def config(self): try: configureLibvirtConfig(self.syscfg.env.secure, self) cfo = configFileOps("/etc/sysconfig/libvirtd", self) cfo.addEntry("export CGROUP_DAEMON", "'cpu:/virt'") cfo.addEntry("LIBVIRTD_ARGS", "-l") cfo.save() filename = "/etc/libvirt/qemu.conf" cfo = configFileOps(filename, self) cfo.addEntry("security_driver", "\"none\"") cfo.addEntry("user", "\"root\"") cfo.addEntry("group", "\"root\"") cfo.addEntry("vnc_listen", "\"0.0.0.0\"") cfo.save() self.syscfg.svo.stopService("libvirtd") if not self.syscfg.svo.startService("libvirtd"): return False return True except: raise
def config(self): def checkHostName(): ret = bash("hostname --fqdn") if not ret.isSuccess(): raise CloudInternalException("Cannot get hostname, 'hostname --fqdn failed'") if self.syscfg.env.svrMode == "mycloud": cfo = configFileOps("/usr/share/cloudstack-management/conf/environment.properties", self) cfo.addEntry("cloud-stack-components-specification", "components-cloudzones.xml") cfo.save() cfo = configFileOps("/usr/share/cloudstack-management/conf/db.properties", self) dbHost = cfo.getEntry("db.cloud.host") dbPort = cfo.getEntry("db.cloud.port") dbUser = cfo.getEntry("db.cloud.username") dbPass = cfo.getEntry("db.cloud.password") if dbPass.strip() == "": dbPass = None dbName = cfo.getEntry("db.cloud.name") db = Database(dbUser, dbPass, dbHost, dbPort, dbName) try: db.testConnection() except CloudRuntimeException, e: raise e except:
def config(self): try: cfo = configFileOps("/etc/libvirt/libvirtd.conf", self) cfo.addEntry("listen_tcp", "1") cfo.addEntry("tcp_port", "\"16509\"") cfo.addEntry("auth_tcp", "\"none\"") cfo.addEntry("listen_tls", "0") cfo.save() cfo = configFileOps("/etc/sysconfig/libvirtd", self) cfo.addEntry("export CGROUP_DAEMON", "'cpu:/virt'") cfo.addEntry("LIBVIRTD_ARGS", "-l") cfo.save() filename = "/etc/libvirt/qemu.conf" cfo = configFileOps(filename, self) cfo.addEntry("security_driver", "\"none\"") cfo.addEntry("user", "\"root\"") cfo.addEntry("group", "\"root\"") cfo.addEntry("vnc_listen", "\"0.0.0.0\"") cfo.save() self.syscfg.svo.stopService("libvirtd") if not self.syscfg.svo.startService("libvirtd"): return False return True except: raise
def config(self): def checkHostName(): ret = bash("hostname --fqdn") if not ret.isSuccess(): raise CloudInternalException("Cannot get hostname, 'hostname --fqdn failed'") if self.syscfg.env.svrMode == "mycloud": cfo = configFileOps("/usr/share/cloud/management/conf/environment.properties", self) cfo.addEntry("cloud-stack-components-specification", "components-cloudzones.xml") cfo.save() cfo = configFileOps("/usr/share/cloud/management/conf/db.properties", self) dbHost = cfo.getEntry("db.cloud.host") dbPort = cfo.getEntry("db.cloud.port") dbUser = cfo.getEntry("db.cloud.username") dbPass = cfo.getEntry("db.cloud.password") if dbPass.strip() == "": dbPass = None dbName = cfo.getEntry("db.cloud.name") db = Database(dbUser, dbPass, dbHost, dbPort, dbName) try: db.testConnection() except CloudRuntimeException, e: raise e except:
def config(self): try: configureLibvirtConfig(self.syscfg.env.secure, self) cfo = configFileOps("/etc/sysconfig/libvirtd", self) if distro in (CentOS6,RHEL6): cfo.addEntry("export CGROUP_DAEMON", "'cpu:/virt'") cfo.addEntry("LIBVIRTD_ARGS", "-l") cfo.save() filename = "/etc/libvirt/qemu.conf" cfo = configFileOps(filename, self) cfo.addEntry("security_driver", "\"none\"") cfo.addEntry("user", "\"root\"") cfo.addEntry("group", "\"root\"") cfo.addEntry("vnc_listen", "\"0.0.0.0\"") cfo.save() self.syscfg.svo.stopService("libvirtd") if not self.syscfg.svo.startService("libvirtd"): return False return True except: raise
