def daemonSetup(self):
if not os.path.exists(self._defaults):
raise RuntimeError(
_(
"The configuration defaults file '{file}' "
"required but missing"
).format(
file=self._defaults,
)
)
self._config = configfile.ConfigFile(
(
self._defaults,
config.ENGINE_FKLSNR_VARS,
),
)
self._engineConfig = configfile.ConfigFile(
(
self._engineDefaults,
config.ENGINE_VARS,
),
)
self._checkInstallation(
pidfile=self.pidfile,
)
def _customization(self):
legacy = osetupcons.FileLocations.LEGACY_OVIRT_ENGINE_SYSCONFIG
config = None
for filename in (
legacy,
legacy + '.rpmsave',
):
if os.path.exists(filename):
self.logger.debug('Upgrading from 3.2.z')
self.environment[
osetupcons.ApacheEnv.CONFIGURE_ROOT_REDIRECTION] = True
config = configfile.ConfigFile([
filename,
])
break
if config is None:
self.logger.debug('Upgrading from 3.3.z legacy')
config = configfile.ConfigFile(
[osetupcons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG])
#preserve engine http and https ports.
if config.getboolean('ENGINE_HTTP_ENABLED'):
self.environment[
osetupcons.ConfigEnv.JBOSS_DIRECT_HTTP_PORT] = config.get(
'ENGINE_HTTP_PORT')
if config.getboolean('ENGINE_HTTPS_ENABLED'):
self.environment[
osetupcons.ConfigEnv.JBOSS_DIRECT_HTTPS_PORT] = config.get(
'ENGINE_HTTPS_PORT')
self.environment[osetupcons.ConfigEnv.FQDN] = config.get('ENGINE_FQDN')
if not config.getboolean('ENGINE_PROXY_ENABLED'):
self.environment[osetupcons.ApacheEnv.CONFIGURE_SSL] = True
else:
#if it's enabled it has been already done
self.environment[osetupcons.ApacheEnv.CONFIGURE_SSL] = False
for key in (
otopicons.CoreEnv.MODIFIED_FILES,
osetupcons.CoreEnv.UNINSTALL_UNREMOVABLE_FILES,
):
self.environment[key].append(
self.environment[osetupcons.ApacheEnv.HTTPD_CONF_SSL])
self.environment[osetupcons.DBEnv.SECURED] = config.getboolean(
name='ENGINE_DB_SECURED',
default='ssl=true' in config.get(
'ENGINE_DB_URL',
'',
))
self.environment[
osetupcons.DBEnv.SECURED_HOST_VALIDATION] = config.getboolean(
name='ENGINE_DB_SECURED_VALIDATION',
default=False,
)
def _init(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG,
])
if config.get('ENGINE_MANUAL'):
self._engine_manual = config.get('ENGINE_MANUAL')
if os.path.isdir(self._engine_manual):
self.environment.setdefault(
osetupcons.DocsEnv.DOCS_LOCAL,
True
)
self.environment.setdefault(
osetupcons.DocsEnv.DWH_DOC_URL,
osetupcons.Const.DWH_DOC_URI
)
self.environment.setdefault(
osetupcons.DocsEnv.REPORTS_DOC_URL,
osetupcons.Const.REPORTS_DOC_URI
)
else:
self.environment.setdefault(
osetupcons.DocsEnv.DOCS_LOCAL,
False
)
self.environment.setdefault(
osetupcons.DocsEnv.DWH_DOC_URL,
osetupcons.Const.DWH_DOC_URL
)
self.environment.setdefault(
osetupcons.DocsEnv.REPORTS_DOC_URL,
osetupcons.Const.REPORTS_DOC_URL
)
def _misc(self):
config = configfile.ConfigFile(
[osetupcons.FileLocations.OVIRT_NFS_RHEL_CONFIG])
changed_lines = []
content = []
if os.path.exists(osetupcons.FileLocations.NFS_RHEL_CONFIG):
with open(osetupcons.FileLocations.NFS_RHEL_CONFIG, 'r') as f:
content = f.read().splitlines()
self.environment[otopicons.CoreEnv.MAIN_TRANSACTION].append(
filetransaction.FileTransaction(
name=osetupcons.FileLocations.NFS_RHEL_CONFIG,
content=osetuputil.editConfigContent(
content=content,
params=config.values,
changed_lines=changed_lines,
new_line_tpl='{spaces}{param}="{value}"',
)))
self.environment[
osetupcons.CoreEnv.REGISTER_UNINSTALL_GROUPS].createGroup(
group='nfs_config',
description='NFS Configuration',
optional=True).addChanges(
'nfs_config',
osetupcons.FileLocations.NFS_RHEL_CONFIG,
changed_lines,
)
self.environment[
osetupcons.CoreEnv.UNINSTALL_UNREMOVABLE_FILES].append(
osetupcons.FileLocations.NFS_RHEL_CONFIG)
def _upate_external_providers_keystore(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_SSO
])
truststore = config.get(
'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE'
)
truststore_password = config.get(
'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD'
)
self._execute_command(
(
'keytool',
'-import',
'-alias',
OvnEnv.PROVIDER_NAME,
'-keystore',
truststore,
'-file',
oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT,
'-noprompt',
'-storepass',
truststore_password,
),
_(
'Failed to import provider certificate into '
'the external provider keystore'
)
)
def _validation(self):
config = configfile.ConfigFile(
(oenginecons.FileLocations.OVIRT_ENGINE_NOTIFIER_SERVICE_CONFIG,
), )
filterStr = config.get('FILTER')
self.logger.debug('filterStr: %s', filterStr)
if filterStr is not None and 'VDS_GROUP' in filterStr:
ans = dialog.queryBoolean(
dialog=self.dialog,
name='OVESETUP_WAIT_NOTIFIER_FILTER',
note=_(
'Setup found filter/s in engine-notifier configuration '
'files in {conf}.d/*.conf containing the string '
'"VDS_GROUP".\n You must manually change "VDS_GROUP" to '
'"CLUSTER" throughout the notifier configuration in '
'order to get notified on cluster related events.\n Do '
'you want to continue?\n'
'(Answering "no" will stop the upgrade '
'(@VALUES@) [@DEFAULT@]:').format(
conf=(oenginecons.FileLocations.
