AMBARI-18827. Allow acceptor / seclector configuration for API and agent connectors. Fix for one-way ssl. (swagle)
Project: http://git-wip-us.apache.org/repos/asf/ambari/repo Commit: http://git-wip-us.apache.org/repos/asf/ambari/commit/d92dc0ed Tree: http://git-wip-us.apache.org/repos/asf/ambari/tree/d92dc0ed Diff: http://git-wip-us.apache.org/repos/asf/ambari/diff/d92dc0ed Branch: refs/heads/branch-feature-AMBARI-18901 Commit: d92dc0ed47172f69293c1052ef2b7244462bb893 Parents: 430ecee Author: Siddharth Wagle <[email protected]> Authored: Wed Nov 16 11:52:15 2016 -0800 Committer: Siddharth Wagle <[email protected]> Committed: Wed Nov 16 11:56:26 2016 -0800 ---------------------------------------------------------------------- .../ambari/server/controller/AmbariServer.java | 21 ++++++++------------ 1 file changed, 8 insertions(+), 13 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/ambari/blob/d92dc0ed/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java ---------------------------------------------------------------------- diff --git a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java index a581c19..16fe58a 100644 --- a/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java +++ b/ambari-server/src/main/java/org/apache/ambari/server/controller/AmbariServer.java @@ -341,7 +341,7 @@ public class AmbariServer { factory.registerSingleton("ambariInternalAuthenticationProvider", injector.getInstance(AmbariInternalAuthenticationProvider.class)); factory.registerSingleton("ambariPamAuthenticationProvider", - injector.getInstance(AmbariPamAuthenticationProvider.class)); + injector.getInstance(AmbariPamAuthenticationProvider.class)); // Spring Security xml config depends on this Bean String[] contextLocations = {SPRING_CONTEXT_LOCATION}; @@ -417,28 +417,23 @@ public class AmbariServer { Map<String, String> configsMap = configs.getConfigsMap(); + // Agents download cert on on-way connector but always communicate on + // two-way connector for server-agent communication SelectChannelConnector agentOneWayConnector = createSelectChannelConnectorForAgent(configs.getOneWayAuthPort(), false); + SelectChannelConnector agentTwoWayConnector = createSelectChannelConnectorForAgent(configs.getTwoWayAuthPort(), configs.isTwoWaySsl()); + // Override acceptor defaults if configured or use Jetty defaults Integer acceptors = configs.getAgentApiAcceptors() != null ? configs.getAgentApiAcceptors() : agentOneWayConnector.getAcceptors(); agentOneWayConnector.setAcceptors(acceptors); + agentTwoWayConnector.setAcceptors(acceptors); - SelectChannelConnector agentTwoWayConnector = null; - if (configs.isTwoWaySsl()) { - agentTwoWayConnector = createSelectChannelConnectorForAgent(configs.getTwoWayAuthPort(), true); - agentTwoWayConnector.setAcceptors(acceptors); - } - - // Account for both the connectors if configured - int totalAgentAcceptorCount = configs.isTwoWaySsl() ? acceptors * 2 : acceptors; // Agent Jetty thread pool - widen the thread pool if needed ! - configureJettyThreadPool(serverForAgent, totalAgentAcceptorCount, + configureJettyThreadPool(serverForAgent, acceptors * 2, AGENT_THREAD_POOL_NAME, configs.getAgentThreadPoolSize()); serverForAgent.addConnector(agentOneWayConnector); - if (agentTwoWayConnector != null) { - serverForAgent.addConnector(agentTwoWayConnector); - } + serverForAgent.addConnector(agentTwoWayConnector); ServletHolder sh = new ServletHolder(ServletContainer.class); sh.setInitParameter("com.sun.jersey.config.property.resourceConfigClass",
