Examples with FreeIpa com.sequenceiq.freeipa.entity.FreeIpa used on opensource projects

Search in sources :

Example 71 with FreeIpa

use of com.sequenceiq.freeipa.entity.FreeIpa in project cloudbreak by hortonworks.

the class KerberosConfigRegisterService method createKerberosConfig.

public KerberosConfig createKerberosConfig(Long stackId, String dn, String password, String clusterName, String environmentCrn) {
    FreeIpa freeIpa = getFreeIpaService().findByStackId(stackId);
    Stack stack = getStackWithInstanceMetadata(stackId);
    if (StringUtils.isEmpty(environmentCrn)) {
        environmentCrn = stack.getEnvironmentCrn();
    }
    KerberosConfig kerberosConfig = new KerberosConfig();
    kerberosConfig.setDomain(freeIpa.getDomain());
    kerberosConfig.setEnvironmentCrn(environmentCrn);
    kerberosConfig.setName(stack.getName());
    kerberosConfig.setPrincipal(dn);
    kerberosConfig.setRealm(freeIpa.getDomain().toUpperCase());
    kerberosConfig.setType(KerberosType.FREEIPA);
    Set<InstanceMetaData> allNotDeletedInstances = stack.getInstanceGroups().stream().flatMap(instanceGroup -> instanceGroup.getNotDeletedInstanceMetaDataSet().stream()).collect(Collectors.toSet());
    String allFreeIpaIpJoined = allNotDeletedInstances.stream().map(InstanceMetaData::getPrivateIp).collect(Collectors.joining(","));
    kerberosConfig.setNameServers(allFreeIpaIpJoined);
    addServerAddress(freeIpa, stack, kerberosConfig, allNotDeletedInstances);
    kerberosConfig.setPassword(StringUtils.isBlank(password) ? freeIpa.getAdminPassword() : password);
    kerberosConfig.setClusterName(clusterName);
    return kerberosConfigService.createKerberosConfig(kerberosConfig, stack.getAccountId());
}
Also used : InstanceMetaData(com.sequenceiq.freeipa.entity.InstanceMetaData) Logger(org.slf4j.Logger) FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa) LoggerFactory(org.slf4j.LoggerFactory) Set(java.util.Set) Collectors(java.util.stream.Collectors) StringUtils(org.apache.commons.lang3.StringUtils) Inject(javax.inject.Inject) Service(org.springframework.stereotype.Service) KerberosConfigService(com.sequenceiq.freeipa.kerberos.KerberosConfigService) KerberosConfig(com.sequenceiq.freeipa.kerberos.KerberosConfig) BalancedDnsAvailabilityChecker(com.sequenceiq.freeipa.util.BalancedDnsAvailabilityChecker) KerberosType(com.sequenceiq.freeipa.api.v1.kerberos.model.KerberosType) NotFoundException(com.sequenceiq.cloudbreak.common.exception.NotFoundException) InstanceMetaData(com.sequenceiq.freeipa.entity.InstanceMetaData) Stack(com.sequenceiq.freeipa.entity.Stack) FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa) KerberosConfig(com.sequenceiq.freeipa.kerberos.KerberosConfig) Stack(com.sequenceiq.freeipa.entity.Stack)

Example 72 with FreeIpa

use of com.sequenceiq.freeipa.entity.FreeIpa in project cloudbreak by hortonworks.

the class LdapConfigRegisterService method createLdapConfig.