def config(self): try: cfo = configFileOps("/etc/libvirt/libvirtd.conf", self) cfo.addEntry("listen_tcp", "1") cfo.addEntry("tcp_port", "\"16509\"") cfo.addEntry("auth_tcp", "\"none\"") cfo.addEntry("listen_tls", "0") cfo.save() cfo = configFileOps("/etc/sysconfig/libvirtd", self) cfo.addEntry("export CGROUP_DAEMON", "'cpu:/virt'") cfo.addEntry("LIBVIRTD_ARGS", "-l") cfo.save() filename = "/etc/libvirt/qemu.conf" cfo = configFileOps(filename, self) cfo.addEntry("cgroup_controllers", "[\"cpu\"]") cfo.addEntry("security_driver", "\"none\"") cfo.addEntry("user", "\"root\"") cfo.addEntry("group", "\"root\"") cfo.addEntry("vnc_listen", "\"0.0.0.0\"") cfo.save() self.syscfg.svo.stopService("libvirtd") if not self.syscfg.svo.startService("libvirtd"): return False return True except: raise
def setupLiveMigration(self): configureLibvirtConfig(self.syscfg.env.secure, self) if os.path.exists("/etc/init/libvirt-bin.conf"): cfo = configFileOps("/etc/init/libvirt-bin.conf", self) cfo.replace_line("exec /usr/sbin/libvirtd","exec /usr/sbin/libvirtd -d -l") elif os.path.exists("/etc/default/libvirt-bin"): cfo = configFileOps("/etc/default/libvirt-bin", self) cfo.replace_or_add_line("libvirtd_opts=","libvirtd_opts='-l'") elif os.path.exists("/etc/default/libvirtd"): cfo = configFileOps("/etc/default/libvirtd", self) cfo.replace_or_add_line("libvirtd_opts=","libvirtd_opts='-l'")
def setupLiveMigration(self): configureLibvirtConfig(self.syscfg.env.secure, self) if os.path.exists("/etc/init/libvirt-bin.conf"): cfo = configFileOps("/etc/init/libvirt-bin.conf", self) cfo.replace_line("exec /usr/sbin/libvirtd","exec /usr/sbin/libvirtd -d -l") elif os.path.exists("/etc/default/libvirt-bin"): cfo = configFileOps("/etc/default/libvirt-bin", self) cfo.replace_or_add_line("libvirtd_opts=","libvirtd_opts='-l'") elif os.path.exists("/etc/default/libvirtd"): cfo = configFileOps("/etc/default/libvirtd", self) cfo.replace_or_add_line("libvirtd_opts=","libvirtd_opts='-l'")
def setupLiveMigration(self): cfo = configFileOps("/etc/libvirt/libvirtd.conf", self) cfo.addEntry("listen_tcp", "1") cfo.addEntry("tcp_port", "\"16509\""); cfo.addEntry("auth_tcp", "\"none\""); cfo.addEntry("listen_tls", "0") cfo.save() if os.path.exists("/etc/init/libvirt-bin.conf"): cfo = configFileOps("/etc/init/libvirt-bin.conf", self) cfo.replace_line("exec /usr/sbin/libvirtd","exec /usr/sbin/libvirtd -d -l") else: cfo = configFileOps("/etc/default/libvirt-bin", self) cfo.replace_or_add_line("libvirtd_opts=","libvirtd_opts='-l -d'")
def setupLiveMigration(self): cfo = configFileOps("/etc/libvirt/libvirtd.conf", self) cfo.addEntry("listen_tcp", "1") cfo.addEntry("tcp_port", "\"16509\""); cfo.addEntry("auth_tcp", "\"none\""); cfo.addEntry("listen_tls", "0") cfo.save() if os.path.exists("/etc/init/libvirt-bin.conf"): cfo = configFileOps("/etc/init/libvirt-bin.conf", self) cfo.replace_line("exec /usr/sbin/libvirtd","exec /usr/sbin/libvirtd -d -l") else: cfo = configFileOps("/etc/default/libvirt-bin", self) cfo.replace_or_add_line("libvirtd_opts=","libvirtd_opts='-l -d'")
def config(self): try: if super(networkConfigRedhat, self).isPreConfiged(): return True super(networkConfigRedhat, self).cfgNetwork() self.netMgrRunning = self.syscfg.svo.isServiceRunning( "NetworkManager") if self.netMgrRunning: self.syscfg.svo.stopService("NetworkManager") self.syscfg.svo.disableService("NetworkManager") cfo = configFileOps("/etc/sysconfig/network", self) cfo.addEntry("NOZEROCONF", "yes") cfo.save() if not bash("service network restart").isSuccess(): raise CloudInternalException("Can't restart network") self.syscfg.env.nics.append(self.brName) self.syscfg.env.nics.append(self.brName) self.syscfg.env.nics.append(self.brName) return True except: raise
