def _setup(self):
if self.environment[constants.CoreEnv.JAVA_HOME] is None:
try:
from ovirt_engine import java
self.environment[
constants.CoreEnv.JAVA_HOME
] = java.Java().getJavaHome()
except ImportError:
self.logger.warning(
_('Using internal detection of JAVA_HOME')
)
self.environment[
constants.CoreEnv.JAVA_HOME
] = os.environ.get('JAVA_HOME', '/usr')
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(_('This service cannot be executed as root'))
if not os.path.exists(self._defaults):
raise RuntimeError(
_("The configuration defaults file '{file}' "
"required but missing").format(file=self._defaults, ))
self._config = configfile.ConfigFile((
self._defaults,
config.ENGINE_NOTIFIER_VARS,
), )
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._engineArgs = [
# The name of the process, as displayed by ps:
'ovirt-engine-notifier',
]
# Add extra system properties provided in the configuration:
for notifierProperty in shlex.split(
self._config.get('NOTIFIER_PROPERTIES')):
if not notifierProperty.startswith('-D'):
notifierProperty = '-D' + notifierProperty
self._engineArgs.append(notifierProperty)
# Add extra jvm arguments provided in the configuration:
for arg in shlex.split(self._config.get('NOTIFIER_JVM_ARGS')):
self._engineArgs.append(arg)
debugAddress = self._config.get('NOTIFIER_DEBUG_ADDRESS')
if debugAddress:
self._engineArgs.append(
('-agentlib:jdwp=transport=dt_socket,address=%s,'
'server=y,suspend=n') % (debugAddress))
self._engineArgs += [
'-jar',
jbossModulesJar,
'-dependencies',
'org.ovirt.engine.core.tools',
'-class',
'org.ovirt.engine.core.notifier.Notifier',
]
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': ('/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'),
'LANG':
'en_US.UTF-8',
'LC_ALL':
'en_US.UTF-8',
'CLASSPATH':
'',
'JAVA_MODULEPATH':
'%s:%s' % (self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
)),
'ENGINE_DEFAULTS':
config.ENGINE_DEFAULTS,
'ENGINE_VARS':
config.ENGINE_VARS,
'ENGINE_NOTIFIER_DEFAULTS':
self._defaults,
'ENGINE_NOTIFIER_VARS':
config.ENGINE_NOTIFIER_VARS,
'MALLOC_ARENA_MAX':
self._config.get('NOTIFIER_MALLOC_ARENA_MAX'),
})
self._validateConfig()
def _validation(self):
self.environment[
osetupcons.ConfigEnv.JAVA_HOME] = java.Java().getJavaHome()
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(
_('This service cannot be executed as root')
)
if not os.path.exists(self._defaults):
raise RuntimeError(
_(
"The configuration defaults file '{file}' "
"required but missing"
).format(
file=self._defaults,
)
)
self._config = configfile.ConfigFile(
(
self._defaults,
config.DWH_VARS,
),
)
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
self._checkInstallation(
pidfile=self.pidfile,
)
self._tempDir = service.TempDir()
self._tempDir.create()
settings = os.path.join(self._tempDir.directory, 'settings.properties')
with open(settings, 'w') as f:
f.write(
util.processTemplate(
os.path.join(
self._config.get('PKG_DATA_DIR'),
'conf',
'settings.properties.in'
),
dict(
('@%s@' % k, util.escape(v, ':=\\ ')) for (k, v) in
self._config.values.items()
),
)
)
self._serviceArgs = [
'ovirt-engine-dwhd',
'-Dorg.ovirt.engine.dwh.settings=%s' % settings,
]
# Add arguments for the java heap size:
self._serviceArgs.extend([
'-Xms%s' % self._config.get('DWH_HEAP_MIN'),
'-Xmx%s' % self._config.get('DWH_HEAP_MAX'),
])
for engineProperty in shlex.split(
self._config.get('DWH_PROPERTIES')
):
if not engineProperty.startswith('-D'):
engineProperty = '-D' + engineProperty
self._serviceArgs.append(engineProperty)
for arg in shlex.split(self._config.get('DWH_JVM_ARGS')):
self._serviceArgs.append(arg)
engineDebugAddress = self._config.get('DWH_DEBUG_ADDRESS')
if engineDebugAddress:
self._serviceArgs.append(
(
'-Xrunjdwp:transport=dt_socket,address=%s,'
'server=y,suspend=n'
) % (
engineDebugAddress
)
)
if self._config.getboolean('DWH_VERBOSE_GC'):
self._serviceArgs.extend([
'-verbose:gc',
'-XX:+PrintGCTimeStamps',
'-XX:+PrintGCDetails',
])
self._serviceArgs.extend([
'-classpath', '%s:%s' % (
os.path.join(
self._config.get('PKG_JAVA_LIB'),
'*',
),
self._getClasspath(),
