static ManagementHost createManagementHost(String[] args) throws Throwable { ManagementHost h = new ManagementHost(); h.initialize(args); h.registerOperationInterceptors(); h.start(); h.setAuthorizationContext(h.getSystemAuthorizationContext()); h.log(Level.INFO, "**** Management host starting ... ****"); h.startFabricServices(); h.startManagementServices(); waitForDefaultRegistryCreated(h); h.log(Level.INFO, "**** Management host started. ****"); h.setAuthorizationContext(null); Runtime.getRuntime().addShutdownHook(new Thread(() -> { h.log(Level.WARNING, "Host stopping ..."); h.stop(); h.log(Level.WARNING, "Host is stopped"); })); return h; }
private void validatePeerArgs() throws Throwable { if (nodeGroupPublicUri != null) { URI uri = new URI(nodeGroupPublicUri); if (this.getPort() != -1 && uri.getPort() == this.getPort()) { throw new IllegalArgumentException("--nodeGroupPublicUri port must be different" + " from --port"); } if (this.getSecurePort() != -1 && uri.getPort() == this.getSecurePort()) { throw new IllegalArgumentException("--nodeGroupPublicUri port must be different" + " from --securePort"); } if (uri.getHost() == null) { throw new IllegalArgumentException("--nodeGroupPublicUri host must be set"); } if (uri.getScheme() == null) { throw new IllegalArgumentException("--nodeGroupPublicUri scheme must be set"); } if (uri.getPort() < 0 || uri.getPort() >= Short.MAX_VALUE * 2) { throw new IllegalArgumentException("--nodeGroupPublicUri port is not in range"); } } }
/** * Start all services required to support management of infrastructure and applications. */ protected void startCommonServices() throws Throwable { this.log(Level.INFO, "Common service starting ..."); HostInitCommonServiceConfig.startServices(this); HostInitAuthServiceConfig.startServices(this); HostInitUpgradeServiceConfig.startServices(this); registerForServiceAvailability(AuthBootstrapService.startTask(this), true, AuthBootstrapService.FACTORY_LINK); if (!ConfigurationUtil.isVca()) { registerForServiceAvailability(ProjectsTransformationBootstrapService.startTask(this), true, ProjectsTransformationBootstrapService.FACTORY_LINK, ProjectFactoryService.SELF_LINK); } this.log(Level.INFO, "Common services started."); }
public static void main(String[] args) throws Throwable { Utils.setTimeDriftThreshold(TIME_DRIFT_THRESHOLD_MICROS); ManagementHost h = new ManagementHost(); h.initializeHostAndServices(args); Runtime.getRuntime().addShutdownHook(new Thread(() -> { h.log(Level.WARNING, "Host stopping ..."); h.stop(); h.log(Level.WARNING, "Host is stopped"); })); }
protected ManagementHost initializeHostAndServices(String[] args) throws Throwable { log(Level.INFO, "Initializing ..."); initialize(args); log(Level.INFO, "Registering service interceptors ..."); registerOperationInterceptors(); log(Level.INFO, "Starting ..."); start(); log(Level.INFO, "Setting authorization context ..."); // Set system user's authorization context to allow the services start privileged access. setAuthorizationContext(getSystemAuthorizationContext()); log(Level.INFO, "**** Management host starting ... ****"); startFabricServices(); startManagementServices(); startClosureServices(this, startMockHostAdapterInstance); startSwaggerService(); startCustomSwaggerService(); log(Level.INFO, "**** Management host started. ****"); log(Level.INFO, "**** Migration service starting... ****"); super.startFactory(new LegacyMigrationTaskService()); super.startFactory(new MigrationTaskService()); // Clean up authorization context to avoid privileged access. setAuthorizationContext(null); return this; }
ServiceClient serviceClient = createServiceClient(CertificateUtil.createSSLContext( trustManager, null), 0); setClient(serviceClient); addPrivilegedService(SessionService.class); addPrivilegedService(ProjectFactoryService.class); addPrivilegedService(PrincipalService.class); addPrivilegedService(ProjectService.class); addPrivilegedService(DockerHostAdapterService.class); addPrivilegedService(ContainerHostDataCollectionService.class); addPrivilegedService(NodeMigrationService.class); addPrivilegedService(RegistryAdapterService.class); addPrivilegedService(authService.getClass()); setAuthenticationService(authService); startDefaultCoreServicesSynchronously(); startFactoryServicesSynchronously(authServiceFactories.toArray(new Service[] {})); startCoreServicesSynchronously(authServices.toArray(new Service[] {})); privilegeServices.stream().forEach(service -> this.addPrivilegedService(service)); startPeerListener();
protected void stopHost(ManagementHost host) { if (host == null) { return; } String hostname = host.getUri().toString(); System.out.println("Stopping host '" + hostname + "'..."); try { ServiceRequestListener secureListener = host.getSecureListener(); host.stop(); secureListener.stop(); waitWhilePortIsListening(secureListener.getPort()); System.out.println("Host '" + hostname + "' stopped."); } catch (Exception e) { throw new RuntimeException("Exception stopping host!", e); } }
@Override public ServiceHost initialize(String[] args) throws Throwable { setEncryptionFilePermissions(); log(Level.INFO, "ManagementHost is being initialized with Postgres index"); enableLiquibase(); } else { log(Level.INFO, "ManagementHost is being initialized with Lucene index"); validatePeerArgs();
