def _setup(self): if self.environment[constants.CoreEnv.JAVA_HOME] is None: try: from ovirt_engine import java self.environment[ constants.CoreEnv.JAVA_HOME ] = java.Java().getJavaHome() except ImportError: self.logger.warning( _('Using internal detection of JAVA_HOME') ) self.environment[ constants.CoreEnv.JAVA_HOME ] = os.environ.get('JAVA_HOME', '/usr')
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError(_('This service cannot be executed as root')) if not os.path.exists(self._defaults): raise RuntimeError( _("The configuration defaults file '{file}' " "required but missing").format(file=self._defaults, )) self._config = configfile.ConfigFile(( self._defaults, config.ENGINE_NOTIFIER_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._engineArgs = [ # The name of the process, as displayed by ps: 'ovirt-engine-notifier', ] # Add extra system properties provided in the configuration: for notifierProperty in shlex.split( self._config.get('NOTIFIER_PROPERTIES')): if not notifierProperty.startswith('-D'): notifierProperty = '-D' + notifierProperty self._engineArgs.append(notifierProperty) # Add extra jvm arguments provided in the configuration: for arg in shlex.split(self._config.get('NOTIFIER_JVM_ARGS')): self._engineArgs.append(arg) debugAddress = self._config.get('NOTIFIER_DEBUG_ADDRESS') if debugAddress: self._engineArgs.append( ('-agentlib:jdwp=transport=dt_socket,address=%s,' 'server=y,suspend=n') % (debugAddress)) self._engineArgs += [ '-jar', jbossModulesJar, '-dependencies', 'org.ovirt.engine.core.tools', '-class', 'org.ovirt.engine.core.notifier.Notifier', ] self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ('/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin'), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'CLASSPATH': '', 'JAVA_MODULEPATH': '%s:%s' % (self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', )), 'ENGINE_DEFAULTS': config.ENGINE_DEFAULTS, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_NOTIFIER_DEFAULTS': self._defaults, 'ENGINE_NOTIFIER_VARS': config.ENGINE_NOTIFIER_VARS, 'MALLOC_ARENA_MAX': self._config.get('NOTIFIER_MALLOC_ARENA_MAX'), }) self._validateConfig()
def _validation(self): self.environment[ osetupcons.ConfigEnv.JAVA_HOME] = java.Java().getJavaHome()
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError( _('This service cannot be executed as root') ) if not os.path.exists(self._defaults): raise RuntimeError( _( "The configuration defaults file '{file}' " "required but missing" ).format( file=self._defaults, ) ) self._config = configfile.ConfigFile( ( self._defaults, config.DWH_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) self._checkInstallation( pidfile=self.pidfile, ) self._tempDir = service.TempDir() self._tempDir.create() settings = os.path.join(self._tempDir.directory, 'settings.properties') with open(settings, 'w') as f: f.write( util.processTemplate( os.path.join( self._config.get('PKG_DATA_DIR'), 'conf', 'settings.properties.in' ), dict( ('@%s@' % k, util.escape(v, ':=\\ ')) for (k, v) in self._config.values.items() ), ) ) self._serviceArgs = [ 'ovirt-engine-dwhd', '-Dorg.ovirt.engine.dwh.settings=%s' % settings, ] # Add arguments for the java heap size: self._serviceArgs.extend([ '-Xms%s' % self._config.get('DWH_HEAP_MIN'), '-Xmx%s' % self._config.get('DWH_HEAP_MAX'), ]) for engineProperty in shlex.split( self._config.get('DWH_PROPERTIES') ): if not engineProperty.startswith('-D'): engineProperty = '-D' + engineProperty self._serviceArgs.append(engineProperty) for arg in shlex.split(self._config.get('DWH_JVM_ARGS')): self._serviceArgs.append(arg) engineDebugAddress = self._config.get('DWH_DEBUG_ADDRESS') if engineDebugAddress: self._serviceArgs.append( ( '-Xrunjdwp:transport=dt_socket,address=%s,' 'server=y,suspend=n' ) % ( engineDebugAddress ) ) if self._config.getboolean('DWH_VERBOSE_GC'): self._serviceArgs.extend([ '-verbose:gc', '-XX:+PrintGCTimeStamps', '-XX:+PrintGCDetails', ]) self._serviceArgs.extend([ '-classpath', '%s:%s' % ( os.path.join( self._config.get('PKG_JAVA_LIB'), '*', ), self._getClasspath(), ), 'ovirt_engine_dwh.historyetl_4_3.HistoryETL', '--context=Default', ]) self._serviceEnv = os.environ.copy() self._serviceEnv.update({ 'PATH': ( '/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin' ), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', })
