You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by GitBox <gi...@apache.org> on 2017/12/10 21:37:03 UTC
[GitHub] rhtyd closed pull request #1603: Vrouter fixes pylint
rhtyd closed pull request #1603: Vrouter fixes pylint
URL: https://github.com/apache/cloudstack/pull/1603
This is a PR merged from a forked repository.
As GitHub hides the original diff on merge, it is displayed below for
the sake of provenance:
As this is a foreign pull request (from a fork), the diff is supplied
below (as it won't show otherwise due to GitHub magic):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py b/systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py
index 51ab5822353..24538af5885 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/baremetal-vr.py
@@ -15,8 +15,6 @@
#specific language governing permissions and limitations
#under the License.
-__author__ = 'frank'
-
import subprocess
import urllib
import hmac
@@ -27,6 +25,8 @@
from flask import Flask
+__author__ = 'frank'
+
app = Flask(__name__)
logger = logging.getLogger('baremetal-vr')
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/configure.py b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
index dd164a2aae6..524bc6ac852 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@@ -16,28 +16,20 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import sys
-import os
import base64
-
-from merge import DataBag
-from pprint import pprint
-import subprocess
import logging
-import re
-import time
-import shutil
-import os.path
import os
+import os.path
+import re
+import sys
from fcntl import flock, LOCK_EX, LOCK_UN
-from cs.CsDatabag import CsDataBag, CsCmdLine
-import cs.CsHelper
+from cs.CsDatabag import CsDataBag
+from cs import CsHelper
from cs.CsNetfilter import CsNetfilters
from cs.CsDhcp import CsDhcp
-from cs.CsRedundant import *
+from cs.CsRedundant import CsRedundant
from cs.CsFile import CsFile
-from cs.CsApp import CsApache, CsDnsmasq
from cs.CsMonitor import CsMonitor
from cs.CsLoadBalancer import CsLoadBalancer
from cs.CsConfig import CsConfig
@@ -46,9 +38,8 @@
class CsPassword(CsDataBag):
-
- TOKEN_FILE="/tmp/passwdsrvrtoken"
-
+ TOKEN_FILE = "/tmp/passwdsrvrtoken"
+
def process(self):
for item in self.dbag:
if item == "id":
@@ -61,7 +52,7 @@ def __update(self, vm_ip, password):
tokenFile = open(self.TOKEN_FILE)
token = tokenFile.read()
except IOError:
- logging.debug("File %s does not exist" % self.TOKEN_FILE)
+ logging.debug("File %s does not exist", self.TOKEN_FILE)
ips_cmd = "ip addr show | grep inet | awk '{print $2}'"
ips = CsHelper.execute(ips_cmd)
@@ -69,19 +60,28 @@ def __update(self, vm_ip, password):
server_ip = ip.split('/')[0]
proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', server_ip])
if proc.find():
- update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
- '-F "token={TOKEN}" >/dev/null 2>/dev/null &'.format(SERVER_IP=server_ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
+ update_command = (
+ 'curl --header "DomU_Request: save_password"'
+ ' "http://{SERVER_IP}:8080/" -F "ip={VM_IP}"'
+ ' -F "password={PASSWORD}" -F "token={TOKEN}"'
+ '>/dev/null 2>/dev/null &'.format(
+ SERVER_IP=server_ip,
+ VM_IP=vm_ip,
+ PASSWORD=password,
+ TOKEN=token,
+ )
+ )
result = CsHelper.execute(update_command)
- logging.debug("Update password server result ==> %s" % result)
+ logging.debug("Update password server result ==> %s", result)
class CsAcl(CsDataBag):
- """
- Deal with Network acls
+ """Deal with Network acls
"""
class AclIP():
- """ For type Virtual Router """
+ """For type Virtual Router
+ """
def __init__(self, obj, fw):
self.fw = fw.get_fw()
@@ -99,7 +99,7 @@ def __init__(self, obj, fw):
self.rule['allowed'] = True
self.rule['action'] = "ACCEPT"
-
+
if self.rule['type'] == 'all' and not obj['source_cidr_list']:
self.rule['cidr'] = ['0.0.0.0/0']
else:
@@ -118,14 +118,14 @@ def add_rule(self, cidr):
if "icmp_type" in self.rule.keys() and self.rule['icmp_type'] != -1:
icmp_type = self.rule['icmp_type']
if "icmp_code" in self.rule.keys() and rule['icmp_code'] != -1:
- icmp_type = "%s/%s" % (self.rule['icmp_type'], self.rule['icmp_code'])
+ icmp_type = "%(icmp_type)s/%(icmp_code)s" % self.rule
rnge = ''
if "first_port" in self.rule.keys() and \
- self.rule['first_port'] == self.rule['last_port']:
- rnge = self.rule['first_port']
+ self.rule['first_port'] == self.rule['last_port']:
+ rnge = self.rule['first_port']
if "first_port" in self.rule.keys() and \
- self.rule['first_port'] != self.rule['last_port']:
- rnge = "%s:%s" % (rule['first_port'], rule['last_port'])
+ self.rule['first_port'] != self.rule['last_port']:
+ rnge = "%s:%s" % (rule['first_port'], rule['last_port'])
if self.direction == 'ingress':
if rule['protocol'] == "icmp":
self.fw.append(["mangle", "front",
@@ -154,19 +154,22 @@ def add_rule(self, cidr):
" --icmp-type %s -j %s" % (icmp_type, self.rule['action'])])
else:
fwr = " -I FW_EGRESS_RULES"
- #In case we have a default rule (accept all or drop all), we have to evaluate the action again.
+ # In case we have a default rule (accept all or drop all),
+ # we have to evaluate the action again.
if rule['type'] == 'all' and not rule['source_cidr_list']:
fwr = " -A FW_EGRESS_RULES"
# For default egress ALLOW or DENY, the logic is inverted.
- # Having default_egress_policy == True, means that the default rule should have ACCEPT,
- # otherwise DROP. The rule should be appended, not inserted.
+ # Having default_egress_policy == True means that
+ # the default rule should have ACCEPT, otherwise DROP.
+ # The rule should be appended, not inserted.
if self.rule['default_egress_policy']:
self.rule['action'] = "ACCEPT"
else:
self.rule['action'] = "DROP"
else:
- # For other rules added, if default_egress_policy == True, following rules should be DROP,
- # otherwise ACCEPT
+ # For other rules added,
+ # if default_egress_policy == True,
+ # following rules should be DROP, otherwise ACCEPT
if self.rule['default_egress_policy']:
self.rule['action'] = "DROP"
else:
@@ -224,7 +227,8 @@ def init_vpc(self, direction, acl, rule, config):
self.table = ""
self.device = acl.device
self.direction = direction
- # acl is an object of the AclDevice type. So, its fw attribute is already a list.
+ # acl is an object of the AclDevice type.
+ # So, its fw attribute is already a list.
self.fw = acl.fw
self.chain = config.get_ingress_chain(self.device, acl.ip)
self.dest = "-s %s" % rule['cidr']
@@ -283,29 +287,30 @@ class CsVmMetadata(CsDataBag):
def process(self):
for ip in self.dbag:
- if ("id" == ip):
+ if ip == "id":
continue
- logging.info("Processing metadata for %s" % ip)
+ logging.info("Processing metadata for %s", ip)
for item in self.dbag[ip]:
folder = item[0]
- file = item[1]
+ filename = item[1]
data = item[2]
# process only valid data
if folder != "userdata" and folder != "metadata":
continue
- if file == "":
+ if filename == "":
continue
- self.__htaccess(ip, folder, file)
+ self.__htaccess(ip, folder, filename)
if data == "":
- self.__deletefile(ip, folder, file)
+ self.__deletefile(ip, folder, filename)
else:
- self.__createfile(ip, folder, file, data)
+ self.__createfile(ip, folder, filename, data)
- def __deletefile(self, ip, folder, file):
+ @staticmethod
+ def __deletefile(ip, folder, file):
datafile = "/var/www/html/" + folder + "/" + ip + "/" + file
if os.path.exists(datafile):
@@ -340,10 +345,12 @@ def __createfile(self, ip, folder, file, data):
except OSError as e:
# error 17 is already exists, we do it this way for concurrency
if e.errno != 17:
- print "failed to make directories " + metamanifestdir + " due to :" + e.strerror
+ print "failed to make directories %s due to : %s" % (
+ metamanifestdir, e.strerror)
sys.exit(1)
if os.path.exists(metamanifest):
- fh = open(metamanifest, "r+a")
+ fh = open(metamanifest, "a+")
+ fh = open(metamanifest, "a+")
self.__exflock(fh)
if file not in fh.read():
fh.write(file + '\n')
@@ -367,7 +374,8 @@ def __htaccess(self, ip, folder, file):
CsHelper.mkdir(htaccessFolder, 0755, True)
if os.path.exists(htaccessFile):
- fh = open(htaccessFile, "r+a")
+ fh = open(htaccessFile, "a+")
+ fh = open(htaccessFile, "a+")
self.__exflock(fh)
if entry not in fh.read():
fh.write(entry + '\n')
@@ -388,7 +396,8 @@ def __htaccess(self, ip, folder, file):
try:
os.makedirs(htaccessFolder, 0755)
except OSError as e:
- # error 17 is already exists, we do it this way for sake of concurrency
+ # error 17 is already exists,
+ # we do it this way for sake of concurrency
if e.errno != 17:
print "failed to make directories " + htaccessFolder + " due to :" + e.strerror
sys.exit(1)
@@ -404,7 +413,8 @@ def __htaccess(self, ip, folder, file):
htaccessFolder = "/var/www/html/latest"
htaccessFile = htaccessFolder + "/.htaccess"
- fh = open(htaccessFile, "r+a")
+ fh = open(htaccessFile, "a+")
+ fh = open(htaccessFile, "a+")
self.__exflock(fh)
if entry not in fh.read():
fh.write(entry + '\n')
@@ -417,7 +427,8 @@ def __htaccess(self, ip, folder, file):
self.__unflock(fh)
fh.close()
- def __exflock(self, file):
+ @staticmethod
+ def __exflock(file):
try:
flock(file, LOCK_EX)
except IOError as e:
@@ -425,10 +436,11 @@ def __exflock(self, file):
sys.exit(1) # FIXME
return True
- def __unflock(self, file):
+ @staticmethod
+ def __unflock(file):
try:
flock(file, LOCK_UN)
- except IOError:
+ except IOError as e:
print "failed to unlock file" + file.name + " due to : " + e.strerror
sys.exit(1) # FIXME
return True
@@ -437,11 +449,11 @@ def __unflock(self, file):
class CsSite2SiteVpn(CsDataBag):
"""
Setup any configured vpns (using swan)
- left is the local machine
- right is where the clients connect from
+ Left is the local machine, right is where the clients connect from.
