Merge release branch 4.9 to master

* 4.9: Revert "Merge pull request #2084 from shapeblue/passwd-speedup"
2025-10-26 08:42:29 +01:00 · 2017-06-26 09:59:13 +05:30 · 2017-06-26 09:59:13 +05:30 · d577adeaa8
commit d577adeaa8
parent b9a4cb8770 24434beb42
5 changed files with 68 additions and 91 deletions
--- a/systemvm/patches/debian/config/opt/cloud/bin/configure.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/configure.py
@ -45,6 +45,36 @@ from cs.CsProcess import CsProcess
 from cs.CsStaticRoutes import CsStaticRoutes
 class CsPassword(CsDataBag):
    TOKEN_FILE="/tmp/passwdsrvrtoken"
    def process(self):
        for item in self.dbag:
            if item == "id":
                continue
            self.__update(item, self.dbag[item])
    def __update(self, vm_ip, password):
        token = ""
        try:
            tokenFile = open(self.TOKEN_FILE)
            token = tokenFile.read()
        except IOError:
            logging.debug("File %s does not exist" % self.TOKEN_FILE)
        ips_cmd = "ip addr show | grep inet | awk '{print $2}'"
        ips = CsHelper.execute(ips_cmd)
        for ip in ips:
            server_ip = ip.split('/')[0]
            proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', server_ip])
            if proc.find():
                update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
                '-F "token={TOKEN}" >/dev/null 2>/dev/null &'.format(SERVER_IP=server_ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
                result = CsHelper.execute(update_command)
                logging.debug("Update password server result ==> %s" % result)
 class CsAcl(CsDataBag):
    """
        Deal with Network acls
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsVmPassword.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsVmPassword.py
@ -1,61 +0,0 @@
 #!/usr/bin/python
 # -- coding: utf-8 --
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 # http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 import CsHelper
 from CsProcess import CsProcess
 from netaddr import IPNetwork, IPAddress
 import logging
 class CsPassword:
    TOKEN_FILE="/tmp/passwdsrvrtoken"
    def __init__(self, dbag):
        self.dbag = dbag
        self.process()
    def process(self):
        self.__update(self.dbag['ip_address'], self.dbag['password'])
    def __update(self, vm_ip, password):
        token = ""
        try:
            tokenFile = open(self.TOKEN_FILE)
            token = tokenFile.read()
        except IOError:
            logging.debug("File %s does not exist" % self.TOKEN_FILE)
        logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
        get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
        cidrs = CsHelper.execute(get_cidrs_cmd)
        logging.debug("Found these CIDRs: %s" % cidrs)
        for cidr in cidrs:
            logging.debug("Processing CIDR '%s'" % cidr)
            if IPAddress(vm_ip) in IPNetwork(cidr):
                ip = cidr.split('/')[0]
                logging.debug("Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip))
                proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip])
                if proc.find():
                    update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
                                     '-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
                    result = CsHelper.execute(update_command)
                    logging.debug("Update password server result ==> %s" % result)
                else:
                    logging.debug("Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)" % ip)
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py
@ -0,0 +1,27 @@
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 from pprint import pprint
 from netaddr import *
 def merge(dbag, data):
    """
    Track vm passwords
    """
    dbag[data['ip_address']] = data['password']
    return dbag
--- a/systemvm/patches/debian/config/opt/cloud/bin/merge.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/merge.py
@ -23,6 +23,7 @@ import logging
 import cs_ip
 import cs_guestnetwork
 import cs_cmdline
 import cs_vmp
 import cs_network_acl
 import cs_firewallrules
 import cs_loadbalancer
@ -35,6 +36,8 @@ import cs_remoteaccessvpn
 import cs_vpnusers
 import cs_staticroutes
 from pprint import pprint
 class DataBag:
@ -103,6 +106,8 @@ class updateDataBag:
            dbag = self.processGuestNetwork(self.db.getDataBag())
        elif self.qFile.type == 'cmdline':
            dbag = self.processCL(self.db.getDataBag())
        elif self.qFile.type == 'vmpassword':
            dbag = self.processVMpassword(self.db.getDataBag())
        elif self.qFile.type == 'networkacl':
            dbag = self.process_network_acl(self.db.getDataBag())
        elif self.qFile.type == 'firewallrules':
@ -184,6 +189,9 @@ class updateDataBag:
    def process_staticroutes(self, dbag):
        return cs_staticroutes.merge(dbag, self.qFile.data)
    def processVMpassword(self, dbag):
        return cs_vmp.merge(dbag, self.qFile.data)
    def processForwardingRules(self, dbag):
        # to be used by both staticnat and portforwarding
        return cs_forwardingrules.merge(dbag, self.qFile.data)
@ -268,21 +276,13 @@ class QueueFile:
    fileName = ''
    configCache = "/var/cache/cloud"
    keep = True
    do_merge = True
    data = {}
    def update_databag(self):
        if self.do_merge:
            logging.info("Merging because do_merge is %s" % self.do_merge)
            updateDataBag(self)
        else:
            logging.info("Not merging because do_merge is %s" % self.do_merge)
    def load(self, data):
        if data is not None:
            self.data = data
            self.type = self.data["type"]
-            self.update_databag()
+            proc = updateDataBag(self)
            return
        fn = self.configCache + '/' + self.fileName
        try:
@ -297,7 +297,7 @@ class QueueFile:
                self.__moveFile(fn, self.configCache + "/processed")
            else:
                os.remove(fn)
-            self.update_databag()
+            proc = updateDataBag(self)
    def setFile(self, name):
        self.fileName = name
--- a/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/update_config.py
@ -25,7 +25,6 @@ import os
 import os.path
 import configure
 import json
 from cs.CsVmPassword import *
 logging.basicConfig(filename='/var/log/cloud.log', level=logging.INFO, format='%(asctime)s  %(filename)s %(funcName)s:%(lineno)d %(message)s')
@ -46,31 +45,17 @@ def finish_config():
    sys.exit(returncode)
-def process(do_merge=True):
+def process_file():
    print "[INFO] Processing JSON file %s" % sys.argv[1]
    qf = QueueFile()
    qf.setFile(sys.argv[1])
    qf.do_merge = do_merge
    qf.load(None)
    return qf
 def process_file():
    print "[INFO] process_file"
    qf = process()
    # These can be safely deferred, dramatically speeding up loading times
    if not (os.environ.get('DEFER_CONFIG', False) and sys.argv[1] in ('vm_dhcp_entry.json', 'vm_metadata.json')):
        # Converge
        finish_config()
 def process_vmpasswd():
    print "[INFO] process_vmpassword"
    qf = process(False)
    print "[INFO] Sending password to password server"
    CsPassword(qf.getData())
 def is_guestnet_configured(guestnet_dict, keys):
    existing_keys = []
@ -152,10 +137,6 @@ if sys.argv[1] == "guest_network.json":
    else:
        print "[INFO] update_config.py :: No GuestNetwork configured yet. Configuring first one now."
        process_file()
 # Bypass saving passwords and running full config/convergence, just feed passwd to passwd server and stop
 elif sys.argv[1].startswith("vm_password.json"):
    print "[INFO] update_config.py :: Processing incoming vm_passwd file => %s" % sys.argv[1]
    process_vmpasswd()
 else:
    print "[INFO] update_config.py :: Processing incoming file => %s" % sys.argv[1]
    process_file()