def save(self): def _writelog(f, s): self.logger.debug( "Write '%s'\n%s", f, re.sub(self.SENSITIVE_PATTERN, '\g<sensitiveKey> = ***', s), ) f.write(s) if not os.path.exists(os.path.dirname(self._files['configFile'])): os.makedirs(os.path.dirname(self._files['configFile'])) cacert = self._driver.getCACert() secure = self._driver.isSecure() protocol = self._driver.getProtocol() if cacert: keystore = self._filetransaction.getFileName( self._files['trustStore'], forceNew=True, ) # keytool does not like empty files if os.path.exists(keystore): os.unlink(keystore) from ovirt_engine import java p = subprocess.Popen( [ os.path.join(java.Java().getJavaHome(), 'bin', 'keytool'), '-importcert', '-noprompt', '-trustcacerts', '-storetype', 'JKS', '-keystore', keystore, '-storepass', 'changeit', '-file', cacert, '-alias', 'myca', ], stdout=subprocess.PIPE, stderr=subprocess.PIPE, ) stdout, stderr = p.communicate() self.logger.debug('keytool stdout: %s, stderr: %s', stdout, stderr) if p.wait() != 0: raise RuntimeError('Failed to execute keytool') with open( self._filetransaction.getFileName( self._files['authzFile'], forceNew=True, ), 'w', ) as f: os.chmod(f.name, 0o644) _writelog(f, ('ovirt.engine.extension.name = {authzName}\n' 'ovirt.engine.extension.bindings.method = ' 'jbossmodule\n' 'ovirt.engine.extension.binding.jbossmodule.module = ' 'org.ovirt.engine-extensions.aaa.ldap\n' 'ovirt.engine.extension.binding.jbossmodule.class = ' 'org.ovirt.engineextensions.aaa.ldap.AuthzExtension\n' 'ovirt.engine.extension.provides = ' 'org.ovirt.engine.api.extensions.aaa.Authz\n' 'config.profile.file.1 = {configFile}\n').format( **self._vars)) with open( self._filetransaction.getFileName( self._files['authnFile'], forceNew=True, ), 'w', ) as f: os.chmod(f.name, 0o644) _writelog(f, ('ovirt.engine.extension.name = {authnName}\n' 'ovirt.engine.extension.bindings.method = ' 'jbossmodule\n' 'ovirt.engine.extension.binding.jbossmodule.module = ' 'org.ovirt.engine-extensions.aaa.ldap\n' 'ovirt.engine.extension.binding.jbossmodule.class = ' 'org.ovirt.engineextensions.aaa.ldap.AuthnExtension\n' 'ovirt.engine.extension.provides = ' 'org.ovirt.engine.api.extensions.aaa.Authn\n' 'ovirt.engine.aaa.authn.profile.name = {profile}\n' 'ovirt.engine.aaa.authn.authz.plugin = {authzName}\n' 'config.profile.file.1 = {configFile}\n').format( **self._vars)) with open( self._filetransaction.getFileName(self._files['configFile'], forceNew=True), 'w', ) as f: os.chmod(f.name, 0o660) if os.getuid() == 0: os.chown( f.name, pwd.getpwnam('ovirt').pw_uid, grp.getgrnam('ovirt').gr_gid, ) _writelog( f, ('{common}' '\n' 'pool.default.ssl.enable = {ssl}\n' 'pool.default.ssl.insecure = {insecure}\n' 'pool.default.ssl.startTLS = {startTLS}\n' 'pool.default.ssl.truststore.file = ' '${{local:_basedir}}/{profile}.jks\n' 'pool.default.ssl.truststore.password = changeit\n').format( ssl='true' if protocol == 'ldaps' else 'false', insecure='true' if secure and cacert is None else 'false', common=self._driver.getConfig(), startTLS='true' if protocol == 'startTLS' else 'false', profile=self._vars['profile'], ))
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError(_('This service cannot be executed as root')) if not os.path.exists(self._defaults): raise RuntimeError( _("The configuration defaults file '{file}' " "required but missing").format(file=self._defaults, )) self._config = configfile.ConfigFile(( self._defaults, config.ENGINE_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._tempDir = service.TempDir(self._config.get('ENGINE_TMP')) self._tempDir.create() self._jbossRuntime = service.TempDir(self._config.get('JBOSS_RUNTIME')) self._jbossRuntime.create() self._setupEngineApps() jbossTempDir = os.path.join( self._jbossRuntime.directory, 'tmp', ) jbossConfigDir = os.path.join( self._jbossRuntime.directory, 