Made the following changes:

1. Reordered file and module imports
2. Sorted director IPs
3. Added unit fqdn in /etc/hosts of plumgrid-lxc
4. Loading plumgrid specific iptables on install
5. Added temporary upgrade hook to load iptables
6. stop_pg() is being used in restart_pg()
7. persistant iptables
This commit is contained in:
Bilal Baqar 2016-03-13 23:43:21 -07:00
commit c4868ea751
7 changed files with 90 additions and 28 deletions

View File

@ -3,14 +3,17 @@
# This file contains the class that generates context for
# PLUMgrid template files.
from charmhelpers.contrib.openstack import context
from charmhelpers.contrib.openstack.utils import get_host_ip
from charmhelpers.core.hookenv import (
relation_ids,
related_units,
relation_get,
)
from charmhelpers.contrib.openstack import context
from charmhelpers.contrib.openstack.utils import get_host_ip
from socket import gethostname as get_unit_hostname
from socket import (
gethostname,
getfqdn
)
def _pg_dir_settings():
@ -60,7 +63,7 @@ class PGGwContext(context.NeutronContext):
return {}
pg_dir_ips = ''
pg_dir_settings = _pg_dir_settings()
pg_dir_settings = sorted(_pg_dir_settings())
single_ip = True
for ip in pg_dir_settings:
if single_ip:
@ -69,8 +72,9 @@ class PGGwContext(context.NeutronContext):
else:
pg_dir_ips = pg_dir_ips + ',' + str(ip)
pg_ctxt['local_ip'] = pg_dir_ips
unit_hostname = get_unit_hostname()
unit_hostname = gethostname()
pg_ctxt['pg_hostname'] = unit_hostname
pg_ctxt['pg_fqdn'] = getfqdn()
from pg_gw_utils import (
get_mgmt_interface,
get_gw_interfaces,

View File

@ -30,7 +30,8 @@ from pg_gw_utils import (
remove_iovisor,
ensure_mtu,
add_lcm_key,
fabric_interface_changed
fabric_interface_changed,
load_iptables,
)
hooks = Hooks()
@ -42,6 +43,7 @@ def install():
'''
Install hook is run when the charm is first deployed on a node.
'''
load_iptables()
configure_sources(update=True)
pkgs = determine_packages()
for pkg in pkgs:
@ -98,6 +100,15 @@ def config_changed():
restart_pg()
@hooks.hook('upgrade-charm')
def upgrade_charm():
load_iptables()
ensure_mtu()
ensure_files()
CONFIGS.write_all()
restart_pg()
@hooks.hook('stop')
def stop():
'''

