You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ra...@apache.org on 2017/06/26 04:32:21 UTC
[cloudstack] branch master updated: Revert "Merge pull request
#2084 from shapeblue/passwd-speedup"
This is an automated email from the ASF dual-hosted git repository.
rajani pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/master by this push:
new 24434be Revert "Merge pull request #2084 from shapeblue/passwd-speedup"
new d577ade Merge release branch 4.9 to master
24434be is described below
commit 24434beb42a0f79fe1bdc68629676767c021e46e
Author: Rajani Karuturi <ra...@accelerite.com>
AuthorDate: Mon Jun 26 09:58:33 2017 +0530
Revert "Merge pull request #2084 from shapeblue/passwd-speedup"
This reverts commit 48f413a9825d0554cf5080b4723688d8c47afe5c, reversing
changes made to 5f35c15b6b3ff49cb49c5563abbef7cc0e21d4a7.
---
.../debian/config/opt/cloud/bin/configure.py | 30 +++++++++++
.../debian/config/opt/cloud/bin/cs/CsVmPassword.py | 61 ----------------------
.../patches/debian/config/opt/cloud/bin/cs_vmp.py | 27 ++++++++++
.../patches/debian/config/opt/cloud/bin/merge.py | 20 +++----
.../debian/config/opt/cloud/bin/update_config.py | 21 +-------
5 files changed, 68 insertions(+), 91 deletions(-)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index ff5d3ed..bdcfec9 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -45,6 +45,36 @@ from cs.CsProcess import CsProcess
from cs.CsStaticRoutes import CsStaticRoutes
+class CsPassword(CsDataBag):
+
+ TOKEN_FILE="/tmp/passwdsrvrtoken"
+
+ def process(self):
+ for item in self.dbag:
+ if item == "id":
+ continue
+ self.__update(item, self.dbag[item])
+
+ def __update(self, vm_ip, password):
+ token = ""
+ try:
+ tokenFile = open(self.TOKEN_FILE)
+ token = tokenFile.read()
+ except IOError:
+ logging.debug("File %s does not exist" % self.TOKEN_FILE)
+
+ ips_cmd = "ip addr show | grep inet | awk '{print $2}'"
+ ips = CsHelper.execute(ips_cmd)
+ for ip in ips:
+ server_ip = ip.split('/')[0]
+ proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', server_ip])
+ if proc.find():
+ update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
+ '-F "token={TOKEN}" >/dev/null 2>/dev/null &'.format(SERVER_IP=server_ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
+ result = CsHelper.execute(update_command)
+ logging.debug("Update password server result ==> %s" % result)
+
+
class CsAcl(CsDataBag):
"""
Deal with Network acls
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsVmPassword.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsVmPassword.py
deleted file mode 100644
index 1376093..0000000
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsVmPassword.py
+++ /dev/null
@@ -1,61 +0,0 @@
-#!/usr/bin/python
-# -- coding: utf-8 --
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-import CsHelper
-from CsProcess import CsProcess
-from netaddr import IPNetwork, IPAddress
-import logging
-
-
-class CsPassword:
-
- TOKEN_FILE="/tmp/passwdsrvrtoken"
-
- def __init__(self, dbag):
- self.dbag = dbag
- self.process()
-
- def process(self):
- self.__update(self.dbag['ip_address'], self.dbag['password'])
-
- def __update(self, vm_ip, password):
- token = ""
- try:
- tokenFile = open(self.TOKEN_FILE)
- token = tokenFile.read()
- except IOError:
- logging.debug("File %s does not exist" % self.TOKEN_FILE)
-
- logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
- get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
- cidrs = CsHelper.execute(get_cidrs_cmd)
- logging.debug("Found these CIDRs: %s" % cidrs)
- for cidr in cidrs:
- logging.debug("Processing CIDR '%s'" % cidr)
- if IPAddress(vm_ip) in IPNetwork(cidr):
- ip = cidr.split('/')[0]
- logging.debug("Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip))
- proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip])
- if proc.find():
- update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
- '-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
- result = CsHelper.execute(update_command)
- logging.debug("Update password server result ==> %s" % result)
- else:
- logging.debug("Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)" % ip)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
new file mode 100755
index 0000000..3a8e06e