),
'ovirt_engine_dwh.historyetl_4_3.HistoryETL',
'--context=Default',
])
self._serviceEnv = os.environ.copy()
self._serviceEnv.update({
'PATH': (
'/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'
),
'LANG': 'en_US.UTF-8',
'LC_ALL': 'en_US.UTF-8',
})
def save(self):
def _writelog(f, s):
self.logger.debug(
"Write '%s'\n%s",
f,
re.sub(self.SENSITIVE_PATTERN, '\g<sensitiveKey> = ***', s),
)
f.write(s)
if not os.path.exists(os.path.dirname(self._files['configFile'])):
os.makedirs(os.path.dirname(self._files['configFile']))
cacert = self._driver.getCACert()
secure = self._driver.isSecure()
protocol = self._driver.getProtocol()
if cacert:
keystore = self._filetransaction.getFileName(
self._files['trustStore'],
forceNew=True,
)
# keytool does not like empty files
if os.path.exists(keystore):
os.unlink(keystore)
from ovirt_engine import java
p = subprocess.Popen(
[
os.path.join(java.Java().getJavaHome(), 'bin', 'keytool'),
'-importcert',
'-noprompt',
'-trustcacerts',
'-storetype',
'JKS',
'-keystore',
keystore,
'-storepass',
'changeit',
'-file',
cacert,
'-alias',
'myca',
],
stdout=subprocess.PIPE,
stderr=subprocess.PIPE,
)
stdout, stderr = p.communicate()
self.logger.debug('keytool stdout: %s, stderr: %s', stdout, stderr)
if p.wait() != 0:
raise RuntimeError('Failed to execute keytool')
with open(
self._filetransaction.getFileName(
self._files['authzFile'],
forceNew=True,
),
'w',
) as f:
os.chmod(f.name, 0o644)
_writelog(f,
('ovirt.engine.extension.name = {authzName}\n'
'ovirt.engine.extension.bindings.method = '
'jbossmodule\n'
'ovirt.engine.extension.binding.jbossmodule.module = '
'org.ovirt.engine-extensions.aaa.ldap\n'
'ovirt.engine.extension.binding.jbossmodule.class = '
'org.ovirt.engineextensions.aaa.ldap.AuthzExtension\n'
'ovirt.engine.extension.provides = '
'org.ovirt.engine.api.extensions.aaa.Authz\n'
'config.profile.file.1 = {configFile}\n').format(
**self._vars))
with open(
self._filetransaction.getFileName(
self._files['authnFile'],
forceNew=True,
),
'w',
) as f:
os.chmod(f.name, 0o644)
_writelog(f,
('ovirt.engine.extension.name = {authnName}\n'
'ovirt.engine.extension.bindings.method = '
'jbossmodule\n'
'ovirt.engine.extension.binding.jbossmodule.module = '
'org.ovirt.engine-extensions.aaa.ldap\n'
'ovirt.engine.extension.binding.jbossmodule.class = '
'org.ovirt.engineextensions.aaa.ldap.AuthnExtension\n'
'ovirt.engine.extension.provides = '
'org.ovirt.engine.api.extensions.aaa.Authn\n'
'ovirt.engine.aaa.authn.profile.name = {profile}\n'
'ovirt.engine.aaa.authn.authz.plugin = {authzName}\n'
'config.profile.file.1 = {configFile}\n').format(
**self._vars))
with open(
self._filetransaction.getFileName(self._files['configFile'],
forceNew=True),
'w',
) as f:
os.chmod(f.name, 0o660)
if os.getuid() == 0:
os.chown(
f.name,
pwd.getpwnam('ovirt').pw_uid,
grp.getgrnam('ovirt').gr_gid,
)
_writelog(
f,
('{common}'
'\n'
'pool.default.ssl.enable = {ssl}\n'
'pool.default.ssl.insecure = {insecure}\n'
'pool.default.ssl.startTLS = {startTLS}\n'
'pool.default.ssl.truststore.file = '
'${{local:_basedir}}/{profile}.jks\n'
'pool.default.ssl.truststore.password = changeit\n').format(
ssl='true' if protocol == 'ldaps' else 'false',
insecure='true' if secure and cacert is None else 'false',
common=self._driver.getConfig(),
startTLS='true' if protocol == 'startTLS' else 'false',
profile=self._vars['profile'],
))
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(_('This service cannot be executed as root'))
if not os.path.exists(self._defaults):
raise RuntimeError(
_("The configuration defaults file '{file}' "
"required but missing").format(file=self._defaults, ))
self._config = configfile.ConfigFile((
self._defaults,
config.ENGINE_VARS,
), )
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._tempDir = service.TempDir(self._config.get('ENGINE_TMP'))
self._tempDir.create()
self._jbossRuntime = service.TempDir(self._config.get('JBOSS_RUNTIME'))
self._jbossRuntime.create()
self._setupEngineApps()
jbossTempDir = os.path.join(
self._jbossRuntime.directory,
'tmp',
)
jbossConfigDir = os.path.join(
self._jbossRuntime.directory,
