Examples with NginxPollerObject com.sequenceiq.cloudbreak.polling.nginx.NginxPollerObject used on opensource projects

Search in sources :

Example 1 with NginxPollerObject

use of com.sequenceiq.cloudbreak.polling.nginx.NginxPollerObject in project cloudbreak by hortonworks.

the class TlsSetupService method setupTls.

public void setupTls(Stack stack, InstanceMetaData gwInstance) throws CloudbreakException {
    try {
        SavingX509TrustManager x509TrustManager = new SavingX509TrustManager();
        TrustManager[] trustManagers = { x509TrustManager };
        SSLContext sslContext = SslConfigurator.newInstance().createSSLContext();
        sslContext.init(null, trustManagers, new SecureRandom());
        Client client = RestClientUtil.createClient(sslContext, false);
        Integer gatewayPort = stack.getGatewayPort();
        String ip = gatewayConfigService.getGatewayIp(stack, gwInstance);
        LOGGER.debug("Trying to fetch the server's certificate: {}:{}", ip, gatewayPort);
        nginxPollerService.pollWithAbsoluteTimeout(nginxCertListenerTask, new NginxPollerObject(client, ip, gatewayPort, x509TrustManager), POLLING_INTERVAL, TEN_MIN, MAX_FAILURE);
        WebTarget nginxTarget = client.target(String.format("https://%s:%d", ip, gatewayPort));
        nginxTarget.path("/").request().get().close();
        X509Certificate[] chain = x509TrustManager.getChain();
        String serverCert = PkiUtil.convert(chain[0]);
        InstanceMetaData metaData = getInstanceMetaData(gwInstance);
        metaData.setServerCert(BaseEncoding.base64().encode(serverCert.getBytes()));
        instanceMetaDataService.save(metaData);
    } catch (Exception e) {
        throw new CloudbreakException("Failed to retrieve the server's certificate from Nginx." + " Please check your security group is open enough and the Management Console can access your VPC and subnet." + " Please also Make sure your Subnets can route to the internet and you have public DNS and IP options enabled." + " Refer to Cloudera documentation at" + " https://docs.cloudera.com/management-console/cloud/proxy/topics/mc-outbound-internet-access-and-proxy.html", e);
    }
}
Also used : SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) X509Certificate(java.security.cert.X509Certificate) CloudbreakException(com.sequenceiq.cloudbreak.service.CloudbreakException) TrustManager(javax.net.ssl.TrustManager) SavingX509TrustManager(com.sequenceiq.cloudbreak.client.CertificateTrustManager.SavingX509TrustManager) InstanceMetaData(com.sequenceiq.cloudbreak.domain.stack.instance.InstanceMetaData) SavingX509TrustManager(com.sequenceiq.cloudbreak.client.CertificateTrustManager.SavingX509TrustManager) NginxPollerObject(com.sequenceiq.cloudbreak.polling.nginx.NginxPollerObject) CloudbreakException(com.sequenceiq.cloudbreak.service.CloudbreakException) WebTarget(javax.ws.rs.client.WebTarget) Client(javax.ws.rs.client.Client)

Example 2 with NginxPollerObject

use of com.sequenceiq.cloudbreak.polling.nginx.NginxPollerObject in project cloudbreak by hortonworks.

the class TlsSetupService method setupTls.

public void setupTls(Long stackId, InstanceMetaData gwInstance) throws CloudbreakException {
    try {
        SavingX509TrustManager x509TrustManager = new SavingX509TrustManager();
        TrustManager[] trustManagers = { x509TrustManager };
        SSLContext sslContext = SslConfigurator.newInstance().createSSLContext();
        sslContext.init(null, trustManagers, new SecureRandom());
        Client client = RestClientUtil.createClient(sslContext, false);
        String ip = gwInstance.getPublicIpWrapper();
        Stack stack = stackRepository.findById(stackId).get();
        Integer gatewayPort = stack.getGatewayport();
        LOGGER.debug("Trying to fetch the server's certificate: {}:{}", ip, gatewayPort);
        nginxPollerService.pollWithAbsoluteTimeout(nginxCertListenerTask, new NginxPollerObject(client, ip, gatewayPort, x509TrustManager), POLLING_INTERVAL, FIVE_MIN, MAX_FAILURE);
        WebTarget nginxTarget = client.target(String.format("https://%s:%d", ip, gatewayPort));
        nginxTarget.path("/").request().get().close();
        X509Certificate[] chain = x509TrustManager.getChain();
        String serverCert = PkiUtil.convert(chain[0]);
        InstanceMetaData metaData = getInstanceMetaData(gwInstance);
        metaData.setServerCert(BaseEncoding.base64().encode(serverCert.getBytes()));
        instanceMetaDataRepository.save(metaData);
    } catch (Exception e) {
        throw new CloudbreakException("Failed to retrieve the server's certificate from Nginx." + " Please check your security group is open enough and Management Console can access your VPC and subnet" + " Please also Make sure your Subnets can route to the internet and you have public DNS and IP options enabled." + " Refer to Cloudera documentation at" + " https://docs.cloudera.com/management-console/cloud/proxy/topics/mc-outbound-internet-access-and-proxy.html", e);
    }
}
Also used : SecureRandom(java.security.SecureRandom) SSLContext(javax.net.ssl.SSLContext) X509Certificate(java.security.cert.X509Certificate) CloudbreakException(com.sequenceiq.cloudbreak.service.CloudbreakException) TrustManager(javax.net.ssl.TrustManager) SavingX509TrustManager(com.sequenceiq.cloudbreak.client.CertificateTrustManager.SavingX509TrustManager) Stack(com.sequenceiq.freeipa.entity.Stack) InstanceMetaData(com.sequenceiq.freeipa.entity.InstanceMetaData) SavingX509TrustManager(com.sequenceiq.cloudbreak.client.CertificateTrustManager.SavingX509TrustManager) NginxPollerObject(com.sequenceiq.cloudbreak.polling.nginx.NginxPollerObject) CloudbreakException(com.sequenceiq.cloudbreak.service.CloudbreakException) WebTarget(javax.ws.rs.client.WebTarget) Client(javax.ws.rs.client.Client)

Aggregations

SavingX509TrustManager (com.sequenceiq.cloudbreak.client.CertificateTrustManager.SavingX509TrustManager)2 NginxPollerObject (com.sequenceiq.cloudbreak.polling.nginx.NginxPollerObject)2 CloudbreakException (com.sequenceiq.cloudbreak.service.CloudbreakException)2 SecureRandom (java.security.SecureRandom)2 X509Certificate (java.security.cert.X509Certificate)2 SSLContext (javax.net.ssl.SSLContext)2 TrustManager (javax.net.ssl.TrustManager)2 Client (javax.ws.rs.client.Client)2 WebTarget (javax.ws.rs.client.WebTarget)2 InstanceMetaData (com.sequenceiq.cloudbreak.domain.stack.instance.InstanceMetaData)1 InstanceMetaData (com.sequenceiq.freeipa.entity.InstanceMetaData)1 Stack (com.sequenceiq.freeipa.entity.Stack)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial