Search in sources :

Example 21 with GemFireConfigException

use of org.apache.geode.GemFireConfigException in project geode by apache.

the class GemFireCacheImpl method requestSharedConfiguration.

/**
   * Request the shared configuration from the locator(s) which have the Cluster config service
   * running
   */
private ConfigurationResponse requestSharedConfiguration() {
    final DistributionConfig config = this.system.getConfig();
    if (!(this.dm instanceof DistributionManager)) {
        return null;
    }
    // do nothing if this vm is/has locator or this is a client
    if (this.dm.getDMType() == DistributionManager.LOCATOR_DM_TYPE || this.isClient || Locator.getLocator() != null) {
        return null;
    }
    // can't simply return null if server is not using shared configuration, since we need to find
    // out
    // if the locator is running in secure mode or not, if yes, then we need to throw an exception
    // if server is not using cluster config
    Map<InternalDistributedMember, Collection<String>> scl = getDistributionManager().getAllHostedLocatorsWithSharedConfiguration();
    // then do not make requests to the locators
    if (scl.isEmpty()) {
        logger.info(LocalizedMessage.create(LocalizedStrings.GemFireCache_NO_LOCATORS_FOUND_WITH_SHARED_CONFIGURATION));
        return null;
    }
    List<String> locatorConnectionStrings = getSharedConfigLocatorConnectionStringList();
    try {
        ConfigurationResponse response = ClusterConfigurationLoader.requestConfigurationFromLocators(this.system.getConfig(), locatorConnectionStrings);
        // log the configuration received from the locator
        logger.info(LocalizedMessage.create(LocalizedStrings.GemFireCache_RECEIVED_SHARED_CONFIGURATION_FROM_LOCATORS));
        logger.info(response.describeConfig());
        Configuration clusterConfig = response.getRequestedConfiguration().get(ClusterConfigurationService.CLUSTER_CONFIG);
        Properties clusterSecProperties = clusterConfig == null ? new Properties() : clusterConfig.getGemfireProperties();
        // If not using shared configuration, return null or throw an exception is locator is secured
        if (!config.getUseSharedConfiguration()) {
            if (clusterSecProperties.containsKey(ConfigurationProperties.SECURITY_MANAGER)) {
                throw new GemFireConfigException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION_2.toLocalizedString());
            } else {
                logger.info(LocalizedMessage.create(LocalizedStrings.GemFireCache_NOT_USING_SHARED_CONFIGURATION));
                return null;
            }
        }
        Properties serverSecProperties = config.getSecurityProps();
        // check for possible mis-configuration
        if (isMisConfigured(clusterSecProperties, serverSecProperties, ConfigurationProperties.SECURITY_MANAGER) || isMisConfigured(clusterSecProperties, serverSecProperties, ConfigurationProperties.SECURITY_POST_PROCESSOR)) {
            throw new GemFireConfigException(LocalizedStrings.GEMFIRE_CACHE_SECURITY_MISCONFIGURATION.toLocalizedString());
        }
        return response;
    } catch (ClusterConfigurationNotAvailableException e) {
        throw new GemFireConfigException(LocalizedStrings.GemFireCache_SHARED_CONFIGURATION_NOT_AVAILABLE.toLocalizedString(), e);
    } catch (UnknownHostException e) {
        throw new GemFireConfigException(e.getLocalizedMessage(), e);
    }
}
Also used : ConfigurationResponse(org.apache.geode.management.internal.configuration.messages.ConfigurationResponse) Configuration(org.apache.geode.management.internal.configuration.domain.Configuration) UnknownHostException(java.net.UnknownHostException) ConfigurationProperties(org.apache.geode.distributed.ConfigurationProperties) Properties(java.util.Properties) DistributionConfig(org.apache.geode.distributed.internal.DistributionConfig) InternalDistributedMember(org.apache.geode.distributed.internal.membership.InternalDistributedMember) GemFireConfigException(org.apache.geode.GemFireConfigException) Collection(java.util.Collection) ClusterConfigurationNotAvailableException(org.apache.geode.internal.process.ClusterConfigurationNotAvailableException) DistributionManager(org.apache.geode.distributed.internal.DistributionManager)

Example 22 with GemFireConfigException

use of org.apache.geode.GemFireConfigException in project geode by apache.

the class GMSMemberFactory method newMembershipManager.