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
@@ -0,0 +1,27 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+from pprint import pprint
+from netaddr import *
+
+
+def merge(dbag, data):
+ """
+ Track vm passwords
+ """
+ dbag[data['ip_address']] = data['password']
+ return dbag
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/merge.py b/systemvm/patches/debian/config/opt/cloud/bin/merge.py
index 0c85461..9c9b42a 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/merge.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/merge.py
@@ -23,6 +23,7 @@ import logging
import cs_ip
import cs_guestnetwork
import cs_cmdline
+import cs_vmp
import cs_network_acl
import cs_firewallrules
import cs_loadbalancer
@@ -35,6 +36,8 @@ import cs_remoteaccessvpn
import cs_vpnusers
import cs_staticroutes
+from pprint import pprint
+
class DataBag:
@@ -103,6 +106,8 @@ class updateDataBag:
dbag = self.processGuestNetwork(self.db.getDataBag())
elif self.qFile.type == 'cmdline':
dbag = self.processCL(self.db.getDataBag())
+ elif self.qFile.type == 'vmpassword':
+ dbag = self.processVMpassword(self.db.getDataBag())
elif self.qFile.type == 'networkacl':
dbag = self.process_network_acl(self.db.getDataBag())
elif self.qFile.type == 'firewallrules':
@@ -184,6 +189,9 @@ class updateDataBag:
def process_staticroutes(self, dbag):
return cs_staticroutes.merge(dbag, self.qFile.data)
+ def processVMpassword(self, dbag):
+ return cs_vmp.merge(dbag, self.qFile.data)
+
def processForwardingRules(self, dbag):
# to be used by both staticnat and portforwarding
return cs_forwardingrules.merge(dbag, self.qFile.data)
@@ -268,21 +276,13 @@ class QueueFile:
fileName = ''
configCache = "/var/cache/cloud"
keep = True
- do_merge = True
data = {}
- def update_databag(self):
- if self.do_merge:
- logging.info("Merging because do_merge is %s" % self.do_merge)
- updateDataBag(self)
- else:
- logging.info("Not merging because do_merge is %s" % self.do_merge)
-
def load(self, data):
if data is not None:
self.data = data
self.type = self.data["type"]
- self.update_databag()
+ proc = updateDataBag(self)
return
fn = self.configCache + '/' + self.fileName
try:
@@ -297,7 +297,7 @@ class QueueFile:
self.__moveFile(fn, self.configCache + "/processed")
else:
os.remove(fn)
- self.update_databag()
+ proc = updateDataBag(self)
def setFile(self, name):
self.fileName = name
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/update_config.py b/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
index 1724027..ab08e03 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
@@ -25,7 +25,6 @@ import os
import os.path
import configure
import json
-from cs.CsVmPassword import *
logging.basicConfig(filename='/var/log/cloud.log', level=logging.INFO, format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s')
@@ -46,31 +45,17 @@ def finish_config():
sys.exit(returncode)
-def process(do_merge=True):
+def process_file():
print "[INFO] Processing JSON file %s" % sys.argv[1]
qf = QueueFile()
qf.setFile(sys.argv[1])
- qf.do_merge = do_merge
qf.load(None)
- return qf
-
-
-def process_file():
- print "[INFO] process_file"
- qf = process()
# These can be safely deferred, dramatically speeding up loading times
if not (os.environ.get('DEFER_CONFIG', False) and sys.argv[1] in ('vm_dhcp_entry.json', 'vm_metadata.json')):
# Converge
finish_config()
-def process_vmpasswd():
- print "[INFO] process_vmpassword"
- qf = process(False)
- print "[INFO] Sending password to password server"
- CsPassword(qf.getData())
-
-
def is_guestnet_configured(guestnet_dict, keys):
existing_keys = []
@@ -152,10 +137,6 @@ if sys.argv[1] == "guest_network.json":
else:
print "[INFO] update_config.py :: No GuestNetwork configured yet. Configuring first one now."
process_file()
-# Bypass saving passwords and running full config/convergence, just feed passwd to passwd server and stop
-elif sys.argv[1].startswith("vm_password.json"):
- print "[INFO] update_config.py :: Processing incoming vm_passwd file => %s" % sys.argv[1]
- process_vmpasswd()
else:
print "[INFO] update_config.py :: Processing incoming file => %s" % sys.argv[1]
process_file()
--
To stop receiving notification emails like this one, please contact
['"commits@cloudstack.apache.org" <co...@cloudstack.apache.org>'].