def addBridge(self, br, dev): bash("ifdown %s" % dev.name) for line in file(self.netCfgFile).readlines(): match = re.match("^ *iface %s.*" % dev.name, line) if match is not None: dev.method = self.getNetworkMethod(match.group(0)) cfo = configFileOps(self.netCfgFile, self) if self.syscfg.env.bridgeType == "openvswitch": bridgeCfg = "\n".join( ("", "iface {device} inet manual", " ovs_type OVSPort", " ovs_bridge {bridge}", "", "auto {bridge}", "allow-ovs {bridge}", "iface {bridge} inet {device_method}", " ovs_type OVSBridge", " ovs_ports {device}", "")).format(bridge=br, device=dev.name, device_method=dev.method) cfo.replace_line( "^ *auto %s.*" % dev.name, "allow-{bridge} {device}".format(bridge=br, device=dev.name)) elif self.syscfg.env.bridgeType == "native": bridgeCfg = "\niface %s inet manual\n \ auto %s\n \ iface %s inet %s\n \ bridge_ports %s\n" % (dev.name, br, br, dev.method, dev.name) else: raise CloudInternalException( "Unknown network.bridge.type %s" % self.syscfg.env.bridgeType) cfo.replace_line("^ *iface %s.*" % dev.name, bridgeCfg)
def configMyCloud(self): try: cfo = configFileOps("/etc/cloudstack/agent/agent.properties", self) cfo.addEntry("host", self.syscfg.env.mgtSvr) cfo.addEntry("zone", self.syscfg.env.zone) cfo.addEntry("port", "443") cfo.addEntry("private.network.device", self.syscfg.env.nics[0]) cfo.addEntry("public.network.device", self.syscfg.env.nics[1]) cfo.addEntry("guest.network.device", self.syscfg.env.nics[2]) if cfo.getEntry("local.storage.uuid") == "": cfo.addEntry("local.storage.uuid", str(bash("uuidgen").getStdout())) cfo.addEntry("guid", str(self.syscfg.env.uuid)) cfo.addEntry("mount.path", "/mnt") cfo.addEntry( "resource", "com.cloud.storage.resource.LocalSecondaryStorageResource|com.cloud.agent.resource.computing.CloudZonesComputingResource" ) cfo.save() #self.syscfg.svo.stopService("cloud-agent") #self.syscfg.svo.enableService("cloud-agent") return True except: raise
def config(self): try: if super(networkConfigRedhat, self).isPreConfiged(): return True super(networkConfigRedhat, self).cfgNetwork() self.netMgrRunning = self.syscfg.svo.isServiceRunning("NetworkManager") if self.netMgrRunning: self.syscfg.svo.stopService("NetworkManager") self.syscfg.svo.disableService("NetworkManager") cfo = configFileOps("/etc/sysconfig/network", self) cfo.addEntry("NOZEROCONF", "yes") cfo.save() if not bash("service network restart").isSuccess(): raise CloudInternalException("Can't restart network") self.syscfg.env.nics.append(self.brName) self.syscfg.env.nics.append(self.brName) self.syscfg.env.nics.append(self.brName) return True except: raise
def configAgent(self): try: cfo = configFileOps("/etc/cloudstack/agent/agent.properties", self) cfo.addEntry("host", self.syscfg.env.mgtSvr) cfo.addEntry("zone", self.syscfg.env.zone) cfo.addEntry("pod", self.syscfg.env.pod) cfo.addEntry("cluster", self.syscfg.env.cluster) cfo.addEntry("hypervisor.type", self.syscfg.env.hypervisor) cfo.addEntry("port", "8250") cfo.addEntry("private.network.device", self.syscfg.env.nics[0]) cfo.addEntry("public.network.device", self.syscfg.env.nics[1]) cfo.addEntry("guest.network.device", self.syscfg.env.nics[2]) cfo.addEntry("guid", str(self.syscfg.env.uuid)) if cfo.getEntry("local.storage.uuid") == "": cfo.addEntry("local.storage.uuid", str(bash("uuidgen").getStdout())) if cfo.getEntry("resource") == "": cfo.addEntry("resource", "com.cloud.hypervisor.kvm.resource.LibvirtComputingResource") cfo.save() self.syscfg.svo.stopService("cloudstack-agent") bash("sleep 30") self.syscfg.svo.enableService("cloudstack-agent") return True except: raise
def configAgent(self): try: cfo = configFileOps("/etc/cloudstack/agent/agent.properties", self) cfo.addEntry("host", self.syscfg.env.mgtSvr) cfo.addEntry("zone", self.syscfg.env.zone) cfo.addEntry("pod", self.syscfg.env.pod) cfo.addEntry("cluster", self.syscfg.env.cluster) cfo.addEntry("hypervisor.type", self.syscfg.env.hypervisor) cfo.addEntry("port", "8250") cfo.addEntry("private.network.device", self.syscfg.env.nics[0]) cfo.addEntry("public.network.device", self.syscfg.env.nics[1]) cfo.addEntry("guest.network.device", self.syscfg.env.nics[2]) cfo.addEntry("guid", str(self.syscfg.env.uuid)) if cfo.getEntry("local.storage.uuid") == "": cfo.addEntry("local.storage.uuid", str(bash("uuidgen").getStdout())) if cfo.getEntry("resource") == "": cfo.addEntry( "resource", "com.cloud.hypervisor.kvm.resource.LibvirtComputingResource" ) cfo.save() self.syscfg.svo.stopService("cloudstack-agent") bash("sleep 30") self.syscfg.svo.enableService("cloudstack-agent") return True except: raise
