You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ya...@apache.org on 2013/10/18 05:13:43 UTC
[2/2] git commit: updated refs/heads/master to 484d6c4
CLOUDSTACK-2792: Call savepassword.sh inside VR
Also only set password when password service is running, thus avoid setting for
redundant router BACKUP router.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/484d6c4e
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/484d6c4e
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/484d6c4e
Branch: refs/heads/master
Commit: 484d6c4eb741c882e1cc512ab35918d694e855c7
Parents: 85dc65c
Author: Sheng Yang <sh...@citrix.com>
Authored: Thu Oct 17 18:46:08 2013 -0700
Committer: Sheng Yang <sh...@citrix.com>
Committed: Thu Oct 17 20:04:44 2013 -0700
----------------------------------------------------------------------
.../virtualnetwork/VirtualRoutingResource.java | 25 ++------
.../debian/config/opt/cloud/bin/savepassword.sh | 62 +++++++++++++++++++
.../vmware/resource/VmwareResource.java | 4 +-
.../xen/resource/CitrixResourceBase.java | 8 +--
.../debian/config/opt/cloud/bin/savepassword.sh | 65 ++++++++++++++++++++
.../redundant_router/check_heartbeat.sh.templ | 5 +-
.../config/root/redundant_router/fault.sh.templ | 4 ++
.../patches/debian/config/root/savepassword.sh | 58 -----------------
8 files changed, 144 insertions(+), 87 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
----------------------------------------------------------------------
diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
index 479640a..f18caaa 100755
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@@ -103,7 +103,6 @@ import com.cloud.utils.ssh.SshHelper;
@Local(value = {VirtualRoutingResource.class})
public class VirtualRoutingResource implements Manager {
private static final Logger s_logger = Logger.getLogger(VirtualRoutingResource.class);
- private String _savepasswordPath; // This script saves a random password to the DomR file system
private String _publicIpAddress;
private String _firewallPath;
private String _loadbPath;
@@ -548,13 +547,14 @@ public class VirtualRoutingResource implements Manager {
final String vmIpAddress = cmd.getVmIpAddress();
final String local = vmName;
- // Run save_password_to_domr.sh
- final String result = savePassword(routerPrivateIPAddress, vmIpAddress, password, local);
+ String args = "-v " + vmIpAddress;
+ args += " -p " + password;
+
+ String result = routerProxy("savepassword.sh", routerPrivateIPAddress, args);
if (result != null) {
return new Answer(cmd, false, "Unable to save password to DomR.");
- } else {
- return new Answer(cmd);
}
+ return new Answer(cmd);
}
protected Answer execute(final DhcpEntryCommand cmd) {
@@ -813,16 +813,6 @@ public class VirtualRoutingResource implements Manager {
return new ConsoleProxyLoadAnswer(cmd, proxyVmId, proxyVmName, success, result);
}
- public String savePassword(final String privateIpAddress, final String vmIpAddress, final String password, final String localPath) {
- final Script command = new Script(_savepasswordPath, _startTimeout, s_logger);
- command.add("-r", privateIpAddress);
- command.add("-v", vmIpAddress);
- command.add("-p", password);
- command.add(localPath);
-
- return command.execute();
- }
-
public String assignGuestNetwork(final String dev, final String routerIP,
final String routerGIP, final String gateway, final String cidr,
final String netmask, final String dns, final String domainName) {
@@ -1128,11 +1118,6 @@ public class VirtualRoutingResource implements Manager {
throw new ConfigurationException("Unable to find the call_loadbalancer.sh");
}
- _savepasswordPath = findScript("save_password_to_domr.sh");
- if (_savepasswordPath == null) {
- throw new ConfigurationException("Unable to find save_password_to_domr.sh");
- }
-
_dhcpEntryPath = findScript("dhcp_entry.sh");
if (_dhcpEntryPath == null) {
throw new ConfigurationException("Unable to find dhcp_entry.sh");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
----------------------------------------------------------------------
diff --git a/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh b/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
new file mode 100644
index 0000000..9c59757
--- /dev/null
+++ b/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
@@ -0,0 +1,62 @@
+#!/bin/bash
+# Copyright 2012 Citrix Systems, Inc. Licensed under the
+# Apache License, Version 2.0 (the "License"); you may not use this
+# file except in compliance with the License. Citrix Systems, Inc.