"""
VPNCONFDIR = "/etc/ipsec.d"
+ confips = None
def process(self):
self.confips = []
@@ -503,38 +515,38 @@ def configure_ipsec(self, obj):
vpnsecretsfile = "%s/ipsec.vpn-%s.secrets" % (self.VPNCONFDIR, rightpeer)
if rightpeer in self.confips:
self.confips.remove(rightpeer)
- file = CsFile(vpnconffile)
- file.search("conn ", "conn vpn-%s" % rightpeer)
- file.addeq(" left=%s" % leftpeer)
- file.addeq(" leftsubnet=%s" % obj['local_guest_cidr'])
- file.addeq(" leftnexthop=%s" % obj['local_public_gateway'])
- file.addeq(" right=%s" % rightpeer)
- file.addeq(" rightsubnets={%s}" % peerlist)
- file.addeq(" type=tunnel")
- file.addeq(" authby=secret")
- file.addeq(" keyexchange=ike")
- file.addeq(" ike=%s" % obj['ike_policy'])
- file.addeq(" ikelifetime=%s" % self.convert_sec_to_h(obj['ike_lifetime']))
- file.addeq(" esp=%s" % obj['esp_policy'])
- file.addeq(" salifetime=%s" % self.convert_sec_to_h(obj['esp_lifetime']))
+ cs_file = CsFile(vpnconffile)
+ cs_file.search("conn ", "conn vpn-%s" % rightpeer)
+ cs_file.addeq(" left=%s" % leftpeer)
+ cs_file.addeq(" leftsubnet=%s" % obj['local_guest_cidr'])
+ cs_file.addeq(" leftnexthop=%s" % obj['local_public_gateway'])
+ cs_file.addeq(" right=%s" % rightpeer)
+ cs_file.addeq(" rightsubnets={%s}" % peerlist)
+ cs_file.addeq(" type=tunnel")
+ cs_file.addeq(" authby=secret")
+ cs_file.addeq(" keyexchange=ike")
+ cs_file.addeq(" ike=%s" % obj['ike_policy'])
+ cs_file.addeq(" ikelifetime=%s" % self.convert_sec_to_h(obj['ike_lifetime']))
+ cs_file.addeq(" esp=%s" % obj['esp_policy'])
+ cs_file.addeq(" salifetime=%s" % self.convert_sec_to_h(obj['esp_lifetime']))
if "modp" in obj['esp_policy']:
- file.addeq(" pfs=yes")
+ cs_file.addeq(" pfs=yes")
else:
- file.addeq(" pfs=no")
- file.addeq(" keyingtries=2")
- file.addeq(" auto=start")
+ cs_file.addeq(" pfs=no")
+ cs_file.addeq(" keyingtries=2")
+ cs_file.addeq(" auto=start")
if 'encap' not in obj:
- obj['encap']=False
- file.addeq(" forceencaps=%s" % CsHelper.bool_to_yn(obj['encap']))
+ obj['encap'] = False
+ cs_file.addeq(" forceencaps=%s" % CsHelper.bool_to_yn(obj['encap']))
if obj['dpd']:
- file.addeq(" dpddelay=30")
- file.addeq(" dpdtimeout=120")
- file.addeq(" dpdaction=restart")
+ cs_file.addeq(" dpddelay=30")
+ cs_file.addeq(" dpdtimeout=120")
+ cs_file.addeq(" dpdaction=restart")
secret = CsFile(vpnsecretsfile)
- secret.search("%s " % leftpeer, "%s %s: PSK \"%s\"" % (leftpeer, rightpeer, obj['ipsec_psk']))
- if secret.is_changed() or file.is_changed():
+ secret.search("%s " % leftpeer, r"%s %s: PSK \"%s\"" % (leftpeer, rightpeer, obj['ipsec_psk']))
+ if secret.is_changed() or cs_file.is_changed():
secret.commit()
- file.commit()
+ cs_file.commit()
logging.info("Configured vpn %s %s", leftpeer, rightpeer)
CsHelper.execute("ipsec auto --rereadall")
CsHelper.execute("ipsec auto --add vpn-%s" % rightpeer)
@@ -542,19 +554,21 @@ def configure_ipsec(self, obj):
CsHelper.execute("ipsec auto --up vpn-%s" % rightpeer)
os.chmod(vpnsecretsfile, 0o400)
- def convert_sec_to_h(self, val):
+ @staticmethod
+ def convert_sec_to_h(val):
hrs = int(val) / 3600
return "%sh" % hrs
class CsVpnUser(CsDataBag):
- PPP_CHAP='/etc/ppp/chap-secrets'
+ PPP_CHAP = '/etc/ppp/chap-secrets'
+ confips = None
def process(self):
for user in self.dbag:
if user == 'id':
continue
- userconfig=self.dbag[user]
+ userconfig = self.dbag[user]
if userconfig['add']:
self.add_l2tp_ipsec_user(user, userconfig)
else:
@@ -564,33 +578,32 @@ def add_l2tp_ipsec_user(self, user, obj):
userfound = False
password = obj['password']
- userSearchEntry = "%s \* %s \*"%(user,password)
- userAddEntry = "%s * %s *" %(user,password)
- logging.debug("Adding vpn user %s" %userSearchEntry)
+ userSearchEntry = r"%s \* %s \*" % (user, password)
+ userAddEntry = "%s * %s *" % (user, password)
+ logging.debug("Adding vpn user %s", userSearchEntry)
- file = CsFile(self.PPP_CHAP)
- userfound = file.searchString(userSearchEntry, '#')
+ cs_file = CsFile(self.PPP_CHAP)
+ userfound = cs_file.searchString(userSearchEntry, '#')
if not userfound:
logging.debug("User is not there already, so adding user ")
self.del_l2tp_ipsec_user(user, obj)
- file.add(userAddEntry)
- file.commit()
+ cs_file.add(userAddEntry)
+ cs_file.commit()
def del_l2tp_ipsec_user(self, user, obj):
- userfound = False
password = obj['password']
- userentry = "%s \* %s \*"%(user,password)
+ userentry = r"%s \* %s \*" % (user, password)
- logging.debug("Deleting the user %s " % user)
- file = CsFile(self.PPP_CHAP)
- file.deleteLine(userentry)
- file.commit()
+ logging.debug("Deleting the user %s ", user)
+ cs_file = CsFile(self.PPP_CHAP)
+ cs_file.deleteLine(userentry)
+ cs_file.commit()
if not os.path.exists('/var/run/pppd2.tdb'):
return
- logging.debug("kiing the PPPD process for the user %s " % user)
+ logging.debug("kiing the PPPD process for the user %s ", user)
fileContents = CsHelper.execute("tdbdump /var/run/pppd2.tdb")
print fileContents
@@ -604,13 +617,13 @@ def del_l2tp_ipsec_user(self, user, obj):
if pppd == 'PPPD_PID':
pid = str.split('=')[1]
if pid:
- logging.debug("killing process %s" %pid)
+ logging.debug("killing process %s", pid)
CsHelper.execute('kill -9 %s' % pid)
-
class CsRemoteAccessVpn(CsDataBag):
VPNCONFDIR = "/etc/ipsec.d"
+ confips = None
def process(self):
self.confips = []
@@ -619,14 +632,14 @@ def process(self):
for public_ip in self.dbag:
if public_ip == "id":
continue
- vpnconfig=self.dbag[public_ip]
+ vpnconfig = self.dbag[public_ip]
#Enable remote access vpn
if vpnconfig['create']:
- logging.debug("Enabling remote access vpn on "+ public_ip)
+ logging.debug("Enabling remote access vpn on %s", public_ip)
CsHelper.start_if_stopped("ipsec")
self.configure_l2tpIpsec(public_ip, self.dbag[public_ip])
- logging.debug("Remote accessvpn data bag %s", self.dbag)
+ logging.debug("Remote accessvpn data bag %s", self.dbag)
self.remoteaccessvpn_iptables(public_ip, self.dbag[public_ip])
CsHelper.execute("ipsec auto --rereadall")
@@ -641,41 +654,39 @@ def process(self):
CsHelper.execute("service xl2tpd stop")
- def configure_l2tpIpsec(self, left, obj):
- vpnconffile="%s/l2tp.conf" % (self.VPNCONFDIR)
- vpnsecretfilte="%s/ipsec.any.secrets" % (self.VPNCONFDIR)
- xl2tpdconffile="/etc/xl2tpd/xl2tpd.conf"
- xl2tpoptionsfile='/etc/ppp/options.xl2tpd'
+ def configure_l2tpIpsec(self, left, obj):
+ vpnconffile = "%s/l2tp.conf" % (self.VPNCONFDIR)
+ vpnsecretfilte = "%s/ipsec.any.secrets" % (self.VPNCONFDIR)
+ xl2tpdconffile = "/etc/xl2tpd/xl2tpd.conf"
+ xl2tpoptionsfile = '/etc/ppp/options.xl2tpd'
- file = CsFile(vpnconffile)
- localip=obj['local_ip']
- localcidr=obj['local_cidr']
- publicIface=obj['public_interface']
- iprange=obj['ip_range']
- psk=obj['preshared_key']
+ cs_file = CsFile(vpnconffile)
+ localip = obj['local_ip']
+ iprange = obj['ip_range']
+ psk = obj['preshared_key']
#left
- file.addeq(" left=%s" % left)
- file.commit()
+ cs_file.addeq(" left=%s" % left)
+ cs_file.commit()
secret = CsFile(vpnsecretfilte)
- secret.addeq(": PSK \"%s\"" %psk)
+ secret.addeq(": PSK \"%s\"" % psk)
secret.commit()
xl2tpdconf = CsFile(xl2tpdconffile)
- xl2tpdconf.addeq("ip range = %s" %iprange)
- xl2tpdconf.addeq("local ip = %s" %localip)
+ xl2tpdconf.addeq("ip range = %s" % iprange)
+ xl2tpdconf.addeq("local ip = %s" % localip)
xl2tpdconf.commit()
- xl2tpoptions=CsFile(xl2tpoptionsfile)
- xl2tpoptions.search("ms-dns ", "ms-dns %s" %localip)
+ xl2tpoptions = CsFile(xl2tpoptionsfile)
+ xl2tpoptions.search("ms-dns ", "ms-dns %s" % localip)
xl2tpoptions.commit()
def remoteaccessvpn_iptables(self, publicip, obj):
- publicdev=obj['public_interface']
- localcidr=obj['local_cidr']
- local_ip=obj['local_ip']
+ publicdev = obj['public_interface']
+ localcidr = obj['local_cidr']
+ local_ip = obj['local_ip']
self.fw.append(["", "", "-A INPUT -i %s --dst %s -p udp -m udp --dport 500 -j ACCEPT" % (publicdev, publicip)])
@@ -685,31 +696,31 @@ def remoteaccessvpn_iptables(self, publicip, obj):
self.fw.append(["", "", "-A INPUT -i %s -p esp -j ACCEPT" % publicdev])
if self.config.is_vpc():
- self.fw.append(["", ""," -N VPN_FORWARD"])
- self.fw.append(["", "","-I FORWARD -i ppp+ -j VPN_FORWARD"])
- self.fw.append(["", "","-I FORWARD -o ppp+ -j VPN_FORWARD"])
- self.fw.append(["", "","-I FORWARD -o ppp+ -j VPN_FORWARD"])
- self.fw.append(["", "","-A VPN_FORWARD -s %s -j RETURN" %localcidr])
- self.fw.append(["", "","-A VPN_FORWARD -i ppp+ -d %s -j RETURN" %localcidr])
- self.fw.append(["", "","-A VPN_FORWARD -i ppp+ -o ppp+ -j RETURN"])
+ self.fw.append(["", "", " -N VPN_FORWARD"])
+ self.fw.append(["", "", "-I FORWARD -i ppp+ -j VPN_FORWARD"])
+ self.fw.append(["", "", "-I FORWARD -o ppp+ -j VPN_FORWARD"])
+ self.fw.append(["", "", "-I FORWARD -o ppp+ -j VPN_FORWARD"])
+ self.fw.append(["", "", "-A VPN_FORWARD -s %s -j RETURN" %localcidr])
+ self.fw.append(["", "", "-A VPN_FORWARD -i ppp+ -d %s -j RETURN" %localcidr])
+ self.fw.append(["", "", "-A VPN_FORWARD -i ppp+ -o ppp+ -j RETURN"])
else:
- self.fw.append(["", "","-A FORWARD -i ppp+ -o ppp+ -j ACCEPT"])
- self.fw.append(["", "","-A FORWARD -s %s -o ppp+ -j ACCEPT" % localcidr])
- self.fw.append(["", "","-A FORWARD -i ppp+ -d %s -j ACCEPT" % localcidr])
+ self.fw.append(["", "", "-A FORWARD -i ppp+ -o ppp+ -j ACCEPT"])
+ self.fw.append(["", "", "-A FORWARD -s %s -o ppp+ -j ACCEPT" % localcidr])
+ self.fw.append(["", "", "-A FORWARD -i ppp+ -d %s -j ACCEPT" % localcidr])
- self.fw.append(["", "","-A INPUT -i ppp+ -m udp -p udp --dport 53 -j ACCEPT"])
- self.fw.append(["", "","-A INPUT -i ppp+ -m tcp -p tcp --dport 53 -j ACCEPT"])
- self.fw.append(["nat", "","-I PREROUTING -i ppp+ -m tcp --dport 53 -j DNAT --to-destination %s" % local_ip])
+ self.fw.append(["", "", "-A INPUT -i ppp+ -m udp -p udp --dport 53 -j ACCEPT"])
+ self.fw.append(["", "", "-A INPUT -i ppp+ -m tcp -p tcp --dport 53 -j ACCEPT"])
+ self.fw.append(["nat", "", "-I PREROUTING -i ppp+ -m tcp --dport 53 -j DNAT --to-destination %s" % local_ip])
if self.config.is_vpc():
return
- self.fw.append(["mangle", "","-N VPN_%s " %publicip])
- self.fw.append(["mangle", "","-A VPN_%s -j RETURN " % publicip])
- self.fw.append(["mangle", "","-I VPN_%s -p ah -j ACCEPT " % publicip])
- self.fw.append(["mangle", "","-I VPN_%s -p esp -j ACCEPT " % publicip])
- self.fw.append(["mangle", "","-I PREROUTING -d %s -j VPN_%s " % (publicip, publicip)])
+ self.fw.append(["mangle", "", "-N VPN_%s " %publicip])
+ self.fw.append(["mangle", "", "-A VPN_%s -j RETURN " % publicip])
+ self.fw.append(["mangle", "", "-I VPN_%s -p ah -j ACCEPT " % publicip])
+ self.fw.append(["mangle", "", "-I VPN_%s -p esp -j ACCEPT " % publicip])
+ self.fw.append(["mangle", "", "-I PREROUTING -d %s -j VPN_%s " % (publicip, publicip)])
class CsForwardingRules(CsDataBag):
@@ -756,7 +767,8 @@ def getGatewayByIp(self, ipa):
return interface.get_gateway()
return None
- def portsToString(self, ports, delimiter):
+ @staticmethod
+ def portsToString(ports, delimiter):
ports_parts = ports.split(":", 2)
if ports_parts[0] == ports_parts[1]:
return str(ports_parts[0])
@@ -775,70 +787,63 @@ def forward_vr(self, rule):
internal_fwinterface = self.getDeviceByIp(rule['internal_ip'])
public_fwports = self.portsToString(rule['public_ports'], ':')
internal_fwports = self.portsToString(rule['internal_ports'], '-')
- fw1 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j DNAT --to-destination %s:%s" % \
- (
- rule['public_ip'],
- public_fwinterface,
- rule['protocol'],
- rule['protocol'],
- public_fwports,
- rule['internal_ip'],
- internal_fwports
- )
