def daemonSetup(self): if not os.path.exists(self._defaults): raise RuntimeError( _( "The configuration defaults file '{file}' " "required but missing" ).format( file=self._defaults, ) ) self._config = configfile.ConfigFile( ( self._defaults, config.ENGINE_FKLSNR_VARS, ), ) self._engineConfig = configfile.ConfigFile( ( self._engineDefaults, config.ENGINE_VARS, ), ) self._checkInstallation( pidfile=self.pidfile, )
def _customization(self): legacy = osetupcons.FileLocations.LEGACY_OVIRT_ENGINE_SYSCONFIG config = None for filename in ( legacy, legacy + '.rpmsave', ): if os.path.exists(filename): self.logger.debug('Upgrading from 3.2.z') self.environment[ osetupcons.ApacheEnv.CONFIGURE_ROOT_REDIRECTION] = True config = configfile.ConfigFile([ filename, ]) break if config is None: self.logger.debug('Upgrading from 3.3.z legacy') config = configfile.ConfigFile( [osetupcons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG]) #preserve engine http and https ports. if config.getboolean('ENGINE_HTTP_ENABLED'): self.environment[ osetupcons.ConfigEnv.JBOSS_DIRECT_HTTP_PORT] = config.get( 'ENGINE_HTTP_PORT') if config.getboolean('ENGINE_HTTPS_ENABLED'): self.environment[ osetupcons.ConfigEnv.JBOSS_DIRECT_HTTPS_PORT] = config.get( 'ENGINE_HTTPS_PORT') self.environment[osetupcons.ConfigEnv.FQDN] = config.get('ENGINE_FQDN') if not config.getboolean('ENGINE_PROXY_ENABLED'): self.environment[osetupcons.ApacheEnv.CONFIGURE_SSL] = True else: #if it's enabled it has been already done self.environment[osetupcons.ApacheEnv.CONFIGURE_SSL] = False for key in ( otopicons.CoreEnv.MODIFIED_FILES, osetupcons.CoreEnv.UNINSTALL_UNREMOVABLE_FILES, ): self.environment[key].append( self.environment[osetupcons.ApacheEnv.HTTPD_CONF_SSL]) self.environment[osetupcons.DBEnv.SECURED] = config.getboolean( name='ENGINE_DB_SECURED', default='ssl=true' in config.get( 'ENGINE_DB_URL', '', )) self.environment[ osetupcons.DBEnv.SECURED_HOST_VALIDATION] = config.getboolean( name='ENGINE_DB_SECURED_VALIDATION', default=False, )
def _init(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG, ]) if config.get('ENGINE_MANUAL'): self._engine_manual = config.get('ENGINE_MANUAL') if os.path.isdir(self._engine_manual): self.environment.setdefault( osetupcons.DocsEnv.DOCS_LOCAL, True ) self.environment.setdefault( osetupcons.DocsEnv.DWH_DOC_URL, osetupcons.Const.DWH_DOC_URI ) self.environment.setdefault( osetupcons.DocsEnv.REPORTS_DOC_URL, osetupcons.Const.REPORTS_DOC_URI ) else: self.environment.setdefault( osetupcons.DocsEnv.DOCS_LOCAL, False ) self.environment.setdefault( osetupcons.DocsEnv.DWH_DOC_URL, osetupcons.Const.DWH_DOC_URL ) self.environment.setdefault( osetupcons.DocsEnv.REPORTS_DOC_URL, osetupcons.Const.REPORTS_DOC_URL )
def _misc(self): config = configfile.ConfigFile( [osetupcons.FileLocations.OVIRT_NFS_RHEL_CONFIG]) changed_lines = [] content = [] if os.path.exists(osetupcons.FileLocations.NFS_RHEL_CONFIG): with open(osetupcons.FileLocations.NFS_RHEL_CONFIG, 'r') as f: content = f.read().splitlines() self.environment[otopicons.CoreEnv.MAIN_TRANSACTION].append( filetransaction.FileTransaction( name=osetupcons.FileLocations.NFS_RHEL_CONFIG, content=osetuputil.editConfigContent( content=content, params=config.values, changed_lines=changed_lines, new_line_tpl='{spaces}{param}="{value}"', ))) self.environment[ osetupcons.CoreEnv.REGISTER_UNINSTALL_GROUPS].createGroup( group='nfs_config', description='NFS Configuration', optional=True).addChanges( 'nfs_config', osetupcons.FileLocations.NFS_RHEL_CONFIG, changed_lines, ) self.environment[ osetupcons.CoreEnv.UNINSTALL_UNREMOVABLE_FILES].append( osetupcons.FileLocations.NFS_RHEL_CONFIG)
def _upate_external_providers_keystore(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_SSO ]) truststore = config.get( 'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE' ) truststore_password = config.get( 'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD' ) self._execute_command( ( 'keytool', '-import', '-alias', OvnEnv.PROVIDER_NAME, '-keystore', truststore, '-file', oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT, '-noprompt', '-storepass', truststore_password, ), _( 'Failed to import provider certificate into ' 'the external provider keystore' ) )
def _validation(self): config = configfile.ConfigFile( (oenginecons.FileLocations.OVIRT_ENGINE_NOTIFIER_SERVICE_CONFIG, ), ) filterStr = config.get('FILTER') self.logger.debug('filterStr: %s', filterStr) if filterStr is not None and 'VDS_GROUP' in filterStr: ans = dialog.queryBoolean( dialog=self.dialog, name='OVESETUP_WAIT_NOTIFIER_FILTER', note=_( 'Setup found filter/s in engine-notifier configuration ' 'files in {conf}.d/*.conf containing the string ' '"VDS_GROUP".\n You must manually change "VDS_GROUP" to ' '"CLUSTER" throughout the notifier configuration in ' 'order to get notified on cluster related events.\n Do ' 'you want to continue?\n' '(Answering "no" will stop the upgrade ' '(@VALUES@) [@DEFAULT@]:').format( conf=(oenginecons.FileLocations. OVIRT_ENGINE_NOTIFIER_SERVICE_CONFIG), ), prompt=True, default=False, ) self.environment[ oenginecons.ConfigEnv.IGNORE_VDS_GROUP_IN_NOTIFIER] = ans if not ans: raise RuntimeError(_('Aborted by user'))
