def addBridge(self, br, dev):
bash("ifdown %s" % dev.name)
for line in file(self.netCfgFile).readlines():
match = re.match("^ *iface %s.*" % dev.name, line)
if match is not None:
dev.method = self.getNetworkMethod(match.group(0))
cfo = configFileOps(self.netCfgFile, self)
if self.syscfg.env.bridgeType == "openvswitch":
bridgeCfg = "\n".join(
("", "iface {device} inet manual",
" ovs_type OVSPort", " ovs_bridge {bridge}", "",
"auto {bridge}", "allow-ovs {bridge}",
"iface {bridge} inet {device_method}",
" ovs_type OVSBridge", " ovs_ports {device}",
"")).format(bridge=br,
device=dev.name,
device_method=dev.method)
cfo.replace_line(
"^ *auto %s.*" % dev.name,
"allow-{bridge} {device}".format(bridge=br,
device=dev.name))
elif self.syscfg.env.bridgeType == "native":
bridgeCfg = "\niface %s inet manual\n \
auto %s\n \
iface %s inet %s\n \
bridge_ports %s\n" % (dev.name, br, br,
dev.method, dev.name)
else:
raise CloudInternalException(
"Unknown network.bridge.type %s" %
self.syscfg.env.bridgeType)
cfo.replace_line("^ *iface %s.*" % dev.name, bridgeCfg)
def restore(self):
try:
bash("setenforce 1")
return True
except:
logging.debug(formatExceptionInfo())
return False
def configAgent(self):
try:
cfo = configFileOps("/etc/cloudstack/agent/agent.properties", self)
cfo.addEntry("host", self.syscfg.env.mgtSvr)
cfo.addEntry("zone", self.syscfg.env.zone)
cfo.addEntry("pod", self.syscfg.env.pod)
cfo.addEntry("cluster", self.syscfg.env.cluster)
cfo.addEntry("hypervisor.type", self.syscfg.env.hypervisor)
cfo.addEntry("port", "8250")
cfo.addEntry("private.network.device", self.syscfg.env.nics[0])
cfo.addEntry("public.network.device", self.syscfg.env.nics[1])
cfo.addEntry("guest.network.device", self.syscfg.env.nics[2])
cfo.addEntry("guid", str(self.syscfg.env.uuid))
if cfo.getEntry("local.storage.uuid") == "":
cfo.addEntry("local.storage.uuid", str(bash("uuidgen").getStdout()))
if cfo.getEntry("resource") == "":
cfo.addEntry("resource", "com.cloud.hypervisor.kvm.resource.LibvirtComputingResource")
cfo.save()
self.syscfg.svo.stopService("cloudstack-agent")
bash("sleep 30")
self.syscfg.svo.enableService("cloudstack-agent")
return True
except:
raise
def configAgent(self):
try:
cfo = configFileOps("/etc/cloudstack/agent/agent.properties", self)
cfo.addEntry("host", self.syscfg.env.mgtSvr)
cfo.addEntry("zone", self.syscfg.env.zone)
cfo.addEntry("pod", self.syscfg.env.pod)
cfo.addEntry("cluster", self.syscfg.env.cluster)
cfo.addEntry("hypervisor.type", self.syscfg.env.hypervisor)
cfo.addEntry("port", "8250")
cfo.addEntry("private.network.device", self.syscfg.env.nics[0])
cfo.addEntry("public.network.device", self.syscfg.env.nics[1])
cfo.addEntry("guest.network.device", self.syscfg.env.nics[2])
cfo.addEntry("guid", str(self.syscfg.env.uuid))
if cfo.getEntry("local.storage.uuid") == "":
cfo.addEntry("local.storage.uuid",
str(bash("uuidgen").getStdout()))
if cfo.getEntry("resource") == "":
cfo.addEntry(
"resource",
"com.cloud.hypervisor.kvm.resource.LibvirtComputingResource"
)
cfo.save()
self.syscfg.svo.stopService("cloudstack-agent")
bash("sleep 30")
self.syscfg.svo.enableService("cloudstack-agent")
return True
except:
raise
def addBridge(self, br, dev):
bash("ifdown %s"%dev.name)
for line in file(self.netCfgFile).readlines():
match = re.match("^ *iface %s.*"%dev.name, line)
if match is not None:
dev.method = self.getNetworkMethod(match.group(0))
cfo = configFileOps(self.netCfgFile, self)
if self.syscfg.env.bridgeType == "openvswitch":
bridgeCfg = "\n".join(("",
"iface {device} inet manual",
" ovs_type OVSPort",
" ovs_bridge {bridge}",
