mirror of
https://github.com/ctripcorp/zeus.git
synced 2024-09-21 16:16:09 +08:00
Merge branch 'cert_fix' into github_dev
This commit is contained in:
commit
dae6a4ed7a
|
@ -352,8 +352,7 @@ public class OperationResource {
|
|||
throw new ValidationException("certId, vsId and ips are required.");
|
||||
}
|
||||
ips = configureIps(vsId, ips);
|
||||
certificateService.command(vsId, ips, certId);
|
||||
certificateService.install(vsId);
|
||||
certificateService.install(vsId, ips, certId);
|
||||
return responseHandler.handle("Certificates uploaded. Re-activate the virtual server to take effect.", hh.getMediaType());
|
||||
}
|
||||
|
||||
|
|
|
@ -133,8 +133,7 @@ public class VirtualServerRepositoryImpl implements VirtualServerRepository {
|
|||
domains[i] = vsDomains.get(i).getName();
|
||||
}
|
||||
Long certId = certificateService.getCertificateOnBoard(domains);
|
||||
certificateService.command(virtualServer.getId(), ips, certId);
|
||||
certificateService.install(virtualServer.getId());
|
||||
certificateService.install(virtualServer.getId(), ips, certId);
|
||||
}
|
||||
|
||||
private VirtualServer createVirtualServer(SlbVirtualServerDo d) throws DalException {
|
||||
|
|
|
@ -15,11 +15,7 @@ public interface CertificateService {
|
|||
|
||||
Long upgrade(InputStream cert, InputStream key, String domain, boolean state) throws Exception;
|
||||
|
||||
void command(Long vsId, List<String> ips, Long certId) throws Exception;
|
||||
void install(Long vsId, List<String> ips, Long certId) throws Exception;
|
||||
|
||||
void recall(Long vsId, List<String> ips) throws Exception;
|
||||
|
||||
void install(Long vsId) throws Exception;
|
||||
|
||||
void uninstallIfRecalled(Long vsId) throws Exception;
|
||||
void uninstallIfRecalled(Long vsId, List<String> ips) throws Exception;
|
||||
}
|
|
@ -82,44 +82,29 @@ public class CertificateServiceImpl implements CertificateService {
|
|||
}
|
||||
|
||||
@Override
|
||||
public void command(Long vsId, List<String> ips, Long certId) throws Exception {
|
||||
CertificateDo cert = certificateDao.findByPK(certId, CertificateEntity.READSET_FULL);
|
||||
if (cert == null)
|
||||
throw new ValidationException("Certificate cannot be found.");
|
||||
for (String ip : ips) {
|
||||
rCertificateSlbServerDao.insertOrUpdateCommand(
|
||||
new RelCertSlbServerDo().setIp(ip).setCommand(cert.getId()).setVsId(vsId));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void recall(Long vsId, List<String> ips) throws Exception {
|
||||
for (String ip : ips) {
|
||||
rCertificateSlbServerDao.insertOrUpdateCommand(
|
||||
new RelCertSlbServerDo().setIp(ip).setCommand(0L).setVsId(vsId));
|
||||
}
|
||||
}
|
||||
|
||||
@Override
|
||||
public void install(Long vsId) throws Exception {
|
||||
public void install(Long vsId, List<String> ips, Long certId) throws Exception {
|
||||
List<RelCertSlbServerDo> dos = rCertificateSlbServerDao.findByVs(vsId, RCertificateSlbServerEntity.READSET_FULL);
|
||||
Set<String> check = new HashSet<>();
|
||||
for (RelCertSlbServerDo d : dos) {
|
||||
check.add(d.getIp() + "#" + vsId + "#" + d.getCertId());
|
||||
}
|
||||
boolean success = true;
|
||||
String errMsg = "";
|
||||