OVIRT_ENGINE_NOTIFIER_SERVICE_CONFIG), ),
prompt=True,
default=False,
)
self.environment[
oenginecons.ConfigEnv.IGNORE_VDS_GROUP_IN_NOTIFIER] = ans
if not ans:
raise RuntimeError(_('Aborted by user'))
def _customization(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG,
])
if not (
config.get('ENGINE_HEAP_MIN') and
config.get('ENGINE_HEAP_MAX')
):
self._enabled = True
calculated_heap_size = '{sizemb}M'.format(
sizemb=max(
1024,
self.environment[osetupcons.ConfigEnv.TOTAL_MEMORY_MB] // 4
)
)
if self.environment[
oenginecons.ConfigEnv.ENGINE_HEAP_MIN
] is None:
self.environment[
oenginecons.ConfigEnv.ENGINE_HEAP_MIN
] = config.get('ENGINE_HEAP_MIN') or calculated_heap_size
if self.environment[
oenginecons.ConfigEnv.ENGINE_HEAP_MAX
] is None:
self.environment[
oenginecons.ConfigEnv.ENGINE_HEAP_MAX
] = config.get('ENGINE_HEAP_MAX') or calculated_heap_size
def getStatement(self):
from ovirt_engine import configfile
engineConfig = configfile.ConfigFile(files=[
os.path.join(
self.dataDir,
'services',
'ovirt-engine',
'ovirt-engine.conf',
),
os.path.join(
self.prefix,
'etc',
'ovirt-engine',
'engine.conf',
),
], )
statement = Statement()
statement.connect(
host=engineConfig.get('ENGINE_DB_HOST'),
port=engineConfig.get('ENGINE_DB_PORT'),
secured=engineConfig.getboolean('ENGINE_DB_SECURED'),
securedHostValidation=engineConfig.getboolean(
'ENGINE_DB_SECURED_VALIDATION'),
user=engineConfig.get('ENGINE_DB_USER'),
password=engineConfig.get('ENGINE_DB_PASSWORD'),
database=engineConfig.get('ENGINE_DB_DATABASE'),
)
return statement
def _upate_external_providers_keystore(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_SSO
])
truststore = config.get('ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE')
truststore_password = config.get(
'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD')
command_parts = (
'keytool',
'-import',
'-alias',
OvnEnv.PROVIDER_NAME,
'-keystore',
truststore,
'-file',
oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT,
'-noprompt',
'-storepass',
)
command = command_parts + (truststore_password, )
manual_keytool_command = (
command_parts +
('"${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}"', ))
self._execute_command(command,
_('Failed to import provider certificate into '
'the external provider keystore'),
manual_commands=(
('.', FileLocations.OVIRT_ENGINE_DATADIR +
'/bin/engine-prolog.sh'),
manual_keytool_command,
))
def _setup(self):
config = configfile.ConfigFile([
odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG_DEFAULTS,
odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG,
])
self.environment[
odwhcons.CoreEnv.UUID
] = config.get('DWH_UUID') or str(uuid.uuid4())
def main():
service.setupLogger()
logger = logging.getLogger(_LOGGER_NAME)
try:
args = parse_args()
cfg_file = configfile.ConfigFile([
config.VMCONSOLE_PROXY_HELPER_DEFAULTS,
config.VMCONSOLE_PROXY_HELPER_VARS,
])
if cfg_file.getboolean('DEBUG') or args.debug:
logger.setLevel(logging.DEBUG)
base_url = (
# debug, emergency override
os.getenv('OVIRT_VMCONSOLE_ENGINE_BASE_URL')
or cfg_file.get('ENGINE_BASE_URL'))
logger.debug('using engine base url: %s', base_url)
enc = make_ticket_encoder(cfg_file)
data = enc.encode(json.dumps(make_request(args)))
req = urllib2.Request(
urlparse.urljoin(base_url, 'services/vmconsole-proxy'),
data=data,
headers={
'Content-Type': 'text/plain',
'Content-Length': len(data),
},
)
logger.debug('will send %r to %r', req.get_method(),
req.get_full_url())
ca_certs = cfg_file.get('ENGINE_CA')
if not ca_certs:
logger.warn('Engine CA not configured, '
'connecting in insecure mode')
ca_certs = None
with urlopen(
url=req,
ca_certs=ca_certs,
verify_host=cfg_file.getboolean('ENGINE_VERIFY_HOST')) as res:
if res.getcode() != _HTTP_STATUS_CODE_SUCCESS:
raise RuntimeError('Engine call failed: code=%d' %
res.getcode())
print(handle_response(res.read()))
except Exception as ex:
logger.error('Error: %s', ex)
logger.debug('Exception', exc_info=True)
return 1
else:
return 0
def _upate_external_providers_keystore(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
truststore = config.get(
'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE'
)
truststore_password = config.get(
'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD'
)
# We need to disable FIPS configuration of OpenJDK to be able to work
# with file system keystores and interoperability with openssl
command = (
'keytool',
'-J-Dcom.redhat.fips=false',
'-import',
'-alias',
OvnEnv.PROVIDER_NAME,
'-keystore',
truststore,
'-file',
oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT,
'-noprompt',
'-storepass:env',
'pass',
)
self._execute_command(
command,
_(
'Failed to import provider certificate into '
'the external provider keystore'
),
manual_commands=(
(
'.',
FileLocations.OVIRT_ENGINE_DATADIR +
'/bin/engine-prolog.sh'
),
(
(
'export pass='******'"${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}"'
),
),
command,
),
env={
'pass': truststore_password,
},
)
self._set_file_permissions(
truststore,
True,
stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH,
)
def _setup(self):
dbovirtutils = database.OvirtUtils(
plugin=self,
dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
)
dbovirtutils.detectCommands()
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
if config.get('ENGINE_DB_PASSWORD'):