'config', ) javaModulePath = '%s:%s' % ( self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', ), ) os.mkdir(jbossTempDir) os.mkdir(jbossConfigDir) os.chmod(jbossConfigDir, 0o700) jbossBootLoggingFile = self._processTemplate( template=os.path.join(os.path.dirname(sys.argv[0]), 'ovirt-engine-logging.properties.in'), dir=jbossConfigDir, ) # We start with an empty list of arguments: self._engineArgs = [] # Add arguments for the java virtual machine: self._engineArgs.extend([ # Virtual machine options: '-server', '-XX:+TieredCompilation', '-Xms%s' % self._config.get('ENGINE_HEAP_MIN'), '-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'), ]) # Add extra system properties provided in the configuration: for engineProperty in shlex.split( self._config.get('ENGINE_PROPERTIES')): if not engineProperty.startswith('-D'): engineProperty = '-D' + engineProperty self._engineArgs.append(engineProperty) # Add extra jvm arguments provided in the configuration: for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')): self._engineArgs.append(arg) # Enable verbose garbage collection if required: if self._config.getboolean('ENGINE_VERBOSE_GC'): self._engineArgs.extend([ '-verbose:gc', '-XX:+PrintGCTimeStamps', '-XX:+PrintGCDetails', ]) # Specify special krb5.conf file if required if self._config.get('AAA_KRB5_CONF_FILE'): self._engineArgs.append('-Djava.security.krb5.conf=%s' % self._config.get('AAA_KRB5_CONF_FILE')) # Add arguments for JBoss: self._engineArgs.extend([ '-Djava.util.logging.manager=org.jboss.logmanager', '-Dlogging.configuration=file://%s' % jbossBootLoggingFile, '-Dorg.jboss.resolver.warning=true', '-Djboss.modules.system.pkgs=org.jboss.byteman', '-Djboss.server.default.config=ovirt-engine', '-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'), '-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'), '-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'), '-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'), '-Djboss.server.config.dir=%s' % jbossConfigDir, '-Djboss.server.temp.dir=%s' % jbossTempDir, '-Djboss.controller.temp.dir=%s' % jbossTempDir, '-jar', jbossModulesJar, '-mp', javaModulePath, '-jaxpmodule', 'javax.xml.jaxp-provider', 'org.jboss.as.standalone', ]) self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ('/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin'), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'ENGINE_DEFAULTS': self._defaults, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_ETC': self._config.get('ENGINE_ETC'), 'ENGINE_LOG': self._config.get('ENGINE_LOG'), 'ENGINE_TMP': self._tempDir.directory, 'ENGINE_USR': self._config.get('ENGINE_USR'), 'ENGINE_VAR': self._config.get('ENGINE_VAR'), 'ENGINE_CACHE': self._config.get('ENGINE_CACHE'), }) self._detectJBossVersion() self._jbossConfigFile = self._processTemplate( template=os.path.join( os.path.dirname(sys.argv[0]), 'ovirt-engine.xml.in', ), dir=jbossConfigDir, mode=0o600, )
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError( _('This service cannot be executed as root') ) if not os.path.exists(self._defaults): raise RuntimeError( _( "The configuration defaults file '{file}' " "required but missing" ).format( file=self._defaults, ) ) self._config = configfile.ConfigFile( ( self._defaults, config.ENGINE_NOTIFIER_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._engineArgs = [ 'ovirt-engine-notifier', '-Dlog4j.configuration=file://%s/notifier/log4j.xml' % ( self._config.get('ENGINE_ETC'), ), '-Djboss.modules.write-indexes=false', '-jar', jbossModulesJar, '-dependencies', 'org.ovirt.engine.core.tools', '-class', 'org.ovirt.engine.core.notifier.Notifier', ] self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ( '/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin' ), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'CLASSPATH': '', 'JAVA_MODULEPATH': '%s:%s' % ( self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', ) ), 'ENGINE_DEFAULTS': config.ENGINE_DEFAULTS, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_NOTIFIER_DEFAULTS': self._defaults, 'ENGINE_NOTIFIER_VARS': config.ENGINE_NOTIFIER_VARS, })