+# reserves all rights not expressly granted by the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# Automatically generated by addcopyright.py at 04/03/2012
+
+
+
+
+
+# Usage
+# save_password -v <user VM IP> -p <password>
+
+source /root/func.sh
+
+lock="passwdlock"
+#default timeout value is 30 mins as password reset command is not synchronized on agent side any more,
+#and multiple commands can be sent to the same VR at a time
+locked=$(getLockFile $lock 1800)
+if [ "$locked" != "1" ]
+then
+ exit 1
+fi
+
+PASSWD_FILE=/var/cache/cloud/passwords
+
+while getopts 'v:p:' OPTION
+do
+ case $OPTION in
+ v) VM_IP="$OPTARG"
+ ;;
+ p)
+ ENCODEDPASSWORD="$OPTARG"
+ PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]')
+ ;;
+ ?) echo "Incorrect usage"
+ unlock_exit 1 $lock $locked
+ ;;
+ esac
+done
+
+[ -f $PASSWD_FILE ] || touch $PASSWD_FILE
+
+sed -i /$VM_IP/d $PASSWD_FILE
+
+ps aux | grep serve_password.sh |grep -v grep 2>&1 > /dev/null
+if [ $? -eq 0 ]
+then
+ echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
+else
+ echo "$VM_IP=saved_password" >> $PASSWD_FILE
+fi
+
+unlock_exit $? $lock $locked
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index a35a966..66b0cc6 100755
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -2052,7 +2052,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
String args = " -v " + vmIpAddress;
if (s_logger.isDebugEnabled()) {
- s_logger.debug("Run command on domain router " + controlIp + ", /root/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword()));
+ s_logger.debug("Run command on domain router " + controlIp + ", /opt/cloud/bin/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword()));
}
args += " -p " + password;
@@ -2060,7 +2060,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
try {
VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
- Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/root/savepassword.sh " + args);
+ Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/savepassword.sh " + args);
if (!result.first()) {
s_logger.error("savepassword command on domain router " + controlIp + " failed, message: " + result.second());
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
----------------------------------------------------------------------
diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
index 92fbab2..0ac8b1c 100644
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@@ -2228,16 +2228,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
Connection conn = getConnection();
final String password = cmd.getPassword();
final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
- final String vmName = cmd.getVmName();
final String vmIpAddress = cmd.getVmIpAddress();
- final String local = vmName;
- // Run save_password_to_domr.sh
- String args = "-r " + routerPrivateIPAddress;
+ String args = "savepassword.sh " + routerPrivateIPAddress;
args += " -v " + vmIpAddress;
args += " -p " + password;
- args += " " + local;
- String result = callHostPlugin(conn, "vmops", "savePassword", "args", args);
+ String result = callHostPlugin(conn, "vmops", "routerProxy", "args", args);
if (result == null || result.isEmpty()) {
return new Answer(cmd, false, "savePassword failed");
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh b/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh
new file mode 100755
index 0000000..1ea27e5
--- /dev/null
+++ b/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh
@@ -0,0 +1,65 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements. See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership. The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License. You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied. See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+
+
+
+# Usage
+# save_password -v <user VM IP> -p <password>
+
+source /root/func.sh
+
+lock="passwdlock"
+#default timeout value is 30 mins as password reset command is not synchronized on agent side any more,
+#and multiple commands can be sent to the same VR at a time
+locked=$(getLockFile $lock 1800)
+if [ "$locked" != "1" ]
+then
+ exit 1
+fi
+
+PASSWD_FILE=/var/cache/cloud/passwords
+
+while getopts 'v:p:' OPTION
+do
+ case $OPTION in
+ v) VM_IP="$OPTARG"
+ ;;
+ p)
+ ENCODEDPASSWORD="$OPTARG"
+ PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]')
+ ;;
+ ?) echo "Incorrect usage"
+ unlock_exit 1 $lock $locked
+ ;;
+ esac
+done
+
+[ -f $PASSWD_FILE ] || touch $PASSWD_FILE
+
+sed -i /$VM_IP/d $PASSWD_FILE
+
+ps aux | grep serve_password.sh |grep -v grep 2>&1 > /dev/null
+if [ $? -eq 0 ]
+then
+ echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
+else
+ echo "$VM_IP=saved_password" >> $PASSWD_FILE
+fi
+
+unlock_exit $? $lock $locked
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ b/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
index 1a390e6..95cabd6b 100755
--- a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
+++ b/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
@@ -25,10 +25,13 @@ then
if [ $diff -lt 30 ]
then
echo Keepalived process is dead! >> [RROUTER_LOG]
+ [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
+ [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+ [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
service keepalived stop >> [RROUTER_LOG] 2>&1
service conntrackd stop >> [RROUTER_LOG] 2>&1
pkill -9 keepalived >> [RROUTER_LOG] 2>&1
- [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+ pkill -9 conntrackd >> [RROUTER_LOG] 2>&1
echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG]
exit
fi
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ b/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
index aecb08d..c008a9c 100644
--- a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
+++ b/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
@@ -27,7 +27,11 @@ fi
echo To fault called >> [RROUTER_LOG]
[RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+echo Disable public ip >> [RROUTER_LOG]
+[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
+echo Stop services $? >> [RROUTER_LOG]
[RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
+echo Switch conntrackd mode fault $? >> [RROUTER_LOG]
echo Status: FAULT >> [RROUTER_LOG]
releaseLockFile $lock $locked
http://git-wip-us.apache.org/repos/asf/cloudstack/blob/484d6c4e/systemvm/patches/debian/config/root/savepassword.sh
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/root/savepassword.sh b/systemvm/patches/debian/config/root/savepassword.sh
deleted file mode 100755
index fc73603..0000000
--- a/systemvm/patches/debian/config/root/savepassword.sh
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements. See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership. The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License. You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied. See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
-
-
-# Usage
-# save_password -v <user VM IP> -p <password>
-
-source /root/func.sh
-
-lock="passwdlock"
-#default timeout value is 30 mins as password reset command is not synchronized on agent side any more,
-#and multiple commands can be sent to the same VR at a time
-locked=$(getLockFile $lock 1800)
-if [ "$locked" != "1" ]
-then
- exit 1
-fi
-
-PASSWD_FILE=/var/cache/cloud/passwords
-
-while getopts 'v:p:' OPTION
-do
- case $OPTION in
- v) VM_IP="$OPTARG"
- ;;
- p)
- ENCODEDPASSWORD="$OPTARG"
- PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]')
- ;;
- ?) echo "Incorrect usage"
- unlock_exit 1 $lock $locked
- ;;
- esac
-done
-
-[ -f $PASSWD_FILE ] || touch $PASSWD_FILE
-
-sed -i /$VM_IP/d $PASSWD_FILE
-echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
-
-unlock_exit $? $lock $locked