- fw2 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j DNAT --to-destination %s:%s" % \
- (
- rule['public_ip'],
- internal_fwinterface,
- rule['protocol'],
- rule['protocol'],
- public_fwports,
- rule['internal_ip'],
- internal_fwports
- )
- fw3 = "-A OUTPUT -d %s/32 -p %s -m %s --dport %s -j DNAT --to-destination %s:%s" % \
- (
- rule['public_ip'],
- rule['protocol'],
- rule['protocol'],
- public_fwports,
- rule['internal_ip'],
- internal_fwports
- )
- fw4 = "-j SNAT --to-source %s -A POSTROUTING -s %s -d %s/32 -o %s -p %s -m %s --dport %s" % \
- (
- self.getGuestIp(),
- self.getNetworkByIp(rule['internal_ip']),
- rule['internal_ip'],
- internal_fwinterface,
- rule['protocol'],
- rule['protocol'],
- self.portsToString(rule['internal_ports'], ':')
- )
- fw5 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j MARK --set-xmark %s/0xffffffff" % \
- (
- rule['public_ip'],
- public_fwinterface,
- rule['protocol'],
- rule['protocol'],
- public_fwports,
- hex(int(public_fwinterface[3:]))
- )
- fw6 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -m state --state NEW -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" % \
- (
- rule['public_ip'],
- public_fwinterface,
- rule['protocol'],
- rule['protocol'],
- public_fwports,
- )
- fw7 = "-A FORWARD -i %s -o %s -p %s -m %s --dport %s -m state --state NEW,ESTABLISHED -j ACCEPT" % \
- (
- public_fwinterface,
- internal_fwinterface,
- rule['protocol'],
- rule['protocol'],
- self.portsToString(rule['internal_ports'], ':')
- )
+ fw1 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j DNAT --to-destination %s:%s" % (
+ rule['public_ip'],
+ public_fwinterface,
+ rule['protocol'],
+ rule['protocol'],
+ public_fwports,
+ rule['internal_ip'],
+ internal_fwports
+ )
+ fw2 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j DNAT --to-destination %s:%s" % (
+ rule['public_ip'],
+ internal_fwinterface,
+ rule['protocol'],
+ rule['protocol'],
+ public_fwports,
+ rule['internal_ip'],
+ internal_fwports
+ )
+ fw3 = "-A OUTPUT -d %s/32 -p %s -m %s --dport %s -j DNAT --to-destination %s:%s" % (
+ rule['public_ip'],
+ rule['protocol'],
+ rule['protocol'],
+ public_fwports,
+ rule['internal_ip'],
+ internal_fwports
+ )
+ fw4 = "-j SNAT --to-source %s -A POSTROUTING -s %s -d %s/32 -o %s -p %s -m %s --dport %s" % (
+ self.getGuestIp(),
+ self.getNetworkByIp(rule['internal_ip']),
+ rule['internal_ip'],
+ internal_fwinterface,
+ rule['protocol'],
+ rule['protocol'],
+ self.portsToString(rule['internal_ports'], ':')
+ )
+ fw5 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -j MARK --set-xmark %s/0xffffffff" % (
+ rule['public_ip'],
+ public_fwinterface,
+ rule['protocol'],
+ rule['protocol'],
+ public_fwports,
+ hex(int(public_fwinterface[3:]))
+ )
+ fw6 = "-A PREROUTING -d %s/32 -i %s -p %s -m %s --dport %s -m state --state NEW -j CONNMARK --save-mark --nfmask 0xffffffff --ctmask 0xffffffff" % (
+ rule['public_ip'],
+ public_fwinterface,
+ rule['protocol'],
+ rule['protocol'],
+ public_fwports,
+ )
+ fw7 = "-A FORWARD -i %s -o %s -p %s -m %s --dport %s -m state --state NEW,ESTABLISHED -j ACCEPT" % (
+ public_fwinterface,
+ internal_fwinterface,
+ rule['protocol'],
+ rule['protocol'],
+ self.portsToString(rule['internal_ports'], ':')
+ )
self.fw.append(["nat", "", fw1])
self.fw.append(["nat", "", fw2])
self.fw.append(["nat", "", fw3])
@@ -848,9 +853,12 @@ def forward_vr(self, rule):
self.fw.append(["filter", "", fw7])
def forward_vpc(self, rule):
- fw_prerout_rule = "-A PREROUTING -d %s/32 -i %s" % (rule["public_ip"], self.getDeviceByIp(rule['public_ip']))
+ fw_prerout_rule = "-A PREROUTING -d %s/32 -i %s" % (
+ rule["public_ip"],
+ self.getDeviceByIp(rule['public_ip'])
+ )
if not rule["protocol"] == "any":
- fw_prerout_rule += " -m %s -p %s" % (rule["protocol"], rule["protocol"])
+ fw_prerout_rule += " -m %(protocol)s -p %(protocol)s" % rule
if not rule["public_ports"] == "any":
fw_prerout_rule += " --dport %s" % self.portsToString(rule["public_ports"], ":")
fw_prerout_rule += " -j DNAT --to-destination %s" % rule["internal_ip"]
@@ -883,25 +891,59 @@ def processStaticNatRule(self, rule):
# FIXME this needs ordering with the VPN no nat rule
device = self.getDeviceByIp(rule["public_ip"])
if device is None:
- raise Exception("Ip address %s has no device in the ips databag" % rule["public_ip"])
- self.fw.append(["nat", "front",
- "-A PREROUTING -d %s/32 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])
- self.fw.append(["nat", "front",
- "-A POSTROUTING -o %s -s %s/32 -j SNAT --to-source %s" % (device, rule["internal_ip"], rule["public_ip"])])
- self.fw.append(["nat", "front",
- "-A OUTPUT -d %s/32 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])
- self.fw.append(["filter", "",
- "-A FORWARD -i %s -o eth0 -d %s -m state --state NEW -j ACCEPT " % (device, rule["internal_ip"])])
+ raise Exception("IP address %s has no device in the ips databag" % rule["public_ip"])
+ self.fw.append([
+ "nat", "front",
+ "-A PREROUTING -d %s/32 -j DNAT --to-destination %s" % (
+ rule["public_ip"],
+ rule["internal_ip"],
+ )
+ ])
+ self.fw.append([
+ "nat", "front",
+ "-A POSTROUTING -o %s -s %s/32 -j SNAT --to-source %s" % (
+ device,
+ rule["internal_ip"],
+ rule["public_ip"],
+ )
+ ])
+ self.fw.append([
+ "nat", "front",
+ "-A OUTPUT -d %s/32 -j DNAT --to-destination %s" % (
+ rule["public_ip"],
+ rule["internal_ip"],
+ )
+ ])
+ self.fw.append([
+ "filter", "",
+ "-A FORWARD -i %s -o eth0 -d %s -m state --state NEW -j ACCEPT " % (
+ device,
+ rule["internal_ip"],
+ )
+ ])
#configure the hairpin nat
- self.fw.append(["nat", "front",
- "-A PREROUTING -d %s -i eth0 -j DNAT --to-destination %s" % (rule["public_ip"], rule["internal_ip"])])
-
- self.fw.append(["nat", "front", "-A POSTROUTING -s %s -d %s -j SNAT -o eth0 --to-source %s" % (self.getNetworkByIp(rule['internal_ip']),rule["internal_ip"], self.getGuestIp())])
+ self.fw.append([
+ "nat", "front",
+ "-A PREROUTING -d %s -i eth0 -j DNAT --to-destination %s" % (
+ rule["public_ip"],
+ rule["internal_ip"],
+ )
+ ])
+
+ self.fw.append([
+ "nat", "front",
+ "-A POSTROUTING -s %s -d %s -j SNAT -o eth0 --to-source %s" % (
+ self.getNetworkByIp(rule['internal_ip']),
+ rule["internal_ip"],
+ self.getGuestIp()
+ )
+ ])
def main(argv):
- # The file we are currently processing, if it is "cmd_line.json" everything will be processed.
+ # The file we are currently processing, if it is "cmd_line.json"
+ # everything will be processed.
process_file = argv[1]
# process_file can be None, if so assume cmd_line.json
@@ -947,7 +989,11 @@ def main(argv):
logging.debug("Configuring firewall rules")
iptables_change = True
- if process_file in ["cmd_line.json", "forwarding_rules.json", "staticnat_rules.json"]:
+ if process_file in [
+ "cmd_line.json",
+ "forwarding_rules.json",
+ "staticnat_rules.json"
+ ]:
logging.debug("Configuring PF rules")
iptables_change = True
@@ -1005,7 +1051,8 @@ def main(argv):
logging.debug("Configuring iptables rules done ...saving rules")
- # Save iptables configuration - will be loaded on reboot by the iptables-restore that is configured on /etc/rc.local
+ # Save iptables configuration - will be loaded on reboot
+ # by the iptables-restore that is configured on /etc/rc.local
CsHelper.save_iptables("iptables-save", "/etc/iptables/router_rules.v4")
CsHelper.save_iptables("ip6tables-save", "/etc/iptables/router_rules.v6")
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
index f78ec4c371c..9c8b5b3e2ed 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsAddress.py
@@ -16,14 +16,16 @@
# specific language governing permissions and limitations
# under the License.
import logging
-from netaddr import IPAddress, IPNetwork
import subprocess
import time
-import CsHelper
-from CsDatabag import CsDataBag
-from CsApp import CsApache, CsDnsmasq, CsPasswdSvc
-from CsRoute import CsRoute
-from CsRule import CsRule
+
+from netaddr import IPAddress, IPNetwork
+
+from cs import CsHelper
+from cs.CsDatabag import CsDataBag
+from cs.CsApp import CsApache, CsDnsmasq, CsPasswdSvc
+from cs.CsRoute import CsRoute
+from cs.CsRule import CsRule
VRRP_TYPES = ['guest']
@@ -52,11 +54,15 @@ def get_guest_if(self):
for interface in self.get_interfaces():
if interface.is_guest() and interface.is_added():
device = interface.get_device()
- device_suffix = int(''.join([digit for digit in device if digit.isdigit()]))
+ device_suffix = int(
+ ''.join([digit for digit in device if digit.isdigit()])
+ )
if device_suffix < lowest_device:
lowest_device = device_suffix
guest_interface = interface
- logging.debug("Guest interface will be set on device '%s' and IP '%s'" % (guest_interface.get_device(), guest_interface.get_ip()))
+ logging.debug(
+ "Guest interface will be set on device '%s' and IP '%s'",
+ guest_interface.get_device(), guest_interface.get_ip())
return guest_interface
def get_guest_ip(self):
@@ -79,7 +85,8 @@ def get_guest_netmask(self):
return ip.get_netmask()
return "255.255.255.0"
- def needs_vrrp(self, o):
+ @staticmethod
+ def needs_vrrp(o):
"""
Returns if the ip needs to be managed by keepalived or not
"""
@@ -104,17 +111,18 @@ def process(self):
for address in self.dbag[dev]:
ip.setAddress(address)
- logging.info("Address found in DataBag ==> %s" % address)
+ logging.info("Address found in DataBag ==> %s", address)
if ip.configured():
logging.info(
- "Address %s on device %s already configured", ip.ip(), dev)
+ "Address %s on device %s already configured",
+ ip.ip(), dev)
ip.post_configure(address)
else:
logging.info(
"Address %s on device %s not configured", ip.ip(), dev)
-
+
if CsDevice(dev, self.config).waitfordevice():
ip.configure(address)
@@ -191,7 +199,7 @@ def is_public(self):
if "nw_type" in self.address and self.address['nw_type'] in ['public']:
return True
return False
-
+
def is_added(self):
return self.get_attr("add")
@@ -229,7 +237,7 @@ def buildlist(self):
self.devlist = []
for line in open('/proc/net/dev'):
vals = line.lstrip().split(':')
- if (not vals[0].startswith("eth")):
+ if not vals[0].startswith("eth"):
continue
self.devlist.append(vals[0])
@@ -275,7 +283,7 @@ def configure(self, address):
cmd = "ip addr add dev %s %s brd +" % (self.dev, self.ip())
CsHelper.execute(cmd)
except Exception as e:
- logging.info("Exception occurred ==> %s" % e)
+ logging.info("Exception occurred ==> %s", e)
else:
self.delete(self.ip())
@@ -284,7 +292,7 @@ def configure(self, address):
def post_configure(self, address):
""" The steps that must be done after a device is configured """
route = CsRoute()
- if not self.get_type() in ["control"]:
+ if self.get_type() not in ["control"]:
route.add_table(self.dev)
CsRule(self.dev).addMark()
@@ -299,21 +307,24 @@ def post_configure(self, address):
CsRpsrfs(self.dev).enable()
self.post_config_change("add")
- '''For isolated/redundant and dhcpsrvr routers, call this method after the post_config is complete '''
+ # For isolated/redundant and dhcpsrvr routers,
+ # call this method after the post_config is complete
if not self.config.is_vpc():
self.setup_router_control()
if self.config.is_vpc() or self.cl.is_redundant():
- # The code looks redundant here, but we actually have to cater for routers and
- # VPC routers in a different manner. Please do not remove this block otherwise
- # The VPC default route will be broken.
- if self.get_type() in ["public"] and address["device"] == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
+ # The code looks redundant here, but we actually have to cater for
+ # routers and VPC routers in a different manner.
+ # Please do not remove this block otherwise the VPC default route
+ # will be broken.
