You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by bh...@apache.org on 2017/12/04 05:15:51 UTC
[cloudstack] 04/04: refactor crufty configuration code
This is an automated email from the ASF dual-hosted git repository.
bhaisaab pushed a commit to branch debian9-systemvmtemplate
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit cc3113a010266a52d21fea54719125e88ef1e46d
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Mon Dec 4 10:44:34 2017 +0530
refactor crufty configuration code
Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
systemvm/patches/debian/etc/rc.local | 9 ---
systemvm/patches/debian/opt/cloud/bin/configure.py | 89 +++++++++++-----------
.../patches/debian/opt/cloud/bin/update_config.py | 16 ++--
3 files changed, 49 insertions(+), 65 deletions(-)
diff --git a/systemvm/patches/debian/etc/rc.local b/systemvm/patches/debian/etc/rc.local
index bb4e251..895c120 100755
--- a/systemvm/patches/debian/etc/rc.local
+++ b/systemvm/patches/debian/etc/rc.local
@@ -67,12 +67,3 @@ then
python /opt/cloud/bin/baremetal-vr.py &
logger -t cloud "Started baremetal-vr service"
fi
-
-if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsrvr" ]
-then
- if [ -x /opt/cloud/bin/update_config.py ]
- then
- /opt/cloud/bin/update_config.py cmd_line.json
- logger -t cloud "Updated config: cmd_line.json"
- fi
-fi
diff --git a/systemvm/patches/debian/opt/cloud/bin/configure.py b/systemvm/patches/debian/opt/cloud/bin/configure.py
index 3b39e6d..ed67ec6 100755
--- a/systemvm/patches/debian/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/opt/cloud/bin/configure.py
@@ -17,15 +17,15 @@
# specific language governing permissions and limitations
# under the License.
import sys
+import os
import base64
+import time
from collections import OrderedDict
import logging
import re
-import os.path
-import os
from fcntl import flock, LOCK_EX, LOCK_UN
from cs.CsDatabag import CsDataBag
@@ -39,7 +39,6 @@ from cs.CsConfig import CsConfig
from cs.CsProcess import CsProcess
from cs.CsStaticRoutes import CsStaticRoutes
-OCCURRENCES = 1
class CsPassword(CsDataBag):
@@ -197,12 +196,12 @@ class CsAcl(CsDataBag):
self.rule['action'] = "ACCEPT"
egressIpsetStr=''
- if sflag == True and dflag == True:
+ if sflag and dflag :
egressIpsetStr = " -m set --match-set %s src " % sourceIpsetName + \
" -m set --match-set %s dst " % destIpsetName
- elif sflag == True:
+ elif sflag:
egressIpsetStr = " -m set --match-set %s src " % sourceIpsetName
- elif dflag == True:
+ elif dflag:
egressIpsetStr = " -m set --match-set %s dst " % destIpsetName
if rule['protocol'] == "icmp":
@@ -666,8 +665,7 @@ class CsRemoteAccessVpn(CsDataBag):
# Enable remote access vpn
if vpnconfig['create']:
- shutdownIpsec = False
- logging.debug("Enabling remote access vpn on "+ public_ip)
+ logging.debug("Enabling remote access vpn on "+ public_ip)
CsHelper.start_if_stopped("ipsec")
self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
@@ -995,6 +993,8 @@ def main(argv):
logging.debug("No file was received, do not go on processing the other actions. Just leave for now.")
return
+ json_type = os.path.basename(process_file).split('.json')[0]
+
# The "GLOBAL" Configuration object
config = CsConfig()
@@ -1008,50 +1008,47 @@ def main(argv):
config.address().compare()
config.address().process()
- databag_map = OrderedDict([("guest_network.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("vm_password.json", {"process_iptables" : False, "executor" : CsPassword("vmpassword", config)}),
- ("vm_metadata.json", {"process_iptables" : False, "executor" : CsVmMetadata('vmdata', config)}),
- ("network_acl.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("firewall_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("forwarding_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("staticnat_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("site_2_site_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("remote_access_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("vpn_user_list.json", {"process_iptables" : False, "executor" : CsVpnUser("vpnuserlist", config)}),
- ("vm_dhcp_entry.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}),
- ("dhcp.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}),
- ("load_balancer.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}),
- ("monitor_service.json", {"process_iptables" : False, "executor" : CsMonitor("monitorservice", config)}),
- ("static_routes.json", {"process_iptables" : False, "executor" : CsStaticRoutes("staticroutes", config)})
+ databag_map = OrderedDict([("guest_network", {"process_iptables" : True, "executor" : []}),
+ ("vm_password", {"process_iptables" : False, "executor" : [CsPassword("vmpassword", config)]}),
+ ("vm_metadata", {"process_iptables" : False, "executor" : [CsVmMetadata('vmdata', config)]}),
+ ("network_acl", {"process_iptables" : True, "executor" : []}),
+ ("firewall_rules", {"process_iptables" : True, "executor" : []}),
+ ("forwarding_rules", {"process_iptables" : True, "executor" : []}),
+ ("staticnat_rules", {"process_iptables" : True, "executor" : []}),
+ ("site_2_site_vpn", {"process_iptables" : True, "executor" : []}),
+ ("remote_access_vpn", {"process_iptables" : True, "executor" : []}),
+ ("vpn_user_list", {"process_iptables" : False, "executor" : [CsVpnUser("vpnuserlist", config)]}),
+ ("vm_dhcp_entry", {"process_iptables" : False, "executor" : [CsDhcp("dhcpentry", config)]}),
+ ("dhcp", {"process_iptables" : False, "executor" : [CsDhcp("dhcpentry", config)]}),
+ ("load_balancer", {"process_iptables" : True, "executor" : []}),
+ ("monitor_service", {"process_iptables" : False, "executor" : [CsMonitor("monitorservice", config)]}),
+ ("static_routes", {"process_iptables" : False, "executor" : [CsStaticRoutes("staticroutes", config)]})
])
- if process_file.count("cmd_line.json") == OCCURRENCES:
- logging.debug("cmd_line.json changed. All other files will be processed as well.")
