Merge pull request #347 from noobaa/eran_alpha_updates

quick and very dirty fix for s3 and web server separation

Author: tamireran

src/api/system_api.js

@@ -320,7 +320,13 @@ module.exports = {
                     item: {
                         $ref: '/system_api/definitions/access_keys'
                     }
-                }
+                },
+                ssl_port: {
+                    type: 'string'
+                },
+                web_port: {
+                    type: 'string'
+                },
             }
         },
 
@@ -378,7 +384,5 @@ module.exports = {
                 }
             }
         }
-
-
     }
 };

src/client/nb_console.js

@@ -205,7 +205,10 @@ nb_console.controller('OverviewCtrl', [
         function rest_server_information() {
             var scope = $scope.$new();
             scope.access_keys = nbSystem.system.access_keys;
-            scope.rest_endpoint = $window.location.host + '/s3';
+
+            var rest_host = ($window.location.host).replace(':'+nbSystem.system.web_port,'').replace(':'+nbSystem.system.ssl_port,':443');
+            console.log('SYS3:'+nbSystem.system.web_port+' host:'+rest_host);
+            scope.rest_endpoint = rest_host ;
             scope.bucket_name = $scope.nbSystem.system.buckets[0].name;
             scope.rest_package = download_rest_server_package;
             console.log('rest_server_information', scope.rest_package, scope.rest_endpoint);
@@ -504,7 +507,7 @@ nb_console.controller('BucketViewCtrl', [
                     return init_only ? nbSystem.init_system : nbSystem.reload_system();
                 })
                 .then(function() {
-                    nbFiles.set_access_keys(nbSystem.system.access_keys);
+                    nbFiles.set_access_keys(nbSystem.system.access_keys,nbSystem.system.web_port,nbSystem.system.ssl_port);
                     $scope.bucket = _.find(nbSystem.system.buckets, function(bucket) {
                         return bucket.name === $routeParams.bucket_name;
                     });
@@ -553,7 +556,10 @@ nb_console.controller('BucketViewCtrl', [
         function rest_server_information() {
             var scope = $scope.$new();
             scope.access_keys = nbSystem.system.access_keys;
-            scope.rest_endpoint = $window.location.host + '/s3';
+            var rest_host = ($window.location.host).replace(':'+nbSystem.system.web_port,'').replace(':'+nbSystem.system.ssl_port,':443');
+            console.log('SYS2:'+nbSystem.system.web_port+' host:'+rest_host);
+
+            scope.rest_endpoint = rest_host;
             scope.bucket_name =  $routeParams.bucket_name;
             scope.rest_package = download_rest_server_package;
             console.log('rest_server_information', scope.rest_package, scope.rest_endpoint);
@@ -634,7 +640,7 @@ nb_console.controller('FileViewCtrl', [
                     //Setting access keys.
                     //TODO: consider separation to other object with only the keys
                     //      also, check better solution in terms of security.
-                    nbFiles.set_access_keys(nbSystem.system.access_keys);
+                    nbFiles.set_access_keys(nbSystem.system.access_keys,nbSystem.system.web_port,nbSystem.system.ssl_port);
 
                     $scope.bucket = _.find(nbSystem.system.buckets, function(bucket) {
                         return bucket.name === $routeParams.bucket_name;

src/client/nb_files.js

@@ -13,8 +13,8 @@ var streams = require('stream');
 
 
 nb_api.factory('nbFiles', [
-    '$http', '$q', '$window', '$timeout', '$sce', 'nbAlertify', '$rootScope', 'nbClient','$location',
-    function($http, $q, $window, $timeout, $sce, nbAlertify, $rootScope, nbClient,$location) {
+    '$http', '$q', '$window', '$timeout', '$sce', 'nbAlertify', '$rootScope', 'nbClient','$location','nbSystem',
+    function($http, $q, $window, $timeout, $sce, nbAlertify, $rootScope, nbClient,$location,nbSystem) {
         var $scope = {};
 
         $scope.list_files = list_files;
@@ -33,7 +33,8 @@ nb_api.factory('nbFiles', [
         $scope.downloads = [];
         $scope.transfers = [];
         $scope.s3 = null;
-
+        $scope.web_port = 0;
+        $scope.ssl_port = 0;
         // call first time with empty keys to initialize s3
         set_access_keys();
 
