rhtyd commented on a change in pull request #5110: URL: https://github.com/apache/cloudstack/pull/5110#discussion_r660429637
########## File path: packaging/suse/cloud-ipallocator.rc ########## @@ -0,0 +1,96 @@ +#!/bin/bash +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# chkconfig: 35 99 10 +# description: Cloud Agent Review comment: @davidjumani is this file used somehow/where? ########## File path: packaging/suse/cloud.spec ########## @@ -0,0 +1,641 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +%define __os_install_post %{nil} +%global debug_package %{nil} + +# DISABLE the post-percentinstall java repacking and line number stripping +# we need to find a way to just disable the java repacking and line number stripping, but not the autodeps + +Name: cloudstack +Summary: CloudStack IaaS Platform +#http://fedoraproject.org/wiki/PackageNamingGuidelines#Pre-Release_packages +%define _maventag %{_fullver} +Release: %{_rel}%{dist} + +%define __python python3 +%{!?python_sitearch: %define python_sitearch %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib(1))")} + +Version: %{_ver} +License: ASL 2.0 +Vendor: Apache CloudStack <d...@cloudstack.apache.org> +Packager: Apache CloudStack <d...@cloudstack.apache.org> +Group: System Environment/Libraries +# FIXME do groups for every single one of the subpackages +Source0: %{name}-%{_maventag}.tgz +BuildRoot: %{_tmppath}/%{name}-%{_maventag}-%{release}-build + +BuildRequires: java-11-openjdk-devel +#BuildRequires: ws-commons-util +BuildRequires: jpackage-utils +BuildRequires: gcc +BuildRequires: glibc-devel +BuildRequires: /usr/bin/mkisofs +BuildRequires: maven => 3.0.0 +BuildRequires: python3-setuptools +BuildRequires: wget +BuildRequires: nodejs + +%description +CloudStack is a highly-scalable elastic, open source, +intelligent IaaS cloud implementation. + +%package management +Summary: CloudStack management server UI +Requires: java-11-openjdk +Requires: python3 +Requires: bash +Requires: gawk +Requires: bzip2 +Requires: gzip +Requires: unzip +Requires: /sbin/mount.nfs +Requires: openssh +Requires: nfs-utils +Requires: nfs-client +Requires: iproute +Requires: wget +Requires: mysql +Requires: sudo +Requires: /sbin/service +Requires: /sbin/chkconfig +Requires: /usr/bin/ssh-keygen +Requires: mkisofs +Requires: ipmitool +Requires: %{name}-common = %{_ver} +Requires: qemu-tools +Requires: python3-pip +Requires: python3-setuptools +Requires: libgcrypt20 +Group: System Environment/Libraries +%description management +The CloudStack management server is the central point of coordination, +management, and intelligence in CloudStack. + +%package common +Summary: Apache CloudStack common files and scripts +Requires: python3 +Group: System Environment/Libraries +%description common +The Apache CloudStack files shared between agent and management server +%global __requires_exclude ^(libuuid\\.so\\.1|/usr/bin/python)$ + +%package agent +Summary: CloudStack Agent for KVM hypervisors +Requires: openssh +Requires: java-11-openjdk +Requires: %{name}-common = %{_ver} +Requires: libvirt +Requires: ebtables +Requires: iptables +Requires: selinux-tools +Requires: ethtool +Requires: net-tools +Requires: net-tools-deprecated +Requires: iproute +Requires: ipset +Requires: perl +Requires: python3-libvirt-python +Requires: qemu-kvm +Requires: libgcrypt20 +Requires: qemu-tools +Provides: cloud-agent +Group: System Environment/Libraries +%description agent +The CloudStack agent for KVM hypervisors + +%package baremetal-agent +Summary: CloudStack baremetal agent +Requires: tftp-server +Requires: xinetd +Requires: syslinux +Requires: chkconfig +Requires: dhcp +Requires: httpd +Group: System Environment/Libraries +%description baremetal-agent +The CloudStack baremetal agent + +%package usage +Summary: CloudStack Usage calculation server +Requires: java-11-openjdk +Group: System Environment/Libraries +%description usage +The CloudStack usage calculation service + +%package ui +Summary: CloudStack UI +Group: System Environment/Libraries +%description ui +The CloudStack UI + +%package cli +Summary: Apache CloudStack CLI +Provides: python-marvin +Group: System Environment/Libraries +%description cli +Apache CloudStack command line interface + +%package marvin +Summary: Apache CloudStack Marvin library +Requires: python3-pip +Requires: python2-pip +Requires: gcc +Requires: python3-devel +Requires: python2-devel +Requires: libffi-devel +Requires: openssl-devel +Group: System Environment/Libraries +%description marvin +Apache CloudStack Marvin library + +%package integration-tests +Summary: Apache CloudStack Marvin integration tests +Requires: %{name}-marvin = %{_ver} +Group: System Environment/Libraries +%description integration-tests +Apache CloudStack Marvin integration tests + +%if "%{_ossnoss}" == "noredist" +%package mysql-ha +Summary: Apache CloudStack Balancing Strategy for MySQL +Group: System Environmnet/Libraries +%description mysql-ha +Apache CloudStack Balancing Strategy for MySQL + +%endif + +%prep +echo Doing CloudStack build + +%setup -q -n %{name}-%{_maventag} + +%build + +cp packaging/centos8/replace.properties build/replace.properties +echo VERSION=%{_maventag} >> build/replace.properties +echo PACKAGE=%{name} >> build/replace.properties +touch build/gitrev.txt +echo $(git rev-parse HEAD) > build/gitrev.txt + +if [ "%{_ossnoss}" == "NOREDIST" -o "%{_ossnoss}" == "noredist" ] ; then + echo "Adding noredist flag to the maven build" + FLAGS="$FLAGS -Dnoredist" +fi + +if [ "%{_sim}" == "SIMULATOR" -o "%{_sim}" == "simulator" ] ; then + echo "Adding simulator flag to the maven build" + FLAGS="$FLAGS -Dsimulator" +fi + +mvn -Psystemvm,developer $FLAGS clean package +cd ui && npm install && npm run build && cd .. + +%install +[ ${RPM_BUILD_ROOT} != "/" ] && rm -rf ${RPM_BUILD_ROOT} +# Common directories +mkdir -p ${RPM_BUILD_ROOT}%{_bindir} +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/agent +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/ipallocator +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/%{name}/management/work +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/cache/%{name}/management/temp +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/%{name}/mnt +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/%{name}/management +mkdir -p ${RPM_BUILD_ROOT}%{_initrddir} +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/default +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/sudoers.d + +# Common +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/scripts +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/vms +mkdir -p ${RPM_BUILD_ROOT}%{python_sitearch}/ +mkdir -p ${RPM_BUILD_ROOT}/usr/bin +cp -r scripts/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/scripts +install -D systemvm/dist/systemvm.iso ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/vms/systemvm.iso +install python/lib/cloud_utils.py ${RPM_BUILD_ROOT}%{python_sitearch}/cloud_utils.py +cp -r python/lib/cloudutils ${RPM_BUILD_ROOT}%{python_sitearch}/ +python3 -m py_compile ${RPM_BUILD_ROOT}%{python_sitearch}/cloud_utils.py +python3 -m compileall ${RPM_BUILD_ROOT}%{python_sitearch}/cloudutils +cp build/gitrev.txt ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/scripts +cp packaging/centos8/cloudstack-sccs ${RPM_BUILD_ROOT}/usr/bin + +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/scripts/network/cisco +cp -r plugins/network-elements/cisco-vnmc/src/main/scripts/network/cisco/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/scripts/network/cisco + +# Management +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/ +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/lib +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/management +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/management +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/run +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup/wheel + +# Setup Jetty +ln -sf /etc/%{name}/management ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/conf +ln -sf /var/log/%{name}/management ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/logs + +install -D client/target/utilities/bin/cloud-migrate-databases ${RPM_BUILD_ROOT}%{_bindir}/%{name}-migrate-databases +install -D client/target/utilities/bin/cloud-set-guest-password ${RPM_BUILD_ROOT}%{_bindir}/%{name}-set-guest-password +install -D client/target/utilities/bin/cloud-set-guest-sshkey ${RPM_BUILD_ROOT}%{_bindir}/%{name}-set-guest-sshkey +install -D client/target/utilities/bin/cloud-setup-databases ${RPM_BUILD_ROOT}%{_bindir}/%{name}-setup-databases +install -D client/target/utilities/bin/cloud-setup-encryption ${RPM_BUILD_ROOT}%{_bindir}/%{name}-setup-encryption +install -D client/target/utilities/bin/cloud-setup-management ${RPM_BUILD_ROOT}%{_bindir}/%{name}-setup-management +install -D client/target/utilities/bin/cloud-setup-baremetal ${RPM_BUILD_ROOT}%{_bindir}/%{name}-setup-baremetal +install -D client/target/utilities/bin/cloud-sysvmadm ${RPM_BUILD_ROOT}%{_bindir}/%{name}-sysvmadm +install -D client/target/utilities/bin/cloud-update-xenserver-licenses ${RPM_BUILD_ROOT}%{_bindir}/%{name}-update-xenserver-licenses + +cp -r client/target/utilities/scripts/db/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup + +cp -r client/target/cloud-client-ui-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/ +cp -r client/target/classes/META-INF/webapp ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapp +cp ui/dist/config.json ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/management/ +cp -r ui/dist/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapp/ +rm -f ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapp/config.json +ln -sf /etc/%{name}/management/config.json ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapp/config.json +mv ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/cloud-client-ui-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/lib/cloudstack-%{_maventag}.jar +cp client/target/lib/*jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/lib/ + +# Don't package the scripts in the management webapp +rm -rf ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapps/client/WEB-INF/classes/scripts +rm -rf ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/webapps/client/WEB-INF/classes/vms + +for name in db.properties server.properties log4j-cloud.xml environment.properties java.security.ciphers +do + cp client/target/conf/$name ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/management/$name +done + +ln -sf log4j-cloud.xml ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/management/log4j.xml + +install python/bindir/cloud-external-ipallocator.py ${RPM_BUILD_ROOT}%{_bindir}/%{name}-external-ipallocator.py +install -D client/target/pythonlibs/jasypt-1.9.3.jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-common/lib/jasypt-1.9.3.jar + +install -D packaging/centos8/cloud-ipallocator.rc ${RPM_BUILD_ROOT}%{_initrddir}/%{name}-ipallocator +install -D packaging/centos8/cloud.limits ${RPM_BUILD_ROOT}%{_sysconfdir}/security/limits.d/cloud +install -D packaging/systemd/cloudstack-management.service ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-management.service +install -D packaging/systemd/cloudstack-management.default ${RPM_BUILD_ROOT}%{_sysconfdir}/default/%{name}-management +install -D server/target/conf/cloudstack-sudoers ${RPM_BUILD_ROOT}%{_sysconfdir}/sudoers.d/%{name}-management +touch ${RPM_BUILD_ROOT}%{_localstatedir}/run/%{name}-management.pid +#install -D server/target/conf/cloudstack-catalina.