From 74c4e243e3661dbb57f9aac9c21bc76ee162b714 Mon Sep 17 00:00:00 2001 From: Qian Deng Date: Tue, 2 Apr 2019 15:21:50 +0800 Subject: [PATCH] Refator the host related config 1. Refactor host config 2. Refactor certiface config 3. Add port config 4. Add log info config Signed-off-by: Qian Deng --- make/harbor.yml | 3 +- .../prepare/templates/core/config_env.jinja | 2 +- .../templates/nginx/nginx.http.conf.jinja | 2 +- .../templates/nginx/nginx.https.conf.jinja | 2 +- make/photon/prepare/utils/configs.py | 75 +++++++++++++------ make/photon/prepare/utils/nginx.py | 10 ++- 6 files changed, 63 insertions(+), 31 deletions(-) diff --git a/make/harbor.yml b/make/harbor.yml index dd7dd65ab..7f7bf93e8 100644 --- a/make/harbor.yml +++ b/make/harbor.yml @@ -6,6 +6,7 @@ hostname: reg.mydomain.com # core, harbor http: port: 80 + # https: # port: 443 # #The path of cert and key files for nginx, they are applied only the protocol is set to https @@ -103,7 +104,7 @@ jobservice: # Log configurations log: - # debug, warn, error + # options are debug, info, warn, error level: info # Log files are rotated log_rotate_count times before being removed. If count is 0, old versions are removed rather than rotated. rotate_count: 50 diff --git a/make/photon/prepare/templates/core/config_env.jinja b/make/photon/prepare/templates/core/config_env.jinja index e9801e539..ce986e7d3 100644 --- a/make/photon/prepare/templates/core/config_env.jinja +++ b/make/photon/prepare/templates/core/config_env.jinja @@ -1,5 +1,5 @@ PORT=8080 -LOG_LEVEL=info +LOG_LEVEL={{log_level}} EXT_ENDPOINT={{public_url}} DATABASE_TYPE=postgresql POSTGRESQL_HOST={{db_host}} diff --git a/make/photon/prepare/templates/nginx/nginx.http.conf.jinja b/make/photon/prepare/templates/nginx/nginx.http.conf.jinja index 0f7f5107e..27ac1d7cd 100644 --- a/make/photon/prepare/templates/nginx/nginx.http.conf.jinja +++ b/make/photon/prepare/templates/nginx/nginx.http.conf.jinja @@ -28,7 +28,7 @@ http { access_log /dev/stdout timed_combined; server { - listen 80; + listen {{http_port}}; server_tokens off; # disable any limits to avoid HTTP 413 for large image uploads client_max_body_size 0; diff --git a/make/photon/prepare/templates/nginx/nginx.https.conf.jinja b/make/photon/prepare/templates/nginx/nginx.https.conf.jinja index 1ae2a9754..41b350096 100644 --- a/make/photon/prepare/templates/nginx/nginx.https.conf.jinja +++ b/make/photon/prepare/templates/nginx/nginx.https.conf.jinja @@ -31,7 +31,7 @@ http { include /etc/nginx/conf.d/*.server.conf; server { - listen 443 ssl; + listen {{https_port}} ssl; # server_name harbordomain.com; server_tokens off; # SSL diff --git a/make/photon/prepare/utils/configs.py b/make/photon/prepare/utils/configs.py index cadd79030..f59348fdb 100644 --- a/make/photon/prepare/utils/configs.py +++ b/make/photon/prepare/utils/configs.py @@ -54,27 +54,35 @@ def parse_yaml_config(config_file_path): with open(config_file_path) as f: configs = yaml.load(f) - config_dict = {} - config_dict['adminserver_url'] = "http://adminserver:8080" - config_dict['registry_url'] = "http://registry:5000" - config_dict['registry_controller_url'] = "http://registryctl:8080" - config_dict['core_url'] = "http://core:8080" - config_dict['token_service_url'] = "http://core:8080/service/token" - - config_dict['jobservice_url'] = "http://jobservice:8080" - config_dict['clair_url'] = "http://clair:6060" - config_dict['notary_url'] = "http://notary-server:4443" - config_dict['chart_repository_url'] = "http://chartmuseum:9999" + config_dict = { + 'adminserver_url': "http://adminserver:8080", + 'registry_url': "http://registry:5000", + 'registry_controller_url': "http://registryctl:8080", + 'core_url': "http://core:8080", + 'token_service_url': "http://core:8080/service/token", + 'jobservice_url': 'http://jobservice:8080', + 'clair_url': 'http://clair:6060', + 'notary_url': 'http://notary-server:4443', + 'chart_repository_url': 