"",
"auto {bridge}",
"allow-ovs {bridge}",
"iface {bridge} inet {device_method}",
" ovs_type OVSBridge",
" ovs_ports {device}",
"")).format(bridge=br, device=dev.name, device_method=dev.method)
cfo.replace_line("^ *auto %s.*" % dev.name,
"allow-{bridge} {device}".format(bridge=br, device=dev.name))
elif self.syscfg.env.bridgeType == "native":
bridgeCfg = "\niface %s inet manual\n \
auto %s\n \
iface %s inet %s\n \
bridge_ports %s\n"%(dev.name, br, br, dev.method, dev.name)
else:
raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType)
cfo.replace_line("^ *iface %s.*"%dev.name, bridgeCfg)
def restore(self):
try:
bash("setenforce 1")
return True
except:
logging.debug(formatExceptionInfo())
return False
def config(self):
try:
cmd = bash("service apparmor status")
if not cmd.isSuccess() or cmd.getStdout() == "":
self.spRunning = False
return True
if not bash("apparmor_status |grep libvirt").isSuccess():
return True
bash(
"ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/"
)
bash(
"ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/"
)
bash("apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd")
bash(
"apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper"
)
return True
except:
raise CloudRuntimeException(
"Failed to configure apparmor, please see the /var/log/cloudstack/agent/setup.log for detail, \
or you can manually disable it before starting myCloud"
)
def allowPort(self, port):
status = False
try:
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
except:
pass
if not status:
bash("ufw allow %s/tcp"%port)
def allowPort(self, port):
status = False
try:
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
except:
pass
if not status:
bash("iptables -I INPUT -p tcp -m tcp --dport %s -j ACCEPT"%port)
def allowPort(self, port):
status = False
try:
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
except:
pass
if not status:
bash("ufw allow %s/tcp"%port)
def restore(self):
try:
if self.netMgrRunning:
self.syscfg.svo.enableService("NetworkManager")
self.syscfg.svo.startService("NetworkManager")
bash("service network restart")
return True
except:
logging.debug(formatExceptionInfo())
return False
def restore(self):
try:
if self.netMgrRunning:
self.syscfg.svo.enableService("NetworkManager")
self.syscfg.svo.startService("NetworkManager")
bash("service network restart")
return True
except:
logging.debug(formatExceptionInfo())
return False
def config(self):
try:
for port in self.ports:
self.allowPort(port)
#FIXME: urgly make /root writable
bash("sudo chmod 0777 /root")
return True
except:
raise
def config(self):
try:
for port in self.ports:
self.allowPort(port)
#FIXME: urgly make /root writable
bash("sudo chmod 0777 /root")
return True
except:
raise
def restore(self):
try:
if self.netMgrRunning:
self.syscfg.svo.enableService("network-manager")
self.syscfg.svo.startService("network-manager")
bash("/etc/init.d/networking stop")
bash("/etc/init.d/networking start")
return True
except:
logging.debug(formatExceptionInfo())
return False
def restore(self):
try:
if self.netMgrRunning:
self.syscfg.svo.enableService("network-manager")
self.syscfg.svo.startService("network-manager")
bash("/etc/init.d/networking stop")
bash("/etc/init.d/networking start")
return True
except:
logging.debug(formatExceptionInfo())
return False
def addBridge(self, br, dev):
bash("ifdown %s"%dev.name)
for line in file(self.netCfgFile).readlines():
match = re.match("^ *iface %s.*"%dev.name, line)
if match is not None:
dev.method = self.getNetworkMethod(match.group(0))
bridgeCfg = "\niface %s inet manual\n \
auto %s\n \
iface %s inet %s\n \
bridge_ports %s\n"%(dev.name, br, br, dev.method, dev.name)
cfo = configFileOps(self.netCfgFile, self)
cfo.replace_line("^ *iface %s.*"%dev.name, bridgeCfg)
def addBridge(self, br, dev):
bash("ifdown %s"%dev.name)
for line in file(self.netCfgFile).readlines():
match = re.match("^ *iface %s.*"%dev.name, line)
if match is not None:
dev.method = self.getNetworkMethod(match.group(0))
bridgeCfg = "\niface %s inet manual\n \
auto %s\n \
iface %s inet %s\n \
bridge_ports %s\n"%(dev.name, br, br, dev.method, dev.name)
cfo = configFileOps(self.netCfgFile, self)
cfo.replace_line("^ *iface %s.*"%dev.name, bridgeCfg)
def config(self):
try:
for port in self.ports:
self.allowPort(port)
for rule in self.rules:
bash("iptables " + rule)
bash("iptables-save > /etc/sysconfig/iptables")
self.syscfg.svo.stopService("iptables")
self.syscfg.svo.startService("iptables")
return True
except:
raise
def executeFromFile(self, file):
if not os.path.exists(file):
return False
cmdLine = "mysql --host=" + self.host + " --port=" + str(self.port) + " --user="******" --password="******" < " + file
try:
bash(cmdLine)
except:
raise CloudRuntimeException("Failed to execute " + cmdLine)
def config(self):
try:
for port in self.ports:
self.allowPort(port)
for rule in self.rules:
bash("iptables " + rule)
bash("iptables-save > /etc/sysconfig/iptables")
self.syscfg.svo.stopService("iptables")
self.syscfg.svo.startService("iptables")
return True
except:
raise
def config(self):
try:
if super(networkConfigRedhat, self).isPreConfiged():
return True
super(networkConfigRedhat, self).cfgNetwork()
self.netMgrRunning = self.syscfg.svo.isServiceRunning(
"NetworkManager")
if self.netMgrRunning:
self.syscfg.svo.stopService("NetworkManager")
self.syscfg.svo.disableService("NetworkManager")
cfo = configFileOps("/etc/sysconfig/network", self)
cfo.addEntry("NOZEROCONF", "yes")
cfo.save()
if not bash("service network restart").isSuccess():
raise CloudInternalException("Can't restart network")
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
return True
except:
raise
def configMyCloud(self):
try:
cfo = configFileOps("/etc/cloudstack/agent/agent.properties", self)
cfo.addEntry("host", self.syscfg.env.mgtSvr)
cfo.addEntry("zone", self.syscfg.env.zone)
cfo.addEntry("port", "443")
cfo.addEntry("private.network.device", self.syscfg.env.nics[0])
cfo.addEntry("public.network.device", self.syscfg.env.nics[1])
cfo.addEntry("guest.network.device", self.syscfg.env.nics[2])
if cfo.getEntry("local.storage.uuid") == "":
cfo.addEntry("local.storage.uuid",
str(bash("uuidgen").getStdout()))
cfo.addEntry("guid", str(self.syscfg.env.uuid))
cfo.addEntry("mount.path", "/mnt")
cfo.addEntry(
"resource",
"com.cloud.storage.resource.LocalSecondaryStorageResource|com.cloud.agent.resource.computing.CloudZonesComputingResource"
)
cfo.save()
#self.syscfg.svo.stopService("cloud-agent")
#self.syscfg.svo.enableService("cloud-agent")
return True
except:
raise
def getDevInfo(dev):
if not networkConfig.isNetworkDev(dev):
logging.debug("dev: " + dev + " is not a network device")
raise CloudInternalException("dev: " + dev +
" is not a network device")
netmask = None
ipAddr = None
macAddr = None
cmd = bash("ifconfig " + dev)
if not cmd.isSuccess():
logging.debug("Failed to get address from ifconfig")
raise CloudInternalException(
"Failed to get network info by ifconfig %s" % dev)
for line in cmd.getLines():
if line.find("HWaddr") != -1:
macAddr = line.split("HWaddr ")[1].strip(" ")
elif line.find("inet ") != -1:
m = re.search("addr:(.*)\ *Bcast:(.*)\ *Mask:(.*)", line)
if m is not None:
ipAddr = m.group(1).rstrip(" ")
netmask = m.group(3).rstrip(" ")
if networkConfig.isBridgePort(dev):
type = "brport"
elif networkConfig.isBridge(dev):
type = "bridge"
else:
type = "dev"
return networkConfig.devInfo(macAddr, ipAddr, netmask, None, type, dev)
def config(self):
try:
if super(networkConfigRedhat, self).isPreConfiged():
return True
super(networkConfigRedhat, self).cfgNetwork()
self.netMgrRunning = self.syscfg.svo.isServiceRunning("NetworkManager")
if self.netMgrRunning:
self.syscfg.svo.stopService("NetworkManager")
self.syscfg.svo.disableService("NetworkManager")
cfo = configFileOps("/etc/sysconfig/network", self)
cfo.addEntry("NOZEROCONF", "yes")
cfo.save()
if not bash("service network restart").isSuccess():
raise CloudInternalException("Can't restart network")
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
return True
except:
raise
def getDevInfo(dev):
if not networkConfig.isNetworkDev(dev):
logging.debug("dev: " + dev + " is not a network device")
raise CloudInternalException("dev: " + dev + " is not a network device")
netmask = None
ipAddr = None
macAddr = None
cmd = bash("ifconfig " + dev)
if not cmd.isSuccess():
logging.debug("Failed to get address from ifconfig")
raise CloudInternalException("Failed to get network info by ifconfig %s"%dev)
for line in cmd.getLines():
if line.find("HWaddr") != -1:
macAddr = line.split("HWaddr ")[1].strip(" ")
elif line.find("inet ") != -1:
m = re.search("addr:(.*)\ *Bcast:(.*)\ *Mask:(.*)", line)
if m is not None:
ipAddr = m.group(1).rstrip(" ")
netmask = m.group(3).rstrip(" ")
if networkConfig.isBridgePort(dev):
type = "brport"
elif networkConfig.isBridge(dev):
type = "bridge"
else:
type = "dev"
return networkConfig.devInfo(macAddr, ipAddr, netmask, None, type, dev)
def config(self):
selinuxEnabled = True
if not bash("selinuxenabled").isSuccess():
selinuxEnabled = False
if selinuxEnabled:
try:
bash("setenforce 0")
cfo = configFileOps("/etc/selinux/config", self)
cfo.replace_line("SELINUX=", "SELINUX=permissive")
return True
except:
raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloud/setupAgent.log for detail, \
or you can manually disable it before starting myCloud")
else:
return True
def config(self):
selinuxEnabled = True
if not bash("selinuxenabled").isSuccess():
selinuxEnabled = False
if selinuxEnabled:
try:
bash("setenforce 0")
cfo = configFileOps("/etc/selinux/config", self)
cfo.replace_line("SELINUX=", "SELINUX=permissive")
return True
except:
raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloudstack/setupAgent.log for detail, \
or you can manually disable it before starting myCloud")
else:
return True
def isOvsBridge(devName):
cmd = bash("which ovs-vsctl")
if not cmd.isSuccess():
return False
try:
return 0 == subprocess.check_call(
("ovs-vsctl", "br-exists", devName))
except subprocess.CalledProcessError:
return False
def addBridge(self, brName, dev):
bash("ifdown %s"%dev.name)
if not os.path.exists(self.brCfgFile):
shutil.copy(self.devCfgFile, self.brCfgFile)
#config device file at first: disable nm, set onboot=yes if not
cfo = configFileOps(self.devCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
cfo.addEntry("BRIDGE", brName)
cfo.save()
cfo = configFileOps(self.brCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
cfo.addEntry("DEVICE", brName)
cfo.addEntry("TYPE", "Bridge")
cfo.save()
def config(self):
try:
cmd = bash("service apparmor status")
if not cmd.isSuccess() or cmd.getStdout() == "":
self.spRunning = False
return True
if not bash("apparmor_status |grep libvirt").isSuccess():
return True
bash("ln -s /etc/apparmor.d/usr.sbin.libvirtd /etc/apparmor.d/disable/")
bash("ln -s /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper /etc/apparmor.d/disable/")
bash("apparmor_parser -R /etc/apparmor.d/usr.sbin.libvirtd")
bash("apparmor_parser -R /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper")
return True
except:
raise CloudRuntimeException("Failed to configure apparmor, please see the /var/log/cloud/setupAgent.log for detail, \
or you can manually disable it before starting myCloud")
def addBridge(self, brName, dev):
bash("ifdown %s"%dev.name)
if not os.path.exists(self.brCfgFile):
shutil.copy(self.devCfgFile, self.brCfgFile)
#config device file at first: disable nm, set onboot=yes if not
cfo = configFileOps(self.devCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
cfo.addEntry("BRIDGE", brName)
cfo.save()
cfo = configFileOps(self.brCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
cfo.addEntry("DEVICE", brName)
cfo.addEntry("TYPE", "Bridge")
cfo.save()
def addBridge(self, brName, dev):
bash("ifdown %s" % dev.name)
if not os.path.exists(self.brCfgFile):
shutil.copy(self.devCfgFile, self.brCfgFile)
#config device file at first: disable nm, set onboot=yes if not
cfo = configFileOps(self.devCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
if self.syscfg.env.bridgeType == "openvswitch":
if cfo.getEntry("IPADDR"):
cfo.rmEntry("IPADDR", cfo.getEntry("IPADDR"))
cfo.addEntry("DEVICETYPE", "ovs")
cfo.addEntry("TYPE", "OVSPort")
cfo.addEntry("OVS_BRIDGE", brName)
elif self.syscfg.env.bridgeType == "native":
cfo.addEntry("BRIDGE", brName)
else:
raise CloudInternalException("Unknown network.bridge.type %s" %
self.syscfg.env.bridgeType)
cfo.save()
cfo = configFileOps(self.brCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
cfo.addEntry("DEVICE", brName)
if self.syscfg.env.bridgeType == "openvswitch":
if cfo.getEntry("HWADDR"):
cfo.rmEntry("HWADDR", cfo.getEntry("HWADDR"))
if cfo.getEntry("UUID"):
cfo.rmEntry("UUID", cfo.getEntry("UUID"))
cfo.addEntry("STP", "yes")
cfo.addEntry("DEVICETYPE", "ovs")
cfo.addEntry("TYPE", "OVSBridge")
elif self.syscfg.env.bridgeType == "native":
cfo.addEntry("TYPE", "Bridge")
else:
raise CloudInternalException("Unknown network.bridge.type %s" %
self.syscfg.env.bridgeType)
cfo.save()
def addBridge(self, brName, dev):
bash("ifdown %s" % dev.name)
if not os.path.exists(self.brCfgFile):
shutil.copy(self.devCfgFile, self.brCfgFile)
#config device file at first: disable nm, set onboot=yes if not
cfo = configFileOps(self.devCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
if self.syscfg.env.bridgeType == "openvswitch":
if cfo.getEntry("IPADDR"):
cfo.rmEntry("IPADDR", cfo.getEntry("IPADDR"))
cfo.addEntry("DEVICETYPE", "ovs")
cfo.addEntry("TYPE", "OVSPort")
cfo.addEntry("OVS_BRIDGE", brName)
elif self.syscfg.env.bridgeType == "native":
cfo.addEntry("BRIDGE", brName)
else:
raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType)
cfo.save()
cfo = configFileOps(self.brCfgFile, self)
cfo.addEntry("NM_CONTROLLED", "no")
cfo.addEntry("ONBOOT", "yes")
cfo.addEntry("DEVICE", brName)
if self.syscfg.env.bridgeType == "openvswitch":
if cfo.getEntry("HWADDR"):
cfo.rmEntry("HWADDR", cfo.getEntry("HWADDR"))
if cfo.getEntry("UUID"):
cfo.rmEntry("UUID", cfo.getEntry("UUID"))
cfo.addEntry("STP", "yes")
cfo.addEntry("DEVICETYPE", "ovs")
cfo.addEntry("TYPE", "OVSBridge")
elif self.syscfg.env.bridgeType == "native":
cfo.addEntry("TYPE", "Bridge")
else:
raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType)
cfo.save()
def getDefaultNetwork():