try:
dbenv = {}
for e, k in (
(oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'),
(oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'),
(oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'),
(oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'),
(oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'),
):
dbenv[e] = config.get(k)
for e, k in (
(oenginecons.EngineDBEnv.SECURED, 'ENGINE_DB_SECURED'),
(
oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION,
'ENGINE_DB_SECURED_VALIDATION'
)
):
dbenv[e] = config.getboolean(k)
dbovirtutils.tryDatabaseConnect(dbenv)
self.environment.update(dbenv)
self.environment[
oenginecons.EngineDBEnv.NEW_DATABASE
] = dbovirtutils.isNewDatabase()
except RuntimeError as e:
self.logger.debug(
'Existing credential use failed',
exc_info=True,
)
msg = _(
'Cannot connect to Engine database using existing '
'credentials: {user}@{host}:{port}'
).format(
host=dbenv[oenginecons.EngineDBEnv.HOST],
port=dbenv[oenginecons.EngineDBEnv.PORT],
database=dbenv[oenginecons.EngineDBEnv.DATABASE],
user=dbenv[oenginecons.EngineDBEnv.USER],
)
if self.environment[
osetupcons.CoreEnv.ACTION
] == osetupcons.Const.ACTION_REMOVE:
self.logger.warning(msg)
else:
raise RuntimeError(msg)
def _filter_engine_sensitive_keys(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
sensitive_keys = [
k.strip() for k in config.get('SENSITIVE_KEYS').split(',')
if k.strip()
]
for k in sensitive_keys:
self.environment[otopicons.CoreEnv.LOG_FILTER].append(
config.get(k))
def connect_to_engine_db(self):
statement = None
dbovirtutils = database.OvirtUtils(
plugin=self,
dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
)
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
if config.get('ENGINE_DB_PASSWORD'):
try:
dbenv = {}
for e, k in (
(oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'),
(oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'),
(oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'),
(oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'),
(oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'),
):
dbenv[e] = config.get(k)
for e, k in ((oenginecons.EngineDBEnv.SECURED,
'ENGINE_DB_SECURED'),
(oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION,
'ENGINE_DB_SECURED_VALIDATION')):
dbenv[e] = config.getboolean(k)
dbovirtutils.tryDatabaseConnect(dbenv)
self.environment.update(dbenv)
self.environment[oenginecons.EngineDBEnv.
NEW_DATABASE] = dbovirtutils.isNewDatabase()
statement = database.Statement(
dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
environment=self.environment,
)
except RuntimeError as e:
self.logger.debug(
'Existing credential use failed',
exc_info=True,
)
return statement
def _setup(self):
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG,
])
if config.get('ENGINE_FQDN'):
self._engine_fqdn = config.get('ENGINE_FQDN')
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(_('This service cannot be executed as root'))
if not os.path.exists(self._defaults):
raise RuntimeError(
_("The configuration defaults file '{file}' "
"required but missing").format(file=self._defaults, ))
self._config = configfile.ConfigFile((
self._defaults,
config.ENGINE_VARS,
), )
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._tempDir = service.TempDir(self._config.get('ENGINE_TMP'))
self._tempDir.create()
self._setupEngineApps()
jbossTempDir = os.path.join(
self._config.get('ENGINE_TMP'),
'tmp',
)
jbossConfigDir = os.path.join(
self._config.get('ENGINE_TMP'),
'config',
)
javaModulePath = self._linkModules(
'%s:%s' % (
self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
),
), )
os.mkdir(jbossTempDir)
os.mkdir(jbossConfigDir)
os.chmod(jbossConfigDir, 0o700)
jbossBootLoggingFile = self._processTemplate(
template=os.path.join(os.path.dirname(sys.argv[0]),
'ovirt-engine-logging.properties.in'),
dir=jbossConfigDir,
)
jbossConfigFile = self._processTemplate(
template=os.path.join(
os.path.dirname(sys.argv[0]),
'ovirt-engine.xml.in',
),
dir=jbossConfigDir,
mode=0o600,
)
# We start with an empty list of arguments:
self._engineArgs = []
# Add arguments for the java virtual machine:
self._engineArgs.extend([
# The name or the process, as displayed by ps:
'ovirt-engine',
# Virtual machine options:
'-server',
'-XX:+TieredCompilation',
'-Xms%s' % self._config.get('ENGINE_HEAP_MIN'),
'-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'),
'-XX:PermSize=%s' % self._config.get('ENGINE_PERM_MIN'),
'-XX:MaxPermSize=%s' % self._config.get('ENGINE_PERM_MAX'),
'-Djava.net.preferIPv4Stack=true',
'-Dsun.rmi.dgc.client.gcInterval=3600000',
'-Dsun.rmi.dgc.server.gcInterval=3600000',
'-Djava.awt.headless=true',
])
# Add extra system properties provided in the configuration:
for engineProperty in shlex.split(
self._config.get('ENGINE_PROPERTIES')):
if not engineProperty.startswith('-D'):
engineProperty = '-D' + engineProperty
self._engineArgs.append(engineProperty)
# Add extra jvm arguments provided in the configuration:
for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')):
self._engineArgs.append(arg)
# Add arguments for remote debugging of the java virtual machine:
engineDebugAddress = self._config.get('ENGINE_DEBUG_ADDRESS')
if engineDebugAddress:
self._engineArgs.append(
('-Xrunjdwp:transport=dt_socket,address=%s,'
