You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cloudstack.apache.org by ro...@apache.org on 2019/01/16 08:08:48 UTC

[cloudstack] branch agent-reconnect-fix created (now 919bb39)

This is an automated email from the ASF dual-hosted git repository.

rohit pushed a change to branch agent-reconnect-fix
in repository https://gitbox.apache.org/repos/asf/cloudstack.git.


      at 919bb39  restart logic is not necessary, the agent will attempt reconnect when old ks/certs are invalid

This branch includes the following new commits:

     new 658dae4  keystore: restart systemvm cloud.service only when old keystore exist
     new 919bb39  restart logic is not necessary, the agent will attempt reconnect when old ks/certs are invalid

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.

[cloudstack] 02/02: restart logic is not necessary, the agent will attempt reconnect when old ks/certs are invalid

Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.

rohit pushed a commit to branch agent-reconnect-fix
in repository https://gitbox.apache.org/repos/asf/cloudstack.git

commit 919bb3959b045e158d629015b76101785357fb49
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Jan 16 13:38:19 2019 +0530

    restart logic is not necessary, the agent will attempt reconnect when old ks/certs are invalid
    
    Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
 scripts/util/keystore-cert-import | 10 ----------
 1 file changed, 10 deletions(-)

diff --git a/scripts/util/keystore-cert-import b/scripts/util/keystore-cert-import
index 6a2f1ac..424ab4a 100755
--- a/scripts/util/keystore-cert-import
+++ b/scripts/util/keystore-cert-import
@@ -41,12 +41,6 @@ fi
 # Use a new keystore file
 NEW_KS_FILE="$KS_FILE.new"
 
-# Check/store old KS state
-OLD_KS_FILE_EXISTS=false
-if [ -f $KS_FILE ]; then
-    OLD_KS_FILE_EXISTS=true
-fi
-
 # Import certificate
 if [ ! -z "${CERT// }" ]; then
     echo "$CERT" > "$CERT_FILE"
@@ -104,10 +98,6 @@ if [ -f "$SYSTEM_FILE" ]; then
     chmod 755 /usr/local/share/ca-certificates/cloudstack
     chmod 644 /usr/local/share/ca-certificates/cloudstack/ca.crt
     update-ca-certificates > /dev/null 2>&1 || true
-    # Restart cloud service if keystore was changed
-    if [ "$MODE" == "ssh" ] && $OLD_KS_FILE_EXISTS; then
-        systemctl restart cloud > /dev/null 2>&1
-    fi
 fi
 
 # Fix file permission

[cloudstack] 01/02: keystore: restart systemvm cloud.service only when old keystore exist

Posted by ro...@apache.org.
This is an automated email from the ASF dual-hosted git repository.

rohit pushed a commit to branch agent-reconnect-fix
in repository https://gitbox.apache.org/repos/asf/cloudstack.git

commit 658dae49f25f7875180ace072e59e23e5db03ce9
Author: Rohit Yadav <ro...@shapeblue.com>
AuthorDate: Wed Jan 16 13:31:13 2019 +0530

    keystore: restart systemvm cloud.service only when old keystore exist
    
    This ensures that the systemvm agent (cloud.service) is not restarted
    when old keystore does not exist. However, on subsequent reboots of
    systemvm this will try to restart cloud.service after importing X509
    certificates.
    
    Signed-off-by: Rohit Yadav <ro...@shapeblue.com>
---
 scripts/util/keystore-cert-import | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/scripts/util/keystore-cert-import b/scripts/util/keystore-cert-import
index 96196d9..6a2f1ac 100755
--- a/scripts/util/keystore-cert-import
+++ b/scripts/util/keystore-cert-import
@@ -41,6 +41,12 @@ fi
 # Use a new keystore file
 NEW_KS_FILE="$KS_FILE.new"
 
+# Check/store old KS state
+OLD_KS_FILE_EXISTS=false
+if [ -f $KS_FILE ]; then
+    OLD_KS_FILE_EXISTS=true
+fi
+
 # Import certificate
 if [ ! -z "${CERT// }" ]; then
     echo "$CERT" > "$CERT_FILE"
@@ -98,11 +104,10 @@ if [ -f "$SYSTEM_FILE" ]; then
     chmod 755 /usr/local/share/ca-certificates/cloudstack
     chmod 644 /usr/local/share/ca-certificates/cloudstack/ca.crt
     update-ca-certificates > /dev/null 2>&1 || true
-fi
-
-# Restart cloud service if we're in systemvm
-if [ "$MODE" == "ssh" ] && [ -f $SYSTEM_FILE ]; then
-    systemctl restart cloud > /dev/null 2>&1
+    # Restart cloud service if keystore was changed
+    if [ "$MODE" == "ssh" ] && $OLD_KS_FILE_EXISTS; then
+        systemctl restart cloud > /dev/null 2>&1
+    fi
 fi
 
 # Fix file permission