This is an automated email from the ASF dual-hosted git repository. bhaisaab pushed a commit to branch debian9-systemvmtemplate in repository https://gitbox.apache.org/repos/asf/cloudstack.git
commit cc3113a010266a52d21fea54719125e88ef1e46d Author: Rohit Yadav <[email protected]> AuthorDate: Mon Dec 4 10:44:34 2017 +0530 refactor crufty configuration code Signed-off-by: Rohit Yadav <[email protected]> --- systemvm/patches/debian/etc/rc.local | 9 --- systemvm/patches/debian/opt/cloud/bin/configure.py | 89 +++++++++++----------- .../patches/debian/opt/cloud/bin/update_config.py | 16 ++-- 3 files changed, 49 insertions(+), 65 deletions(-) diff --git a/systemvm/patches/debian/etc/rc.local b/systemvm/patches/debian/etc/rc.local index bb4e251..895c120 100755 --- a/systemvm/patches/debian/etc/rc.local +++ b/systemvm/patches/debian/etc/rc.local @@ -67,12 +67,3 @@ then python /opt/cloud/bin/baremetal-vr.py & logger -t cloud "Started baremetal-vr service" fi - -if [ "$TYPE" == "router" ] || [ "$TYPE" == "vpcrouter" ] || [ "$TYPE" == "dhcpsrvr" ] -then - if [ -x /opt/cloud/bin/update_config.py ] - then - /opt/cloud/bin/update_config.py cmd_line.json - logger -t cloud "Updated config: cmd_line.json" - fi -fi diff --git a/systemvm/patches/debian/opt/cloud/bin/configure.py b/systemvm/patches/debian/opt/cloud/bin/configure.py index 3b39e6d..ed67ec6 100755 --- a/systemvm/patches/debian/opt/cloud/bin/configure.py +++ b/systemvm/patches/debian/opt/cloud/bin/configure.py @@ -17,15 +17,15 @@ # specific language governing permissions and limitations # under the License. import sys +import os import base64 +import time from collections import OrderedDict import logging import re -import os.path -import os from fcntl import flock, LOCK_EX, LOCK_UN from cs.CsDatabag import CsDataBag @@ -39,7 +39,6 @@ from cs.CsConfig import CsConfig from cs.CsProcess import CsProcess from cs.CsStaticRoutes import CsStaticRoutes -OCCURRENCES = 1 class CsPassword(CsDataBag): @@ -197,12 +196,12 @@ class CsAcl(CsDataBag): self.rule['action'] = "ACCEPT" egressIpsetStr='' - if sflag == True and dflag == True: + if sflag and dflag : egressIpsetStr = " -m set --match-set %s src " % sourceIpsetName + \ " -m set --match-set %s dst " % destIpsetName - elif sflag == True: + elif sflag: egressIpsetStr = " -m set --match-set %s src " % sourceIpsetName - elif dflag == True: + elif dflag: egressIpsetStr = " -m set --match-set %s dst " % destIpsetName if rule['protocol'] == "icmp": @@ -666,8 +665,7 @@ class CsRemoteAccessVpn(CsDataBag): # Enable remote access vpn if vpnconfig['create']: - shutdownIpsec = False - logging.debug("Enabling remote access vpn on "+ public_ip) + logging.debug("Enabling remote access vpn on "+ public_ip) CsHelper.start_if_stopped("ipsec") self.configure_l2tpIpsec(public_ip, self.dbag[public_ip]) @@ -995,6 +993,8 @@ def main(argv): logging.debug("No file was received, do not go on processing the other actions. Just leave for now.") return + json_type = os.path.basename(process_file).split('.json')[0] + # The "GLOBAL" Configuration object config = CsConfig() @@ -1008,50 +1008,47 @@ def main(argv): config.address().compare() config.address().process() - databag_map = OrderedDict([("guest_network.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("vm_password.json", {"process_iptables" : False, "executor" : CsPassword("vmpassword", config)}), - ("vm_metadata.json", {"process_iptables" : False, "executor" : CsVmMetadata('vmdata', config)}), - ("network_acl.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("firewall_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("forwarding_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("staticnat_rules.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("site_2_site_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("remote_access_vpn.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("vpn_user_list.json", {"process_iptables" : False, "executor" : CsVpnUser("vpnuserlist", config)}), - ("vm_dhcp_entry.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}), - ("dhcp.json", {"process_iptables" : False, "executor" : CsDhcp("dhcpentry", config)}), - ("load_balancer.json", {"process_iptables" : True, "executor" : IpTablesExecutor(config)}), - ("monitor_service.json", {"process_iptables" : False, "executor" : CsMonitor("monitorservice", config)}), - ("static_routes.json", {"process_iptables" : False, "executor" : CsStaticRoutes("staticroutes", config)}) + databag_map = OrderedDict([("guest_network", {"process_iptables" : True, "executor" : []}), + ("vm_password", {"process_iptables" : False, "executor" : [CsPassword("vmpassword", config)]}), + ("vm_metadata", {"process_iptables" : False, "executor" : [CsVmMetadata('vmdata', config)]}), + ("network_acl", {"process_iptables" : True, "executor" : []}), + ("firewall_rules", {"process_iptables" : True, "executor" : []}), + ("forwarding_rules", {"process_iptables" : True, "executor" : []}), + ("staticnat_rules", {"process_iptables" : True, "executor" : []}), + ("site_2_site_vpn", {"process_iptables" : True, "executor" : []}), + ("remote_access_vpn", {"process_iptables" : True, "executor" : []}), + ("vpn_user_list", {"process_iptables" : False, "executor" : [CsVpnUser("vpnuserlist", config)]}), + ("vm_dhcp_entry", {"process_iptables" : False, "executor" : [CsDhcp("dhcpentry", config)]}), + ("dhcp", {"process_iptables" : False, "executor" : [CsDhcp("dhcpentry", config)]}), + ("load_balancer", {"process_iptables" : True, "executor" : []}), + ("monitor_service", {"process_iptables" : False, "executor" : [CsMonitor("monitorservice", config)]}), + ("static_routes", {"process_iptables" : False, "executor" : [CsStaticRoutes("staticroutes", config)]}) ]) - if process_file.count("cmd_line.json") == OCCURRENCES: - logging.debug("cmd_line.json changed. All other files will be processed as well.") - - while databag_map: - item = databag_map.popitem(last = False) - item_name = item[0] - item_dict = item[1] - if not item_dict["process_iptables"]: - executor = item_dict["executor"] - executor.process() + def execDatabag(key, db): + if key not in db.keys() or 'executor' not in db[key]: + logging.warn("Unable to find config or executor(s) for the databag type %s" % key) + return + for executor in db[key]['executor']: + logging.debug("Processing for databag type: %s" % key) + executor.process() + def execIptables(config): + logging.debug("Processing iptables rules") iptables_executor = IpTablesExecutor(config) iptables_executor.process() - else: - while databag_map: - item = databag_map.popitem(last = False) - item_name = item[0] - item_dict = item[1] - if process_file.count(item_name) == OCCURRENCES: - executor = item_dict["executor"] - executor.process() - - if item_dict["process_iptables"]: - iptables_executor = IpTablesExecutor(config) - iptables_executor.process() - break + if json_type == "cmd_line": + logging.debug("cmd_line.json changed. All other files will be processed as well.") + for key in databag_map.keys(): + execDatabag(key, databag_map) + execIptables(config) + elif json_type in databag_map.keys(): + execDatabag(json_type, databag_map) + if databag_map[json_type]['process_iptables']: + execIptables(config) + else: + logging.warn("Unable to find and process databag for file: %s, for json type=%s" % (process_file, json_type)) red = CsRedundant(config) red.set() diff --git a/systemvm/patches/debian/opt/cloud/bin/update_config.py b/systemvm/patches/debian/opt/cloud/bin/update_config.py index 9427bc8..e4e70de 100755 --- a/systemvm/patches/debian/opt/cloud/bin/update_config.py +++ b/systemvm/patches/debian/opt/cloud/bin/update_config.py @@ -24,11 +24,8 @@ from subprocess import PIPE, STDOUT import os import os.path import configure -import glob import json -OCCURRENCES = 1 - logging.basicConfig(filename='/var/log/cloud.log', level=logging.DEBUG, format='%(asctime)s %(filename)s %(funcName)s:%(lineno)d %(message)s') # first commandline argument should be the file to process @@ -38,7 +35,8 @@ if (len(sys.argv) != 2): # FIXME we should get this location from a configuration class jsonPath = "/var/cache/cloud/%s" -jsonCmdConfigPath = jsonPath % sys.argv[1] +jsonFilename = sys.argv[1] +jsonConfigFile = jsonPath % jsonFilename currentGuestNetConfig = "/etc/cloudstack/guestnetwork.json" @@ -75,8 +73,7 @@ def is_guestnet_configured(guestnet_dict, keys): print "[WARN] update_config.py :: Reconfiguring guest network..." return False - filename = min(glob.iglob(jsonCmdConfigPath + '*'), key=os.path.getctime) - file = open(filename) + file = open(jsonConfigFile) new_guestnet_dict = json.load(file) if not new_guestnet_dict['add']: @@ -116,13 +113,12 @@ def is_guestnet_configured(guestnet_dict, keys): return exists -filename = min(glob.iglob(jsonCmdConfigPath + '*'), key=os.path.getctime) -if not (os.path.isfile(filename) and os.access(filename, os.R_OK)): - print "[ERROR] update_config.py :: You are telling me to process %s, but i can't access it" % jsonCmdConfigPath +if not (os.path.isfile(jsonConfigFile) and os.access(jsonConfigFile, os.R_OK)): + print "[ERROR] update_config.py :: Unable to read and access %s to process it" % jsonConfigFile sys.exit(1) # If the guest network is already configured and have the same IP, do not try to configure it again otherwise it will break -if sys.argv[1] and sys.argv[1].count("guest_network.json") == OCCURRENCES: +if jsonFilename.startswith("guest_network.json"): if os.path.isfile(currentGuestNetConfig): file = open(currentGuestNetConfig) guestnet_dict = json.load(file) -- To stop receiving notification emails like this one, please contact "[email protected]" <[email protected]>.