'server=y,suspend=n') % (engineDebugAddress))
# Enable verbose garbage collection if required:
if self._config.getboolean('ENGINE_VERBOSE_GC'):
self._engineArgs.extend([
'-verbose:gc',
'-XX:+PrintGCTimeStamps',
'-XX:+PrintGCDetails',
])
# Add arguments for JBoss:
self._engineArgs.extend([
'-Djava.util.logging.manager=org.jboss.logmanager',
'-Dlogging.configuration=file://%s' % jbossBootLoggingFile,
'-Dorg.jboss.resolver.warning=true',
'-Djboss.modules.system.pkgs=org.jboss.byteman',
'-Djboss.modules.write-indexes=false',
'-Djboss.server.default.config=ovirt-engine',
'-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'),
'-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'),
'-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'),
'-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'),
'-Djboss.server.config.dir=%s' % jbossConfigDir,
'-Djboss.server.temp.dir=%s' % jbossTempDir,
'-Djboss.controller.temp.dir=%s' % jbossTempDir,
'-jar',
jbossModulesJar,
'-mp',
javaModulePath,
'-jaxpmodule',
'javax.xml.jaxp-provider',
'org.jboss.as.standalone',
'-c',
os.path.basename(jbossConfigFile),
])
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': ('/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'),
'LANG':
'en_US.UTF-8',
'LC_ALL':
'en_US.UTF-8',
'ENGINE_DEFAULTS':
self._defaults,
'ENGINE_VARS':
config.ENGINE_VARS,
'ENGINE_ETC':
self._config.get('ENGINE_ETC'),
'ENGINE_LOG':
self._config.get('ENGINE_LOG'),
'ENGINE_TMP':
self._config.get('ENGINE_TMP'),
'ENGINE_USR':
self._config.get('ENGINE_USR'),
'ENGINE_VAR':
self._config.get('ENGINE_VAR'),
'ENGINE_CACHE':
self._config.get('ENGINE_CACHE'),
})
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(_('This service cannot be executed as root'))
if not os.path.exists(self._defaults):
raise RuntimeError(
_("The configuration defaults file '{file}' "
"required but missing").format(file=self._defaults, ))
self._config = configfile.ConfigFile((
self._defaults,
config.ENGINE_NOTIFIER_VARS,
), )
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._engineArgs = [
# The name of the process, as displayed by ps:
'ovirt-engine-notifier',
]
# Add extra system properties provided in the configuration:
for notifierProperty in shlex.split(
self._config.get('NOTIFIER_PROPERTIES')):
if not notifierProperty.startswith('-D'):
notifierProperty = '-D' + notifierProperty
self._engineArgs.append(notifierProperty)
# Add extra jvm arguments provided in the configuration:
for arg in shlex.split(self._config.get('NOTIFIER_JVM_ARGS')):
self._engineArgs.append(arg)
debugAddress = self._config.get('NOTIFIER_DEBUG_ADDRESS')
if debugAddress:
self._engineArgs.append(
('-agentlib:jdwp=transport=dt_socket,address=%s,'
'server=y,suspend=n') % (debugAddress))
self._engineArgs += [
'-jar',
jbossModulesJar,
'-dependencies',
'org.ovirt.engine.core.tools',
'-class',
'org.ovirt.engine.core.notifier.Notifier',
]
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': ('/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'),
'LANG':
'en_US.UTF-8',
'LC_ALL':
'en_US.UTF-8',
'CLASSPATH':
'',
'JAVA_MODULEPATH':
'%s:%s' % (self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
)),
'ENGINE_DEFAULTS':
config.ENGINE_DEFAULTS,
'ENGINE_VARS':
config.ENGINE_VARS,
'ENGINE_NOTIFIER_DEFAULTS':
self._defaults,
'ENGINE_NOTIFIER_VARS':
config.ENGINE_NOTIFIER_VARS,
'MALLOC_ARENA_MAX':
self._config.get('NOTIFIER_MALLOC_ARENA_MAX'),
})
self._validateConfig()
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(
_('This service cannot be executed as root')
)
if not os.path.exists(self._defaults):
raise RuntimeError(
_(
"The configuration defaults file '{file}' "
"required but missing"
).format(
file=self._defaults,
)
)
self._config = configfile.ConfigFile(
(
self._defaults,
config.DWH_VARS,
),
)
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
self._checkInstallation(
pidfile=self.pidfile,
)
self._tempDir = service.TempDir()
self._tempDir.create()
settings = os.path.join(self._tempDir.directory, 'settings.properties')
with open(settings, 'w') as f:
f.write(
util.processTemplate(
os.path.join(
self._config.get('PKG_DATA_DIR'),
'conf',
'settings.properties.in'
),
dict(
('@%s@' % k, util.escape(v, ':=\\ ')) for (k, v) in
self._config.values.items()
),
)
)
self._serviceArgs = [
'ovirt-engine-dwhd',
'-Dorg.ovirt.engine.dwh.settings=%s' % settings,
]
# Add arguments for the java heap size:
self._serviceArgs.extend([
'-Xms%s' % self._config.get('DWH_HEAP_MIN'),
'-Xmx%s' % self._config.get('DWH_HEAP_MAX'),
])
for engineProperty in shlex.split(
self._config.get('DWH_PROPERTIES')
):
if not engineProperty.startswith('-D'):
engineProperty = '-D' + engineProperty
self._serviceArgs.append(engineProperty)
for arg in shlex.split(self._config.get('DWH_JVM_ARGS')):
self._serviceArgs.append(arg)
engineDebugAddress = self._config.get('DWH_DEBUG_ADDRESS')
if engineDebugAddress:
self._serviceArgs.append(
(
'-Xrunjdwp:transport=dt_socket,address=%s,'
'server=y,suspend=n'
) % (
engineDebugAddress
)
)
if self._config.getboolean('DWH_VERBOSE_GC'):
self._serviceArgs.extend([
'-verbose:gc',
'-XX:+PrintGCTimeStamps',
'-XX:+PrintGCDetails',
])
self._serviceArgs.extend([
'-classpath', '%s:%s' % (
os.path.join(
self._config.get('PKG_JAVA_LIB'),
'*',
),
self._getClasspath(),
),
'ovirt_engine_dwh.historyetl_4_3.HistoryETL',
