You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by nv...@apache.org on 2022/04/29 03:01:16 UTC
[cloudstack] branch main updated: Change patch path during live patching of systemVMs (#6328)
This is an automated email from the ASF dual-hosted git repository.
nvazquez pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/main by this push:
new 3bd723ca06 Change patch path during live patching of systemVMs (#6328)
3bd723ca06 is described below
commit 3bd723ca069ac0fae1c88527e99ae3c0dd0f1d79
Author: Pearl Dsilva <pe...@gmail.com>
AuthorDate: Fri Apr 29 08:31:11 2022 +0530
Change patch path during live patching of systemVMs (#6328)
* Improve log when live patching fails
* change patching path from /tmp to /var/cache/clou
* add iptable rule for console proxy (novnc)
* temporary template paths
* revert pom xml to original paths
---
.../kvm/resource/wrapper/LibvirtPatchSystemVmCommandWrapper.java | 4 ++--
.../kvm/resource/wrapper/LibvirtStartCommandWrapper.java | 3 ++-
.../java/com/cloud/hypervisor/vmware/resource/VmwareResource.java | 6 +++---
.../wrapper/xenbase/CitrixPatchSystemVmCommandWrapper.java | 2 +-
.../resource/wrapper/xenbase/CitrixStartCommandWrapper.java | 3 ++-
scripts/vm/hypervisor/xenserver/vmops | 2 +-
systemvm/debian/opt/cloud/bin/setup/bootstrap.sh | 2 +-
systemvm/debian/opt/cloud/bin/setup/cloud-early-config | 6 +++---
systemvm/patch-sysvms.sh | 7 +++++--
9 files changed, 20 insertions(+), 15 deletions(-)
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtPatchSystemVmCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtPatchSystemVmCommandWrapper.java
index 691d34fd70..104fd66329 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtPatchSystemVmCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtPatchSystemVmCommandWrapper.java
@@ -69,9 +69,9 @@ public class LibvirtPatchSystemVmCommandWrapper extends CommandWrapper<PatchSyst
Pair<Boolean, String> patchResult = null;
try {
- FileUtil.scpPatchFiles(controlIp, "/tmp/", sshPort, pemFile, serverResource.systemVmPatchFiles, LibvirtComputingResource.BASEPATH);
+ FileUtil.scpPatchFiles(controlIp, VRScripts.CONFIG_CACHE_LOCATION, sshPort, pemFile, serverResource.systemVmPatchFiles, LibvirtComputingResource.BASEPATH);
patchResult = SshHelper.sshExecute(controlIp, sshPort, "root",
- pemFile, null, "/tmp/patch-sysvms.sh", 10000, 10000, 600000);
+ pemFile, null, "/var/cache/cloud/patch-sysvms.sh", 10000, 10000, 600000);
} catch (Exception e) {
return new PatchSystemVmAnswer(cmd, e.getMessage());
}
diff --git a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java
index bdb86f061e..7b69993f2e 100644
--- a/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java
+++ b/plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/wrapper/LibvirtStartCommandWrapper.java
@@ -22,6 +22,7 @@ package com.cloud.hypervisor.kvm.resource.wrapper;
import java.io.File;
import java.net.URISyntaxException;
+import com.cloud.agent.resource.virtualnetwork.VRScripts;
import com.cloud.utils.FileUtil;
import org.apache.log4j.Logger;
import org.libvirt.Connect;
@@ -120,7 +121,7 @@ public final class LibvirtStartCommandWrapper extends CommandWrapper<StartComman
try {
File pemFile = new File(LibvirtComputingResource.SSHPRVKEYPATH);
- FileUtil.scpPatchFiles(controlIp, "/tmp/", Integer.parseInt(LibvirtComputingResource.DEFAULTDOMRSSHPORT), pemFile, LibvirtComputingResource.systemVmPatchFiles, LibvirtComputingResource.BASEPATH);