cmd = bash("route -n|awk \'/^0.0.0.0/ {print $2,$8}\'")
if not cmd.isSuccess():
logging.debug("Failed to get default route")
raise CloudRuntimeException("Failed to get default route")
result = cmd.getStdout().split(" ")
gateway = result[0]
dev = result[1]
pdi = networkConfig.getDevInfo(dev)
logging.debug("Found default network device:%s"%pdi.name)
pdi.gateway = gateway
return pdi
def getDefaultNetwork():
cmd = bash("route -n|awk \'/^0.0.0.0/ {print $2,$8}\'")
if not cmd.isSuccess():
logging.debug("Failed to get default route")
raise CloudRuntimeException("Failed to get default route")
result = cmd.getStdout().split(" ")
gateway = result[0]
dev = result[1]
pdi = networkConfig.getDevInfo(dev)
logging.debug("Found default network device:%s" % pdi.name)
pdi.gateway = gateway
return pdi
def createBridge(dev, brName):
if not networkConfig.isBridgeSupported():
logging.debug("bridge is not supported")
return False
if networkConfig.isBridgeEnslavedWithDevices(brName):
logging.debug("bridge: %s has devices enslaved"%brName)
return False
cmds = ""
if not networkConfig.isBridge(brName):
cmds = "brctl addbr %s ;"%brName
cmds += "ifconfig %s up;"%brName
cmds += "brctl addif %s %s"%(brName, dev)
return bash(cmds).isSuccess()
def createBridge(dev, brName):
if not networkConfig.isBridgeSupported():
logging.debug("bridge is not supported")
return False
if networkConfig.isBridgeEnslavedWithDevices(brName):
logging.debug("bridge: %s has devices enslaved" % brName)
return False
cmds = ""
if not networkConfig.isBridge(brName):
cmds = "brctl addbr %s ;" % brName
cmds += "ifconfig %s up;" % brName
cmds += "brctl addif %s %s" % (brName, dev)
return bash(cmds).isSuccess()
def config(self):
try:
ports = "22 1798 16509".split()
for p in ports:
bash("ufw allow %s"%p)
bash("ufw allow proto tcp from any to any port 5900:6100")
bash("ufw allow proto tcp from any to any port 49152:49216")
self.syscfg.svo.stopService("ufw")
self.syscfg.svo.startService("ufw")
return True
except:
raise
def config(self):
try:
ports = "22 1798 16509".split()
for p in ports:
bash("ufw allow %s" % p)
bash("ufw allow proto tcp from any to any port 5900:6100")
bash("ufw allow proto tcp from any to any port 49152:49216")
self.syscfg.svo.stopService("ufw")
self.syscfg.svo.startService("ufw")
return True
except:
raise
def configMyCloud(self):
try:
cfo = configFileOps("/etc/cosmic/agent/agent.properties", self)
cfo.addEntry("host", self.syscfg.env.mgtSvr)
cfo.addEntry("zone", self.syscfg.env.zone)
cfo.addEntry("port", "443")
if cfo.getEntry("local.storage.uuid") == "":
cfo.addEntry("local.storage.uuid", str(bash("uuidgen").getStdout()))
cfo.addEntry("guid", str(self.syscfg.env.uuid))
cfo.addEntry("mount.path", "/mnt")
cfo.addEntry("resource", "com.cloud.storage.resource.LocalSecondaryStorageResource|com.cloud.agent.resource.computing.CloudZonesComputingResource")
cfo.save()
#self.syscfg.svo.stopService("cloud-agent")
#self.syscfg.svo.enableService("cloud-agent")
return True
except:
raise
def config(self):
try:
if super(networkConfigUbuntu, self).isPreConfiged():
return True
self.netMgrRunning = self.syscfg.svo.isServiceRunning("network-manager")
super(networkConfigUbuntu, self).cfgNetwork()
if self.netMgrRunning:
self.syscfg.svo.stopService("network-manager")
self.syscfg.svo.disableService("network-manager")
if not bash("ifup %s"%self.brName).isSuccess():
raise CloudInternalException("Can't start network:%s"%self.brName, bash.getErrMsg(self))
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
return True
except:
raise
def config(self):
try:
if super(networkConfigUbuntu, self).isPreConfiged():