'--context=Default',
])
self._serviceEnv = os.environ.copy()
self._serviceEnv.update({
'PATH': (
'/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'
),
'LANG': 'en_US.UTF-8',
'LC_ALL': 'en_US.UTF-8',
})
def _setup_engine_db_credentials(self):
# TODO: refactor the code in this function to be usable by similar
# ones
config = configfile.ConfigFile([
odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG_DEFAULTS,
odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG,
])
if config.get('ENGINE_DB_PASSWORD'):
try:
dbenv = {}
for e, k in (
(oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'),
(oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'),
(oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'),
(oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'),
(oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'),
):
dbenv[e] = (
self.environment.get(e)
if self.environment.get(e) is not None
else config.get(k)
)
for e, k in (
(oenginecons.EngineDBEnv.SECURED, 'ENGINE_DB_SECURED'),
(
oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION,
'ENGINE_DB_SECURED_VALIDATION'
)
):
dbenv[e] = config.getboolean(k)
dbovirtutils = database.OvirtUtils(
plugin=self,
dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
)
dbovirtutils.tryDatabaseConnect(dbenv)
self.environment.update(dbenv)
self.environment[
oenginecons.EngineDBEnv.NEW_DATABASE
] = dbovirtutils.isNewDatabase()
self.environment[
oenginecons.EngineDBEnv.NEED_DBMSUPGRADE
] = dbovirtutils.checkDBMSUpgrade()
except RuntimeError as e:
self.logger.debug(
'Existing credential use failed',
exc_info=True,
)
msg = _(
'Cannot connect to Engine database using existing '
'credentials: {user}@{host}:{port}'
).format(
host=dbenv[oenginecons.EngineDBEnv.HOST],
port=dbenv[oenginecons.EngineDBEnv.PORT],
database=dbenv[oenginecons.EngineDBEnv.DATABASE],
user=dbenv[oenginecons.EngineDBEnv.USER],
)
if self.environment[
osetupcons.CoreEnv.ACTION
] == osetupcons.Const.ACTION_REMOVE:
self.logger.warning(msg)
else:
raise RuntimeError(msg)
def _setup(self):
legacy = self._parse_legacy_conf(odwhcons.FileLocations.LEGACY_CONFIG)
current = configfile.ConfigFile(files=[
odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG_DEFAULTS,
odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG,
], )
#
# legacy package installed file with some defaults
# we need to ignore it if no password
#
if (not current.get('ENGINE_DB_PASSWORD')
and legacy.get('ovirtEngineHistoryDbPassword')):
fixups = []
for old, new in (
('runDeleteTime', 'DWH_DELETE_JOB_HOUR'),
('runInterleave', 'DWH_SAMPLING'),
('timeBetweenErrorEvents', 'DWH_ERROR_EVENT_INTERVAL'),
('hoursToKeepSamples', 'DWH_TABLES_KEEP_SAMPLES'),
('hoursToKeepHourly', 'DWH_TABLES_KEEP_HOURLY'),
('hoursToKeepDaily', 'DWH_TABLES_KEEP_DAILY'),
):
if legacy.get(old) != current.get(new):
fixups.append('%s="%s"' % (new, legacy.get(old)))
if fixups:
uninstall_files = []
self.environment[
osetupcons.CoreEnv.REGISTER_UNINSTALL_GROUPS].addFiles(
group='ovirt_dwh_files',
fileList=uninstall_files,
)
self.environment[otopicons.CoreEnv.MAIN_TRANSACTION].append(
filetransaction.FileTransaction(
name=(odwhcons.FileLocations.
OVIRT_ENGINE_DWHD_SERVICE_CONFIG_LEGACY),
content=fixups,
modifiedList=uninstall_files,
))
jdbcurl = self._RE_LEGACY_JDBC_URL.match(
legacy.get('ovirtEngineHistoryDbJdbcConnection'))
if (jdbcurl is None or jdbcurl.group('host') is None
or jdbcurl.group('database') is None):
raise RuntimeError(_('Invalid legacy DWH database config'))
self.environment[odwhcons.DBEnv.HOST] = jdbcurl.group('host')
self.environment[odwhcons.DBEnv.PORT] = (
jdbcurl.group('port') if jdbcurl.group('port') is not None else
odwhcons.Defaults.DEFAULT_DB_PORT)
self.environment[odwhcons.DBEnv.DATABASE] = jdbcurl.group(
'database')
self.environment[odwhcons.DBEnv.SECURED] = jdbcurl.group(
'extra').find('ssl=true') != -1
self.environment[
odwhcons.DBEnv.
SECURED_HOST_VALIDATION] = not jdbcurl.group('extra').find(
'sslfactory=org.postgresql.ssl.NonValidatingFactory') == -1
self.environment[odwhcons.DBEnv.USER] = legacy.get(
'ovirtEngineHistoryDbUser')
self.environment[odwhcons.DBEnv.PASSWORD] = legacy.get(
'ovirtEngineHistoryDbPassword')
database.OvirtUtils(
plugin=self,
dbenvkeys=odwhcons.Const.DWH_DB_ENV_KEYS,
).tryDatabaseConnect()
self.environment[odwhcons.DBEnv.NEW_DATABASE] = False
self.environment[odwhcons.CoreEnv.ENABLE] = True
def _setup(self):
dbovirtutils = database.OvirtUtils(
plugin=self,
dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
)
dbovirtutils.detectCommands()
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
if config.get('ENGINE_DB_PASSWORD'):
try:
dbenv = {}
for e, k in (
(oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'),
(oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'),
(oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'),
(oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'),
(oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'),
):
dbenv[e] = config.get(k)
for e, k in ((oenginecons.EngineDBEnv.SECURED,
'ENGINE_DB_SECURED'),
(oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION,
'ENGINE_DB_SECURED_VALIDATION')):
dbenv[e] = config.getboolean(k)
dbovirtutils.tryDatabaseConnect(dbenv)
self.environment.update(dbenv)
self.environment[oenginecons.EngineDBEnv.
