Made the following changes:
1. Reordered file and module imports 2. Sorted director IPs 3. Added unit fqdn in /etc/hosts of plumgrid-lxc 4. Loading plumgrid specific iptables on install 5. Added temporary upgrade hook to load iptables 6. stop_pg() is being used in restart_pg() 7. persistant iptables
This commit is contained in:
commit
c4868ea751
|
@ -3,14 +3,17 @@
|
|||
# This file contains the class that generates context for
|
||||
# PLUMgrid template files.
|
||||
|
||||
from charmhelpers.contrib.openstack import context
|
||||
from charmhelpers.contrib.openstack.utils import get_host_ip
|
||||
from charmhelpers.core.hookenv import (
|
||||
relation_ids,
|
||||
related_units,
|
||||
relation_get,
|
||||
)
|
||||
from charmhelpers.contrib.openstack import context
|
||||
from charmhelpers.contrib.openstack.utils import get_host_ip
|
||||
from socket import gethostname as get_unit_hostname
|
||||
from socket import (
|
||||
gethostname,
|
||||
getfqdn
|
||||
)
|
||||
|
||||
|
||||
def _pg_dir_settings():
|
||||
|
@ -60,7 +63,7 @@ class PGGwContext(context.NeutronContext):
|
|||
return {}
|
||||
|
||||
pg_dir_ips = ''
|
||||
pg_dir_settings = _pg_dir_settings()
|
||||
pg_dir_settings = sorted(_pg_dir_settings())
|
||||
single_ip = True
|
||||
for ip in pg_dir_settings:
|
||||
if single_ip:
|
||||
|
@ -69,8 +72,9 @@ class PGGwContext(context.NeutronContext):
|
|||
else:
|
||||
pg_dir_ips = pg_dir_ips + ',' + str(ip)
|
||||
pg_ctxt['local_ip'] = pg_dir_ips
|
||||
unit_hostname = get_unit_hostname()
|
||||
unit_hostname = gethostname()
|
||||
pg_ctxt['pg_hostname'] = unit_hostname
|
||||
pg_ctxt['pg_fqdn'] = getfqdn()
|
||||
from pg_gw_utils import (
|
||||
get_mgmt_interface,
|
||||
get_gw_interfaces,
|
||||
|
|
|
@ -30,7 +30,8 @@ from pg_gw_utils import (
|
|||
remove_iovisor,
|
||||
ensure_mtu,
|
||||
add_lcm_key,
|
||||
fabric_interface_changed
|
||||
fabric_interface_changed,
|
||||
load_iptables,
|
||||
)
|
||||
|
||||
hooks = Hooks()
|
||||
|
@ -42,6 +43,7 @@ def install():
|
|||
'''
|
||||
Install hook is run when the charm is first deployed on a node.
|
||||
'''
|
||||
load_iptables()
|
||||
configure_sources(update=True)
|
||||
pkgs = determine_packages()
|
||||
for pkg in pkgs:
|
||||
|
@ -98,6 +100,15 @@ def config_changed():
|
|||
restart_pg()
|
||||
|
||||
|
||||
@hooks.hook('upgrade-charm')
|
||||
def upgrade_charm():
|
||||
load_iptables()
|
||||
ensure_mtu()
|
||||
ensure_files()
|
||||
CONFIGS.write_all()
|
||||
restart_pg()
|
||||
|
||||
|
||||
@hooks.hook('stop')
|
||||
def stop():
|
||||
'''
|
||||
|
|
|
@ -2,8 +2,18 @@
|
|||
|
||||
# This file contains functions used by the hooks to deploy PLUMgrid Gateway.
|
||||
|
||||
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
|
||||
import pg_gw_context
|
||||
import subprocess
|
||||
import time
|
||||
import os
|
||||
import json
|
||||
from collections import OrderedDict
|
||||
from socket import gethostname as get_unit_hostname
|
||||
from copy import deepcopy
|
||||
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
|
||||
from charmhelpers.contrib.storage.linux.ceph import modprobe
|
||||
from charmhelpers.core.host import set_nic_mtu
|
||||
from charmhelpers.contrib.openstack import templating
|
||||
from charmhelpers.core.hookenv import (
|
||||
log,
|
||||
config,
|
||||
|
@ -22,33 +32,22 @@ from charmhelpers.core.host import (
|
|||
service_stop,
|
||||
)
|
||||
from charmhelpers.fetch import (
|
||||
apt_cache
|
||||
apt_cache,
|
||||
apt_install
|
||||
)
|
||||
from charmhelpers.contrib.storage.linux.ceph import modprobe
|
||||
from charmhelpers.core.host import set_nic_mtu
|
||||
from charmhelpers.contrib.openstack import templating
|
||||
from collections import OrderedDict
|
||||
from charmhelpers.contrib.openstack.utils import (
|
||||
os_release,
|
||||
)
|
||||
from socket import gethostname as get_unit_hostname
|
||||
import pg_gw_context
|
||||
import subprocess
|
||||
import time
|
||||
import os
|
||||
import json
|
||||
|
||||
LXC_CONF = "/etc/libvirt/lxc.conf"
|
||||
TEMPLATES = 'templates/'
|
||||
PG_LXC_DATA_PATH = '/var/lib/libvirt/filesystems/plumgrid-data'
|
||||
|
||||
PG_CONF = '%s/conf/pg/plumgrid.conf' % PG_LXC_DATA_PATH
|
||||
PG_HN_CONF = '%s/conf/etc/hostname' % PG_LXC_DATA_PATH
|
||||
PG_HS_CONF = '%s/conf/etc/hosts' % PG_LXC_DATA_PATH
|
||||
PG_IFCS_CONF = '%s/conf/pg/ifcs.conf' % PG_LXC_DATA_PATH
|
||||
AUTH_KEY_PATH = '%s/root/.ssh/authorized_keys' % PG_LXC_DATA_PATH
|
||||
IFC_LIST_GW = '/var/run/plumgrid/lxc/ifc_list_gateway'
|
||||
|
||||
SUDOERS_CONF = '/etc/sudoers.d/ifc_ctl_sudoers'
|
||||
|
||||
BASE_RESOURCE_MAP = OrderedDict([
|
||||
|
@ -141,9 +140,7 @@ def restart_pg():
|
|||
'''
|
||||
Stops and Starts PLUMgrid service after flushing iptables.