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError(_('This service cannot be executed as root')) if not os.path.exists(self._defaults): raise RuntimeError( _("The configuration defaults file '{file}' " "required but missing").format(file=self._defaults, )) self._config = configfile.ConfigFile(( self._defaults, config.ENGINE_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._tempDir = service.TempDir(self._config.get('ENGINE_TMP')) self._tempDir.create() self._setupEngineApps() jbossTempDir = os.path.join( self._config.get('ENGINE_TMP'), 'tmp', ) jbossConfigDir = os.path.join( self._config.get('ENGINE_TMP'), 'config', ) javaModulePath = self._linkModules( '%s:%s' % ( self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', ), ), ) os.mkdir(jbossTempDir) os.mkdir(jbossConfigDir) os.chmod(jbossConfigDir, 0o700) jbossBootLoggingFile = self._processTemplate( template=os.path.join(os.path.dirname(sys.argv[0]), 'ovirt-engine-logging.properties.in'), dir=jbossConfigDir, ) jbossConfigFile = self._processTemplate( template=os.path.join( os.path.dirname(sys.argv[0]), 'ovirt-engine.xml.in', ), dir=jbossConfigDir, mode=0o600, ) # We start with an empty list of arguments: self._engineArgs = [] # Add arguments for the java virtual machine: self._engineArgs.extend([ # The name or the process, as displayed by ps: 'ovirt-engine', # Virtual machine options: '-server', '-XX:+TieredCompilation', '-Xms%s' % self._config.get('ENGINE_HEAP_MIN'), '-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'), '-XX:PermSize=%s' % self._config.get('ENGINE_PERM_MIN'), '-XX:MaxPermSize=%s' % self._config.get('ENGINE_PERM_MAX'), '-Djava.net.preferIPv4Stack=true', '-Dsun.rmi.dgc.client.gcInterval=3600000', '-Dsun.rmi.dgc.server.gcInterval=3600000', '-Djava.awt.headless=true', ]) # Add extra system properties provided in the configuration: for engineProperty in shlex.split( self._config.get('ENGINE_PROPERTIES')): if not engineProperty.startswith('-D'): engineProperty = '-D' + engineProperty self._engineArgs.append(engineProperty) # Add extra jvm arguments provided in the configuration: for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')): self._engineArgs.append(arg) # Add arguments for remote debugging of the java virtual machine: engineDebugAddress = self._config.get('ENGINE_DEBUG_ADDRESS') if engineDebugAddress: self._engineArgs.append( ('-Xrunjdwp:transport=dt_socket,address=%s,' 'server=y,suspend=n') % (engineDebugAddress)) # Enable verbose garbage collection if required: if self._config.getboolean('ENGINE_VERBOSE_GC'): self._engineArgs.extend([ '-verbose:gc', '-XX:+PrintGCTimeStamps', '-XX:+PrintGCDetails', ]) # Add arguments for JBoss: self._engineArgs.extend([ '-Djava.util.logging.manager=org.jboss.logmanager', '-Dlogging.configuration=file://%s' % jbossBootLoggingFile, '-Dorg.jboss.resolver.warning=true', '-Djboss.modules.system.pkgs=org.jboss.byteman', '-Djboss.modules.write-indexes=false', '-Djboss.server.default.config=ovirt-engine', '-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'), '-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'), '-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'), '-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'), '-Djboss.server.config.dir=%s' % jbossConfigDir, '-Djboss.server.temp.dir=%s' % jbossTempDir, '-Djboss.controller.temp.dir=%s' % jbossTempDir, '-jar', jbossModulesJar, '-mp', javaModulePath, '-jaxpmodule', 'javax.xml.jaxp-provider', 'org.jboss.as.standalone', '-c', os.path.basename(jbossConfigFile), ]) self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ('/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin'), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'ENGINE_DEFAULTS': self._defaults, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_ETC': self._config.get('ENGINE_ETC'), 'ENGINE_LOG': self._config.get('ENGINE_LOG'), 'ENGINE_TMP': self._config.get('ENGINE_TMP'), 'ENGINE_USR': self._config.get('ENGINE_USR'), 'ENGINE_VAR': self._config.get('ENGINE_VAR'), 'ENGINE_CACHE': self._config.get('ENGINE_CACHE'), })