make the bind_port config setting required
In a long-term effort to change the recommended ports for Swift, the first step is to require the bind_port in config files. Later, we can change the recommended setting. Anyone currently explicitly setting the ports will not be affected. Anyone not setting the ports will need to specify them to match their rings. DocImpact Change-Id: Icca83a263acdd0afc9016424a3e9f8c15e944789
This commit is contained in:
parent
f436da3b9b
commit
b7281cf2c5
@ -20,5 +20,4 @@ from swift.common.wsgi import run_wsgi
|
|||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
conf_file, options = parse_options()
|
conf_file, options = parse_options()
|
||||||
sys.exit(run_wsgi(conf_file,
|
sys.exit(run_wsgi(conf_file, 'account-server', **options))
|
||||||
'account-server', default_port=6002, **options))
|
|
||||||
|
@ -20,5 +20,4 @@ from swift.common.wsgi import run_wsgi
|
|||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
conf_file, options = parse_options()
|
conf_file, options = parse_options()
|
||||||
sys.exit(run_wsgi(conf_file,
|
sys.exit(run_wsgi(conf_file, 'container-server', **options))
|
||||||
'container-server', default_port=6001, **options))
|
|
||||||
|
@ -22,6 +22,6 @@ from swift.obj import server
|
|||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
conf_file, options = parse_options()
|
conf_file, options = parse_options()
|
||||||
sys.exit(run_wsgi(conf_file, 'object-server', default_port=6000,
|
sys.exit(run_wsgi(conf_file, 'object-server',
|
||||||
global_conf_callback=server.global_conf_callback,
|
global_conf_callback=server.global_conf_callback,
|
||||||
**options))
|
**options))
|
||||||
|
@ -20,4 +20,4 @@ from swift.common.wsgi import run_wsgi
|
|||||||
|
|
||||||
if __name__ == '__main__':
|
if __name__ == '__main__':
|
||||||
conf_file, options = parse_options()
|
conf_file, options = parse_options()
|
||||||
sys.exit(run_wsgi(conf_file, 'proxy-server', default_port=8080, **options))
|
sys.exit(run_wsgi(conf_file, 'proxy-server', **options))
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
# bind_ip = 0.0.0.0
|
# bind_ip = 0.0.0.0
|
||||||
# bind_port = 6002
|
bind_port = 6002
|
||||||
# bind_timeout = 30
|
# bind_timeout = 30
|
||||||
# backlog = 4096
|
# backlog = 4096
|
||||||
# user = swift
|
# user = swift
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
# bind_ip = 0.0.0.0
|
# bind_ip = 0.0.0.0
|
||||||
# bind_port = 6001
|
bind_port = 6001
|
||||||
# bind_timeout = 30
|
# bind_timeout = 30
|
||||||
# backlog = 4096
|
# backlog = 4096
|
||||||
# user = swift
|
# user = swift
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
# bind_ip = 0.0.0.0
|
# bind_ip = 0.0.0.0
|
||||||
# bind_port = 6000
|
bind_port = 6000
|
||||||
# bind_timeout = 30
|
# bind_timeout = 30
|
||||||
# backlog = 4096
|
# backlog = 4096
|
||||||
# user = swift
|
# user = swift
|
||||||
|
@ -1,6 +1,6 @@
|
|||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
# bind_ip = 0.0.0.0
|
# bind_ip = 0.0.0.0
|
||||||
# bind_port = 80
|
bind_port = 8080
|
||||||
# bind_timeout = 30
|
# bind_timeout = 30
|
||||||
# backlog = 4096
|
# backlog = 4096
|
||||||
# swift_dir = /etc/swift
|
# swift_dir = /etc/swift
|
||||||
|
@ -139,17 +139,19 @@ def monkey_patch_mimetools():
|
|||||||
mimetools.Message.parsetype = parsetype
|
mimetools.Message.parsetype = parsetype
|
||||||
|
|
||||||
|
|
||||||
def get_socket(conf, default_port=8080):
|
def get_socket(conf):
|
||||||
"""Bind socket to bind ip:port in conf
|
"""Bind socket to bind ip:port in conf
|
||||||
|
|
||||||
:param conf: Configuration dict to read settings from
|
:param conf: Configuration dict to read settings from
|
||||||
