName) self.kz.delete(sslconfig_node(serverName)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) except Exception as e: self._logger.exception("Exception in removing server certs for %s: %s\n%s" % (serverName, str(e))) raise EzFrontendCertException(message="Internal error in removing server cert for %s." % (serverName))
def removeStaticContent(self, content): ''' Delete the file from Accumulo ''' self._logger.info("thrift interface received a call to removeStaticContent") if self._sfh.removeStaticContent(content): # reconfigure self._logger.info('Triggering zookeeper watch node') self.kz.ensure_path(ezRPKazoo.KZWATCHLOC) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) else: pass
def removeAllProxyRegistrations(): self._logger.log( "thrift interface received a call to removeAllProxyRegistration") allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC) with self.lock: for fn in allNodes: self._logger.log( "removeAllProxyRegistrations is deleting %s from zookeeper" % (ezRPKazoo.KZCONFLOC + '/' + fn)) self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + fn) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeStaticContent(self, content): ''' Delete the file from Accumulo ''' self._logger.info( "thrift interface received a call to removeStaticContent") if self._sfh.removeStaticContent(content): # reconfigure self._logger.info('Triggering zookeeper watch node') self.kz.ensure_path(ezRPKazoo.KZWATCHLOC) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) else: pass
def addServerCerts(self, serverName, info): self._logger.info("thrift interface recevied a call to addServerCerts - %s" % (serverName)) if serverName is None or not isinstance(serverName, basestring): raise EzFrontendCertException(message="Error in adding server cert. serverName must be a STRING") if info is None or info.certificateContents is None or info.keyContents is None: raise EzFrontendCertException(message="Error in adding server cert. info, info.certificateContents, info.keyContents should not be None.") if not isinstance(info.certificateContents, str) or not isinstance(info.keyContents, str): raise EzFrontendCertException(message="Error in adding server cert. info.certificateContents and info.keyContents must be a STRING") try: self.ac.put(serverName, info.certificateContents, info.keyContents) self.kz.ensure_path(sslconfig_node(serverName)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) except Exception as e: self._logger.exception("Exception in adding server certs for %s: %s" % (serverName, str(e))) raise EzFrontendCertException(message="Internal error in adding server cert for %s." % (serverName))
def removeReverseProxiedPath(self, userFacingUrlPrefix): """ Parameters: - userFacingUrlPrefix """ self._logger.info("thrift interface received a call to removeReverseProxiedPath with a path value of %s" % userFacingUrlPrefix) prefixToRemove = zbase62.b2a(userFacingUrlPrefix)+ "_" with self.lock: allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC) fileNamesToRemove = [x for x in allNodes if x.startswith(prefixToRemove)] for fn in fileNamesToRemove: self._logger.info("removeReverseProxiedPath is deleting %s from zookeeper" % (ezRPKazoo.KZCONFLOC+'/'+fn)) self.kz.delete(ezRPKazoo.KZCONFLOC+'/'+fn) if len(fileNamesToRemove) > 0: self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeServerCerts(self, serverName): self._logger.info( "thrift interface recevied a call to removeServerCerts - %s" % serverName) if serverName is None or not isinstance(serverName, basestring): raise EzFrontendCertException( message= "Error in removing server cert. serverName must be a STRING") try: self.ac.remove(serverName) self.kz.delete(sslconfig_node(serverName)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) except Exception as e: self._logger.exception( "Exception in removing server certs for %s: %s\n%s" % (serverName, str(e))) raise EzFrontendCertException( message="Internal error in removing server cert for %s." % (serverName))
def addUpstreamServerRegistration(self, registration): """ Parameters: - registration """ self._logger.info("thrift interface received a call to addUpstreamServerRegistration with a registration value of %s" % (registration)) self._validateUpstreamServerRegistration(registration) self._validateNoConflictingUpstreamPath(registration) nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration) nodeData = self._serializeUpstreamServerRegistration(registration) with self.lock: lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE,"another contender") with lock: self._logger.info("addUpstreamServerRegistration registering") if not self.kz.exists(nodeName): self._logger.info("Adding node in zookeeper\n\tNode Name: %s\n\tNode Data:%s" % (nodeName,nodeData)) self.kz.create(nodeName,nodeData) else: self.kz.set(nodeName,nodeData) self._logger.info("Updating node in zookeeper\n\tNode Name: %s\n\tNode Data:%s" % (nodeName,nodeData)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeReverseProxiedPath(self, userFacingUrlPrefix): """ Parameters: - userFacingUrlPrefix """ self._logger.info( "thrift interface received a call to removeReverseProxiedPath with a path value of %s" % userFacingUrlPrefix) prefixToRemove = zbase62.b2a(userFacingUrlPrefix) + "_" with self.lock: allNodes = self.kz.get_children(ezRPKazoo.KZCONFLOC) fileNamesToRemove = [ x for x in allNodes if x.startswith(prefixToRemove) ] for fn in fileNamesToRemove: self._logger.info( "removeReverseProxiedPath is deleting %s from zookeeper" % (ezRPKazoo.KZCONFLOC + '/' + fn)) self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + fn) if len(fileNamesToRemove) > 0: self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def removeUpstreamServerRegistration(self, registration): """ Parameters: - registration """ self._logger.info( "thrift interface received a call to removeUpstreamServerRegistration with a registration value of %s" % (registration)) self._validateUpstreamServerRegistration(registration) self._validateNoConflictingUpstreamPath(registration) nodeName = ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName( registration) serverName = ezRPRegistration.get_ngx_server_name(registration) sslConfigNodeName = ezRPKazoo.KZSSLCONFLOC + '/' + serverName with self.lock: lock = self.kz.Lock(ezRPKazoo.KZLOCKFILE, "another contender") with lock: if not self.kz.exists(nodeName): raise RegistrationNotFoundException( "no registration found for %s" % (nodeName)) else: self._logger.info( "removeUpstreamServerRegistration removing %s" % (nodeName)) self.kz.delete(nodeName) if self.kz.exists(sslConfigNodeName ) and self._isServerUnique(registration): try: #remove certs if server registration is unique self.kz.delete(sslConfigNodeName) self.ac.remove(serverName) self._logger.info("removed certs for server %s" % serverName) except EzRPCertStoreException as ex: self._logger.exception( 'Exception in removing certs for server %s' % serverName) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time()))
def _addUpstreamAndServer(self, upstream_number, registration): upstream_group_name = 'server' + str(upstream_number) upstream_name = registration.UpstreamHostAndPort upstream_timeout = registration.timeout upstream_timeout_tries = registration.timeoutTries upstream_upload_file_size = registration.uploadFileSize static_content_type = registration.contentServiceType server_name = registration.UserFacingUrlPrefix.split('/', 1)[0] loc = self.Location( registration.UserFacingUrlPrefix.split('/', 1)[1], upstream_group_name, server_name, registration.UpstreamPath, upstream_name.split(':', 1)[0], upstream_name.split(':', 1)[1], upstream_timeout, upstream_timeout_tries, upstream_upload_file_size, registration.sticky, registration.disableChunkedTransferEncoding, registration.authOperations, registration.validateUpstreamConnection, static_content_type) name_to_resolve, port_to_use = upstream_name.split(':', 1) try: #try to resolve the upstream name socket.gethostbyname(name_to_resolve) if upstream_group_name not in self._upstreams: self._upstreams[upstream_group_name] = { 'location': loc.location, 'upstreams': [], 'sticky': bool(loc.sticky or False), 'timeout': int(loc.upstream_timeout or 0), 'timeout_tries': int(loc.upstream_timeout_tries or 0) } self._upstreams[upstream_group_name]['upstreams'].append( upstream_name) except Exception as e: self._logger.error( "Exception (%s) resolving upstream %s. Dropping that upstream path [%s:%s]. Location %s will not be configured unless it has other (valid) upstreams" % (str(e), name_to_resolve, loc.upstream_host, loc.upstream_port, loc.location)) #remove from local upstream cache if upstream_group_name in self._upstreams: del self._upstreams[upstream_group_name] #remove from zookeeper try: self.kz.delete(ezRPKazoo.KZCONFLOC + '/' + ezRPRegistration.getNodeName(registration)) self.kz.set(ezRPKazoo.KZWATCHLOC, str(gConfig.current_milli_time())) except NoNodeError: #node didn't exist before pass except Exception as e: self._logger.error( 'Exception in removing unresolved registration: %s' % str(e)) raise self._logger.info('Configuring Location %s' % str(loc)) if server_name not in self._servers: self._servers[server_name] = {} self._servers[server_name][loc.location] = loc self._serversWithSpecializedCerts.discard(server_name) if self.kz.exists(ezRPKazoo.KZSSLCONFLOC + '/' + server_name): if os.path.isfile(os.path.join(self._newSslDir, server_name + '.crt')) and \ os.path.isfile(os.path.join(self._newSslDir, server_name + '.key')): self._serversWithSpecializedCerts.add(server_name) else: self._logger.error( 'Certs for configured %s server are not present in %s. Registration will use defaults' % (server_name, gConfig.ssl_server_certs)) if server_name not in self._redirects: self._redirects[server_name] = {} if loc.location not in self._redirects[server_name]: self._redirects[server_name][loc.location] = [] self._redirects[server_name][loc.location].append( (loc.upstream_host, loc.upstream_port))