This repository has been archived by the owner on Sep 26, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 29
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge "Delete old policies when upgrading to HTTPS"
- Loading branch information
Showing
14 changed files
with
407 additions
and
17 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,66 @@ | ||
# Copyright (c) 2016 Rackspace, Inc. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
import time | ||
|
||
from oslo_config import cfg | ||
from oslo_log import log | ||
|
||
from poppy import bootstrap | ||
from poppy.common import cli | ||
|
||
LOG = log.getLogger(__name__) | ||
|
||
CLI_OPT = [ | ||
cfg.BoolOpt( | ||
'run_as_daemon', | ||
default=True, | ||
required=False, | ||
help='Run this script as a long running process.' | ||
), | ||
cfg.IntOpt( | ||
'sleep_interval', | ||
default=60, | ||
required=False, | ||
help='Sleep interval between runs of http policy delete.' | ||
), | ||
] | ||
|
||
|
||
@cli.runnable | ||
def run(): | ||
# TODO(kgriffs): For now, we have to use the global config | ||
# to pick up common options from openstack.common.log, since | ||
# that module uses the global CONF instance exclusively. | ||
conf = cfg.ConfigOpts() | ||
conf.register_cli_opts(CLI_OPT) | ||
log.register_options(conf) | ||
conf(project='poppy', prog='poppy') | ||
log.setup(conf, 'poppy') | ||
server = bootstrap.Bootstrap(conf) | ||
|
||
sleep_interval = conf.sleep_interval | ||
while True: | ||
( | ||
run_list, | ||
ignore_list | ||
) = server.manager.background_job_controller.delete_http_policy() | ||
|
||
LOG.info( | ||
"Policies, attempting to delete {0}, ignored {0}".format( | ||
run_list, ignore_list)) | ||
if conf.run_as_daemon is False: | ||
break | ||
time.sleep(sleep_interval) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
34 changes: 34 additions & 0 deletions
34
poppy/provider/akamai/background_jobs/delete_policy/delete_obsolete_http_policy_flow.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,34 @@ | ||
# Copyright (c) 2016 Rackspace, Inc. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
from oslo_config import cfg | ||
from oslo_log import log | ||
from taskflow.patterns import linear_flow | ||
|
||
from poppy.provider.akamai.background_jobs.delete_policy import ( | ||
delete_obsolete_http_policy_tasks) | ||
|
||
LOG = log.getLogger(__name__) | ||
|
||
|
||
conf = cfg.CONF | ||
conf(project='poppy', prog='poppy', args=[]) | ||
|
||
|
||
def delete_obsolete_http_policy(): | ||
flow = linear_flow.Flow('Deleting obsolete HTTP policy').add( | ||
delete_obsolete_http_policy_tasks.DeleteObsoleteHTTPPolicy(), | ||
) | ||
return flow |
56 changes: 56 additions & 0 deletions
56
poppy/provider/akamai/background_jobs/delete_policy/delete_obsolete_http_policy_tasks.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
# Copyright (c) 2016 Rackspace, Inc. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
from oslo_config import cfg | ||
from oslo_log import log | ||
from taskflow import task | ||
|
||
from poppy.distributed_task.utils import memoized_controllers | ||
|
||
LOG = log.getLogger(__name__) | ||
|
||
conf = cfg.CONF | ||
conf(project='poppy', prog='poppy', args=[]) | ||
|
||
|
||
class DeleteObsoleteHTTPPolicy(task.Task): | ||
"""Delete old HTTP policy once a domain is upgraded to HTTPS SAN.""" | ||
|
||
def __init__(self): | ||
super(DeleteObsoleteHTTPPolicy, self).__init__() | ||
service_controller, self.providers = \ | ||
memoized_controllers.task_controllers('poppy', 'providers') | ||
self.akamai_driver = self.providers['akamai'].obj | ||
|
||
def execute(self, configuration_number, policy_name): | ||
"""Deletes old HTTP policy once a domain is upgraded to HTTPS+san. | ||
:param configuration_number: akamai configuration number | ||
:param policy_name: name of policy on akamai policy api | ||
""" | ||
|
||
resp = self.akamai_driver.policy_api_client.delete( | ||
self.akamai_driver.akamai_policy_api_base_url.format( | ||
configuration_number=configuration_number, | ||
policy_name=policy_name | ||
) | ||
) | ||
LOG.info( | ||
'akamai response code: {0}'.format(resp.status_code)) | ||
LOG.info('akamai response text: {0}'.format(resp.text)) | ||
if resp.status_code != 200: | ||
raise RuntimeError(resp.text) | ||
LOG.info( | ||
'Delete old policy {0} complete'.format(policy_name)) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Empty file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,58 @@ | ||
# Copyright (c) 2016 Rackspace, Inc. | ||
# | ||
# Licensed under the Apache License, Version 2.0 (the "License"); | ||
# you may not use this file except in compliance with the License. | ||
# You may obtain a copy of the License at | ||
# | ||
# http://www.apache.org/licenses/LICENSE-2.0 | ||
# | ||
# Unless required by applicable law or agreed to in writing, software | ||
# distributed under the License is distributed on an "AS IS" BASIS, | ||
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or | ||
# implied. | ||
# See the License for the specific language governing permissions and | ||
# limitations under the License. | ||
|
||
import abc | ||
|
||
import six | ||
|
||
|
||
@six.add_metaclass(abc.ABCMeta) | ||
class HttpPolicyQueue(object): | ||
"""Keep track of old HTTP policies for deletion. | ||
The policy object on queue is used to kick off a task | ||
that deletes obsolete akamai http policies at pre-defined intervals. | ||
""" | ||
|
||
def __init__(self, conf): | ||
self._conf = conf | ||
|
||
def enqueue_http_policy(self, http_policy): | ||
"""Add new http policy element to the queue. | ||
:param http_policy: a new element to add to the queue | ||
:type http_policy: dict | ||
""" | ||
raise NotImplementedError | ||
|
||
def dequeue_http_policy(self, consume=True): | ||
"""Remove and return an item from the queue. | ||
:param consume: if true the policy is removed from the list and | ||
returned otherwise the policy is retrieved queue | ||
""" | ||
raise NotImplementedError | ||
|
||
def traverse_queue(self, consume=False): | ||
"""Traverse queue and return all items on the queue in a list""" | ||
raise NotImplementedError | ||
|
||
def put_queue_data(self, queue_data_list): | ||
"""Clear the queue and put new queue data list in the queue. | ||
:param queue_data_list: new queue data to replace current queue data | ||
:type queue_data_list: [dict()] -- list of dictionaries | ||
""" | ||
raise NotImplementedError |
Oops, something went wrong.