add https support to simulato
Change-Id: I16f68532a7e7a09fbf96c09dff19d857c03fedd8
Issue-ID: SDC-832
Signed-off-by: Michael Lando <ml636r@att.com>
diff --git a/utils/webseal-simulator/sdc-simulator/Dockerfile.template b/utils/webseal-simulator/sdc-simulator/Dockerfile.template
deleted file mode 100644
index 673b56f..0000000
--- a/utils/webseal-simulator/sdc-simulator/Dockerfile.template
+++ /dev/null
@@ -1,25 +0,0 @@
-FROM jetty
-
-RUN apt-get -y update
-RUN apt-get -y install apt-utils
-RUN apt-get -y install curl
-RUN apt-get -y install vim
-
-COPY chef-solo /root/chef-solo/
-COPY chef-repo/cookbooks /root/chef-solo/cookbooks/
-
-ENV BASE_NEXUS zl999y:ChangeMe@10.208.197.75:8443/repository/maven-public/org/openecomp/sdc
-
-# install chef-solo
-RUN curl -L https://www.opscode.com/chef/install.sh | bash
-
-RUN cp /usr/local/jetty/resources/log4j.properties /var/lib/jetty/resources/log4j.properties
-
-ADD sdc-simulator-__SDC-RELEASE__.war /var/lib/jetty/webapps/
-RUN chown -R jetty:jetty /var/lib/jetty/webapps
-
-COPY startup.sh /root/
-
-RUN chmod 770 /root/startup.sh
-
-ENTRYPOINT [ "/root/startup.sh" ]
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb
index 85fedfd..6c081d6 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_2_setup_configuration.rb
@@ -1,5 +1,13 @@
jetty_base="/var/lib/jetty"
+if !ENV['FE_URL'].nil?
+ fe_url="#{ENV['FE_URL']}"
+elsif node['disableHttp']
+ fe_url="https://#{node['Nodes']['FE']}:#{node['FE'][:https_port]}"
+else
+ fe_url="http://#{node['Nodes']['FE']}:#{node['FE'][:http_port]}"
+end
+
template "webseal.conf" do
path "#{jetty_base}/config/sdc-simulator/webseal.conf"
@@ -8,7 +16,6 @@
group "jetty"
mode "0755"
variables({
- :fe_host_ip => node['HOST_IP'],
- :fe_http_port => "#{node['FE'][:http_port]}"
+ :fe_url =>"#{fe_url}"
})
end
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
index 38b87fa..3dde6ee 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/recipes/SDC_Simulator_5_create_jetty_modules.rb
@@ -1,7 +1,6 @@
jetty_base="/var/lib/jetty"
jetty_home="/usr/local/jetty"
-###### create Jetty modules
bash "create-jetty-modules" do
cwd "#{jetty_base}"
code <<-EOH
@@ -9,6 +8,29 @@
java -jar "/#{jetty_home}"/start.jar --add-to-start=deploy
java -jar "/#{jetty_home}"/start.jar --add-to-startd=http,https,logging,setuid
EOH
-not_if "ls /#{jetty_base}/start.d/https.ini"
+end
+
+template "ssl-ini" do
+ path "/#{jetty_base}/start.d/ssl.ini"
+ source "SDC-Simulator-ssl-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables({
+ :https_port => "8443",
+ :jetty_keystore_pwd => "OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4",
+ :jetty_keymanager_pwd => "OBF:1u2u1wml1z7s1z7a1wnl1u2g"
+ })
+end
+
+template "https-ini" do
+ path "/#{jetty_base}/start.d/https.ini"
+ source "SDC-Simulator-https-ini.erb"
+ owner "jetty"
+ group "jetty"
+ mode "0755"
+ variables ({
+ :https_port => "8443"
+ })
end
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb
new file mode 100644
index 0000000..9999a41
--- /dev/null
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-https-ini.erb
@@ -0,0 +1,29 @@
+# ---------------------------------------
+# Module: https
+--module=https
+
+### HTTPS Connector Configuration
+
+## Connector host/address to bind to
+# jetty.https.host=0.0.0.0
+
+## Connector port to listen on
+jetty.https.port=<%= @https_port %>
+
+## Connector idle timeout in milliseconds
+jetty.https.idleTimeout=30000
+
+## Connector socket linger time in seconds (-1 to disable)
+# jetty.https.soLingerTime=-1
+