-
- while databag_map:
- item = databag_map.popitem(last = False)
- item_name = item[0]
- item_dict = item[1]
- if not item_dict["process_iptables"]:
- executor = item_dict["executor"]
- executor.process()
+ def execDatabag(key, db):
+ if key not in db.keys() or 'executor' not in db[key]:
+ logging.warn("Unable to find config or executor(s) for the databag type %s" % key)
+ return
+ for executor in db[key]['executor']:
+ logging.debug("Processing for databag type: %s" % key)
+ executor.process()
+ def execIptables(config):
+ logging.debug("Processing iptables rules")
iptables_executor = IpTablesExecutor(config)
iptables_executor.process()
- else:
- while databag_map:
- item = databag_map.popitem(last = False)
- item_name = item[0]
- item_dict = item[1]
- if process_file.count(item_name) == OCCURRENCES:
- executor = item_dict["executor"]
- executor.process()
-
- if item_dict["process_iptables"]:
- iptables_executor = IpTablesExecutor(config)
- iptables_executor.process()
- break
+ if json_type == "cmd_line":
+ logging.debug("cmd_line.json changed. All other files will be processed as well.")
+ for key in databag_map.keys():
+ execDatabag(key, databag_map)
+ execIptables(config)
+ elif json_type in databag_map.keys():
+ execDatabag(json_type, databag_map)
+ if databag_map[json_type]['process_iptables']:
+ execIptables(config)
+ else:
+ logging.warn("Unable to find and process databag for file: %s, for json type=%s" % (process_file, json_type))
red = CsRedundant(config)
red.set()
diff --git a/systemvm/patches/debian/opt/cloud/bin/update_config.py b/systemvm/patches/debian/opt/cloud/bin/update_config.py
index 9427bc8..e4e70de 100755
--- a/systemvm/patches/debian/opt/cloud/bin/update_config.py
+++ b/systemvm/patches/debian/opt/cloud/bin/update_config.py
@@ -24,11 +24,8 @@ from subprocess import PIPE, STDOUT
import os
import os.path
import configure
-import glob
import json
-OCCURRENCES = 1
-
logging.basicConfig(filename='/var/log/cloud.log', level=logging.DEBUG, format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s')
# first commandline argument should be the file to process
@@ -38,7 +35,8 @@ if (len(sys.argv) != 2):
# FIXME we should get this location from a configuration class
jsonPath = "/var/cache/cloud/%s"
-jsonCmdConfigPath = jsonPath % sys.argv[1]
+jsonFilename = sys.argv[1]
+jsonConfigFile = jsonPath % jsonFilename
currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json"
@@ -75,8 +73,7 @@ def is_guestnet_configured(guestnet_dict, keys):
print "[WARN] update_config.py :: Reconfiguring guest network..."
return False
- filename = min(glob.iglob(jsonCmdConfigPath + '*'), key=os.path.getctime)
- file = open(filename)
+ file = open(jsonConfigFile)
new_guestnet_dict = json.load(file)
if not new_guestnet_dict['add']:
@@ -116,13 +113,12 @@ def is_guestnet_configured(guestnet_dict, keys):
return exists
-filename = min(glob.iglob(jsonCmdConfigPath + '*'), key=os.path.getctime)
-if not (os.path.isfile(filename) and os.access(filename, os.R_OK)):
- print "[ERROR] update_config.py :: You are telling me to process %s, but i can't access it" % jsonCmdConfigPath
+if not (os.path.isfile(jsonConfigFile) and os.access(jsonConfigFile, os.R_OK)):
+ print "[ERROR] update_config.py :: Unable to read and access %s to process it" % jsonConfigFile
sys.exit(1)
# If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break
-if sys.argv[1] and sys.argv[1].count("guest_network.json") == OCCURRENCES:
+if jsonFilename.startswith("guest_network.json"):
if os.path.isfile(currentGuestNetConfig):
file = open(currentGuestNetConfig)
guestnet_dict = json.load(file)
--
To stop receiving notification emails like this one, please contact
"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>.