From 05577b2c7cf3b27f1fd895a27cb486c5b6fc9d2a Mon Sep 17 00:00:00 2001 From: Jared Rodriguez Date: Thu, 1 Aug 2019 18:22:50 -0500 Subject: [PATCH] test socket before trying bootstrap --- .../extra/bootstrap_exhibitor_tls.py | 29 +++++++++++++++++-- 1 file changed, 26 insertions(+), 3 deletions(-) diff --git a/packages/exhibitor/extra/bootstrap_exhibitor_tls.py b/packages/exhibitor/extra/bootstrap_exhibitor_tls.py index db155d431c..2d403d7e12 100644 --- a/packages/exhibitor/extra/bootstrap_exhibitor_tls.py +++ b/packages/exhibitor/extra/bootstrap_exhibitor_tls.py @@ -30,7 +30,7 @@ def invoke_detect_ip(): sys.exit(1) -def get_ca_url(exhibitor_bootstrap_ca_url, bootstrap_url) -> str: +def get_ca_url(exhibitor_bootstrap_ca_url, bootstrap_url): if exhibitor_bootstrap_ca_url: print('Using `exhibitor_bootstrap_ca_url` config parameter.') return exhibitor_bootstrap_ca_url @@ -46,7 +46,26 @@ def get_ca_url(exhibitor_bootstrap_ca_url, bootstrap_url) -> str: return "" -def gen_tls_artifacts(ca_url, artifacts_path) -> None: +def test_connection(ca_url): + s = socket.socket() + s.settimeout(5) + netloc = urlparse(ca_url).netloc.split(':', 1) + if len(netloc) == 2: + host, port = netloc + else: + host, port = netloc[0], '443' + + try: + s.connect((host, int(port))) + except Exception as e: + print('could not connect to bootstrap node: {}'.format(e)) + return False + finally: + s.close() + return True + + +def gen_tls_artifacts(ca_url, artifacts_path): """ Contact the CA service to sign the generated TLS artifacts. Write the signed Exhibitor TLS artifacts to the file system. @@ -138,7 +157,6 @@ def main(): if os.path.exists(TLS_ARTIFACT_LOCATION): return - print('Bootstrapping exhibitor TLS') exhibitor_bootstrap_ca_url = exhibitor_env['EXHIBITOR_BOOTSTRAP_CA_URL'] bootstrap_url = exhibitor_env['BOOTSTRAP_URL'] @@ -146,6 +164,11 @@ def main(): if not ca_url: return + if not test_connection(ca_url): + return + + print('Bootstrapping exhibitor TLS') + gen_tls_artifacts(ca_url, Path(TLS_ARTIFACT_LOCATION)) sys.stdout.flush()