engine/schema/src/main/java/com/cloud/upgrade/dao/Upgrade302to303.java - cloudstack - Git at Google

 // Licensed to the Apache Software Foundation (ASF) under one
 // or more contributor license agreements.  See the NOTICE file
 // distributed with this work for additional information
 // regarding copyright ownership.  The ASF licenses this file
 // to you under the Apache License, Version 2.0 (the
 // "License"); you may not use this file except in compliance
 // with the License.  You may obtain a copy of the License at
 //
 //   http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing,
 // software distributed under the License is distributed on an
 // "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 // KIND, either express or implied.  See the License for the
 // specific language governing permissions and limitations
 // under the License.

 package com.cloud.upgrade.dao;

 /**
  * @author Alena Prokharchyk
  */
 import java.io.InputStream;
 import java.io.UnsupportedEncodingException;
 import java.sql.Connection;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
 import java.util.UUID;


 import com.cloud.dc.DataCenter.NetworkType;
 import com.cloud.utils.crypt.DBEncryptionUtil;
 import com.cloud.utils.exception.CloudRuntimeException;

 public class Upgrade302to303 extends LegacyDbUpgrade {

     @Override
     public String[] getUpgradableVersionRange() {
         return new String[] {"3.0.2", "3.0.3"};
     }

     @Override
     public String getUpgradedVersion() {
         return "3.0.3";
     }

     @Override
     public boolean supportsRollingUpgrade() {
         return true;
     }

     @Override
     public InputStream[] getPrepareScripts() {
         final String scriptFile = "META-INF/db/schema-302to303.sql";
         final InputStream script = Thread.currentThread().getContextClassLoader().getResourceAsStream(scriptFile);
         if (script == null) {
             throw new CloudRuntimeException("Unable to find " + scriptFile);
         }

         return new InputStream[] {script};
     }

     @Override
     public void performDataMigration(Connection conn) {
         setupExternalNetworkDevices(conn);
         encryptConfig(conn);
     }

     // upgrades deployment with F5 and SRX devices, to 3.0's Network offerings & service providers paradigm
     private void setupExternalNetworkDevices(Connection conn) {
         PreparedStatement zoneSearchStmt = null, pNetworkStmt = null, f5DevicesStmt = null, srxDevicesStmt = null;
         ResultSet zoneResults = null, pNetworksResults = null, f5DevicesResult = null, srxDevicesResult = null;

         try {
             zoneSearchStmt = conn.prepareStatement("SELECT id, networktype FROM `cloud`.`data_center`");
             zoneResults = zoneSearchStmt.executeQuery();
             while (zoneResults.next()) {
                 long zoneId = zoneResults.getLong(1);
                 String networkType = zoneResults.getString(2);

                 if (!NetworkType.Advanced.toString().equalsIgnoreCase(networkType)) {
                     continue;
                 }

                 pNetworkStmt = conn.prepareStatement("SELECT id FROM `cloud`.`physical_network` where data_center_id=?");
                 pNetworkStmt.setLong(1, zoneId);
                 pNetworksResults = pNetworkStmt.executeQuery();
                 while (pNetworksResults.next()) {
                     long physicalNetworkId = pNetworksResults.getLong(1);
                     PreparedStatement fetchF5NspStmt =
                         conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId +
                             " and provider_name = 'F5BigIp'");
                     ResultSet rsF5NSP = fetchF5NspStmt.executeQuery();
                     boolean hasF5Nsp = rsF5NSP.next();
                     fetchF5NspStmt.close();

                     if (!hasF5Nsp) {
                         f5DevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalLoadBalancer' AND removed IS NULL");
                         f5DevicesStmt.setLong(1, zoneId);
                         f5DevicesResult = f5DevicesStmt.executeQuery();