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}-catalina + +# UI +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/ui +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-ui/ +cp ui/dist/config.json ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/ui/ +cp -r ui/dist/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-ui/ +rm -f ${RPM_BUILD_ROOT}%{_datadir}/%{name}-ui/config.json +ln -sf /etc/%{name}/ui/config.json ${RPM_BUILD_ROOT}%{_datadir}/%{name}-ui/config.json + +# Package mysql-connector-python +wget -P ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup/wheel https://files.pythonhosted.org/packages/ee/ff/48bde5c0f013094d729fe4b0316ba2a24774b3ff1c52d924a8a4cb04078a/six-1.15.0-py2.py3-none-any.whl +wget -P ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup/wheel https://files.pythonhosted.org/packages/e9/93/4860cebd5ad3ff2664ad3c966490ccb46e3b88458b2095145bca11727ca4/setuptools-47.3.1-py3-none-any.whl +wget -P ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup/wheel https://files.pythonhosted.org/packages/28/05/9867ef8eafd12265267bee138fa2c46ebf34a276ea4cbe184cba4c606e8b/protobuf-3.12.2-cp36-cp36m-manylinux1_x86_64.whl +wget -P ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/setup/wheel https://files.pythonhosted.org/packages/d1/53/4cf90d2fe81b9cdb55dc180951bcec44ea8685665f1bdb1412501dc362dd/mysql_connector_python-8.0.20-cp36-cp36m-manylinux1_x86_64.whl + +chmod 440 ${RPM_BUILD_ROOT}%{_sysconfdir}/sudoers.d/%{name}-management +chmod 770 ${RPM_BUILD_ROOT}%{_localstatedir}/%{name}/mnt +chmod 770 ${RPM_BUILD_ROOT}%{_localstatedir}/%{name}/management +chmod 770 ${RPM_BUILD_ROOT}%{_localstatedir}/cache/%{name}/management/work +chmod 770 ${RPM_BUILD_ROOT}%{_localstatedir}/cache/%{name}/management/temp +chmod 770 ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/management +chmod 770 ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/agent + +# KVM Agent +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/agent +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/agent +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/plugins +install -D packaging/systemd/cloudstack-agent.service ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-agent.service +install -D packaging/systemd/cloudstack-rolling-maintenance@.service ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-rolling-maintenance@.service +install -D packaging/systemd/cloudstack-agent.default ${RPM_BUILD_ROOT}%{_sysconfdir}/default/%{name}-agent +install -D agent/target/transformed/agent.properties ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/agent/agent.properties +install -D agent/target/transformed/environment.properties ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/agent/environment.properties +install -D agent/target/transformed/log4j-cloud.xml ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/agent/log4j-cloud.xml +install -D agent/target/transformed/cloud-setup-agent ${RPM_BUILD_ROOT}%{_bindir}/%{name}-setup-agent +install -D agent/target/transformed/cloudstack-agent-upgrade ${RPM_BUILD_ROOT}%{_bindir}/%{name}-agent-upgrade +install -D agent/target/transformed/cloud-guest-tool ${RPM_BUILD_ROOT}%{_bindir}/%{name}-guest-tool +install -D agent/target/transformed/libvirtqemuhook ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib/libvirtqemuhook +install -D agent/target/transformed/rolling-maintenance ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib/rolling-maintenance +install -D agent/target/transformed/cloud-ssh ${RPM_BUILD_ROOT}%{_bindir}/%{name}-ssh +install -D agent/target/transformed/cloudstack-agent-profile.sh ${RPM_BUILD_ROOT}%{_sysconfdir}/profile.d/%{name}-agent-profile.sh +install -D agent/target/transformed/cloudstack-agent.logrotate ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d/%{name}-agent +install -D plugins/hypervisors/kvm/target/cloud-plugin-hypervisor-kvm-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%name-agent/lib/cloud-plugin-hypervisor-kvm-%{_maventag}.jar +cp plugins/hypervisors/kvm/target/dependencies/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib + +# Usage server +mkdir -p ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/usage +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/lib +install -D usage/target/cloud-usage-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/cloud-usage-%{_maventag}.jar +install -D usage/target/transformed/db.properties ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/usage/db.properties +install -D usage/target/transformed/log4j-cloud_usage.xml ${RPM_BUILD_ROOT}%{_sysconfdir}/%{name}/usage/log4j-cloud.xml +cp usage/target/dependencies/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/lib/ +cp client/target/lib/mysql*jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-usage/lib/ +install -D packaging/systemd/cloudstack-usage.service ${RPM_BUILD_ROOT}%{_unitdir}/%{name}-usage.service +install -D packaging/systemd/cloudstack-usage.default ${RPM_BUILD_ROOT}%{_sysconfdir}/default/%{name}-usage +mkdir -p ${RPM_BUILD_ROOT}%{_localstatedir}/log/%{name}/usage/ + +# CLI +cp -r cloud-cli/cloudtool ${RPM_BUILD_ROOT}%{python_sitearch}/ +install cloud-cli/cloudapis/cloud.py ${RPM_BUILD_ROOT}%{python_sitearch}/cloudapis.py + +# Marvin +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-marvin +cp tools/marvin/dist/Marvin-*.tar.gz ${RPM_BUILD_ROOT}%{_datadir}/%{name}-marvin/ + +# integration-tests +mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-integration-tests +cp -r test/integration/* ${RPM_BUILD_ROOT}%{_datadir}/%{name}-integration-tests/ + +# MYSQL HA +if [ "x%{_ossnoss}" == "xnoredist" ] ; then + mkdir -p ${RPM_BUILD_ROOT}%{_datadir}/%{name}-mysql-ha/lib + cp -r plugins/database/mysql-ha/target/cloud-plugin-database-mysqlha-%{_maventag}.jar ${RPM_BUILD_ROOT}%{_datadir}/%{name}-management/lib +fi + +#License files from whisker +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-management-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-management-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-common-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-common-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-agent-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-agent-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-usage-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-usage-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-ui-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-ui-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-cli-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-cli-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-marvin-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-marvin-%{version}/LICENSE +install -D tools/whisker/NOTICE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-integration-tests-%{version}/NOTICE +install -D tools/whisker/LICENSE ${RPM_BUILD_ROOT}%{_defaultdocdir}/%{name}-integration-tests-%{version}/LICENSE + +%clean +[ ${RPM_BUILD_ROOT} != "/" ] && rm -rf ${RPM_BUILD_ROOT} + +%preun management +/usr/bin/systemctl stop cloudstack-management || true +/usr/bin/systemctl off cloudstack-management || true + +%pre management +id cloud > /dev/null 2>&1 || /usr/sbin/useradd -M -U -c "CloudStack unprivileged user" \ + -r -s /bin/sh -d %{_localstatedir}/cloudstack/management cloud || true + +rm -rf %{_localstatedir}/cache/cloudstack + +# in case of upgrade to 4.9+ copy commands.properties if not exists in /etc/cloudstack/management/ +if [ "$1" == "2" ] ; then + if [ -f "%{_datadir}/%{name}-management/webapps/client/WEB-INF/classes/commands.properties" ] && [ ! -f "%{_sysconfdir}/%{name}/management/commands.properties" ] ; then + cp -p %{_datadir}/%{name}-management/webapps/client/WEB-INF/classes/commands.properties %{_sysconfdir}/%{name}/management/commands.properties + fi +fi + +# Remove old tomcat symlinks and env config file +if [ -L "%{_datadir}/%{name}-management/lib" ] +then + rm -f %{_datadir}/%{name}-management/bin + rm -f %{_datadir}/%{name}-management/lib + rm -f %{_datadir}/%{name}-management/temp + rm -f %{_datadir}/%{name}-management/work + rm -f %{_sysconfdir}/default/%{name}-management +fi + +%post management +# Install mysql-connector-python +pip3 install %{_datadir}/%{name}-management/setup/wheel/six-1.15.0-py2.py3-none-any.whl %{_datadir}/%{name}-management/setup/wheel/setuptools-47.3.1-py3-none-any.whl %{_datadir}/%{name}-management/setup/wheel/protobuf-3.12.2-cp36-cp36m-manylinux1_x86_64.whl %{_datadir}/%{name}-management/setup/wheel/mysql_connector_python-8.0.20-cp36-cp36m-manylinux1_x86_64.whl + +/usr/bin/systemctl on cloudstack-management > /dev/null 2>&1 || true + +grep -s -q "db.cloud.driver=jdbc:mysql" "%{_sysconfdir}/%{name}/management/db.properties" || sed -i -e "\$adb.cloud.driver=jdbc:mysql" "%{_sysconfdir}/%{name}/management/db.properties" +grep -s -q "db.usage.driver=jdbc:mysql" "%{_sysconfdir}/%{name}/management/db.properties" || sed -i -e "\$adb.usage.driver=jdbc:mysql" "%{_sysconfdir}/%{name}/management/db.properties" +grep -s -q "db.simulator.driver=jdbc:mysql" "%{_sysconfdir}/%{name}/management/db.properties" || sed -i -e "\$adb.simulator.driver=jdbc:mysql" "%{_sysconfdir}/%{name}/management/db.properties" + +if [ ! -f %{_datadir}/cloudstack-common/scripts/vm/hypervisor/xenserver/vhd-util ] ; then + echo Please download vhd-util from http://download.cloudstack.org/tools/vhd-util and put it in + echo %{_datadir}/cloudstack-common/scripts/vm/hypervisor/xenserver/ +fi + +if [ -f %{_sysconfdir}/sysconfig/%{name}-management ] ; then + rm -f %{_sysconfdir}/sysconfig/%{name}-management +fi + +chown -R cloud:cloud /var/log/cloudstack/management + +systemctl daemon-reload + +%preun agent +/sbin/service cloudstack-agent stop || true +if [ "$1" == "0" ] ; then + /sbin/chkconfig --del cloudstack-agent > /dev/null 2>&1 || true +fi + +%pre agent + +# save old configs if they exist (for upgrade). Otherwise we may lose them +# when the old packages are erased. There are a lot of properties files here. +if [ -d "%{_sysconfdir}/cloud" ] ; then + mv %{_sysconfdir}/cloud %{_sysconfdir}/cloud.rpmsave +fi + +%post agent +if [ "$1" == "2" ] ; then + echo "Running %{_bindir}/%{name}-agent-upgrade to update bridge name for upgrade from CloudStack 4.0.x (and before) to CloudStack 4.1 (and later)" + %{_bindir}/%{name}-agent-upgrade +fi +if [ ! -d %{_sysconfdir}/libvirt/hooks ] ; then + mkdir %{_sysconfdir}/libvirt/hooks +fi +cp -a ${RPM_BUILD_ROOT}%{_datadir}/%{name}-agent/lib/libvirtqemuhook %{_sysconfdir}/libvirt/hooks/qemu +mkdir -m 0755 -p /usr/share/cloudstack-agent/tmp +/sbin/service libvirtd restart +/sbin/systemctl enable cloudstack-agent > /dev/null 2>&1 || true +/sbin/systemctl enable cloudstack-rolling-maintenance@p > /dev/null 2>&1 || true + +# if saved configs from upgrade exist, copy them over +if [ -f "%{_sysconfdir}/cloud.rpmsave/agent/agent.properties" ]; then + mv %{_sysconfdir}/%{name}/agent/agent.properties %{_sysconfdir}/%{name}/agent/agent.properties.rpmnew + cp -p %{_sysconfdir}/cloud.rpmsave/agent/agent.properties %{_sysconfdir}/%{name}/agent + # make sure we only do this on the first install of this RPM, don't want to overwrite on a reinstall + mv %{_sysconfdir}/cloud.rpmsave/agent/agent.properties %{_sysconfdir}/cloud.rpmsave/agent/agent.properties.rpmsave +fi + +systemctl daemon-reload + +%pre usage +id cloud > /dev/null 2>&1 || /usr/sbin/useradd -M -U -c "CloudStack unprivileged user" \ + -r -s /bin/sh -d %{_localstatedir}/cloudstack/management cloud|| true + +%preun usage +/sbin/service cloudstack-usage stop || true +if [ "$1" == "0" ] ; then + /sbin/chkconfig --del cloudstack-usage > /dev/null 2>&1 || true +fi + +%post usage +if [ -f "%{_sysconfdir}/%{name}/management/db.properties" ]; then + echo "Replacing usage server's db.properties with a link to the management server's db.properties" + rm -f %{_sysconfdir}/%{name}/usage/db.properties + ln -s %{_sysconfdir}/%{name}/management/db.properties %{_sysconfdir}/%{name}/usage/db.properties + /usr/bin/systemctl enable cloudstack-usage > /dev/null 2>&1 || true +fi + +if [ -f "%{_sysconfdir}/%{name}/management/key" ]; then + echo "Replacing usage server's key with a link to the management server's key" + rm -f %{_sysconfdir}/%{name}/usage/key + ln -s %{_sysconfdir}/%{name}/management/key %{_sysconfdir}/%{name}/usage/key +fi + +if [ ! -f "%{_sysconfdir}/%{name}/usage/key" ]; then + ln -s %{_sysconfdir}/%{name}/management/key %{_sysconfdir}/%{name}/usage/key +fi + +%post marvin +pip install --upgrade https://files.pythonhosted.org/packages/ca/ea/1e2553b088bad2f9fa8120c2624f797b2d7450d3b61bb492d29c72e3d3c2/mysql_connector_python-8.0.20-cp27-cp27mu-manylinux1_x86_64.whl +pip install --upgrade /usr/share/cloudstack-marvin/Marvin-*.tar.gz + +#No default permission as the permission setup is complex +%files management +%defattr(-,root,root,-) +%dir %{_datadir}/%{name}-management +%dir %attr(0770,root,cloud) %{_localstatedir}/%{name}/mnt +%dir %attr(0770,cloud,cloud) %{_localstatedir}/%{name}/management +%dir %attr(0770,root,cloud) %{_localstatedir}/cache/%{name}/management +%dir %attr(0770,root,cloud) %{_localstatedir}/log/%{name}/management +%config(noreplace) %{_sysconfdir}/default/%{name}-management +%config(noreplace) %{_sysconfdir}/sudoers.d/%{name}-management +%config(noreplace) %{_sysconfdir}/security/limits.d/cloud +%config(noreplace) %attr(0640,root,cloud) %{_sysconfdir}/%{name}/management/db.properties +%config(noreplace) %attr(0640,root,cloud) %{_sysconfdir}/%{name}/management/server.properties +%config(noreplace) %attr(0640,root,cloud) %{_sysconfdir}/%{name}/management/config.json +%config(noreplace) %{_sysconfdir}/%{name}/management/log4j-cloud.xml +%config(noreplace) %{_sysconfdir}/%{name}/management/log4j.xml +%config(noreplace) %{_sysconfdir}/%{name}/management/environment.properties +%config(noreplace) %{_sysconfdir}/%{name}/management/java.security.ciphers +%attr(0644,root,root) %{_unitdir}/%{name}-management.service +%attr(0755,cloud,cloud) %{_localstatedir}/run/%{name}-management.pid +%attr(0755,root,root) %{_bindir}/%{name}-setup-management +%attr(0755,root,root) %{_bindir}/%{name}-update-xenserver-licenses +%{_datadir}/%{name}-management/conf +%{_datadir}/%{name}-management/lib/*.jar +%{_datadir}/%{name}-management/logs +%attr(0755,root,root) %{_bindir}/%{name}-setup-databases +%attr(0755,root,root) %{_bindir}/%{name}-migrate-databases +%attr(0755,root,root) %{_bindir}/%{name}-set-guest-password +%attr(0755,root,root) %{_bindir}/%{name}-set-guest-sshkey +%attr(0755,root,root) %{_bindir}/%{name}-sysvmadm +%attr(0755,root,root) %{_bindir}/%{name}-setup-encryption +%{_datadir}/%{name}-management/setup/*.sql +%{_datadir}/%{name}-management/setup/*.sh +%{_datadir}/%{name}-management/setup/server-setup.xml +%{_datadir}/%{name}-management/webapp/* +%attr(0755,root,root) %{_bindir}/%{name}-external-ipallocator.py +%attr(0755,root,root) %{_initrddir}/%{name}-ipallocator +%dir %attr(0770,root,root) %{_localstatedir}/log/%{name}/ipallocator +%{_defaultdocdir}/%{name}-management-%{version}/LICENSE +%{_defaultdocdir}/%{name}-management-%{version}/NOTICE +#%attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name}-catalina +%{_datadir}/%{name}-management/setup/wheel/*.whl + +%files agent +%attr(0755,root,root) %{_bindir}/%{name}-setup-agent +%attr(0755,root,root) %{_bindir}/%{name}-agent-upgrade +%attr(0755,root,root) %{_bindir}/%{name}-guest-tool +%attr(0755,root,root) %{_bindir}/%{name}-ssh +%attr(0644,root,root) %{_unitdir}/%{name}-agent.service +%attr(0644,root,root) %{_unitdir}/%{name}-rolling-maintenance@.service +%config(noreplace) %{_sysconfdir}/default/%{name}-agent +%attr(0644,root,root) %{_sysconfdir}/profile.d/%{name}-agent-profile.sh +%config(noreplace) %attr(0644,root,root) %{_sysconfdir}/logrotate.d/%{name}-agent +%attr(0755,root,root) %{_datadir}/%{name}-common/scripts/network/cisco +%config(noreplace) %{_sysconfdir}/%{name}/agent +%dir %{_localstatedir}/log/%{name}/agent +%attr(0644,root,root) %{_datadir}/%{name}-agent/lib/*.jar +%attr(0755,root,root) %{_datadir}/%{name}-agent/lib/libvirtqemuhook +%attr(0755,root,root) %{_datadir}/%{name}-agent/lib/rolling-maintenance +%dir %{_datadir}/%{name}-agent/plugins +%{_defaultdocdir}/%{name}-agent-%{version}/LICENSE +%{_defaultdocdir}/%{name}-agent-%{version}/NOTICE + +%files common +%dir %attr(0755,root,root) %{python_sitearch}/cloudutils +%dir %attr(0755,root,root) %{_datadir}/%{name}-common/vms +%attr(0755,root,root) %{_datadir}/%{name}-common/scripts +%attr(0755,root,root) /usr/bin/cloudstack-sccs +%attr(0644, root, root) %{_datadir}/%{name}-common/vms/systemvm.iso +%attr(0644,root,root) %{python_sitearch}/cloud_utils.py +%attr(0644,root,root) %{python_sitearch}/__pycache__/* +%attr(0644,root,root) %{python_sitearch}/cloudutils/* +%attr(0644, root, root) %{_datadir}/%{name}-common/lib/jasypt-1.9.3.jar +%{_defaultdocdir}/%{name}-common-%{version}/LICENSE +%{_defaultdocdir}/%{name}-common-%{version}/NOTICE + +%files ui +%config(noreplace) %attr(0640,root,cloud) %{_sysconfdir}/%{name}/ui/config.json +%attr(0644,root,root) %{_datadir}/%{name}-ui/* +%{_defaultdocdir}/%{name}-ui-%{version}/LICENSE +%{_defaultdocdir}/%{name}-ui-%{version}/NOTICE + +%files usage +%attr(0644,root,root) %{_unitdir}/%{name}-usage.service +%config(noreplace) %{_sysconfdir}/default/%{name}-usage +%attr(0644,root,root) %{_datadir}/%{name}-usage/*.jar +%attr(0644,root,root) %{_datadir}/%{name}-usage/lib/*.jar +%dir %attr(0770,root,cloud) %{_localstatedir}/log/%{name}/usage +%attr(0644,root,root) %{_sysconfdir}/%{name}/usage/db.properties +%attr(0644,root,root) %{_sysconfdir}/%{name}/usage/log4j-cloud.xml +%{_defaultdocdir}/%{name}-usage-%{version}/LICENSE +%{_defaultdocdir}/%{name}-usage-%{version}/NOTICE + +%files cli +%attr(0644,root,root) %{python_sitearch}/cloudapis.py +%attr(0644,root,root) %{python_sitearch}/cloudtool/__init__.py +%attr(0644,root,root) %{python_sitearch}/cloudtool/utils.py +%{_defaultdocdir}/%{name}-cli-%{version}/LICENSE +%{_defaultdocdir}/%{name}-cli-%{version}/NOTICE + +%files marvin +%attr(0644,root,root) %{_datadir}/%{name}-marvin/Marvin*.tar.gz +%{_defaultdocdir}/%{name}-marvin-%{version}/LICENSE +%{_defaultdocdir}/%{name}-marvin-%{version}/NOTICE + +%files integration-tests +%attr(0755,root,root) %{_datadir}/%{name}-integration-tests/* +%{_defaultdocdir}/%{name}-integration-tests-%{version}/LICENSE +%{_defaultdocdir}/%{name}-integration-tests-%{version}/NOTICE + +%if "%{_ossnoss}" == "noredist" +%files mysql-ha +%defattr(0644,cloud,cloud,0755) +%attr(0644,root,root) %{_datadir}/%{name}-management/lib/*mysqlha*jar +%endif + +%files baremetal-agent +%attr(0755,root,root) %{_bindir}/cloudstack-setup-baremetal + +%changelog +* Thu Apr 30 2015 Rohit Yadav <bhais...