def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
protocol = self.protocol_util.get_protocol()
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
success = self.osutil.enable_firewall(
dst_ip=protocol.endpoint,
uid=os.getuid())
add_periodic(
logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.purge_disk_cache()
time.sleep(5)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp clinet process re-start has occurred, reset routes.
"""
protocol = self.protocol_util.get_protocol()
while not self.stopped:
self.osutil.remove_rules_files()
# Disable setting firewall for now, regardless of configuration switch
# if conf.enable_firewall():
# success = self.osutil.enable_firewall(
# dst_ip=protocol.endpoint,
# uid=os.getuid())
# add_periodic(
# logger.EVERY_HOUR,
# AGENT_NAME,
# version=CURRENT_VERSION,
# op=WALAEventOperation.Firewall,
# is_success=success,
# log_event=True)
self.osutil.remove_firewall()
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
time.sleep(5)
def monitor(self):
"""
Monitor dhcp client pid and hostname.
If dhcp clinet process re-start has occurred, reset routes.
"""
while not self.stopped:
self.osutil.remove_rules_files()
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
time.sleep(5)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
# The initialization of ProtocolUtil for the Environment thread should be done within the thread itself rather
# than initializing it in the ExtHandler thread. This is done to avoid any concurrency issues as each
# thread would now have its own ProtocolUtil object as per the SingletonPerThread model.
self.protocol_util = get_protocol_util()
protocol = self.protocol_util.get_protocol()
reset_firewall_fules = False
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not reset_firewall_fules:
self.osutil.remove_firewall(dst_ip=protocol.get_endpoint(),
uid=os.getuid())
reset_firewall_fules = True
success = self.osutil.enable_firewall(
dst_ip=protocol.get_endpoint(), uid=os.getuid())
add_periodic(logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.archive_history()
time.sleep(5)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
protocol = self.protocol_util.get_protocol()
reset_firewall_fules = False
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not reset_firewall_fules:
self.osutil.remove_firewall(dst_ip=protocol.endpoint, uid=os.getuid())
reset_firewall_fules = True
success = self.osutil.enable_firewall(
dst_ip=protocol.endpoint,
uid=os.getuid())
add_periodic(
logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.archive_history()
time.sleep(5)
def monitor(self):
"""
Monitor firewall rules
Monitor dhcp client pid and hostname.
If dhcp client process re-start has occurred, reset routes.
Purge unnecessary files from disk cache.
"""
protocol = self.protocol_util.get_protocol()
reset_firewall_fules = False
while not self.stopped:
self.osutil.remove_rules_files()
if conf.enable_firewall():
# If the rules ever change we must reset all rules and start over again.
#
# There was a rule change at 2.2.26, which started dropping non-root traffic
# to WireServer. The previous rules allowed traffic. Having both rules in
# place negated the fix in 2.2.26.
if not reset_firewall_fules:
self.osutil.remove_firewall(dst_ip=protocol.endpoint,
uid=os.getuid())
reset_firewall_fules = True
success = self.osutil.enable_firewall(dst_ip=protocol.endpoint,
uid=os.getuid())
add_periodic(logger.EVERY_HOUR,
AGENT_NAME,
version=CURRENT_VERSION,
op=WALAEventOperation.Firewall,
is_success=success,
log_event=False)
timeout = conf.get_root_device_scsi_timeout()
if timeout is not None:
self.osutil.set_scsi_disks_timeout(timeout)
if conf.get_monitor_hostname():
self.handle_hostname_update()
self.handle_dhclient_restart()
self.archive_history()
time.sleep(5)
def daemon(self):
try:
# The initialization of the protocol needs to be done within the environment thread itself rather
# than initializing it in the ExtHandler thread. This is done to avoid any concurrency issues as each
# thread would now have its own ProtocolUtil object as per the SingletonPerThread model.
protocol_util = get_protocol_util()
protocol = protocol_util.get_protocol()
osutil = get_osutil()
periodic_operations = [
RemovePersistentNetworkRules(osutil),
MonitorDhcpClientRestart(osutil),
CleanupGoalStateHistory()
]
if conf.enable_firewall():
periodic_operations.append(EnableFirewall(osutil, protocol))
if conf.get_root_device_scsi_timeout() is not None:
periodic_operations.append(SetRootDeviceScsiTimeout(osutil))
if conf.get_monitor_hostname():
periodic_operations.append(MonitorHostNameChanges(osutil))
while not self.stopped:
try:
for op in periodic_operations:
op.run()
except Exception as e:
logger.error(
"An error occurred in the environment thread main loop; will skip the current iteration.\n{0}",
ustr(e))
finally:
PeriodicOperation.sleep_until_next_operation(
periodic_operations)
except Exception as e:
logger.error(
"An error occurred in the environment thread; will exit the thread.\n{0}",
ustr(e))
def __init__(self):
self.osutil = get_osutil()
self.dhcp_handler = get_dhcp_handler()
self.protocol_util = None
self._protocol = None
self.stopped = True
self.hostname = None
self.dhcp_id_list = []
self.server_thread = None
self.dhcp_warning_enabled = True
self.archiver = StateArchiver(conf.get_lib_dir())
self._reset_firewall_rules = False
self._periodic_operations = [
PeriodicOperation("_remove_persistent_net_rules", self._remove_persistent_net_rules_period, conf.get_remove_persistent_net_rules_period()),
PeriodicOperation("_monitor_dhcp_client_restart", self._monitor_dhcp_client_restart, conf.get_monitor_dhcp_client_restart_period()),
PeriodicOperation("_cleanup_goal_state_history", self._cleanup_goal_state_history, conf.get_goal_state_history_cleanup_period())
]
if conf.enable_firewall():
self._periodic_operations.append(PeriodicOperation("_enable_firewall", self._enable_firewall, conf.get_enable_firewall_period()))
if conf.get_root_device_scsi_timeout() is not None:
self._periodic_operations.append(PeriodicOperation("_set_root_device_scsi_timeout", self._set_root_device_scsi_timeout, conf.get_root_device_scsi_timeout_period()))
if conf.get_monitor_hostname():
self._periodic_operations.append(PeriodicOperation("_monitor_hostname", self._monitor_hostname_changes, conf.get_monitor_hostname_period()))
def _operation(self):
self._osutil.set_scsi_disks_timeout(
conf.get_root_device_scsi_timeout())
def _set_root_device_scsi_timeout(self):
self.osutil.set_scsi_disks_timeout(conf.get_root_device_scsi_timeout())