                         while (f5DevicesResult.next()) {
                             long f5HostId = f5DevicesResult.getLong(1);
                             ;
                             // add F5BigIP provider and provider instance to physical network
                             addF5ServiceProvider(conn, physicalNetworkId, zoneId);
                             addF5LoadBalancer(conn, f5HostId, physicalNetworkId);
                         }
                     }

                     PreparedStatement fetchSRXNspStmt =
                         conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId +
                             " and provider_name = 'JuniperSRX'");
                     ResultSet rsSRXNSP = fetchSRXNspStmt.executeQuery();
                     boolean hasSrxNsp = rsSRXNSP.next();
                     fetchSRXNspStmt.close();

                     if (!hasSrxNsp) {
                         srxDevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalFirewall' AND removed IS NULL");
                         srxDevicesStmt.setLong(1, zoneId);
                         srxDevicesResult = srxDevicesStmt.executeQuery();

                         while (srxDevicesResult.next()) {
                             long srxHostId = srxDevicesResult.getLong(1);
                             // add SRX provider and provider instance to physical network
                             addSrxServiceProvider(conn, physicalNetworkId, zoneId);
                             addSrxFirewall(conn, srxHostId, physicalNetworkId);
                         }
                     }
                 }
             }
             closeAutoCloseable(zoneResults);
             closeAutoCloseable(zoneSearchStmt);
         } catch (SQLException e) {
             throw new CloudRuntimeException("Exception while adding PhysicalNetworks", e);
         }
     }

     private void addF5LoadBalancer(Connection conn, long hostId, long physicalNetworkId) {
         PreparedStatement pstmtUpdate = null;
         try {
             logger.debug("Adding F5 Big IP load balancer with host id " + hostId + " in to physical network" + physicalNetworkId);
             String insertF5 =
                 "INSERT INTO `cloud`.`external_load_balancer_devices` (physical_network_id, host_id, provider_name, "
                     + "device_name, capacity, is_dedicated, device_state, allocation_state, is_inline, is_managed, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
             pstmtUpdate = conn.prepareStatement(insertF5);
             pstmtUpdate.setLong(1, physicalNetworkId);
             pstmtUpdate.setLong(2, hostId);
             pstmtUpdate.setString(3, "F5BigIp");
             pstmtUpdate.setString(4, "F5BigIpLoadBalancer");
             pstmtUpdate.setLong(5, 0);
             pstmtUpdate.setBoolean(6, false);
             pstmtUpdate.setString(7, "Enabled");
             pstmtUpdate.setString(8, "Shared");
             pstmtUpdate.setBoolean(9, false);
             pstmtUpdate.setBoolean(10, false);
             pstmtUpdate.setString(11, UUID.randomUUID().toString());
             pstmtUpdate.executeUpdate();
         } catch (SQLException e) {
             throw new CloudRuntimeException("Exception while adding F5 load balancer device", e);
         } finally {
             closeAutoCloseable(pstmtUpdate);
         }
     }

     private void addSrxFirewall(Connection conn, long hostId, long physicalNetworkId) {
         PreparedStatement pstmtUpdate = null;
         try {
             logger.debug("Adding SRX firewall device with host id " + hostId + " in to physical network" + physicalNetworkId);
             String insertSrx =
                 "INSERT INTO `cloud`.`external_firewall_devices` (physical_network_id, host_id, provider_name, "
                     + "device_name, capacity, is_dedicated, device_state, allocation_state, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?)";
             pstmtUpdate = conn.prepareStatement(insertSrx);
             pstmtUpdate.setLong(1, physicalNetworkId);
             pstmtUpdate.setLong(2, hostId);
             pstmtUpdate.setString(3, "JuniperSRX");
             pstmtUpdate.setString(4, "JuniperSRXFirewall");
             pstmtUpdate.setLong(5, 0);
             pstmtUpdate.setBoolean(6, false);
             pstmtUpdate.setString(7, "Enabled");
             pstmtUpdate.setString(8, "Shared");
             pstmtUpdate.setString(9, UUID.randomUUID().toString());
             pstmtUpdate.executeUpdate();
         } catch (SQLException e) {
             throw new CloudRuntimeException("Exception while adding SRX firewall device ", e);
         } finally {
             closeAutoCloseable(pstmtUpdate);
         }
     }