def addBridge(self, br, dev): bash("ifdown %s"%dev.name) for line in file(self.netCfgFile).readlines(): match = re.match("^ *iface %s.*"%dev.name, line) if match is not None: dev.method = self.getNetworkMethod(match.group(0)) cfo = configFileOps(self.netCfgFile, self) if self.syscfg.env.bridgeType == "openvswitch": bridgeCfg = "\n".join(("", "iface {device} inet manual", " ovs_type OVSPort", " ovs_bridge {bridge}", "", "auto {bridge}", "allow-ovs {bridge}", "iface {bridge} inet {device_method}", " ovs_type OVSBridge", " ovs_ports {device}", "")).format(bridge=br, device=dev.name, device_method=dev.method) cfo.replace_line("^ *auto %s.*" % dev.name, "allow-{bridge} {device}".format(bridge=br, device=dev.name)) elif self.syscfg.env.bridgeType == "native": bridgeCfg = "\niface %s inet manual\n \ auto %s\n \ iface %s inet %s\n \ bridge_ports %s\n"%(dev.name, br, br, dev.method, dev.name) else: raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType) cfo.replace_line("^ *iface %s.*"%dev.name, bridgeCfg)
def config(self): try: cfo = configFileOps("/etc/sudoers", self) cfo.addEntry("cloud ALL ", "NOPASSWD : /bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount") cfo.rmEntry("Defaults", "requiretty", " ") cfo.save() return True except: raise
def config(self): try: cfo = configFileOps("/etc/sudoers", self) cfo.addEntry("cloud ALL ", "NOPASSWD : ALL") cfo.rmEntry("Defaults", "requiretty", " ") cfo.save() return True except: raise
def config(self): try: cfo = configFileOps("/etc/sudoers", self) cfo.addEntry("cloud ALL ", "NOPASSWD : /bin/chmod, /bin/cp, /bin/mkdir, /bin/mount, /bin/umount") cfo.rmEntry("Defaults", "requiretty", " ") cfo.save() return True except: raise
def config(self): try: cfo = configFileOps("/etc/sudoers", self) cfo.addEntry("cloud ALL ", "NOPASSWD : ALL") cfo.rmEntry("Defaults", "requiretty", " ") cfo.save() return True except: raise
def addBridge(self, brName, dev): bash("ifdown %s"%dev.name) if not os.path.exists(self.brCfgFile): shutil.copy(self.devCfgFile, self.brCfgFile) #config device file at first: disable nm, set onboot=yes if not cfo = configFileOps(self.devCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") cfo.addEntry("BRIDGE", brName) cfo.save() cfo = configFileOps(self.brCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") cfo.addEntry("DEVICE", brName) cfo.addEntry("TYPE", "Bridge") cfo.save()
def addBridge(self, brName, dev): bash("ifdown %s"%dev.name) if not os.path.exists(self.brCfgFile): shutil.copy(self.devCfgFile, self.brCfgFile) #config device file at first: disable nm, set onboot=yes if not cfo = configFileOps(self.devCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") cfo.addEntry("BRIDGE", brName) cfo.save() cfo = configFileOps(self.brCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") cfo.addEntry("DEVICE", brName) cfo.addEntry("TYPE", "Bridge") cfo.save()
def addBridge(self, brName, dev): bash("ifdown %s" % dev.name) if not os.path.exists(self.brCfgFile): shutil.copy(self.devCfgFile, self.brCfgFile) #config device file at first: disable nm, set onboot=yes if not cfo = configFileOps(self.devCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") if self.syscfg.env.bridgeType == "openvswitch": if cfo.getEntry("IPADDR"): cfo.rmEntry("IPADDR", cfo.getEntry("IPADDR")) cfo.addEntry("DEVICETYPE", "ovs") cfo.addEntry("TYPE", "OVSPort") cfo.addEntry("OVS_BRIDGE", brName) elif self.syscfg.env.bridgeType == "native": cfo.addEntry("BRIDGE", brName) else: raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType) cfo.save() cfo = configFileOps(self.brCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") cfo.addEntry("DEVICE", brName) if self.syscfg.env.bridgeType == "openvswitch": if cfo.getEntry("HWADDR"): cfo.rmEntry("HWADDR", cfo.getEntry("HWADDR")) if cfo.getEntry("UUID"): cfo.rmEntry("UUID", cfo.getEntry("UUID")) cfo.addEntry("STP", "yes") cfo.addEntry("DEVICETYPE", "ovs") cfo.addEntry("TYPE", "OVSBridge") elif self.syscfg.env.bridgeType == "native": cfo.addEntry("TYPE", "Bridge") else: raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType) cfo.save()
def addBridge(self, br, dev): bash("ifdown %s"%dev.name) for line in file(self.netCfgFile).readlines(): match = re.match("^ *iface %s.*"%dev.name, line) if match is not None: dev.method = self.getNetworkMethod(match.group(0)) bridgeCfg = "\niface %s inet manual\n \ auto %s\n \ iface %s inet %s\n \ bridge_ports %s\n"%(dev.name, br, br, dev.method, dev.name) cfo = configFileOps(self.netCfgFile, self) cfo.replace_line("^ *iface %s.*"%dev.name, bridgeCfg)
def addBridge(self, br, dev): bash("ifdown %s"%dev.name) for line in file(self.netCfgFile).readlines(): match = re.match("^ *iface %s.*"%dev.name, line) if match is not None: dev.method = self.getNetworkMethod(match.group(0)) bridgeCfg = "\niface %s inet manual\n \ auto %s\n \ iface %s inet %s\n \ bridge_ports %s\n"%(dev.name, br, br, dev.method, dev.name) cfo = configFileOps(self.netCfgFile, self) cfo.replace_line("^ *iface %s.*"%dev.name, bridgeCfg)
def addBridge(self, brName, dev): bash("ifdown %s" % dev.name) if not os.path.exists(self.brCfgFile): shutil.copy(self.devCfgFile, self.brCfgFile) #config device file at first: disable nm, set onboot=yes if not cfo = configFileOps(self.devCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") if self.syscfg.env.bridgeType == "openvswitch": if cfo.getEntry("IPADDR"): cfo.rmEntry("IPADDR", cfo.getEntry("IPADDR")) cfo.addEntry("DEVICETYPE", "ovs") cfo.addEntry("TYPE", "OVSPort") cfo.addEntry("OVS_BRIDGE", brName) elif self.syscfg.env.bridgeType == "native": cfo.addEntry("BRIDGE", brName) else: raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType) cfo.save() cfo = configFileOps(self.brCfgFile, self) cfo.addEntry("NM_CONTROLLED", "no") cfo.addEntry("ONBOOT", "yes") cfo.addEntry("DEVICE", brName) if self.syscfg.env.bridgeType == "openvswitch": if cfo.getEntry("HWADDR"): cfo.rmEntry("HWADDR", cfo.getEntry("HWADDR")) if cfo.getEntry("UUID"): cfo.rmEntry("UUID", cfo.getEntry("UUID")) cfo.addEntry("STP", "yes") cfo.addEntry("DEVICETYPE", "ovs") cfo.addEntry("TYPE", "OVSBridge") elif self.syscfg.env.bridgeType == "native": cfo.addEntry("TYPE", "Bridge") else: raise CloudInternalException("Unknown network.bridge.type %s" % self.syscfg.env.bridgeType) cfo.save()
def config(self): try: cfo = configFileOps("/etc/cgconfig.conf", self) addConfig = "group virt {\n \ cpu {\n \ cpu.shares = 9216;\n \ }\n \ }\n" cfo.add_lines(addConfig) self.syscfg.svo.stopService("cgconfig", True) self.syscfg.svo.enableService("cgconfig",forcestart=True) cfo = configFileOps("/etc/cgrules.conf", self) cfgline = "root:/usr/sbin/libvirtd cpu virt/\n" cfo.add_lines(cfgline) self.syscfg.svo.stopService("cgred", True) if not self.syscfg.svo.enableService("cgred"): return False return True except: raise
def config(self): try: cfo = configFileOps("/etc/cgconfig.conf", self) addConfig = "group virt {\n \ cpu {\n \ cpu.shares = 9216;\n \ }\n \ }\n" cfo.add_lines(addConfig) self.syscfg.svo.stopService("cgconfig", True) self.syscfg.svo.enableService("cgconfig",forcestart=True) cfo = configFileOps("/etc/cgrules.conf", self) cfgline = "root:/usr/sbin/libvirtd cpu virt/\n" cfo.add_lines(cfgline) self.syscfg.svo.stopService("cgred", True) if not self.syscfg.svo.enableService("cgred"): return False return True except: raise
