Douglas Schilling Landgraf has uploaded a new change for review. Change subject: autoinstall: Use systemd service ......................................................................
autoinstall: Use systemd service This patch changes the autoinstall schema for the vdsm-tool register to use systemd to guarantee that before triggering the register at least the network is up and supervdsmd as well. Additionally, refactor of autoreg since we are not using ovirt-node boot hook anymore. Change-Id: I07fb87e0f5efe84219596ed0f3a51561f22b0152 Signed-off-by: Douglas Schilling Landgraf <[email protected]> --- M Makefile.am M autoinstall/Makefile.am D autoinstall/autoreg-args D autoinstall/autoreg.py A autoinstall/ovirt-node-plugin-vdsm-autoreg M configure.ac M ovirt-node-plugin-vdsm.spec.in A systemd/Makefile.am A systemd/ovirt-node-plugin-vdsm.service 9 files changed, 278 insertions(+), 169 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node-plugin-vdsm refs/changes/03/41303/1 diff --git a/Makefile.am b/Makefile.am index dfe9b01..2ee41a8 100644 --- a/Makefile.am +++ b/Makefile.am @@ -28,6 +28,7 @@ autoinstall \ hooks \ src \ + systemd \ recipe EXTRA_DIST = \ diff --git a/autoinstall/Makefile.am b/autoinstall/Makefile.am index 9d1dc3d..8bdc5d5 100644 --- a/autoinstall/Makefile.am +++ b/autoinstall/Makefile.am @@ -15,13 +15,6 @@ # MA 02110-1301, USA. A copy of the GNU General Public License is # also available at http://www.gnu.org/copyleft/gpl.html. -pluginsargsdir = $(sysconfdir)/ovirt-commandline.d -pyovirtconfigsetupdir = $(sysconfdir)/ovirt-config-boot.d - -dist_pyovirtconfigsetup_PYTHON = \ - autoreg.py \ - $(NULL) - -dist_pluginsargs_DATA = \ - autoreg-args \ +dist_sbin_SCRIPTS = \ + ovirt-node-plugin-vdsm-autoreg \ $(NULL) diff --git a/autoinstall/autoreg-args b/autoinstall/autoreg-args deleted file mode 100644 index 1eefeb0..0000000 --- a/autoinstall/autoreg-args +++ /dev/null @@ -1,6 +0,0 @@ -management_server -management_server_port -management_server_fingerprint -rhevm_admin_password -engine_admin_password -ovirt_vdsm_disable diff --git a/autoinstall/autoreg.py b/autoinstall/autoreg.py deleted file mode 100644 index ef829ad..0000000 --- a/autoinstall/autoreg.py +++ /dev/null @@ -1,133 +0,0 @@ -#!/usr/bin/python -# -*- coding: utf-8 -*- -# -# Copyright (C) 2015 Red Hat, Inc. -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, -# MA 02110-1301, USA. A copy of the GNU General Public License is -# also available at http://www.gnu.org/copyleft/gpl.html. -import sys -import ovirtnode.ovirtfunctions as _functions - -from ovirt.node import log, utils -from ovirt.node.config.defaults import SSH -from ovirt.node.setup.vdsm import engine_page -from ovirt.node.utils import system - -# Log: /var/log/ovirt-node.log -LOGGER = log.getLogger(__name__) -ARGS = system.kernel_cmdline_arguments() - - -def is_karg_set(key, debug=True): - """ Check if the key was used as kernel argument """ - if key in ARGS and len(ARGS[key]) > 0: - if debug: - LOGGER.info("autoinstall: kernel argument [%s] is set [%s]" % - (key, ARGS[key])) - return ARGS[key] - - return False - - -def main(): - LOGGER.info("== autoinstall: starting validation for kernel arguments ==") - - # For autoinstall using check-fqdn = False as previous autoinstall - # doesn't check CA cert - vdsm_tool_cmd = "vdsm-tool register --check-fqdn False " - - if "ovirt_vdsm_disable" in ARGS: - LOGGER.info("autoinstall: ovirt_vdsm_disabled is set, nothing to do!") - return 0 - - triggered_autoreg = False - if is_karg_set("management_server"): - # Updating OVIRT_MANAGEMENT_SERVER in /etc/default/ovirt - engine_page.VDSM().update(server=ARGS["management_server"], - port=None, - cert_path=None) - vdsm_tool_cmd += "--engine-fqdn {s} ".format( - s=ARGS["management_server"]) - triggered_autoreg = True - - if is_karg_set("management_server_port"): - if not is_karg_set("management_server", debug=False): - LOGGER.error("To use management_server_port is required" - " to set management_server key too!") - return -1 - else: - # Updating OVIRT_MANAGEMENT and OVIRT_MANAGEMENT_PORT - # in /etc/default/ovirt - engine_page.VDSM().update(server=ARGS["management_server"], - port=ARGS["management_server_port"], - cert_path=None) - vdsm_tool_cmd += "--engine-https-port {p} ".format( - p=ARGS["management_server_port"]) - triggered_autoreg = True - - if is_karg_set("management_server_fingerprint"): - if not is_karg_set("management_server", debug=False): - LOGGER.error("To use management_server_fingerprint is required" - " to set management_server key too!") - return -1 - else: - vdsm_tool_cmd += "--fingerprint {f}".format( - f=ARGS["management_server_fingerprint"]) - triggered_autoreg = True - - # For rhevm_admin_password/engine_admin_password use: - # openssl passwd -1 to genereate the password - admin_pwd = None - if is_karg_set("rhevm_admin_password"): - admin_pwd = "rhevm_admin_password" - - if is_karg_set("engine_admin_password"): - admin_pwd = "engine_admin_password" - - if admin_pwd: - try: - _functions.unmount_config("/etc/shadow") - _functions.unmount_config("/etc/passwd") - engine_page.execute_cmd("/usr/sbin/usermod -p %s root" % - ARGS[admin_pwd]) - - engine_page.execute_cmd("chage -E -1 root") - utils.fs.Config().persist("/etc/shadow") - utils.fs.Config().persist("/etc/passwd") - LOGGER.info("autoinstall: Password updated for user root!") - except: - LOGGER.error("autoinstall: Unable to update root password!") - raise - - # Enable SSHD - SSH().update(pwauth=True) - SSH().commit() - - if triggered_autoreg: - LOGGER.info("autoinstall: vdsm-tool register command") - LOGGER.info("{c}".format(c=vdsm_tool_cmd)) - out, ret = engine_page.execute_cmd(vdsm_tool_cmd) - LOGGER.info("autoinstall: vdsm-tool ret: {o}".format(o=out)) - if ret != 0: - LOGGER.error("autoinstall: vdsm-tool register command FAILED!") - LOGGER.error("Full log: /var/log/vdsm/register.log") - return ret - - LOGGER.info("== autoinstall successfully finished ==") - - return 0 - -if __name__ == "__main__": - sys.exit(main()) diff --git a/autoinstall/ovirt-node-plugin-vdsm-autoreg b/autoinstall/ovirt-node-plugin-vdsm-autoreg new file mode 100755 index 0000000..2e3e06f --- /dev/null +++ b/autoinstall/ovirt-node-plugin-vdsm-autoreg @@ -0,0 +1,233 @@ +#!/usr/bin/python +# -*- coding: utf-8 -*- +# +# Copyright (C) 2015 Red Hat, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +# MA 02110-1301, USA. A copy of the GNU General Public License is +# also available at http://www.gnu.org/copyleft/gpl.html. +import sys +import ovirtnode.ovirtfunctions as _functions + +from ovirt.node import log, utils +from ovirt.node.config.defaults import SSH +from ovirt.node.setup.vdsm import engine_page +from ovirt.node.utils import system + + +class AutoRegister(object): + + def __init__(self): + # Log: /var/log/ovirt-node.log + self.logger = log.getLogger(__name__) + + # For autoinstall using check-fqdn = False as previous autoinstall + # doesn't check CA cert + self.vdsm_tool_cmd = "vdsm-tool register --check-fqdn False " + + self.kargs = None + self.mserver = None + self.mserver_port = None + + def _is_karg_set(self, key, debug=True): + """ + Check if the key was used as kernel argument + + Arguments: + key -- The key to look for + debug -- Debugging prints + + Returns: the key or False + """ + if key in self.kargs and len(self.kargs[key]) > 0: + if debug: + self.logger.info("autoinstall: kernel argument " + "[%s] is set [%s]" % (key, self.kargs[key])) + return self.kargs[key] + + return False + + def is_node_registered(self): + """ + Validate OVIRT_NODE_AUTO_REGISTER in /etc/default/ovirt + if already set, no need to execute auto-register + + Return True or False + """ + self.logger.info("== autoinstall: validating /etc/default/ovirt") + + with open('/etc/default/ovirt', 'r') as f: + for line in f: + if "OVIRT_NODE_AUTO_REGISTER=True" in line: + return True + + return False + + def get_kargs(self): + """ + Find in the boot kernel arguments from /var/log/messages, + the autoinstall keys that start with "management_" + + Return a dict with the keys + """ + self.logger.info("== autoinstall: validating kernel arguments ==") + key_word_karg = "Command line" + with open('/var/log/messages', 