CLOUDSTACK-500: Fix race condition between password server and iptables-persistent

Fixes order of service startup. Fixes file redirectors. Signed-off-by: Rohit Yadav <bhaisaab@apache.org>
2025-10-26 08:42:29 +01:00 · 2012-11-23 15:42:09 +05:30 · 2012-11-23 15:42:09 +05:30 · ac1920ee9d
commit ac1920ee9d
parent 40ff63564b
2 changed files with 22 additions and 10 deletions
--- a/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr
+++ b/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr
@ -1,7 +1,7 @@
 #!/bin/bash 
 ### BEGIN INIT INFO
 # Provides:          cloud-passwd-srvr
-# Required-Start:    mountkernfs $local_fs cloud-early-config
+# Required-Start:    mountkernfs $local_fs cloud-early-config iptables-persistent
 # Required-Stop:     $local_fs
 # Should-Start:      
 # Should-Stop:       
@ -37,7 +37,19 @@ add_iptables_rules()
  #For all cidrs on eth0 for port 8080 accept only if source is withing that cidr
  for cidr in $(ip addr | grep eth0 | grep inet | awk '{print $2}');
  do
-    iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp -s $cidr --dport 8080 -j ACCEPT
+    count=1
+    #Try for 10 times, if it still fails then bail
+    while [ $count -le 10 ];
+    do
+      (( count++ ))
+      iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp -s $cidr --dport 8080 -j ACCEPT
+      if [ `iptables -L INPUT -n -v | grep eth0 | grep 8080 | grep ACCEPT | wc -l` -gt 0 ]
+      then
+        break
+      else
+        sleep 2
+      fi
+    done
  done
  echo "Added cloud-passwd-srvr iptables rules" && return 0
 }
--- a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh
@ -74,6 +74,8 @@ routing_svcs() {
   chkconfig ssh on
   chkconfig nfs-common off
   chkconfig portmap off
+   echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs
+   echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
   if [ $RROUTER -eq 0 ]
   then
       chkconfig dnsmasq off
@ -81,18 +83,16 @@ routing_svcs() {
       chkconfig keepalived on
       chkconfig conntrackd on
       chkconfig postinit on
-       echo "keepalived conntrackd postinit" > /var/cache/cloud/enabled_svcs
-       echo "dnsmasq cloud-passwd-srvr" > /var/cache/cloud/disabled_svcs
+       echo "keepalived conntrackd postinit" >> /var/cache/cloud/enabled_svcs
+       echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs
   else
       chkconfig dnsmasq on
       chkconfig cloud-passwd-srvr on
       chkconfig keepalived off
       chkconfig conntrackd off
-       echo "dnsmasq cloud-passwd-srvr " > /var/cache/cloud/enabled_svcs
-       echo "keepalived conntrackd " > /var/cache/cloud/disabled_svcs
+       echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs
+       echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs
   fi
-   echo "ssh haproxy apache2" >> /var/cache/cloud/enabled_svcs
-   echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs
 }

 vpcrouting_svcs() {
@ -119,7 +119,7 @@ dhcpsrvr_svcs() {
   chkconfig portmap off
   chkconfig keepalived off
   chkconfig conntrackd off
-   echo "cloud-passwd-srvr ssh dnsmasq apache2" > /var/cache/cloud/enabled_svcs
+   echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs
   echo "cloud nfs-common haproxy portmap" > /var/cache/cloud/disabled_svcs
 }

@ -132,7 +132,7 @@ elbvm_svcs() {
   chkconfig keepalived off
   chkconfig conntrackd off
   echo "ssh haproxy" > /var/cache/cloud/enabled_svcs
-   echo "cloud cloud-passwd-srvr dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
+   echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs
 }

 enable_pcihotplug() {