Merge pull request #347 from noobaa/eran_alpha_updates

quick and very dirty fix for s3 and web server separation

src/api/system_api.js

@@ -320,7 +320,13 @@ module.exports = {
                     item: {
                         $ref: '/system_api/definitions/access_keys'
                     }
-                }
+                },
+                ssl_port: {
+                    type: 'string'
+                },
+                web_port: {
+                    type: 'string'
+                },
             }
         },
 
@@ -378,7 +384,5 @@ module.exports = {
                 }
             }
         }
-
-
     }
 };

src/client/nb_console.js

@@ -205,7 +205,10 @@ nb_console.controller('OverviewCtrl', [
         function rest_server_information() {
             var scope = $scope.$new();
             scope.access_keys = nbSystem.system.access_keys;
-            scope.rest_endpoint = $window.location.host + '/s3';
+
+            var rest_host = ($window.location.host).replace(':'+nbSystem.system.web_port,'').replace(':'+nbSystem.system.ssl_port,':443');
+            console.log('SYS3:'+nbSystem.system.web_port+' host:'+rest_host);
+            scope.rest_endpoint = rest_host ;
             scope.bucket_name = $scope.nbSystem.system.buckets[0].name;
             scope.rest_package = download_rest_server_package;
             console.log('rest_server_information', scope.rest_package, scope.rest_endpoint);
@@ -504,7 +507,7 @@ nb_console.controller('BucketViewCtrl', [
                     return init_only ? nbSystem.init_system : nbSystem.reload_system();
                 })
                 .then(function() {
-                    nbFiles.set_access_keys(nbSystem.system.access_keys);
+                    nbFiles.set_access_keys(nbSystem.system.access_keys,nbSystem.system.web_port,nbSystem.system.ssl_port);
                     $scope.bucket = _.find(nbSystem.system.buckets, function(bucket) {
                         return bucket.name === $routeParams.bucket_name;
                     });
@@ -553,7 +556,10 @@ nb_console.controller('BucketViewCtrl', [
         function rest_server_information() {
             var scope = $scope.$new();
             scope.access_keys = nbSystem.system.access_keys;
-            scope.rest_endpoint = $window.location.host + '/s3';
+            var rest_host = ($window.location.host).replace(':'+nbSystem.system.web_port,'').replace(':'+nbSystem.system.ssl_port,':443');
+            console.log('SYS2:'+nbSystem.system.web_port+' host:'+rest_host);
+
+            scope.rest_endpoint = rest_host;
             scope.bucket_name =  $routeParams.bucket_name;
             scope.rest_package = download_rest_server_package;
             console.log('rest_server_information', scope.rest_package, scope.rest_endpoint);
@@ -634,7 +640,7 @@ nb_console.controller('FileViewCtrl', [
                     //Setting access keys.
                     //TODO: consider separation to other object with only the keys
                     //      also, check better solution in terms of security.
-                    nbFiles.set_access_keys(nbSystem.system.access_keys);
+                    nbFiles.set_access_keys(nbSystem.system.access_keys,nbSystem.system.web_port,nbSystem.system.ssl_port);
 
                     $scope.bucket = _.find(nbSystem.system.buckets, function(bucket) {
                         return bucket.name === $routeParams.bucket_name;

src/client/nb_files.js

@@ -13,8 +13,8 @@ var streams = require('stream');
 
 
 nb_api.factory('nbFiles', [
-    '$http', '$q', '$window', '$timeout', '$sce', 'nbAlertify', '$rootScope', 'nbClient','$location',
-    function($http, $q, $window, $timeout, $sce, nbAlertify, $rootScope, nbClient,$location) {
+    '$http', '$q', '$window', '$timeout', '$sce', 'nbAlertify', '$rootScope', 'nbClient','$location','nbSystem',
+    function($http, $q, $window, $timeout, $sce, nbAlertify, $rootScope, nbClient,$location,nbSystem) {
         var $scope = {};
 
         $scope.list_files = list_files;
@@ -33,7 +33,8 @@ nb_api.factory('nbFiles', [
         $scope.downloads = [];
         $scope.transfers = [];
         $scope.s3 = null;
-
+        $scope.web_port = 0;
+        $scope.ssl_port = 0;
         // call first time with empty keys to initialize s3
         set_access_keys();
 