+ if self.get_type() in ["public"] \
+ and address["device"] == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
gateway = str(address["gateway"])
route.add_defaultroute(gateway)
else:
# once we start processing public ip's we need to verify there
# is a default route and add if needed
- if(self.cl.get_gateway()):
+ if self.cl.get_gateway():
route.add_defaultroute(self.cl.get_gateway())
def set_mark(self):
@@ -351,7 +362,7 @@ def setup_router_control(self):
self.fw.append(["filter", "", "-P INPUT DROP"])
self.fw.append(["filter", "", "-P FORWARD DROP"])
-
+
def fw_router(self):
if self.config.is_vpc():
return
@@ -425,14 +436,14 @@ def fw_router(self):
self.fw.append(['', '', '-A NETWORK_STATS -i eth2 -o eth0'])
self.fw.append(['', '', '-A NETWORK_STATS -o eth2 ! -i eth0 -p tcp'])
self.fw.append(['', '', '-A NETWORK_STATS -i eth2 ! -o eth0 -p tcp'])
-
+
def fw_vpcrouter(self):
if not self.config.is_vpc():
return
self.fw.append(["mangle", "front", "-A PREROUTING " +
"-m state --state RELATED,ESTABLISHED " +
"-j CONNMARK --restore-mark --nfmask 0xffffffff --ctmask 0xffffffff"])
-
+
self.fw.append(["filter", "", "-A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT"])
if self.get_type() in ["guest"]:
@@ -460,36 +471,54 @@ def fw_vpcrouter(self):
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 80 -m state --state NEW -j ACCEPT" % self.dev])
self.fw.append(
["filter", "", "-A INPUT -i %s -p tcp -m tcp --dport 8080 -m state --state NEW -j ACCEPT" % self.dev])
- self.fw.append(["mangle", "",
- "-A PREROUTING -m state --state NEW -i %s -s %s ! -d %s/32 -j ACL_OUTBOUND_%s" %
- (self.dev, self.address[
- 'network'], self.address['gateway'], self.dev)
- ])
-
- self.fw.append(["", "front", "-A NETWORK_STATS_%s -i %s -d %s" %
- ("eth1", "eth1", self.address['network'])])
- self.fw.append(["", "front", "-A NETWORK_STATS_%s -o %s -s %s" %
- ("eth1", "eth1", self.address['network'])])
-
- self.fw.append(["nat", "front",
- "-A POSTROUTING -s %s -o %s -j SNAT --to-source %s" %
- (self.address['network'], self.dev,
- self.address['public_ip'])
- ])
+ self.fw.append([
+ "mangle", "",
+ "-A PREROUTING -m state --state NEW -i %s -s %s ! -d %s/32 -j ACL_OUTBOUND_%s" % (
+ self.dev,
+ self.address['network'],
+ self.address['gateway'],
+ self.dev
+ )
+ ])
+
+ self.fw.append([
+ "", "front", "-A NETWORK_STATS_%s -i %s -d %s" % (
+ "eth1", "eth1", self.address['network']
+ )
+ ])
+ self.fw.append([
+ "", "front", "-A NETWORK_STATS_%s -o %s -s %s" % (
+ "eth1", "eth1", self.address['network']
+ )
+ ])
+
+ self.fw.append([
+ "nat", "front",
+ "-A POSTROUTING -s %s -o %s -j SNAT --to-source %s" % (
+ self.address['network'],
+ self.dev,
+ self.address['public_ip']
+ )
+ ])
if self.get_type() in ["public"]:
- self.fw.append(["", "front",
- "-A FORWARD -o %s -d %s -j ACL_INBOUND_%s" % (
- self.dev, self.address['network'], self.dev)
- ])
- self.fw.append(
- ["mangle", "", "-A FORWARD -j VPN_STATS_%s" % self.dev])
+ self.fw.append([
+ "", "front", "-A FORWARD -o %s -d %s -j ACL_INBOUND_%s" % (
+ self.dev, self.address['network'], self.dev
+ )
+ ])
self.fw.append(
- ["mangle", "", "-A VPN_STATS_%s -o %s -m mark --mark 0x525/0xffffffff" % (self.dev, self.dev)])
+ ["mangle", "", "-A FORWARD -j VPN_STATS_%s" % self.dev]
+ )
+ self.fw.append([
+ "mangle", "", "-A VPN_STATS_%s -o %s -m mark --mark 0x525/0xffffffff" % (
+ self.dev, self.dev)])
+ self.fw.append([
+ "mangle", "", "-A VPN_STATS_%s -i %s -m mark --mark 0x524/0xffffffff" % (
+ self.dev, self.dev)])
self.fw.append(
- ["mangle", "", "-A VPN_STATS_%s -i %s -m mark --mark 0x524/0xffffffff" % (self.dev, self.dev)])
- self.fw.append(
- ["", "front", "-A FORWARD -j NETWORK_STATS_%s" % self.dev])
+ ["", "front", "-A FORWARD -j NETWORK_STATS_%s" % self.dev]
+ )
self.fw.append(["", "front", "-A FORWARD -j NETWORK_STATS"])
self.fw.append(["", "front", "-A INPUT -j NETWORK_STATS"])
@@ -524,7 +553,7 @@ def post_config_change(self, method):
self.fw_vpcrouter()
# On deletion nw_type will no longer be known
- if self.get_type() in ('guest'):
+ if self.get_type() in ['guest']:
if self.config.is_vpc() or self.config.is_router():
CsDevice(self.dev, self.config).configure_rp()
logging.error(
@@ -541,28 +570,34 @@ def post_config_change(self, method):
cmdline = self.config.cmdline()
# If redundant then this is dealt with by the master backup functions
if self.get_type() in ["guest"] and not cmdline.is_redundant():
- pwdsvc = CsPasswdSvc(self.address['public_ip']).start()
+ CsPasswdSvc(self.address['public_ip']).start()
if self.get_type() == "public" and self.config.is_vpc():
if self.address["source_nat"]:
vpccidr = cmdline.get_vpccidr()
- self.fw.append(
- ["filter", 3, "-A FORWARD -s %s ! -d %s -j ACCEPT" % (vpccidr, vpccidr)])
- self.fw.append(
- ["nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (self.dev, self.address['public_ip'])])
+ self.fw.append([
+ "filter", 3, "-A FORWARD -s %s ! -d %s -j ACCEPT" % (
+ vpccidr, vpccidr
+ )
+ ])
+ self.fw.append([
+ "nat", "", "-A POSTROUTING -j SNAT -o %s --to-source %s" % (
+ self.dev, self.address['public_ip']
+ )
+ ])
def list(self):
self.iplist = {}
cmd = ("ip addr show dev " + self.dev)
for i in CsHelper.execute(cmd):
vals = i.lstrip().split()
- if (vals[0] == 'inet'):
-
+ if vals[0] == 'inet':
+
cidr = vals[1]
for ip, device in self.iplist.iteritems():
logging.info(
- "Iterating over the existing IPs. CIDR to be configured ==> %s, existing IP ==> %s on device ==> %s",
- cidr, ip, device)
+ "Iterating over the existing IPs. CIDR to be configured ==> %s, existing IP ==> %s on device ==> %s",
+ cidr, ip, device)
if cidr[0] != ip[0] and device != self.dev:
self.iplist[cidr] = self.dev
@@ -601,7 +636,8 @@ def arpPing(self):
# Delete any ips that are configured but not in the bag
def compare(self, bag):
- if len(self.iplist) > 0 and (self.dev not in bag.keys() or len(bag[self.dev]) == 0):
+ if len(self.iplist) > 0 \
+ and (self.dev not in bag.keys() or len(bag[self.dev]) == 0):
# Remove all IPs on this device
logging.info(
"Will remove all configured addresses on device %s", self.dev)
@@ -612,7 +648,8 @@ def compare(self, bag):
# This condition should not really happen but did :)
# It means an apache file got orphaned after a guest network address
# was deleted
- if len(self.iplist) == 0 and (self.dev not in bag.keys() or len(bag[self.dev]) == 0):
+ if len(self.iplist) == 0 \
+ and (self.dev not in bag.keys() or len(bag[self.dev]) == 0):
app = CsApache(self)
app.remove()
@@ -622,7 +659,7 @@ def compare(self, bag):
for address in bag[self.dev]:
self.setAddress(address)
if (self.hasIP(ip) or self.is_guest_gateway(address, ip)) and address["add"]:
- logging.debug("The IP address in '%s' will be configured" % address)
+ logging.debug("The IP address in '%s' will be configured", address)
found = True
if not found:
self.delete(ip)
@@ -658,7 +695,6 @@ def delete(self, ip):
class CsRpsrfs:
-
""" Configure rpsrfs if there is more than one cpu """
def __init__(self, dev):
@@ -677,9 +713,10 @@ def enable(self):
"/proc/sys/net/core/rps_sock_flow_entries", "256", "w+")
filename = "/sys/class/net/%s/queues/rx-0/rps_flow_cnt" % (self.dev)
CsHelper.updatefile(filename, "256", "w+")
- logging.debug("rpsfr is configured for %s cpus" % (cpus))
+ logging.debug("rpsfr is configured for %s cpus", cpus)
- def inKernel(self):
+ @staticmethod
+ def inKernel():
try:
open('/etc/rpsrfsenable')
except IOError:
@@ -689,7 +726,8 @@ def inKernel(self):
logging.debug("rpsfr is present in the kernel")
return True
- def cpus(self):
+ @staticmethod
+ def cpus():
count = 0
for line in open('/proc/cpuinfo'):
if "processor" not in line:
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
index 9762e04875a..b5ae1524a9d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsApp.py
@@ -16,10 +16,9 @@
# specific language governing permissions and limitations
# under the License.
import os
-import CsHelper
-from CsFile import CsFile
-from CsProcess import CsProcess
-import CsHelper
+from cs import CsHelper
+from cs.CsFile import CsFile
+from cs.CsProcess import CsProcess
class CsApp:
@@ -35,24 +34,24 @@ class CsApache(CsApp):
""" Set up Apache """
def remove(self):
- file = "/etc/apache2/sites-enabled/vhost-%s.conf" % self.dev
- if os.path.isfile(file):
- os.remove(file)
+ filename = "/etc/apache2/sites-enabled/vhost-%s.conf" % self.dev
+ if os.path.isfile(filename):
+ os.remove(filename)
CsHelper.service("apache2", "restart")
def setup(self):
CsHelper.copy_if_needed("/etc/apache2/vhost.template",
"/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip)
- file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip))
- file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip))
- file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip))
- file.search("Listen .*:80", "Listen %s:80" % (self.ip))
- file.search("Listen .*:443", "Listen %s:443" % (self.ip))
- file.search("NameVirtualHost .*:80", "NameVirtualHost %s:80" % (self.ip))
- file.search("ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain()))
- if file.is_changed():
- file.commit()
+ cs_file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip))
+ cs_file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip))
+ cs_file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip))
+ cs_file.search("Listen .*:80", "Listen %s:80" % (self.ip))
+ cs_file.search("Listen .*:443", "Listen %s:443" % (self.ip))
+ cs_file.search("NameVirtualHost .*:80", "NameVirtualHost %s:80" % (self.ip))
+ cs_file.search("ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain()))
+ if cs_file.is_changed():
+ cs_file.commit()
CsHelper.service("apache2", "restart")
self.fw.append([
@@ -99,7 +98,7 @@ def add_firewall_rules(self):
"""
self.fw.append(["", "front",
"-A INPUT -i %s -p udp -m udp --dport 67 -j ACCEPT" % self.dev
- ])
+ ])
if self.config.has_dns():
self.fw.append([
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsConfig.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsConfig.py
index e3b900912fd..b36501e5cc3 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsConfig.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsConfig.py
@@ -16,9 +16,8 @@
# specific language governing permissions and limitations
# under the License.
-from CsDatabag import CsCmdLine
-from CsAddress import CsAddress
-import logging
+from cs.CsDatabag import CsCmdLine
+from cs.CsAddress import CsAddress
class CsConfig(object):
@@ -29,6 +28,7 @@ class CsConfig(object):
__LOG_LEVEL = "DEBUG"
__LOG_FORMAT = "%(asctime)s %(levelname)-8s %(message)s"
cl = None
+ ips = None
def __init__(self):
self.fw = []
@@ -82,7 +82,8 @@ def get_dns(self):
conf = self.cmdline().idata()
dns = []
if not self.use_extdns():
- if not self.is_vpc() and self.cl.is_redundant() and self.cl.get_guest_gw():
+ if not self.is_vpc() and self.cl.is_redundant() \
+ and self.cl.get_guest_gw():
dns.append(self.cl.get_guest_gw())
else:
dns.append(self.address().get_guest_ip())
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
index 9ccb768d14c..7a9eef4b55b 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
@@ -127,17 +127,18 @@ def get_router_id(self):
return 1
def get_router_password(self):
- if "router_password" in self.idata():
- return self.idata()['router_password']
-
'''
Generate a password based on the router id just to avoid hard-coded passwd.
Remark: if for some reason 1 router gets configured, the other one will have a different password.
- This is slightly difficult to happen, but if it does, destroy the router with the password generated with the
- code below and restart the VPC with out the clean up option.
+ This is slightly difficult to happen, but if it does,
+ destroy the router with the password generated with the code below and
+ restart the VPC with out the clean up option.
'''
- if(self.get_type()=='router'):
- passwd="%s-%s" % (self.get_eth2_ip(), self.get_router_id())
+ if "router_password" in self.idata():
+ return self.idata()['router_password']
+
+ if self.get_type() == 'router':
+ passwd = "%s-%s" % (self.get_eth2_ip(), self.get_router_id())
else:
passwd = "%s-%s" % (self.get_vpccidr(), self.get_router_id())
md5 = hashlib.md5()
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
index d97c04be723..a7ec14f79eb 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDhcp.py
@@ -14,11 +14,13 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import CsHelper
import logging
-from netaddr import *
from random import randint
-from CsGuestNetwork import CsGuestNetwork
+
+from netaddr import IPAddress
+
+from cs import CsHelper
+from cs.CsGuestNetwork import CsGuestNetwork
from cs.CsDatabag import CsDataBag
from cs.CsFile import CsFile
@@ -29,6 +31,11 @@
class CsDhcp(CsDataBag):
""" Manage dhcp entries """
+ conf = None
+ changed = None
+ hosts = None
+ cloud = None
+ devinfo = None
def process(self):
self.hosts = {}
@@ -54,7 +61,8 @@ def process(self):
self.conf.commit()
self.cloud.commit()
- # We restart DNSMASQ every time the configure.py is called in order to avoid lease problems.