def _customization(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG, ]) if not ( config.get('ENGINE_HEAP_MIN') and config.get('ENGINE_HEAP_MAX') ): self._enabled = True calculated_heap_size = '{sizemb}M'.format( sizemb=max( 1024, self.environment[osetupcons.ConfigEnv.TOTAL_MEMORY_MB] // 4 ) ) if self.environment[ oenginecons.ConfigEnv.ENGINE_HEAP_MIN ] is None: self.environment[ oenginecons.ConfigEnv.ENGINE_HEAP_MIN ] = config.get('ENGINE_HEAP_MIN') or calculated_heap_size if self.environment[ oenginecons.ConfigEnv.ENGINE_HEAP_MAX ] is None: self.environment[ oenginecons.ConfigEnv.ENGINE_HEAP_MAX ] = config.get('ENGINE_HEAP_MAX') or calculated_heap_size
def getStatement(self): from ovirt_engine import configfile engineConfig = configfile.ConfigFile(files=[ os.path.join( self.dataDir, 'services', 'ovirt-engine', 'ovirt-engine.conf', ), os.path.join( self.prefix, 'etc', 'ovirt-engine', 'engine.conf', ), ], ) statement = Statement() statement.connect( host=engineConfig.get('ENGINE_DB_HOST'), port=engineConfig.get('ENGINE_DB_PORT'), secured=engineConfig.getboolean('ENGINE_DB_SECURED'), securedHostValidation=engineConfig.getboolean( 'ENGINE_DB_SECURED_VALIDATION'), user=engineConfig.get('ENGINE_DB_USER'), password=engineConfig.get('ENGINE_DB_PASSWORD'), database=engineConfig.get('ENGINE_DB_DATABASE'), ) return statement
def _upate_external_providers_keystore(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_SSO ]) truststore = config.get('ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE') truststore_password = config.get( 'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD') command_parts = ( 'keytool', '-import', '-alias', OvnEnv.PROVIDER_NAME, '-keystore', truststore, '-file', oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT, '-noprompt', '-storepass', ) command = command_parts + (truststore_password, ) manual_keytool_command = ( command_parts + ('"${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}"', )) self._execute_command(command, _('Failed to import provider certificate into ' 'the external provider keystore'), manual_commands=( ('.', FileLocations.OVIRT_ENGINE_DATADIR + '/bin/engine-prolog.sh'), manual_keytool_command, ))
def _setup(self): config = configfile.ConfigFile([ odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG_DEFAULTS, odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG, ]) self.environment[ odwhcons.CoreEnv.UUID ] = config.get('DWH_UUID') or str(uuid.uuid4())
def main(): service.setupLogger() logger = logging.getLogger(_LOGGER_NAME) try: args = parse_args() cfg_file = configfile.ConfigFile([ config.VMCONSOLE_PROXY_HELPER_DEFAULTS, config.VMCONSOLE_PROXY_HELPER_VARS, ]) if cfg_file.getboolean('DEBUG') or args.debug: logger.setLevel(logging.DEBUG) base_url = ( # debug, emergency override os.getenv('OVIRT_VMCONSOLE_ENGINE_BASE_URL') or cfg_file.get('ENGINE_BASE_URL')) logger.debug('using engine base url: %s', base_url) enc = make_ticket_encoder(cfg_file) data = enc.encode(json.dumps(make_request(args))) req = urllib2.Request( urlparse.urljoin(base_url, 'services/vmconsole-proxy'), data=data, headers={ 'Content-Type': 'text/plain', 'Content-Length': len(data), }, ) logger.debug('will send %r to %r', req.get_method(), req.get_full_url()) ca_certs = cfg_file.get('ENGINE_CA') if not ca_certs: logger.warn('Engine CA not configured, ' 'connecting in insecure mode') ca_certs = None with urlopen( url=req, ca_certs=ca_certs, verify_host=cfg_file.getboolean('ENGINE_VERIFY_HOST')) as res: if res.getcode() != _HTTP_STATUS_CODE_SUCCESS: raise RuntimeError('Engine call failed: code=%d' % res.getcode()) print(handle_response(res.read())) except Exception as ex: logger.error('Error: %s', ex) logger.debug('Exception', exc_info=True) return 1 else: return 0
def _upate_external_providers_keystore(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) truststore = config.get( 'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE' ) truststore_password = config.get( 'ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD' ) # We need to disable FIPS configuration of OpenJDK to be able to work # with file system keystores and interoperability with openssl command = ( 'keytool', '-J-Dcom.redhat.fips=false', '-import', '-alias', OvnEnv.PROVIDER_NAME, '-keystore', truststore, '-file', oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CA_CERT, '-noprompt', '-storepass:env', 'pass', ) self._execute_command( command, _( 'Failed to import provider certificate into ' 'the external provider keystore' ), manual_commands=( ( '.', FileLocations.OVIRT_ENGINE_DATADIR + '/bin/engine-prolog.sh' ), ( ( 'export pass='******'"${ENGINE_EXTERNAL_PROVIDERS_TRUST_STORE_PASSWORD}"' ), ), command, ), env={ 'pass': truststore_password, }, ) self._set_file_permissions( truststore, True, stat.S_IRUSR | stat.S_IWUSR | stat.S_IRGRP | stat.S_IROTH, )
