def runVdsm(baseDir="/usr/share/vdsm/",
configFilePath="/etc/vdsm/vdsm.conf",
loggerConfigurationPath='/etc/vdsm/logger.conf'):
"""
Start a VDSM instance in a new thread.
Return a tuple ``(ClientIF, Thread Running VDSM)``
"""
if pwd.getpwuid(os.geteuid())[0] != "vdsm":
raise Exception("You can't run vdsm with any user other then 'vdsm'.")
sys.path.append(baseDir)
from vdsm.config import config
from logging import config as lconfig
import clientIF
loggerConfFile = loggerConfigurationPath
lconfig.fileConfig(loggerConfFile)
log = logging.getLogger('vds')
config.read(configFilePath)
cif = clientIF.clientIF(log)
t = threading.Thread(target=cif.serve)
t.setDaemon(True)
t.start()
return (cif, t)
def runVdsm(
baseDir="/usr/share/vdsm/", configFilePath="/etc/vdsm/vdsm.conf", loggerConfigurationPath="/etc/vdsm/logger.conf"
):
"""
Starts a VDSM instance in a new thread and returns a tuple ``(ClientIF, Thread Running VDSM)``
"""
if pwd.getpwuid(os.geteuid())[0] != "vdsm":
raise Exception("You can't run vdsm with any user other then 'vdsm'.")
sys.path.append(baseDir)
from vdsm.config import config
from logging import config as lconfig
import clientIF
loggerConfFile = loggerConfigurationPath
lconfig.fileConfig(loggerConfFile)
log = logging.getLogger("vds")
config.read(configFilePath)
cif = clientIF.clientIF(log)
t = threading.Thread(target=cif.serve)
t.setDaemon(True)
t.start()
return (cif, t)
def configure(self):
if os.getuid() != 0:
raise NotRootError()
self._sysvToUpstart()
if utils.isOvirtNode():
if not os.path.exists(P_VDSM_CERT):
raise InvalidRun(
"vdsm: Missing certificate, vdsm not registered")
validate_ovirt_certs.validate_ovirt_certs()
# Remove a previous configuration (if present)
self.removeConf()
config.read(self._getFile('VDSM_CONF'))
vdsmConfiguration = {
'certs_exist': all(os.path.isfile(f) for f in [
self.CA_FILE,
self.CERT_FILE,
self.KEY_FILE
]),
'ssl_enabled': config.getboolean('vars', 'ssl'),
'sanlock_enabled': SANLOCK_ENABLED,
'libvirt_selinux': LIBVIRT_SELINUX
}
# write configuration
for cfile, content in self.FILES.items():
content['configure'](self, content, vdsmConfiguration)
def configure(self):
if os.getuid() != 0:
raise NotRootError()
self._sysvToUpstart()
if utils.isOvirtNode():
if not os.path.exists(P_VDSM_CERT):
raise InvalidRun(
"vdsm: Missing certificate, vdsm not registered")
validate_ovirt_certs.validate_ovirt_certs()
# Remove a previous configuration (if present)
self.removeConf()
config.read(self._getFile('VDSM_CONF'))
vdsmConfiguration = {
'certs_exist':
all(
os.path.isfile(f)
for f in [self.CA_FILE, self.CERT_FILE, self.KEY_FILE]),
'ssl_enabled':
config.getboolean('vars', 'ssl'),
'sanlock_enabled':
SANLOCK_ENABLED,
'libvirt_selinux':
LIBVIRT_SELINUX
}
# write configuration
for cfile, content in self.FILES.items():
content['configure'](self, content, vdsmConfiguration)
def _certsExist():
config.read(
os.path.join(
SYSCONF_PATH,
'vdsm/vdsm.conf'
)
)
return not config.getboolean('vars', 'ssl') or\
os.path.isfile(CERT_FILE)
def _isSslConflict():
"""
return True if libvirt configuration files match ssl configuration of
vdsm.conf.