View File

@ -2,8 +2,18 @@
# This file contains functions used by the hooks to deploy PLUMgrid Gateway.
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
import pg_gw_context
import subprocess
import time
import os
import json
from collections import OrderedDict
from socket import gethostname as get_unit_hostname
from copy import deepcopy
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
from charmhelpers.contrib.storage.linux.ceph import modprobe
from charmhelpers.core.host import set_nic_mtu
from charmhelpers.contrib.openstack import templating
from charmhelpers.core.hookenv import (
log,
config,
@ -22,33 +32,22 @@ from charmhelpers.core.host import (
service_stop,
)
from charmhelpers.fetch import (
apt_cache
apt_cache,
apt_install
)
from charmhelpers.contrib.storage.linux.ceph import modprobe
from charmhelpers.core.host import set_nic_mtu
from charmhelpers.contrib.openstack import templating
from collections import OrderedDict
from charmhelpers.contrib.openstack.utils import (
os_release,
)
from socket import gethostname as get_unit_hostname
import pg_gw_context
import subprocess
import time
import os
import json
LXC_CONF = "/etc/libvirt/lxc.conf"
TEMPLATES = 'templates/'
PG_LXC_DATA_PATH = '/var/lib/libvirt/filesystems/plumgrid-data'
PG_CONF = '%s/conf/pg/plumgrid.conf' % PG_LXC_DATA_PATH
PG_HN_CONF = '%s/conf/etc/hostname' % PG_LXC_DATA_PATH
PG_HS_CONF = '%s/conf/etc/hosts' % PG_LXC_DATA_PATH
PG_IFCS_CONF = '%s/conf/pg/ifcs.conf' % PG_LXC_DATA_PATH
AUTH_KEY_PATH = '%s/root/.ssh/authorized_keys' % PG_LXC_DATA_PATH
IFC_LIST_GW = '/var/run/plumgrid/lxc/ifc_list_gateway'
SUDOERS_CONF = '/etc/sudoers.d/ifc_ctl_sudoers'
BASE_RESOURCE_MAP = OrderedDict([
@ -141,9 +140,7 @@ def restart_pg():
'''
Stops and Starts PLUMgrid service after flushing iptables.
'''
service_stop('plumgrid')
time.sleep(30)
_exec_cmd(cmd=['iptables', '-F'])
stop_pg()
service_start('plumgrid')
time.sleep(30)
@ -153,7 +150,7 @@ def stop_pg():
Stops PLUMgrid service.
'''
service_stop('plumgrid')
time.sleep(2)
time.sleep(30)
def load_iovisor():
@ -168,7 +165,7 @@ def remove_iovisor():
Removes iovisor kernel module.
'''
_exec_cmd(cmd=['rmmod', 'iovisor'],
error_msg='Error Loading Iovisor Kernel Module')
error_msg='Error Removing IOVisor Kernel Module')
time.sleep(1)
@ -327,3 +324,48 @@ def add_lcm_key():
fa.write('\n')
fa.close()
return 1
def load_iptables():
'''
Loads iptables rules to allow all PLUMgrid communication.
'''
network = get_cidr_from_iface(get_mgmt_interface())
if network:
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'tcp',
'-j', 'ACCEPT', '-s', network, '-d',
network, '-m', 'state', '--state', 'NEW'])
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'udp', '-j',
'ACCEPT', '-s', network, '-d', network,
'-m', 'state', '--state', 'NEW'])
apt_install('iptables-persistent')
def get_cidr_from_iface(interface):
'''
Determines Network CIDR from interface.
'''
if not interface:
return None
apt_install('ohai')
try:
os_info = subprocess.check_output(['ohai', '-l', 'fatal'])
except OSError:
log('Unable to get operating system information')
return None
try:
os_info_json = json.loads(os_info)
except ValueError:
log('Unable to determine network')
return None
device = os_info_json['network']['interfaces'].get(interface)
if device is not None:
if device.get('routes'):
routes = device['routes']
for net in routes:
if 'scope' in net:
return net.get('destination')
else:
return None
else:
return None

1
hooks/upgrade-charm Symbolic link
View File

@ -0,0 +1 @@
pg_gw_hooks.py

View File

@ -1,5 +1,5 @@
127.0.0.1 localhost
127.0.1.1 {{ pg_hostname }}
127.0.1.1 {{ pg_fqdn }} {{ pg_hostname }}
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback

View File

@ -5,7 +5,8 @@ import pg_gw_utils as utils
import charmhelpers
TO_PATCH = [
'get_unit_hostname',
'gethostname',
'getfqdn'
]
@ -55,7 +56,8 @@ class PGGwContextTest(CharmTestCase):
_npa.side_effect = mock_npa
_unit_get.return_value = '192.168.100.201'
_unit_priv_ip.return_value = '192.168.100.201'
self.get_unit_hostname.return_value = 'node0'
self.gethostname.return_value = 'node0'
self.getfqdn.return_value = 'node0'
_is_clus.return_value = False
_config_flag.return_value = False
_pg_dir_settings.return_value = {'pg_dir_ip': '192.168.100.201'}
@ -73,6 +75,7 @@ class PGGwContextTest(CharmTestCase):
'neutron_security_groups': None,
'neutron_url': 'https://192.168.100.201:9696',
'pg_hostname': 'node0',
'pg_fqdn': 'node0',
'interface': 'juju-br0',
'fabric_interface': 'juju-br0',
'label': 'node0',

View File

@ -30,6 +30,7 @@ TO_PATCH = [
'ensure_mtu',
'add_lcm_key',
'determine_packages',
'load_iptables'
]
NEUTRON_CONF_DIR = "/etc/neutron"