:param default_port: port to use if not specified in conf
|
|
||||||
|
|
||||||
:returns : a socket object as returned from socket.listen or
|
:returns : a socket object as returned from socket.listen or
|
||||||
ssl.wrap_socket if conf specifies cert_file
|
ssl.wrap_socket if conf specifies cert_file
|
||||||
"""
|
"""
|
||||||
bind_addr = (conf.get('bind_ip', '0.0.0.0'),
|
try:
|
||||||
int(conf.get('bind_port', default_port)))
|
bind_port = int(conf['bind_port'])
|
||||||
|
except (ValueError, KeyError, TypeError):
|
||||||
|
raise ConfigFilePortError()
|
||||||
|
bind_addr = (conf.get('bind_ip', '0.0.0.0'), bind_port)
|
||||||
address_family = [addr[0] for addr in socket.getaddrinfo(
|
address_family = [addr[0] for addr in socket.getaddrinfo(
|
||||||
bind_addr[0], bind_addr[1], socket.AF_UNSPEC, socket.SOCK_STREAM)
|
bind_addr[0], bind_addr[1], socket.AF_UNSPEC, socket.SOCK_STREAM)
|
||||||
if addr[0] in (socket.AF_INET, socket.AF_INET6)][0]
|
if addr[0] in (socket.AF_INET, socket.AF_INET6)][0]
|
||||||
@ -421,7 +423,14 @@ def run_wsgi(conf_path, app_section, *args, **kwargs):
|
|||||||
return 1
|
return 1
|
||||||
|
|
||||||
# bind to address and port
|
# bind to address and port
|
||||||
sock = get_socket(conf, default_port=kwargs.get('default_port', 8080))
|
try:
|
||||||
|
sock = get_socket(conf)
|
||||||
|
except ConfigFilePortError:
|
||||||
|
msg = 'bind_port wasn\'t properly set in the config file. ' \
|
||||||
|
'It must be explicitly set to a valid port number.'
|
||||||
|
logger.error(msg)
|
||||||
|
print(msg)
|
||||||
|
return 1
|
||||||
# remaining tasks should not require elevated privileges
|
# remaining tasks should not require elevated privileges
|
||||||
drop_privileges(conf.get('user', 'swift'))
|
drop_privileges(conf.get('user', 'swift'))
|
||||||
|
|
||||||
@ -495,6 +504,10 @@ class ConfigFileError(Exception):
|
|||||||
pass
|
pass
|
||||||
|
|
||||||
|
|
||||||
|
class ConfigFilePortError(ConfigFileError):
|
||||||
|
pass
|
||||||
|
|
||||||
|
|
||||||
def _initrp(conf_path, app_section, *args, **kwargs):
|
def _initrp(conf_path, app_section, *args, **kwargs):
|
||||||
try:
|
try:
|
||||||
conf = appconfig(conf_path, name=app_section)
|
conf = appconfig(conf_path, name=app_section)
|
||||||
|
@ -200,13 +200,23 @@ class TestWSGI(unittest.TestCase):
|
|||||||
logger.info('testing')
|
logger.info('testing')
|
||||||
self.assertEquals('proxy-server', log_name)
|
self.assertEquals('proxy-server', log_name)
|
||||||
|
|
||||||
|
def test_get_socket_bad_values(self):
|
||||||
|
# first try with no port set
|
||||||
|
self.assertRaises(wsgi.ConfigFilePortError, wsgi.get_socket, {})
|
||||||
|
# next try with a bad port value set
|
||||||
|
self.assertRaises(wsgi.ConfigFilePortError, wsgi.get_socket,
|
||||||
|
{'bind_port': 'abc'})
|
||||||
|
self.assertRaises(wsgi.ConfigFilePortError, wsgi.get_socket,
|
||||||
|
{'bind_port': None})
|
||||||
|
|
||||||
def test_get_socket(self):
|
def test_get_socket(self):
|
||||||
# stubs
|
# stubs
|
||||||
conf = {}
|
conf = {'bind_port': 54321}
|
||||||
ssl_conf = {
|
ssl_conf = conf.copy()
|
||||||
|
ssl_conf.update({
|
||||||
'cert_file': '',
|
'cert_file': '',
|
||||||
'key_file': '',
|
'key_file': '',
|
||||||
}
|
})
|
||||||
|
|
||||||
# mocks
|
# mocks
|
||||||
class MockSocket(object):
|
class MockSocket(object):
|
||||||
@ -263,7 +273,7 @@ class TestWSGI(unittest.TestCase):
|
|||||||
|
|
||||||
def test_address_in_use(self):
|
def test_address_in_use(self):
|
||||||
# stubs
|
# stubs
|
||||||
conf = {}
|
conf = {'bind_port': 54321}
|
||||||
|
|
||||||
# mocks
|
# mocks
|
||||||
def mock_listen(*args, **kwargs):
|
def mock_listen(*args, **kwargs):
|
||||||
|
Loading…
Reference in New Issue
Block a user