Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Unable to configure PROXY & SSL certificates in Openbaton #46

Open
ashishrathee17 opened this issue Jan 9, 2018 · 1 comment
Open
Assignees
Milestone

Comments

@ashishrathee17
Copy link

Open Baton internally uses Openstack4j library to communicate with Openstack.

In my scenario i am having a Openstack working on HTTPS, which is behind a proxy server. To reach it we need to configure both PROXY & SSL certificates but there is no support for it Openbaton.

I am getting below error while creating POP in Logs:

org.openbaton.exceptions.VimException: Refreshing VIM caused following error: org.openbaton.exceptions.VimException: Not listed Images successfully of VimInstance vim-instance-name. Caused by: org.openbaton.exceptions.VimDriverException: Connection timed out (Connection timed out)
        at org.openbaton.nfvo.core.api.VimManagement.refresh(VimManagement.java:213)
        at org.openbaton.nfvo.core.api.VimManagement.add(VimManagement.java:97)
        at org.openbaton.nfvo.api.admin.RestVimInstances.create(RestVimInstances.java:87)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:498)

Also As per below file, Openbaton not setting any proxy or ssl certs.
Refer

`Config cfg = Config.DEFAULT;
    cfg =
        cfg.withConnectionTimeout(
            Integer.parseInt(properties.getProperty("connection-timeout", "10000")));

os = OSFactory.builderV2()
                .endpoint(vimInstance.getAuthUrl())
                .credentials(vimInstance.getUsername(), vimInstance.getPassword())
                .tenantName(vimInstance.getTenant())
                .withConfig(cfg)
                .authenticate();
`

Instead of it i directly tried using OpenStack4j library for creating VM, it worked only after setting Certs & proxy:

			/**
			 * PROXY & CERT config
			 */
			InputStream is = new FileInputStream(AppConstant.OPENSTACK_CERTIFICATE);
			CertificateFactory cf = CertificateFactory.getInstance("X.509");
			X509Certificate caCert = (X509Certificate) cf.generateCertificate(is);
			TrustManagerFactory tmf = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
			KeyStore ks = KeyStore.getInstance(KeyStore.getDefaultType());
			ks.load(null);
			ks.setCertificateEntry("caCert", caCert);
			tmf.init(ks);
			SSLContext sslContext = SSLContext.getInstance("TLS");
			sslContext.init(null, tmf.getTrustManagers(), null);

			Config config = Config.newConfig();
			config = Config.newConfig().withProxy(ProxyHost.of(AppConstant.PROXY_HOST, AppConstant.PROXY_PORT));
			config.withSSLContext(sslContext);
			
			/**
			 * ENABLE OPENSTACK4j logging
			 */
			OSFactory.enableHttpLoggingFilter(true);
			
			/**
			 * Create object of OSClient
			 */

			os = OSFactory.builderV2().useNonStrictSSLClient(AppConstant.OPENSTACK4JDEBUG).endpoint(AppConstant.OPENSTACK_ENDPOINT)
					.credentials(AppConstant.OPENSTACK_USER, AppConstant.OPENSTACK_PASSWORD).tenantId(AppConstant.OPENSTACK_TENANT_ID).withConfig(config)
					.authenticate();

Can you please suggest resolution of this issue which i am facing?

@lorenzotomasini lorenzotomasini self-assigned this Jan 9, 2018
@lorenzotomasini lorenzotomasini added this to the 6.0.0 milestone Jan 9, 2018
@lorenzotomasini
Copy link
Member

Hi @ashishrathee17 ,

apparently you already found a possible solution. Please provide a PR with a configurable solution and we will be very happy to integrate it in upstream.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants