Python CsHelper.execute2の例

コード例 #1

ファイル: CsDhcp.py プロジェクト: EdwardBetts/blackhole

    def process(self):
        self.hosts = {}
        self.changed = []
        self.devinfo = CsHelper.get_device_info()
        self.preseed()
        self.cloud = CsFile(DHCP_HOSTS)
        self.conf = CsFile(CLOUD_CONF)

        self.cloud.repopulate()

        for item in self.dbag:
            if item == "id":
                continue
            self.add(self.dbag[item])
        self.write_hosts()
        
        if self.cloud.is_changed():
            self.delete_leases()

        self.configure_server()

        self.conf.commit()
        self.cloud.commit()

        # We restart DNSMASQ every time the configure.py is called in order to avoid lease problems.
        # But only do that on the master or else VMs will get leases from the backup resulting in
        # Cloud-init to get the passwd and other meta-data from the backup as well.
        if not self.cl.is_redundant() or self.cl.is_master():
            CsHelper.execute2("service dnsmasq restart")

コード例 #2

    def _configure_syslog(self, syslogserverlist):
        self.syslogconf = CsFile(RSYSLOG_IPTABLES_CONF)
        self.syslogconf.repopulate()

        logging.debug("Processing syslog server list: %s" % syslogserverlist)
        ips = filter(bool, syslogserverlist.split(','))
        if not ips:
            # no IP in the syslog server list; reset the config to default:
            self.syslogconf.append(
                "# no remote syslog servers so stop further processing")
            self.syslogconf.append("# this file is managed by CsVrConfig.py")
            self.syslogconf.append(
                ":msg, regex, \"^\[ *[0-9]*\.[0-9]*\] iptables denied: \" ~")
        else:
            # add IPs from the syslog server list to the config:
            self.syslogconf.append(
                "# forwarding IP tables syslog to %s and stop further processing"
                % syslogserverlist)
            self.syslogconf.append("# this file is managed by CsVrConfig.py")
            first = True
            for ip in ips:
                if first:
                    self.syslogconf.append(
                        ":msg, regex, \"^\[ *[0-9]*\.[0-9]*\] iptables denied: \" @@%s:514"
                        % ip)
                    first = False
                else:
                    self.syslogconf.append("& @@%s:514" % ip)

            self.syslogconf.append("& ~")

        changed = self.syslogconf.is_changed()
        self.syslogconf.commit()
        if changed:
            CsHelper.execute2("service rsyslog restart")

コード例 #3

    def process(self):
        self.hosts = {}
        self.changed = []
        self.devinfo = CsHelper.get_device_info()
        self.preseed()
        self.cloud = CsFile(DHCP_HOSTS)
        self.dhcp_opts = CsFile(DHCP_OPTS)
        self.conf = CsFile(CLOUD_CONF)

        self.cloud.repopulate()
        self.dhcp_opts.repopulate()

        for item in self.dbag:
            if item == "id":
                continue
            self.add(self.dbag[item])
            if self.dbag[item]['default_gateway'] == "0.0.0.0":
                self.add_dhcp_opts(self.dbag[item])

        self.write_hosts()

        if self.cloud.is_changed():
            self.delete_leases()

        self.configure_server()

        self.conf.commit()
        self.cloud.commit()
        self.dhcp_opts.commit()

        # We restart DNSMASQ every time the configure.py is called in order to avoid lease problems.
        # But only do that on the master or else VMs will get leases from the backup resulting in
        # Cloud-init to get the passwd and other meta-data from the backup as well.
        if not self.cl.is_redundant() or self.cl.is_master():
            CsHelper.execute2("service dnsmasq restart")

コード例 #4

ファイル: CsApp.py プロジェクト: weizhouapache/cloudstack

    def setup(self):
        CsHelper.copy_if_needed(
            "/etc/apache2/vhost.template",
            "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip)

        file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip))
        if not self.config.cl.is_redundant():
            file.replaceIfFound("<VirtualHost.*:8180>",
                                "<VirtualHost %s:80>" % (self.ip))
            file.replaceIfFound("<VirtualHost.*:8443>",
                                "\t<VirtualHost %s:443>" % (self.ip))
            file.replaceIfFound("Listen .*:8180", "Listen %s:80" % (self.ip))
            file.replaceIfFound("Listen .*:8443", "Listen %s:443" % (self.ip))
        else:
            file.replaceIfFound(
                "<VirtualHost.*:8180>",
                "<VirtualHost %s:80 %s:80>" % (self.ip, self.gateway))
            file.replaceIfFound(
                "<VirtualHost.*:8443>",
                "\t<VirtualHost %s:443 %s:443>" % (self.ip, self.gateway))
            file.replaceIfFound(
                "Listen .*:8180",
                "Listen %s:80\nListen %s:80" % (self.ip, self.gateway))
            file.replaceIfFound(
                "Listen .*:8443",
                "Listen %s:443\nListen %s:443" % (self.ip, self.gateway))
        file.search(
            "ServerName.*", "\tServerName %s.%s" %
            (self.config.cl.get_type(), self.config.get_domain()))
        if file.is_changed():
            file.commit()
            CsHelper.execute2("systemctl restart apache2", False)

コード例 #5

ファイル: CsAddress.py プロジェクト: ablecloud-team/ablestack-cloud

 def arpPing(self):
     cmd = "arping -c 1 -I %s -A -U -s %s %s" % (
         self.dev, self.address['public_ip'], self.address['gateway'])
     if not self.cl.is_redundant() and (not self.address['gateway'] or
                                        self.address['gateway'] == "None"):
         cmd = "arping -c 1 -I %s -A -U %s" % (self.dev,
                                               self.address['public_ip'])
     CsHelper.execute2(cmd, False)

コード例 #6

    def setup(self):
        CsHelper.copy_if_needed(
            "/etc/apache2/vhost.template",
            "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip)

        file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip))
        if not self.config.cl.is_redundant():
            file.replaceIfFound("<VirtualHost.*:8180>",
                                "<VirtualHost %s:80>" % (self.ip))
            file.replaceIfFound("<VirtualHost.*:8443>",
                                "\t<VirtualHost %s:443>" % (self.ip))
            file.replaceIfFound("Listen .*:8180", "Listen %s:80" % (self.ip))
            file.replaceIfFound("Listen .*:8443", "Listen %s:443" % (self.ip))
        else:
            file.replaceIfFound(
                "<VirtualHost.*:8180>",
                "<VirtualHost %s:80 %s:80>" % (self.ip, self.gateway))
            file.replaceIfFound(
                "<VirtualHost.*:8443>",
                "\t<VirtualHost %s:443 %s:443>" % (self.ip, self.gateway))
            file.replaceIfFound(
                "Listen .*:8180",
                "Listen %s:80\nListen %s:80" % (self.ip, self.gateway))
            file.replaceIfFound(
                "Listen .*:8443",
                "Listen %s:443\nListen %s:443" % (self.ip, self.gateway))
        file.search(
            "ServerName.*", "\tServerName %s.%s" %
            (self.config.cl.get_type(), self.config.get_domain()))
        if file.is_changed():
            file.commit()
            CsHelper.execute2("systemctl restart apache2", False)

        self.fw.append([
            "", "front",
            "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT"
            % (self.dev, self.ip)
        ])

        self.fw.append([
            "", "front",
            "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 443 -j ACCEPT"
            % (self.dev, self.ip)
        ])

コード例 #7

ファイル: CsNetfilter.py プロジェクト: Accelerite/cloudstack

    def compare(self, list):
        """ Compare reality with what is needed """
        # PASS 1:  Ensure all chains are present
        for fw in list:
            new_rule = CsNetfilter()
            new_rule.parse(fw[2])
            new_rule.set_table(fw[0])
            self.add_chain(new_rule)

        ruleSet = set()
        # PASS 2: Create rules
        for fw in list:
            tupledFw = tuple(fw)
            if tupledFw in ruleSet :
                logging.debug("Already processed : %s", tupledFw)
                continue

            new_rule = CsNetfilter()
            new_rule.parse(fw[2])
            new_rule.set_table(fw[0])
            if isinstance(fw[1], int):
                new_rule.set_count(fw[1])

            rule_chain = new_rule.get_chain()

            logging.debug("Checking if the rule already exists: rule=%s table=%s chain=%s", new_rule.get_rule(), new_rule.get_table(), new_rule.get_chain())
            if self.has_rule(new_rule):
                logging.debug("Exists: rule=%s table=%s", fw[2], new_rule.get_table())
            else:
                # print "Add rule %s in table %s" % ( fw[2], new_rule.get_table())
                logging.info("Add: rule=%s table=%s", fw[2], new_rule.get_table())
                # front means insert instead of append
                cpy = fw[2]
                if fw[1] == "front":
                    cpy = cpy.replace('-A', '-I')
                if isinstance(fw[1], int):
                    # if the rule is for ACLs, we want to insert them in order, right before the DROP all
                    if rule_chain.startswith("ACL_INBOUND") or rule_chain.startswith("ACL_OUTBOUND"):
                        rule_count = self.chain.get_count(rule_chain)
                        cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), rule_count))
                    else:
                        cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), fw[1]))
                ret = CsHelper.execute2("iptables -t %s %s" % (new_rule.get_table(), cpy))
                #There are some issues in this framework causing failures  .. like adding a chain without checking it is present causing
                # the failures. Also some of the rule like removeFromLoadBalancerRule is deleting rule and deleteLoadBalancerRule
                #trying to delete which causes the failure.
                #For now raising the log.
                #TODO: Need to fix in the framework.
                if ret.returncode != 0 :
                    error = ret.communicate()[0]
                    logging.debug("iptables command got failed ... continuing")
                ruleSet.add(tupledFw)
                self.chain.add_rule(rule_chain)
        self.del_standard()
        self.get_unseen()

