Merge "Disable cert checks while talking to endpoints"
This commit is contained in:
commit
7c8da9338f
|
@ -64,11 +64,11 @@ EOF
|
|||
AUTH_URL=${AUTH_URL/v2.0/v3}
|
||||
content_type='Content-Type: application/json'
|
||||
url="$AUTH_URL/auth/tokens"
|
||||
USER_TOKEN=`curl -s -i -X POST -H "$content_type" -d "$auth_json" $url \
|
||||
USER_TOKEN=`curl -k -s -i -X POST -H "$content_type" -d "$auth_json" $url \
|
||||
| grep X-Subject-Token | awk '{print $2}' | tr -d '[[:space:]]'`
|
||||
|
||||
# Get CA certificate for this cluster
|
||||
curl -X GET \
|
||||
curl -k -X GET \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
$MAGNUM_URL/certificates/$CLUSTER_UUID | python -c 'import sys, json; print json.load(sys.stdin)["pem"]' > $CA_CERT
|
||||
|
||||
|
@ -101,7 +101,7 @@ openssl req -new -days 1000 \
|
|||
|
||||
# Send csr to Magnum to have it signed
|
||||
csr_req=$(python -c "import json; fp = open('${CLIENT_CSR}'); print json.dumps({'cluster_uuid': '$CLUSTER_UUID', 'csr': fp.read()}); fp.close()")
|
||||
curl -X POST \
|
||||
curl -k -X POST \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$csr_req" \
|
||||
|
|
|
@ -86,11 +86,11 @@ EOF
|
|||
AUTH_URL=${AUTH_URL/v2.0/v3}
|
||||
content_type='Content-Type: application/json'
|
||||
url="$AUTH_URL/auth/tokens"
|
||||
USER_TOKEN=`curl -s -i -X POST -H "$content_type" -d "$auth_json" $url \
|
||||
USER_TOKEN=`curl -k -s -i -X POST -H "$content_type" -d "$auth_json" $url \
|
||||
| grep X-Subject-Token | awk '{print $2}' | tr -d '[[:space:]]'`
|
||||
|
||||
# Get CA certificate for this cluster
|
||||
curl -X GET \
|
||||
curl -k -X GET \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
$MAGNUM_URL/certificates/$CLUSTER_UUID | python -c 'import sys, json; print json.load(sys.stdin)["pem"]' > ${CA_CERT}
|
||||
|
||||
|
@ -118,7 +118,7 @@ openssl req -new -days 1000 \
|
|||
|
||||
# Send csr to Magnum to have it signed
|
||||
csr_req=$(python -c "import json; fp = open('${SERVER_CSR}'); print json.dumps({'cluster_uuid': '$CLUSTER_UUID', 'csr': fp.read()}); fp.close()")
|
||||
curl -X POST \
|
||||
curl -k -X POST \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$csr_req" \
|
||||
|
|
|
@ -10,6 +10,6 @@ DATA="OK"
|
|||
|
||||
data=$(echo '{"Status": "'${STATUS}'", "Reason": "'$REASON'", "Data": "'${DATA}'", "UniqueId": "00000"}')
|
||||
|
||||
curl -i -X POST -H "Content-Type: application/json" -H "X-Auth-Token: $WAIT_HANDLE_TOKEN" \
|
||||
curl -k -i -X POST -H "Content-Type: application/json" -H "X-Auth-Token: $WAIT_HANDLE_TOKEN" \
|
||||
--data-binary "'$data'" \
|
||||
"$WAIT_HANDLE_ENDPOINT"
|
||||
|
|
|
@ -11,6 +11,6 @@ write_files:
|
|||
[Service]
|
||||
Type=simple
|
||||
TimeoutStartSec=0
|
||||
ExecStart=/usr/bin/curl -i -X POST -H 'Content-Type: application/json' -H 'X-Auth-Token: $WAIT_HANDLE_TOKEN' \
|
||||
ExecStart=/usr/bin/curl -k -i -X POST -H 'Content-Type: application/json' -H 'X-Auth-Token: $WAIT_HANDLE_TOKEN' \
|
||||
--data-binary "'"'{"Status": "FAILURE", "Reason": "$SERVICE service failed to start.", "Data": "OK", "UniqueId": "00000"}'"'" \
|
||||
"$WAIT_HANDLE_ENDPOINT"
|
||||
|
|
|
@ -50,7 +50,7 @@ do
|
|||
sleep 5
|
||||
done
|
||||
|
||||