@@ -61,7 +62,9 @@ nb_api.factory('nbFiles', [
 
         //update access keys.
         //TODO: find more secured approach
-        function set_access_keys(access_keys) {
+        function set_access_keys(access_keys,web_port,ssl_port) {
+            $scope.web_port = web_port;
+            $scope.ssl_port = ssl_port;
             if (!_.isEmpty(access_keys)) {
                 AWS.config.update({
                     accessKeyId: access_keys[0].access_key,
@@ -87,7 +90,13 @@ nb_api.factory('nbFiles', [
             //     (rest_port ? ':' + rest_port : '')+'/s3';
             // var https_endpoint = 'https://127.0.0.1' +
             //     (rest_ssl_port ? ':' + rest_ssl_port : '')+'/s3';
-            var rest_endpoint = $window.location.protocol+'//' +$window.location.host+'/s3';
+            //var rest_host = ($window.location.host).replace(':'+web_port,'').replace(':'+ssl_port,':443');
+            var rest_host = ($window.location.host).replace(':'+web_port,'').replace(':'+ssl_port,'');
+
+            console.log('SYS1:'+web_port+' host:'+rest_host);
+
+            var rest_endpoint = $window.location.protocol+'//' +rest_host;
+            rest_endpoint = rest_endpoint.replace('https','http');
             console.log('win:',$window.location,":",rest_endpoint);
             $scope.s3 = new AWS.S3({
                 // endpoint: $window.location.protocol === 'https:' ?
@@ -119,7 +128,7 @@ nb_api.factory('nbFiles', [
                     return nbClient.client.object_driver_lazy().get_object_md(params, cache_miss);
                 })
                 .then(function(res) {
-                    console.log('FILE', res);
+                    console.log('FILE', res,params.key);
                     var file_info = make_file_info({
                         key: params.key,
                         info: res
@@ -129,6 +138,8 @@ nb_api.factory('nbFiles', [
                         Bucket: params.bucket,
                         Key: params.key
                     });
+                    url = url.replace(':'+$scope.web_port,'').replace(':'+$scope.ssl_port,':443');
+
                     console.log('urlll:',url);
                     file_info.url = url;
                     return file_info;

src/client/nb_nodes.js

@@ -188,19 +188,21 @@ nb_api.factory('nbNodes', [
                 bucket: 'files',
                 root_path: './agent_storage/'
             };
-            config_json.address = 'wss://noobaa.local';
+
+            config_json.address = 'wss://noobaa.local:'+nbSystem.system.ssl_port;
             config_json.system = nbSystem.system.name;
             config_json.access_key = nbSystem.system.access_keys[0].access_key;
             config_json.secret_key = nbSystem.system.access_keys[0].secret_key;
             var encodedData = $window.btoa(JSON.stringify(config_json));
             scope.encodedData = encodedData;
-            config_json.address = 'wss://'+$window.location.host;
+            var secured_host = ($window.location.host).replace(':'+nbSystem.system.web_port,':'+nbSystem.system.ssl_port);
+            config_json.address = 'wss://'+secured_host;
             encodedData = $window.btoa(JSON.stringify(config_json));
             scope.encodedDataIP = encodedData;
             scope.current_host = $window.location.host;
             scope.typeOptions = [
                     { name: 'Use noobaa.local', value: scope.encodedData },
-                    { name: 'Use '+$window.location.host, value: scope.encodedDataIP },
+                    { name: 'Use '+secured_host, value: scope.encodedDataIP },
                 ];
             console.log('type options',scope.typeOptions);
             scope.encoding = {type : scope.typeOptions[0].value};

src/deploy/NVA_build/deploy_base.sh

@@ -139,6 +139,9 @@ function setup_mongo {
 function general_settings {
 	iptables -I INPUT 1 -i eth0 -p tcp --dport 443 -j ACCEPT
 	iptables -I INPUT 1 -i eth0 -p tcp --dport 80 -j ACCEPT
+	iptables -I INPUT 1 -i eth0 -p tcp --dport 8080 -j ACCEPT
+	iptables -I INPUT 1 -i eth0 -p tcp --dport 8443 -j ACCEPT
+
 	/sbin/iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
 	/sbin/iptables -A OUTPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
 	service iptables save