"""
config.read(_getFile('VDSM_CONF'))
ssl = config.getboolean('vars', 'ssl')
lconf_p = ParserWrapper({
'listen_tcp': '0',
'auth_tcp': 'sasl',
'listen_tls': '1',
})
lconf_p.read(_getFile('LCONF'))
listen_tcp = lconf_p.getint('listen_tcp')
auth_tcp = lconf_p.get('auth_tcp')
listen_tls = lconf_p.getint('listen_tls')
qconf_p = ParserWrapper({'spice_tls': '0'})
qconf_p.read(_getFile('QCONF'))
spice_tls = qconf_p.getboolean('spice_tls')
ret = True
if ssl:
if listen_tls != 0 and listen_tcp != 1 and auth_tcp != '"none"' and \
spice_tls != 0:
sys.stdout.write(
"SUCCESS: ssl configured to true. No conflicts\n")
else:
sys.stdout.write(
"FAILED: "
"conflicting vdsm and libvirt-qemu tls configuration.\n"
"vdsm.conf with ssl=True "
"requires the following changes:\n"
"libvirtd.conf: listen_tcp=0, auth_tcp=\"sasl\", "
"listen_tls=1\nqemu.conf: spice_tls=1.\n"
)
ret = False
else:
if listen_tls == 0 and listen_tcp == 1 and auth_tcp == '"none"' and \
spice_tls == 0:
sys.stdout.write(
"SUCCESS: ssl configured to false. No conflicts.\n")
else:
sys.stdout.write(
"FAILED: "
"conflicting vdsm and libvirt-qemu tls configuration.\n"
"vdsm.conf with ssl=False "
"requires the following changes:\n"
"libvirtd.conf: listen_tcp=1, auth_tcp=\"none\", "
"listen_tls=0\n qemu.conf: spice_tls=0.\n"
)
ret = False
return ret
def _isSslConflict():
"""
return True if libvirt configuration files match ssl configuration of
vdsm.conf.
"""
config.read(_getFile('VDSM_CONF'))
ssl = config.getboolean('vars', 'ssl')
lconf_p = ParserWrapper({
'listen_tcp': '0',
'auth_tcp': 'sasl',
'listen_tls': '1',
})
lconf_p.read(_getFile('LCONF'))
listen_tcp = lconf_p.getint('listen_tcp')
auth_tcp = lconf_p.get('auth_tcp')
listen_tls = lconf_p.getint('listen_tls')
qconf_p = ParserWrapper({'spice_tls': '0'})
qconf_p.read(_getFile('QCONF'))
spice_tls = qconf_p.getboolean('spice_tls')
ret = True
if ssl:
if listen_tls != 0 and listen_tcp != 1 and auth_tcp != '"none"' and \
spice_tls != 0:
sys.stdout.write(
"SUCCESS: ssl configured to true. No conflicts\n")
else:
sys.stdout.write(
"FAILED: "
"conflicting vdsm and libvirt-qemu tls configuration.\n"
"vdsm.conf with ssl=True "
"requires the following changes:\n"
"libvirtd.conf: listen_tcp=0, auth_tcp=\"sasl\", "
"listen_tls=1\nqemu.conf: spice_tls=1.\n"
)
ret = False
else:
if listen_tls == 0 and listen_tcp == 1 and auth_tcp == '"none"' and \
spice_tls == 0:
sys.stdout.write(
"SUCCESS: ssl configured to false. No conflicts.\n")
else:
sys.stdout.write(
"FAILED: "
"conflicting vdsm and libvirt-qemu tls configuration.\n"
"vdsm.conf with ssl=False "
"requires the following changes:\n"
"libvirtd.conf: listen_tcp=1, auth_tcp=\"none\", "
"listen_tls=0\n qemu.conf: spice_tls=0.\n"
)
ret = False
return ret
def configure():
if utils.isOvirtNode():
if not os.path.exists(constants.P_VDSM_CERT):
raise InvalidRun("vdsm: Missing certificate, vdsm not registered")
validate_ovirt_certs()
# Remove a previous configuration (if present)
removeConf()
config.read(_getFile("VDSM_CONF"))
vdsmConfiguration = {
"ssl_enabled": config.getboolean("vars", "ssl"),
"sanlock_enabled": constants.SANLOCK_ENABLED,
"libvirt_selinux": constants.LIBVIRT_SELINUX,
}
# write configuration
for cfile, content in FILES.items():
content["configure"](content, vdsmConfiguration)
def _isSslConflict():
"""
return True if libvirt configuration files match ssl configuration of
vdsm.conf.
