Java tutorial
/* * Licensed to the Apache Software Foundation (ASF) under one * or more contributor license agreements. See the NOTICE file * distributed with this work for additional information * regarding copyright ownership. The ASF licenses this file * to you under the Apache License, Version 2.0 (the * "License"); you may not use this file except in compliance * with the License. You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, * software distributed under the License is distributed on an * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY * KIND, either express or implied. See the License for the * specific language governing permissions and limitations * under the License. */ package org.apache.brooklyn.entity.proxy.nginx; import java.net.URI; import java.util.Collection; import java.util.Collections; import java.util.List; import java.util.Map; import java.util.Set; import org.apache.brooklyn.api.entity.Entity; import org.apache.brooklyn.api.entity.Group; import org.apache.brooklyn.api.mgmt.SubscriptionHandle; import org.apache.brooklyn.api.policy.PolicySpec; import org.apache.brooklyn.api.sensor.SensorEvent; import org.apache.brooklyn.api.sensor.SensorEventListener; import org.apache.brooklyn.core.annotation.Effector; import org.apache.brooklyn.core.entity.Attributes; import org.apache.brooklyn.core.entity.lifecycle.Lifecycle; import org.apache.brooklyn.core.entity.lifecycle.ServiceStateLogic.ServiceNotUpLogic; import org.apache.brooklyn.core.feed.ConfigToAttributes; import org.apache.brooklyn.enricher.stock.Enrichers; import org.apache.brooklyn.entity.group.AbstractMembershipTrackingPolicy; import org.apache.brooklyn.entity.proxy.AbstractControllerImpl; import org.apache.brooklyn.entity.proxy.ProxySslConfig; import org.apache.brooklyn.entity.proxy.nginx.NginxController.NginxControllerInternal; import org.apache.brooklyn.feed.http.HttpFeed; import org.apache.brooklyn.feed.http.HttpPollConfig; import org.apache.brooklyn.feed.http.HttpValueFunctions; import org.apache.brooklyn.util.core.ResourceUtils; import org.apache.brooklyn.util.core.file.ArchiveUtils; import org.apache.brooklyn.util.http.HttpTool; import org.apache.brooklyn.util.http.HttpToolResponse; import org.apache.brooklyn.util.guava.Functionals; import org.apache.brooklyn.util.stream.Streams; import org.apache.brooklyn.util.text.Strings; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import com.google.common.base.Function; import com.google.common.base.Predicates; import com.google.common.base.Supplier; import com.google.common.collect.ImmutableMap; import com.google.common.collect.Iterables; import com.google.common.collect.Sets; /** * Implementation of the {@link NginxController} entity. */ public class NginxControllerImpl extends AbstractControllerImpl implements NginxController, NginxControllerInternal { private static final Logger LOG = LoggerFactory.getLogger(NginxControllerImpl.class); private volatile HttpFeed httpFeed; private final Set<String> installedKeysCache = Sets.newLinkedHashSet(); protected UrlMappingsMemberTrackerPolicy urlMappingsMemberTrackerPolicy; protected SubscriptionHandle targetAddressesHandler; @Override public void reload() { NginxSshDriver driver = (NginxSshDriver) getDriver(); if (driver == null) { Lifecycle state = getAttribute(NginxController.SERVICE_STATE_ACTUAL); throw new IllegalStateException("Cannot reload (no driver instance; stopped? (state=" + state + ")"); } driver.reload(); } @Override public boolean isSticky() { return getConfig(STICKY); } private class UrlInferencer implements Supplier<URI> { private Map<String, String> parameters; private UrlInferencer(Map<String, String> parameters) { this.parameters = parameters; } @Override public URI get() { String baseUrl = inferUrl(true); if (parameters == null || parameters.isEmpty()) return URI.create(baseUrl); return URI.create(baseUrl + "?" + HttpTool.encodeUrlParams(parameters)); } } @Override public void connectSensors() { super.connectSensors(); ConfigToAttributes.apply(this); // "up" is defined as returning a valid HTTP response from nginx (including a 404 etc) httpFeed = addFeed( HttpFeed.builder().uniqueTag("nginx-poll").entity(this).period(getConfig(HTTP_POLL_PERIOD)) .baseUri(new UrlInferencer(null)).poll(new HttpPollConfig<Boolean>(NGINX_URL_ANSWERS_NICELY) // Any response from Nginx is good. .checkSuccess(Predicates.alwaysTrue()) // Accept any nginx response (don't assert specific version), so that sub-classing // for a custom nginx build is not strict about custom version numbers in headers .onResult(HttpValueFunctions.containsHeader("Server")).setOnException(false) .suppressDuplicates(true)) .build()); // TODO PERSISTENCE WORKAROUND kept anonymous function in case referenced in persisted state new Function<HttpToolResponse, Boolean>() { @Override public Boolean apply(HttpToolResponse input) { // Accept any nginx response (don't assert specific version), so that sub-classing // for a custom nginx build is not strict about custom version numbers in headers List<String> actual = input.getHeaderLists().get("Server"); return actual != null && actual.size() == 1; } }; if (!Lifecycle.RUNNING.equals(getAttribute(SERVICE_STATE_ACTUAL))) { // TODO when updating the map, if it would change from empty to empty on a successful run // gate with the above check to prevent flashing on ON_FIRE during rebind (this is invoked on rebind as well as during start) ServiceNotUpLogic.updateNotUpIndicator(this, NGINX_URL_ANSWERS_NICELY, "No response from nginx yet"); } enrichers().add(Enrichers.builder().updatingMap(Attributes.SERVICE_NOT_UP_INDICATORS) .uniqueTag("not-up-unless-url-answers").from(NGINX_URL_ANSWERS_NICELY) .computing(Functionals.ifNotEquals(true) .value("URL where nginx listens is not answering correctly (with expected header)")) .build()); connectServiceUpIsRunning(); // Can guarantee that parent/managementContext has been set Group urlMappings = getConfig(URL_MAPPINGS); if (urlMappings != null && urlMappingsMemberTrackerPolicy == null) { // Listen to the targets of each url-mapping changing targetAddressesHandler = subscriptions().subscribeToMembers(urlMappings, UrlMapping.TARGET_ADDRESSES, new SensorEventListener<Collection<String>>() { @Override public void onEvent(SensorEvent<Collection<String>> event) { updateNeeded(); } }); // Listen to url-mappings being added and removed urlMappingsMemberTrackerPolicy = policies() .add(PolicySpec.create(UrlMappingsMemberTrackerPolicy.class).configure("group", urlMappings)); } } protected void removeUrlMappingsMemberTrackerPolicy() { if (urlMappingsMemberTrackerPolicy != null) { policies().remove(urlMappingsMemberTrackerPolicy); urlMappingsMemberTrackerPolicy = null; } Group urlMappings = getConfig(URL_MAPPINGS); if (urlMappings != null && targetAddressesHandler != null) { subscriptions().unsubscribe(urlMappings, targetAddressesHandler); targetAddressesHandler = null; } } public static class UrlMappingsMemberTrackerPolicy extends AbstractMembershipTrackingPolicy { @Override protected void onEntityEvent(EventType type, Entity entity) { // relies on policy-rebind injecting the implementation rather than the dynamic-proxy ((NginxControllerImpl) super.entity).updateNeeded(); } } @Override protected void preStop() { super.preStop(); removeUrlMappingsMemberTrackerPolicy(); } @Override protected void postStop() { // TODO don't want stop to race with the last poll. super.postStop(); sensors().set(SERVICE_UP, false); } @Override protected void disconnectSensors() { if (httpFeed != null) httpFeed.stop(); disconnectServiceUpIsRunning(); super.disconnectSensors(); } @Override public Class<?