def save_config(self, config, interface_map): """ Save iptables-persistent firewall rules to disk. :param config: The akanda configuration to save to disk :type config: akanda.rug.models.Configuration :param interface_map: A mapping of virtual ('ge0') to physical ('eth0') interface names :type interface_map: dict """ rules = itertools.chain( self._build_filter_table(config), self._build_nat_table(config), self._build_raw_table(config) ) for version, rules in zip((4, 6), itertools.tee(rules)): data = "\n".join(map(str, [r for r in rules if getattr(r, "for_v%s" % version)])) # Map virtual interface names real_name = interface_map.get("ge0")[:-1] ifname_re = "\-(?P<flag>i|o)(?P<ws>[\s!])(?P<not>!?)(?P<if>ge)(?P<no>\d+)" # noqa ifname_sub = r"-\g<flag>\g<ws>\g<not>%s\g<no>" % real_name data = re.sub(ifname_re, ifname_sub, data) + "\n" utils.replace_file("/tmp/ip%stables.rules" % version, data) utils.execute( ["mv", "/tmp/ip%stables.rules" % version, "/etc/iptables/rules.v%s" % version], self.root_helper )
def save_config(self, config, interface_map): ''' Save iptables-persistent firewall rules to disk. :param config: The akanda configuration to save to disk :type config: akanda.rug.models.Configuration :param interface_map: A mapping of virtual ('ge0') to physical ('eth0') interface names :type interface_map: dict ''' rules = itertools.chain(self._build_filter_table(config), self._build_nat_table(config), self._build_raw_table(config)) for version, rules in zip((4, 6), itertools.tee(rules)): data = '\n'.join( map(str, [r for r in rules if getattr(r, 'for_v%s' % version)])) # Map virtual interface names real_name = interface_map.get('ge0')[:-1] ifname_re = '\-(?P<flag>i|o)(?P<ws>[\s!])(?P<not>!?)(?P<if>ge)(?P<no>\d+)' # noqa ifname_sub = r'-\g<flag>\g<ws>\g<not>%s\g<no>' % real_name data = re.sub(ifname_re, ifname_sub, data) + '\n' utils.replace_file('/tmp/ip%stables.rules' % version, data) utils.execute([ 'mv', '/tmp/ip%stables.rules' % version, '/etc/iptables/rules.v%s' % version ], self.root_helper)
def save_config(self, config): config_data = build_config(config) replace_file( '/tmp/metadata.conf', json.dumps(config_data, sort_keys=True) ) execute(['mv', '/tmp/metadata.conf', CONF_PATH], self.root_helper)
def update_network_dhcp_config(self, ifname, network): if network.is_tenant_network: config_data = self._build_dhcp_config(ifname, network) else: config_data = self._build_disabled_config(ifname) file_path = os.path.join(CONF_DIR, '%s.conf' % ifname) utils.replace_file('/tmp/dnsmasq.conf', config_data) utils.execute(['mv', '/tmp/dnsmasq.conf', file_path], self.root_helper)
def update_hosts(self, config): mgr = ip.IPManager() listen_ip = mgr.get_management_address() config_data = [ '127.0.0.1 localhost', '::1 localhost ip6-localhost ip6-loopback', '%s %s' % (listen_ip, config.hostname) ] utils.replace_file('/tmp/hosts', '\n'.join(config_data)) utils.execute(['mv', '/tmp/hosts', '/etc/hosts'], self.root_helper)
def _output_hosts_file(self): """Writes a dnsmasq compatible hosts file.""" r = re.compile('[:.]') buf = StringIO() for alloc in self.allocations: name = '%s.%s' % (r.sub('-', alloc.ip_address), self.domain) buf.write('%s,%s,%s\n' % (alloc.mac_address, name, alloc.ip_address)) replace_file(HOSTS_FILE, buf.getvalue())
def save_config(self, config): """ Writes <config> to the metadata configuration file (<CONF_PATH>). :type config: akanda.router.models.Configuration :param config: An akanda.router.models.Configuration object containing the configuration of metadata service. """ config_data = build_config(config) replace_file('/tmp/metadata.conf', json.dumps(config_data, sort_keys=True)) execute(['mv', '/tmp/metadata.conf', CONF_PATH], self.root_helper)
def update_hosts(self, config): mgt_addr = config.management_address if not mgt_addr: return config_data = [ '127.0.0.1 localhost', '::1 localhost ip6-localhost ip6-loopback', '%s %s' % (mgt_addr, config.hostname) ] utils.replace_file('/tmp/hosts', '\n'.join(config_data)) utils.execute(['mv', '/tmp/hosts', '/etc/hosts'], self.root_helper)
def _output_opts_file(self): """Write a dnsmasq compatible options file.""" # TODO (mark): add support for nameservers options = [] for interface in self.interfaces: options.append((self.tags[interface.ip], 'option', 'router', interface.ip)) # XXX name is never used; please fix (remove it or use it) name = self.get_conf_file_name('opts') replace_file(OPTS_FILE, '\n'.join(['tag:%s,%s:%s,%s' % o for o in options]))
def save_config(self, config, if_map): """ Writes config file for bird daemon. :type config: akanda.router.models.Configuration :param config: :type if_map: dict :param if_map: A (dict) mapping of generic to physical hostname, e.g.: {'ge0': 'eth0', 'ge1': 'eth1'} """ config_data = build_config(config, if_map) utils.replace_file('/tmp/bird6.conf', config_data) utils.execute(['mv', '/tmp/bird6.conf', CONF_PATH], self.root_helper)
def save_config(self, config): """ Writes <config> to the metadata configuration file (<CONF_PATH>). :type config: akanda.router.models.Configuration :param config: An akanda.router.models.Configuration object containing the configuration of metadata service. """ config_data = build_config(config) replace_file( '/tmp/metadata.conf', json.dumps(config_data, sort_keys=True) ) execute(['mv', '/tmp/metadata.conf', CONF_PATH], self.root_helper)
def update_network_dhcp_config(self, ifname, network): """ Updates the dnsmasq.conf config, enabling dhcp configuration for nova networks that are mapped to tenants and disabling networks that do not map to tenants. :type ifname: str :param ifname: :type network: :param network: """ if network.is_tenant_network: config_data = self._build_dhcp_config(ifname, network) else: config_data = self._build_disabled_config(ifname) file_path = os.path.join(CONF_DIR, '%s.conf' % ifname) utils.replace_file('/tmp/dnsmasq.conf', config_data) utils.execute(['mv', '/tmp/dnsmasq.conf', file_path], self.root_helper)
def save_config(self, config, if_map): config_data = build_config(config, if_map) replace_file('/tmp/bird6.conf', config_data) execute(['mv', '/tmp/bird6.conf', CONF_PATH], self.root_helper)
def update_hostname(self, config): self.sudo(config.hostname) utils.replace_file('/tmp/hostname', config.hostname) utils.execute( ['mv', '/tmp/hostname', '/etc/hostname'], self.root_helper )
def update_hostname(self, config): self.sudo(config.hostname) utils.replace_file('/tmp/hostname', config.hostname) utils.execute(['mv', '/tmp/hostname', '/etc/hostname'], self.root_helper)
def update_conf(self, conf_data): replace_file('/tmp/pf.conf', conf_data) execute(['mv', '/tmp/pf.conf', '/etc/pf.conf'], self.root_helper) self.sudo('-f', '/etc/pf.conf')