public MembershipManager newMembershipManager(DistributedMembershipListener listener, DistributionConfig config, RemoteTransportConfig transport, DMStats stats) throws DistributionException {
    Services services = new Services(listener, config, transport, stats);
    try {
        services.init();
        services.start();
    } catch (ConnectionException e) {
        throw new DistributionException(LocalizedStrings.MemberFactory_UNABLE_TO_CREATE_MEMBERSHIP_MANAGER.toLocalizedString(), e);
    } catch (GemFireConfigException | SystemConnectException | GemFireSecurityException e) {
        throw e;
    } catch (RuntimeException e) {
        Services.getLogger().error("Unexpected problem starting up membership services", e);
        throw new SystemConnectException("Problem starting up membership services", e);
    }
    return (MembershipManager) services.getManager();
}
Also used : MemberServices(org.apache.geode.distributed.internal.membership.MemberServices) GemFireSecurityException(org.apache.geode.security.GemFireSecurityException) GemFireConfigException(org.apache.geode.GemFireConfigException) MembershipManager(org.apache.geode.distributed.internal.membership.MembershipManager) DistributionException(org.apache.geode.distributed.internal.DistributionException) ConnectionException(org.apache.geode.internal.tcp.ConnectionException) SystemConnectException(org.apache.geode.SystemConnectException)

Example 23 with GemFireConfigException

use of org.apache.geode.GemFireConfigException in project geode by apache.

the class GMSUtil method parseLocators.

public static List<InetSocketAddress> parseLocators(String locatorsString, InetAddress bindAddress) {
    List<InetSocketAddress> result = new ArrayList<>(2);
    String host;
    int port;
    boolean checkLoopback = (bindAddress != null);
    boolean isLoopback = (checkLoopback && bindAddress.isLoopbackAddress());
    StringTokenizer parts = new StringTokenizer(locatorsString, ",");
    while (parts.hasMoreTokens()) {
        try {
            String str = parts.nextToken();
            host = str.substring(0, str.indexOf('['));
            int idx = host.lastIndexOf('@');
            if (idx < 0) {
                idx = host.lastIndexOf(':');
            }
            String start = host.substring(0, idx > -1 ? idx : host.length());
            if (start.indexOf(':') >= 0) {
                // a single numeric ipv6 address
                idx = host.lastIndexOf('@');
            }
            if (idx >= 0) {
                host = host.substring(idx + 1, host.length());
            }
            int startIdx = str.indexOf('[') + 1;
            int endIdx = str.indexOf(']');
            port = Integer.parseInt(str.substring(startIdx, endIdx));
            InetSocketAddress isa = new InetSocketAddress(host, port);
            if (checkLoopback) {
                if (isLoopback && !isa.getAddress().isLoopbackAddress()) {
                    throw new GemFireConfigException("This process is attempting to join with a loopback address (" + bindAddress + ") using a locator that does not have a local address (" + isa + ").  On Unix this usually means that /etc/hosts is misconfigured.");
                }
            }
            result.add(isa);
        } catch (NumberFormatException e) {
        // this shouldn't happen because the config has already been parsed and
        // validated
        }
    }
    return result;
}
Also used : StringTokenizer(java.util.StringTokenizer) GemFireConfigException(org.apache.geode.GemFireConfigException) InetSocketAddress(java.net.InetSocketAddress) ArrayList(java.util.ArrayList)

Example 24 with GemFireConfigException

use of org.apache.geode.GemFireConfigException in project geode by apache.

the class GMSHealthMonitor method createServerSocket.

ServerSocket createServerSocket(InetAddress socketAddress, int[] portRange) {
    ServerSocket serverSocket;
    try {
        serverSocket = SocketCreatorFactory.getSocketCreatorForComponent(SecurableCommunicationChannel.CLUSTER).createServerSocketUsingPortRange(socketAddress, 50, /* backlog */
        true, /* isBindAddress */
        false, /* useNIO */
        65536, /* tcpBufferSize */
        portRange, false);
        socketPort = serverSocket.getLocalPort();
    } catch (IOException | SystemConnectException e) {
        throw new GemFireConfigException("Unable to allocate a failure detection port in the membership-port range", e);
    }
    return serverSocket;
}
Also used : GemFireConfigException(org.apache.geode.GemFireConfigException) ServerSocket(java.net.ServerSocket) IOException(java.io.IOException) SystemConnectException(org.apache.geode.SystemConnectException)

Example 25 with GemFireConfigException

use of org.apache.geode.GemFireConfigException in project geode by apache.

the class JettyHelper method initJetty.