public LdapConfig createLdapConfig(Long stackId, String bindDn, String bindPassword, String clusterName, String environmentCrn) {
    Stack stack = getStackWithInstanceMetadata(stackId);
    if (StringUtils.isEmpty(environmentCrn)) {
        environmentCrn = stack.getEnvironmentCrn();
    }
    FreeIpa freeIpa = getFreeIpaService().findByStackId(stackId);
    String adminGroupName = StringUtils.isNotEmpty(freeIpa.getAdminGroupName()) ? freeIpa.getAdminGroupName() : "";
    LdapConfig ldapConfig = new LdapConfig();
    ldapConfig.setName(stack.getName());
    ldapConfig.setEnvironmentCrn(environmentCrn);
    ldapConfig.setAdminGroup(adminGroupName);
    ldapConfig.setUserGroup(USER_GROUP);
    String domainComponent = generateDomainComponent(freeIpa);
    ldapConfig.setBindDn(StringUtils.isBlank(bindDn) ? BIND_DN + domainComponent : bindDn);
    ldapConfig.setUserSearchBase(USER_SEARCH_BASE + domainComponent);
    ldapConfig.setGroupSearchBase(GROUP_SEARCH_BASE + domainComponent);
    ldapConfig.setUserDnPattern(USER_DN_PATTERN + domainComponent);
    addServerHost(stack, freeIpa, ldapConfig);
    ldapConfig.setProtocol(PROTOCOL);
    ldapConfig.setServerPort(SERVER_PORT);
    ldapConfig.setDomain(freeIpa.getDomain());
    ldapConfig.setBindPassword(StringUtils.isBlank(bindPassword) ? freeIpa.getAdminPassword() : bindPassword);
    ldapConfig.setDirectoryType(DirectoryType.LDAP);
    ldapConfig.setUserNameAttribute(USER_NAME_ATTRIBUTE);
    ldapConfig.setUserObjectClass(USER_OBJECT_CLASS);
    ldapConfig.setGroupMemberAttribute(GROUP_MEMBER_ATTRIBUTE);
    ldapConfig.setGroupNameAttribute(GROUP_NAME_ATTRIBUTE);
    ldapConfig.setGroupObjectClass(GROUP_OBJECT_CLASS);
    ldapConfig.setClusterName(clusterName);
    return ldapConfigService.createLdapConfig(ldapConfig, stack.getAccountId());
}
Also used : LdapConfig(com.sequenceiq.freeipa.ldap.LdapConfig) FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa) Stack(com.sequenceiq.freeipa.entity.Stack)

Example 73 with FreeIpa

use of com.sequenceiq.freeipa.entity.FreeIpa in project cloudbreak by hortonworks.

the class ClusterProxyService method registerFreeIpa.