'r') as f: + for line in f: + if key_word_karg in line and "management_server" in line: + self.kargs = system.kernel_cmdline_arguments( + line.split(key_word_karg)[1] + ) + self.logger.info("autoinstall kargs: {k}".format( + k=self.kargs) + ) + break + + return self.kargs + + def get_management_server(self): + """ + If management_server exist in the kernel argument + add it to the auto-register script call + """ + if self._is_karg_set("management_server"): + self.mserver = self.kargs["management_server"] + self.vdsm_tool_cmd += "--engine-fqdn {s} ".format( + s=self.mserver) + else: + raise RuntimeError("management_server karg is required!") + + def get_management_server_port(self): + """ + If management_server_port exist in the kernel argument + add it to the auto-register script call + """ + if self._is_karg_set("management_server_port"): + if not self._is_karg_set("management_server", debug=False): + raise RuntimeError("management_server_port requires" + " to set management_server key too!") + else: + self.mserver_port = self.kargs["management_server_port"] + self.vdsm_tool_cmd += "--engine-https-port {p} ".format( + p=self.mserver_port) + + def get_management_server_fingerprint(self): + """ + If management_server_fingerprint exist in the kernel argument + add it to the auto-register script call + """ + if self._is_karg_set("management_server_fingerprint"): + if not self._is_karg_set("management_server", debug=False): + raise RuntimeError("management_server_fingerprint requires" + " to set management_server key too!") + else: + self.vdsm_tool_cmd += "--fingerprint {f}".format( + f=self.kargs["management_server_fingerprint"] + ) + + def write_changes(self): + """ + Write OVIRT_MANAGEMENT and OVIRT_MANAGEMENT_PORT + """ + # Updating OVIRT_MANAGEMENT_SERVER in /etc/default/ovirt + + if self.mserver_port is not None: + engine_page.VDSM().update(server=self.mserver, + port=self.mserver_port, + cert_path="/etc/pki/ovirt-engine/ca.pem") + else: + engine_page.VDSM().update(server=self.mserver, + cert_path="/etc/pki/ovirt-engine/ca.pem") + + with open('/etc/default/ovirt', 'a') as f: + f.write("OVIRT_NODE_AUTO_REGISTER=True") + + def pass_sysadm(self): + """ + Check if keys: rhevm_admin_password or engine_admin_password is set + if it's present, set root passwd and enable SSH daemon + + Note: To generate password to use with rhevm_admin_password and + engine_admin_password you must execute: openssl passwd -1 + """ + admin_pwd = None + if self._is_karg_set("rhevm_admin_password"): + admin_pwd = "rhevm_admin_password" + + if self._is_karg_set("engine_admin_password"): + admin_pwd = "engine_admin_password" + + if admin_pwd: + _functions.unmount_config("/etc/shadow") + _functions.unmount_config("/etc/passwd") + engine_page.execute_cmd("/usr/sbin/usermod -p %s root" % + self.kargs[admin_pwd]) + + engine_page.execute_cmd("chage -E -1 root") + utils.fs.Config().persist("/etc/shadow") + utils.fs.Config().persist("/etc/passwd") + self.logger.info("autoinstall: Password updated for user root!") + + # Enable SSHD + SSH().update(pwauth=True) + SSH().commit() + + def execute_registration(self): + self.logger.info("autoinstall: vdsm-tool register command") + self.logger.info("{c}".format(c=self.vdsm_tool_cmd)) + out, ret = engine_page.execute_cmd(self.vdsm_tool_cmd) + self.logger.info("autoinstall: vdsm-tool ret: {o}".format(o=out)) + if ret != 0: + raise RuntimeError("autoinstall: vdsm-tool register FAILED!") + + +def main(): + reg = AutoRegister() + reg.logger.info("=======================================") + reg.logger.info("Auto-Registering the node") + reg.logger.info("=======================================") + + if not reg.is_node_registered(): + reg.logger.info("OVIRT_NODE_AUTO_REGISTER is NOT set, " + "starting auto-register..") + if reg.get_kargs() is None: + reg.logger.info( + "autoinstall: Not found management_server, " + "management_server_port or " + "management_server_fingerprint " + "in the kernel argument" + ) + return 0 + else: + reg.logger.info( + "No need to auto-register, OVIRT_NODE_AUTO_REGISTER is set!" + ) + return 