Skip to content
Permalink
Browse files

JENKINS-18854 - fixed Eucalyptus connectivity support

  • Loading branch information...
ColbyDyess committed Jul 19, 2013
1 parent 1e009ad commit b55add0411a65b7a8c29c71c8b415c05c31aff41
@@ -58,30 +58,24 @@
* @author Kohsuke Kawaguchi
*/
public class Eucalyptus extends EC2Cloud {
private transient Metadata metadata;

public final URL url;
public final URL ec2endpoint;
public final URL s3endpoint;

@DataBoundConstructor
public Eucalyptus(URL url, String accessId, String secretKey, String privateKey, String instanceCapStr, List<SlaveTemplate> templates) throws IOException {
public Eucalyptus(URL ec2endpoint, URL s3endpoint, String accessId, String secretKey, String privateKey, String instanceCapStr, List<SlaveTemplate> templates) throws IOException {
super("eucalyptus", accessId, secretKey, privateKey, instanceCapStr, templates);
this.url = url;
}

private Metadata getMetadata() throws IOException {
if (metadata==null)
metadata = new Metadata(url);
return metadata;
this.ec2endpoint = ec2endpoint;
this.s3endpoint = s3endpoint;
}

@Override
public URL getEc2EndpointUrl() throws IOException {
return getMetadata().ec2endpoint;
return this.ec2endpoint;
}

@Override
public URL getS3EndpointUrl() throws IOException {
return getMetadata().s3endpoint;
return this.s3endpoint;
}

@Extension
@@ -93,111 +87,17 @@ public String getDisplayName() {

@Override
public FormValidation doTestConnection(
@QueryParameter URL url,
@QueryParameter URL ec2endpoint,
@QueryParameter String accessId,
@QueryParameter String secretKey,
@QueryParameter String privateKey) throws IOException, ServletException {
return super.doTestConnection(new Metadata(url).ec2endpoint,accessId,secretKey,privateKey);
return super.doTestConnection(ec2endpoint,accessId,secretKey,privateKey);
}

@Override
public FormValidation doGenerateKey(
StaplerResponse rsp, @QueryParameter URL url, @QueryParameter String accessId, @QueryParameter String secretKey) throws IOException, ServletException {
return super.doGenerateKey(rsp, new Metadata(url).ec2endpoint, accessId,secretKey);
}
}

/**
* Eucalyptus service endpoint metadata.
*/
static class Metadata {
final URL ec2endpoint,s3endpoint;

Metadata(URL eucalyptus) throws IOException {
if (!eucalyptus.getProtocol().equals("https"))
throw new IOException("Expecting an HTTPS URL but got "+eucalyptus);
URL metadataUrl = new URL(eucalyptus, "/register");
try {
HttpsURLConnection con = (HttpsURLConnection)metadataUrl.openConnection();
makeIgnoreCertificate(con);
Document metadata = new SAXReader().read(con.getInputStream());
/*
Metadata, as of Eucalyptus 1.5.2, looks like this:
<Signature>
<SignedInfo>
<SignatureMethod>http://www.w3.org/2001/04/xmldsig-more#hmac-sha256</SignatureMethod>
</SignedInfo>
<SignatureValue>62595777525d7dbba4b5f361b3e9041d3d37e92611684557e67e85a9222a3ffb </SignatureValue>
<Object>
<CloudSchema>
<Services type="array">
<Service>
<Name>ec2</Name>
<EndpointUrl>http://eucalyptus.hudson-slaves.sfbay.sun.com:8773/services/Eucalyptus</EndpointUrl>
<Resources type="array">
...
</Resources>
</Service>
<Service>
<Name>s3</Name>
<EndpointUrl>http://eucalyptus.hudson-slaves.sfbay.sun.com:8773/services/Walrus</EndpointUrl>
<Resources type="array">
...
</Resources>
</Service>
</Services>
<id>a002c56e-b994-4ed8-956b-b30eda9b6153</id> <CloudType>eucalyptus</CloudType>
<CloudVersion>1.5.2</CloudVersion>
<SchemaVersion>1.0</SchemaVersion>
<Description>Public cloud in the new cluster</Description>
</CloudSchema>
*/

this.ec2endpoint = readURLFromMetadata(metadata, "ec2");
this.s3endpoint = readURLFromMetadata(metadata, "s3");
} catch (DocumentException e) {
throw new IOException2("Failed to parse Eucalyptus metadata at "+metadataUrl,e);
} catch (IOException e) {
throw new IOException2("Failed to parse Eucalyptus metadata at "+metadataUrl,e);
} catch (GeneralSecurityException e) {
throw new IOException2("Failed to parse Eucalyptus metadata at "+metadataUrl,e);
}
}

/**
* Configures the given {@link HttpsURLConnection} so that it'll ignore all the HTTPS certificate checks,
* as typical Eucalyptus implementation doesn't come with a valid certificate.
*/
private void makeIgnoreCertificate(HttpsURLConnection con) throws NoSuchAlgorithmException, KeyManagementException {
SSLContext sc = SSLContext.getInstance("SSL");
TrustManager[] tma = {new X509TrustManager() {
public X509Certificate[] getAcceptedIssuers() {
return null;
}

public void checkClientTrusted(X509Certificate[] certs, String authType) {
}

public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
}};
sc.init(null, tma, null);

con.setSSLSocketFactory(sc.getSocketFactory());
con.setHostnameVerifier(new HostnameVerifier() {
public boolean verify(String s, SSLSession sslSession) {
return true; // everything goes
}
});
}

private URL readURLFromMetadata(Document metadata, String serviceName) throws MalformedURLException {
Element e = (Element)metadata.selectSingleNode("//Service[Name/text()='" + serviceName + "']/EndpointUrl");
if (e==null)
throw new IllegalStateException("Service metadata didn't contain "+serviceName);
return new URL(e.getTextTrim());
return super.doGenerateKey(rsp, url, accessId,secretKey);
}
}
}
@@ -38,6 +38,7 @@

import java.io.IOException;
import java.io.PrintStream;
import java.net.URL;
import java.util.*;

import javax.servlet.ServletException;
@@ -618,11 +619,16 @@ public String getHelpFile(String fieldName) {
*/
public FormValidation doValidateAmi(
@QueryParameter String accessId, @QueryParameter String secretKey,
@QueryParameter String region,
@QueryParameter String ec2endpoint, @QueryParameter String region,
final @QueryParameter String ami) throws IOException, ServletException {
AmazonEC2 ec2 = EC2Cloud.connect(accessId, secretKey, AmazonEC2Cloud.getEc2EndpointUrl(region));
AmazonEC2 ec2;
if (region != null) {
ec2 = EC2Cloud.connect(accessId, secretKey, AmazonEC2Cloud.getEc2EndpointUrl(region));
} else {
ec2 = EC2Cloud.connect(accessId, secretKey, new URL(ec2endpoint));
}
if(ec2!=null) {
try {
try {
List<String> images = new LinkedList<String>();
images.add(ami);
List<String> owners = new LinkedList<String>();
@@ -641,7 +647,7 @@ public FormValidation doValidateAmi(
return FormValidation.ok(img.get(0).getImageLocation() +
(ownerAlias != null ? " by " + ownerAlias : ""));
} catch (AmazonClientException e) {
return FormValidation.error(e.getMessage());
return FormValidation.error(e.getMessage());
}
} else
return FormValidation.ok(); // can't test
@@ -22,7 +22,10 @@ OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
THE SOFTWARE.
-->
<j:jelly xmlns:j="jelly:core" xmlns:st="jelly:stapler" xmlns:d="jelly:define" xmlns:l="/lib/layout" xmlns:t="/lib/hudson" xmlns:f="/lib/form">
<f:entry title="${%Eucalyptus URL}" field="url">
<f:entry title="${%Eucalyptus EC2 URL}" field="ec2endpoint">
<f:textbox />
</f:entry>
<f:entry title="${%Eucalyptus S3 URL}" field="s3endpoint">
<f:textbox />
</f:entry>
<f:entry title="${%Access ID}" field="accessId">
@@ -39,6 +42,6 @@ THE SOFTWARE.
<f:textbox />
</f:entry>
</f:advanced>
<f:validateButton title="${%Generate Key}" progress="${%Generate...}" method="generateKey" with="url,secretKey,accessId" />
<f:validateButton title="${%Test Connection}" progress="${%Testing...}" method="testConnection" with="url,secretKey,accessId,privateKey" />
<f:validateButton title="${%Generate Key}" progress="${%Generate...}" method="generateKey" with="ec2endpoint,secretKey,accessId" />
<f:validateButton title="${%Test Connection}" progress="${%Testing...}" method="testConnection" with="ec2endpoint,secretKey,accessId,privateKey" />
</j:jelly>
@@ -32,7 +32,7 @@ THE SOFTWARE.
<f:textbox />
</f:entry>

<f:validateButton title="${%Check AMI}" progress="${%Checking...}" method="validateAmi" with="secretKey,accessId,region,ami" />
<f:validateButton title="${%Check AMI}" progress="${%Checking...}" method="validateAmi" with="secretKey,accessId,region,ec2endpoint,ami" />

<f:entry title="${%Instance Type}" field="type">
<f:enum>${it.name()}</f:enum>

0 comments on commit b55add0

Please sign in to comment.
You can’t perform that action at this time.