def config(self):
selinuxEnabled = True
if not bash("selinuxenabled").isSuccess():
selinuxEnabled = False
if selinuxEnabled:
try:
bash("setenforce 0")
cfo = configFileOps("/etc/selinux/config", self)
cfo.replace_line("SELINUX=", "SELINUX=permissive")
return True
except:
raise CloudRuntimeException(
"Failed to configure selinux, please see the /var/log/cloudstack/agent/setup.log for detail, \
or you can manually disable it before starting myCloud"
)
else:
return True
def config(self):
try:
cmd = bash("service apparmor status")
if not cmd.isSuccess() or cmd.getStdout() == "":
self.spRunning = False
return True
if not bash("apparmor_status |grep libvirt").isSuccess():
return True
bash("ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/")
bash("ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/")
bash("apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd")
bash("apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper")
return True
except:
raise CloudRuntimeException("Failed to configure apparmor, please see the /var/log/cloudstack/setupAgent.log for detail, \
or you can manually disable it before starting myCloud")
def execute(self, statement):
txn = None
try:
txn = self.connect()
cursor = txn.cursor()
cursor.execute(statement)
cursor.close()
txn.commit()
if txn is not None:
try:
txn.close()
except:
pass
except:
raise CloudRuntimeException("Failed to execute: %s " % statement)
finally:
if txn is not None:
try:
txn.close()
except:
pass
# generate keystore
keyPath = "/var/cloudstack/management/web.keystore"
if not os.path.exists(keyPath):
cmd = bash(
"keytool -genkeypair -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\"" % keyPath)
if not cmd.isSuccess():
raise CloudInternalException(cmd.getErrMsg())
if not self.syscfg.env.svrConf == "Tomcat7":
cfo = configFileOps("/etc/cloudstack/management/tomcat6.conf", self)
cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \"" % keyPath)
elif self.syscfg.env.svrMode == "HttpsServer":
if self.syscfg.env.svrConf == "Tomcat7":
if not os.path.exists("/etc/cloudstack/management/server7-ssl.xml"):
raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server7-ssl.xml, https enable failed")
if os.path.exists("/etc/cloudstack/management/server.xml"):
bash("rm -f /etc/cloudstack/management/server.xml")
bash("ln -s /etc/cloudstack/management/server7-ssl.xml /etc/cloudstack/management/server.xml")
else:
if not os.path.exists("/etc/cloudstack/management/server-ssl.xml") or not os.path.exists("/etc/cloudstack/management/tomcat6-ssl.conf"):
raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server-ssl.xml or /etc/cloudstack/management/tomcat6-ssl.conf, https enable failed")
if os.path.exists("/etc/cloudstack/management/server.xml"):
bash("rm -f /etc/cloudstack/management/server.xml")
if os.path.exists("/etc/cloudstack/management/tomcat6.conf"):
bash("rm -f /etc/cloudstack/management/tomcat6.conf")
bash("ln -s /etc/cloudstack/management/server-ssl.xml /etc/cloudstack/management/server.xml")
bash("ln -s /etc/cloudstack/management/tomcat6-ssl.conf /etc/cloudstack/management/tomcat6.conf")
if not bash("iptables-save |grep PREROUTING | grep 6443").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 6443")
else:
writeProgressBar(None, result)
return result
except CloudRuntimeException, e:
self.status = result
writeProgressBar(None, result)
logging.debug(e.getDetails())
raise e
except CloudInternalException, e:
self.status = result
writeProgressBar(None, result)
raise e
except:
logging.debug(formatExceptionInfo())
if self.syscfg.env.mode == "Server":
raise CloudRuntimeException(
"Configure %s failed, Please check the /var/log/cloudstack/setupManagement.log for detail"
% self.serviceName)
else:
raise CloudRuntimeException(
"Configure %s failed, Please check the /var/log/cloudstack/agent/setup.log for detail"
% self.serviceName)
def backup(self):
if self.status is None:
return True
writeProgressBar("Restore " + self.serviceName + " ...", None)
result = False
try:
for cfo in self.cfoHandlers:
cfo.backup()
except:
raise e
#add DNAT 443 to 8250
if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ")
elif self.syscfg.env.svrMode == "HttpsServer":
if not bash("iptables-save |grep PREROUTING | grep 8443").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8443")
bash("touch /var/run/cloudstack-management.pid")
bash("chown cloud.cloud /var/run/cloudstack-management.pid")
checkHostName()
bash("mkdir -p /var/lib/cloudstack/")
bash("chown cloud:cloud -R /var/lib/cloudstack/")
#set max process per account is unlimited
if os.path.exists("/etc/security/limits.conf"):
cfo = configFileOps("/etc/security/limits.conf")
cfo.add_lines("cloud soft nproc -1\n")
cfo.add_lines("cloud hard nproc -1\n")
cfo.save()
if self.syscfg.env.noStart == False:
self.syscfg.svo.stopService("cloudstack-management")
if self.syscfg.svo.enableService("cloudstack-management"):
return True
else:
raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName)
else:
print "Configured successfully, but not starting management server."
return True