curl -i -X POST -H 'Content-Type: application/json' -H 'X-Auth-Token: $WAIT_HANDLE_TOKEN' \
|
||||
curl -k -i -X POST -H 'Content-Type: application/json' -H 'X-Auth-Token: $WAIT_HANDLE_TOKEN' \
|
||||
--data-binary "'"'{"Status": "SUCCESS", "Reason": "Swarm agent ready", "Data": "OK", "UniqueId": "00000"}'"'" \
|
||||
"$WAIT_HANDLE_ENDPOINT"
|
||||
EOF
|
||||
|
|
|
@ -38,7 +38,7 @@ fi
|
|||
cat >> /etc/systemd/system/swarm-manager.service << END_SERVICE_BOTTOM
|
||||
etcd://$ETCD_SERVER_IP:2379/v2/keys/swarm/
|
||||
ExecStop=/usr/bin/docker stop swarm-manager
|
||||
ExecStartPost=/usr/bin/curl -i -X POST -H 'Content-Type: application/json' -H 'X-Auth-Token: $WAIT_HANDLE_TOKEN' \\
|
||||
ExecStartPost=/usr/bin/curl -k -i -X POST -H 'Content-Type: application/json' -H 'X-Auth-Token: $WAIT_HANDLE_TOKEN' \\
|
||||
--data-binary "'"'{"Status": "SUCCESS", "Reason": "Setup complete", "Data": "OK", "UniqueId": "00000"}'"'" \\
|
||||
"$WAIT_HANDLE_ENDPOINT"
|
||||
|
||||
|
|
|
@ -78,12 +78,12 @@ write_files:
|
|||
|
||||
#trust is introduced in Keystone v3 version
|
||||
AUTH_URL=${AUTH_URL/v2.0/v3}
|
||||
USER_TOKEN=`curl -s -i -X POST -H "Content-Type: application/json" -d @auth.json \
|
||||
USER_TOKEN=`curl -k -s -i -X POST -H "Content-Type: application/json" -d @auth.json \
|
||||
$AUTH_URL/auth/tokens | grep X-Subject-Token | awk '{print $2}'`
|
||||
|
||||
rm -rf auth.json
|
||||
|
||||
ca_cert_json=$(curl -X GET \
|
||||
ca_cert_json=$(curl -k -X GET \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
$MAGNUM_URL/certificates/$CLUSTER_UUID)
|
||||
parse_json_response "${ca_cert_json}" > ${CA_CERT}
|
||||
|
@ -119,7 +119,7 @@ write_files:
|
|||
csr=$(cat $CLIENT_CSR | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/\\n/g')
|
||||
csr_req="{\"cluster_uuid\": \"$CLUSTER_UUID\", \"csr\": \"$csr\"}"
|
||||
# Send csr to Magnum to have it signed
|
||||
client_cert_json=$(curl -X POST \
|
||||
client_cert_json=$(curl -k -X POST \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$csr_req" \
|
||||
|
|
|
@ -101,13 +101,13 @@ write_files:
|
|||
|
||||
#trust is introduced in Keystone v3 version
|
||||
AUTH_URL=${AUTH_URL/v2.0/v3}
|
||||
USER_TOKEN=`curl -s -i -X POST -H "Content-Type: application/json" -d @auth.json \
|
||||
USER_TOKEN=`curl -k -s -i -X POST -H "Content-Type: application/json" -d @auth.json \
|
||||
$AUTH_URL/auth/tokens | grep X-Subject-Token | awk '{print $2}'`
|
||||
|
||||
rm -rf auth.json
|
||||
|
||||
# Get CA certificate for this cluster
|
||||
ca_cert_json=$(curl -X GET \
|
||||
ca_cert_json=$(curl -k -X GET \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
$MAGNUM_URL/certificates/$CLUSTER_UUID)
|
||||
parse_json_response "${ca_cert_json}" > ${CA_CERT}
|
||||
|
@ -138,7 +138,7 @@ write_files:
|
|||
csr=$(cat $SERVER_CSR | sed -e ':a' -e 'N' -e '$!ba' -e 's/\n/\\n/g')
|
||||
csr_req="{\"cluster_uuid\": \"$CLUSTER_UUID\", \"csr\": \"$csr\"}"
|
||||
# Send csr to Magnum to have it signed
|
||||
server_cert_json=$(curl -X POST \
|
||||
server_cert_json=$(curl -k -X POST \
|
||||
-H "X-Auth-Token: $USER_TOKEN" \
|
||||
-H "Content-Type: application/json" \
|
||||
-d "$csr_req" \
|
||||
|
|
Loading…
Reference in New Issue