for (RelCertSlbServerDo d : dos) {
|
||||
if (d.getCertId() == d.getCommand())
|
||||
for (String ip : ips) {
|
||||
if (check.contains(ip + "#" + vsId + "#" + certId))
|
||||
continue;
|
||||
CertSyncClient c = new CertSyncClient("http://" + d.getIp() + ":8099");
|
||||
Response res = c.requestInstall(vsId, d.getCommand());
|
||||
CertSyncClient c = new CertSyncClient("http://" + ip + ":8099");
|
||||
Response res = c.requestInstall(vsId, certId);
|
||||
// retry
|
||||
if (res.getStatus() / 100 > 2)
|
||||
res = c.requestInstall(vsId, d.getCommand());
|
||||
res = c.requestInstall(vsId, certId);
|
||||
// still failed after retry
|
||||
if (res.getStatus() / 100 > 2) {
|
||||
success &= false;
|
||||
try {
|
||||
errMsg += d.getIp() + ":" + IOUtils.inputStreamStringify((InputStream) res.getEntity()) + "\n";
|
||||
errMsg += ip + ":" + IOUtils.inputStreamStringify((InputStream) res.getEntity()) + "\n";
|
||||
} catch (IOException e) {
|
||||
errMsg += d.getIp() + ":" + "Unable to parse the response entity.\n";
|
||||
errMsg += ip + ":" + "Unable to parse the response entity.\n";
|
||||
}
|
||||
}
|
||||
if (!success)
|
||||
|
@ -128,13 +113,11 @@ public class CertificateServiceImpl implements CertificateService {
|
|||
}
|
||||
|
||||
@Override
|
||||
public void uninstallIfRecalled(Long vsId) throws Exception {
|
||||
List<RelCertSlbServerDo> dos = rCertificateSlbServerDao.findByVs(vsId, RCertificateSlbServerEntity.READSET_FULL);
|
||||
public void uninstallIfRecalled(Long vsId, List<String> ips) throws Exception {
|
||||
Map<String, RelCertSlbServerDo> abandoned = new HashMap<>();
|
||||
for (RelCertSlbServerDo d : dos) {
|
||||
if (d.getCommand() == 0L) {
|
||||
for (RelCertSlbServerDo d : rCertificateSlbServerDao.findByVs(vsId, RCertificateSlbServerEntity.READSET_FULL)) {
|
||||
if (ips.contains(d.getIp()))
|
||||
abandoned.put(d.getIp(), d);
|
||||
}
|
||||
}
|
||||
boolean success = true;
|
||||
String errMsg = "";
|
||||
|
|
|
@ -6,7 +6,9 @@ import com.ctrip.zeus.dal.core.RelCertSlbServerDo;
|
|||
import com.ctrip.zeus.service.nginx.impl.CertificateServiceImpl;
|
||||
|
||||
import javax.annotation.Resource;
|
||||
import java.util.HashSet;
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
/**
|
||||
* Created by zhoumy on 2015/11/5.
|
||||
|
@ -18,12 +20,16 @@ public class CertificateTestService extends CertificateServiceImpl {
|
|||
private CertificateInstaller certificateInstaller;
|
||||
|
||||
@Override
|
||||
public void install(Long vsId) throws Exception {
|
||||
public void install(Long vsId, List<String> ips, Long certId) throws Exception {
|
||||
List<RelCertSlbServerDo> dos = rCertificateSlbServerDao.findByVs(vsId, RCertificateSlbServerEntity.READSET_FULL);
|
||||
Set<String> check = new HashSet<>();
|
||||
for (RelCertSlbServerDo d : dos) {
|
||||
if (d.getCertId() == d.getCommand())
|
||||
check.add(d.getIp() + "#" + vsId + "#" + d.getCertId());
|
||||
}
|
||||
for (String ip : ips) {
|
||||
if (check.contains(ip + "#" + vsId + "#" + certId))
|
||||
continue;
|
||||
certificateInstaller.localInstall(vsId, d.getCommand());
|
||||
certificateInstaller.localInstall(vsId, certId);
|
||||
}
|
||||
}
|
||||
}
|
Loading…
Reference in a new issue