def configureLibvirtConfig(tls_enabled = True, cfg = None): cfo = configFileOps("/etc/libvirt/libvirtd.conf", cfg) if tls_enabled: cfo.addEntry("listen_tcp", "0") cfo.addEntry("listen_tls", "1") cfo.addEntry("key_file", "\"/etc/pki/libvirt/private/serverkey.pem\"") cfo.addEntry("cert_file", "\"/etc/pki/libvirt/servercert.pem\"") cfo.addEntry("ca_file", "\"/etc/pki/CA/cacert.pem\"") else: cfo.addEntry("listen_tcp", "1") cfo.addEntry("listen_tls", "0") cfo.addEntry("tcp_port", "\"16509\"") cfo.addEntry("tls_port", "\"16514\"") cfo.addEntry("auth_tcp", "\"none\"") cfo.addEntry("auth_tls", "\"none\"") cfo.save()
def configureLibvirtConfig(tls_enabled = True, cfg = None): cfo = configFileOps("/etc/libvirt/libvirtd.conf", cfg) if tls_enabled: cfo.addEntry("listen_tcp", "0") cfo.addEntry("listen_tls", "1") cfo.addEntry("key_file", "\"/etc/pki/libvirt/private/serverkey.pem\"") cfo.addEntry("cert_file", "\"/etc/pki/libvirt/servercert.pem\"") cfo.addEntry("ca_file", "\"/etc/pki/CA/cacert.pem\"") else: cfo.addEntry("listen_tcp", "1") cfo.addEntry("listen_tls", "0") cfo.addEntry("tcp_port", "\"16509\"") cfo.addEntry("tls_port", "\"16514\"") cfo.addEntry("auth_tcp", "\"none\"") cfo.addEntry("auth_tls", "\"none\"") cfo.save()
def config(self): selinuxEnabled = True if not bash("selinuxenabled").isSuccess(): selinuxEnabled = False if selinuxEnabled: try: bash("setenforce 0") cfo = configFileOps("/etc/selinux/config", self) cfo.replace_line("SELINUX=", "SELINUX=permissive") return True except: raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloud/setupAgent.log for detail, \ or you can manually disable it before starting myCloud") else: return True
def config(self): try: self.setupLiveMigration() filename = "/etc/libvirt/qemu.conf" cfo = configFileOps(filename, self) cfo.addEntry("security_driver", "\"none\"") cfo.addEntry("user", "\"root\"") cfo.addEntry("group", "\"root\"") cfo.save() self.syscfg.svo.stopService("libvirt-bin") self.syscfg.svo.enableService("libvirt-bin") return True except: raise
def config(self): try: self.setupLiveMigration() filename = "/etc/libvirt/qemu.conf" cfo = configFileOps(filename, self) cfo.addEntry("security_driver", "\"none\"") cfo.addEntry("user", "\"root\"") cfo.addEntry("group", "\"root\"") cfo.save() self.syscfg.svo.stopService("libvirt-bin") self.syscfg.svo.enableService("libvirt-bin") return True except: raise
def config(self): selinuxEnabled = True if not bash("selinuxenabled").isSuccess(): selinuxEnabled = False if selinuxEnabled: try: bash("setenforce 0") cfo = configFileOps("/etc/selinux/config", self) cfo.replace_line("SELINUX=", "SELINUX=permissive") return True except: raise CloudRuntimeException("Failed to configure selinux, please see the /var/log/cloudstack/setupAgent.log for detail, \ or you can manually disable it before starting myCloud") else: return True
def configConsole(self): try: cfo = configFileOps("/etc/cosmic/agent/agent.properties", self) cfo.addEntry("host", self.syscfg.env.mgtSvr) cfo.addEntry("zone", self.syscfg.env.zone) cfo.addEntry("pod", self.syscfg.env.pod) cfo.addEntry("cluster", self.syscfg.env.cluster) cfo.addEntry("port", "8250") cfo.addEntry("guid", str(self.syscfg.env.uuid)) cfo.addEntry("resource", "com.cloud.agent.resource.computing.consoleProxyResource") cfo.save() self.syscfg.svo.stopService("cosmic-agent") self.syscfg.svo.enableService("cosmic-agent") return True except: raise
def configMyCloud(self): try: cfo = configFileOps("/etc/cosmic/agent/agent.properties", self) cfo.addEntry("host", self.syscfg.env.mgtSvr) cfo.addEntry("zone", self.syscfg.env.zone) cfo.addEntry("port", "443") if cfo.getEntry("local.storage.uuid") == "": cfo.addEntry("local.storage.uuid", str(bash("uuidgen").getStdout())) cfo.addEntry("guid", str(self.syscfg.env.uuid)) cfo.addEntry("mount.path", "/mnt") cfo.addEntry("resource", "com.cloud.storage.resource.LocalSecondaryStorageResource|com.cloud.agent.resource.computing.CloudZonesComputingResource") cfo.save() #self.syscfg.svo.stopService("cloud-agent") #self.syscfg.svo.enableService("cloud-agent") return True except: raise