def _setup(self): dbovirtutils = database.OvirtUtils( plugin=self, dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS, ) dbovirtutils.detectCommands() config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) if config.get('ENGINE_DB_PASSWORD'): try: dbenv = {} for e, k in ( (oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'), (oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'), (oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'), (oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'), (oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'), ): dbenv[e] = config.get(k) for e, k in ( (oenginecons.EngineDBEnv.SECURED, 'ENGINE_DB_SECURED'), ( oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION, 'ENGINE_DB_SECURED_VALIDATION' ) ): dbenv[e] = config.getboolean(k) dbovirtutils.tryDatabaseConnect(dbenv) self.environment.update(dbenv) self.environment[ oenginecons.EngineDBEnv.NEW_DATABASE ] = dbovirtutils.isNewDatabase() except RuntimeError as e: self.logger.debug( 'Existing credential use failed', exc_info=True, ) msg = _( 'Cannot connect to Engine database using existing ' 'credentials: {user}@{host}:{port}' ).format( host=dbenv[oenginecons.EngineDBEnv.HOST], port=dbenv[oenginecons.EngineDBEnv.PORT], database=dbenv[oenginecons.EngineDBEnv.DATABASE], user=dbenv[oenginecons.EngineDBEnv.USER], ) if self.environment[ osetupcons.CoreEnv.ACTION ] == osetupcons.Const.ACTION_REMOVE: self.logger.warning(msg) else: raise RuntimeError(msg)
def _filter_engine_sensitive_keys(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) sensitive_keys = [ k.strip() for k in config.get('SENSITIVE_KEYS').split(',') if k.strip() ] for k in sensitive_keys: self.environment[otopicons.CoreEnv.LOG_FILTER].append( config.get(k))
def connect_to_engine_db(self): statement = None dbovirtutils = database.OvirtUtils( plugin=self, dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS, ) config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) if config.get('ENGINE_DB_PASSWORD'): try: dbenv = {} for e, k in ( (oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'), (oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'), (oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'), (oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'), (oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'), ): dbenv[e] = config.get(k) for e, k in ((oenginecons.EngineDBEnv.SECURED, 'ENGINE_DB_SECURED'), (oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION, 'ENGINE_DB_SECURED_VALIDATION')): dbenv[e] = config.getboolean(k) dbovirtutils.tryDatabaseConnect(dbenv) self.environment.update(dbenv) self.environment[oenginecons.EngineDBEnv. NEW_DATABASE] = dbovirtutils.isNewDatabase() statement = database.Statement( dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS, environment=self.environment, ) except RuntimeError as e: self.logger.debug( 'Existing credential use failed', exc_info=True, ) return statement
def _setup(self): config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG, ]) if config.get('ENGINE_FQDN'): self._engine_fqdn = config.get('ENGINE_FQDN')
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError(_('This service cannot be executed as root')) if not os.path.exists(self._defaults): raise RuntimeError( _("The configuration defaults file '{file}' " "required but missing").format(file=self._defaults, )) self._config = configfile.ConfigFile(( self._defaults, config.ENGINE_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._tempDir = service.TempDir(self._config.get('ENGINE_TMP')) self._tempDir.create() self._setupEngineApps() jbossTempDir = os.path.join( self._config.get('ENGINE_TMP'), 'tmp', ) jbossConfigDir = os.path.join( self._config.get('ENGINE_TMP'), 'config', ) javaModulePath = self._linkModules( '%s:%s' % ( self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', ), ), ) os.mkdir(jbossTempDir) os.mkdir(jbossConfigDir) os.chmod(jbossConfigDir, 0o700) jbossBootLoggingFile = self._processTemplate( template=os.path.join(os.path.dirname(sys.argv[0]), 'ovirt-engine-logging.properties.in'), dir=jbossConfigDir, ) jbossConfigFile = self._processTemplate( template=os.path.join( os.path.dirname(sys.argv[0]), 'ovirt-engine.xml.in', ), dir=jbossConfigDir, mode=0o600, ) # We start with an empty list of arguments: self._engineArgs = [] # Add arguments for the java virtual machine: self._engineArgs.extend([ # The name or the process, as displayed by ps: 'ovirt-engine', # Virtual machine options: '-server', '-XX:+TieredCompilation', '-Xms%s' % self._config.get('ENGINE_HEAP_MIN'), '-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'), '-XX:PermSize=%s' % self._config.get('ENGINE_PERM_MIN'), '-XX:MaxPermSize=%s' % self._config.get('ENGINE_PERM_MAX'), '-Djava.net.preferIPv4Stack=true', '-Dsun.rmi.dgc.client.gcInterval=3600000', '-Dsun.rmi.dgc.server.gcInterval=3600000', '-Djava.awt.headless=true', ]) # Add