'http://chartmuseum:9999' + } config_dict['hostname'] = configs.get("hostname") - config_dict['protocol'] = configs.get("ui_url_protocol") - config_dict['public_url'] = config_dict['protocol'] + "://" + config_dict['hostname'] + http_config = configs.get('http') + https_config = configs.get('https') + if https_config: + config_dict['protocol'] = 'https' + config_dict['https_port'] = https_config.get('port', 443) + config_dict['cert_path'] = https_config.get("certificate") + config_dict['cert_key_path'] = https_config.get("private_key") + else: + config_dict['protocol'] = 'http' + config_dict['http_port'] = http_config.get('port', 80) - # secure configs - if config_dict['protocol'] == "https": - config_dict['cert_path'] = configs.get("ssl_cert") - config_dict['cert_key_path'] = configs.get("ssl_cert_key") + if configs.get('external_url'): + config_dict['public_url'] = configs['external_url'] + else: + config_dict['public_url'] = '{protocol}://{hostname}'.format(**config_dict) # DB configs @@ -94,12 +102,30 @@ def parse_yaml_config(config_file_path): config_dict['harbor_admin_password'] = configs.get("harbor_admin_password") # Registry storage configs - storage_config = configs.get('storage') or {} - config_dict['storage_provider_name'] = storage_config.get("registry_storage_provider_name") or '' - config_dict['storage_provider_config'] = storage_config.get("registry_storage_provider_config") or '' - # yaml requires 1 or more spaces between the key and value - config_dict['storage_provider_config'] = config_dict['storage_provider_config'].replace(":", ": ", 1) - config_dict['registry_custom_ca_bundle_path'] = storage_config.get("registry_custom_ca_bundle") or '' + storage_config = configs.get('storage_service') or {} + if configs.get('filesystem'): + print('handle filesystem') + elif configs.get('azure'): + print('handle azure') + elif configs.get('gcs'): + print('handle gcs') + elif configs.get('s3'): + print('handle s3') + elif configs.get('swift'): + print('handle swift') + elif configs.get('oss'): + print('handle oss') + else: + config_dict['storage_provider_name'] = 'filesystem' + config_dict['storage_provider_config'] = '' + config_dict['registry_custom_ca_bundle_path'] = storage_config.get("ca_bundle") or '' + + + # config_dict['storage_provider_name'] = storage_config.get("registry_storage_provider_name") or '' + # config_dict['storage_provider_config'] = storage_config.get("registry_storage_provider_config") or '' + # # yaml requires 1 or more spaces between the key and value + # config_dict['storage_provider_config'] = config_dict['storage_provider_config'].replace(":", ": ", 1) + # config_dict['registry_custom_ca_bundle_path'] = storage_config.get("registry_custom_ca_bundle") or '' # Clair configs @@ -112,7 +138,8 @@ def parse_yaml_config(config_file_path): # jobservice config - config_dict['max_job_workers'] = configs.get("max_job_workers") + js_config = configs.get('jobservice', {}) + config_dict['max_job_workers'] = js_config.get("max_job_workers", 10) config_dict['jobservice_secret'] = generate_random_string(16) diff --git a/make/photon/prepare/utils/nginx.py b/make/photon/prepare/utils/nginx.py index 0eec3febd..8392be6ee 100644 --- a/make/photon/prepare/utils/nginx.py +++ b/make/photon/prepare/utils/nginx.py @@ -22,11 +22,15 @@ def prepare_nginx(config_dict): def render_nginx_template(config_dict): if config_dict['protocol'] == "https": render_jinja(nginx_https_conf_template, nginx_conf, - ssl_cert = SSL_CERT_PATH, - ssl_cert_key = SSL_CERT_KEY_PATH) + ssl_cert=SSL_CERT_PATH, + ssl_cert_key=SSL_CERT_KEY_PATH, + https_port=config_dict['https_port']) location_file_pattern = CUSTOM_NGINX_LOCATION_FILE_PATTERN_HTTPS else: - render_jinja(nginx_http_conf_template, nginx_conf) + render_jinja( + nginx_http_conf_template, + nginx_conf, + http_port=config_dict['http_port']) location_file_pattern = CUSTOM_NGINX_LOCATION_FILE_PATTERN_HTTP copy_nginx_location_configs_if_exist(nginx_template_ext_dir, nginx_confd_dir, location_file_pattern)