'config',
)
javaModulePath = '%s:%s' % (
self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
),
)
os.mkdir(jbossTempDir)
os.mkdir(jbossConfigDir)
os.chmod(jbossConfigDir, 0o700)
jbossBootLoggingFile = self._processTemplate(
template=os.path.join(os.path.dirname(sys.argv[0]),
'ovirt-engine-logging.properties.in'),
dir=jbossConfigDir,
)
# We start with an empty list of arguments:
self._engineArgs = []
# Add arguments for the java virtual machine:
self._engineArgs.extend([
# Virtual machine options:
'-server',
'-XX:+TieredCompilation',
'-Xms%s' % self._config.get('ENGINE_HEAP_MIN'),
'-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'),
])
# Add extra system properties provided in the configuration:
for engineProperty in shlex.split(
self._config.get('ENGINE_PROPERTIES')):
if not engineProperty.startswith('-D'):
engineProperty = '-D' + engineProperty
self._engineArgs.append(engineProperty)
# Add extra jvm arguments provided in the configuration:
for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')):
self._engineArgs.append(arg)
# Enable verbose garbage collection if required:
if self._config.getboolean('ENGINE_VERBOSE_GC'):
self._engineArgs.extend([
'-verbose:gc',
'-XX:+PrintGCTimeStamps',
'-XX:+PrintGCDetails',
])
# Specify special krb5.conf file if required
if self._config.get('AAA_KRB5_CONF_FILE'):
self._engineArgs.append('-Djava.security.krb5.conf=%s' %
self._config.get('AAA_KRB5_CONF_FILE'))
# Add arguments for JBoss:
self._engineArgs.extend([
'-Djava.util.logging.manager=org.jboss.logmanager',
'-Dlogging.configuration=file://%s' % jbossBootLoggingFile,
'-Dorg.jboss.resolver.warning=true',
'-Djboss.modules.system.pkgs=org.jboss.byteman',
'-Djboss.server.default.config=ovirt-engine',
'-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'),
'-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'),
'-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'),
'-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'),
'-Djboss.server.config.dir=%s' % jbossConfigDir,
'-Djboss.server.temp.dir=%s' % jbossTempDir,
'-Djboss.controller.temp.dir=%s' % jbossTempDir,
'-jar',
jbossModulesJar,
'-mp',
javaModulePath,
'-jaxpmodule',
'javax.xml.jaxp-provider',
'org.jboss.as.standalone',
])
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': ('/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'),
'LANG':
'en_US.UTF-8',
'LC_ALL':
'en_US.UTF-8',
'ENGINE_DEFAULTS':
self._defaults,
'ENGINE_VARS':
config.ENGINE_VARS,
'ENGINE_ETC':
self._config.get('ENGINE_ETC'),
'ENGINE_LOG':
self._config.get('ENGINE_LOG'),
'ENGINE_TMP':
self._tempDir.directory,
'ENGINE_USR':
self._config.get('ENGINE_USR'),
'ENGINE_VAR':
self._config.get('ENGINE_VAR'),
'ENGINE_CACHE':
self._config.get('ENGINE_CACHE'),
})
self._detectJBossVersion()
self._jbossConfigFile = self._processTemplate(
template=os.path.join(
os.path.dirname(sys.argv[0]),
'ovirt-engine.xml.in',
),
dir=jbossConfigDir,
mode=0o600,
)
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(
_('This service cannot be executed as root')
)
if not os.path.exists(self._defaults):
raise RuntimeError(
_(
"The configuration defaults file '{file}' "
"required but missing"
).format(
file=self._defaults,
)
)
self._config = configfile.ConfigFile(
(
self._defaults,
config.ENGINE_NOTIFIER_VARS,
),
)
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._engineArgs = [
'ovirt-engine-notifier',
'-Dlog4j.configuration=file://%s/notifier/log4j.xml' % (
self._config.get('ENGINE_ETC'),
),
'-Djboss.modules.write-indexes=false',
'-jar', jbossModulesJar,
'-dependencies', 'org.ovirt.engine.core.tools',
'-class', 'org.ovirt.engine.core.notifier.Notifier',
]
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': (
'/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'
),
'LANG': 'en_US.UTF-8',
'LC_ALL': 'en_US.UTF-8',
'CLASSPATH': '',
'JAVA_MODULEPATH': '%s:%s' % (
self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
)
),
'ENGINE_DEFAULTS': config.ENGINE_DEFAULTS,
'ENGINE_VARS': config.ENGINE_VARS,
'ENGINE_NOTIFIER_DEFAULTS': self._defaults,
'ENGINE_NOTIFIER_VARS': config.ENGINE_NOTIFIER_VARS,