     private void addF5ServiceProvider(Connection conn, long physicalNetworkId, long zoneId) {
         PreparedStatement pstmtUpdate = null;
         try {
             // add physical network service provider - F5BigIp
             logger.debug("Adding PhysicalNetworkServiceProvider F5BigIp" + " in to physical network" + physicalNetworkId);
             String insertPNSP =
                 "INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ,"
                     + "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`,"
                     + "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`,"
                     + "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,0,0,0,1,0,0,0,0)";

             pstmtUpdate = conn.prepareStatement(insertPNSP);
             pstmtUpdate.setString(1, UUID.randomUUID().toString());
             pstmtUpdate.setLong(2, physicalNetworkId);
             pstmtUpdate.setString(3, "F5BigIp");
             pstmtUpdate.setString(4, "Enabled");
             pstmtUpdate.executeUpdate();
         } catch (SQLException e) {
             throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider F5BigIp", e);
         } finally {
             closeAutoCloseable(pstmtUpdate);
         }
     }

     private void addSrxServiceProvider(Connection conn, long physicalNetworkId, long zoneId) {
         PreparedStatement pstmtUpdate = null;
         try {
             // add physical network service provider - JuniperSRX
             logger.debug("Adding PhysicalNetworkServiceProvider JuniperSRX");
             String insertPNSP =
                 "INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ,"
                     + "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`,"
                     + "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`,"
                     + "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,1,1,1,0,1,1,0,0)";

             pstmtUpdate = conn.prepareStatement(insertPNSP);
             pstmtUpdate.setString(1, UUID.randomUUID().toString());
             pstmtUpdate.setLong(2, physicalNetworkId);
             pstmtUpdate.setString(3, "JuniperSRX");
             pstmtUpdate.setString(4, "Enabled");
             pstmtUpdate.executeUpdate();
         } catch (SQLException e) {
             throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider JuniperSRX", e);
         } finally {
             closeAutoCloseable(pstmtUpdate);
         }
     }

     private void encryptConfig(Connection conn) {
         //Encrypt config params and change category to Hidden
         logger.debug("Encrypting Config values");
         PreparedStatement pstmt = null;
         ResultSet rs = null;
         try {
             pstmt =
                 conn.prepareStatement("select name, value from `cloud`.`configuration` where name in ('router.ram.size', 'secondary.storage.vm', 'security.hash.key') and category <> 'Hidden'");
             rs = pstmt.executeQuery();
             while (rs.next()) {
                 String name = rs.getString(1);
                 String value = rs.getString(2);
                 if (value == null) {
                     continue;
                 }
                 String encryptedValue = DBEncryptionUtil.encrypt(value);
                 pstmt = conn.prepareStatement("update `cloud`.`configuration` set value=?, category = 'Hidden' where name=?");
                 pstmt.setBytes(1, encryptedValue.getBytes("UTF-8"));
                 pstmt.setString(2, name);
                 pstmt.executeUpdate();
             }
         } catch (SQLException e) {
             throw new CloudRuntimeException("Unable encrypt configuration values ", e);
         } catch (UnsupportedEncodingException e) {
             throw new CloudRuntimeException("Unable encrypt configuration values ", e);
         } finally {
             closeAutoCloseable(rs);
             closeAutoCloseable(pstmt);
         }
         logger.debug("Done encrypting Config values");
     }

     @Override
     public InputStream[] getCleanupScripts() {
         return null;
     }
 }
	// Licensed to the Apache Software Foundation (ASF) under one
	// or more contributor license agreements. See the NOTICE file
	// distributed with this work for additional information
	// regarding copyright ownership. The ASF licenses this file
	// to you under the Apache License, Version 2.0 (the
	// "License"); you may not use this file except in compliance
	// with the License. You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing,
	// software distributed under the License is distributed on an
	// "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	// KIND, either express or implied. See the License for the
	// specific language governing permissions and limitations
	// under the License.