NEW_DATABASE] = dbovirtutils.isNewDatabase()
self.environment[
oenginecons.EngineDBEnv.
NEED_DBMSUPGRADE] = dbovirtutils.checkDBMSUpgrade()
except RuntimeError:
self.logger.debug(
'Existing credential use failed',
exc_info=True,
)
msg = _('Cannot connect to Engine database using existing '
'credentials: {user}@{host}:{port}').format(
host=dbenv[oenginecons.EngineDBEnv.HOST],
port=dbenv[oenginecons.EngineDBEnv.PORT],
database=dbenv[oenginecons.EngineDBEnv.DATABASE],
user=dbenv[oenginecons.EngineDBEnv.USER],
)
if self.environment[osetupcons.CoreEnv.
ACTION] == osetupcons.Const.ACTION_REMOVE:
self.logger.warning(msg)
else:
raise RuntimeError(msg)
if not self.environment[oenginecons.EngineDBEnv.NEW_DATABASE]:
statement = database.Statement(
dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS,
environment=self.environment,
)
try:
justRestored = vdcoption.VdcOption(
statement=statement, ).getVdcOption(
'DbJustRestored',
ownConnection=True,
)
self.environment[oenginecons.EngineDBEnv.JUST_RESTORED] = (
justRestored == '1')
except RuntimeError:
pass
if self.environment[oenginecons.EngineDBEnv.JUST_RESTORED]:
self.logger.info(
_('The engine DB has been restored from a backup'))
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(
_('This service cannot be executed as root')
)
if not os.path.exists(self._defaults):
raise RuntimeError(
_(
"The configuration defaults file '{file}' "
"required but missing"
).format(
file=self._defaults,
)
)
self._config = configfile.ConfigFile(
(
self._defaults,
config.ENGINE_NOTIFIER_VARS,
),
)
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._engineArgs = [
'ovirt-engine-notifier',
'-Dlog4j.configuration=file://%s/notifier/log4j.xml' % (
self._config.get('ENGINE_ETC'),
),
'-Djboss.modules.write-indexes=false',
'-jar', jbossModulesJar,
'-dependencies', 'org.ovirt.engine.core.tools',
'-class', 'org.ovirt.engine.core.notifier.Notifier',
]
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': (
'/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'
),
'LANG': 'en_US.UTF-8',
'LC_ALL': 'en_US.UTF-8',
'CLASSPATH': '',
'JAVA_MODULEPATH': '%s:%s' % (
self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
)
),
'ENGINE_DEFAULTS': config.ENGINE_DEFAULTS,
'ENGINE_VARS': config.ENGINE_VARS,
'ENGINE_NOTIFIER_DEFAULTS': self._defaults,
'ENGINE_NOTIFIER_VARS': config.ENGINE_NOTIFIER_VARS,
})
def _misc(self):
def generatePassword():
rand = random.SystemRandom()
return ''.join([
rand.choice(string.ascii_letters + string.digits)
for i in range(32)
])
result = self.environment[oenginecons.EngineDBEnv.STATEMENT].execute(
statement="""
select sso_oauth_client_exists(
%(client_id)s
) as r
""",
args=dict(client_id=self.client_id, ),
)
if result[0]['r'] == 1:
self.dialog.note(
text=_('Unregistering existing client registration info.'), )
self.environment[oenginecons.EngineDBEnv.STATEMENT].execute(
statement="""
select sso_oauth_unregister_client(
%(client_id)s
)
""",
args=dict(client_id=self.client_id, ))
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
if config.get('ENGINE_SSO_CLIENT_SECRET'):
client_secret = config.get('ENGINE_SSO_CLIENT_SECRET')
else:
client_secret = generatePassword()
engine_port = self.environment[
oengcommcons.ConfigEnv.HTTPS_PORT] if self.environment[
oengcommcons.ConfigEnv.JBOSS_AJP_PORT] else self.environment[
oengcommcons.ConfigEnv.JBOSS_DIRECT_HTTPS_PORT]
engine_http_port = self.environment[
oengcommcons.ConfigEnv.HTTP_PORT] if self.environment[
oengcommcons.ConfigEnv.JBOSS_AJP_PORT] else self.environment[
oengcommcons.ConfigEnv.JBOSS_DIRECT_HTTP_PORT]
self.environment[otopicons.CoreEnv.LOG_FILTER].append(client_secret)
rc, stdout, stderr = self.execute(
(
oenginecons.FileLocations.OVIRT_ENGINE_CRYPTO_TOOL,
'pbe-encode',
'--password=env:pass',
),
envAppend={
'OVIRT_ENGINE_JAVA_HOME_FORCE':
'1',
'OVIRT_ENGINE_JAVA_HOME':
self.environment[oengcommcons.ConfigEnv.JAVA_HOME],
'OVIRT_JBOSS_HOME':
self.environment[oengcommcons.ConfigEnv.JBOSS_HOME],
'pass':
client_secret,
},
)
self.environment[oenginecons.EngineDBEnv.STATEMENT].execute(
statement="""
select sso_oauth_register_client(
%(client_id)s,
%(client_secret)s,
%(scope)s,
%(certificate)s,
%(callback_prefix)s,
%(description)s,
%(email)s,
%(trusted)s,
%(notification_callback)s,
%(notification_callback_host_protocol)s,
%(notification_callback_host_verification)s,
%(notification_callback_chain_validation)s
)
""",
args=dict(
client_id=self.client_id,
client_secret=stdout[0],