+ # We restart DNSMASQ every time the configure.py is called
+ # in order to avoid lease problems.
if not self.cl.is_redundant() or self.cl.is_master():
CsHelper.service("dnsmasq", "restart")
@@ -99,7 +107,8 @@ def configure_server(self):
self.conf.search(sline, line)
idx += 1
- def delete_leases(self):
+ @staticmethod
+ def delete_leases():
try:
open(LEASES, 'w').close()
except IOError:
@@ -116,12 +125,12 @@ def preseed(self):
self.add_host(self.config.address().get_guest_ip(), "%s data-server" % CsHelper.get_hostname())
def write_hosts(self):
- file = CsFile("/etc/hosts")
- file.repopulate()
+ cs_file = CsFile("/etc/hosts")
+ cs_file.repopulate()
for ip in self.hosts:
- file.add("%s\t%s" % (ip, self.hosts[ip]))
- if file.is_changed():
- file.commit()
+ cs_file.add("%s\t%s" % (ip, self.hosts[ip]))
+ if cs_file.is_changed():
+ cs_file.commit()
logging.info("Updated hosts file")
else:
logging.debug("Hosts file unchanged")
@@ -136,7 +145,7 @@ def add(self, entry):
entry['ipv4_adress'],
entry['host_name'],
lease
- ))
+ ))
i = IPAddress(entry['ipv4_adress'])
# Calculate the device
for v in self.devinfo:
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsFile.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsFile.py
index 78ad8597f8b..330eb9aa5a0 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsFile.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsFile.py
@@ -17,11 +17,12 @@
# under the License.
import logging
import re
-import copy
class CsFile:
""" File editors """
+ config = None
+ new_config = None
def __init__(self, filename):
self.filename = filename
@@ -34,16 +35,13 @@ def load(self):
for line in open(self.filename):
self.new_config.append(line)
except IOError:
- logging.debug("File %s does not exist" % self.filename)
+ logging.debug("File %s does not exist", self.filename)
else:
- logging.debug("Reading file %s" % self.filename)
+ logging.debug("Reading file %s", self.filename)
self.config = list(self.new_config)
def is_changed(self):
- if set(self.config) != set(self.new_config):
- return True
- else:
- return False
+ return set(self.config) != set(self.new_config)
def __len__(self):
return len(self.config)
@@ -57,16 +55,17 @@ def repopulate(self):
def commit(self):
if not self.is_changed():
- logging.info("Nothing to commit. The %s file did not change" % self.filename)
+ logging.info("Nothing to commit. The %s file did not change",
+ self.filename)
return
handle = open(self.filename, "w+")
for line in self.new_config:
handle.write(line)
handle.close()
- logging.info("Wrote edited file %s" % self.filename)
+ logging.info("Wrote edited file %s", self.filename)
self.config = list(self.new_config)
logging.info("Updated file in-cache configuration")
-
+
def dump(self):
for line in self.new_config:
@@ -87,7 +86,7 @@ def append(self, string, where=-1):
self.new_config.insert(where, "%s\n" % string)
def add(self, string, where=-1):
- for index, line in enumerate(self.new_config):
+ for line in self.new_config:
if line.strip() == string:
return False
if where == -1:
@@ -113,7 +112,7 @@ def section(self, start, end, content):
self.new_config[sind:eind] = content
def greplace(self, search, replace):
- logging.debug("Searching for %s and replacing with %s" % (search, replace))
+ logging.debug("Searching for %s and replacing with %s", search, replace)
self.new_config = [w.replace(search, replace) for w in self.new_config]
def search(self, search, replace):
@@ -121,7 +120,8 @@ def search(self, search, replace):
replace_filtered = replace
if re.search("PSK \"", replace):
replace_filtered = re.sub(r'".*"', '"****"', replace)
- logging.debug("Searching for %s and replacing with %s" % (search, replace_filtered))
+ logging.debug("Searching for %s and replacing with %s",
+ search, replace_filtered)
for index, line in enumerate(self.new_config):
if line.lstrip().startswith("#"):
continue
@@ -137,9 +137,9 @@ def search(self, search, replace):
def searchString(self, search, ignoreLinesStartWith):
found = False
- logging.debug("Searching for %s string " % search)
+ logging.debug("Searching for %s string ", search)
- for index, line in enumerate(self.new_config):
+ for line in self.new_config:
print ' line = ' +line
if line.lstrip().startswith(ignoreLinesStartWith):
continue
@@ -151,10 +151,9 @@ def searchString(self, search, ignoreLinesStartWith):
def deleteLine(self, search):
- found = False
- logging.debug("Searching for %s to remove the line " % search)
+ logging.debug("Searching for %s to remove the line ", search)
temp_config = []
- for index, line in enumerate(self.new_config):
+ for line in self.new_config:
if line.lstrip().startswith("#"):
continue
if not re.search(search, line):
@@ -164,6 +163,8 @@ def deleteLine(self, search):
def compare(self, o):
- result = (isinstance(o, self.__class__) and set(self.config) == set(o.config))
- logging.debug("Comparison of CsFiles content is ==> %s" % result)
+ result = (
+ isinstance(o, self.__class__) and set(self.config) == set(o.config)
+ )
+ logging.debug("Comparison of CsFiles content is ==> %s", result)
return result
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsGuestNetwork.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsGuestNetwork.py
index d23a870af69..e184cba851a 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsGuestNetwork.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsGuestNetwork.py
@@ -15,7 +15,6 @@
# specific language governing permissions and limitations
# under the License.
from merge import DataBag
-import CsHelper
class CsGuestNetwork:
@@ -55,13 +54,17 @@ def set_router(self, val):
self.data['router_guest_gateway'] = val
def get_netmask(self):
- # We need to fix it properly. I just added the if, as Ian did in some other files, to avoid the exception.
+ # FIXME: We need to fix it properly.
+ # I just added the if, as Ian did in some other files,
+ # to avoid the exception.
if 'router_guest_netmask' in self.data:
return self.data['router_guest_netmask']
return ''
def get_gateway(self):
- # We need to fix it properly. I just added the if, as Ian did in some other files, to avoid the exception.
+ # FIXME: We need to fix it properly.
+ # I just added the if, as Ian did in some other files,
+ # to avoid the exception.
if 'router_guest_gateway' in self.data:
return self.data['router_guest_gateway']
return ''
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
index 1d6baff99e3..00657e19103 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsHelper.py
@@ -24,8 +24,8 @@
import os.path
import re
import shutil
-from netaddr import *
-from pprint import pprint
+import sys
+from netaddr import IPNetwork
PUBLIC_INTERFACES = {"router" : "eth2", "vpcrouter" : "eth1"}
@@ -44,9 +44,9 @@ def reconfigure_interfaces(router_config, interfaces):
if router_config.is_redundant() and interface.is_public():
state_cmd = STATE_COMMANDS[router_config.get_type()]
- logging.info("Check state command => %s" % state_cmd)
+ logging.info("Check state command => %s", state_cmd)
state = execute(state_cmd)[0]
- logging.info("Route state => %s" % state)
+ logging.info("Route state => %s", state)
if interface.get_device() != PUBLIC_INTERFACES[router_config.get_type()] and state == "MASTER":
execute(cmd)
else:
@@ -71,7 +71,8 @@ def umount_tmpfs(name):
def rm(name):
- os.remove(name) if os.path.isfile(name) else None
+ if os.path.isfile(name):
+ os.remove(name)
def rmdir(name):
@@ -85,7 +86,7 @@ def mkdir(name, mode, fatal):
except OSError as e:
if e.errno != 17:
print "failed to make directories " + name + " due to :" + e.strerror
- if(fatal):
+ if fatal:
sys.exit(1)
@@ -110,7 +111,7 @@ def bool_to_yn(val):
def get_device_info():
""" Returns all devices on system with their ipv4 ip netmask """
- list = []
+ data = []
for i in execute("ip addr show"):
vals = i.strip().lstrip().rstrip().split()
if vals[0] == "inet":
@@ -119,8 +120,8 @@ def get_device_info():
to['dev'] = vals[-1]
to['network'] = IPNetwork(to['ip'])
to['dnsmasq'] = False
- list.append(to)
- return list
+ data.append(to)
+ return data
def get_domain():
@@ -148,7 +149,7 @@ def get_ip(device):
cmd = "ip addr show dev %s" % device
for i in execute(cmd):
vals = i.lstrip().split()
- if (vals[0] == 'inet'):
+ if vals[0] == 'inet':
return vals[1]
return ""
@@ -165,11 +166,11 @@ def addifmissing(filename, val):
""" Add something to a file
if it is not already there """
if not os.path.isfile(filename):
- logging.debug("File %s doesn't exist, so create" % filename)
+ logging.debug("File %s doesn't exist, so create", filename)
open(filename, "w").close()
if not definedinfile(filename, val):
updatefile(filename, val + "\n", "a")
- logging.debug("Added %s to file %s" % (val, filename))
+ logging.debug("Added %s to file %s", val, filename)
return True
return False
@@ -181,7 +182,7 @@ def get_hostname():
def execute(command):
""" Execute command """
- logging.debug("Executing: %s" % command)
+ logging.debug("Executing: %s", command)
p = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
result = p.communicate()[0]
return result.splitlines()
@@ -189,7 +190,7 @@ def execute(command):
def save_iptables(command, iptables_file):
""" Execute command """
- logging.debug("Saving iptables for %s" % command)
+ logging.debug("Saving iptables for %s", command)
result = execute(command)
fIptables = open(iptables_file, "w+")
@@ -202,7 +203,7 @@ def save_iptables(command, iptables_file):
def execute2(command):
""" Execute command """
- logging.debug("Executing: %s" % command)
+ logging.debug("Executing: %s", command)
p = subprocess.Popen(command, stdout=subprocess.PIPE, stderr=subprocess.PIPE, shell=True)
p.wait()
return p
@@ -210,7 +211,7 @@ def execute2(command):
def service(name, op):
execute("service %s %s" % (name, op))
- logging.info("Service %s %s" % (name, op))
+ logging.info("Service %s %s", name, op)
def start_if_stopped(name):
@@ -223,7 +224,7 @@ def hup_dnsmasq(name, user):
pid = ""
for i in execute("ps -ef | grep %s" % name):
vals = i.lstrip().split()
- if (vals[0] == user):
+ if vals[0] == user:
pid = vals[1]
if pid:
logging.info("Sent hup to %s", name)
@@ -246,6 +247,6 @@ def copy(src, dest):
try:
shutil.copy2(src, dest)
except IOError:
- logging.Error("Could not copy %s to %s" % (src, dest))
+ logging.error("Could not copy %s to %s", src, dest)
else:
- logging.info("Copied %s to %s" % (src, dest))
+ logging.info("Copied %s to %s", src, dest)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
index d8f39dcd24a..7741ffaf7f3 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsLoadBalancer.py
@@ -15,12 +15,11 @@
# specific language governing permissions and limitations
# under the License.
import logging
-import os.path
-import re
+
from cs.CsDatabag import CsDataBag
-from CsProcess import CsProcess
-from CsFile import CsFile
-import CsHelper
+from cs.CsProcess import CsProcess
+from cs.CsFile import CsFile
+from cs import CsHelper
HAPROXY_CONF_T = "/etc/haproxy/haproxy.cfg.new"
HAPROXY_CONF_P = "/etc/haproxy/haproxy.cfg"
@@ -38,7 +37,8 @@ def process(self):
file1 = CsFile(HAPROXY_CONF_T)
file1.empty()
for x in config:
- [file1.append(w, -1) for w in x.split('\n')]
+ for w in x.split('\n'):
+ file1.append(w, -1)
file1.commit()
file2 = CsFile(HAPROXY_CONF_P)
@@ -61,9 +61,9 @@ def process(self):
def _configure_firewall(self, add_rules, remove_rules, stat_rules):
firewall = self.config.get_fw()
- logging.debug("CsLoadBalancer:: configuring firewall. Add rules ==> %s" % add_rules)
- logging.debug("CsLoadBalancer:: configuring firewall. Remove rules ==> %s" % remove_rules)
- logging.debug("CsLoadBalancer:: configuring firewall. Stat rules ==> %s" % stat_rules)
+ logging.debug("CsLoadBalancer:: configuring firewall. Add rules ==> %s", add_rules)
+ logging.debug("CsLoadBalancer:: configuring firewall. Remove rules ==> %s", remove_rules)
+ logging.debug("CsLoadBalancer:: configuring firewall. Stat rules ==> %s", stat_rules)
for rules in add_rules:
path = rules.split(':')
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsMonitor.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsMonitor.py
index 6b194238b1a..6e2354286e6 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsMonitor.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsMonitor.py
@@ -14,9 +14,8 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import logging
from cs.CsDatabag import CsDataBag
-from CsFile import CsFile
+from cs.CsFile import CsFile
MON_CONFIG = "/etc/monitor.conf"
@@ -28,14 +27,14 @@ def process(self):
if "config" not in self.dbag:
return
procs = [x.strip() for x in self.dbag['config'].split(',')]
- file = CsFile(MON_CONFIG)
+ cs_file = CsFile(MON_CONFIG)
for proc in procs:
bits = [x for x in proc.split(':')]
if len(bits) < 5:
continue
for i in range(0, 4):
- file.add(bits[i], -1)
- file.commit()
+ cs_file.add(bits[i], -1)
+ cs_file.commit()
cron = CsFile("/etc/cron.d/process")
cron.add("SHELL=/bin/bash", 0)
cron.add("PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin", 1)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py
index 3ee5174459c..5b22862143f 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsNetfilter.py
@@ -15,11 +15,11 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import CsHelper
-from pprint import pprint
-from CsDatabag import CsDataBag, CsCmdLine
import logging
+from cs import CsHelper
+from cs.CsDatabag import CsCmdLine
+
class CsChain(object):
@@ -128,7 +128,6 @@ def get_unseen(self):
cmd = "iptables -t %s %s" % (r.get_table(), r.to_str(True))
logging.debug("unseen cmd: %s ", cmd)
CsHelper.execute(cmd)
- # print "Delete rule %s from table %s" % (r.to_str(True), r.get_table())
logging.info("Delete rule %s from table %s", r.to_str(True), r.get_table())