+## Number of acceptors (-1 picks default based on number of cores)
+# jetty.https.acceptors=-1
+
+## Number of selectors (-1 picks default based on number of cores)
+# jetty.https.selectors=-1
+
+## ServerSocketChannel backlog (0 picks platform default)
+# jetty.https.acceptorQueueSize=0
+
+## Thread priority delta to give to acceptor threads
+# jetty.https.acceptorPriorityDelta=0
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
index 426e0e4..86848bf 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-ssl-ini.erb
@@ -8,7 +8,7 @@
# jetty.ssl.host=0.0.0.0
## Connector port to listen on
-jetty.ssl.port=<%= @FE_https_port %>
+jetty.ssl.port=<%= @https_port %>
## Connector idle timeout in milliseconds
# jetty.ssl.idleTimeout=30000
@@ -49,6 +49,7 @@
## Keystore password
# jetty.sslContext.keyStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+jetty.sslContext.keyStorePassword=<%= @jetty_keystore_pwd %>
## Keystore type and provider
# jetty.sslContext.keyStoreType=JKS
@@ -56,9 +57,11 @@
## KeyManager password
# jetty.sslContext.keyManagerPassword=OBF:1u2u1wml1z7s1z7a1wnl1u2g
+jetty.sslContext.keyManagerPassword=<%= @jetty_keymanager_pwd %>
## Truststore password
# jetty.sslContext.trustStorePassword=OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4
+#jetty.sslContext.trustStorePassword=<%= @jetty_truststore_pwd %>
## Truststore type and provider
# jetty.sslContext.trustStoreType=JKS
@@ -81,3 +84,7 @@
## Set the timeout (in seconds) of the SslSession cache timeout
# jetty.sslContext.sslSessionTimeout=-1
+
+## Allow SSL renegotiation
+# jetty.sslContext.renegotiationAllowed=true
+# jetty.sslContext.renegotiationLimit=5
diff --git a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb
index d5e2cbe..e4c5d75 100644
--- a/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb
+++ b/utils/webseal-simulator/sdc-simulator/chef-repo/cookbooks/sdc-simulator/templates/default/SDC-Simulator-webseal.conf.erb
@@ -1,6 +1,6 @@
{
webseal {
- fe="http://<%= @fe_host_ip %>:<%= @fe_http_port %>"
+ fe="<%= @fe_url %>"
users = [
{
userId="cs0008"
diff --git a/utils/webseal-simulator/sdc-simulator/startup.sh b/utils/webseal-simulator/sdc-simulator/startup.sh
index aca8b5e..48b6a0d 100644
--- a/utils/webseal-simulator/sdc-simulator/startup.sh
+++ b/utils/webseal-simulator/sdc-simulator/startup.sh
@@ -1,12 +1,26 @@
#!/bin/sh
-export CHEFNAME=${ENVNAME}
-cd /root/chef-solo
-echo "normal['HOST_IP'] = \"${HOST_IP}\"" > /root/chef-solo/cookbooks/sdc-simulator/attributes/default.rb
-chef-solo -c solo.rb -E ${CHEFNAME}
-sed -i '/^set -e/aJAVA_OPTIONS=\"-Xdebug -Xmx128m -Xms128m -Xss1m -Dconfig.home=${JETTY_BASE}/config/sdc-simulator -Dlog.home=${JETTY_BASE}/logs -Dlogback.configurationFile=${JETTY_BASE}/config/sdc-simulator/logback.xml -Djetty.logging.dir=${JETTY_BASE}/logs -Djetty.base=${JETTY_BASE} \"' /docker-entrypoint.sh
-sed -i '/^set -e/aTMPDIR=${JETTY_BASE}\/temp' /docker-entrypoint.sh
+
+cd /root/chef-solo
+chef-solo -c solo.rb -E ${ENVNAME}
+rc=$?
+if [[ $rc != 0 ]]; then
+ echo "Chef exaction failed."
+ exit $rc;
+fi
+
+JAVA_OPTIONS=" ${JAVA_OPTIONS} \
+ -Dconfig.home=${JETTY_BASE}/config/sdc-simulator \
+ -Dlog.home=${JETTY_BASE}/logs \
+ -Dlogback.configurationFile=${JETTY_BASE}/config/sdc-simulator/logback.xml \
+ -Djetty.logging.dir=${JETTY_BASE}/logs"
+
+echo "---------------------------------------------"
+echo $TMPDIR
+echo $JAVA_OPTIONS
+echo $JETTY_BASE
+echo "---------------------------------------------"
cd /var/lib/jetty
/docker-entrypoint.sh