+ FileUtil.scpPatchFiles(controlIp, VRScripts.CONFIG_CACHE_LOCATION, Integer.parseInt(LibvirtComputingResource.DEFAULTDOMRSSHPORT), pemFile, LibvirtComputingResource.systemVmPatchFiles, LibvirtComputingResource.BASEPATH);
if (!virtRouterResource.isSystemVMSetup(vmName, controlIp)) {
String errMsg = "Failed to patch systemVM";
s_logger.error(errMsg);
diff --git a/plugins/hypervisors/vmware/src/main/java/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/main/java/com/cloud/hypervisor/vmware/resource/VmwareResource.java
index 2180152ab0..3b3ebd88ea 100644
--- a/plugins/hypervisors/vmware/src/main/java/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/main/java/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@@ -664,7 +664,7 @@ public class VmwareResource extends ServerResourceBase implements StoragePoolRes
ExecutionResult result;
try {
result = getSystemVmVersionAndChecksum(controlIp);
- FileUtil.scpPatchFiles(controlIp, "/tmp/", DefaultDomRSshPort, pemFile, systemVmPatchFiles, BASEPATH);
+ FileUtil.scpPatchFiles(controlIp, VRScripts.CONFIG_CACHE_LOCATION, DefaultDomRSshPort, pemFile, systemVmPatchFiles, BASEPATH);
} catch (CloudRuntimeException e) {
return new PatchSystemVmAnswer(cmd, e.getMessage());
}
@@ -687,7 +687,7 @@ public class VmwareResource extends ServerResourceBase implements StoragePoolRes
Pair<Boolean, String> patchResult = null;
try {
patchResult = SshHelper.sshExecute(controlIp, DefaultDomRSshPort, "root",
- pemFile, null, "/tmp/patch-sysvms.sh", 10000, 10000, 600000);
+ pemFile, null, "/var/cache/cloud/patch-sysvms.sh", 10000, 10000, 600000);
} catch (Exception e) {
return new PatchSystemVmAnswer(cmd, e.getMessage());
}
@@ -2578,7 +2578,7 @@ public class VmwareResource extends ServerResourceBase implements StoragePoolRes
try {
String homeDir = System.getProperty("user.home");
File pemFile = new File(homeDir + "/.ssh/id_rsa");
- FileUtil.scpPatchFiles(controlIp, "/tmp/", DefaultDomRSshPort, pemFile, systemVmPatchFiles, BASEPATH);
+ FileUtil.scpPatchFiles(controlIp, VRScripts.CONFIG_CACHE_LOCATION, DefaultDomRSshPort, pemFile, systemVmPatchFiles, BASEPATH);
if (!_vrResource.isSystemVMSetup(vmInternalCSName, controlIp)) {
String errMsg = "Failed to patch systemVM";
s_logger.error(errMsg);
diff --git a/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixPatchSystemVmCommandWrapper.java b/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixPatchSystemVmCommandWrapper.java
index 718daec729..0f37bea15c 100644
--- a/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixPatchSystemVmCommandWrapper.java
+++ b/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixPatchSystemVmCommandWrapper.java
@@ -68,7 +68,7 @@ public class CitrixPatchSystemVmCommandWrapper extends CommandWrapper<PatchSyste
String patchResult = null;
try {
- serverResource.copyPatchFilesToVR(controlIp, "/tmp/");
+ serverResource.copyPatchFilesToVR(controlIp, VRScripts.CONFIG_CACHE_LOCATION);
patchResult = serverResource.callHostPlugin(conn, "vmops", "runPatchScriptInDomr", "domrip", controlIp);
} catch (Exception e) {
return new PatchSystemVmAnswer(command, e.getMessage());
diff --git a/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixStartCommandWrapper.java b/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixStartCommandWrapper.java
index d1b5224f28..7ba5387d1a 100644
--- a/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixStartCommandWrapper.java
+++ b/plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixStartCommandWrapper.java
@@ -25,6 +25,7 @@ import java.util.List;
import java.util.Map;
import java.util.Set;
+import com.cloud.agent.resource.virtualnetwork.VRScripts;
import com.cloud.agent.resource.virtualnetwork.VirtualRoutingResource;
import org.apache.commons.lang3.StringUtils;
import org.apache.log4j.Logger;
@@ -197,7 +198,7 @@ public final class CitrixStartCommandWrapper extends CommandWrapper<StartCommand
}
try {
- citrixResourceBase.copyPatchFilesToVR(controlIp, "/tmp/");
+ citrixResourceBase.copyPatchFilesToVR(controlIp, VRScripts.CONFIG_CACHE_LOCATION);
VirtualRoutingResource vrResource = citrixResourceBase.getVirtualRoutingResource();
if (!vrResource.isSystemVMSetup(vmName, controlIp)) {
String errMsg = "Failed to patch systemVM";
diff --git a/scripts/vm/hypervisor/xenserver/vmops b/scripts/vm/hypervisor/xenserver/vmops
index de5feb06d2..f1e3b288db 100755
--- a/scripts/vm/hypervisor/xenserver/vmops
+++ b/scripts/vm/hypervisor/xenserver/vmops
@@ -254,7 +254,7 @@ def runPatchScriptInDomr(session, args):
txt=""
try:
target = "root@" + domrip
- txt = util.pread2(['ssh','-p','3922','-i','/root/.ssh/id_rsa.cloud', target, "/bin/bash","/tmp/patch-sysvms.sh"])
+ txt = util.pread2(['ssh','-p','3922','-i','/root/.ssh/id_rsa.cloud', target, "/bin/bash","/var/cache/cloud/patch-sysvms.sh"])
txt = 'succ#' + txt
except:
logging.debug("failed to run patch script in systemVM with IP: " + domrip)
diff --git a/systemvm/debian/opt/cloud/bin/setup/bootstrap.sh b/systemvm/debian/opt/cloud/bin/setup/bootstrap.sh
index 4720237543..3670010c5e 100755
--- a/systemvm/debian/opt/cloud/bin/setup/bootstrap.sh
+++ b/systemvm/debian/opt/cloud/bin/setup/bootstrap.sh
@@ -55,7 +55,7 @@ patch_systemvm() {
}
patch() {
- local PATCH_MOUNT=/tmp/
+ local PATCH_MOUNT=/var/cache/cloud/
local logfile="/var/log/patchsystemvm.log"
if [ "$TYPE" == "consoleproxy" ] || [ "$TYPE" == "secstorage" ] && [ -f ${PATCH_MOUNT}/agent.zip ] && [ -f /var/cache/cloud/patch.required ]
diff --git a/systemvm/debian/opt/cloud/bin/setup/cloud-early-config b/systemvm/debian/opt/cloud/bin/setup/cloud-early-config
index d76079b69e..7819121463 100755
--- a/systemvm/debian/opt/cloud/bin/setup/cloud-early-config
+++ b/systemvm/debian/opt/cloud/bin/setup/cloud-early-config
@@ -41,7 +41,7 @@ validate_checksums() {
}
patch() {
- local PATCH_MOUNT=/tmp
+ local PATCH_MOUNT=/var/cache/cloud
local PATCH_SCRIPTS=cloud-scripts.tgz
local oldpatchfile=/usr/share/cloud/$PATCH_SCRIPTS
local patchfile=$PATCH_MOUNT/$PATCH_SCRIPTS
@@ -97,8 +97,8 @@ patch() {
}
cleanup() {
- rm -rf /tmp/agent.zip
- mv /tmp/cloud-scripts.tgz /usr/share/cloud/cloud-scripts.tgz
+ rm -rf /var/cache/cloud/agent.zip
+ mv /var/cache/cloud/cloud-scripts.tgz /usr/share/cloud/cloud-scripts.tgz
}
start() {
diff --git a/systemvm/patch-sysvms.sh b/systemvm/patch-sysvms.sh
index 62e0dd6f1a..c2083369be 100644
--- a/systemvm/patch-sysvms.sh
+++ b/systemvm/patch-sysvms.sh
@@ -17,9 +17,9 @@
# under the License.
PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin"
-backupfolder=/tmp/bkpup_live_patch
+backupfolder=/var/cache/cloud/bkpup_live_patch
logfile="/var/log/livepatchsystemvm.log"
-newpath="/tmp/"
+newpath="/var/cache/cloud/"
CMDLINE=/var/cache/cloud/cmdline
md5file=/var/cache/cloud/cloud-scripts-signature
svcfile=/var/cache/cloud/enabled_svcs
@@ -89,6 +89,9 @@ restart_services() {
return
fi
done < "$svcfile"
+ if [ "$TYPE" == "consoleproxy" ]; then
+ iptables -A INPUT -i eth2 -p tcp -m state --state NEW -m tcp --dport 8080 -j ACCEPT
+ fi
}
cleanup_systemVM() {