From ac1920ee9d2f1f1cfbc1a60a03b13d3c4a3e510e Mon Sep 17 00:00:00 2001 From: Rohit Yadav Date: Fri, 23 Nov 2012 15:42:09 +0530 Subject: [PATCH] CLOUDSTACK-500: Fix race condition between password server and iptables-persistent Fixes order of service startup. Fixes file redirectors. Signed-off-by: Rohit Yadav --- .../debian/config/etc/init.d/cloud-passwd-srvr | 16 ++++++++++++++-- .../debian/config/opt/cloud/bin/patchsystemvm.sh | 16 ++++++++-------- 2 files changed, 22 insertions(+), 10 deletions(-) diff --git a/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr b/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr index 7c938f7a025..f893a30704f 100755 --- a/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr +++ b/patches/systemvm/debian/config/etc/init.d/cloud-passwd-srvr @@ -1,7 +1,7 @@ #!/bin/bash ### BEGIN INIT INFO # Provides: cloud-passwd-srvr -# Required-Start: mountkernfs $local_fs cloud-early-config +# Required-Start: mountkernfs $local_fs cloud-early-config iptables-persistent # Required-Stop: $local_fs # Should-Start: # Should-Stop: @@ -37,7 +37,19 @@ add_iptables_rules() #For all cidrs on eth0 for port 8080 accept only if source is withing that cidr for cidr in $(ip addr | grep eth0 | grep inet | awk '{print $2}'); do - iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp -s $cidr --dport 8080 -j ACCEPT + count=1 + #Try for 10 times, if it still fails then bail + while [ $count -le 10 ]; + do + (( count++ )) + iptables -A INPUT -i eth0 -p tcp -m state --state NEW -m tcp -s $cidr --dport 8080 -j ACCEPT + if [ `iptables -L INPUT -n -v | grep eth0 | grep 8080 | grep ACCEPT | wc -l` -gt 0 ] + then + break + else + sleep 2 + fi + done done echo "Added cloud-passwd-srvr iptables rules" && return 0 } diff --git a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh index 3bbf7b1bf88..8816ad7c068 100755 --- a/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh +++ b/patches/systemvm/debian/config/opt/cloud/bin/patchsystemvm.sh @@ -74,6 +74,8 @@ routing_svcs() { chkconfig ssh on chkconfig nfs-common off chkconfig portmap off + echo "ssh haproxy apache2" > /var/cache/cloud/enabled_svcs + echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs if [ $RROUTER -eq 0 ] then chkconfig dnsmasq off @@ -81,18 +83,16 @@ routing_svcs() { chkconfig keepalived on chkconfig conntrackd on chkconfig postinit on - echo "keepalived conntrackd postinit" > /var/cache/cloud/enabled_svcs - echo "dnsmasq cloud-passwd-srvr" > /var/cache/cloud/disabled_svcs + echo "keepalived conntrackd postinit" >> /var/cache/cloud/enabled_svcs + echo "dnsmasq cloud-passwd-srvr" >> /var/cache/cloud/disabled_svcs else chkconfig dnsmasq on chkconfig cloud-passwd-srvr on chkconfig keepalived off chkconfig conntrackd off - echo "dnsmasq cloud-passwd-srvr " > /var/cache/cloud/enabled_svcs - echo "keepalived conntrackd " > /var/cache/cloud/disabled_svcs + echo "dnsmasq cloud-passwd-srvr " >> /var/cache/cloud/enabled_svcs + echo "keepalived conntrackd " >> /var/cache/cloud/disabled_svcs fi - echo "ssh haproxy apache2" >> /var/cache/cloud/enabled_svcs - echo "cloud nfs-common portmap" > /var/cache/cloud/disabled_svcs } vpcrouting_svcs() { @@ -119,7 +119,7 @@ dhcpsrvr_svcs() { chkconfig portmap off chkconfig keepalived off chkconfig conntrackd off - echo "cloud-passwd-srvr ssh dnsmasq apache2" > /var/cache/cloud/enabled_svcs + echo "ssh dnsmasq cloud-passwd-srvr apache2" > /var/cache/cloud/enabled_svcs echo "cloud nfs-common haproxy portmap" > /var/cache/cloud/disabled_svcs } @@ -132,7 +132,7 @@ elbvm_svcs() { chkconfig keepalived off chkconfig conntrackd off echo "ssh haproxy" > /var/cache/cloud/enabled_svcs - echo "cloud cloud-passwd-srvr dnsmasq apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs + echo "cloud dnsmasq cloud-passwd-srvr apache2 nfs-common portmap" > /var/cache/cloud/disabled_svcs } enable_pcihotplug() {