Implementation of HTTPS support for VFC-nslcm project interface

Change-Id: I268bc463ab69cd4a79fd5801db09bad3e11b6eb1
Issue-ID: VFC-1676
Signed-off-by: dengyh <dengyuanhong@chinamobile.com>

diff --git a/docker/instance_config.sh b/docker/instance_config.sh
index 9b59331..25488fb 100755 (executable)
--- a/docker/instance_config.sh
+++ b/docker/instance_config.sh
@@ -37,6 +37,10 @@ if [ $SERVICE_IP ]; then
     sed -i "s|\"ip\": \".*\"|\"ip\": \"$SERVICE_IP\"|" vfc/nfvo/lcm/lcm/pub/config/config.py
 fi
 
+if [ $SSL_ENABLED ]; then
+    sed -i "s|SSL_ENABLED.*|SSL_ENABLED = '$SSL_ENABLED'|"  vfc/nfvo/lcm/lcm/pub/config/config.py
+fi
+
 # Configure MYSQL
 MYSQL_IP=`echo $MYSQL_ADDR | cut -d: -f 1`
 MYSQL_PORT=`echo $MYSQL_ADDR | cut -d: -f 2`

diff --git a/lcm/pub/config/config.py b/lcm/pub/config/config.py
index d453480..5b3fecb 100644 (file)
--- a/lcm/pub/config/config.py
+++ b/lcm/pub/config/config.py
@@ -36,11 +36,17 @@ FORWARDED_FOR_FIELDS = ["HTTP_X_FORWARDED_FOR", "HTTP_X_FORWARDED_HOST",
                         "HTTP_X_FORWARDED_SERVER"]
 
 # [register]
-REG_TO_MSB_WHEN_START = False
+REG_TO_MSB_WHEN_START = True
+SSL_ENABLED = "true"
 REG_TO_MSB_REG_URL = "/api/microservices/v1/services"
+if SSL_ENABLED == "true":
+    enable_ssl = "true"
+else:
+    enable_ssl = "false"
 REG_TO_MSB_REG_PARAM = {
     "serviceName": "nslcm",
     "version": "v1",
+    "enable_ssl": enable_ssl,
     "url": "/api/nslcm/v1",
     "protocol": "REST",
     "visualRange": "1",

diff --git a/requirements.txt b/requirements.txt
index 505116c..bf99936 100644 (file)
--- a/requirements.txt
+++ b/requirements.txt
@@ -37,4 +37,4 @@ swagger-spec-validator>=2.1.0
 onappylog==1.0.9
 
 # uwsgi for parallel processing
-# uwsgi
+uwsgi

diff --git a/run.sh b/run.sh
index f9fd3a1..d00c3fe 100755 (executable)
--- a/run.sh
+++ b/run.sh
@@ -18,11 +18,11 @@ if [ ! -x  $logDir  ]; then
        mkdir -p $logDir
 fi
 
-nohup python manage.py runserver 0.0.0.0:8403 > /dev/null &
+# nohup python manage.py runserver 0.0.0.0:8403 > /dev/null &
 # nohup uwsgi --http :8403 -t 120 --module lcm.wsgi --master --processes 4 &
 
-# if [ "${SSL_ENABLED}" = "true" ]; then
-#     nohup uwsgi --https :8403,lcm/pub/ssl/cert/foobar.crt,lcm/pub/ssl/cert/foobar.key, -t 120  --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 &
-# else
-#     nohup uwsgi --http :8403 -t 120 --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 &
-# fi
+if [ "${SSL_ENABLED}" = "true" ]; then
+   nohup uwsgi --https :8403,lcm/pub/ssl/cert/foobar.crt,lcm/pub/ssl/cert/foobar.key, -t 120  --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 &
+else
+   nohup uwsgi --http :8403 -t 120 --enable-threads --module lcm.wsgi --uid onap --gid onap --master --processes 4 &
+fi

diff --git a/stop.sh b/stop.sh
index d15f21f..42ddbf6 100755 (executable)
--- a/stop.sh
+++ b/stop.sh
@@ -12,5 +12,10 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-ps auxww | grep "manage.py runserver 0.0.0.0:8403" | awk '{print $1}' | xargs kill -9
+# ps auxww | grep "manage.py runserver 0.0.0.0:8403" | awk '{print $1}' | xargs kill -9
 # ps auxww |grep 'uwsgi --http' |awk '{print $1}' |xargs kill -9
+if [ "${SSL_ENABLED}" = "true" ]; then
+   ps auxww |grep 'uwsgi --https :8403' |awk '{print $1}' |xargs kill -9
+else
+   ps auxww |grep 'uwsgi --http :8403' |awk '{print $1}' |xargs kill -9
+fi
\ No newline at end of file