def update_hosts(self, config):
mgt_addr = config.management_address
if not mgt_addr:
return
config_data = [
'127.0.0.1 localhost',
'::1 localhost ip6-localhost ip6-loopback',
'%s %s' % (mgt_addr, config.hostname)
]
utils.replace_file('/tmp/hosts', '\n'.join(config_data))
utils.execute(['mv', '/tmp/hosts', '/etc/hosts'], self.root_helper)
def save_config(self, config, if_map):
"""
Writes config file for bird daemon.
:type config: astara_router.models.Configuration
:param config:
:type if_map: dict
:param if_map: A (dict) mapping of generic to physical hostname, e.g.:
{'ge0': 'eth0', 'ge1': 'eth1'}
"""
config_data = build_config(config, if_map)
utils.replace_file('/tmp/bird6.conf', config_data)
utils.execute(['mv', '/tmp/bird6.conf', CONF_PATH], self.root_helper)
def save_config(self, config):
"""
Writes <config> to the metadata configuration file (<CONF_PATH>).
:type config: astara_router.models.Configuration
:param config: An astara_router.models.Configuration object containing
the configuration of metadata service.
"""
config_data = build_config(config)
replace_file(
'/tmp/metadata.conf',
json.dumps(config_data, sort_keys=True)
)
execute(['mv', '/tmp/metadata.conf', CONF_PATH], self.root_helper)
def reload(self):
try:
last_config_hash = utils.hash_file(self.CONFIG_FILE)
except IOError:
last_config_hash = None
utils.replace_file('/tmp/keepalived.conf', self.config())
utils.execute(
['mv', '/tmp/keepalived.conf', '/etc/keepalived/keepalived.conf'],
self.root_helper)
if utils.hash_file(self.CONFIG_FILE) == last_config_hash:
return
if self._is_running():
self.sudo('keepalived', 'reload')
else:
self.sudo('keepalived', 'restart')
def update_network_dhcp_config(self, ifname, network):
"""
Updates the dnsmasq.conf config, enabling dhcp configuration for nova
networks that are mapped to tenants and disabling networks that do not
map to tenants.
:type ifname: str
:param ifname:
:type network:
:param network:
"""
if network.is_tenant_network:
config_data = self._build_dhcp_config(ifname, network)
else:
config_data = self._build_disabled_config(ifname)
file_path = os.path.join(CONF_DIR, '%s.conf' % ifname)
utils.replace_file('/tmp/dnsmasq.conf', config_data)
utils.execute(['mv', '/tmp/dnsmasq.conf', file_path], self.root_helper)
def update_network_dhcp_config(self, ifname, network):
"""
Updates the dnsmasq.conf config, enabling dhcp configuration for nova
networks that are mapped to tenants and disabling networks that do not
map to tenants.
:type ifname: str
:param ifname:
:type network:
:param network:
"""
if network.is_tenant_network:
config_data = self._build_dhcp_config(ifname, network)
else:
config_data = self._build_disabled_config(ifname)
file_path = os.path.join(CONF_DIR, '%s.conf' % ifname)
utils.replace_file('/tmp/dnsmasq.conf', config_data)
utils.execute(['mv', '/tmp/dnsmasq.conf', file_path], self.root_helper)
def save_config(self, config):
"""
Writes config file for strongswan daemon.
:type config: astara_router.models.Configuration
"""
env = jinja2.Environment(loader=jinja2.FileSystemLoader(TEMPLATE_DIR))
env.filters['strongswan'] = lambda v: STRONGSWAN_TRANSLATIONS.get(v, v)
templates = ('ipsec.conf', 'ipsec.secrets')
for template_name in templates:
tmpl = env.get_template(template_name + '.j2')
tmp = os.path.join('/tmp', template_name)
utils.replace_file(tmp, tmpl.render(vpnservices=config.vpn))
for template_name in templates:
tmp = os.path.join('/tmp', template_name)
etc = os.path.join('/etc', template_name)
utils.execute(['mv', tmp, etc], self.root_helper)
def save_config(self, config, generic_to_host):
"""
Renders template and writes to the conntrackd file
:type config: astara_router.models.Configuration
:param config: An astara_router.models.Configuration object containing
the ha_config configuration.
:param generic_to_host: A callable used to resolve generic interface
name to system interface name.
"""
mgt_interface = None
for interface in config.interfaces:
if interface.management:
mgt_interface = interface
break
mgt_addr = mgt_interface.first_v6 or mgt_interface.first_v4
ctxt = {
'source_address': str(mgt_addr),
'management_ip_version': mgt_addr.version,
'destination_address': config.ha_config['peers'][0],
'interface': generic_to_host(interface.ifname),
}
try:
old_config_hash = utils.hash_file(self.CONFIG_FILE)
except IOError:
old_config_hash = None
utils.replace_file('/tmp/conntrackd.conf',
self._config_templ.render(ctxt))
utils.execute(['mv', '/tmp/conntrackd.conf', self.CONFIG_FILE],
self.root_helper)
if old_config_hash != utils.hash_file(self.CONFIG_FILE):
self._should_restart = True
def save_config(self, config, interface_map):
'''
Save iptables-persistent firewall rules to disk.
:param config: The astara configuration to save to disk
:type config: astara.rug.models.Configuration
:param interface_map: A mapping of virtual ('ge0') to physical ('eth0')
interface names
:type interface_map: dict
'''
rules = itertools.chain(
self._build_filter_table(config),
self._build_nat_table(config),
self._build_mangle_table(config),
self._build_raw_table(config)
)
for version, rules in zip((4, 6), itertools.tee(rules)):
data = '\n'.join(map(
str,
[r for r in rules if getattr(r, 'for_v%s' % version)]
))
# Map virtual interface names
real_name = interface_map.get('ge0')[:-1]
ifname_re = '\-(?P<flag>i|o)(?P<ws>[\s!])(?P<not>!?)(?P<if>ge)(?P<no>\d+)' # noqa
ifname_sub = r'-\g<flag>\g<ws>\g<not>%s\g<no>' % real_name
data = re.sub(ifname_re, ifname_sub, data) + '\n'
utils.replace_file('/tmp/ip%stables.rules' % version, data)
utils.execute([
'mv',
'/tmp/ip%stables.rules' % version,
'/etc/iptables/rules.v%s' % version
], self.root_helper)
def update_hostname(self, config):
self.sudo(config.hostname)
utils.replace_file('/tmp/hostname', config.hostname)
utils.execute(['mv', '/tmp/hostname', '/etc/hostname'],
self.root_helper)
def update_hostname(self, config):
self.sudo(config.hostname)
utils.replace_file('/tmp/hostname', config.hostname)
utils.execute(
['mv', '/tmp/hostname', '/etc/hostname'], self.root_helper
)