@apache.org> 4.6.0 Review comment: @davidjumani add your new log here ########## File path: packaging/suse/cloudstack-agent.te ########## @@ -0,0 +1,33 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +module cloudstack-agent 1.0; Review comment: @davidjumani what's the purpose of this file? ########## File path: packaging/suse/cloudstack-sccs ########## @@ -0,0 +1,20 @@ +#!/bin/sh + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +cat /usr/share/cloudstack-common/scripts/gitrev.txt Review comment: Check if we bundle/have this at all? ########## File path: python/lib/cloud_utils.py ########## @@ -352,533 +356,6 @@ def preflight_checks(do_check_kvm=True): return preflight_checks -# ========================== CONFIGURATION TASKS ================================ - -# A Task is a function that runs within the context of its run() function that runs the function execute(), which does several things, reporting back to the caller as it goes with the use of yield -# the done() method ought to return true if the task has run in the past -# the execute() method must implement the configuration act itself -# run() wraps the output of execute() within a Starting taskname and a Completed taskname message -# tasks have a name - -class TaskFailed(Exception): pass - #def __init__(self,code,msg): - #Exception.__init__(self,msg) - #self.code = code - -class ConfigTask: - name = "generic config task" - autoMode=False - def __init__(self): pass - def done(self): - """Returns true if the config task has already been done in the past, false if it hasn't""" - return False - def execute(self): - """Executes the configuration task. Must not be run if test() returned true. - Must yield strings that describe the steps in the task. - Raises TaskFailed if the task failed at some step. - """ - def run (self): - stderr("Starting %s"%self.name) - it = self.execute() - if not it: - pass # not a yielding iterable - else: - for msg in it: stderr(msg) - stderr("Completed %s"%self.name) - def setAutoMode(self, autoMode): - self.autoMode = autoMode - def isAutoMode(self): - return self.autoMode - - -# ============== these are some configuration tasks ================== - -class SetupNetworking(ConfigTask): - name = "network setup" - def __init__(self,brname, pubNic, prvNic): - ConfigTask.__init__(self) - self.brname = brname - self.pubNic = pubNic - self.prvNic = prvNic - self.runtime_state_changed = False - self.was_nm_service_running = None - self.was_net_service_running = None - if distro in (Fedora, CentOS, RHEL6): - self.nmservice = 'NetworkManager' - self.netservice = 'network' - else: - self.nmservice = 'network-manager' - self.netservice = 'networking' - - - def done(self): - try: - alreadysetup = False - if distro in (Fedora,CentOS, RHEL6): - if self.pubNic != None: - alreadysetup = alreadysetup or augtool._print("/files/etc/sysconfig/network-scripts/ifcfg-%s"%self.pubNic).stdout.strip() - if self.prvNic != None: - alreadysetup = alreadysetup or augtool._print("/files/etc/sysconfig/network-scripts/ifcfg-%s"%self.prvNic).stdout.strip() - if not alreadysetup: - alreadysetup = augtool._print("/files/etc/sysconfig/network-scripts/ifcfg-%s"%self.brname).stdout.strip() - - else: - if self.pubNic != None: - alreadysetup = alreadysetup or augtool._print("/files/etc/network/interfaces/iface",self.pubNic).stdout.strip() - if self.prvNic != None: - alreadysetup = alreadysetup or augtool._print("/files/etc/network/interfaces/iface",self.prvNic).stdout.strip() - if not alreadysetup: - alreadysetup = augtool.match("/files/etc/network/interfaces/iface",self.brname).stdout.strip() - return alreadysetup - except OSError as e: - if e.errno == 2: raise TaskFailed("augtool has not been properly installed on this system") - raise - - def restore_state(self): - if not self.runtime_state_changed: return - - try: - o = ifconfig(self.brname) - bridge_exists = True - except CalledProcessError as e: - print(e.stdout + e.stderr) - bridge_exists = False - - if bridge_exists: - ifconfig(self.brname,"0.0.0.0") - if hasattr(self,"old_net_device"): - ifdown(self.old_net_device) - ifup(self.old_net_device) - try: ifdown(self.brname) - except CalledProcessError: pass - try: ifconfig(self.brname,"down") - except CalledProcessError: pass - try: ip("link del",self.brname) - except CalledProcessError: pass - try: ifdown("--force",self.brname) - except CalledProcessError: pass - - - if self.was_net_service_running is None: - # we do nothing - pass - elif self.was_net_service_running == False: - stop_service(self.netservice,force=True) - time.sleep(1) - else: - # we altered service configuration - stop_service(self.netservice,force=True) - time.sleep(1) - try: start_service(self.netservice,force=True) - except CalledProcessError as e: - if e.returncode == 1: pass - else: raise - time.sleep(1) - - if self.was_nm_service_running is None: - # we do nothing - pass - elif self.was_nm_service_running == False: - stop_service(self.nmservice,force=True) - time.sleep(1) - else: - # we altered service configuration - stop_service(self.nmservice,force=True) - time.sleep(1) - start_service(self.nmservice,force=True) - time.sleep(1) - - self.runtime_state_changed = False - - def execute(self): - yield "Determining default route" - routes = ip.route().stdout.splitlines() - defaultroute = [ x for x in routes if x.startswith("default") ] - if not defaultroute: raise TaskFailed("Your network configuration does not have a default route") - - dev = defaultroute[0].split()[4] - yield "Default route assigned to device %s"%dev - - self.old_net_device = dev - - if distro in (Fedora, CentOS, RHEL6): - inconfigfile = "/".join(augtool.match("/files/etc/sysconfig/network-scripts/*/DEVICE",dev).stdout.strip().split("/")[:-1]) - if not inconfigfile: raise TaskFailed("Device %s has not been set up in /etc/sysconfig/network-scripts"%dev) - pathtoconfigfile = inconfigfile[6:] - - if distro in (Fedora, CentOS, RHEL6): - automatic = augtool.match("%s/ONBOOT"%inconfigfile,"yes").stdout.strip() - else: - automatic = augtool.match("/files/etc/network/interfaces/auto/*/",dev).stdout.strip() - if not automatic: - if distro is Fedora: raise TaskFailed("Device %s has not been set up in %s as automatic on boot"%dev,pathtoconfigfile) - else: raise TaskFailed("Device %s has not been set up in /etc/network/interfaces as automatic on boot"%dev) - - if distro not in (Fedora , CentOS, RHEL6): - inconfigfile = augtool.match("/files/etc/network/interfaces/iface",dev).stdout.strip() - if not inconfigfile: raise TaskFailed("Device %s has not been set up in /etc/network/interfaces"%dev) - - if distro in (Fedora, CentOS, RHEL6): - isstatic = augtool.match(inconfigfile + "/BOOTPROTO","none").stdout.strip() - if not isstatic: isstatic = augtool.match(inconfigfile + "/BOOTPROTO","static").stdout.strip() - else: - isstatic = augtool.match(inconfigfile + "/method","static").stdout.strip() - if not isstatic: - if distro in (Fedora, CentOS, RHEL6): raise TaskFailed("Device %s has not been set up as a static device in %s"%(dev,pathtoconfigfile)) - else: raise TaskFailed("Device %s has not been set up as a static device in /etc/network/interfaces"%dev) - - if is_service_running(self.nmservice): - self.was_nm_service_running = True - yield "Stopping NetworkManager to avoid automatic network reconfiguration" - disable_service(self.nmservice) - else: - self.was_nm_service_running = False - - if is_service_running(self.netservice): - self.was_net_service_running = True - else: - self.was_net_service_running = False - - yield "Creating Cloud bridging device and making device %s member of this bridge"%dev - - if distro in (Fedora, CentOS, RHEL6): - ifcfgtext = open(pathtoconfigfile).read() - newf = "/etc/sysconfig/network-scripts/ifcfg-%s"%self.brname - #def restore(): - #try: os.unlink(newf) - #except OSError,e: - #if errno == 2: pass - #raise - #try: open(pathtoconfigfile,"w").write(ifcfgtext) - #except OSError,e: raise - - f = open(newf,"w") ; f.write(ifcfgtext) ; f.flush() ; f.close() - innewconfigfile = "/files" + newf - - script = """set %s/DEVICE %s -set %s/NAME %s -set %s/BRIDGE_PORTS %s -set %s/TYPE Bridge -rm %s/HWADDR -rm %s/UUID -rm %s/HWADDR -rm %s/IPADDR -rm %s/DEFROUTE -rm %s/NETMASK -rm %s/GATEWAY -rm %s/BROADCAST -rm %s/NETWORK -set %s/BRIDGE %s -save"""%(innewconfigfile,self.brname,innewconfigfile,self.brname,innewconfigfile,dev, - innewconfigfile,innewconfigfile,innewconfigfile,innewconfigfile, - inconfigfile,inconfigfile,inconfigfile,inconfigfile,inconfigfile,inconfigfile, - inconfigfile,self.brname) - - yield "Executing the following reconfiguration script:\n%s"%script - - try: - returned = augtool < script - if "Saved 2 file" not in returned.stdout: - print(returned.stdout + returned.stderr) - #restore() - raise TaskFailed("Network reconfiguration failed.") - else: - yield "Network reconfiguration complete" - except CalledProcessError as e: - #restore() - print(e.stdout + e.stderr) - raise TaskFailed("Network reconfiguration failed") - else: # Not fedora - backup = open("/etc/network/interfaces").read(-1) - #restore = lambda: open("/etc/network/interfaces","w").write(backup) - - script = """set %s %s -set %s %s -set %s/bridge_ports %s -save"""%(automatic,self.brname,inconfigfile,self.brname,inconfigfile,dev) - - yield "Executing the following reconfiguration script:\n%s"%script - - try: - returned = augtool < script - if "Saved 1 file" not in returned.stdout: - #restore() - raise TaskFailed("Network reconfiguration failed.") - else: - yield "Network reconfiguration complete" - except CalledProcessError as e: - #restore() - print(e.stdout + e.stderr) - raise TaskFailed("Network reconfiguration failed") - - yield "We are going to restart network services now, to make the network changes take effect. Hit ENTER when you are ready." - if self.isAutoMode(): pass - else: - input() - - # if we reach here, then if something goes wrong we should attempt to revert the runinng state - # if not, then no point - self.runtime_state_changed = True - - yield "Enabling and restarting non-NetworkManager networking" - if distro is Ubuntu: ifup(self.brname,stdout=None,stderr=None) - stop_service(self.netservice) - try: enable_service(self.netservice,forcestart=True) - except CalledProcessError as e: - if e.returncode == 1: pass - else: raise - - yield "Verifying that the bridge is up" - try: - o = ifconfig(self.brname) - except CalledProcessError as e: - print(e.stdout + e.stderr) - raise TaskFailed("The bridge could not be set up properly") - - yield "Networking restart done" - - -class SetupCgConfig(ConfigTask): - name = "control groups configuration" - - def done(self): - - try: - return "group virt" in open("/etc/cgconfig.conf","r").read(-1) - except IOError as e: - if e.errno == 2: raise TaskFailed("cgconfig has not been properly installed on this system") - raise - - def execute(self): - cgconfig = open("/etc/cgconfig.conf","r").read(-1) - cgconfig = cgconfig + """ -group virt { - cpu { - cpu.shares = 9216; - } -} -""" - open("/etc/cgconfig.conf","w").write(cgconfig) - - stop_service("cgconfig") - enable_service("cgconfig",forcestart=True) - - -class SetupCgRules(ConfigTask): - name = "control group rules setup" - cfgline = "root:/usr/sbin/libvirtd cpu virt/" - - def done(self): - try: - return self.cfgline in open("/etc/cgrules.conf","r").read(-1) - except IOError as e: - if e.errno == 2: raise TaskFailed("cgrulesd has not been properly installed on this system") - raise - - def execute(self): - cgrules = open("/etc/cgrules.conf","r").read(-1) - cgrules = cgrules + "\n" + self.cfgline + "\n" - open("/etc/cgrules.conf","w").write(cgrules) - - stop_service("cgred") - enable_service("cgred") - - -class SetupSecurityDriver(ConfigTask): - name = "security driver setup" - cfgline = "security_driver = \"none\"" - filename = "/etc/libvirt/qemu.conf" - - def done(self): - try: - return self.cfgline in open(self.filename,"r").read(-1) - except IOError as e: - if e.errno == 2: raise TaskFailed("qemu has not been properly installed on this system") - raise - - def execute(self): - libvirtqemu = open(self.filename,"r").read(-1) - libvirtqemu = libvirtqemu + "\n" + self.cfgline + "\n" - open("/etc/libvirt/qemu.conf","w").write(libvirtqemu) - - -class SetupLibvirt(ConfigTask): - name = "libvirt setup" - cfgline = "export CGROUP_DAEMON='cpu:/virt'" - def done(self): - try: - if distro in (Fedora,CentOS, RHEL6): libvirtfile = "/etc/sysconfig/libvirtd" - elif distro is Ubuntu: libvirtfile = "/etc/default/libvirt-bin" - else: raise AssertionError("We should not reach this") - return self.cfgline in open(libvirtfile,"r").read(-1) - except IOError as e: - if e.errno == 2: raise TaskFailed("libvirt has not been properly installed on this system") - raise - - def execute(self): - if distro in (Fedora,CentOS, RHEL6): libvirtfile = "/etc/sysconfig/libvirtd" - elif distro is Ubuntu: libvirtfile = "/etc/default/libvirt-bin" - else: raise AssertionError("We should not reach this") - libvirtbin = open(libvirtfile,"r").read(-1) - libvirtbin = libvirtbin + "\n" + self.cfgline + "\n" - open(libvirtfile,"w").write(libvirtbin) - - if distro in (CentOS, Fedora, RHEL6): svc = "libvirtd" - else: svc = "libvirt-bin" - stop_service(svc) - enable_service(svc) - -class SetupLiveMigration(ConfigTask): - name = "live migration setup" - stanzas = ( - "listen_tcp=1", - 'tcp_port="16509"', - 'auth_tcp="none"', - "listen_tls=0", - ) - - def done(self): - try: - lines = [ s.strip() for s in open("/etc/libvirt/libvirtd.conf").readlines() ] - if all( [ stanza in lines for stanza in self.stanzas ] ): return True - except IOError as e: - if e.errno == 2: raise TaskFailed("libvirt has not been properly installed on this system") - raise - - def execute(self): - - for stanza in self.stanzas: - startswith = stanza.split("=")[0] + '=' - replace_or_add_line("/etc/libvirt/libvirtd.conf",startswith,stanza) - - if distro in (Fedora, RHEL6): - replace_or_add_line("/etc/sysconfig/libvirtd","LIBVIRTD_ARGS=","LIBVIRTD_ARGS=-l") - - elif distro is Ubuntu: - if os.path.exists("/etc/init/libvirt-bin.conf"): - replace_line("/etc/init/libvirt-bin.conf", "exec /usr/sbin/libvirtd","exec /usr/sbin/libvirtd -d -l") - else: - replace_or_add_line("/etc/default/libvirt-bin","libvirtd_opts=","libvirtd_opts='-l'") - - else: - raise AssertionError("Unsupported distribution") - - if distro in (CentOS, Fedora, RHEL6): svc = "libvirtd" - else: svc = "libvirt-bin" - stop_service(svc) - enable_service(svc) - - -class SetupRequiredServices(ConfigTask): - name = "required services setup" - - def done(self): - if distro in (Fedora, RHEL6): nfsrelated = "rpcbind nfslock" - elif distro is CentOS: nfsrelated = "portmap nfslock" - else: return True - return all( [ is_service_running(svc) for svc in nfsrelated.split() ] ) - - def execute(self): - - if distro in (Fedora, RHEL6): nfsrelated = "rpcbind nfslock" - elif distro is CentOS: nfsrelated = "portmap nfslock" - else: raise AssertionError("Unsupported distribution") - - for svc in nfsrelated.split(): enable_service(svc) - - -class SetupFirewall(ConfigTask): - name = "firewall setup" - - def done(self): - - if distro in (Fedora, CentOS,RHEL6): - if not os.path.exists("/etc/sysconfig/iptables"): return True - if ":on" not in chkconfig("--list","iptables").stdout: return True - else: - if "Status: active" not in ufw.status().stdout: return True - if not os.path.exists("/etc/ufw/before.rules"): return True - rule = "-p tcp -m tcp --dport 16509 -j ACCEPT" - if rule in iptablessave().stdout: return True - return False - - def execute(self): - ports = "22 1798 16509 16514".split() - if distro in (Fedora , CentOS, RHEL6): - for p in ports: iptables("-I","INPUT","1","-p","tcp","--dport",p,'-j','ACCEPT') - o = service.iptables.save() ; print(o.stdout + o.stderr) - else: - for p in ports: ufw.allow(p) - - -class SetupFirewall2(ConfigTask): - # this closes bug 4371 - name = "additional firewall setup" - def __init__(self,brname): - ConfigTask.__init__(self) - self.brname = brname - - def done(self): - - if distro in (Fedora, CentOS, RHEL6): - if not os.path.exists("/etc/sysconfig/iptables"): return True - if ":on" not in chkconfig("--list","iptables").stdout: return True - return False - else: - if "Status: active" not in ufw.status().stdout: return True - if not os.path.exists("/etc/ufw/before.rules"): return True - return False - - def execute(self): - - yield "Permitting traffic in the bridge interface, migration port and for VNC ports" - - if distro in (Fedora , CentOS, RHEL6): - - for rule in ( - "-I INPUT 1 -p tcp --dport 5900:6100 -j ACCEPT", - "-I INPUT 1 -p tcp --dport 49152:49216 -j ACCEPT", - ): - args = rule.split() - o = iptables(*args) - service.iptables.save(stdout=None,stderr=None) - - else: - - ufw.allow.proto.tcp("from","any","to","any","port","5900:6100") - ufw.allow.proto.tcp("from","any","to","any","port","49152:49216") - - stop_service("ufw") - start_service("ufw") - - -# Tasks according to distribution -- at some point we will split them in separate modules - -def config_tasks(brname, pubNic, prvNic): Review comment: Is this not used at all, or some refactorings were made in other parts/changes? ########## File path: scripts/vm/network/security_group.py ########## @@ -185,7 +185,9 @@ def destroy_network_rules_for_nic(vm_name, vm_ip, vm_mac, vif, sec_ips): logging.debug("Ignoring failure to delete ebtable rules for vm: " + vm_name) def get_bridge_physdev(brname): - physdev = execute("bridge -o link show | awk '/master %s / && !/^[0-9]+: vnet/ {print $2}' | head -1 | cut -d ':' -f1" % brname) + # eth1.50@eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master breth1-50 state forwarding priority 32 cost 4 | + # eth1.50@eth1: | eth1.50@eth1 | eth1.50 + physdev = execute("bridge -o link show | awk '/master %s / && !/^[0-9]+: vnet/ {print $2}' | head -1 | cut -d ':' -f1 | cut -d '@' -f1" % brname) Review comment: just note - we need to regression test CentOS7, CentOS8 and Ubuntu with SG to check/test this (manual test should be okay as well) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@cloudstack.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
