The problem is that teh convergence model does not works as it currently is
Firewall rules will get added but not deleted
This builds a table of firewall rules that need to be present
The new CsNetfilter class will then do:
1. Add rules that are not present
2. Delete any that were not explicitly in the add list
WIP
cloud-early-config now saves its input file to /var/cache/cloud
Execute load cmd_line.json in update_config
Old way of working still in there to stop and possible clash until the base image is made
Also found condition inw hich apache would be miscobfigured and failed to run (I love tests!!)
Fixed configure.py to cover this case
Added a test to provoke this case!
Fixed tests to use /var/cache/cloud
Added some test files but will remove them when tests are properly completed
Fixed a bug in configure that did not deal well with databags with empty dev sections
Added the last pieces of vpc guest network
password server and associated FW rules
Added apache2 config and start of server
Corrected a bug in CsFile
Fixed some of the many pyLint bleats
Replace chef with a python script
configure.py will read the bags and (hopefully) create the desired state
At this stage this is ipassociation
This code should work for both VR and VPCrs
TODO:
iptables
ip route throw (present in VR but not in VPCr
Determine default route
Unit tests
----
Author: Ian Southam <isoutham@schubergphilis.com>
First commit towards moving systemvm to chef based configuration
In this commit
1. cmdline json databag is created
2. ip association data bag is created
3. Basic chef cookbook to manage ips and routes
Conflicts:
systemvm/patches/debian/config/etc/init.d/cloud-early-config
systemvm/patches/debian/config/var/chef/cookbooks/README
tools/appliance/definitions/systemvm64template/postinstall.sh
----
Because we've refactored the systemvm template the change to
postinstall.sh now gets its own chef.sh file.
- VRs are single CPU, so Threading based implementation favoured than Forking based
- Implements a Python based password server that does not use file based locks
- Saving password mechanism is provided by using secure token only to VR (localhost)
- Old serve_password implementation is removed
- Runs with Python 2.6+ with no external dependencies
- Locks used within threads for extra safety
This closes#106
(cherry picked from commit 4b45d25152a6661fcd1796670f0fb65bb4a32df5)
Signed-off-by: Rohit Yadav <rohit.yadav@shapeblue.com>
