def run(self): # HaproxyConfBuilder # from the current haproxy config # update config # replace the config # def add(self, protocol, port, instances=[]): # instance = {hostname , port, protocol=None ) builder = ConfBuilderHaproxy(CONF_FILE, self.__listener.loadbalancer()) instances = [] for host in self.__listener.instances(): instance = { 'hostname': host, 'port': self.__listener.instance_port(), 'protocol': self.__listener.instance_protocol() } instances.append(instance) # in case of https/ssl protocol, download server certificate from EUARE if (self.__listener.protocol() == 'https' or self.__listener.protocol() == 'ssl') and \ self.__listener.ssl_cert_arn() is not None: try: f = FloppyCredential() except Exception, err: raise Exception('failed to get credentials from floppy: %s' % err) try: access_key_id = config.get_access_key_id() secret_access_key = config.get_secret_access_key() security_token = config.get_security_token() con = servo.ws.connect_euare( aws_access_key_id=access_key_id, aws_secret_access_key=secret_access_key, security_token=security_token) cert_arn = self.__listener.ssl_cert_arn().strip() cert = con.download_server_certificate( f.get_instance_pub_key(), f.get_instance_pk(), f.get_iam_pub_key(), f.get_iam_token(), cert_arn) except Exception, err: raise Exception( 'failed to download the server certificate: %s' % err)
def run(self): # HaproxyConfBuilder # from the current haproxy config # update config # replace the config #def add(self, protocol, port, instances=[]): #instance = {hostname , port, protocol=None ) builder = ConfBuilderHaproxy(CONF_FILE, self.__listener.loadbalancer()) instances = [] for host in self.__listener.instances(): instance = {'hostname':host, 'port': self.__listener.instance_port(), 'protocol': self.__listener.instance_protocol()} instances.append(instance) #in case of https/ssl protocol, download server certificate from EUARE if (self.__listener.protocol() == 'https' or self.__listener.protocol() == 'ssl') and self.__listener.ssl_cert_arn() != None: try: f = FloppyCredential() except Exception, err: raise Exception('failed to get credentials from floppy: %s' % err) try: access_key_id = config.get_access_key_id() secret_access_key = config.get_secret_access_key() security_token = config.get_security_token() con = servo.ws.connect_euare(aws_access_key_id = access_key_id, aws_secret_access_key=secret_access_key, security_token=security_token) cert_arn = self.__listener.ssl_cert_arn().strip() cert= con.download_server_certificate(f.get_instance_pub_key(), f.get_instance_pk(), f.get_iam_pub_key(), f.get_iam_token(), cert_arn) except Exception, err: raise Exception('failed to download the server certificate: %s' % err)
def download_cert(cert_arn = None): host = config.get_clc_host() access_key_id = config.get_access_key_id() secret_access_key = config.get_secret_access_key() security_token = config.get_security_token() con = servo.ws.connect_euare(host_name=host, aws_access_key_id = access_key_id, aws_secret_access_key=secret_access_key, security_token=security_token) if not cert_arn: cert_arn = "arn:aws:iam::450510498576:server-certificate/mycert" f = FloppyCredential() cert= con.download_server_certificate(f.get_instance_pub_key(), f.get_instance_pk(), f.get_iam_pub_key(), f.get_iam_token(), cert_arn) print cert.get_certificate() print cert.get_private_key()