	package com.cloud.upgrade.dao;

	/**
	* @author Alena Prokharchyk
	*/
	import java.io.InputStream;
	import java.io.UnsupportedEncodingException;
	import java.sql.Connection;
	import java.sql.PreparedStatement;
	import java.sql.ResultSet;
	import java.sql.SQLException;
	import java.util.UUID;


	import com.cloud.dc.DataCenter.NetworkType;
	import com.cloud.utils.crypt.DBEncryptionUtil;
	import com.cloud.utils.exception.CloudRuntimeException;

	public class Upgrade302to303 extends LegacyDbUpgrade {

	@Override
	public String[] getUpgradableVersionRange() {
	return new String[] {"3.0.2", "3.0.3"};
	}

	@Override
	public String getUpgradedVersion() {
	return "3.0.3";
	}

	@Override
	public boolean supportsRollingUpgrade() {
	return true;
	}

	@Override
	public InputStream[] getPrepareScripts() {
	final String scriptFile = "META-INF/db/schema-302to303.sql";
	final InputStream script = Thread.currentThread().getContextClassLoader().getResourceAsStream(scriptFile);
	if (script == null) {
	throw new CloudRuntimeException("Unable to find " + scriptFile);
	}

	return new InputStream[] {script};
	}

	@Override
	public void performDataMigration(Connection conn) {
	setupExternalNetworkDevices(conn);
	encryptConfig(conn);
	}

	// upgrades deployment with F5 and SRX devices, to 3.0's Network offerings & service providers paradigm
	private void setupExternalNetworkDevices(Connection conn) {
	PreparedStatement zoneSearchStmt = null, pNetworkStmt = null, f5DevicesStmt = null, srxDevicesStmt = null;
	ResultSet zoneResults = null, pNetworksResults = null, f5DevicesResult = null, srxDevicesResult = null;

	try {
	zoneSearchStmt = conn.prepareStatement("SELECT id, networktype FROM `cloud`.`data_center`");
	zoneResults = zoneSearchStmt.executeQuery();
	while (zoneResults.next()) {
	long zoneId = zoneResults.getLong(1);
	String networkType = zoneResults.getString(2);

	if (!NetworkType.Advanced.toString().equalsIgnoreCase(networkType)) {
	continue;
	}

	pNetworkStmt = conn.prepareStatement("SELECT id FROM `cloud`.`physical_network` where data_center_id=?");
	pNetworkStmt.setLong(1, zoneId);
	pNetworksResults = pNetworkStmt.executeQuery();
	while (pNetworksResults.next()) {
	long physicalNetworkId = pNetworksResults.getLong(1);
	PreparedStatement fetchF5NspStmt =
	conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId +
	" and provider_name = 'F5BigIp'");
	ResultSet rsF5NSP = fetchF5NspStmt.executeQuery();
	boolean hasF5Nsp = rsF5NSP.next();
	fetchF5NspStmt.close();

	if (!hasF5Nsp) {
	f5DevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalLoadBalancer' AND removed IS NULL");
	f5DevicesStmt.setLong(1, zoneId);
	f5DevicesResult = f5DevicesStmt.executeQuery();

	while (f5DevicesResult.next()) {
	long f5HostId = f5DevicesResult.getLong(1);
	;
	// add F5BigIP provider and provider instance to physical network
	addF5ServiceProvider(conn, physicalNetworkId, zoneId);
	addF5LoadBalancer(conn, f5HostId, physicalNetworkId);
	}
	}