def configConsole(self): try: cfo = configFileOps("/etc/cosmic/agent/agent.properties", self) cfo.addEntry("host", self.syscfg.env.mgtSvr) cfo.addEntry("zone", self.syscfg.env.zone) cfo.addEntry("pod", self.syscfg.env.pod) cfo.addEntry("cluster", self.syscfg.env.cluster) cfo.addEntry("port", "8250") cfo.addEntry("guid", str(self.syscfg.env.uuid)) cfo.addEntry( "resource", "com.cloud.agent.resource.computing.consoleProxyResource") cfo.save() self.syscfg.svo.stopService("cosmic-agent") self.syscfg.svo.enableService("cosmic-agent") return True except: raise
def config(self): try: if not os.path.exists("/etc/nfsmount.conf"): return True cfo = configFileOps("/etc/nfsmount.conf") cfo.addEntry("AC", "False") cfo.save() self.syscfg.svo.enableService("rpcbind") self.syscfg.svo.stopService("rpcbind") self.syscfg.svo.startService("rpcbind") self.syscfg.svo.enableService("nfs") self.syscfg.svo.stopService("nfs") self.syscfg.svo.startService("nfs") return True except: logging.debug(formatExceptionInfo()) return False
def config(self): try: if not os.path.exists("/etc/nfsmount.conf"): return True cfo = configFileOps("/etc/nfsmount.conf") cfo.addEntry("AC", "False") cfo.save() self.syscfg.svo.enableService("rpcbind") self.syscfg.svo.stopService("rpcbind") self.syscfg.svo.startService("rpcbind") self.syscfg.svo.enableService("nfs") self.syscfg.svo.stopService("nfs") self.syscfg.svo.startService("nfs") return True except: logging.debug(formatExceptionInfo()) return False
except: raise e #add DNAT 443 to 8250 if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ") #generate keystore keyPath = "/var/lib/cloud/management/web.keystore" if not os.path.exists(keyPath): cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath) if not cmd.isSuccess(): raise CloudInternalException(cmd.getErrMsg()) cfo = configFileOps("/etc/cloudstack/management/tomcat6.conf", self) cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \""%keyPath) elif self.syscfg.env.svrMode == "HttpsServer": if not os.path.exists("/etc/cloudstack/management/server-ssl.xml") or not os.path.exists("/etc/cloudstack/management/tomcat6-ssl.conf"): raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server-ssl.xml or /etc/cloudstack/management/tomcat6-ssl.conf, https enables failed") if os.path.exists("/etc/cloudstack/management/server.xml"): bash("rm -f /etc/cloudstack/management/server.xml") if os.path.exists("/etc/cloudstack/management/tomcat6.conf"): bash("rm -f /etc/cloudstack/management/tomcat6.conf") bash("ln -s /etc/cloudstack/management/server-ssl.xml /etc/cloudstack/management/server.xml") bash("ln -s /etc/cloudstack/management/tomcat6-ssl.conf /etc/cloudstack/management/tomcat6.conf") if not bash("iptables-save |grep PREROUTING | grep 6443").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 6443") else: if not os.path.exists("/etc/cloudstack/management/server-nonssl.xml") or not os.path.exists("/etc/cloudstack/management/tomcat6-nonssl.conf"): raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server-nonssl.xml or /etc/cloudstack/management/tomcat6-nonssl.conf, https enables failed")
raise e # add DNAT 443 to 8250 if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ") # generate keystore keyPath = "/var/cloudstack/management/web.keystore" if not os.path.exists(keyPath): cmd = bash( "keytool -genkeypair -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\"" % keyPath) if not cmd.isSuccess(): raise CloudInternalException(cmd.getErrMsg()) if not self.syscfg.env.svrConf == "Tomcat7": cfo = configFileOps("/etc/cloudstack/management/tomcat6.conf", self) cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \"" % keyPath) elif self.syscfg.env.svrMode == "HttpsServer": if self.syscfg.env.svrConf == "Tomcat7": if not os.path.exists("/etc/cloudstack/management/server7-ssl.xml"): raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server7-ssl.xml, https enable failed") if os.path.exists("/etc/cloudstack/management/server.xml"): bash("rm -f /etc/cloudstack/management/server.xml") bash("ln -s /etc/cloudstack/management/server7-ssl.xml /etc/cloudstack/management/server.xml") else: if not os.path.exists("/etc/cloudstack/management/server-ssl.xml") or not os.path.exists("/etc/cloudstack/management/tomcat6-ssl.conf"): raise CloudRuntimeException("Cannot find /etc/cloudstack/management/server-ssl.xml or /etc/cloudstack/management/tomcat6-ssl.conf, https enable failed") if os.path.exists("/etc/cloudstack/management/server.xml"): bash("rm -f /etc/cloudstack/management/server.xml") if os.path.exists("/etc/cloudstack/management/tomcat6.conf"): bash("rm -f /etc/cloudstack/management/tomcat6.conf")
except: raise e #add DNAT 443 to 8250 if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ") elif self.syscfg.env.svrMode == "HttpsServer": if not bash("iptables-save |grep PREROUTING | grep 8443").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8443") bash("touch /var/run/cloudstack-management.pid") bash("chown cloud.cloud /var/run/cloudstack-management.pid") checkHostName() bash("mkdir -p /var/lib/cloudstack/") bash("chown cloud:cloud -R /var/lib/cloudstack/") #set max process per account is unlimited if os.path.exists("/etc/security/limits.conf"): cfo = configFileOps("/etc/security/limits.conf") cfo.add_lines("cloud soft nproc -1\n") cfo.add_lines("cloud hard nproc -1\n") cfo.save() if self.syscfg.env.noStart == False: self.syscfg.svo.stopService("cloudstack-management") if self.syscfg.svo.enableService("cloudstack-management"): return True else: raise CloudRuntimeException("Failed to configure %s, please see the /var/log/cloudstack/management/setupManagement.log for detail"%self.serviceName) else: print "Configured successfully, but not starting management server." return True
except: raise e #add DNAT 443 to 8250 if not bash("iptables-save |grep PREROUTING | grep 8250").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 8250 ") #generate keystore keyPath = "/var/lib/cloud/management/web.keystore" if not os.path.exists(keyPath): cmd = bash("keytool -genkey -keystore %s -storepass \"cloud.com\" -keypass \"cloud.com\" -validity 3650 -dname cn=\"Cloudstack User\",ou=\"mycloud.cloud.com\",o=\"mycloud.cloud.com\",c=\"Unknown\""%keyPath) if not cmd.isSuccess(): raise CloudInternalException(cmd.getErrMsg()) cfo = configFileOps("/etc/cloud/management/tomcat6.conf", self) cfo.add_lines("JAVA_OPTS+=\" -Djavax.net.ssl.trustStore=%s \""%keyPath) elif self.syscfg.env.svrMode == "HttpsServer": if not os.path.exists("/etc/cloud/management/server-ssl.xml") or not os.path.exists("/etc/cloud/management/tomcat6-ssl.conf"): raise CloudRuntimeException("Cannot find /etc/cloud/management/server-ssl.xml or /etc/cloud/management/tomcat6-ssl.conf, https enables failed") if os.path.exists("/etc/cloud/management/server.xml"): bash("rm -f /etc/cloud/management/server.xml") if os.path.exists("/etc/cloud/management/tomcat6.conf"): bash("rm -f /etc/cloud/management/tomcat6.conf") bash("ln -s /etc/cloud/management/server-ssl.xml /etc/cloud/management/server.xml") bash("ln -s /etc/cloud/management/tomcat6-ssl.conf /etc/cloud/management/tomcat6.conf") if not bash("iptables-save |grep PREROUTING | grep 6443").isSuccess(): bash("iptables -A PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-port 6443") else: if not os.path.exists("/etc/cloud/management/server-nonssl.xml") or not os.path.exists("/etc/cloud/management/tomcat6-nonssl.conf"): raise CloudRuntimeException("Cannot find /etc/cloud/management/server-nonssl.xml or /etc/cloud/management/tomcat6-nonssl.conf, https enables failed")