> getDriverInterface() { return NginxDriver.class; } @Override public NginxDriver getDriver() { return (NginxDriver) super.getDriver(); } public void doExtraConfigurationDuringStart() { computePortsAndUrls(); reconfigureService(); // reconnect sensors if ports have changed connectSensors(); } @Override @Effector(description = "Gets the current server configuration (by brooklyn recalculating what the config should be); does not affect the server") public String getCurrentConfiguration() { return getConfigFile(); } @Override @Effector(description = "Deploys an archive of static content to the server") public void deploy(String archiveUrl) { NginxSshDriver driver = (NginxSshDriver) getDriver(); if (driver == null) { if (LOG.isDebugEnabled()) LOG.debug("No driver for {}, so not deploying archive (is entity stopping? state={})", this, getAttribute(NginxController.SERVICE_STATE_ACTUAL)); return; } // Copy to the destination machine and extract contents ArchiveUtils.deploy(archiveUrl, driver.getMachine(), driver.getRunDir()); } @Override public void reconfigureService() { String cfg = getConfigFile(); if (cfg == null) return; if (LOG.isDebugEnabled()) LOG.debug("Reconfiguring {}, targetting {} and {}", new Object[] { this, getServerPoolAddresses(), getUrlMappings() }); if (LOG.isTraceEnabled()) LOG.trace("Reconfiguring {}, config file:\n{}", this, cfg); NginxSshDriver driver = (NginxSshDriver) getDriver(); if (!driver.isCustomizationCompleted()) { if (LOG.isDebugEnabled()) LOG.debug("Reconfiguring {}, but driver's customization not yet complete so aborting", this); return; } driver.getMachine().copyTo(Streams.newInputStreamWithContents(cfg), driver.getRunDir() + "/conf/server.conf"); installSslKeys("global", getSslConfig()); for (UrlMapping mapping : getUrlMappings()) { //cache ensures only the first is installed, which is what is assumed below installSslKeys(mapping.getDomain(), mapping.getConfig(UrlMapping.SSL_CONFIG)); } } /** * Installs SSL keys named as {@code id.crt} and {@code id.key} where nginx can find them. * <p> * Currently skips re-installs (does not support changing) */ public void installSslKeys(String id, ProxySslConfig ssl) { if (ssl == null) return; if (installedKeysCache.contains(id)) return; NginxSshDriver driver = (NginxSshDriver) getDriver(); if (!Strings.isEmpty(ssl.getCertificateSourceUrl())) { String certificateDestination = Strings.isEmpty(ssl.getCertificateDestination()) ? driver.getRunDir() + "/conf/" + id + ".crt" : ssl.getCertificateDestination(); driver.getMachine().copyTo(ImmutableMap.of("permissions", "0600"), ResourceUtils.create(this).getResourceFromUrl(ssl.getCertificateSourceUrl()), certificateDestination); } if (!Strings.isEmpty(ssl.getKeySourceUrl())) { String keyDestination = Strings.isEmpty(ssl.getKeyDestination()) ? driver.getRunDir() + "/conf/" + id + ".key" : ssl.getKeyDestination(); driver.getMachine().copyTo(ImmutableMap.of("permissions", "0600"), ResourceUtils.create(this).getResourceFromUrl(ssl.getKeySourceUrl()), keyDestination); } installedKeysCache.add(id); } @Override public String getConfigFile() { NginxSshDriver driver = (NginxSshDriver) getDriver(); if (driver == null) { LOG.debug("No driver for {}, so not generating config file (is entity stopping? state={})", this, getAttribute(NginxController.SERVICE_STATE_ACTUAL)); return null; } NginxConfigFileGenerator templateGenerator = getConfig(NginxController.SERVER_CONF_GENERATOR); return templateGenerator.generateConfigFile(driver, this); } @Override public Iterable<UrlMapping> getUrlMappings() { // For mapping by URL Group urlMappingGroup = getConfig(NginxController.URL_MAPPINGS); if (urlMappingGroup != null) { return Iterables.filter(urlMappingGroup.getMembers(), UrlMapping.class); } else { return Collections.<UrlMapping>emptyList(); } } @Override public String getShortName() { return "Nginx"; } public boolean appendSslConfig(String id, StringBuilder out, String prefix, ProxySslConfig ssl, boolean sslBlock, boolean certificateBlock) { if (ssl == null) return false; if (sslBlock) { out.append(prefix); out.append("ssl on;\n"); } if (ssl.getReuseSessions()) { out.append(prefix); out.append("proxy_ssl_session_reuse on;"); } if (certificateBlock) { String cert; if (Strings.isEmpty(ssl.getCertificateDestination())) { cert = "" + id + ".crt"; } else { cert = ssl.getCertificateDestination(); } out.append(prefix); out.append("ssl_certificate " + cert + ";\n"); String key; if (!Strings.isEmpty(ssl.getKeyDestination())) { key = ssl.getKeyDestination(); } else if (!Strings.isEmpty(ssl.getKeySourceUrl())) { key = "" + id + ".key"; } else { key = null; } if (key != null) { out.append(prefix); out.append("ssl_certificate_key " + key + ";\n"); } } return true; } }