From: yangyan Date: Thu, 11 Apr 2019 02:38:15 +0000 (+0800) Subject: Add https support for project X-Git-Tag: 1.3.0~3 X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=0259dc517346df30f8f8ac1f71610419ac720716;p=vfc%2Fgvnfm%2Fvnfmgr.git Add https support for project Change-Id: I9ca183381c5b1df0290e837ac1dd59e0ac0b6b2d Issue-ID: VFC-1342 Signed-off-by: yangyan --- diff --git a/mgr/assembly.xml b/mgr/assembly.xml index ce1b51f..000aefd 100644 --- a/mgr/assembly.xml +++ b/mgr/assembly.xml @@ -28,6 +28,8 @@ **/*.py **/*.json **/*.yml + **/*.crt + **/*.key diff --git a/mgr/docker/Dockerfile b/mgr/docker/Dockerfile index 52f1a31..3e4ae2d 100644 --- a/mgr/docker/Dockerfile +++ b/mgr/docker/Dockerfile @@ -10,6 +10,7 @@ RUN sed -i "s|set compatible|set nocompatible|" /etc/vim/vimrc.tiny RUN echo "set backspace=2" >> /etc/vim/vimrc.tiny RUN apt-get update && \ + apt-get install -y wget unzip gcc libssl-dev && \ apt-get install -y python-virtualenv && \ apt-get install -y python-setuptools && \ apt-get install -y python-dev && \ @@ -21,7 +22,7 @@ RUN apt-get update && \ apt-get install -y unzip && \ apt-get install -y curl && \ apt-get install -y build-essential && \ - apt-get install -y libssl-dev && \ +# apt-get install -y libssl-dev && \ apt-get install -y libffi-dev && \ groupadd -r onap && useradd -r -g onap onap && \ chmod u+w /etc/sudoers && \ @@ -40,6 +41,8 @@ RUN wget -q -O vfc-gvnfm-vnfmgr.zip 'https://nexus.onap.org/service/local/artifa WORKDIR /service/vfc/gvnfm/vnfmgr/mgr RUN pip install -r requirements.txt +RUN apt-get --purge remove -y wget unzip gcc libssl-dev + EXPOSE 8803 USER onap diff --git a/mgr/mgr/pub/ssl/cert/foobar.crt b/mgr/mgr/pub/ssl/cert/foobar.crt new file mode 100644 index 0000000..7ab6dd3 --- /dev/null +++ b/mgr/mgr/pub/ssl/cert/foobar.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDRDCCAiwCCQD8zmUqCHOp2zANBgkqhkiG9w0BAQsFADBjMQswCQYDVQQGEwJD +TjEQMA4GA1UECAwHQmVpSmluZzEQMA4GA1UEBwwHQmVpSmluZzENMAsGA1UECgwE +Q21jYzESMBAGA1UECwwJQ21jYy1vbmFwMQ0wCwYDVQQDDARDbWNjMCAXDTE5MDMy +NjAyNTI0N1oYDzIxMTkwMzAyMDI1MjQ3WjBjMQswCQYDVQQGEwJDTjEQMA4GA1UE +CAwHQmVpSmluZzEQMA4GA1UEBwwHQmVpSmluZzENMAsGA1UECgwEQ21jYzESMBAG +A1UECwwJQ21jYy1vbmFwMQ0wCwYDVQQDDARDbWNjMIIBIjANBgkqhkiG9w0BAQEF +AAOCAQ8AMIIBCgKCAQEA4DurchTgEw/A1y/Q5gpSSJTLC+KFOV4Vmbz2hlvOGLwV +NIX1+r7DpaiJTGjEKLCtGsD2tGm69KiUX9FBY1CStnwK2R4wA5NKW+ZKQLd3sRTc +Hl+2bLFk7E5KvmKZZM4xhsN3ey7Ia8H0sSfKiGlxB1hZI2HibRNy8GWyi95j8MkP +v+H7HbJlX1kIKb7p2y8aG8AnAzBWikJFcQ1y3bJA2r31wOht63pIekwh+nntt5u+ +Yh/STXHiAe2gT7b9x6RAn09tC6TsBKzdZ4ZKrBLfRwPv6+cbDLcqkhbPukqaFaEs +rDCLhuWX10sGLEsqXULDwZRoYxTUueLek9v+/8f5EwIDAQABMA0GCSqGSIb3DQEB +CwUAA4IBAQCenowNpFiy9vH18+9PL4rZjZ1NH+frGqsWvDiyHPnLpneCLOuiXvgv +kcuLJDYatc6vTlXkJElxwF1fCaJEn6dNq3WtQxdJjhXidAKx8Hsf1Nxkwbvmahv2 +TIWV/FMvop+9SdonDBGZojrYKRsY3EilQf+7/rGEM52HE8S3yE8CCe9xTZSYUs1B +B8CzOPBVU7SWSRSLUKfdRhjyl4Rqsslxzal+8A36yViHBPhJgmDRoVWVR+E289IH +FCQ0d8qVvdTGkM79dvZrEH9WSzPwlTR0NSkBMWTNLcWyP8caDjg+fbSVOF+s+sd/ +bLuAyHyeXUzClJx6CA5zwLZz5K5SVxw+ +-----END CERTIFICATE----- diff --git a/mgr/mgr/pub/ssl/cert/foobar.csr b/mgr/mgr/pub/ssl/cert/foobar.csr new file mode 100644 index 0000000..30b381b --- /dev/null +++ b/mgr/mgr/pub/ssl/cert/foobar.csr @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE REQUEST----- +MIIC1DCCAbwCAQAwYzELMAkGA1UEBhMCQ04xEDAOBgNVBAgMB0JlaUppbmcxEDAO +BgNVBAcMB0JlaUppbmcxDTALBgNVBAoMBENtY2MxEjAQBgNVBAsMCUNtY2Mtb25h +cDENMAsGA1UEAwwEQ21jYzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB +AOA7q3IU4BMPwNcv0OYKUkiUywvihTleFZm89oZbzhi8FTSF9fq+w6WoiUxoxCiw +rRrA9rRpuvSolF/RQWNQkrZ8CtkeMAOTSlvmSkC3d7EU3B5ftmyxZOxOSr5imWTO +MYbDd3suyGvB9LEnyohpcQdYWSNh4m0TcvBlsoveY/DJD7/h+x2yZV9ZCCm+6dsv +GhvAJwMwVopCRXENct2yQNq99cDobet6SHpMIfp57bebvmIf0k1x4gHtoE+2/cek +QJ9PbQuk7ASs3WeGSqwS30cD7+vnGwy3KpIWz7pKmhWhLKwwi4bll9dLBixLKl1C +w8GUaGMU1Lni3pPb/v/H+RMCAwEAAaAsMBMGCSqGSIb3DQEJAjEGDARDbWNjMBUG +CSqGSIb3DQEJBzEIDAYxMjM0NTYwDQYJKoZIhvcNAQELBQADggEBAGr8XkV5G9bK +lPc3jUvmS+KSg9UB1wrvf6kQUGDvCvXqZCGw1mRZekN4rH5c1fk9iLwLqDkWDnNo +79jzAWV76U62GarTOng32TLTItxI/EeUhQFCf+AI/YcJEdHf8HGrDuvC0iSz6/9q +Fe5HhVSO7zsHdP28J05wTyII+2k4ecAj3oXutUnGCBg0nlexDmxAZoe8x4XHpqkt +tEKquZdq3l17+v5DKlKwczQcXUBC1yGw0ki67U5w9fVKzpAf7Frr7YnbGS35i5Pv +ny4SlXPW167hRQKXCniY5QtCocP+GoPD+81uWwf+bjHyAZ3HCd532YFgXW01yJhM +imRDxx2gDds= +-----END CERTIFICATE REQUEST----- diff --git a/mgr/mgr/pub/ssl/cert/foobar.key b/mgr/mgr/pub/ssl/cert/foobar.key new file mode 100644 index 0000000..266f502 --- /dev/null +++ b/mgr/mgr/pub/ssl/cert/foobar.key @@ -0,0 +1,27 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpQIBAAKCAQEA4DurchTgEw/A1y/Q5gpSSJTLC+KFOV4Vmbz2hlvOGLwVNIX1 ++r7DpaiJTGjEKLCtGsD2tGm69KiUX9FBY1CStnwK2R4wA5NKW+ZKQLd3sRTcHl+2 +bLFk7E5KvmKZZM4xhsN3ey7Ia8H0sSfKiGlxB1hZI2HibRNy8GWyi95j8MkPv+H7 +HbJlX1kIKb7p2y8aG8AnAzBWikJFcQ1y3bJA2r31wOht63pIekwh+nntt5u+Yh/S +TXHiAe2gT7b9x6RAn09tC6TsBKzdZ4ZKrBLfRwPv6+cbDLcqkhbPukqaFaEsrDCL +huWX10sGLEsqXULDwZRoYxTUueLek9v+/8f5EwIDAQABAoIBAQCL+dPBqHRkkc3w +xsGiCMlq06+Y4LQHpsrXKNW/8+lJGYgnPITcHV+mtvnWgAQL3paA//pBj0sM1Xui +AM/PvomHbxGajbStVrHxgmXR1nXaTkpGj7siSO7WcN1J0eUtv2W9WaHpfL/SPMaS +HGPbGe9cBXPHmaAuNRjoJqP5mj9LHB0SebJImjiaCYsUkBgC0Ooo4UuwOXLYO/ak +gZrbM8WwY21rRVc3uDyg5Ez8gxbFG3L39t26gpqBYosqNlPe7/JVkTpxUKk1Allf +fAJNyfpS2CuY+nQWtCleJFtF1Yq9jwfPvtNUTrXeJq97xFqSIRnJbygttsokbPto +tLqB4rSBAoGBAPPgidT0KyfYVUaWNEXtOOJyh3MCk0ssalRKf+Dap9J9Bgpjldbu +/tBBrrbxSEAieXe8gKDwgDY2qBcsUUvEY+EWL7tiMBnS4HvK8/4aEIx14xMgiuCS +bTnMGlIlImjMKdj0iKOd0N2NPQcfr0NTUdZJ/p1o965lq/9i7xcfHinTAoGBAOth +JqwyGQ6oP005Vry3S/7E7UJjYxMaUfhRmMGoVz+qXAEfq0r4TkNrcEvP7mu72pVe +q1P4imQjvvPXqoPBdh310a6OCQ7BrFpkOghHBIG0koblncml4hdBSReUA1auW2Qr +c/MUSeV96DDbI2mZJulVdqINyaAt/JDMnfdcbCvBAoGAYPTI91/ndFzeckSvHYnV +TrnnvcKtWnqa/03rDzL++4D3ENRMsvmrVpJ2aob8iXrrPb40iUd0QZlzNFtLKss2 +Rjty2JWNuAaNdsnWPRSRtbX8hBMxA11TjWHmqPfYeT+J95YoaJwKeLp5I8bl/+c1 +JvOeBWjA55XGTq8/jLqzXD8CgYEAiQVyJNW5Hn4083iIlK1DkRkEYRxIRYuR4jNl +8H5V5BsBGipcZfUsYjT+FzQBQDgII+ILbIOH1Im2lG6ctbx+TSyXlrzaavu1oJ0t +5zmoVvVOQzcR5pwphI4dxZsFYoV3cFWXVw8dgXoNG7vF3qgoLbbxq57JG/UJTSXA +Y4oq8kECgYEAlgh6v+o6jCUD7l0JWdRtZy52rhC3W/HrhcHE0/l3RjeV+kLIWr9u +WbNltgZQGvPVQ+ZwPIYj1gaGP17wm5pAsJNSN4LQ1v4Fj/XjT7zdwYwYOrXIJati +5HTeyHjm+wwOPYrmH4YLGwAh6T1is42E0K2L7LG8HnO4bHbfV2mKji0= +-----END RSA PRIVATE KEY----- diff --git a/mgr/requirements.txt b/mgr/requirements.txt index 274c597..a1e38dc 100644 --- a/mgr/requirements.txt +++ b/mgr/requirements.txt @@ -26,4 +26,7 @@ flex>=6.11.1 swagger-spec-validator>=2.1.0 # for onap logging -onappylog>=1.0.6 \ No newline at end of file +onappylog>=1.0.6 + +# uwsgi for parallel processing +uwsgi \ No newline at end of file diff --git a/mgr/run.sh b/mgr/run.sh index 256e297..578fc38 100755 --- a/mgr/run.sh +++ b/mgr/run.sh @@ -18,7 +18,13 @@ if [ ! -x $logDir ]; then mkdir -p $logDir fi -nohup python manage.py runserver 0.0.0.0:8803 > /dev/null & +# nohup python manage.py runserver 0.0.0.0:8803 > /dev/null & + +if [ ${SSL_ENABLED} = "true" ]; then + nohup uwsgi --https :8803,mgr/pub/ssl/cert/foobar.crt,mgr/pub/ssl/cert/foobar.key, -t 120 --module mgr.wsgi --master --processes 4 & +else + nohup uwsgi --http :8803 -t 120 --module mgr.wsgi --master --processes 4 & +fi while [ ! -f $logDir/runtime_mgr.log ]; do sleep 1 diff --git a/mgr/stop.sh b/mgr/stop.sh index 6a18e20..1c41bf7 100755 --- a/mgr/stop.sh +++ b/mgr/stop.sh @@ -13,4 +13,5 @@ # See the License for the specific language governing permissions and # limitations under the License. -ps auxww | grep 'manage.py runserver 0.0.0.0:8803' | awk '{print $2}' | xargs kill -9 +# ps auxww | grep 'manage.py runserver 0.0.0.0:8803' | awk '{print $2}' | xargs kill -9 +ps auxww |grep 'uwsgi --http :8803 --module mgr.wsgi --master' |awk '{print $2}' |xargs kill -9