@@ -61,7 +62,9 @@ nb_api.factory('nbFiles', [
 
         //update access keys.
         //TODO: find more secured approach
-        function set_access_keys(access_keys) {
+        function set_access_keys(access_keys,web_port,ssl_port) {
+            $scope.web_port = web_port;
+            $scope.ssl_port = ssl_port;
             if (!_.isEmpty(access_keys)) {
                 AWS.config.update({
                     accessKeyId: access_keys[0].access_key,
@@ -87,7 +90,13 @@ nb_api.factory('nbFiles', [
             //     (rest_port ? ':' + rest_port : '')+'/s3';
             // var https_endpoint = 'https://127.0.0.1' +
             //     (rest_ssl_port ? ':' + rest_ssl_port : '')+'/s3';
-            var rest_endpoint = $window.location.protocol+'//' +$window.location.host+'/s3';
+            //var rest_host = ($window.location.host).replace(':'+web_port,'').replace(':'+ssl_port,':443');
+            var rest_host = ($window.location.host).replace(':'+web_port,'').replace(':'+ssl_port,'');
+
+            console.log('SYS1:'+web_port+' host:'+rest_host);
+
+            var rest_endpoint = $window.location.protocol+'//' +rest_host;
+            rest_endpoint = rest_endpoint.replace('https','http');
             console.log('win:',$window.location,":",rest_endpoint);
             $scope.s3 = new AWS.S3({
                 // endpoint: $window.location.protocol === 'https:' ?
@@ -119,7 +128,7 @@ nb_api.factory('nbFiles', [
                     return nbClient.client.object_driver_lazy().get_object_md(params, cache_miss);
                 })
                 .then(function(res) {
-                    console.log('FILE', res);
+                    console.log('FILE', res,params.key);
                     var file_info = make_file_info({
                         key: params.key,
                         info: res
@@ -129,6 +138,8 @@ nb_api.factory('nbFiles', [
                         Bucket: params.bucket,
                         Key: params.key
                     });
+                    url = url.replace(':'+$scope.web_port,'').replace(':'+$scope.ssl_port,':443');
+
                     console.log('urlll:',url);
                     file_info.url = url;
                     return file_info;

src/client/nb_nodes.js

@@ -188,19 +188,21 @@ nb_api.factory('nbNodes', [
                 bucket: 'files',
                 root_path: './agent_storage/'
             };
-            config_json.address = 'wss://noobaa.local';
+
+            config_json.address = 'wss://noobaa.local:'+nbSystem.system.ssl_port;
             config_json.system = nbSystem.system.name;
             config_json.access_key = nbSystem.system.access_keys[0].access_key;
             config_json.secret_key = nbSystem.system.access_keys[0].secret_key;
             var encodedData = $window.btoa(JSON.stringify(config_json));
             scope.encodedData = encodedData;
-            config_json.address = 'wss://'+$window.location.host;
+            var secured_host = ($window.location.host).replace(':'+nbSystem.system.web_port,':'+nbSystem.system.ssl_port);
+            config_json.address = 'wss://'+secured_host;
             encodedData = $window.btoa(JSON.stringify(config_json));
             scope.encodedDataIP = encodedData;
             scope.current_host = $window.location.host;
             scope.typeOptions = [
                     { name: 'Use noobaa.local', value: scope.encodedData },
-                    { name: 'Use '+$window.location.host, value: scope.encodedDataIP },
+                    { name: 'Use '+secured_host, value: scope.encodedDataIP },
                 ];
             console.log('type options',scope.typeOptions);
             scope.encoding = {type : scope.typeOptions[0].value};

src/deploy/NVA_build/deploy_base.sh

@@ -139,6 +139,9 @@ function setup_mongo {
 function general_settings {
 	iptables -I INPUT 1 -i eth0 -p tcp --dport 443 -j ACCEPT
 	iptables -I INPUT 1 -i eth0 -p tcp --dport 80 -j ACCEPT
+	iptables -I INPUT 1 -i eth0 -p tcp --dport 8080 -j ACCEPT
+	iptables -I INPUT 1 -i eth0 -p tcp --dport 8443 -j ACCEPT
+
 	/sbin/iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
 	/sbin/iptables -A OUTPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
 	service iptables save