private Optional<ConfigRegistrationResponse> registerFreeIpa(Stack stack, List<String> instanceIdsToRegister, boolean bootstrap, boolean waitForGoodHealth) {
    MDCBuilder.buildMdcContext(stack);
    if (!clusterProxyEnablementService.isClusterProxyApplicable(stack.getCloudPlatform())) {
        LOGGER.debug("Cluster Proxy integration disabled. Skipping registering FreeIpa [{}]", stack);
        return Optional.empty();
    }
    LOGGER.debug("Registering freeipa with cluster-proxy: Environment CRN = [{}], Stack CRN = [{}], bootstrap: [{}], waitForGoodHealth: [{}]", stack.getEnvironmentCrn(), stack.getResourceCrn(), bootstrap, waitForGoodHealth);
    GatewayConfig primaryGatewayConfig = gatewayConfigService.getPrimaryGatewayConfig(stack);
    List<GatewayConfig> gatewayConfigs = gatewayConfigService.getNotDeletedGatewayConfigs(stack);
    ClientCertificate clientCertificate = clientCertificates(stack);
    boolean preferPrivateIp = stack.getTunnel().useCcm();
    List<GatewayConfig> tunnelGatewayConfigs;
    List<ClusterServiceConfig> serviceConfigs = new LinkedList<>();
    serviceConfigs.add(createServiceConfig(stack, FREEIPA_SERVICE_NAME, primaryGatewayConfig, clientCertificate, preferPrivateIp));
    if (bootstrap) {
        tunnelGatewayConfigs = List.of(primaryGatewayConfig);
        serviceConfigs.add(createServiceConfig(stack, generateFreeIpaFqdn(stack), primaryGatewayConfig, clientCertificate, preferPrivateIp));
    } else if (clusterProxyServiceAvailabilityChecker.isDnsBasedServiceNameAvailable(stack)) {
        List<GatewayConfig> targetGatewayConfigs = gatewayConfigs.stream().filter(gatewayConfig -> Objects.nonNull(gatewayConfig.getInstanceId())).filter(gatewayConfig -> Objects.isNull(instanceIdsToRegister) || instanceIdsToRegister.contains(gatewayConfig.getInstanceId())).collect(Collectors.toList());
        serviceConfigs.addAll(createDnsMappedServiceConfigs(stack, targetGatewayConfigs, clientCertificate, preferPrivateIp));
        tunnelGatewayConfigs = targetGatewayConfigs;
    } else {
        tunnelGatewayConfigs = List.of(primaryGatewayConfig);
    }
    ConfigRegistrationRequestBuilder requestBuilder = new ConfigRegistrationRequestBuilder(stack.getResourceCrn()).withServices(serviceConfigs).withAccountId(stack.getAccountId());
    if (stack.getTunnel().useCcmV1()) {
        requestBuilder.withTunnelEntries(createTunnelEntries(stack, tunnelGatewayConfigs));
    } else if (stack.getTunnel().useCcmV2OrJumpgate()) {
        requestBuilder.withCcmV2Entries(createCcmV2Configs(stack, tunnelGatewayConfigs));
    }
    ConfigRegistrationRequest request = requestBuilder.build();
    LOGGER.debug("Registering cluster proxy configuration [{}]", request);
    ConfigRegistrationResponse response = clusterProxyRegistrationClient.registerConfig(request);
    if (waitForGoodHealth) {
        pollForGoodHealth(stack);
    }
    stackUpdater.updateClusterProxyRegisteredFlag(stack, true);
    return Optional.of(response);
}
Also used : FreeIpaCertVaultComponent(com.sequenceiq.freeipa.vault.FreeIpaCertVaultComponent) CCMV2_BACKEND_ID_FORMAT(com.sequenceiq.cloudbreak.ccm.cloudinit.CcmV2ParameterConstants.CCMV2_BACKEND_ID_FORMAT) FreeIpaDomainUtils(com.sequenceiq.freeipa.service.config.FreeIpaDomainUtils) LoggerFactory(org.slf4j.LoggerFactory) ConfigRegistrationRequestBuilder(com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationRequestBuilder) ConfigRegistrationResponse(com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationResponse) MDCBuilder(com.sequenceiq.cloudbreak.logger.MDCBuilder) JsonUtil(com.sequenceiq.cloudbreak.common.json.JsonUtil) ConfigRegistrationRequest(com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationRequest) StringUtils(org.apache.commons.lang3.StringUtils) ClusterProxyConfiguration(com.sequenceiq.cloudbreak.clusterproxy.ClusterProxyConfiguration) Inject(javax.inject.Inject) Value(org.springframework.beans.factory.annotation.Value) VaultSecret(com.sequenceiq.cloudbreak.service.secret.vault.VaultSecret) TunnelEntry(com.sequenceiq.cloudbreak.clusterproxy.TunnelEntry) Service(org.springframework.stereotype.Service) LinkedList(java.util.LinkedList) ServiceFamilies(com.sequenceiq.cloudbreak.ccm.endpoint.ServiceFamilies) Tunnel(com.sequenceiq.common.api.type.Tunnel) Stack(com.sequenceiq.freeipa.entity.Stack) VaultConfigException(com.sequenceiq.cloudbreak.service.secret.vault.VaultConfigException) ClientCertificate(com.sequenceiq.cloudbreak.clusterproxy.ClientCertificate) ClusterServiceConfig(com.sequenceiq.cloudbreak.clusterproxy.ClusterServiceConfig) Logger(org.slf4j.Logger) FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa) ClusterServiceHealthCheck(com.sequenceiq.cloudbreak.clusterproxy.ClusterServiceHealthCheck) ReadConfigResponse(com.sequenceiq.cloudbreak.clusterproxy.ReadConfigResponse) IOException(java.io.IOException) ServiceEndpointHealthListenerTask(com.sequenceiq.freeipa.service.polling.clusterproxy.ServiceEndpointHealthListenerTask) SecurityConfigService(com.sequenceiq.freeipa.service.SecurityConfigService) ClusterProxyServiceAvailabilityChecker(com.sequenceiq.freeipa.util.ClusterProxyServiceAvailabilityChecker) ClusterProxyEnablementService(com.sequenceiq.cloudbreak.clusterproxy.ClusterProxyEnablementService) ServiceEndpointHealthPollerObject(com.sequenceiq.freeipa.service.polling.clusterproxy.ServiceEndpointHealthPollerObject) Collectors(java.util.stream.Collectors) Objects(java.util.Objects) SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) List(java.util.List) ClusterProxyRegistrationClient(com.sequenceiq.cloudbreak.clusterproxy.ClusterProxyRegistrationClient) GatewayConfigService(com.sequenceiq.freeipa.service.GatewayConfigService) PollingService(com.sequenceiq.cloudbreak.polling.PollingService) FreeIpaService(com.sequenceiq.freeipa.service.freeipa.FreeIpaService) CcmV2Config(com.sequenceiq.cloudbreak.clusterproxy.CcmV2Config) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig) Optional(java.util.Optional) HealthCheckAvailabilityChecker(com.sequenceiq.freeipa.util.HealthCheckAvailabilityChecker) ConfigRegistrationResponse(com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationResponse) ClusterServiceConfig(com.sequenceiq.cloudbreak.clusterproxy.ClusterServiceConfig) LinkedList(java.util.LinkedList) List(java.util.List) ConfigRegistrationRequest(com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationRequest) ConfigRegistrationRequestBuilder(com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationRequestBuilder) ClientCertificate(com.sequenceiq.cloudbreak.clusterproxy.ClientCertificate) LinkedList(java.util.LinkedList) GatewayConfig(com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)