extra system properties provided in the configuration: for engineProperty in shlex.split( self._config.get('ENGINE_PROPERTIES')): if not engineProperty.startswith('-D'): engineProperty = '-D' + engineProperty self._engineArgs.append(engineProperty) # Add extra jvm arguments provided in the configuration: for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')): self._engineArgs.append(arg) # Add arguments for remote debugging of the java virtual machine: engineDebugAddress = self._config.get('ENGINE_DEBUG_ADDRESS') if engineDebugAddress: self._engineArgs.append( ('-Xrunjdwp:transport=dt_socket,address=%s,' 'server=y,suspend=n') % (engineDebugAddress)) # Enable verbose garbage collection if required: if self._config.getboolean('ENGINE_VERBOSE_GC'): self._engineArgs.extend([ '-verbose:gc', '-XX:+PrintGCTimeStamps', '-XX:+PrintGCDetails', ]) # Add arguments for JBoss: self._engineArgs.extend([ '-Djava.util.logging.manager=org.jboss.logmanager', '-Dlogging.configuration=file://%s' % jbossBootLoggingFile, '-Dorg.jboss.resolver.warning=true', '-Djboss.modules.system.pkgs=org.jboss.byteman', '-Djboss.modules.write-indexes=false', '-Djboss.server.default.config=ovirt-engine', '-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'), '-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'), '-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'), '-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'), '-Djboss.server.config.dir=%s' % jbossConfigDir, '-Djboss.server.temp.dir=%s' % jbossTempDir, '-Djboss.controller.temp.dir=%s' % jbossTempDir, '-jar', jbossModulesJar, '-mp', javaModulePath, '-jaxpmodule', 'javax.xml.jaxp-provider', 'org.jboss.as.standalone', '-c', os.path.basename(jbossConfigFile), ]) self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ('/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin'), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'ENGINE_DEFAULTS': self._defaults, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_ETC': self._config.get('ENGINE_ETC'), 'ENGINE_LOG': self._config.get('ENGINE_LOG'), 'ENGINE_TMP': self._config.get('ENGINE_TMP'), 'ENGINE_USR': self._config.get('ENGINE_USR'), 'ENGINE_VAR': self._config.get('ENGINE_VAR'), 'ENGINE_CACHE': self._config.get('ENGINE_CACHE'), })
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError(_('This service cannot be executed as root')) if not os.path.exists(self._defaults): raise RuntimeError( _("The configuration defaults file '{file}' " "required but missing").format(file=self._defaults, )) self._config = configfile.ConfigFile(( self._defaults, config.ENGINE_NOTIFIER_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._engineArgs = [ # The name of the process, as displayed by ps: 'ovirt-engine-notifier', ] # Add extra system properties provided in the configuration: for notifierProperty in shlex.split( self._config.get('NOTIFIER_PROPERTIES')): if not notifierProperty.startswith('-D'): notifierProperty = '-D' + notifierProperty self._engineArgs.append(notifierProperty) # Add extra jvm arguments provided in the configuration: for arg in shlex.split(self._config.get('NOTIFIER_JVM_ARGS')): self._engineArgs.append(arg) debugAddress = self._config.get('NOTIFIER_DEBUG_ADDRESS') if debugAddress: self._engineArgs.append( ('-agentlib:jdwp=transport=dt_socket,address=%s,' 'server=y,suspend=n') % (debugAddress)) self._engineArgs += [ '-jar', jbossModulesJar, '-dependencies', 'org.ovirt.engine.core.tools', '-class', 'org.ovirt.engine.core.notifier.Notifier', ] self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ('/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin'), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'CLASSPATH': '', 'JAVA_MODULEPATH': '%s:%s' % (self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', )), 'ENGINE_DEFAULTS': config.ENGINE_DEFAULTS, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_NOTIFIER_DEFAULTS': self._defaults, 'ENGINE_NOTIFIER_VARS': config.ENGINE_NOTIFIER_VARS, 'MALLOC_ARENA_MAX': self._config.get('NOTIFIER_MALLOC_ARENA_MAX'), }) self._validateConfig()