	PreparedStatement fetchSRXNspStmt =
	conn.prepareStatement("SELECT id from `cloud`.`physical_network_service_providers` where physical_network_id=" + physicalNetworkId +
	" and provider_name = 'JuniperSRX'");
	ResultSet rsSRXNSP = fetchSRXNspStmt.executeQuery();
	boolean hasSrxNsp = rsSRXNSP.next();
	fetchSRXNspStmt.close();

	if (!hasSrxNsp) {
	srxDevicesStmt = conn.prepareStatement("SELECT id FROM host WHERE data_center_id=? AND type = 'ExternalFirewall' AND removed IS NULL");
	srxDevicesStmt.setLong(1, zoneId);
	srxDevicesResult = srxDevicesStmt.executeQuery();

	while (srxDevicesResult.next()) {
	long srxHostId = srxDevicesResult.getLong(1);
	// add SRX provider and provider instance to physical network
	addSrxServiceProvider(conn, physicalNetworkId, zoneId);
	addSrxFirewall(conn, srxHostId, physicalNetworkId);
	}
	}
	}
	}
	closeAutoCloseable(zoneResults);
	closeAutoCloseable(zoneSearchStmt);
	} catch (SQLException e) {
	throw new CloudRuntimeException("Exception while adding PhysicalNetworks", e);
	}
	}

	private void addF5LoadBalancer(Connection conn, long hostId, long physicalNetworkId) {
	PreparedStatement pstmtUpdate = null;
	try {
	logger.debug("Adding F5 Big IP load balancer with host id " + hostId + " in to physical network" + physicalNetworkId);
	String insertF5 =
	"INSERT INTO `cloud`.`external_load_balancer_devices` (physical_network_id, host_id, provider_name, "
	+ "device_name, capacity, is_dedicated, device_state, allocation_state, is_inline, is_managed, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
	pstmtUpdate = conn.prepareStatement(insertF5);
	pstmtUpdate.setLong(1, physicalNetworkId);
	pstmtUpdate.setLong(2, hostId);
	pstmtUpdate.setString(3, "F5BigIp");
	pstmtUpdate.setString(4, "F5BigIpLoadBalancer");
	pstmtUpdate.setLong(5, 0);
	pstmtUpdate.setBoolean(6, false);
	pstmtUpdate.setString(7, "Enabled");
	pstmtUpdate.setString(8, "Shared");
	pstmtUpdate.setBoolean(9, false);
	pstmtUpdate.setBoolean(10, false);
	pstmtUpdate.setString(11, UUID.randomUUID().toString());
	pstmtUpdate.executeUpdate();
	} catch (SQLException e) {
	throw new CloudRuntimeException("Exception while adding F5 load balancer device", e);
	} finally {
	closeAutoCloseable(pstmtUpdate);
	}
	}

	private void addSrxFirewall(Connection conn, long hostId, long physicalNetworkId) {
	PreparedStatement pstmtUpdate = null;
	try {
	logger.debug("Adding SRX firewall device with host id " + hostId + " in to physical network" + physicalNetworkId);
	String insertSrx =
	"INSERT INTO `cloud`.`external_firewall_devices` (physical_network_id, host_id, provider_name, "
	+ "device_name, capacity, is_dedicated, device_state, allocation_state, uuid) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?)";
	pstmtUpdate = conn.prepareStatement(insertSrx);
	pstmtUpdate.setLong(1, physicalNetworkId);
	pstmtUpdate.setLong(2, hostId);
	pstmtUpdate.setString(3, "JuniperSRX");
	pstmtUpdate.setString(4, "JuniperSRXFirewall");
	pstmtUpdate.setLong(5, 0);
	pstmtUpdate.setBoolean(6, false);
	pstmtUpdate.setString(7, "Enabled");
	pstmtUpdate.setString(8, "Shared");
	pstmtUpdate.setString(9, UUID.randomUUID().toString());
	pstmtUpdate.executeUpdate();
	} catch (SQLException e) {
	throw new CloudRuntimeException("Exception while adding SRX firewall device ", e);
	} finally {
	closeAutoCloseable(pstmtUpdate);
	}
	}