src/deploy/NVA_build/env.orig

@@ -1,8 +1,8 @@
 DEV_MODE=false
 DEBUG_MODE=false
 
-PORT=80
-SSL_PORT=443
+PORT=8080
+SSL_PORT=8443
 ON_PREMISE=true
 
 # address means the address of the server as reachable from the internet

src/deploy/NVA_build/noobaa_supervisor.conf

@@ -16,3 +16,7 @@ autorestart=true
 [program:webserver]
 directory=/root/node_modules/noobaa-core
 command=/usr/local/bin/node src/server/web_server.js
+
+[program:s3rver]
+directory=/root/node_modules/noobaa-core
+command=/usr/local/bin/node src/s3/s3rver_starter.js

src/deploy/NVA_build/upgrade.sh

@@ -31,6 +31,10 @@ function restart_webserver {
     ${SUPERCTL} restart webserver
 }
 
+function restart_s3rver {
+    ${SUPERCTL} restart s3rver
+}
+
 
 function check_latest_version {
   local current=$(grep CURRENT_VERSION $ENV_FILE | sed 's:.*=\(.*\):\1:')
@@ -98,6 +102,7 @@ function do_upgrade {
   #workaround - from some reason, without sleep + restart, the server starts with odd behavior
   #TODO: understand why and fix.
   sleep 5;
+  restart_s3rver
   restart_webserver
   deploy_log "Upgrade finished successfully!"
 }

src/deploy/NVA_build/upgrade_wrapper.sh

@@ -11,6 +11,8 @@ function pre_upgrade {
   #TODO: CHECK if rules already exist, is so skip this part
   iptables -I INPUT 1 -i eth0 -p tcp --dport 80 -j ACCEPT
   iptables -I INPUT 1 -i eth0 -p tcp --dport 443 -j ACCEPT
+  iptables -I INPUT 1 -i eth0 -p tcp --dport 8080 -j ACCEPT
+  iptables -I INPUT 1 -i eth0 -p tcp --dport 8443 -j ACCEPT
   #/sbin/iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
   #/sbin/iptables -A OUTPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
   service iptables save
@@ -47,6 +49,15 @@ function pre_upgrade {
 
   sysctl -w fs.file-max=102400
   sysctl -p
+  agent_conf=${CORE_DIR}/agent_conf.json
+  if [ -f "$agent_conf" ]
+    then
+        deploy_log "$agent_conf found. Save to /tmp and restore"
+        rm -f /tmp/agent_conf.json
+        cp ${agent_conf} /tmp/agent_conf.json
+    else
+        deploy_log "$agent_conf not found."
+    fi
 }
 
 function post_upgrade {
@@ -56,6 +67,11 @@ function post_upgrade {
   local curmd=$(md5sum /tmp/noobaa-NVA.tar.gz  | cut -f 1 -d' ')
   local prevmd=$(grep "#packmd" /backup/.env | cut -f 2 -d' ')
 
+  cp -f ${CORE_DIR}/src/deploy/NVA_build/noobaa_supervisor.conf /etc/noobaa_supervisor.conf
+  cat /etc/noobaa_supervisor.conf
+  cp  /tmp/agent_conf.json ${CORE_DIR}/agent_conf.json
+
+
   cp -f ${CORE_DIR}/src/deploy/NVA_build/env.orig ${CORE_DIR}/.env
 
   local AGENT_VERSION_VAR=$(grep AGENT_VERSION /backup/.env)

src/rpc/rpc.js

@@ -30,7 +30,7 @@ var browser_ws = global.window && global.window.WebSocket;
 // in the browser we take the address as the host of the web page
 // just like any ajax request. for development we take localhost.
 // for any other case the RPC objects can set the base_address property.
-var DEFAULT_BASE_ADDRESS = 'ws://127.0.0.1:5001';
+var DEFAULT_BASE_ADDRESS = 'ws://127.0.0.1:'+process.env.web_port;
 if (browser_location) {
     if (browser_ws) {
         // use ws/s address