return True
self.netMgrRunning = self.syscfg.svo.isServiceRunning("network-manager")
super(networkConfigUbuntu, self).cfgNetwork()
if self.netMgrRunning:
self.syscfg.svo.stopService("network-manager")
self.syscfg.svo.disableService("network-manager")
if not bash("ifup %s"%self.brName).isSuccess():
raise CloudInternalException("Can't start network:%s"%self.brName, bash.getErrMsg(self))
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
self.syscfg.env.nics.append(self.brName)
return True
except:
raise
def allowPort(self, port):
status = False
try:
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
except:
pass
if not status:
redo = False
result = True
try:
result = bash("iptables -I INPUT -p tcp -m tcp --dport %s -j ACCEPT"%port).isSuccess()
except:
redo = True
if not result or redo:
bash("sleep 30")
bash("iptables -I INPUT -p tcp -m tcp --dport %s -j ACCEPT"%port)
def allowPort(self, port):
status = False
try:
status = bash("iptables-save|grep INPUT|grep -w %s"%port).isSuccess()
except:
pass
if not status:
redo = False
result = True
try:
result = bash("iptables -I INPUT -p tcp -m tcp --dport %s -j ACCEPT"%port).isSuccess()
except:
redo = True
if not result or redo:
bash("sleep 30")
bash("iptables -I INPUT -p tcp -m tcp --dport %s -j ACCEPT"%port)
def checkHostName():
ret = bash("hostname --fqdn")
if not ret.isSuccess():
raise CloudInternalException("Cannot get hostname, 'hostname --fqdn failed'")
try:
statement = """ UPDATE configuration SET value='%s' WHERE name='%s'"""
db.execute(statement%('true','use.local.storage'))
db.execute(statement%('20','max.template.iso.size'))
statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """
db.execute(statement%('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4'))
statement="""UPDATE disk_offering set use_local_storage=1"""
db.execute(statement)
except:
raise e
#add DNAT 443 to 8250
if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ")
#generate keystore
keyPath = "/var/lib/cloud/management/web.keystore"
if not os.path.exists(keyPath):
cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath)
if not cmd.isSuccess():
raise CloudInternalException(cmd.getErrMsg())
cfo = configFileOps("/etc/cloudstack/management/tomcat6.conf", self)
cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \""%keyPath)
elif self.syscfg.env.svrMode == "HttpsServer":
if not os.path.exists("/etc/cloudstack/management/server-ssl.xml") or not os.path.exists("/etc/cloudstack/management/tomcat6-ssl.conf"):
raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server-ssl.xml or /etc/cloudstack/management/tomcat6-ssl.conf, https enables failed")
def isBridgeSupported():
if os.path.exists("/proc/sys/net/bridge"):
return True
return bash("modprobe -b bridge").isSucess()
try:
statement = """ UPDATE configuration SET value='%s' WHERE name='%s'"""
db.execute(statement%('true','use.local.storage'))
db.execute(statement%('20','max.template.iso.size'))
statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """
db.execute(statement%('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4'))
statement="""UPDATE disk_offering set use_local_storage=1"""
db.execute(statement)
except:
raise e
#add DNAT 443 to 8250
if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ")
#generate keystore
keyPath = "/var/lib/cloud/management/web.keystore"
if not os.path.exists(keyPath):
cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath)
if not cmd.isSuccess():
raise CloudInternalException(cmd.getErrMsg())
cfo = configFileOps("/etc/cloud/management/tomcat6.conf", self)
cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \""%keyPath)
try:
self.syscfg.svo.disableService("tomcat6")
def isBridgeSupported():
if os.path.exists("/proc/sys/net/bridge"):
return True
return bash("modprobe bridge").isSucess()
try:
statement = """ UPDATE configuration SET value='%s' WHERE name='%s'"""
db.execute(statement%('true','use.local.storage'))
db.execute(statement%('20','max.template.iso.size'))
statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """
db.execute(statement%('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4'))
statement="""UPDATE disk_offering set use_local_storage=1"""
db.execute(statement)
except:
raise e
#add DNAT 443 to 8250
if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ")
elif self.syscfg.env.svrMode == "HttpsServer":
if not bash("iptables-save |grep PREROUTING | grep 8443").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8443")
bash("touch /var/run/cloudstack-management.pid")
bash("chown cloud.cloud /var/run/cloudstack-management.pid")
checkHostName()
bash("mkdir -p /var/lib/cloudstack/")
bash("chown cloud:cloud -R /var/lib/cloudstack/")
#set max process per account is unlimited
if os.path.exists("/etc/security/limits.conf"):
cfo = configFileOps("/etc/security/limits.conf")
cfo.add_lines("cloud soft nproc -1\n")
cfo.add_lines("cloud hard nproc -1\n")
cfo.save()
db.execute(statement % ('true', 'use.local.storage'))
db.execute(statement % ('20', 'max.template.iso.size'))
statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """
db.execute(statement % (
'https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2',
'90fcd2fa4d3177e31ff296cecb9933b7', '4'))
statement = """UPDATE disk_offering set use_local_storage=1"""
db.execute(statement)
except:
raise e
#add DNAT 443 to 8250
if not bash(
"iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash(
"iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 "
)
#generate keystore
keyPath = "/var/lib/cloud/management/web.keystore"
if not os.path.exists(keyPath):
cmd = bash(
"keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""
% keyPath)
if not cmd.isSuccess():
raise CloudInternalException(cmd.getErrMsg())
cfo = configFileOps("/etc/cloud/management/tomcat6.conf", self)
def checkHostName():
ret = bash("hostname --fqdn")
if not ret.isSuccess():
raise CloudInternalException("Cannot get hostname, 'hostname --fqdn failed'")
try:
statement = """ UPDATE configuration SET value='%s' WHERE name='%s'"""
db.execute(statement % ('true', 'use.local.storage'))
db.execute(statement % ('20', 'max.template.iso.size'))
statement = """ UPDATE vm_template SET url='%s',checksum='%s' WHERE id='%s' """
db.execute(statement % ('https://rightscale-cloudstack.s3.amazonaws.com/kvm/RightImage_CentOS_5.4_x64_v5.6.28.qcow2.bz2', '90fcd2fa4d3177e31ff296cecb9933b7', '4'))
statement = """UPDATE disk_offering set use_local_storage=1"""
db.execute(statement)
except:
raise e
# add DNAT 443 to 8250
if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess():
bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ")
# generate keystore
keyPath = "/var/cloudstack/management/web.keystore"
if not os.path.exists(keyPath):
cmd = bash(
"keytool -genkeypair -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\"" % keyPath)
if not cmd.isSuccess():
raise CloudInternalException(cmd.getErrMsg())
if not self.syscfg.env.svrConf == "Tomcat7":
cfo = configFileOps("/etc/cloudstack/management/tomcat6.conf", self)
cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \"" % keyPath)
elif self.syscfg.env.svrMode == "HttpsServer":
if self.syscfg.env.svrConf == "Tomcat7":
