Example 1 with SSLHandlerFactory
use of co.cask.cdap.security.tools.SSLHandlerFactory in project cdap by caskdata.
the class AppFabricServer method startUp.
/**
* Configures the AppFabricService pre-start.
*/
@Override
protected void startUp() throws Exception {
LoggingContextAccessor.setLoggingContext(new ServiceLoggingContext(NamespaceId.SYSTEM.getNamespace(), Constants.Logging.COMPONENT_NAME, Constants.Service.APP_FABRIC_HTTP));
Futures.allAsList(ImmutableList.of(notificationService.start(), applicationLifecycleService.start(), systemArtifactLoader.start(), programRuntimeService.start(), streamCoordinatorClient.start(), programLifecycleService.start(), pluginService.start(), coreSchedulerService.start())).get();
int serverPort;
if (sslEnabled) {
serverPort = cConf.getInt(Constants.AppFabric.SERVER_SSL_PORT);
String password = generateRandomPassword();
KeyStore ks = KeyStores.generatedCertKeyStore(sConf, password);
this.sslHandlerFactory = new SSLHandlerFactory(ks, password);
} else {
serverPort = cConf.getInt(Constants.AppFabric.SERVER_PORT);
this.sslHandlerFactory = null;
}
// Create handler hooks
ImmutableList.Builder<HandlerHook> builder = ImmutableList.builder();
for (String hook : handlerHookNames) {
builder.add(new MetricsReporterHook(metricsCollectionService, hook));
}
// Run http service on random port
NettyHttpService.Builder httpServiceBuilder = new CommonNettyHttpServiceBuilder(cConf, Constants.Service.APP_FABRIC_HTTP).setHost(hostname.getCanonicalHostName()).setPort(serverPort).setHandlerHooks(builder.build()).addHttpHandlers(handlers).setConnectionBacklog(cConf.getInt(Constants.AppFabric.BACKLOG_CONNECTIONS, Constants.AppFabric.DEFAULT_BACKLOG)).setExecThreadPoolSize(cConf.getInt(Constants.AppFabric.EXEC_THREADS, Constants.AppFabric.DEFAULT_EXEC_THREADS)).setBossThreadPoolSize(cConf.getInt(Constants.AppFabric.BOSS_THREADS, Constants.AppFabric.DEFAULT_BOSS_THREADS)).setWorkerThreadPoolSize(cConf.getInt(Constants.AppFabric.WORKER_THREADS, Constants.AppFabric.DEFAULT_WORKER_THREADS));
if (sslEnabled) {
httpServiceBuilder.modifyChannelPipeline(new Function<ChannelPipeline, ChannelPipeline>() {
@Override
public ChannelPipeline apply(ChannelPipeline input) {
LOG.debug("Adding ssl handler to the pipeline.");
SslHandler sslHandler = sslHandlerFactory.create();
// SSL handler needs to be the first handler in the pipeline.
input.addFirst("ssl", sslHandler);
return input;
}
});
}
httpService = httpServiceBuilder.build();
// Add a listener so that when the service started, register with service discovery.
// Remove from service discovery when it is stopped.
httpService.addListener(new ServiceListenerAdapter() {
private List<Cancellable> cancellables = Lists.newArrayList();
@Override
public void running() {
String announceAddress = cConf.get(Constants.Service.MASTER_SERVICES_ANNOUNCE_ADDRESS, httpService.getBindAddress().getHostName());
int announcePort = cConf.getInt(Constants.AppFabric.SERVER_ANNOUNCE_PORT, httpService.getBindAddress().getPort());
final InetSocketAddress socketAddress = new InetSocketAddress(announceAddress, announcePort);
LOG.info("AppFabric HTTP Service announced at {}", socketAddress);
// Tag the discoverable's payload to mark it as supporting ssl.
byte[] sslPayload = sslEnabled ? Constants.Security.SSL_URI_SCHEME.getBytes() : Bytes.EMPTY_BYTE_ARRAY;
// When it is running, register it with service discovery
for (final String serviceName : servicesNames) {
cancellables.add(discoveryService.register(ResolvingDiscoverable.of(new Discoverable(serviceName, socketAddress, sslPayload))));
}
}
@Override
public void terminated(State from) {
LOG.info("AppFabric HTTP service stopped.");
for (Cancellable cancellable : cancellables) {
if (cancellable != null) {
cancellable.cancel();
}
}
}
@Override
public void failed(State from, Throwable failure) {
LOG.info("AppFabric HTTP service stopped with failure.", failure);
for (Cancellable cancellable : cancellables) {
if (cancellable != null) {
cancellable.cancel();
}
}
}
}, Threads.SAME_THREAD_EXECUTOR);
httpService.startAndWait();
defaultNamespaceEnsurer.startAndWait();
if (appVersionUpgradeService != null) {
appVersionUpgradeService.startAndWait();
}
}
Also used :
ResolvingDiscoverable(co.cask.cdap.common.discovery.ResolvingDiscoverable)
Discoverable(org.apache.twill.discovery.Discoverable)
MetricsReporterHook(co.cask.cdap.common.metrics.MetricsReporterHook)
CommonNettyHttpServiceBuilder(co.cask.cdap.common.http.CommonNettyHttpServiceBuilder)
ImmutableList(com.google.common.collect.ImmutableList)
Cancellable(org.apache.twill.common.Cancellable)
InetSocketAddress(java.net.InetSocketAddress)
ServiceListenerAdapter(org.apache.twill.internal.ServiceListenerAdapter)
HandlerHook(co.cask.http.HandlerHook)
ServiceLoggingContext(co.cask.cdap.common.logging.ServiceLoggingContext)
KeyStore(java.security.KeyStore)
ChannelPipeline(org.jboss.netty.channel.ChannelPipeline)
SslHandler(org.jboss.netty.handler.ssl.SslHandler)
NettyHttpService(co.cask.http.NettyHttpService)
SSLHandlerFactory(co.cask.cdap.security.tools.SSLHandlerFactory)
Aggregations
ResolvingDiscoverable (co.cask.cdap.common.discovery.ResolvingDiscoverable)1
CommonNettyHttpServiceBuilder (co.cask.cdap.common.http.CommonNettyHttpServiceBuilder)1
ServiceLoggingContext (co.cask.cdap.common.logging.ServiceLoggingContext)1
MetricsReporterHook (co.cask.cdap.common.metrics.MetricsReporterHook)1
SSLHandlerFactory (co.cask.cdap.security.tools.SSLHandlerFactory)1
HandlerHook (co.cask.http.HandlerHook)1
NettyHttpService (co.cask.http.NettyHttpService)1
ImmutableList (com.google.common.collect.ImmutableList)1
InetSocketAddress (java.net.InetSocketAddress)1
KeyStore (java.security.KeyStore)1
Cancellable (org.apache.twill.common.Cancellable)1
Discoverable (org.apache.twill.discovery.Discoverable)1
ServiceListenerAdapter (org.apache.twill.internal.ServiceListenerAdapter)1
ChannelPipeline (org.jboss.netty.channel.ChannelPipeline)1
SslHandler (org.jboss.netty.handler.ssl.SslHandler)1