src/deploy/NVA_build/env.orig

@@ -1,8 +1,8 @@
 DEV_MODE=false
 DEBUG_MODE=false
 
-PORT=80
-SSL_PORT=443
+PORT=8080
+SSL_PORT=8443
 ON_PREMISE=true
 
 # address means the address of the server as reachable from the internet

src/deploy/NVA_build/noobaa_supervisor.conf

@@ -16,3 +16,7 @@ autorestart=true
 [program:webserver]
 directory=/root/node_modules/noobaa-core
 command=/usr/local/bin/node src/server/web_server.js
+
+[program:s3rver]
+directory=/root/node_modules/noobaa-core
+command=/usr/local/bin/node src/s3/s3rver_starter.js

src/deploy/NVA_build/upgrade.sh

@@ -31,6 +31,10 @@ function restart_webserver {
     ${SUPERCTL} restart webserver
 }
 
+function restart_s3rver {
+    ${SUPERCTL} restart s3rver
+}
+
 
 function check_latest_version {
   local current=$(grep CURRENT_VERSION $ENV_FILE | sed 's:.*=\(.*\):\1:')
@@ -98,6 +102,7 @@ function do_upgrade {
   #workaround - from some reason, without sleep + restart, the server starts with odd behavior
   #TODO: understand why and fix.
   sleep 5;
+  restart_s3rver
   restart_webserver
   deploy_log "Upgrade finished successfully!"
 }

src/deploy/NVA_build/upgrade_wrapper.sh

@@ -11,6 +11,8 @@ function pre_upgrade {
   #TODO: CHECK if rules already exist, is so skip this part
   iptables -I INPUT 1 -i eth0 -p tcp --dport 80 -j ACCEPT
   iptables -I INPUT 1 -i eth0 -p tcp --dport 443 -j ACCEPT
+  iptables -I INPUT 1 -i eth0 -p tcp --dport 8080 -j ACCEPT
+  iptables -I INPUT 1 -i eth0 -p tcp --dport 8443 -j ACCEPT
   #/sbin/iptables -A INPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
   #/sbin/iptables -A OUTPUT -m limit --limit 15/minute -j LOG --log-level 2 --log-prefix "Dropped by firewall: "
   service iptables save
@@ -47,6 +49,15 @@ function pre_upgrade {
 
   sysctl -w fs.file-max=102400
   sysctl -p
+  agent_conf=${CORE_DIR}/agent_conf.json
+  if [ -f "$agent_conf" ]
+    then
+        deploy_log "$agent_conf found. Save to /tmp and restore"
+        rm -f /tmp/agent_conf.json
+        cp ${agent_conf} /tmp/agent_conf.json
+    else
+        deploy_log "$agent_conf not found."
+    fi
 }
 
 function post_upgrade {
@@ -56,6 +67,11 @@ function post_upgrade {
   local curmd=$(md5sum /tmp/noobaa-NVA.tar.gz  | cut -f 1 -d' ')
   local prevmd=$(grep "#packmd" /backup/.env | cut -f 2 -d' ')
 
+  cp -f ${CORE_DIR}/src/deploy/NVA_build/noobaa_supervisor.conf /etc/noobaa_supervisor.conf
+  cat /etc/noobaa_supervisor.conf
+  cp  /tmp/agent_conf.json ${CORE_DIR}/agent_conf.json
+
+
   cp -f ${CORE_DIR}/src/deploy/NVA_build/env.orig ${CORE_DIR}/.env
 
   local AGENT_VERSION_VAR=$(grep AGENT_VERSION /backup/.env)

src/rpc/rpc.js

@@ -30,7 +30,7 @@ var browser_ws = global.window && global.window.WebSocket;
 // in the browser we take the address as the host of the web page
 // just like any ajax request. for development we take localhost.
 // for any other case the RPC objects can set the base_address property.
-var DEFAULT_BASE_ADDRESS = 'ws://127.0.0.1:5001';
+var DEFAULT_BASE_ADDRESS = 'ws://127.0.0.1:'+process.env.web_port;
 if (browser_location) {
     if (browser_ws) {
         // use ws/s address