def compare(self, list):
@@ -156,11 +155,13 @@ def compare(self, list):
rule_chain = new_rule.get_chain()
- logging.debug("Checking if the rule already exists: rule=%s table=%s chain=%s", new_rule.get_rule(), new_rule.get_table(), new_rule.get_chain())
+ logging.debug(
+ "Checking if the rule already exists: rule=%s table=%s chain=%s",
+ new_rule.get_rule(), new_rule.get_table(), new_rule.get_chain()
+ )
if self.has_rule(new_rule):
logging.debug("Exists: rule=%s table=%s", fw[2], new_rule.get_table())
else:
- # print "Add rule %s in table %s" % ( fw[2], new_rule.get_table())
logging.info("Add: rule=%s table=%s", fw[2], new_rule.get_table())
# front means insert instead of append
cpy = fw[2]
@@ -170,10 +171,18 @@ def compare(self, list):
# if the rule is for ACLs, we want to insert them in order, right before the DROP all
if rule_chain.startswith("ACL_INBOUND"):
rule_count = self.chain.get_count(rule_chain)
- cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), rule_count))
+ cpy = cpy.replace(
+ "-A %s" % new_rule.get_chain(),
+ '-I %s %s' % (new_rule.get_chain(), rule_count)
+ )
else:
- cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), fw[1]))
- CsHelper.execute("iptables -t %s %s" % (new_rule.get_table(), cpy))
+ cpy = cpy.replace(
+ "-A %s" % new_rule.get_chain(),
+ '-I %s %s' % (new_rule.get_chain(), fw[1])
+ )
+ CsHelper.execute(
+ "iptables -t %s %s" % (new_rule.get_table(), cpy)
+ )
ruleSet.add(tupledFw)
self.chain.add_rule(rule_chain)
self.del_standard()
@@ -182,18 +191,19 @@ def compare(self, list):
def add_chain(self, rule):
""" Add the given chain if it is not already present """
if not self.has_chain(rule.get_table(), rule.get_chain()):
- CsHelper.execute("iptables -t %s -N %s" % (rule.get_table(), rule.get_chain()))
+ CsHelper.execute("iptables -t %s -N %s" %
+ (rule.get_table(), rule.get_chain()))
self.chain.add(rule.get_table(), rule.get_chain())
def del_standard(self):
""" Del rules that are there but should not be deleted
These standard firewall rules vary according to the device type
"""
- type = CsCmdLine("cmdline").get_type()
+ ipt_type = CsCmdLine("cmdline").get_type()
try:
table = ''
- for i in open("/etc/iptables/iptables-%s" % type):
+ for i in open("/etc/iptables/iptables-%s" % ipt_type):
if i.startswith('*'): # Table
table = i[1:].strip()
if i.startswith('-A'): # Rule
@@ -239,16 +249,17 @@ def __convert_to_dict(self, rule):
rule = rule.replace('-p all', '')
rule = rule.replace(' ', ' ')
rule = rule.replace('bootpc', '68')
- # Ugly hack no.23 split this or else I will have an odd number of parameters
+ # XXX: Ugly hack no.23 split this or else I will have an odd
+ # number of parameters
rule = rule.replace('--checksum-fill', '--checksum fill')
# -m can appear twice in a string
rule = rule.replace('-m state', '-m2 state')
rule = rule.replace('ESTABLISHED,RELATED', 'RELATED,ESTABLISHED')
bits = rule.split(' ')
- rule = dict(zip(bits[0::2], bits[1::2]))
- if "-A" in rule.keys():
- self.chain = rule["-A"]
- return rule
+ rules = dict(zip(bits[0::2], bits[1::2]))
+ if "-A" in rules:
+ self.chain = rules["-A"]
+ return rules
def set_table(self, table):
if table == '':
@@ -274,24 +285,28 @@ def get_rule(self):
return self.rule
def to_str(self, delete=False):
- """ Convert the rule back into aynactically correct iptables command """
+ """
+ Convert the rule back into aynactically correct iptables command
+ """
# Order is important
- order = ['-A', '-s', '-d', '!_-d', '-i', '!_-i', '-p', '-m', '-m2', '--icmp-type', '--state',
- '--dport', '--destination-port', '-o', '!_-o', '-j', '--set-xmark', '--checksum',
- '--to-source', '--to-destination', '--mark']
- str = ''
+ order = [
+ '-A', '-s', '-d', '!_-d', '-i', '!_-i', '-p', '-m', '-m2',
+ '--icmp-type', '--state', '--dport', '--destination-port',
+ '-o', '!_-o', '-j', '--set-xmark', '--checksum', '--to-source',
+ '--to-destination', '--mark',
+ ]
+ result = ''
for k in order:
if k in self.rule.keys():
printable = k.replace('-m2', '-m')
printable = printable.replace('!_-', '! -')
if delete:
printable = printable.replace('-A', '-D')
- if str == '':
- str = "%s %s" % (printable, self.rule[k])
+ if result == '':
+ result = "%s %s" % (printable, self.rule[k])
else:
- str = "%s %s %s" % (str, printable, self.rule[k])
- str = str.replace("--checksum fill", "--checksum-fill")
- return str
+ result = "%s %s %s" % (result, printable, self.rule[k])
+ return result.replace("--checksum fill", "--checksum-fill")
def __eq__(self, rule):
if rule.get_table() != self.get_table():
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsProcess.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsProcess.py
index 6155f3031d1..072c7791b9a 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsProcess.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsProcess.py
@@ -17,12 +17,14 @@
# under the License.
import os
import re
-import CsHelper
import logging
+from cs import CsHelper
+
class CsProcess(object):
""" Manipulate processes """
+ pid = None
def __init__(self, search):
self.search = search
@@ -42,10 +44,10 @@ def find_pid(self):
self.pid = []
for i in CsHelper.execute("ps aux"):
items = len(self.search)
- proc = re.split("\s+", i)[items*-1:]
+ proc = re.split(r"\s+", i)[items*-1:]
matches = len([m for m in proc if m in self.search])
if matches == items:
- self.pid.append(re.split("\s+", i)[1])
+ self.pid.append(re.split(r"\s+", i)[1])
logging.debug("CsProcess:: Searching for process ==> %s and found PIDs ==> %s", self.search, self.pid)
return self.pid
@@ -54,12 +56,14 @@ def find(self):
has_pid = len(self.find_pid()) > 0
return has_pid
- def kill(self, pid):
+ @staticmethod
+ def kill(pid):
if pid > 1:
CsHelper.execute("kill -9 %s" % pid)
- def grep(self, str):
+ @staticmethod
+ def grep(str):
for i in CsHelper.execute("ps aux"):
if i.find(str) != -1:
- return re.split("\s+", i)[1]
+ return re.split(r"\s+", i)[1]
return -1
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
index f8d2bc25665..262854a541d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
@@ -32,16 +32,17 @@
# -------------------------------------------------------------------- #
import os
import logging
-import CsHelper
-from CsFile import CsFile
-from CsProcess import CsProcess
-from CsApp import CsPasswdSvc
-from CsAddress import CsDevice
-from CsRoute import CsRoute
-from CsStaticRoutes import CsStaticRoutes
import socket
from time import sleep
+from cs import CsHelper
+from cs.CsFile import CsFile
+from cs.CsProcess import CsProcess
+from cs.CsApp import CsPasswdSvc
+from cs.CsAddress import CsDevice
+from cs.CsRoute import CsRoute
+from cs.CsStaticRoutes import CsStaticRoutes
+
class CsRedundant(object):
CS_RAMDISK_DIR = "/ramdisk"
@@ -101,9 +102,9 @@ def _redundant_on(self):
command = "ip link show %s | grep 'state UP'" % dev
devUp = CsHelper.execute(command)
if devUp:
- logging.info("Device %s is present, let's start keepalive now." % dev)
+ logging.info("Device %s is present, let's start keepalive now.", dev)
isDeviceReady = True
-
+
if not isDeviceReady:
logging.info("Guest network not configured yet, let's stop router redundancy for now.")
CsHelper.service("conntrackd", "stop")
@@ -126,7 +127,7 @@ def _redundant_on(self):
"%s/%s" % (self.CS_TEMPLATES_DIR, "checkrouter.sh.templ"), "/opt/cloud/bin/checkrouter.sh")
CsHelper.execute(
- 'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
+ r'sed -i "s/--exec\ \$DAEMON;/--exec\ \$DAEMON\ --\ --vrrp;/g" /etc/init.d/keepalived')
# checkrouter.sh configuration
check_router = CsFile("/opt/cloud/bin/checkrouter.sh")
check_router.greplace("[RROUTER_LOG]", self.RROUTER_LOG)
@@ -143,25 +144,26 @@ def _redundant_on(self):
keepalived_conf.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
keepalived_conf.section("authentication {", "}", [
- " auth_type AH \n", " auth_pass %s\n" % self.cl.get_router_password()])
+ " auth_type AH \n", " auth_pass %s\n" %
+ self.cl.get_router_password()])
keepalived_conf.section(
"virtual_ipaddress {", "}", self._collect_ips())
# conntrackd configuration
conntrackd_template_conf = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ")
conntrackd_temp_bkp = "%s/%s" % (self.CS_TEMPLATES_DIR, "conntrackd.conf.templ.bkp")
-
+
CsHelper.copy(conntrackd_template_conf, conntrackd_temp_bkp)
conntrackd_tmpl = CsFile(conntrackd_template_conf)
conntrackd_tmpl.section("Multicast {", "}", [
- "IPv4_address 225.0.0.50\n",
- "Group 3780\n",
- "IPv4_interface %s\n" % guest.get_ip(),
- "Interface %s\n" % guest.get_device(),
- "SndSocketBuffer 1249280\n",
- "RcvSocketBuffer 1249280\n",
- "Checksum on\n"])
+ "IPv4_address 225.0.0.50\n",
+ "Group 3780\n",
+ "IPv4_interface %s\n" % guest.get_ip(),
+ "Interface %s\n" % guest.get_device(),
+ "SndSocketBuffer 1249280\n",
+ "RcvSocketBuffer 1249280\n",
+ "Checksum on\n"])
conntrackd_tmpl.section("Address Ignore {", "}", self._collect_ignore_ips())
conntrackd_tmpl.commit()
@@ -197,20 +199,22 @@ def _redundant_on(self):
keepalived_conf.commit()
CsHelper.service("keepalived", "restart")
- def release_lock(self):
+ @staticmethod
+ def release_lock():
try:
os.remove("/tmp/master_lock")
except OSError:
pass
- def set_lock(self):
+ @staticmethod
+ def set_lock():
"""
Make sure that master state changes happen sequentially
"""
iterations = 10
time_between = 1
- for iter in range(0, iterations):
+ for _ in range(0, iterations):
try:
s = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM)
s.bind('/tmp/master_lock')
@@ -267,7 +271,7 @@ def set_backup(self):
for interface in interfaces:
if dev == interface.get_device():
continue
- logging.info("Bringing public interface %s down" % interface.get_device())
+ logging.info("Bringing public interface %s down", interface.get_device())
cmd2 = "ip link set %s down" % interface.get_device()
CsHelper.execute(cmd2)
dev = interface.get_device()
@@ -306,21 +310,21 @@ def set_master(self):
if dev == interface.get_device():
continue
dev = interface.get_device()
- logging.info("Will proceed configuring device ==> %s" % dev)
+ logging.info("Will proceed configuring device ==> %s", dev)
cmd = "ip link set %s up" % dev
if CsDevice(dev, self.config).waitfordevice():
CsHelper.execute(cmd)
- logging.info("Bringing public interface %s up" % dev)
+ logging.info("Bringing public interface %s up", dev)
try:
gateway = interface.get_gateway()
- logging.info("Adding gateway ==> %s to device ==> %s" % (gateway, dev))
+ logging.info("Adding gateway ==> %s to device ==> %s", gateway, dev)
if dev == CsHelper.PUBLIC_INTERFACES[self.cl.get_type()]:
route.add_defaultroute(gateway)
except:
- logging.error("ERROR getting gateway from device %s" % dev)
+ logging.error("ERROR getting gateway from device %s", dev)
else:
- logging.error("Device %s was not ready could not bring it up" % dev)
+ logging.error("Device %s was not ready could not bring it up", dev)
logging.debug("Configuring static routes")
static_routes = CsStaticRoutes("staticroutes", self.config)
@@ -371,12 +375,11 @@ def _collect_ips(self):
lines = []
for interface in self.address.get_interfaces():
if interface.needs_vrrp():
- cmdline=self.config.get_cmdline_instance()
+ cmdline = self.config.get_cmdline_instance()
if not interface.is_added():
continue
- if(cmdline.get_type()=='router'):
- str = " %s brd %s dev %s\n" % (cmdline.get_guest_gw(), interface.get_broadcast(), interface.get_device())
+ if cmdline.get_type() == 'router':
+ lines += [" %s brd %s dev %s\n" % (cmdline.get_guest_gw(), interface.get_broadcast(), interface.get_device())]
else:
- str = " %s brd %s dev %s\n" % (interface.get_gateway_cidr(), interface.get_broadcast(), interface.get_device())
- lines.append(str)
+ lines += [" %s brd %s dev %s\n" % (interface.get_gateway_cidr(), interface.get_broadcast(), interface.get_device())]
return lines
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
index 1178fb04e1f..3d546a4275a 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRoute.py
@@ -15,9 +15,10 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import CsHelper
import logging
+from cs import CsHelper
+
class CsRoute:
@@ -32,18 +33,21 @@ def get_tablename(self, name):
def add_table(self, devicename):
tablenumber = devicename[3:]
tablename = self.get_tablename(devicename)
- str = "%s %s" % (tablenumber, tablename)
+ table = "%s %s" % (tablenumber, tablename)
filename = "/etc/iproute2/rt_tables"
logging.info(
- "Adding route table: " + str + " to " + filename + " if not present ")
- CsHelper.addifmissing(filename, str)
+ "Adding route table: %s to %s if not present ", table, filename)
+ CsHelper.addifmissing(filename, table)
- def flush_table(self, tablename):
+ @staticmethod
+ def flush_table(tablename):
CsHelper.execute("ip route flush table %s" % (tablename))
CsHelper.execute("ip route flush cache")
def add_route(self, dev, address):
- """ Wrapper method that adds table name and device to route statement """
+ """
+ Wrapper method that adds table name and device to route statement
+ """
# ip route add dev eth1 table Table_eth1 10.0.2.0/24
table = self.get_tablename(dev)
logging.info("Adding route: dev " + dev + " table: " +
@@ -51,10 +55,11 @@ def add_route(self, dev, address):
cmd = "dev %s table %s %s" % (dev, table, address)
self.set_route(cmd)
- def set_route(self, cmd, method="add"):
+ @staticmethod
+ def set_route(cmd, method="add"):
""" Add a route if it is not already defined """
found = False
- for i in CsHelper.execute("ip route show " + cmd):
+ for _ in CsHelper.execute("ip route show " + cmd):
found = True
if not found and method == "add":
logging.info("Add " + cmd)
@@ -73,7 +78,7 @@ def add_defaultroute(self, gateway):
"""
if not gateway:
raise Exception("Gateway cannot be None.")