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError( _('This service cannot be executed as root') ) if not os.path.exists(self._defaults): raise RuntimeError( _( "The configuration defaults file '{file}' " "required but missing" ).format( file=self._defaults, ) ) self._config = configfile.ConfigFile( ( self._defaults, config.DWH_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) self._checkInstallation( pidfile=self.pidfile, ) self._tempDir = service.TempDir() self._tempDir.create() settings = os.path.join(self._tempDir.directory, 'settings.properties') with open(settings, 'w') as f: f.write( util.processTemplate( os.path.join( self._config.get('PKG_DATA_DIR'), 'conf', 'settings.properties.in' ), dict( ('@%s@' % k, util.escape(v, ':=\\ ')) for (k, v) in self._config.values.items() ), ) ) self._serviceArgs = [ 'ovirt-engine-dwhd', '-Dorg.ovirt.engine.dwh.settings=%s' % settings, ] # Add arguments for the java heap size: self._serviceArgs.extend([ '-Xms%s' % self._config.get('DWH_HEAP_MIN'), '-Xmx%s' % self._config.get('DWH_HEAP_MAX'), ]) for engineProperty in shlex.split( self._config.get('DWH_PROPERTIES') ): if not engineProperty.startswith('-D'): engineProperty = '-D' + engineProperty self._serviceArgs.append(engineProperty) for arg in shlex.split(self._config.get('DWH_JVM_ARGS')): self._serviceArgs.append(arg) engineDebugAddress = self._config.get('DWH_DEBUG_ADDRESS') if engineDebugAddress: self._serviceArgs.append( ( '-Xrunjdwp:transport=dt_socket,address=%s,' 'server=y,suspend=n' ) % ( engineDebugAddress ) ) if self._config.getboolean('DWH_VERBOSE_GC'): self._serviceArgs.extend([ '-verbose:gc', '-XX:+PrintGCTimeStamps', '-XX:+PrintGCDetails', ]) self._serviceArgs.extend([ '-classpath', '%s:%s' % ( os.path.join( self._config.get('PKG_JAVA_LIB'), '*', ), self._getClasspath(), ), 'ovirt_engine_dwh.historyetl_4_3.HistoryETL', '--context=Default', ]) self._serviceEnv = os.environ.copy() self._serviceEnv.update({ 'PATH': ( '/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin' ), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', })
def _setup_engine_db_credentials(self): # TODO: refactor the code in this function to be usable by similar # ones config = configfile.ConfigFile([ odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG_DEFAULTS, odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG, ]) if config.get('ENGINE_DB_PASSWORD'): try: dbenv = {} for e, k in ( (oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'), (oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'), (oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'), (oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'), (oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'), ): dbenv[e] = ( self.environment.get(e) if self.environment.get(e) is not None else config.get(k) ) for e, k in ( (oenginecons.EngineDBEnv.SECURED, 'ENGINE_DB_SECURED'), ( oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION, 'ENGINE_DB_SECURED_VALIDATION' ) ): dbenv[e] = config.getboolean(k) dbovirtutils = database.OvirtUtils( plugin=self, dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS, ) dbovirtutils.tryDatabaseConnect(dbenv) self.environment.update(dbenv) self.environment[ oenginecons.EngineDBEnv.NEW_DATABASE ] = dbovirtutils.isNewDatabase() self.environment[ oenginecons.EngineDBEnv.NEED_DBMSUPGRADE ] = dbovirtutils.checkDBMSUpgrade() except RuntimeError as e: self.logger.debug( 'Existing credential use failed', exc_info=True, ) msg = _( 'Cannot connect to Engine database using existing ' 'credentials: {user}@{host}:{port}' ).format( host=dbenv[oenginecons.EngineDBEnv.HOST], port=dbenv[oenginecons.EngineDBEnv.PORT], database=dbenv[oenginecons.EngineDBEnv.DATABASE], user=dbenv[oenginecons.EngineDBEnv.USER], ) if self.environment[ osetupcons.CoreEnv.ACTION ] == osetupcons.Const.ACTION_REMOVE: self.logger.warning(msg) else: raise RuntimeError(msg)
def _setup(self): legacy = self._parse_legacy_conf(odwhcons.FileLocations.LEGACY_CONFIG) current = configfile.ConfigFile(files=[ odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG_DEFAULTS, odwhcons.FileLocations.OVIRT_ENGINE_DWHD_SERVICE_CONFIG, ], ) # # legacy package installed file with some defaults # we need to ignore it if no password # if (not current.get('ENGINE_DB_PASSWORD') and legacy.get('ovirtEngineHistoryDbPassword')): fixups = [] for old, new in ( ('runDeleteTime', 'DWH_DELETE_JOB_HOUR'), ('runInterleave', 'DWH_SAMPLING'), ('timeBetweenErrorEvents', 'DWH_ERROR_EVENT_INTERVAL'), ('hoursToKeepSamples', 'DWH_TABLES_KEEP_SAMPLES'), ('hoursToKeepHourly', 'DWH_TABLES_KEEP_HOURLY'), ('hoursToKeepDaily', 'DWH_TABLES_KEEP_DAILY'), ): if legacy.get(old) != current.get(new): fixups.append('%s="%s"' % (new, legacy.get(old))) if fixups: uninstall_files = [] self.environment[ osetupcons.CoreEnv.REGISTER_UNINSTALL_GROUPS].addFiles( group='ovirt_dwh_files', fileList=uninstall_files, ) self.environment[otopicons.CoreEnv.MAIN_TRANSACTION].append( filetransaction.FileTransaction( name=(odwhcons.FileLocations. OVIRT_ENGINE_DWHD_SERVICE_CONFIG_LEGACY), content=fixups, modifiedList=uninstall_files, )) jdbcurl = self._RE_LEGACY_JDBC_URL.match( legacy.get('ovirtEngineHistoryDbJdbcConnection')) if (jdbcurl is None or jdbcurl.group('host') is None or jdbcurl.group('database') is None): raise RuntimeError(_('Invalid legacy DWH database config')) self.environment[odwhcons.DBEnv.HOST] = jdbcurl.group('host') self.environment[odwhcons.DBEnv.PORT] = ( jdbcurl.group('port') if jdbcurl.group('port') is not None else odwhcons.Defaults.DEFAULT_DB_PORT) self.environment[odwhcons.DBEnv.DATABASE] = jdbcurl.group( 'database') self.environment[odwhcons.DBEnv.SECURED] = jdbcurl.group( 'extra').find('ssl=true') != -1 self.environment[ odwhcons.DBEnv. SECURED_HOST_VALIDATION] = not jdbcurl.group('extra').find( 'sslfactory=org.postgresql.ssl.NonValidatingFactory') == -1 self.environment[odwhcons.DBEnv.USER] = legacy.get( 'ovirtEngineHistoryDbUser') self.environment[odwhcons.DBEnv.PASSWORD] = legacy.get( 'ovirtEngineHistoryDbPassword') database.OvirtUtils( plugin=self, dbenvkeys=odwhcons.Const.DWH_DB_ENV_KEYS, ).tryDatabaseConnect() self.environment[odwhcons.DBEnv.NEW_DATABASE] = False self.environment[odwhcons.CoreEnv.ENABLE] = True
def _setup(self): dbovirtutils = database.OvirtUtils( plugin=self, dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS, ) dbovirtutils.detectCommands() config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) if config.get('ENGINE_DB_PASSWORD'): try: dbenv = {} for e, k in ( (oenginecons.EngineDBEnv.HOST, 'ENGINE_DB_HOST'), (oenginecons.EngineDBEnv.PORT, 'ENGINE_DB_PORT'), (oenginecons.EngineDBEnv.USER, 'ENGINE_DB_USER'), (oenginecons.EngineDBEnv.PASSWORD, 'ENGINE_DB_PASSWORD'), (oenginecons.EngineDBEnv.DATABASE, 'ENGINE_DB_DATABASE'), ): dbenv[e] = config.get(k) for e, k in ((oenginecons.EngineDBEnv.SECURED, 'ENGINE_DB_SECURED'), (oenginecons.EngineDBEnv.SECURED_HOST_VALIDATION, 'ENGINE_DB_SECURED_VALIDATION')): dbenv[e] = config.getboolean(k) dbovirtutils.tryDatabaseConnect(dbenv) self.environment.update(dbenv) self.environment[oenginecons.EngineDBEnv. NEW_DATABASE] = dbovirtutils.isNewDatabase() self.environment[ oenginecons.EngineDBEnv. NEED_DBMSUPGRADE] = dbovirtutils.checkDBMSUpgrade() except RuntimeError: self.logger.debug( 'Existing credential use failed', exc_info=True, ) msg = _('Cannot connect to Engine database using existing ' 'credentials: {user}@{host}:{port}').format( host=dbenv[oenginecons.EngineDBEnv.HOST], port=dbenv[oenginecons.EngineDBEnv.PORT], database=dbenv[oenginecons.EngineDBEnv.DATABASE], user=dbenv[oenginecons.EngineDBEnv.USER], ) if self.environment[osetupcons.CoreEnv. ACTION] == osetupcons.Const.ACTION_REMOVE: self.logger.warning(msg) else: raise RuntimeError(msg) if not self.environment[oenginecons.EngineDBEnv.NEW_DATABASE]: statement = database.Statement( dbenvkeys=oenginecons.Const.ENGINE_DB_ENV_KEYS, environment=self.environment, ) try: justRestored = vdcoption.VdcOption( statement=statement, ).getVdcOption( 'DbJustRestored', ownConnection=True, ) self.environment[oenginecons.EngineDBEnv.JUST_RESTORED] = ( justRestored == '1') except RuntimeError: pass if self.environment[oenginecons.EngineDBEnv.JUST_RESTORED]: self.logger.info( _('The engine DB has been restored from a backup'))
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError( _('This service cannot be executed as root') ) if not os.path.exists(self._defaults): raise RuntimeError( _( "The configuration defaults file '{file}' " "required but missing" ).format( file=self._defaults, ) ) self._config = configfile.ConfigFile( ( self._defaults, config.ENGINE_NOTIFIER_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._engineArgs = [ 'ovirt-engine-notifier', '-Dlog4j.configuration=file://%s/notifier/log4j.xml' % ( self._config.get('ENGINE_ETC'), ), '-Djboss.modules.write-indexes=false', '-jar', jbossModulesJar, '-dependencies', 'org.ovirt.engine.core.tools', '-class', 'org.ovirt.engine.core.notifier.Notifier', ] self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ( '/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin' ), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'CLASSPATH': '', 'JAVA_MODULEPATH': '%s:%s' % ( self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', ) ), 'ENGINE_DEFAULTS': config.ENGINE_DEFAULTS, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_NOTIFIER_DEFAULTS': self._defaults, 'ENGINE_NOTIFIER_VARS': config.ENGINE_NOTIFIER_VARS, })
def _misc(self): def generatePassword(): rand = random.SystemRandom() return ''.join([ rand.choice(string.ascii_letters + string.digits) for i in range(32) ]) result = self.environment[oenginecons.EngineDBEnv.STATEMENT].execute( statement=""" select sso_oauth_client_exists( %(client_id)s ) as r """, args=dict(client_id=self.client_id, ), ) if result[0]['r'] == 1: self.dialog.note( text=_('Unregistering existing client registration info.'), ) self.environment[oenginecons.EngineDBEnv.STATEMENT].execute( statement=""" select sso_oauth_unregister_client( %(client_id)s ) """, args=dict(client_id=self.client_id, )) config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) if config.get('ENGINE_SSO_CLIENT_SECRET'): client_secret = config.get('ENGINE_SSO_CLIENT_SECRET') else: client_secret = generatePassword() engine_port = self.environment[ oengcommcons.ConfigEnv.HTTPS_PORT] if self.environment[ oengcommcons.ConfigEnv.JBOSS_AJP_PORT] else self.environment[ oengcommcons.ConfigEnv.JBOSS_DIRECT_HTTPS_PORT] engine_http_port = self.environment[ oengcommcons.ConfigEnv.HTTP_PORT] if self.environment[ oengcommcons.ConfigEnv.JBOSS_AJP_PORT] else self.environment[ oengcommcons.ConfigEnv.JBOSS_DIRECT_HTTP_PORT] self.environment[otopicons.CoreEnv.LOG_FILTER].append(client_secret) rc, stdout, stderr = self.execute( ( oenginecons.FileLocations.OVIRT_ENGINE_CRYPTO_TOOL, 'pbe-encode', '--password=env:pass', ), envAppend={ 'OVIRT_ENGINE_JAVA_HOME_FORCE': '1', 'OVIRT_ENGINE_JAVA_HOME': self.environment[oengcommcons.ConfigEnv.JAVA_HOME], 'OVIRT_JBOSS_HOME': self.environment[oengcommcons.ConfigEnv.JBOSS_HOME], 'pass': client_secret, }, ) self.environment[oenginecons.EngineDBEnv.STATEMENT].execute( statement=""" select sso_oauth_register_client( %(client_id)s, %(client_secret)s, %(scope)s, %(certificate)s, %(callback_prefix)s, %(description)s, %(email)s, %(trusted)s, %(notification_callback)s, %(notification_callback_host_protocol)s, %(notification_callback_host_verification)s, %(notification_callback_chain_validation)s ) """, args=dict( client_id=self.client_id, client_secret=stdout[0], scope=' '.join(( 'openid', 'ovirt-app-portal', 'ovirt-app-admin', 'ovirt-app-api', 'ovirt-ext=auth:identity', 'ovirt-ext=token:password-access', 'ovirt-ext=auth:sequence-priority', 'ovirt-ext=token:login-on-behalf', 'ovirt-ext=token-info:authz-search', 'ovirt-ext=token-info:public-authz-search', 'ovirt-ext=token-info:validate', 'ovirt-ext=revoke:revoke-all', )), certificate=( oenginecons.FileLocations.OVIRT_ENGINE_PKI_ENGINE_CERT), callback_prefix='https://%s:%s/ovirt-engine/' % ( self.environment[osetupcons.ConfigEnv.FQDN], engine_port, ), description='oVirt Engine', email='', trusted=True, notification_callback=('https://%s:%s/ovirt-engine/' 'services/sso-callback') % ( self.environment[osetupcons.ConfigEnv.FQDN], engine_port, ), notification_callback_host_protocol='TLS', notification_callback_host_verification=False, notification_callback_chain_validation=True, ), ) self.environment[otopicons.CoreEnv.MAIN_TRANSACTION].append( filetransaction.FileTransaction( name=( oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_SSO), mode=0o640, owner=self.environment[oengcommcons.SystemEnv.USER_ROOT], group=self.environment[osetupcons.SystemEnv.GROUP_ENGINE], enforcePermissions=True, content=( 'ENGINE_SSO_CLIENT_ID="{client_id}"\n' 'ENGINE_SSO_CLIENT_SECRET="{client_secret}"\n' 'ENGINE_SSO_AUTH_URL=' '"https://{fqdn}:{port}/ovirt-engine/sso"\n' 'ENGINE_SSO_SERVICE_URL=' '"https://{fqdn}:{port}/ovirt-engine/sso"\n' 'ENGINE_SSO_SERVICE_SSL_VERIFY_HOST=false\n' 'ENGINE_SSO_SERVICE_SSL_VERIFY_CHAIN=true\n' 'SSO_ALTERNATE_ENGINE_FQDNS=""\n' 'SSO_ENGINE_URL=' '"{engine_url_scheme}://{fqdn}:' '{engine_url_port}/ovirt-engine/"\n' '{devenv}').format( client_id=self.client_id, client_secret=client_secret, fqdn=("${ENGINE_FQDN}"), port=engine_port, devenv=(( 'SSO_CALLBACK_PREFIX_CHECK=false\n' if self.environment[osetupcons.CoreEnv.DEVELOPER_MODE] else '')), engine_url_scheme=(('http' if self.environment[ osetupcons.CoreEnv.DEVELOPER_MODE] else 'https')), engine_url_port=(( engine_http_port if self.environment[osetupcons.CoreEnv.DEVELOPER_MODE] else engine_port))), modifiedList=self.environment[ otopicons.CoreEnv.MODIFIED_FILES], ))
def daemonSetup(self): if os.geteuid() == 0: raise RuntimeError(_('This service cannot be executed as root')) if not os.path.exists(self._defaults): raise RuntimeError( _("The configuration defaults file '{file}' " "required but missing").format(file=self._defaults, )) self._config = configfile.ConfigFile(( self._defaults, config.ENGINE_VARS, ), ) # # the earliest so we can abort early. # self._executable = os.path.join( java.Java().getJavaHome(), 'bin', 'java', ) jbossModulesJar = os.path.join( self._config.get('JBOSS_HOME'), 'jboss-modules.jar', ) self._checkInstallation( pidfile=self.pidfile, jbossModulesJar=jbossModulesJar, ) self._tempDir = service.TempDir(self._config.get('ENGINE_TMP')) self._tempDir.create() self._jbossRuntime = service.TempDir(self._config.get('JBOSS_RUNTIME')) self._jbossRuntime.create() self._setupEngineApps() jbossTempDir = os.path.join( self._jbossRuntime.directory, 'tmp', ) jbossConfigDir = os.path.join( self._jbossRuntime.directory, 'config', ) javaModulePath = '%s:%s' % ( self._config.get('ENGINE_JAVA_MODULEPATH'), os.path.join( self._config.get('JBOSS_HOME'), 'modules', ), ) os.mkdir(jbossTempDir) os.mkdir(jbossConfigDir) os.chmod(jbossConfigDir, 0o700) jbossBootLoggingFile = self._processTemplate( template=os.path.join(os.path.dirname(sys.argv[0]), 'ovirt-engine-logging.properties.in'), dir=jbossConfigDir, ) # We start with an empty list of arguments: self._engineArgs = [] # Add arguments for the java virtual machine: self._engineArgs.extend([ # Virtual machine options: '-server', '-XX:+TieredCompilation', '-Xms%s' % self._config.get('ENGINE_HEAP_MIN'), '-Xmx%s' % self._config.get('ENGINE_HEAP_MAX'), ]) # Add extra system properties provided in the configuration: for engineProperty in shlex.split( self._config.get('ENGINE_PROPERTIES')): if not engineProperty.startswith('-D'): engineProperty = '-D' + engineProperty self._engineArgs.append(engineProperty) # Add extra jvm arguments provided in the configuration: for arg in shlex.split(self._config.get('ENGINE_JVM_ARGS')): self._engineArgs.append(arg) # Enable verbose garbage collection if required: if self._config.getboolean('ENGINE_VERBOSE_GC'): self._engineArgs.extend([ '-verbose:gc', '-XX:+PrintGCTimeStamps', '-XX:+PrintGCDetails', ]) # Specify special krb5.conf file if required if self._config.get('AAA_KRB5_CONF_FILE'): self._engineArgs.append('-Djava.security.krb5.conf=%s' % self._config.get('AAA_KRB5_CONF_FILE')) # Add arguments for JBoss: self._engineArgs.extend([ '-Djava.util.logging.manager=org.jboss.logmanager', '-Dlogging.configuration=file://%s' % jbossBootLoggingFile, '-Dorg.jboss.resolver.warning=true', '-Djboss.modules.system.pkgs=org.jboss.byteman', '-Djboss.server.default.config=ovirt-engine', '-Djboss.home.dir=%s' % self._config.get('JBOSS_HOME'), '-Djboss.server.base.dir=%s' % self._config.get('ENGINE_USR'), '-Djboss.server.data.dir=%s' % self._config.get('ENGINE_VAR'), '-Djboss.server.log.dir=%s' % self._config.get('ENGINE_LOG'), '-Djboss.server.config.dir=%s' % jbossConfigDir, '-Djboss.server.temp.dir=%s' % jbossTempDir, '-Djboss.controller.temp.dir=%s' % jbossTempDir, '-jar', jbossModulesJar, '-mp', javaModulePath, '-jaxpmodule', 'javax.xml.jaxp-provider', 'org.jboss.as.standalone', ]) self._engineEnv = os.environ.copy() self._engineEnv.update({ 'PATH': ('/usr/local/sbin:/usr/local/bin:' '/usr/sbin:/usr/bin:/sbin:/bin'), 'LANG': 'en_US.UTF-8', 'LC_ALL': 'en_US.UTF-8', 'ENGINE_DEFAULTS': self._defaults, 'ENGINE_VARS': config.ENGINE_VARS, 'ENGINE_ETC': self._config.get('ENGINE_ETC'), 'ENGINE_LOG': self._config.get('ENGINE_LOG'), 'ENGINE_TMP': self._tempDir.directory, 'ENGINE_USR': self._config.get('ENGINE_USR'), 'ENGINE_VAR': self._config.get('ENGINE_VAR'), 'ENGINE_CACHE': self._config.get('ENGINE_CACHE'), }) self._detectJBossVersion() self._jbossConfigFile = self._processTemplate( template=os.path.join( os.path.dirname(sys.argv[0]), 'ovirt-engine.xml.in', ), dir=jbossConfigDir, mode=0o600, )
def _setup(self): dbovirtutils = database.OvirtUtils( plugin=self, dbenvkeys=oclcons.Const.CINDERLIB_DB_ENV_KEYS, ) dbovirtutils.detectCommands() config = configfile.ConfigFile([ oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG_DEFAULTS, oenginecons.FileLocations.OVIRT_ENGINE_SERVICE_CONFIG ]) if config.get('CINDERLIB_DB_PASSWORD'): try: dbenv = {} for e, k in ( (oclcons.CinderlibDBEnv.HOST, 'CINDERLIB_DB_HOST'), (oclcons.CinderlibDBEnv.PORT, 'CINDERLIB_DB_PORT'), (oclcons.CinderlibDBEnv.USER, 'CINDERLIB_DB_USER'), (oclcons.CinderlibDBEnv.PASSWORD, 'CINDERLIB_DB_PASSWORD'), (oclcons.CinderlibDBEnv.DATABASE, 'CINDERLIB_DB_DATABASE'), ): dbenv[e] = config.get(k) for e, k in ((oclcons.CinderlibDBEnv.SECURED, 'CINDERLIB_DB_SECURED'), (oclcons.CinderlibDBEnv.SECURED_HOST_VALIDATION, 'CINDERLIB_DB_SECURED_VALIDATION')): dbenv[e] = config.getboolean(k) dbovirtutils.tryDatabaseConnect(dbenv) self.environment.update(dbenv) # current cinderlib engine-setup code leaves the database # empty after creation, so we can't rely on # dbovirtutils.isNewDatabase for checking this (because it # checks if there are tables in the public schema). # Always set to False if we managed to connect. TODO think # of something more robust. Perhaps create our own dummy # table to mark that it's 'populated', or save in postinstall # something saying that it's created. self.environment[oclcons.CinderlibDBEnv.NEW_DATABASE] = False self.environment[ oclcons.CinderlibDBEnv. NEED_DBMSUPGRADE] = dbovirtutils.checkDBMSUpgrade() except RuntimeError: self.logger.debug( 'Existing credential use failed', exc_info=True, ) msg = _('Cannot connect to ovirt cinderlib ' 'database using existing ' 'credentials: {user}@{host}:{port}').format( host=dbenv[oclcons.CinderlibDBEnv.HOST], port=dbenv[oclcons.CinderlibDBEnv.PORT], database=dbenv[oclcons.CinderlibDBEnv.DATABASE], user=dbenv[oclcons.CinderlibDBEnv.USER], ) if self.environment[osetupcons.CoreEnv. ACTION] == osetupcons.Const.ACTION_REMOVE: self.logger.warning(msg) else: raise RuntimeError(msg)
class UsageError(Exception): """ Raised when usage is wrong """ class LogAdapter(logging.LoggerAdapter): def __init__(self, logger, extra={}, correlation_id=None): super(LogAdapter, self).__init__(logger, extra) self.correlation_id = correlation_id def process(self, msg, kwargs): return '%s [%s]' % (msg, self.correlation_id), kwargs conf = configfile.ConfigFile([config.ENGINE_DEFAULTS]) def get_ssh_known_hosts(): ssh_dir = os.path.join(conf.get('ENGINE_ETC'), 'cinderlib') ssh_file = os.path.join(ssh_dir, 'ssh_known_hosts') return ssh_file def main(args=None): if cl is None: sys.stderr.write("cinderlib package not available") sys.exit(1) parser = argparse.ArgumentParser(description="oVirt Cinder Library client")