Examples with SecurityConfig com.sequenceiq.cloudbreak.domain.SecurityConfig used on opensource projects

Example 1 with SecurityConfig

use of com.sequenceiq.cloudbreak.domain.SecurityConfig in project cloudbreak by hortonworks.

the class TlsSecurityService method storeSSHKeys.

public SecurityConfig storeSSHKeys() {
    SecurityConfig securityConfig = new SecurityConfig();
    generateClientKeys(securityConfig);
    generateTempSshKeypair(securityConfig);
    generateSaltSignKeypair(securityConfig);
    return securityConfig;
}

Example 2 with SecurityConfig

use of com.sequenceiq.cloudbreak.domain.SecurityConfig in project cloudbreak by hortonworks.

the class TlsSecurityService method getCertificates.

public CertificateResponse getCertificates(Long stackId) {
    SecurityConfig securityConfig = securityConfigRepository.findOneByStackId(stackId);
    if (securityConfig == null) {
        throw new NotFoundException("Security config doesn't exist.");
    }
    String serverCert = instanceMetaDataRepository.getServerCertByStackId(stackId);
    if (serverCert == null) {
        throw new NotFoundException("Server certificate was not found.");
    }
    return new CertificateResponse(decodeBase64(serverCert), securityConfig.getClientKeyDecoded().getBytes(), securityConfig.getClientCertDecoded().getBytes());
}

Example 3 with SecurityConfig

use of com.sequenceiq.cloudbreak.domain.SecurityConfig in project cloudbreak by hortonworks.

the class TestUtil method stack.

public static Stack stack(Status stackStatus, Credential credential) {
    Stack stack = new Stack();
    stack.setStackStatus(new StackStatus(stack, stackStatus, "statusReason", DetailedStackStatus.UNKNOWN));
    stack.setCredential(credential);
    stack.setName("simplestack");
    stack.setOwner("userid");
    stack.setAccount("account");
    stack.setId(1L);
    stack.setInstanceGroups(generateGcpInstanceGroups(3));
    stack.setRegion("region");
    stack.setCreated(123L);
    stack.setCloudPlatform(credential.cloudPlatform());
    stack.setOrchestrator(orchestrator());
    switch(credential.cloudPlatform()) {
        case AWS:
            stack.setInstanceGroups(generateAwsInstanceGroups(3));
            break;
        case GCP:
            stack.setInstanceGroups(generateGcpInstanceGroups(3));
            break;
        case OPENSTACK:
            stack.setInstanceGroups(generateOpenStackInstanceGroups(3));
            break;
        default:
            break;
    }
    stack.setSecurityConfig(new SecurityConfig());
    return stack;
}

Example 4 with SecurityConfig

use of com.sequenceiq.cloudbreak.domain.SecurityConfig in project cloudbreak by hortonworks.

the class StackCreationService method saveTlsInfo.

public Stack saveTlsInfo(StackContext context, TlsInfo tlsInfo) {
    boolean usePrivateIpToTls = tlsInfo.usePrivateIpToTls();
    Stack stack = context.getStack();
    if (usePrivateIpToTls) {
        SecurityConfig securityConfig = stack.getSecurityConfig();
        securityConfig.setUsePrivateIpToTls(usePrivateIpToTls);
        stackUpdater.updateStackSecurityConfig(stack, securityConfig);
        stack = stackService.getByIdWithLists(stack.getId());
        LOGGER.info("Update Stack and it's SecurityConfig to use private ip when TLS is built.");
    }
    return stack;
}

Example 5 with SecurityConfig

use of com.sequenceiq.cloudbreak.domain.SecurityConfig in project cloudbreak by hortonworks.

the class StackService method create.

@Transactional(TxType.NEVER)
public Stack create(IdentityUser user, Stack stack, String imageCatalog, Optional<String> imageId, Optional<Blueprint> blueprint) {
    Stack savedStack;
    stack.setOwner(user.getUserId());
    stack.setAccount(user.getAccount());
    stack.setGatewayPort(nginxPort);
    setPlatformVariant(stack);
    String stackName = stack.getName();
    MDCBuilder.buildMdcContext(stack);
    try {
        if (!stack.getStackAuthentication().passwordAuthenticationRequired() && !Strings.isNullOrEmpty(stack.getStackAuthentication().getPublicKey())) {
            long start = System.currentTimeMillis();
            rsaPublicKeyValidator.validate(stack.getStackAuthentication().getPublicKey());
            LOGGER.info("RSA key has been validated in {} ms fot stack {}", System.currentTimeMillis() - start, stackName);
        }
        if (stack.getOrchestrator() != null) {
            orchestratorRepository.save(stack.getOrchestrator());
        }
        stack.getStackAuthentication().setLoginUserName(SSH_USER_CB);
        long start = System.currentTimeMillis();
        String template = connector.getTemplate(stack);
        LOGGER.info("Get cluster template took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        start = System.currentTimeMillis();
        savedStack = stackRepository.save(stack);
        LOGGER.info("Stackrepository save took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        start = System.currentTimeMillis();
        addTemplateForStack(stack, template);
        LOGGER.info("Save cluster template took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        start = System.currentTimeMillis();
        addCloudbreakDetailsForStack(stack);
        LOGGER.info("Add Cloudbreak template took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        MDCBuilder.buildMdcContext(savedStack);
        start = System.currentTimeMillis();
        instanceGroupRepository.save(savedStack.getInstanceGroups());
        LOGGER.info("Instance groups saved in {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        start = System.currentTimeMillis();
        SecurityConfig securityConfig = tlsSecurityService.storeSSHKeys();
        LOGGER.info("Generating SSH keys took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        start = System.currentTimeMillis();
        securityConfig.setSaltPassword(PasswordUtil.generatePassword());
        securityConfig.setSaltBootPassword(PasswordUtil.generatePassword());
        securityConfig.setKnoxMasterSecret(PasswordUtil.generatePassword());
        LOGGER.info("Generating salt passwords took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        securityConfig.setStack(stack);
        start = System.currentTimeMillis();
        securityConfigRepository.save(securityConfig);
        LOGGER.info("Security config save took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
        savedStack.setSecurityConfig(securityConfig);
        start = System.currentTimeMillis();
        imageService.create(savedStack, connector.getPlatformParameters(stack), imageCatalog, imageId, blueprint);
        LOGGER.info("Image creation took {} ms for stack {}", System.currentTimeMillis() - start, stackName);
    } catch (DataIntegrityViolationException ex) {
        String msg = String.format("Error with resource [%s], error: [%s]", APIResourceType.STACK, getProperSqlErrorMessage(ex));
        throw new BadRequestException(msg);
    } catch (CloudbreakImageNotFoundException e) {
        LOGGER.error("Cloudbreak Image not found", e);
        throw new CloudbreakApiException(e.getMessage(), e);
    } catch (CloudbreakImageCatalogException e) {
        LOGGER.error("Cloudbreak Image Catalog error", e);
        throw new CloudbreakApiException(e.getMessage(), e);
    }
    return savedStack;
}