this.log(Level.INFO, "Swagger service starting ..."); this.startService(swagger); this.log(Level.INFO, "Swagger service started. Checkout Swagger UI at: %s%s/ui", this.getUri(), ServiceUriPaths.SWAGGER);
/** * Class for test purposes, mainly when authorization of host is enabled. If @param * 'initializeTestDocuments' is equals to 'true' the created ServiceHost comes with set of * documents which have been created when host starts using system authorization context. * * @param args - arguments which will be parsed from host, * @param initializeTestDocuments - boolean flag indicates whether additional test documents to be created. * @return ManagementHost Object * @throws Throwable */ static ManagementHost createManagementHost(String[] args, boolean initializeTestDocuments) throws Throwable { ManagementHost h = createManagementHost(args); if (initializeTestDocuments) { h.setAuthorizationContext(h.getSystemAuthorizationContext()); TestServiceDocumentsInitializer.startServices(h); h.setAuthorizationContext(null); } return h; }
protected ManagementHost startHost(ManagementHost host, URI sandboxUri, List<String> peers) throws Throwable { String hostname = host.getUri().toString() + ":" + host.getSecurePort(); System.out.println("Starting host '" + hostname + "'..."); host = setUpHost(host.getSecurePort(), sandboxUri, peers); TestContext ctx = new TestContext(1, Duration.ofSeconds(DEFAULT_WAIT_SECONDS_FOR_AUTH_SERVICES)); AuthUtil.getPreferredAuthConfigProvider().waitForInitBootConfig(host, host.localUsers, ctx::completeIteration, ctx::failIteration); ctx.await(); System.out.println("Sleep for a while, until the host starts..."); Thread.sleep(4000); System.out.println("Host '" + hostname + "' started."); return host; }
@Override public boolean isReady() { try { SimpleEntry<Integer, String> response = doGet(uri, headers); assertEquals(HttpURLConnection.HTTP_OK, (int) response.getKey()); String body = switchToUnixLineEnds(response.getValue()); for (ManagementHost host2 : hosts) { assertTrue("Host " + host2.getUri() + " should be present!", body.contains("\"groupReference\": \"" + host2.getUri() + "/core/node-groups/default\",\n \"status\": \"AVAILABLE\"")); } } catch (Throwable e) { host.log(Level.WARNING, "Request to [%s] failed with: [%s].", NODE_GROUPS, e.getMessage()); return false; } return true; }
/** * Sets read/write permissions only to the owner of the encryption file. */ private void setEncryptionFilePermissions() throws Throwable { String encFileParam = System.getProperty(EncryptionUtils.ENCRYPTION_KEY); if (encFileParam == null) { return; } File f = new File(encFileParam); File parent = f.getParentFile(); // create parent folder if it does not exist if (!parent.exists() && !parent.mkdirs()) { log(Level.SEVERE, "Cannot create folders %s for encryption file.", parent.getAbsolutePath()); throw new IOException("Cannot create " + parent.getAbsolutePath()); } // dummy call to initialize the EncryptionUtils and create the encryption file EncryptionUtils.encrypt(null); try { // set file permissions setPermissionsToOwner(f); } catch (Throwable e) { log(Level.SEVERE, "Cannot change permissions of file %s. Error: %s", encFileParam, e.getMessage()); throw e; } }
public static void startServices(ManagementHost host) { startServices(host, TestAuthServiceDocumentHelper.class, DummyFactoryService.class, DummySubscriber.class); // start initialization of test documents host.sendRequest(Operation.createPost( UriUtils.buildUri(host, TestAuthServiceDocumentHelper.class)) .setReferer(host.getUri()) .setBody(new ServiceDocument())); } }
op.setReferer(host.getUri()); op.setCompletion((o, e) -> { if (e != null) {
private void setPermissionsToOwner(File f) { boolean b = true; try { b = f.setReadable(false, false); b &= f.setWritable(false, false); } finally { b &= f.setReadable(true, true); b &= f.setWritable(true, true); } if (b) { this.log(Level.FINE, "Permissions set to file %s", f.getAbsolutePath()); } }
private static void waitForDefaultRegistryCreated(ManagementHost host) { TestContext ctx = new TestContext(1, Duration.ofSeconds(120)); host.log(Level.INFO, "Waiting for default registry to start."); host.registerForServiceAvailability(ctx.getCompletion(), RegistryService.DEFAULT_INSTANCE_LINK); ctx.await(); host.log(Level.INFO, "Default registry started."); }
log(Level.SEVERE, "Cannot register service factory for %s: %s", serviceMetadata.serviceClass.getCanonicalName(), Utils.toString(e));
/** * Start all services required to support management of infrastructure and applications. */ protected void startManagementServices() throws Throwable { this.log(Level.INFO, "Management service starting ..."); registerForServiceAvailability(CaSigningCertService.startTask(this), true, CaSigningCertService.FACTORY_LINK); HostInitComputeServicesConfig.startServices(this, false); HostInitComputeBackgroundServicesConfig.startServices(this); HostInitRequestServicesConfig.startServices(this); HostInitImageServicesConfig.startServices(this); HostInitUiServicesConfig.startServices(this); HostInitHarborServices.startServices(this, startMockHostAdapterInstance); HostInitDockerAdapterServiceConfig.startServices(this, startMockHostAdapterInstance); HostInitKubernetesAdapterServiceConfig.startServices(this, startMockHostAdapterInstance); HostInitRegistryAdapterServiceConfig.startServices(this); this.log(Level.INFO, "Management services started."); }