|
||||
'''
|
||||
service_stop('plumgrid')
|
||||
time.sleep(30)
|
||||
_exec_cmd(cmd=['iptables', '-F'])
|
||||
stop_pg()
|
||||
service_start('plumgrid')
|
||||
time.sleep(30)
|
||||
|
||||
|
@ -153,7 +150,7 @@ def stop_pg():
|
|||
Stops PLUMgrid service.
|
||||
'''
|
||||
service_stop('plumgrid')
|
||||
time.sleep(2)
|
||||
time.sleep(30)
|
||||
|
||||
|
||||
def load_iovisor():
|
||||
|
@ -168,7 +165,7 @@ def remove_iovisor():
|
|||
Removes iovisor kernel module.
|
||||
'''
|
||||
_exec_cmd(cmd=['rmmod', 'iovisor'],
|
||||
error_msg='Error Loading Iovisor Kernel Module')
|
||||
error_msg='Error Removing IOVisor Kernel Module')
|
||||
time.sleep(1)
|
||||
|
||||
|
||||
|
@ -327,3 +324,48 @@ def add_lcm_key():
|
|||
fa.write('\n')
|
||||
fa.close()
|
||||
return 1
|
||||
|
||||
|
||||
def load_iptables():
|
||||
'''
|
||||
Loads iptables rules to allow all PLUMgrid communication.
|
||||
'''
|
||||
network = get_cidr_from_iface(get_mgmt_interface())
|
||||
if network:
|
||||
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'tcp',
|
||||
'-j', 'ACCEPT', '-s', network, '-d',
|
||||
network, '-m', 'state', '--state', 'NEW'])
|
||||
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'udp', '-j',
|
||||
'ACCEPT', '-s', network, '-d', network,
|
||||
'-m', 'state', '--state', 'NEW'])
|
||||
apt_install('iptables-persistent')
|
||||
|
||||
|
||||
def get_cidr_from_iface(interface):
|
||||
'''
|
||||
Determines Network CIDR from interface.
|
||||
'''
|
||||
if not interface:
|
||||
return None
|
||||
apt_install('ohai')
|
||||
try:
|
||||
os_info = subprocess.check_output(['ohai', '-l', 'fatal'])
|
||||
except OSError:
|
||||
log('Unable to get operating system information')
|
||||
return None
|
||||
try:
|
||||
os_info_json = json.loads(os_info)
|
||||
except ValueError:
|
||||
log('Unable to determine network')
|
||||
return None
|
||||
device = os_info_json['network']['interfaces'].get(interface)
|
||||
if device is not None:
|
||||
if device.get('routes'):
|
||||
routes = device['routes']
|
||||
for net in routes:
|
||||
if 'scope' in net:
|
||||
return net.get('destination')
|
||||
else:
|
||||
return None
|
||||
else:
|
||||
return None
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
pg_gw_hooks.py
|
|
@ -1,5 +1,5 @@
|
|||
127.0.0.1 localhost
|
||||
127.0.1.1 {{ pg_hostname }}
|
||||
127.0.1.1 {{ pg_fqdn }} {{ pg_hostname }}
|
||||
|
||||
# The following lines are desirable for IPv6 capable hosts
|
||||
::1 ip6-localhost ip6-loopback
|
||||
|
|
|
@ -5,7 +5,8 @@ import pg_gw_utils as utils
|
|||
import charmhelpers
|
||||
|
||||
TO_PATCH = [
|
||||
'get_unit_hostname',
|
||||
'gethostname',
|
||||
'getfqdn'
|
||||
]
|
||||
|
||||
|
||||
|
@ -55,7 +56,8 @@ class PGGwContextTest(CharmTestCase):
|
|||
_npa.side_effect = mock_npa
|
||||
_unit_get.return_value = '192.168.100.201'
|
||||
_unit_priv_ip.return_value = '192.168.100.201'
|
||||
self.get_unit_hostname.return_value = 'node0'
|
||||
self.gethostname.return_value = 'node0'
|
||||
self.getfqdn.return_value = 'node0'
|
||||
_is_clus.return_value = False
|
||||
_config_flag.return_value = False
|
||||
_pg_dir_settings.return_value = {'pg_dir_ip': '192.168.100.201'}
|
||||
|
@ -73,6 +75,7 @@ class PGGwContextTest(CharmTestCase):
|
|||
'neutron_security_groups': None,
|
||||
'neutron_url': 'https://192.168.100.201:9696',
|
||||
'pg_hostname': 'node0',
|
||||
'pg_fqdn': 'node0',
|
||||
'interface': 'juju-br0',
|
||||
'fabric_interface': 'juju-br0',
|
||||
'label': 'node0',
|
||||
|
|
|
@ -30,6 +30,7 @@ TO_PATCH = [
|
|||
'ensure_mtu',
|
||||
'add_lcm_key',
|
||||
'determine_packages',
|
||||
'load_iptables'
|
||||
]
|
||||
NEUTRON_CONF_DIR = "/etc/neutron"
|
||||
|
||||
|
|
Loading…
Reference in New Issue