This is an automated email from the ASF dual-hosted git repository. akuznetsov pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/ignite.git
The following commit(s) were added to refs/heads/master by this push: new cf6ce6c IGNITE-11387 Web console: Actualized cluster configuration. cf6ce6c is described below commit cf6ce6cfd97619e74b3e89cab3fb157d43db8c07 Author: Vasiliy Sisko <vsi...@gridgain.com> AuthorDate: Fri Apr 5 21:04:08 2019 +0700 IGNITE-11387 Web console: Actualized cluster configuration. --- modules/web-console/backend/app/schemas.js | 11 +++ .../components/cluster-edit-form/template.tpl.pug | 4 ++ .../cluster-edit-form/templates/encryption.pug | 81 ++++++++++++++++++++++ .../cluster-edit-form/templates/mvcc.pug | 4 +- .../generator/generator/AbstractTransformer.js | 5 ++ .../generator/generator/ConfigurationGenerator.js | 41 +++++++++++ .../generator/defaults/Cluster.service.js | 6 ++ .../WebConsoleConfigurationSelfTest.java | 8 +++ 8 files changed, 158 insertions(+), 2 deletions(-) diff --git a/modules/web-console/backend/app/schemas.js b/modules/web-console/backend/app/schemas.js index 3e62a3d..dafdc60 100644 --- a/modules/web-console/backend/app/schemas.js +++ b/modules/web-console/backend/app/schemas.js @@ -1214,6 +1214,17 @@ module.exports.factory = function(mongoose) { subIntervals: Number, walAutoArchiveAfterInactivity: Number }, + encryptionSpi: { + kind: {type: String, enum: ['Noop', 'Keystore', 'Custom']}, + Keystore: { + keySize: Number, + masterKeyName: String, + keyStorePath: String + }, + Custom: { + className: String + } + }, mvccVacuumThreadCount: Number, mvccVacuumFrequency: Number, authenticationEnabled: Boolean, diff --git a/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/template.tpl.pug b/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/template.tpl.pug index e30cfdb..008fd97 100644 --- a/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/template.tpl.pug +++ b/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/template.tpl.pug @@ -37,6 +37,10 @@ form(id='cluster' name='ui.inputForm' novalidate) include ./templates/data-storage include ./templates/discovery + + //- Since ignite 2.7 + include ./templates/encryption + include ./templates/events include ./templates/failover include ./templates/hadoop diff --git a/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/encryption.pug b/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/encryption.pug new file mode 100644 index 0000000..102453c --- /dev/null +++ b/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/encryption.pug @@ -0,0 +1,81 @@ +//- + Licensed to the Apache Software Foundation (ASF) under one or more + contributor license agreements. See the NOTICE file distributed with + this work for additional information regarding copyright ownership. + The ASF licenses this file to You under the Apache License, Version 2.0 + (the "License"); you may not use this file except in compliance with + the License. You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + +include /app/helpers/jade/mixins +include /app/configuration/mixins + +-var form = 'encryption' +-var model = '$ctrl.clonedCluster.encryptionSpi' + +panel-collapsible(ng-show='$ctrl.available("2.7.0")' ng-form=form on-open=`ui.loadPanel('${form}')`) + panel-title Encryption + panel-description Encryption features for an Ignite + panel-content.pca-form-row(ng-if=`ui.isPanelLoaded('${form}')`) + .pca-form-column-6.pc-form-grid-row + .pc-form-grid-col-60 + +form-field__dropdown({ + label: 'Encryption SPI:', + model: `${model}.kind`, + name: '"encryptionSpi"', + placeholder: 'Disabled', + options: '[\ + {value: null, label: "Disabled"},\ + {value: "Keystore", label: "Keystore"},\ + {value: "Custom", label: "Custom"}\ + ]', + tip: 'Provides an ability to save an intermediate job state\ + <ul>\ + <li>Disabled - Encryption disabled</li>\ + <li>Keystore - Base on JDK provided cipher algorithm implementations</li>\ + <li>Custom - Custom encryption SPI implementation</li>\ + </ul>' + }) + .pc-form-grid-col-60(ng-if-start=`${model}.kind === "Keystore"`) + +form-field__text({ + label: 'Key store path:', + model: `${model}.Keystore.keyStorePath`, + name: '"EncryptionKeyStorePath"', + placeholder: 'Path to master key store file', + tip: 'Path to master key store file' + }) + .pc-form-grid-col-60 + +form-field__number({ + label: 'Key size:', + model: `${model}.Keystore.keySize`, + name: '"EncryptionKeySize"', + placeholder: '256', + min: '1', + tip: 'Encryption key size' + }) + .pc-form-grid-col-60(ng-if-end) + +form-field__text({ + label: 'Master key name:', + model: `${model}.Keystore.masterKeyName`, + name: '"EncryptionMasterKeyName"', + placeholder: 'ignite.master.key', + tip: 'Mater key name' + }) + .pc-form-grid-col-60(ng-if=`${model}.kind === "Custom"`) + +form-field__java-class({ + label: 'Class:', + model: `${model}.Custom.className`, + name: '"EncryptionClassName"', + required: true, + tip: 'Custom encryption SPI implementation class name', + validationActive: true + }) + .pca-form-column-6 + +preview-xml-java(model, 'clusterEncryption') diff --git a/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/mvcc.pug b/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/mvcc.pug index 213b524..17e8b21 100644 --- a/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/mvcc.pug +++ b/modules/web-console/frontend/app/configuration/components/page-configure-advanced/components/cluster-edit-form/templates/mvcc.pug @@ -25,7 +25,7 @@ panel-collapsible(ng-show='$ctrl.available("2.7.0")' ng-form=form on-open=`ui.lo panel-description Multiversion concurrency control (MVCC) configuration. panel-content.pca-form-row(ng-if=`ui.isPanelLoaded('${form}')`) .pca-form-column-6.pc-form-grid-row - .pc-form-grid-col-30(ng-if='$ctrl.available("2.1.0")') + .pc-form-grid-col-30 +form-field__number({ label: 'Vacuum thread pool size:', model: `${model}.mvccVacuumThreadCount`, @@ -34,7 +34,7 @@ panel-collapsible(ng-show='$ctrl.available("2.7.0")' ng-form=form on-open=`ui.lo min: '0', tip: 'Number of MVCC vacuum cleanup threads' }) - .pc-form-grid-col-30(ng-if='$ctrl.available("2.1.0")') + .pc-form-grid-col-30 +form-field__number({ label: 'Vacuum intervals:', model: `${model}.mvccVacuumFrequency`, diff --git a/modules/web-console/frontend/app/configuration/generator/generator/AbstractTransformer.js b/modules/web-console/frontend/app/configuration/generator/generator/AbstractTransformer.js index ac2d8db..e765379 100644 --- a/modules/web-console/frontend/app/configuration/generator/generator/AbstractTransformer.js +++ b/modules/web-console/frontend/app/configuration/generator/generator/AbstractTransformer.js @@ -160,6 +160,11 @@ export default class AbstractTransformer { return this.toSection(this.generator.clusterMvcc(cluster, available)); } + // Generate encryption group. + static clusterEncryption(encryption, available) { + return this.toSection(this.generator.clusterEncryption(encryption, available)); + } + // Generate marshaller group. static clusterMarshaller(cluster, available) { return this.toSection(this.generator.clusterMarshaller(cluster, available)); diff --git a/modules/web-console/frontend/app/configuration/generator/generator/ConfigurationGenerator.js b/modules/web-console/frontend/app/configuration/generator/generator/ConfigurationGenerator.js index 587dae6..0e9e099 100644 --- a/modules/web-console/frontend/app/configuration/generator/generator/ConfigurationGenerator.js +++ b/modules/web-console/frontend/app/configuration/generator/generator/ConfigurationGenerator.js @@ -99,6 +99,7 @@ export default class IgniteConfigurationGenerator { this.clusterDataStorageConfiguration(cluster, available, cfg); this.clusterDeployment(cluster, available, cfg); + this.clusterEncryption(cluster.encryptionSpi, available, cfg); this.clusterEvents(cluster, available, cfg); this.clusterFailover(cluster, available, cfg); this.clusterHadoop(cluster.hadoopConfiguration, cfg); @@ -1162,6 +1163,46 @@ export default class IgniteConfigurationGenerator { } // Generate events group. + static clusterEncryption(encryption, available, cfg = this.igniteConfigurationBean(cluster)) { + if (!available('2.7.0')) + return cfg; + + let bean; + + switch (_.get(encryption, 'kind')) { + case 'Keystore': + bean = new Bean('org.apache.ignite.spi.encryption.keystore.KeystoreEncryptionSpi', 'encryptionSpi', + encryption.Keystore, clusterDflts.encryptionSpi.Keystore) + .stringProperty('keyStorePath'); + + if (nonEmpty(bean.valueOf('keyStorePath'))) + bean.propertyChar('keyStorePassword', 'encryption.key.storage.password', 'YOUR_ENCRYPTION_KEY_STORAGE_PASSWORD'); + + + bean.intProperty('keySize') + .stringProperty('masterKeyName'); + + break; + + case 'Custom': + const clsName = _.get(encryption, 'Custom.className'); + + if (clsName) + bean = new EmptyBean(clsName); + + break; + + default: + // No-op. + } + + if (bean) + cfg.beanProperty('encryptionSpi', bean); + + return cfg; + } + + // Generate events group. static clusterEvents(cluster, available, cfg = this.igniteConfigurationBean(cluster)) { const eventStorage = cluster.eventStorage; diff --git a/modules/web-console/frontend/app/configuration/generator/generator/defaults/Cluster.service.js b/modules/web-console/frontend/app/configuration/generator/generator/defaults/Cluster.service.js index fc69e32..54e9b3d 100644 --- a/modules/web-console/frontend/app/configuration/generator/generator/defaults/Cluster.service.js +++ b/modules/web-console/frontend/app/configuration/generator/generator/defaults/Cluster.service.js @@ -443,6 +443,12 @@ const DFLT_CLUSTER = { useIgniteSslContextFactory: true, sslClientAuth: false }, + encryptionSpi: { + Keystore: { + keySize: 256, + masterKeyName: 'ignite.master.key' + } + }, authenticationEnabled: false, sqlQueryHistorySize: 1000, allSegmentationResolversPassRequired: true, diff --git a/modules/web-console/src/test/java/org/apache/ignite/console/configuration/WebConsoleConfigurationSelfTest.java b/modules/web-console/src/test/java/org/apache/ignite/console/configuration/WebConsoleConfigurationSelfTest.java index ebfd833..3365778 100644 --- a/modules/web-console/src/test/java/org/apache/ignite/console/configuration/WebConsoleConfigurationSelfTest.java +++ b/modules/web-console/src/test/java/org/apache/ignite/console/configuration/WebConsoleConfigurationSelfTest.java @@ -75,6 +75,7 @@ import org.apache.ignite.spi.communication.tcp.TcpCommunicationSpi; import org.apache.ignite.spi.deployment.local.LocalDeploymentSpi; import org.apache.ignite.spi.deployment.uri.UriDeploymentSpi; import org.apache.ignite.spi.discovery.tcp.TcpDiscoverySpi; +import org.apache.ignite.spi.encryption.keystore.KeystoreEncryptionSpi; import org.apache.ignite.spi.eventstorage.memory.MemoryEventStorageSpi; import org.apache.ignite.spi.failover.always.AlwaysFailoverSpi; import org.apache.ignite.spi.failover.jobstealing.JobStealingFailoverSpi; @@ -193,6 +194,7 @@ public class WebConsoleConfigurationSelfTest { igniteCfgProps.add("pluginConfigurations"); igniteCfgProps.add("mvccVacuumFrequency"); igniteCfgProps.add("mvccVacuumThreadCount"); + igniteCfgProps.add("encryptionSpi"); igniteCfgProps.add("authenticationEnabled"); igniteCfgProps.add("sqlQueryHistorySize"); igniteCfgProps.add("lifecycleBeans"); @@ -233,6 +235,12 @@ public class WebConsoleConfigurationSelfTest { metadata.put(IgniteConfiguration.class, new MetadataInfo(igniteCfgProps, igniteCfgPropsDep, igniteCfgPropsExcl)); + Set<String> encriptionSpiProps = new HashSet<>(); + encriptionSpiProps.add("keySize"); + encriptionSpiProps.add("masterKeyName"); + encriptionSpiProps.add("keyStorePath"); + metadata.put(KeystoreEncryptionSpi.class, new MetadataInfo(encriptionSpiProps, EMPTY_FIELDS, SPI_EXCLUDED_FIELDS)); + Set<String> cacheKeyCfgProps = new HashSet<>(); cacheKeyCfgProps.add("typeName"); cacheKeyCfgProps.add("affinityKeyFieldName");