0 + + try: + reg.get_management_server() + reg.get_management_server_port() + reg.get_management_server_fingerprint() + reg.execute_registration() + reg.write_changes() + except: + reg.logger.exception("Unable to auto-register! " + "Full log: /var/log/vdsm/register.log") + return 1 + + reg.logger.info("== autoinstall successfully finished ==") + return 0 + +if __name__ == "__main__": + sys.exit(main()) diff --git a/configure.ac b/configure.ac index 6a1e68e..f9c5152 100644 --- a/configure.ac +++ b/configure.ac @@ -17,6 +17,7 @@ AC_CONFIG_FILES([Makefile src/Makefile src/config.py + systemd/Makefile autoinstall/Makefile conf/Makefile hooks/Makefile diff --git a/ovirt-node-plugin-vdsm.spec.in b/ovirt-node-plugin-vdsm.spec.in index e724903..15e2229 100644 --- a/ovirt-node-plugin-vdsm.spec.in +++ b/ovirt-node-plugin-vdsm.spec.in @@ -1,9 +1,3 @@ -%define is_f19 %(test "0%{?fedora}" -eq "019" && echo 1 || echo 0) - -%if 0%{?fedora} >= 15 || 0%{?rhel} >= 7 -%global with_systemd 1 -%endif - Summary: A plugin to make oVirt Node installs compatible with oVirt Engine and vdsm Name: ovirt-node-plugin-vdsm Version: @PACKAGE_RPM_VERSION@ @@ -32,6 +26,7 @@ BuildArch: noarch BuildRequires: python2-devel +BuildRequires: systemd-units %{!?_licensedir:%global license %%doc} @@ -60,16 +55,11 @@ %install %{__rm} -rf %{buildroot} make install DESTDIR=%{buildroot} +install -Dm 0644 systemd/ovirt-node-plugin-vdsm.service %{buildroot}%{_unitdir}/ovirt-node-plugin-vdsm.service %post -if [ "$1" -eq 1 ] ; then -%if 0%{?with_systemd} - /bin/systemctl enable vdsm-reg.service >/dev/null 2>&1 || : - /bin/systemctl daemon-reload >/dev/null 2>&1 || : -%else - /sbin/chkconfig --add vdsm-reg -%endif -fi +/bin/systemctl enable ovirt-node-plugin-vdsm.service >/dev/null 2>&1 || : +/bin/systemctl daemon-reload >/dev/null 2>&1 || : # reserve vdsm port 54321 augtool << \EOF_sysctl @@ -82,11 +72,6 @@ virt_use_sanlock=1 \ sanlock_use_nfs=1 -# ensure Network Manager is disabled -%if %{is_f19} -/usr/bin/systemctl mask NetworkManager.service -%endif - %preun %files recipe @@ -96,6 +81,8 @@ %files %license COPYING %{python_sitelib}/ovirt/node/setup/vdsm +%{_unitdir}/ovirt-node-plugin-vdsm.service +%{_sbindir}/ovirt-node-plugin-vdsm-autoreg %{_libexecdir}/ovirt-node/hooks/pre-upgrade/01-vdsm %{_libexecdir}/ovirt-node/hooks/pre-upgrade/03-persist-multipath-wwids %{_libexecdir}/ovirt-node/hooks/post-upgrade/01-sanlock-check @@ -103,8 +90,6 @@ %{_libexecdir}/ovirt-node/hooks/on-boot/02-vdsm-sebool-config %{_libexecdir}/ovirt-node/hooks/on-boot/03-persist-multipath-wwids %{_libexecdir}/ovirt-node/hooks/on-boot/90-start-vdsm -%{_sysconfdir}/ovirt-commandline.d/autoreg-args -%{_sysconfdir}/ovirt-config-boot.d/autoreg.py* %{_sysconfdir}/ovirt-plugins.d %{_sysconfdir}/default/version.ovirt-node-plugin-vdsm diff --git a/systemd/Makefile.am b/systemd/Makefile.am new file mode 100644 index 0000000..fffa31a --- /dev/null +++ b/systemd/Makefile.am @@ -0,0 +1,20 @@ +# Copyright (C) 2015 Red Hat, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, +# MA 02110-1301, USA. A copy of the GNU General Public License is +# also available at http://www.gnu.org/copyleft/gpl.html. + +EXTRA_DIST = \ + ovirt-node-plugin-vdsm.service + $(NULL) diff --git a/systemd/ovirt-node-plugin-vdsm.service b/systemd/ovirt-node-plugin-vdsm.service new file mode 100644 index 0000000..016c208 --- /dev/null +++ b/systemd/ovirt-node-plugin-vdsm.service @@ -0,0 +1,15 @@ +[Unit] +Description=oVirt Node Plugin VDSM +After=network.target network-online.target supervdsmd.service + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/sbin/ovirt-node-plugin-vdsm-autoreg +Nice=-20 +User=root +Group=root +PermissionsStartOnly=true + +[Install] +WantedBy=multi-user.target -- To view, visit https://gerrit.ovirt.org/41303 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I07fb87e0f5efe84219596ed0f3a51561f22b0152 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node-plugin-vdsm Gerrit-Branch: master Gerrit-Owner: Douglas Schilling Landgraf <[email protected]> _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