public static Server initJetty(final String bindAddress, final int port, SSLConfig sslConfig) {
    final Server jettyServer = new Server();
    // Add a handler collection here, so that each new context adds itself
    // to this collection.
    jettyServer.setHandler(new HandlerCollection());
    ServerConnector connector = null;
    HttpConfiguration httpConfig = new HttpConfiguration();
    httpConfig.setSecureScheme(HTTPS);
    httpConfig.setSecurePort(port);
    if (sslConfig.isEnabled()) {
        SslContextFactory sslContextFactory = new SslContextFactory();
        if (StringUtils.isNotBlank(sslConfig.getAlias())) {
            sslContextFactory.setCertAlias(sslConfig.getAlias());
        }
        sslContextFactory.setNeedClientAuth(sslConfig.isRequireAuth());
        if (StringUtils.isNotBlank(sslConfig.getCiphers()) && !"any".equalsIgnoreCase(sslConfig.getCiphers())) {
            // If use has mentioned "any" let the SSL layer decide on the ciphers
            sslContextFactory.setIncludeCipherSuites(SSLUtil.readArray(sslConfig.getCiphers()));
        }
        String protocol = SSLUtil.getSSLAlgo(SSLUtil.readArray(sslConfig.getProtocols()));
        if (protocol != null) {
            sslContextFactory.setProtocol(protocol);
        } else {
            logger.warn(ManagementStrings.SSL_PROTOCOAL_COULD_NOT_BE_DETERMINED);
        }
        if (StringUtils.isBlank(sslConfig.getKeystore())) {
            throw new GemFireConfigException("Key store can't be empty if SSL is enabled for HttpService");
        }
        sslContextFactory.setKeyStorePath(sslConfig.getKeystore());
        if (StringUtils.isNotBlank(sslConfig.getKeystoreType())) {
            sslContextFactory.setKeyStoreType(sslConfig.getKeystoreType());
        }
        if (StringUtils.isNotBlank(sslConfig.getKeystorePassword())) {
            sslContextFactory.setKeyStorePassword(sslConfig.getKeystorePassword());
        }
        if (StringUtils.isNotBlank(sslConfig.getTruststore())) {
            sslContextFactory.setTrustStorePath(sslConfig.getTruststore());
        }
        if (StringUtils.isNotBlank(sslConfig.getTruststorePassword())) {
            sslContextFactory.setTrustStorePassword(sslConfig.getTruststorePassword());
        }
        httpConfig.addCustomizer(new SecureRequestCustomizer());
        // Somehow With HTTP_2.0 Jetty throwing NPE. Need to investigate further whether all GemFire
        // web application(Pulse, REST) can do with HTTP_1.1
        connector = new ServerConnector(jettyServer, new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfig));
        connector.setPort(port);
    } else {
        connector = new ServerConnector(jettyServer, new HttpConnectionFactory(httpConfig));
        connector.setPort(port);
    }
    jettyServer.setConnectors(new Connector[] { connector });
    if (StringUtils.isNotBlank(bindAddress)) {
        connector.setHost(bindAddress);
    }
    if (bindAddress != null && !bindAddress.isEmpty()) {
        JettyHelper.bindAddress = bindAddress;
    }
    JettyHelper.port = port;
    return jettyServer;
}
Also used : ServerConnector(org.eclipse.jetty.server.ServerConnector) SslContextFactory(org.eclipse.jetty.util.ssl.SslContextFactory) SecureRequestCustomizer(org.eclipse.jetty.server.SecureRequestCustomizer) Server(org.eclipse.jetty.server.Server) HttpConnectionFactory(org.eclipse.jetty.server.HttpConnectionFactory) GemFireConfigException(org.apache.geode.GemFireConfigException) HandlerCollection(org.eclipse.jetty.server.handler.HandlerCollection) HttpConfiguration(org.eclipse.jetty.server.HttpConfiguration) SslConnectionFactory(org.eclipse.jetty.server.SslConnectionFactory)

Aggregations

GemFireConfigException (org.apache.geode.GemFireConfigException)28 IOException (java.io.IOException)11 SystemConnectException (org.apache.geode.SystemConnectException)10 Properties (java.util.Properties)7 ForcedDisconnectException (org.apache.geode.ForcedDisconnectException)7 DistributedSystemDisconnectedException (org.apache.geode.distributed.DistributedSystemDisconnectedException)6 Test (org.junit.Test)6 UnknownHostException (java.net.UnknownHostException)5 CancelException (org.apache.geode.CancelException)5 ByteArrayInputStream (java.io.ByteArrayInputStream)4 DataInputStream (java.io.DataInputStream)4 InetSocketAddress (java.net.InetSocketAddress)4 GemFireIOException (org.apache.geode.GemFireIOException)4 VersionedDataInputStream (org.apache.geode.internal.VersionedDataInputStream)4 MemberShunnedException (org.apache.geode.internal.tcp.MemberShunnedException)4 GemFireSecurityException (org.apache.geode.security.GemFireSecurityException)4 InputStream (java.io.InputStream)3 InvocationTargetException (java.lang.reflect.InvocationTargetException)3 ServerSocket (java.net.ServerSocket)3 NetView (org.apache.geode.distributed.internal.membership.NetView)3