scope=' '.join((
'openid',
'ovirt-app-portal',
'ovirt-app-admin',
'ovirt-app-api',
'ovirt-ext=auth:identity',
'ovirt-ext=token:password-access',
'ovirt-ext=auth:sequence-priority',
'ovirt-ext=token:login-on-behalf',
'ovirt-ext=token-info:authz-search',
'ovirt-ext=token-info:public-authz-search',
'ovirt-ext=token-info:validate',
'ovirt-ext=revoke:revoke-all',
)),
certificate=(
oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CERT),
callback_prefix='https://%s:%s/ovirt-engine/' % (
self.environment[osetupcons.ConfigEnv.FQDN],
engine_port,
),
description='oVirt Engine',
email='',
trusted=True,
notification_callback=('https://%s:%s/ovirt-engine/'
'services/sso-callback') %
(
self.environment[osetupcons.ConfigEnv.FQDN],
engine_port,
),
notification_callback_host_protocol='TLS',
notification_callback_host_verification=False,
notification_callback_chain_validation=True,
),
)
self.environment[otopicons.CoreEnv.MAIN_TRANSACTION].append(
filetransaction.FileTransaction(
name=(
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_SSO),
mode=0o640,
owner=self.environment[oengcommcons.SystemEnv.USER_ROOT],
group=self.environment[osetupcons.SystemEnv.GROUP_ENGINE],
enforcePermissions=True,
content=(
'ENGINE_SSO_CLIENT_ID="{client_id}"\n'
'ENGINE_SSO_CLIENT_SECRET="{client_secret}"\n'
'ENGINE_SSO_AUTH_URL='
'"https://{fqdn}:{port}/ovirt-engine/sso"\n'
'ENGINE_SSO_SERVICE_URL='
'"https://{fqdn}:{port}/ovirt-engine/sso"\n'
'ENGINE_SSO_SERVICE_SSL_VERIFY_HOST=false\n'
'ENGINE_SSO_SERVICE_SSL_VERIFY_CHAIN=true\n'
'SSO_ALTERNATE_ENGINE_FQDNS=""\n'
'SSO_ENGINE_URL='
'"{engine_url_scheme}://{fqdn}:'
'{engine_url_port}/ovirt-engine/"\n'
'{devenv}').format(
client_id=self.client_id,
client_secret=client_secret,
fqdn=("${ENGINE_FQDN}"),
port=engine_port,
devenv=((
'SSO_CALLBACK_PREFIX_CHECK=false\n' if
self.environment[osetupcons.CoreEnv.DEVELOPER_MODE]
else '')),
engine_url_scheme=(('http' if self.environment[
osetupcons.CoreEnv.DEVELOPER_MODE] else 'https')),
engine_url_port=((
engine_http_port if
self.environment[osetupcons.CoreEnv.DEVELOPER_MODE]
else engine_port))),
modifiedList=self.environment[
otopicons.CoreEnv.MODIFIED_FILES],
))
def daemonSetup(self):
if os.geteuid() == 0:
raise RuntimeError(_('This service cannot be executed as root'))
if not os.path.exists(self._defaults):
raise RuntimeError(
_("The configuration defaults file '{file}' "
"required but missing").format(file=self._defaults, ))
self._config = configfile.ConfigFile((
self._defaults,
config.ENGINE_VARS,
), )
#
# the earliest so we can abort early.
#
self._executable = os.path.join(
java.Java().getJavaHome(),
'bin',
'java',
)
jbossModulesJar = os.path.join(
self._config.get('JBOSS_HOME'),
'jboss-modules.jar',
)
self._checkInstallation(
pidfile=self.pidfile,
jbossModulesJar=jbossModulesJar,
)
self._tempDir = service.TempDir(self._config.get('ENGINE_TMP'))
self._tempDir.create()
self._jbossRuntime = service.TempDir(self._config.get('JBOSS_RUNTIME'))
self._jbossRuntime.create()
self._setupEngineApps()
jbossTempDir = os.path.join(
self._jbossRuntime.directory,
'tmp',
)
jbossConfigDir = os.path.join(
self._jbossRuntime.directory,
'config',
)
javaModulePath = '%s:%s' % (
self._config.get('ENGINE_JAVA_MODULEPATH'),
os.path.join(
self._config.get('JBOSS_HOME'),
'modules',
),
)
os.mkdir(jbossTempDir)
os.mkdir(jbossConfigDir)
os.chmod(jbossConfigDir, 0o700)
jbossBootLoggingFile = self._processTemplate(
template=os.path.join(os.path.dirname(sys.argv[0]),
'ovirt-engine-logging.properties.in'),
dir=jbossConfigDir,
)
# We start with an empty list of arguments:
self._engineArgs = []
# Add arguments for the java virtual machine:
self._engineArgs.extend([
# Virtual machine options:
'-server',
'-XX:+TieredCompilation',
'-Xms%s' % self._config.get('ENGINE_HEAP_MIN'),
'-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'),
])
# Add extra system properties provided in the configuration:
for engineProperty in shlex.split(
self._config.get('ENGINE_PROPERTIES')):
if not engineProperty.startswith('-D'):
engineProperty = '-D' + engineProperty
self._engineArgs.append(engineProperty)
# Add extra jvm arguments provided in the configuration:
for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')):
self._engineArgs.append(arg)
# Enable verbose garbage collection if required:
if self._config.getboolean('ENGINE_VERBOSE_GC'):
self._engineArgs.extend([
'-verbose:gc',
'-XX:+PrintGCTimeStamps',
'-XX:+PrintGCDetails',
])