-
+
if self.defaultroute_exists():
return False
else:
@@ -82,7 +87,8 @@ def add_defaultroute(self, gateway):
self.set_route(cmd)
return True
- def defaultroute_exists(self):
+ @staticmethod
+ def defaultroute_exists():
""" Return True if a default route is present
:return: bool
"""
@@ -90,7 +96,7 @@ def defaultroute_exists(self):
route_found = CsHelper.execute("ip -4 route list 0/0")
if len(route_found) > 0:
- logging.info("Default route found: " + route_found[0])
+ logging.info("Default route found: %s", route_found[0])
return True
else:
logging.warn("No default route found!")
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRule.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRule.py
index ed164b3bdc6..89a5dc7ac7c 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRule.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRule.py
@@ -15,9 +15,10 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-import CsHelper
import logging
+from cs import CsHelper
+
class CsRule:
""" Manage iprules
@@ -34,7 +35,7 @@ def addMark(self):
if not self.findMark():
cmd = "ip rule add fwmark %s table %s" % (self.tableNo, self.table)
CsHelper.execute(cmd)
- logging.info("Added fwmark rule for %s" % (self.table))
+ logging.info("Added fwmark rule for %s", self.table)
def findMark(self):
srch = "from all fwmark %s lookup %s" % (hex(self.tableNo), self.table)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py
index 57b259aabc4..4b603add153 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsStaticRoutes.py
@@ -17,20 +17,23 @@
# specific language governing permissions and limitations
# under the License.
-from CsDatabag import CsDataBag
-from CsRedundant import *
+import logging
+
+from cs.CsDatabag import CsDataBag
+from cs import CsHelper
class CsStaticRoutes(CsDataBag):
def process(self):
- logging.debug("Processing CsStaticRoutes file ==> %s" % self.dbag)
+ logging.debug("Processing CsStaticRoutes file ==> %s", self.dbag)
for item in self.dbag:
if item == "id":
continue
self.__update(self.dbag[item])
- def __update(self, route):
+ @staticmethod
+ def __update(route):
if route['revoke']:
command = "ip route del %s via %s" % (route['network'], route['gateway'])
CsHelper.execute(command)
@@ -39,4 +42,4 @@ def __update(self, route):
result = CsHelper.execute(command)
if not result:
route_command = "ip route add %s via %s" % (route['network'], route['gateway'])
- CsHelper.execute(route_command)
\ No newline at end of file
+ CsHelper.execute(route_command)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_cmdline.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_cmdline.py
index bbe76c693b4..4315dde2e33 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_cmdline.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_cmdline.py
@@ -15,8 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-
def merge(dbag, cmdline):
if 'redundant_router' in cmdline['cmd_line']:
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py
index d9f30e5ab49..590995cff5e 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_dhcp.py
@@ -15,9 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-from netaddr import *
-
def merge(dbag, data):
@@ -27,7 +24,7 @@ def merge(dbag, data):
if "add" in data and data['add'] is False and \
"ipv4_adress" in data:
if data['ipv4_adress'] in dbag:
- del(dbag[data['ipv4_adress']])
+ del dbag[data['ipv4_adress']]
return dbag
else:
dbag[data['ipv4_adress']] = data
@@ -46,4 +43,4 @@ def search(dbag, name):
if dbag[o]['host_name'] == name:
hosts.append(o)
for o in hosts:
- del(dbag[o])
+ del dbag[o]
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_firewallrules.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_firewallrules.py
index c0ccedd96db..82592012944 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_firewallrules.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_firewallrules.py
@@ -15,7 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
import copy
@@ -24,10 +23,10 @@ def merge(dbag, data):
if "rules" not in data:
return dbagc
for rule in data['rules']:
- id = str(rule['id'])
+ key = str(rule['id'])
if rule['revoked']:
- if id in dbagc.keys():
- del(dbagc[id])
- elif id not in dbagc.keys():
- dbagc[id] = rule
+ if key in dbagc.keys():
+ del dbagc[key]
+ elif key not in dbagc.keys():
+ dbagc[key] = rule
return dbagc
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_forwardingrules.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_forwardingrules.py
index e30c012f10d..91228819668 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_forwardingrules.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_forwardingrules.py
@@ -15,8 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-
def merge(dbag, rules):
for rule in rules["rules"]:
@@ -45,7 +43,7 @@ def merge(dbag, rules):
for forward in dbag[source_ip]:
if ruleCompare(forward, newrule):
index = dbag[source_ip].index(forward)
- if not index == -1:
+ if index != -1:
dbag[source_ip][index] = newrule
else:
dbag[source_ip].append(newrule)
@@ -62,18 +60,20 @@ def merge(dbag, rules):
if ruleCompare(forward, newrule):
index = dbag[source_ip].index(forward)
print "removing index %s" % str(index)
- if not index == -1:
+ if index != -1:
del dbag[source_ip][index]
return dbag
-# Compare function checks only the public side, those must be equal the internal details could change
+# Compare function checks only the public side,
+# those must be equal the internal details could change
def ruleCompare(ruleA, ruleB):
if not ruleA["type"] == ruleB["type"]:
return False
if ruleA["type"] == "staticnat":
return ruleA["public_ip"] == ruleB["public_ip"]
elif ruleA["type"] == "forward":
- return ruleA["public_ip"] == ruleB["public_ip"] and ruleA["public_ports"] == ruleB["public_ports"] \
+ return ruleA["public_ip"] == ruleB["public_ip"] \
+ and ruleA["public_ports"] == ruleB["public_ports"] \
and ruleA["protocol"] == ruleB["protocol"]
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_guestnetwork.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_guestnetwork.py
index 31c07960c20..682acbee703 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_guestnetwork.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_guestnetwork.py
@@ -15,8 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-
keys = ['eth1', 'eth2', 'eth3', 'eth4', 'eth5', 'eth6', 'eth7', 'eth8', 'eth9']
@@ -29,11 +27,11 @@ def merge(dbag, gn):
device_to_die = dbag[device][0]
try:
dbag[device].remove(device_to_die)
- except ValueError, e:
+ except ValueError:
print "[WARN] cs_guestnetwork.py :: Error occurred removing item from databag. => %s" % device_to_die
- del(dbag[device])
+ del dbag[device]
else:
- del(dbag[device])
+ del dbag[device]
else:
dbag.setdefault(device, []).append(gn)
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_ip.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_ip.py
index efcf311296f..c3dff49705e 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_ip.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_ip.py
@@ -15,12 +15,10 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-from netaddr import *
+from netaddr import IPNetwork
def merge(dbag, ip):
- added = False
for dev in dbag:
if dev == "id":
continue
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_loadbalancer.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_loadbalancer.py
index 14b2732caa4..e182d01135e 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_loadbalancer.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_loadbalancer.py
@@ -15,12 +15,13 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-import copy
def merge(dbag, data):
- """ Simply overwrite the existsing bag as, the whole configuration is sent every time """
+ """
+ Simply overwrite the existsing bag as,
+ the whole configuration is sent every time
+ """
if "rules" not in data:
return dbag
dbag['config'] = data['rules']
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_monitorservice.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_monitorservice.py
index c8b63265c85..67e01cbe403 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_monitorservice.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_monitorservice.py
@@ -15,8 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-from netaddr import *
def merge(dbag, data):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_network_acl.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_network_acl.py
index 46219beb6b4..f64b3aa4189 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_network_acl.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_network_acl.py
@@ -15,8 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-from netaddr import *
def merge(dbag, data):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_remoteaccessvpn.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_remoteaccessvpn.py
index 4ae79c172f9..ab185b6e3aa 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_remoteaccessvpn.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_remoteaccessvpn.py
@@ -15,14 +15,13 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
def merge(dbag, vpn):
key = vpn['vpn_server_ip']
op = vpn['create']
if key in dbag.keys() and not op:
- del(dbag[key])
+ del dbag[key]
else:
dbag[key] = vpn
return dbag
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
index 972c09a23d7..2b3b9cd5e54 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_site2sitevpn.py
@@ -15,14 +15,13 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
def merge(dbag, vpn):
key = vpn['peer_gateway_ip']
op = vpn['create']
if key in dbag.keys() and not op:
- del(dbag[key])
+ del dbag[key]
else:
dbag[key] = vpn
return dbag
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
index 209eefe41fc..16c3b81df70 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_staticroutes.py
@@ -15,7 +15,6 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
def merge(dbag, staticroutes):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmdata.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmdata.py
index 4150221e774..875e0390555 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmdata.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmdata.py
@@ -15,7 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
def merge(dbag, metadata):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
index 3a8e06ed719..dd6dbfd93b1 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
@@ -15,8 +15,6 @@
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
-from netaddr import *
def merge(dbag, data):
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs_vpnusers.py b/systemvm/patches/debian/config/opt/cloud/bin/cs_vpnusers.py
index 316fabc07d3..b83de6d2357 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_vpnusers.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_vpnusers.py
@@ -15,7 +15,6 @@
# KIND, either express or implied. See the License for the
# specific language governing permissions and limitations
# under the License.
-from pprint import pprint
import copy
@@ -35,11 +34,11 @@ def merge(dbag, data):
userrec = dbagc[user]
add = userrec['add']
if not add:
- del(dbagc[user])
+ del dbagc[user]
for user in data['vpn_users']:
- username=user['user']
- add=user['add']
+ username = user['user']
+ add = user['add']
if username not in dbagc.keys():
dbagc[username] = user
elif username in dbagc.keys() and not add:
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/line_edit.py b/systemvm/patches/debian/config/opt/cloud/bin/line_edit.py
index 5918883ea96..22f4d18e3d0 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/line_edit.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/line_edit.py
@@ -30,8 +30,11 @@ def __init__(self, search, sub, *sub_args, **kwargs):
flags = kwargs.get('flags', 0)
self.pattern = re.compile(search, flags=flags)
self.sub = sub
- self.count = kwargs.get('count', 0) # max subs to make
- self.subs = 0 # subs made so far
+
+ # max subs to make
+ self.count = kwargs.get('count', 0)
+ # subs made so far
+ self.subs = 0
class LineEditingFile(object):
@@ -125,7 +128,8 @@ def replace(self, search, sub, *sub_args, **kwargs):
# noinspection PyUnusedLocal
def __exit__(self, exc, value, traceback):
if exc is not None:
- return False # return false results in re-raise
+ # return false results in re-raise
+ return False
self.commit()
@@ -154,41 +158,49 @@ def commit(self):
edit.sub, line, remaining_count)
if changed_line != line:
if changed_file is None:
- logging.debug("Editing file %s" % self.filename)
- logging.debug(" - %s" % line[:-1])
- logging.debug(" + %s" % changed_line[:-1])
+ logging.debug("Editing file %s", self.filename)
+ logging.debug(" - %s", line[:-1])
+ logging.debug(" + %s", changed_line[:-1])
changes += subs
edit.subs += subs
- if changes == 0: # buffer until we find a change
+ if changes == 0:
+ # buffer until we find a change
lines.append(changed_line)
- elif changed_file is None: # found first change, flush buffer
+ elif changed_file is None:
+ # found first change, flush buffer
changed_file = open(changed_filename, 'w')
if hasattr(os, 'fchmod'):
- os.fchmod(changed_file.fileno(), # can cause OSError which aborts
+ # can cause OSError which aborts
+ os.fchmod(changed_file.fileno(),
stat.st_mode)
if hasattr(os, 'fchown'):
- os.fchown(changed_file.fileno(), # can cause OSError which aborts
+ # can cause OSError which aborts
+ os.fchown(changed_file.fileno(),
stat.st_uid, stat.st_gid)
changed_file.writelines(lines)
changed_file.write(changed_line)
- del lines # reclaim buffer memory
- else: # already flushed, just write
+ # reclaim buffer memory
+ del lines
+ else:
+ # already flushed, just write
changed_file.write(changed_line)
if changes == 0:
- logging.info("No edits need for file %s" %
- self.filename)
+ logging.info("No edits need for file %s", self.filename)
else:
changed_file.close()
changed_file = None
- if os.path.exists(backup_filename): # back up the original
+ if os.path.exists(backup_filename):
+ # back up the original
os.unlink(backup_filename)
shutil.copy(self.filename, backup_filename)
- os.rename(changed_filename, self.filename) # the swap
- logging.info("Edited file %s (%d changes)" %
- (self.filename, changes))
+ # the swap
+ os.rename(changed_filename, self.filename)
+ logging.info("Edited file %s (%d changes)",
+ self.filename, changes)
finally:
- if changed_file is not None: # failed, clean up
+ if changed_file is not None:
+ # failed, clean up
changed_file.close()
os.unlink(changed_filename)
return changes
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/master.py b/systemvm/patches/debian/config/opt/cloud/bin/master.py
index 3d1dcd7ef9a..f645778f10d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/master.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/master.py
@@ -17,12 +17,12 @@
# specific language governing permissions and limitations
# under the License.
+import logging
+from optparse import OptionParser
+
from cs.CsRedundant import CsRedundant
from cs.CsDatabag import CsCmdLine
-from cs.CsAddress import CsAddress
from cs.CsConfig import CsConfig
-import logging
-from optparse import OptionParser
parser = OptionParser()
parser.add_option("-m", "--master",
@@ -42,7 +42,8 @@
format=config.get_format())
config.cmdline()
cl = CsCmdLine("cmdline", config)
-#Update the configuration to set state as backup and let keepalived decide who the real Master is!