"""
config.read(_getFile("VDSM_CONF"))
ssl = config.getboolean("vars", "ssl")
lconf_p = ParserWrapper({"listen_tcp": "0", "auth_tcp": "sasl"})
lconf_p.read(_getFile("LCONF"))
listen_tcp = lconf_p.getint("listen_tcp")
auth_tcp = lconf_p.get("auth_tcp")
qconf_p = ParserWrapper({"spice_tls": "0"})
qconf_p.read(_getFile("QCONF"))
spice_tls = qconf_p.getboolean("spice_tls")
ret = True
if ssl:
if listen_tcp != 1 and auth_tcp != '"none"' and spice_tls != 0:
sys.stdout.write("SUCCESS: ssl configured to true. No conflicts\n")
else:
sys.stdout.write(
"FAILED: "
"conflicting vdsm and libvirt-qemu tls configuration.\n"
"vdsm.conf with ssl=True "
"requires the following changes:\n"
'libvirtd.conf: listen_tcp=0, auth_tcp="sasl", \n'
"qemu.conf: spice_tls=1.\n"
)
ret = False
else:
if listen_tcp == 1 and auth_tcp == '"none"' and spice_tls == 0:
sys.stdout.write("SUCCESS: ssl configured to false. No conflicts.\n")
else:
sys.stdout.write(
"FAILED: "
"conflicting vdsm and libvirt-qemu tls configuration.\n"
"vdsm.conf with ssl=False "
"requires the following changes:\n"
'libvirtd.conf: listen_tcp=1, auth_tcp="none", \n'
"qemu.conf: spice_tls=0.\n"
)
ret = False
return ret
def configure():
if utils.isOvirtNode():
if not os.path.exists(constants.P_VDSM_CERT):
raise InvalidRun("vdsm: Missing certificate, vdsm not registered")
validate_ovirt_certs()
# Remove a previous configuration (if present)
removeConf()
config.read(_getFile('VDSM_CONF'))
vdsmConfiguration = {
'ssl_enabled': config.getboolean('vars', 'ssl'),
'sanlock_enabled': constants.SANLOCK_ENABLED,
'libvirt_selinux': constants.LIBVIRT_SELINUX
}
# write configuration
for cfile, content in FILES.items():
content['configure'](content, vdsmConfiguration)
def configure():
_sysvToUpstart()
if utils.isOvirtNode():
if not os.path.exists(constants.P_VDSM_CERT):
raise InvalidRun(
"vdsm: Missing certificate, vdsm not registered")
validate_ovirt_certs()
# Remove a previous configuration (if present)
removeConf()
config.read(_getFile('VDSM_CONF'))
vdsmConfiguration = {
'ssl_enabled': config.getboolean('vars', 'ssl'),
'sanlock_enabled': constants.SANLOCK_ENABLED,
'libvirt_selinux': constants.LIBVIRT_SELINUX
}
# write configuration
for cfile, content in FILES.items():
content['configure'](content, vdsmConfiguration)
def _certsExist():
config.read(os.path.join(SYSCONF_PATH, 'vdsm/vdsm.conf'))
return not config.getboolean('vars', 'ssl') or\
os.path.isfile(CERT_FILE)
def _get_config_item(file, section, item, default):
config.read(file)
try:
return config.get(section, item)
except:
return default