# Specify special krb5.conf file if required
if self._config.get('AAA_KRB5_CONF_FILE'):
self._engineArgs.append('-Djava.security.krb5.conf=%s' %
self._config.get('AAA_KRB5_CONF_FILE'))
# Add arguments for JBoss:
self._engineArgs.extend([
'-Djava.util.logging.manager=org.jboss.logmanager',
'-Dlogging.configuration=file://%s' % jbossBootLoggingFile,
'-Dorg.jboss.resolver.warning=true',
'-Djboss.modules.system.pkgs=org.jboss.byteman',
'-Djboss.server.default.config=ovirt-engine',
'-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'),
'-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'),
'-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'),
'-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'),
'-Djboss.server.config.dir=%s' % jbossConfigDir,
'-Djboss.server.temp.dir=%s' % jbossTempDir,
'-Djboss.controller.temp.dir=%s' % jbossTempDir,
'-jar',
jbossModulesJar,
'-mp',
javaModulePath,
'-jaxpmodule',
'javax.xml.jaxp-provider',
'org.jboss.as.standalone',
])
self._engineEnv = os.environ.copy()
self._engineEnv.update({
'PATH': ('/usr/local/sbin:/usr/local/bin:'
'/usr/sbin:/usr/bin:/sbin:/bin'),
'LANG':
'en_US.UTF-8',
'LC_ALL':
'en_US.UTF-8',
'ENGINE_DEFAULTS':
self._defaults,
'ENGINE_VARS':
config.ENGINE_VARS,
'ENGINE_ETC':
self._config.get('ENGINE_ETC'),
'ENGINE_LOG':
self._config.get('ENGINE_LOG'),
'ENGINE_TMP':
self._tempDir.directory,
'ENGINE_USR':
self._config.get('ENGINE_USR'),
'ENGINE_VAR':
self._config.get('ENGINE_VAR'),
'ENGINE_CACHE':
self._config.get('ENGINE_CACHE'),
})
self._detectJBossVersion()
self._jbossConfigFile = self._processTemplate(
template=os.path.join(
os.path.dirname(sys.argv[0]),
'ovirt-engine.xml.in',
),
dir=jbossConfigDir,
mode=0o600,
)
def _setup(self):
dbovirtutils = database.OvirtUtils(
plugin=self,
dbenvkeys=oclcons.Const.CINDERLIB_DB_ENV_KEYS,
)
dbovirtutils.detectCommands()
config = configfile.ConfigFile([
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS,
oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG
])
if config.get('CINDERLIB_DB_PASSWORD'):
try:
dbenv = {}
for e, k in (
(oclcons.CinderlibDBEnv.HOST, 'CINDERLIB_DB_HOST'),
(oclcons.CinderlibDBEnv.PORT, 'CINDERLIB_DB_PORT'),
(oclcons.CinderlibDBEnv.USER, 'CINDERLIB_DB_USER'),
(oclcons.CinderlibDBEnv.PASSWORD, 'CINDERLIB_DB_PASSWORD'),
(oclcons.CinderlibDBEnv.DATABASE, 'CINDERLIB_DB_DATABASE'),
):
dbenv[e] = config.get(k)
for e, k in ((oclcons.CinderlibDBEnv.SECURED,
'CINDERLIB_DB_SECURED'),
(oclcons.CinderlibDBEnv.SECURED_HOST_VALIDATION,
'CINDERLIB_DB_SECURED_VALIDATION')):
dbenv[e] = config.getboolean(k)
dbovirtutils.tryDatabaseConnect(dbenv)
self.environment.update(dbenv)
# current cinderlib engine-setup code leaves the database
# empty after creation, so we can't rely on
# dbovirtutils.isNewDatabase for checking this (because it
# checks if there are tables in the public schema).
# Always set to False if we managed to connect. TODO think
# of something more robust. Perhaps create our own dummy
# table to mark that it's 'populated', or save in postinstall
# something saying that it's created.
self.environment[oclcons.CinderlibDBEnv.NEW_DATABASE] = False
self.environment[
oclcons.CinderlibDBEnv.
NEED_DBMSUPGRADE] = dbovirtutils.checkDBMSUpgrade()
except RuntimeError:
self.logger.debug(
'Existing credential use failed',
exc_info=True,
)
msg = _('Cannot connect to ovirt cinderlib '
'database using existing '
'credentials: {user}@{host}:{port}').format(
host=dbenv[oclcons.CinderlibDBEnv.HOST],
port=dbenv[oclcons.CinderlibDBEnv.PORT],
database=dbenv[oclcons.CinderlibDBEnv.DATABASE],
user=dbenv[oclcons.CinderlibDBEnv.USER],
)
if self.environment[osetupcons.CoreEnv.
ACTION] == osetupcons.Const.ACTION_REMOVE:
self.logger.warning(msg)
else:
raise RuntimeError(msg)
class UsageError(Exception):
""" Raised when usage is wrong """
class LogAdapter(logging.LoggerAdapter):
def __init__(self, logger, extra={}, correlation_id=None):
super(LogAdapter, self).__init__(logger, extra)
self.correlation_id = correlation_id
def process(self, msg, kwargs):
return '%s [%s]' % (msg, self.correlation_id), kwargs
conf = configfile.ConfigFile([config.ENGINE_DEFAULTS])
def get_ssh_known_hosts():
ssh_dir = os.path.join(conf.get('ENGINE_ETC'), 'cinderlib')
ssh_file = os.path.join(ssh_dir, 'ssh_known_hosts')
return ssh_file
def main(args=None):
if cl is None:
sys.stderr.write("cinderlib package not available")
sys.exit(1)
parser = argparse.ArgumentParser(description="oVirt Cinder Library client")