Example 74 with FreeIpa

use of com.sequenceiq.freeipa.entity.FreeIpa in project cloudbreak by hortonworks.

the class FreeIpaCreationService method launchFreeIpa.

public DescribeFreeIpaResponse launchFreeIpa(CreateFreeIpaRequest request, String accountId) {
    String userCrn = crnService.getUserCrn();
    Future<String> ownerFuture = initiateOwnerFetching(userCrn);
    Credential credential = credentialService.getCredentialByEnvCrn(request.getEnvironmentCrn());
    DetailedEnvironmentResponse environment = measure(() -> cachedEnvironmentClientService.getByCrn(request.getEnvironmentCrn()), LOGGER, "Environment properties were queried under {} ms for environment {}", request.getEnvironmentCrn());
    Stack stack = stackConverter.convert(request, environment, accountId, ownerFuture, userCrn, credential.getCloudPlatform());
    stack.setAppVersion(appVersion);
    GetPlatformTemplateRequest getPlatformTemplateRequest = templateService.triggerGetTemplate(stack, credential);
    Telemetry telemetry = stack.getTelemetry();
    if (telemetry != null) {
        telemetry.setRules(accountTelemetryService.getAnonymizationRules(accountId));
    }
    cloudStorageFolderResolverService.updateStorageLocation(telemetry, FluentClusterType.FREEIPA.value(), stack.getName(), stack.getResourceCrn());
    stack.setTelemetry(telemetry);
    Backup backup = stack.getBackup();
    backup = cloudBackupFolderResolverService.updateStorageLocation(backup, BackupClusterType.FREEIPA.value(), stack.getName(), stack.getResourceCrn());
    stack.setBackup(backup);
    fillInstanceMetadata(stack, environment);
    String template = templateService.waitGetTemplate(getPlatformTemplateRequest);
    stack.setTemplate(template);
    SecurityConfig securityConfig = tlsSecurityService.generateSecurityKeys(accountId);
    multiAzValidator.validateMultiAzForStack(stack.getPlatformvariant(), stack.getInstanceGroups());
    freeIpaRecommendationService.validateCustomInstanceType(stack, credential);
    try {
        Triple<Stack, ImageEntity, FreeIpa> stackImageFreeIpaTuple = transactionService.required(() -> {
            SecurityConfig savedSecurityConfig = securityConfigService.save(securityConfig);
            stack.setSecurityConfig(savedSecurityConfig);
            Stack savedStack = stackService.save(stack);
            ImageSettingsRequest imageSettingsRequest = request.getImage();
            ImageEntity image = imageService.create(savedStack, Objects.nonNull(imageSettingsRequest) ? imageSettingsRequest : new ImageSettingsRequest());
            FreeIpa freeIpa = freeIpaService.create(savedStack, request.getFreeIpa());
            return Triple.of(savedStack, image, freeIpa);
        });
        flowManager.notify(FlowChainTriggers.PROVISION_TRIGGER_EVENT, new StackEvent(FlowChainTriggers.PROVISION_TRIGGER_EVENT, stackImageFreeIpaTuple.getLeft().getId()));
        InMemoryStateStore.putStack(stack.getId(), PollGroup.POLLABLE);
        return stackToDescribeFreeIpaResponseConverter.convert(stackImageFreeIpaTuple.getLeft(), stackImageFreeIpaTuple.getMiddle(), stackImageFreeIpaTuple.getRight(), Optional.empty(), false);
    } catch (TransactionService.TransactionExecutionException e) {
        LOGGER.error("Creation of FreeIPA failed", e);
        throw new BadRequestException("Creation of FreeIPA failed: " + e.getCause().getMessage(), e);
    }
}
Also used : Credential(com.sequenceiq.freeipa.dto.Credential) ImageSettingsRequest(com.sequenceiq.freeipa.api.v1.freeipa.stack.model.common.image.ImageSettingsRequest) TransactionService(com.sequenceiq.cloudbreak.common.service.TransactionService) ImageEntity(com.sequenceiq.freeipa.entity.ImageEntity) Backup(com.sequenceiq.freeipa.api.model.Backup) Telemetry(com.sequenceiq.common.api.telemetry.model.Telemetry) Stack(com.sequenceiq.freeipa.entity.Stack) FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa) StackEvent(com.sequenceiq.freeipa.flow.stack.StackEvent) SecurityConfig(com.sequenceiq.freeipa.entity.SecurityConfig) DetailedEnvironmentResponse(com.sequenceiq.environment.api.v1.environment.model.response.DetailedEnvironmentResponse) BadRequestException(com.sequenceiq.cloudbreak.common.exception.BadRequestException) GetPlatformTemplateRequest(com.sequenceiq.cloudbreak.cloud.event.platform.GetPlatformTemplateRequest)

