def sync_vm_rules(project_id=None):
"""Sync security groups for the given instance UUID (-I)"""
if not env.instance_uuid and project_id is None:
error("No instance ID or project specified.")
if env.instance_uuid:
uuid = env.instance_uuid
nova_client = client()
server = nova_client.servers.get(uuid)
project_id = server.tenant_id
with show('stdout', 'stderr'):
run('nova-manage project sync_secgroups %s' % project_id)
def sync_vm_rules(project_id=None):
"""Sync security groups for the given instance UUID (-I)"""
if not env.instance_uuid and project_id is None:
error("No instance ID or project specified.")
if env.instance_uuid:
uuid = env.instance_uuid
nova_client = client()
server = nova_client.servers.get(uuid)
project_id = server.tenant_id
with show('stdout', 'stderr'):
run('nova-manage project sync_secgroups %s' % project_id)
def parse_rules():
output = run("iptables -n -L")
instance_id = None
in_host_rules = False
host_rules = defaultdict(list)
for line in output.split('\n'):
match = comput_rule_re.match(line)
if match:
instance_id = match.groups()[0]
in_host_rules = True
continue
if not in_host_rules:
continue
columns = line.split()
# Reset back to default state if no longer parsing an
# instances firewall.
if not columns:
in_host_rules = False
instance_id = None
continue
# Skip the column headers
if columns[0] == 'target':
continue
rule = {'target': columns[0],
'protocol': columns[1],
'options': columns[2],
'source': columns[3],
'destination': columns[4],
'filter': ' '.join(columns[5:])}
host_rules[instance_id].append(rule)
return host_rules
def parse_rules():
output = run("iptables -n -L")
instance_id = None
in_host_rules = False
host_rules = defaultdict(list)
for line in output.split('\n'):
match = comput_rule_re.match(line)
if match:
instance_id = match.groups()[0]
in_host_rules = True
continue
if not in_host_rules:
continue
columns = line.split()
# Reset back to default state if no longer parsing an
# instances firewall.
if not columns:
in_host_rules = False
instance_id = None
continue
# Skip the column headers
if columns[0] == 'target':
continue
rule = {
'target': columns[0],
'protocol': columns[1],
'options': columns[2],
'source': columns[3],
'destination': columns[4],
'filter': ' '.join(columns[5:])
}
host_rules[instance_id].append(rule)
return host_rules
def list_services():
output = run("nova-manage service list 2>/dev/null")
services = []
header = None
for line in output.split("\n"):
if not header:
header = [l.lower() for l in line.split()]
continue
services.append(dict(zip(header, line.split())))
return services
def list_services():
output = run("nova-manage service list 2>/dev/null")
services = []
header = None
for line in output.split("\n"):
if not header:
header = [l.lower() for l in line.split()]
continue
services.append(dict(zip(header, line.split())))
return services
def backup_ring():
services = identify_role_service()
run("mkdir -p /etc/swift/backup_upgrade")
run("cp /etc/swift/***.ring.gz /etc/swift/backup_upgrade/")
if 'swift-proxy' in services:
run("cp /etc/swift/***.builder /etc/swift/backup_upgrade/",
warn_only=True, quiet=True)
def list_service():
cmd_output = run("swift-init all status", warn_only=True, quiet=True)
running_services = []
disabled_services = []
get_services = [line for line in cmd_output.split("\n")]
services_run = [rs for rs in get_services if "No" not in rs]
for s in services_run:
running_services.append(s.split()[0])
services_no = [ds for ds in get_services if "No" in ds]
for s in services_no:
disabled_services.append(s.split()[1])
return running_services, disabled_services
def list_service():
cmd_output = run("swift-init all status", warn_only=True, quiet=True)
running_services = []
disabled_services = []
get_services = [line for line in cmd_output.split("\n")]
services_run = [rs for rs in get_services if "No" not in rs]
for s in services_run:
running_services.append(s.split()[0])
services_no = [ds for ds in get_services if "No" in ds]
for s in services_no:
disabled_services.append(s.split()[1])
return running_services, disabled_services
def backup_ring():
services = identify_role_service()
run("mkdir -p /etc/swift/backup_upgrade")
run("cp /etc/swift/***.ring.gz /etc/swift/backup_upgrade/")
if 'swift-proxy' in services:
run("cp /etc/swift/***.builder /etc/swift/backup_upgrade/",
warn_only=True,
quiet=True)
def list_instances():
"""List virtual machines on a host."""
output = run("virsh list")
headers = None
servers = []
for line in output.split("\n"):
if headers is None:
headers = [l.lower() for l in line.split()]
continue
if line.startswith("-----"):
continue
row = dict(zip(headers, line.split()))
with quiet():
row["uuid"] = f_run("virsh domuuid %s" % row["id"])
row["nova_id"] = int(row['name'].split('-')[1], 16)
servers.append(row)
return servers
def list_instances():
"""List virtual machines on a host."""
output = run("virsh list")
headers = None
servers = []
for line in output.split("\n"):
if headers is None:
headers = [l.lower() for l in line.split()]
continue
if line.startswith("-----"):
continue
row = dict(zip(headers, line.split()))
with quiet():
row["uuid"] = f_run("virsh domuuid %s" % row["id"])
row["nova_id"] = int(row['name'].split('-')[1], 16)
servers.append(row)
return servers
def stop_services(services='all'):
if services is 'all':
run("swift-init all stop", warn_only=True, quiet=True)
elif services is 'background':
#stop non-server process on storage node
run("swift-init account-replicator stop")
run("swift-init account-reaper stop")
run("swift-init account-auditor stop")
run("swift-init object-replicator stop")
run("swift-init object-auditor stop")
run("swift-init object-updater stop")
run("swift-init container-replicator stop")
run("swift-init container-updater stop")
run("swift-init container-auditor stop")
else:
puts("No such services %s" % services)
def puppet_sync():
operations.run("/usr/local/sbin/sync-puppet.sh")
def start_services():
cmd_output = run("swift-init all start",
warn_only=True, quiet=True)
return cmd_output
def stop_services(services='all'):
if services is 'all':
run("swift-init all stop",
warn_only=True, quiet=True)
elif services is 'background':
# stop non-server process on storage node
run("swift-init account-replicator stop")
run("swift-init account-reaper stop")
run("swift-init account-auditor stop")
run("swift-init object-replicator stop")
run("swift-init object-auditor stop")
run("swift-init object-updater stop")
run("swift-init container-replicator stop")
run("swift-init container-updater stop")
run("swift-init container-auditor stop")
else:
puts("No such services %s" % services)
def enable_host_services(host=None):
if not host:
host = current_host()
for service in host_services(host):
run("nova-manage service enable --host %s --service %s" %
(service["host"], service["binary"]))
def enable_host_services(host=None):
if not host:
host = current_host()
for service in host_services(host):
run("nova-manage service enable --host %s --service %s" %
(service["host"], service["binary"]))
def puppet_sync():
operations.run("/usr/local/sbin/sync-puppet.sh")
def start_services():
cmd_output = run("swift-init all start", warn_only=True, quiet=True)
return cmd_output