src/s3/controllers.js

@@ -844,7 +844,7 @@ module.exports = function(params) {
                     dbg.log0('Init Multipart', req.originalUrl);
                     var key = (req.originalUrl).replace('/' + req.bucket + '/', '');
                     //TODO:Replace with s3 rest param, initiated from the constructor
-                    key = key.replace('/s3', '');
+                    //key = key.replace('/s3', '');
                     key = key.substring(0, key.indexOf('?uploads'));
                     key = decodeURIComponent(key);
 

src/s3/s3rver.js

@@ -54,10 +54,12 @@ Q.nfcall(fs.readFile, 'agent_conf.json')
     .then(function(certificate_arg) {
         certificate = certificate_arg;
 
-        app.use('/s3', s3app(params));
-        app.use('/', function(req, res) {
-            res.redirect('/s3');
-        });
+        app.use('/', s3app(params));
+
+        // app.use('/s3', s3app(params));
+        // app.use('/', function(req, res) {
+        //     res.redirect('/s3');
+        // });
 
         return Q.Promise(function(resolve, reject) {
             dbg.log0('Starting HTTP', params.port);

src/server/system_server.js

@@ -8,6 +8,9 @@ var size_utils = require('../util/size_utils');
 var db = require('./db');
 var server_rpc = require('./server_rpc');
 var AWS = require('aws-sdk');
+var fs = require('fs');
+var child_process = require('child_process');
+var dbg = require('noobaa-util/debug_module')(__filename);
 
 
 /**
@@ -108,6 +111,38 @@ function create_system(req) {
                 auth_token: system_token
             });
         })
+        .then(function(){
+            var config = {
+                "dbg_log_level": 2,
+                "address": "wss://127.0.0.1:"+process.env.SSL_PORT,
+                "port": "80",
+                "ssl_port":"443",
+                "access_key": info.access_keys[0].access_key,
+                "secret_key":info.access_keys[0].secret_key
+            };
+            if (process.env.ON_PREMISE) {
+                return Q.nfcall(fs.writeFile, process.cwd()+'/agent_conf.json',JSON.stringify(config));
+            }
+        })
+        .then(function(){
+            if (process.env.ON_PREMISE) {
+                return Q.Promise(function(resolve, reject){
+                    var supervisorctl = child_process.spawn(
+                        'supervisorctl', ['restart','s3rver'], {
+                            cwd: process.cwd()
+                        });
+
+                        supervisorctl.on('close', function(code) {
+                        if (code !== 0) {
+                            resolve();
+                        } else {
+                            dbg.log0('error code while restarting s3rver',code);
+                            resolve();
+                        }
+                    });
+                });
+            }
+        })
         //Auto generate agent executable.
         // Removed for now, as we need signed exe
         //
@@ -269,6 +304,8 @@ function read_system(req) {
             }),
             objects: objects_sys.count || 0,
             access_keys: req.system.access_keys,
+            ssl_port: process.env.SSL_PORT,
+            web_port: process.env.PORT,
         };
     });
 }

src/server/web_server.js

@@ -36,7 +36,7 @@ var express_compress = require('compression');
 var config = require('../../config.js');
 var dbg = require('noobaa-util/debug_module')(__filename);
 var mongoose_logger = require('noobaa-util/mongoose_logger');
-var s3app = require('../s3/app');
+//var s3app = require('../s3/app');
 var pem = require('../util/pem');
 var multer  = require('multer');
 var fs = require('fs');
@@ -185,7 +185,7 @@ Q.fcall(function() {
 // S3 APP //
 ////////////
 
-app.use('/s3', s3app({}));
+//app.use('/s3', s3app({}));
 
 ////////////
 // ROUTES //

src/util/s3_utils.js

@@ -50,8 +50,8 @@ function canonicalizedResource(request) {
     //Quick patch - add prefix for REST routing on top of MD server
     //TODO: Replace with s3 rest param, initiated from the constructor
 
-    path = '/s3'+path;
-    parts[0] = '/s3' +parts[0];
+    // path = '/s3'+path;
+    // parts[0] = '/s3' +parts[0];
     var resource = '';
 
     if (r.virtualHostedBucket)