+# Update the configuration to set state as backup
+# and let keepalived decide who the real Master is!
cl.set_master_state(False)
cl.save()
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/merge.py b/systemvm/patches/debian/config/opt/cloud/bin/merge.py
index 4087094dfcd..4b4ac9eeb3d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/merge.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/merge.py
@@ -36,12 +36,13 @@
import cs_vpnusers
import cs_staticroutes
-from pprint import pprint
-
class DataBag:
DPATH = "/etc/cloudstack"
+ dbag = None
+ key = None
+ fpath = None
def __init__(self):
self.bdata = {}
@@ -57,7 +58,7 @@ def load(self):
logging.debug("Creating data bag type %s", self.key)
data.update({"id": self.key})
else:
- logging.debug("Loading data bag type %s", self.key)
+ logging.debug("Loading data bag type %s", self.key)
data = json.load(handle)
handle.close()
self.dbag = data
@@ -83,6 +84,7 @@ def setKey(self, key):
class updateDataBag:
DPATH = "/etc/cloudstack"
+ newData = None
def __init__(self, qFile):
self.qFile = qFile
@@ -92,7 +94,8 @@ def __init__(self, qFile):
def process(self):
self.db = DataBag()
- if (self.qFile.type == "staticnatrules" or self.qFile.type == "forwardrules"):
+ if self.qFile.type == "staticnatrules" \
+ or self.qFile.type == "forwardrules":
self.db.setKey("forwardingrules")
else:
self.db.setKey(self.qFile.type)
@@ -119,7 +122,8 @@ def process(self):
dbag = self.processVmData(self.db.getDataBag())
elif self.qFile.type == 'dhcpentry':
dbag = self.process_dhcp_entry(self.db.getDataBag())
- elif self.qFile.type == 'staticnatrules' or self.qFile.type == 'forwardrules':
+ elif self.qFile.type == 'staticnatrules' \
+ or self.qFile.type == 'forwardrules':
dbag = self.processForwardingRules(self.db.getDataBag())
elif self.qFile.type == 'site2sitevpn':
dbag = self.process_site2sitevpn(self.db.getDataBag())
@@ -205,13 +209,13 @@ def processCL(self, dbag):
# "eth0ip": "192.168.56.32",
# "eth0mask": "255.255.255.0",
self.newData = []
- if (self.qFile.data['cmd_line']['type'] == "router"):
+ if self.qFile.data['cmd_line']['type'] == "router":
self.processCLItem('0', "guest")
self.processCLItem('1', "control")
self.processCLItem('2', "public")
- elif (self.qFile.data['cmd_line']['type'] == "vpcrouter"):
+ elif self.qFile.data['cmd_line']['type'] == "vpcrouter":
self.processCLItem('0', "control")
- elif (self.qFile.data['cmd_line']['type'] == "dhcpsrvr"):
+ elif self.qFile.data['cmd_line']['type'] == "dhcpsrvr":
self.processCLItem('0', "guest")
self.processCLItem('1', "control")
return cs_cmdline.merge(dbag, self.qFile.data)
@@ -219,13 +223,13 @@ def processCL(self, dbag):
def processCLItem(self, num, nw_type):
key = 'eth' + num + 'ip'
dp = {}
- if(key in self.qFile.data['cmd_line']):
+ if key in self.qFile.data['cmd_line']:
dp['public_ip'] = self.qFile.data['cmd_line'][key]
dp['netmask'] = self.qFile.data['cmd_line']['eth' + num + 'mask']
dp['source_nat'] = False
dp['add'] = True
dp['one_to_one_nat'] = False
- if('localgw' in self.qFile.data['cmd_line']):
+ if 'localgw' in self.qFile.data['cmd_line']:
dp['gateway'] = self.qFile.data['cmd_line']['localgw']
else:
dp['gateway'] = 'None'
@@ -269,12 +273,13 @@ class QueueFile:
configCache = "/var/cache/cloud"
keep = True
data = {}
+ type = None
def load(self, data):
if data is not None:
self.data = data
self.type = self.data["type"]
- proc = updateDataBag(self)
+ updateDataBag(self)
return
fn = self.configCache + '/' + self.fileName
try:
@@ -289,7 +294,7 @@ def load(self, data):
self.__moveFile(fn, self.configCache + "/processed")
else:
os.remove(fn)
- proc = updateDataBag(self)
+ updateDataBag(self)
def setFile(self, name):
self.fileName = name
@@ -315,23 +320,28 @@ class PrivateGatewayHack:
@classmethod
def update_network_type_for_privategateway(cls, dbag, data):
- ip = data['router_guest_ip'] if 'router_guest_ip' in data.keys() else data['public_ip']
+ if 'router_guest_ip' in data.keys():
+ ip = data['router_guest_ip']
+ else:
+ ip = data['public_ip']
initial_data = cls.load_inital_data()
has_private_gw_ip = cls.if_config_has_privategateway(initial_data)
- private_gw_matches = 'privategateway' in initial_data['config'] and cls.ip_matches_private_gateway_ip(ip, initial_data['config']['privategateway'])
+ private_gw_matches = 'privategateway' in initial_data['config'] \
+ and cls.ip_matches_private_gateway_ip(ip, initial_data['config']['privategateway'])
if has_private_gw_ip and private_gw_matches:
data['nw_type'] = "public"
- logging.debug("Updating nw_type for ip %s" % ip)
+ logging.debug("Updating nw_type for ip %s", ip)
else:
- logging.debug("Not updating nw_type for ip %s because has_private_gw_ip = %s and private_gw_matches = %s " % (ip, has_private_gw_ip, private_gw_matches))
+ logging.debug("Not updating nw_type for ip %s because has_private_gw_ip = %s and private_gw_matches = %s ", ip, has_private_gw_ip, private_gw_matches)
return data
@classmethod
def if_config_has_privategateway(cls, dbag):
- return 'privategateway' in dbag['config'].keys() and dbag['config']['privategateway'] != "None"
+ return 'privategateway' in dbag['config'].keys() \
+ and dbag['config']['privategateway'] != "None"
@classmethod
@@ -348,6 +358,6 @@ def load_inital_data(cls):
initial_data_bag.setKey('cmdline')
initial_data_bag.load()
initial_data = initial_data_bag.getDataBag()
- logging.debug("Initial data = %s" % initial_data)
+ logging.debug("Initial data = %s", initial_data)
return initial_data
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py b/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
index fc84910a117..9d968dce004 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/passwd_server_ip.py
@@ -31,7 +31,6 @@
import sys
import syslog
import threading
-import urlparse
from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer
from SocketServer import ThreadingMixIn #, ForkingMixIn
@@ -65,7 +64,8 @@ def loadPasswordFile():
try:
with file(getPasswordFile()) as f:
for line in f:
- if '=' not in line: continue
+ if '=' not in line:
+ continue
key, value = line.strip().split('=', 1)
passMap[key] = value
except IOError:
@@ -131,10 +131,10 @@ def do_GET(self):
def do_POST(self):
form = cgi.FieldStorage(
- fp=self.rfile,
- headers=self.headers,
- environ={'REQUEST_METHOD':'POST',
- 'CONTENT_TYPE':self.headers['Content-Type'],
+ fp=self.rfile,
+ headers=self.headers,
+ environ={'REQUEST_METHOD':'POST',
+ 'CONTENT_TYPE':self.headers['Content-Type'],
})
self.send_response(200)
self.end_headers()
@@ -143,7 +143,8 @@ def do_POST(self):
syslog.syslog('serve_password: non-localhost IP trying to save password: %s' % clientAddress)
self.send_response(403)
return
- if 'ip' not in form or 'password' not in form or 'token' not in form or self.headers.get('DomU_Request') != 'save_password':
+ if 'ip' not in form or 'password' not in form or 'token' not in form \
+ or self.headers.get('DomU_Request') != 'save_password':
syslog.syslog('serve_password: request trying to save password does not contain both ip and password')
self.send_response(403)
return
@@ -163,11 +164,11 @@ def do_POST(self):
return
def log_message(self, format, *args):
- return
+ return
-def serve(HandlerClass = PasswordRequestHandler,
- ServerClass = ThreadedHTTPServer):
+def serve(HandlerClass=PasswordRequestHandler,
+ ServerClass=ThreadedHTTPServer):
global listeningAddress
if len(sys.argv) > 1:
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/set_redundant.py b/systemvm/patches/debian/config/opt/cloud/bin/set_redundant.py
index 7a8dad026d2..31b5db12d9d 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/set_redundant.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/set_redundant.py
@@ -17,12 +17,14 @@
# specific language governing permissions and limitations
# under the License.
-# This file is used by the tests to switch the redundancy status
+# This file is used to switch the redundancy status by
+# test/systemvm/test_update_config.py
-from cs.CsConfig import CsConfig
from optparse import OptionParser
import logging
+from cs.CsConfig import CsConfig
+
parser = OptionParser()
parser.add_option("-e", "--enable",
action="store_true", default=False, dest="enable",
@@ -37,11 +39,9 @@
logging.basicConfig(filename=config.get_logger(),
level=config.get_level(),
format=config.get_format())
-config.set_cl()
-
if options.enable:
- config.get_cmdline().set_redundant("true")
+ config.cmdline().set_redundant("true")
if options.disable:
- config.get_cmdline().set_redundant("false")
+ config.cmdline().set_redundant("false")
-config.get_cmdline().save()
+config.cmdline().save()
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/update_config.py b/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
index dddd0c8e3c0..c83970cecc1 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
@@ -17,19 +17,22 @@
# under the License.
import sys
-from merge import QueueFile
import logging
-import subprocess
-from subprocess import PIPE, STDOUT
import os
import os.path
-import configure
import json
-logging.basicConfig(filename='/var/log/cloud.log', level=logging.DEBUG, format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s')
+import configure
+from merge import QueueFile
+
+logging.basicConfig(
+ filename='/var/log/cloud.log',
+ level=logging.DEBUG,
+ format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s',
+)
# first commandline argument should be the file to process
-if (len(sys.argv) != 2):
+if len(sys.argv) != 2:
print "[ERROR]: Invalid usage"
sys.exit(1)
@@ -41,8 +44,8 @@
def finish_config():
# Converge
- returncode = configure.main(sys.argv)
- sys.exit(returncode)
+ configure.main(sys.argv)
+ sys.exit()
def process_file():
@@ -55,40 +58,30 @@ def process_file():
def is_guestnet_configured(guestnet_dict, keys):
-
existing_keys = []
- new_eth_key = None
for k1, v1 in guestnet_dict.iteritems():
if k1 in keys and len(v1) > 0:
existing_keys.append(k1)
if not existing_keys:
- '''
- It seems all the interfaces have been removed. Let's allow a new configuration to come in.
- '''
+ # It seems all the interfaces have been removed.
+ # Let's allow a new configuration to come in.
print "[WARN] update_config.py :: Reconfiguring guest network..."
return False
- file = open(jsonCmdConfigPath)
- new_guestnet_dict = json.load(file)
+ new_guestnet_dict = json.load(open(jsonCmdConfigPath))
if not new_guestnet_dict['add']:
- '''
- Guest network has to be removed.
- '''
+ # Guest network has to be removed.
print "[INFO] update_config.py :: Removing guest network..."
return False
- '''
- Check if we have a new guest network ready to be setup
- '''
+ # Check if we have a new guest network ready to be setup
device = new_guestnet_dict['device']
if device in existing_keys:
- '''
- Device already configured, ignore.
- '''
+ # Device already configured, ignore.
return True
exists = False
@@ -120,13 +113,13 @@ def is_guestnet_configured(guestnet_dict, keys):
qf.setFile("cmd_line.json")
qf.load(None)
-# If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break
+# If the guest network is already configured and have the same IP,
+# do not try to configure it again otherwise it will break
if sys.argv[1] == "guest_network.json":
if os.path.isfile(currentGuestNetConfig):
- file = open(currentGuestNetConfig)
- guestnet_dict = json.load(file)
-
- if not is_guestnet_configured(guestnet_dict, ['eth1', 'eth2', 'eth3', 'eth4', 'eth5', 'eth6', 'eth7', 'eth8', 'eth9']):
+ if not is_guestnet_configured(
+ json.load(open(currentGuestNetConfig)),
+ ['eth%d' % _ for _ in range(1, 10)]):
print "[INFO] update_config.py :: Processing Guest Network."
process_file()
else:
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/vmdata.py b/systemvm/patches/debian/config/opt/cloud/bin/vmdata.py
index b9127a1b998..812c3abfd89 100755
--- a/systemvm/patches/debian/config/opt/cloud/bin/vmdata.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/vmdata.py
@@ -52,22 +52,22 @@ def main(argv):
for ip in json_data:
for item in json_data[ip]:
folder = item[0]
- file = item[1]
+ filename = item[1]
data = item[2]
# process only valid data
if folder != "userdata" and folder != "metadata":
continue
- if file == "":
+ if filename == "":
continue
- htaccess(ip, folder, file)
+ htaccess(ip, folder, filename)
if data == "":
- deletefile(ip, folder, file)
+ deletefile(ip, folder, filename)
else:
- createfile(ip, folder, file, data)
+ createfile(ip, folder, filename, data)
if fpath != '':
fh.close()
@@ -107,10 +107,12 @@ def createfile(ip, folder, file, data):
except OSError as e:
# error 17 is already exists, we do it this way for concurrency
if e.errno != 17:
- print "failed to make directories " + metamanifestdir + " due to :" + e.strerror
+ print "failed to make directories %s due to : %s" % \
+ (metamanifestdir, e.strerror)
sys.exit(1)
if os.path.exists(metamanifest):
- fh = open(metamanifest, "r+a")
+ fh = open(metamanifest, "a+")
+ fh = open(metamanifest, "a+")
exflock(fh)
if file not in fh.read():
fh.write(file + '\n')
@@ -137,7 +139,8 @@ def htaccess(ip, folder, file):
except OSError as e:
# error 17 is already exists, we do it this way for sake of concurrency
if e.errno != 17:
- print "failed to make directories " + htaccessFolder + " due to :" + e.strerror
+ print "failed to make directories %s due to : %s" % \
+ (htaccessFolder, e.strerror)
sys.exit(1)
fh = open(htaccessFile, "w")
@@ -159,7 +162,7 @@ def exflock(file):
def unflock(file):
try:
flock(file, LOCK_UN)
- except IOError:
+ except IOError as e:
print "failed to unlock file" + file.name + " due to : " + e.strerror
sys.exit(1)
return True
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
With regards,
Apache Git Services