コード例 #8

    def compare(self, list):
        """ Compare reality with what is needed """
        # PASS 1:  Ensure all chains are present
        for fw in list:
            new_rule = CsNetfilter()
            new_rule.parse(fw[2])
            new_rule.set_table(fw[0])
            self.add_chain(new_rule)

        ruleSet = set()
        # PASS 2: Create rules
        for fw in list:
            tupledFw = tuple(fw)
            if tupledFw in ruleSet:
                logging.debug("Already processed : %s", tupledFw)
                continue

            new_rule = CsNetfilter()
            new_rule.parse(fw[2])
            new_rule.set_table(fw[0])
            if isinstance(fw[1], int):
                new_rule.set_count(fw[1])

            rule_chain = new_rule.get_chain()

            logging.debug("Checking if the rule already exists: rule=%s table=%s chain=%s", new_rule.get_rule(), new_rule.get_table(), new_rule.get_chain())
            if self.has_rule(new_rule):
                logging.debug("Exists: rule=%s table=%s", fw[2], new_rule.get_table())
            else:
                # print "Add rule %s in table %s" % ( fw[2], new_rule.get_table())
                logging.info("Add: rule=%s table=%s", fw[2], new_rule.get_table())
                # front means insert instead of append
                cpy = fw[2]
                if fw[1] == "front":
                    cpy = cpy.replace('-A', '-I')
                if isinstance(fw[1], int):
                    # if the rule is for ACLs, we want to insert them in order, right before the DROP all
                    if rule_chain.startswith("ACL_INBOUND") or rule_chain.startswith("ACL_OUTBOUND"):
                        rule_count = self.chain.get_count(rule_chain) if self.chain.get_count(rule_chain) > 0 else 1
                        cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), rule_count))
                    else:
                        cpy = cpy.replace("-A %s" % new_rule.get_chain(), '-I %s %s' % (new_rule.get_chain(), fw[1]))
                ret = CsHelper.execute2("iptables -t %s %s" % (new_rule.get_table(), cpy))
                # There are some issues in this framework causing failures  .. like adding a chain without checking it is present causing
                # the failures. Also some of the rule like removeFromLoadBalancerRule is deleting rule and deleteLoadBalancerRule
                # trying to delete which causes the failure.
                # For now raising the log.
                # TODO: Need to fix in the framework.
                if ret.returncode != 0:
                    error = ret.communicate()[0]
                    logging.debug("iptables command got failed ... continuing")
                ruleSet.add(tupledFw)
                self.chain.add_rule(rule_chain)
        self.del_standard()
        self.get_unseen()

コード例 #9

ファイル: CsApp.py プロジェクト: PCextreme/cloudstack

    def setup(self):
        CsHelper.copy_if_needed("/etc/apache2/vhost.template",
                                "/etc/apache2/sites-enabled/vhost-%s.conf" % self.ip)

        file = CsFile("/etc/apache2/sites-enabled/vhost-%s.conf" % (self.ip))
        file.search("<VirtualHost.*:80>", "\t<VirtualHost %s:80>" % (self.ip))
        file.search("<VirtualHost.*:443>", "\t<VirtualHost %s:443>" % (self.ip))
        file.search("Listen .*:80", "Listen %s:80" % (self.ip))
        file.search("Listen .*:443", "Listen %s:443" % (self.ip))
        file.search("ServerName.*", "\tServerName %s.%s" % (self.config.cl.get_type(), self.config.get_domain()))
        if file.is_changed():
            file.commit()
            CsHelper.execute2("systemctl restart apache2", False)

        self.fw.append([
            "", "front",
            "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 80 -j ACCEPT" % (self.dev, self.ip)
        ])

        self.fw.append([
            "", "front",
            "-A INPUT -i %s -d %s/32 -p tcp -m tcp -m state --state NEW --dport 443 -j ACCEPT" % (self.dev, self.ip)
        ])

コード例 #10

ファイル: CsAddress.py プロジェクト: PCextreme/cloudstack

 def arpPing(self):
     cmd = "arping -c 1 -I %s -A -U -s %s %s" % (
         self.dev, self.address['public_ip'], self.address['gateway'])
     if not self.cl.is_redundant() and (not self.address['gateway'] or self.address['gateway'] == "None"):
         cmd = "arping -c 1 -I %s -A -U %s" % (self.dev, self.address['public_ip'])
     CsHelper.execute2(cmd, False)