	private void addF5ServiceProvider(Connection conn, long physicalNetworkId, long zoneId) {
	PreparedStatement pstmtUpdate = null;
	try {
	// add physical network service provider - F5BigIp
	logger.debug("Adding PhysicalNetworkServiceProvider F5BigIp" + " in to physical network" + physicalNetworkId);
	String insertPNSP =
	"INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ,"
	+ "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`,"
	+ "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`,"
	+ "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,0,0,0,1,0,0,0,0)";

	pstmtUpdate = conn.prepareStatement(insertPNSP);
	pstmtUpdate.setString(1, UUID.randomUUID().toString());
	pstmtUpdate.setLong(2, physicalNetworkId);
	pstmtUpdate.setString(3, "F5BigIp");
	pstmtUpdate.setString(4, "Enabled");
	pstmtUpdate.executeUpdate();
	} catch (SQLException e) {
	throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider F5BigIp", e);
	} finally {
	closeAutoCloseable(pstmtUpdate);
	}
	}

	private void addSrxServiceProvider(Connection conn, long physicalNetworkId, long zoneId) {
	PreparedStatement pstmtUpdate = null;
	try {
	// add physical network service provider - JuniperSRX
	logger.debug("Adding PhysicalNetworkServiceProvider JuniperSRX");
	String insertPNSP =
	"INSERT INTO `cloud`.`physical_network_service_providers` (`uuid`, `physical_network_id` , `provider_name`, `state` ,"
	+ "`destination_physical_network_id`, `vpn_service_provided`, `dhcp_service_provided`, `dns_service_provided`, `gateway_service_provided`,"
	+ "`firewall_service_provided`, `source_nat_service_provided`, `load_balance_service_provided`, `static_nat_service_provided`,"
	+ "`port_forwarding_service_provided`, `user_data_service_provided`, `security_group_service_provided`) VALUES (?,?,?,?,0,0,0,0,1,1,1,0,1,1,0,0)";

	pstmtUpdate = conn.prepareStatement(insertPNSP);
	pstmtUpdate.setString(1, UUID.randomUUID().toString());
	pstmtUpdate.setLong(2, physicalNetworkId);
	pstmtUpdate.setString(3, "JuniperSRX");
	pstmtUpdate.setString(4, "Enabled");
	pstmtUpdate.executeUpdate();
	} catch (SQLException e) {
	throw new CloudRuntimeException("Exception while adding PhysicalNetworkServiceProvider JuniperSRX", e);
	} finally {
	closeAutoCloseable(pstmtUpdate);
	}
	}

	private void encryptConfig(Connection conn) {
	//Encrypt config params and change category to Hidden
	logger.debug("Encrypting Config values");
	PreparedStatement pstmt = null;
	ResultSet rs = null;
	try {
	pstmt =
	conn.prepareStatement("select name, value from `cloud`.`configuration` where name in ('router.ram.size', 'secondary.storage.vm', 'security.hash.key') and category <> 'Hidden'");
	rs = pstmt.executeQuery();
	while (rs.next()) {
	String name = rs.getString(1);
	String value = rs.getString(2);
	if (value == null) {
	continue;
	}
	String encryptedValue = DBEncryptionUtil.encrypt(value);
	pstmt = conn.prepareStatement("update `cloud`.`configuration` set value=?, category = 'Hidden' where name=?");
	pstmt.setBytes(1, encryptedValue.getBytes("UTF-8"));
	pstmt.setString(2, name);
	pstmt.executeUpdate();
	}
	} catch (SQLException e) {
	throw new CloudRuntimeException("Unable encrypt configuration values ", e);
	} catch (UnsupportedEncodingException e) {
	throw new CloudRuntimeException("Unable encrypt configuration values ", e);
	} finally {
	closeAutoCloseable(rs);
	closeAutoCloseable(pstmt);
	}
	logger.debug("Done encrypting Config values");
	}

	@Override
	public InputStream[] getCleanupScripts() {
	return null;
	}
	}