Example 75 with FreeIpa

use of com.sequenceiq.freeipa.entity.FreeIpa in project cloudbreak by hortonworks.

the class CcmUserDataService method getGatewayFqdn.

private String getGatewayFqdn(Stack stack) {
    FreeIpa freeIpa = freeIpaService.findByStack(stack);
    String gatewayHostName = hostDiscoveryService.generateHostname(freeIpa.getHostname(), null, 0, false);
    return hostDiscoveryService.determineGatewayFqdn(gatewayHostName, freeIpa.getDomain());
}
Also used : FreeIpa(com.sequenceiq.freeipa.entity.FreeIpa)

Aggregations

FreeIpa (com.sequenceiq.freeipa.entity.FreeIpa)75 Stack (com.sequenceiq.freeipa.entity.Stack)62 Test (org.junit.jupiter.api.Test)50 GatewayConfig (com.sequenceiq.cloudbreak.orchestrator.model.GatewayConfig)12 ParameterizedTest (org.junit.jupiter.params.ParameterizedTest)11 AddDnsARecordRequest (com.sequenceiq.freeipa.api.v1.dns.model.AddDnsARecordRequest)10 AddDnsCnameRecordRequest (com.sequenceiq.freeipa.api.v1.dns.model.AddDnsCnameRecordRequest)10 FreeIpaClientException (com.sequenceiq.freeipa.client.FreeIpaClientException)10 ImageEntity (com.sequenceiq.freeipa.entity.ImageEntity)10 InstanceMetaData (com.sequenceiq.freeipa.entity.InstanceMetaData)8 InstanceGroup (com.sequenceiq.freeipa.entity.InstanceGroup)7 JsonRpcClientException (com.googlecode.jsonrpc4j.JsonRpcClientException)6 HttpClientConfig (com.sequenceiq.cloudbreak.client.HttpClientConfig)6 DnsRecord (com.sequenceiq.freeipa.client.model.DnsRecord)6 Set (java.util.Set)6 ClusterServiceConfig (com.sequenceiq.cloudbreak.clusterproxy.ClusterServiceConfig)5 ConfigRegistrationRequest (com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationRequest)5 ConfigRegistrationResponse (com.sequenceiq.cloudbreak.clusterproxy.ConfigRegistrationResponse)5 DetailedEnvironmentResponse (com.sequenceiq.environment.api.v1.environment.model.response.DetailedEnvironmentResponse)5 Optional (java.util.Optional)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial