You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@vcl.apache.org by fa...@apache.org on 2011/10/10 21:30:55 UTC
svn commit: r1181159 -
/incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm
Author: fapeeler
Date: Mon Oct 10 19:30:54 2011
New Revision: 1181159
URL: http://svn.apache.org/viewvc?rev=1181159&view=rev
Log:
VCL-528
VCL-30
Added initial support to handle exclude_list on Linux OS
Added call to process_connect_methods on clean-up for imaging and reclaim.
Modified:
incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm
Modified: incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm
URL: http://svn.apache.org/viewvc/incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm?rev=1181159&r1=1181158&r2=1181159&view=diff
==============================================================================
--- incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm (original)
+++ incubator/vcl/trunk/managementnode/lib/VCL/Module/OS/Linux.pm Mon Oct 10 19:30:54 2011
@@ -112,6 +112,13 @@ sub pre_capture {
my $computer_node_name = $self->data->get_computer_node_name();
notify($ERRORS{'OK'}, 0, "beginning Linux-specific image capture preparation tasks");
+
+ if (!$self->file_exists("/root/.vclcontrol/vcl_exclude_list.sample")) {
+ notify($ERRORS{'DEBUG'}, 0, "/root/.vclcontrol/vcl_exclude_list.sample does not exists");
+ if(!$self->generate_vclcontrol_sample_files() ){
+ notify($ERRORS{'DEBUG'}, 0, "could not create /root/.vclcontrol/vcl_exclude_list.sample");
+ }
+ }
# Force user off computer
if (!$self->logoff_user()) {
@@ -123,6 +130,11 @@ sub pre_capture {
notify($ERRORS{'OK'}, 0, "deleted user from $computer_node_name");
}
+ #Clean up connection methods
+ if($self->process_connect_methods() ){
+ notify($ERRORS{'OK'}, 0, "processed connection methods on $computer_node_name");
+ }
+
# Try to clear /tmp
if ($self->execute("/usr/sbin/tmpwatch -f 0 /tmp; /bin/cp /dev/null /var/log/wtmp")) {
notify($ERRORS{'DEBUG'}, 0, "cleared /tmp on $computer_node_name");
@@ -132,30 +144,57 @@ sub pre_capture {
if (!$self->clear_private_keys()) {
notify($ERRORS{'WARNING'}, 0, "unable to clear known identity keys");
}
+
+ #Fetch exclude_list
+ my @exclude_list = $self->get_exclude_list();
+
+ if (@exclude_list ) {
+ notify($ERRORS{'DEBUG'}, 0, "skipping files listed in exclude_list\n" . join("\n", @exclude_list));
+ }
- # Clear files
- if (!$self->clear_known_files()) {
- notify($ERRORS{'WARNING'}, 0, "unable to remove known files");
+ #Remove files
+ if(!(grep( /70-persistent-net.rules/ , @exclude_list ) ) ){
+ if(!$self->delete_file("/etc/udev/rules.d/70-persistent-net.rules")){
+ notify($ERRORS{'WARNING'}, 0, "unable to remove /etc/udev/rules.d/70-persistent-net.rules");
+ }
}
-
+
+ if(!(grep( /\/var\/log\/secure/ , @exclude_list ) ) ){
+ if(!$self->delete_file("/var/log/secure")){
+ notify($ERRORS{'WARNING'}, 0, "unable to remove /var/log/secure");
+ }
+ }
+
+ if(!(grep( /\/var\/log\/messages/ , @exclude_list ) ) ){
+ if(!$self->delete_file("/var/log/messages")){
+ notify($ERRORS{'WARNING'}, 0, "unable to remove /var/log/secure");
+ }
+ }
+
# Write /etc/rc.local script
- if (!$self->generate_rc_local()){
- notify($ERRORS{'WARNING'}, 0, "unable to generate /etc/rc.local script on $computer_node_name");
- return;
+ if(!(grep( /rc.local/ , @exclude_list ) ) ){
+ if (!$self->generate_rc_local()){
+ notify($ERRORS{'WARNING'}, 0, "unable to generate /etc/rc.local script on $computer_node_name");
+ return;
+ }
}
# Generate external_sshd_config
- if(!$self->generate_ext_sshd_config()){
- notify($ERRORS{'WARNING'}, 0, "unable to generate /etc/ssh/external_sshd_config on $computer_node_name");
- return;
+ if(!(grep( /\/etc\/ssh\/external_sshd_config/ , @exclude_list ) ) ){
+ if(!$self->generate_ext_sshd_config()){
+ notify($ERRORS{'WARNING'}, 0, "unable to generate /etc/ssh/external_sshd_config on $computer_node_name");
+ return;
+ }
}
# Generate ext_sshd init script
- if(!$self->generate_ext_sshd_init()){
- notify($ERRORS{'WARNING'}, 0, "unable to generate /etc/init.d/ext_sshd on $computer_node_name");
- return;
+ if(!(grep( /init.d\/ext_sshd/ , @exclude_list ) ) ){
+ if(!$self->generate_ext_sshd_init()){
+ notify($ERRORS{'WARNING'}, 0, "unable to generate /etc/init.d/ext_sshd on $computer_node_name");
+ return;
+ }
}
-
+
# Configure the private and public interfaces to use DHCP
if (!$self->enable_dhcp()) {
notify($ERRORS{'WARNING'}, 0, "failed to enable DHCP on the public and private interfaces");
@@ -436,42 +475,6 @@ sub clear_private_keys {
#/////////////////////////////////////////////////////////////////////////////
-=head2 clear_known_files
-
- Parameters :
- Returns :
- Description :
-
-=cut
-
-sub clear_known_files {
- my $self = shift;
- unless (ref($self) && $self->isa('VCL::Module')) {
- notify($ERRORS{'CRITICAL'}, 0, "subroutine can only be called as a VCL::Module module object method");
- return;
- }
-
- notify($ERRORS{'DEBUG'}, 0, "perparing to clear known files");
- my $management_node_keys = $self->data->get_management_node_keys();
- my $computer_short_name = $self->data->get_computer_short_name();
- my $computer_node_name = $self->data->get_computer_node_name();
-
- my $filelist = "/etc/udev/rules.d/70-persistent-net.rules";
-
- #Clear ssh idenity keys from /root/.ssh
- my $clear_known_files = "/bin/rm -f $filelist";
- if (run_ssh_command($computer_node_name, $management_node_keys, $clear_known_files, "root")) {
- notify($ERRORS{'DEBUG'}, 0, "cleared known files, filelist: $filelist");
- return 1;
- }
- else {
- notify($ERRORS{'CRITICAL'}, 0, "failed to clear known files");
- return 0;
- }
-}
-
-#/////////////////////////////////////////////////////////////////////////////
-
=head2 set_static_public_address
Parameters : none
@@ -1035,6 +1038,11 @@ sub sanitize {
#relcaim will reload
return 0;
}
+
+ #Clean up connection methods
+ if($self->process_connect_methods() ){
+ notify($ERRORS{'OK'}, 0, "processed connection methods on $computer_node_name");
+ }
# Delete all user associated with the reservation
if ($self->delete_user()) {
@@ -2159,6 +2167,8 @@ sub generate_rc_local {
push(@array2print, '# should be put into /etc/init.d/vcl_post_reserve or /etc/init.d/vcl_post_load' . "\n");
push(@array2print, '# Note these files do not exist by default.' . "\n");
push(@array2print, "\n");
+ push(@array2print, "#Use the /root/.vclcontrol/vcl_exclude_list to prevent vcld from updating this file.");
+ push(@array2print, "\n");
push(@array2print, 'touch /var/lock/subsys/local' . "\n");
push(@array2print, "\n");
push(@array2print, 'IP0=$(ifconfig eth0 | grep inet | awk \'{print $2}\' | awk -F: \'{print $2}\')' . "\n");
@@ -3438,15 +3448,114 @@ sub disable_firewall_port {
notify($ERRORS{'DEBUG'}, 0, "executed command $command on $computer_node_name");
}
else {
- notify($ERRORS{'WARNING'}, 0, "output from iptables:" . join("\n", @$output));
+ notify($ERRORS{'WARNING'}, 0, "output from iptables:" . join("\n", @$output_iptables));
}
return 1;
}
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 get_exclude_list
+
+ Parameters : none
+ Returns : array, empty or contents of exclude list
+ Description :
+
+=cut
+
+sub get_exclude_list {
+ my $self = shift;
+ if (ref($self) !~ /VCL::Module/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a function, it must be called as a class method");
+ return;
+ }
+
+ my $computer_node_name = $self->data->get_computer_node_name();
+
+ # Does /etc/vcl_exclude_list exists
+ my $filename = "/root/.vclcontrol/vcl_exclude_list";
+ if(!$self->file_exists($filename) ) {
+ return;
+ }
+
+ #Get the list
+ my $command = "cat $filename";
+ my ($status,$output) = $self->execute($command);
+
+ if (!defined($output)) {
+ notify($ERRORS{'DEBUG'}, 0, "empty exclude_list from $computer_node_name");
+ return;
+ }
+
+ return @$output;
+
+}
+
+#/////////////////////////////////////////////////////////////////////////////
+
+=head2 generate_exclude_list_sample
+
+ Parameters : none
+ Returns :boolean
+ Description : Generates sample exclude list for users to assist in customizing
+
+=cut
+
+sub generate_vclcontrol_sample_files {
+
+ my $self = shift;
+ if (ref($self) !~ /VCL::Module/i) {
+ notify($ERRORS{'CRITICAL'}, 0, "subroutine was called as a function, it must be called as a class method");
+ return;
+ }
+
+ my $request_id = $self->data->get_request_id();
+ my $management_node_keys = $self->data->get_management_node_keys();
+ my $computer_short_name = $self->data->get_computer_short_name();
+ my $computer_node_name = $self->data->get_computer_node_name();
+
+ my @array2print;
+
+ push(@array2print, '#' . "\n");
+ push(@array2print, '# /root/.vclcontrol/vcl_exclude_list' . "\n");
+ push(@array2print, '# List any files here that vcld should exclude updating during the capture process' . "\n");
+ push(@array2print, "# Format is one file per line including the full path name". "\n");
+ push(@array2print, "\n");
+
+ #write to tmpfile
+ my $tmpfile = "/tmp/$request_id.vcl_exclude_list.sample";
+ if (open(TMP, ">$tmpfile")) {
+ print TMP @array2print;
+ close(TMP);
+ }
+ else {
+ #print "could not write $tmpfile $!\n";
+ notify($ERRORS{'OK'}, 0, "could not write $tmpfile $!");
+ return 0;
+ }
+
+ # Make directory
+ my $mkdir = "mkdir /root/.vclcontrol";
+
+ if($self->execute($mkdir)) {
+ notify($ERRORS{'DEBUG'}, 0, "created /root/.vclcontrol directory");
+ }
+
+ #copy to node
+ if (run_scp_command($tmpfile, "$computer_node_name:/root/.vclcontrol/vcl_exclude_list.sample", $management_node_keys)) {
+ }
+ else{
+ return 0;
+ }
+
+ return 1;
+
+}
##/////////////////////////////////////////////////////////////////////////////
+
1;
__END__