})
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(_('This service cannot be executed as root'))
if not os.path.exists(self._defaults):
raise RuntimeError(
_("The configuration defaults file '{file}' "
"required but missing").format(file=self._defaults, ))
self._config = configfile.ConfigFile((
self._defaults,
config.ENGINE_VARS,
), )
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._tempDir = service.TempDir(self._config.get('ENGINE_TMP'))
self._tempDir.create()
self._setupEngineApps()
jbossTempDir = os.path.join(
self._config.get('ENGINE_TMP'),
'tmp',
)
jbossConfigDir = os.path.join(
self._config.get('ENGINE_TMP'),
'config',
)
javaModulePath = self._linkModules(
'%s:%s' % (
self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
),
), )
os.mkdir(jbossTempDir)
os.mkdir(jbossConfigDir)
os.chmod(jbossConfigDir, 0o700)
jbossBootLoggingFile = self._processTemplate(
template=os.path.join(os.path.dirname(sys.argv[0]),
'ovirt-engine-logging.properties.in'),
dir=jbossConfigDir,
)
jbossConfigFile = self._processTemplate(
template=os.path.join(
os.path.dirname(sys.argv[0]),
'ovirt-engine.xml.in',
),
dir=jbossConfigDir,
mode=0o600,
)
# We start with an empty list of arguments:
self._engineArgs = []
# Add arguments for the java virtual machine:
self._engineArgs.extend([
# The name or the process, as displayed by ps:
'ovirt-engine',
# Virtual machine options:
'-server',
'-XX:+TieredCompilation',
'-Xms%s' % self._config.get('ENGINE_HEAP_MIN'),
'-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'),
'-XX:PermSize=%s' % self._config.get('ENGINE_PERM_MIN'),
'-XX:MaxPermSize=%s' % self._config.get('ENGINE_PERM_MAX'),
'-Djava.net.preferIPv4Stack=true',
'-Dsun.rmi.dgc.client.gcInterval=3600000',
'-Dsun.rmi.dgc.server.gcInterval=3600000',
'-Djava.awt.headless=true',
])
# Add extra system properties provided in the configuration:
for engineProperty in shlex.split(
self._config.get('ENGINE_PROPERTIES')):
if not engineProperty.startswith('-D'):
engineProperty = '-D' + engineProperty
self._engineArgs.append(engineProperty)
# Add extra jvm arguments provided in the configuration:
for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')):
self._engineArgs.append(arg)
# Add arguments for remote debugging of the java virtual machine:
engineDebugAddress = self._config.get('ENGINE_DEBUG_ADDRESS')
if engineDebugAddress:
self._engineArgs.append(
('-Xrunjdwp:transport=dt_socket,address=%s,'
'server=y,suspend=n') % (engineDebugAddress))
# Enable verbose garbage collection if required:
if self._config.getboolean('ENGINE_VERBOSE_GC'):
self._engineArgs.extend([
'-verbose:gc',
'-XX:+PrintGCTimeStamps',
'-XX:+PrintGCDetails',
])
# Add arguments for JBoss:
self._engineArgs.extend([
'-Djava.util.logging.manager=org.jboss.logmanager',
'-Dlogging.configuration=file://%s' % jbossBootLoggingFile,
'-Dorg.jboss.resolver.warning=true',
'-Djboss.modules.system.pkgs=org.jboss.byteman',
'-Djboss.modules.write-indexes=false',
'-Djboss.server.default.config=ovirt-engine',
'-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'),
'-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'),
'-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'),
'-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'),
'-Djboss.server.config.dir=%s' % jbossConfigDir,
'-Djboss.server.temp.dir=%s' % jbossTempDir,
'-Djboss.controller.temp.dir=%s' % jbossTempDir,
'-jar',
jbossModulesJar,
'-mp',
javaModulePath,
'-jaxpmodule',
'javax.xml.jaxp-provider',
'org.jboss.as.standalone',
'-c',
os.path.basename(jbossConfigFile),
])
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': ('/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'),
'LANG':
'en_US.UTF-8',
'LC_ALL':
'en_US.UTF-8',
'ENGINE_DEFAULTS':
self._defaults,
'ENGINE_VARS':
config.ENGINE_VARS,
'ENGINE_ETC':
self._config.get('ENGINE_ETC'),
'ENGINE_LOG':
self._config.get('ENGINE_LOG'),
'ENGINE_TMP':
self._config.get('ENGINE_TMP'),
'ENGINE_USR':
self._config.get('ENGINE_USR'),
'ENGINE_VAR':
self._config.get('ENGINE_VAR'),
'ENGINE_CACHE':
self._config.get('ENGINE_CACHE'),
})
