Merge "Adding option disable-exec to freezer-scheduler"
This commit is contained in:
commit
ee97dbf49a
|
@ -18,12 +18,14 @@ limitations under the License.
|
|||
import os
|
||||
import sys
|
||||
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
|
||||
from freezer import __version__ as FREEZER_VERSION
|
||||
from freezer.apiclient import client as api_client
|
||||
from freezer import winutils
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
|
||||
CONF = cfg.CONF
|
||||
_LOG = log.getLogger(__name__)
|
||||
|
||||
if winutils.is_windows():
|
||||
DEFAULT_FREEZER_SCHEDULER_CONF_D = r'C:\.freezer\scheduler\conf.d'
|
||||
|
@ -31,79 +33,79 @@ else:
|
|||
DEFAULT_FREEZER_SCHEDULER_CONF_D = '/etc/freezer/scheduler/conf.d'
|
||||
|
||||
|
||||
CONF = cfg.CONF
|
||||
_LOG = log.getLogger(__name__)
|
||||
|
||||
|
||||
def getCommonOpts():
|
||||
def get_common_opts():
|
||||
scheduler_conf_d = os.environ.get('FREEZER_SCHEDULER_CONF_D',
|
||||
DEFAULT_FREEZER_SCHEDULER_CONF_D)
|
||||
|
||||
common_opts = [
|
||||
cfg.StrOpt('job',
|
||||
default=None,
|
||||
dest='job_id',
|
||||
short='j',
|
||||
help='Name or ID of the job'),
|
||||
cfg.StrOpt('session',
|
||||
default=None,
|
||||
dest='session_id',
|
||||
short='s',
|
||||
help='Name or ID of the session'),
|
||||
cfg.StrOpt('file',
|
||||
default=None,
|
||||
dest='fname',
|
||||
help='Local file that contains the resource to be '
|
||||
'uploaded/downloaded'),
|
||||
cfg.StrOpt('client-id',
|
||||
default=None,
|
||||
dest='client_id',
|
||||
short='c',
|
||||
help='Specifies the client_id used when contacting the service.'
|
||||
'\n If not specified it will be automatically created \n'
|
||||
'using the tenant-id and the machine hostname.'),
|
||||
cfg.BoolOpt('no-api',
|
||||
default=False,
|
||||
dest='no_api',
|
||||
short='n',
|
||||
help='Prevents the scheduler from using the api service'),
|
||||
cfg.BoolOpt('active-only',
|
||||
default=False,
|
||||
dest='active_only',
|
||||
short='a',
|
||||
help='Filter only active jobs/session'),
|
||||
cfg.StrOpt('conf',
|
||||
default=scheduler_conf_d,
|
||||
dest='jobs_dir',
|
||||
short='f',
|
||||
help='Used to store/retrieve files on local storage, including '
|
||||
'those exchanged with the api service.Default value is {0} '
|
||||
'(Env: FREEZER_SCHEDULER_CONF_D)'.format(scheduler_conf_d)),
|
||||
cfg.IntOpt('interval',
|
||||
default=60,
|
||||
dest='interval',
|
||||
short='i',
|
||||
help='Specifies the api-polling interval in seconds. '
|
||||
'Defaults to 60 seconds'),
|
||||
cfg.BoolOpt('no-daemon',
|
||||
default=False,
|
||||
dest='no_daemon',
|
||||
help='Prevents the scheduler from running in daemon mode'),
|
||||
cfg.BoolOpt('insecure',
|
||||
default=False,
|
||||
short='K',
|
||||
dest='insecure',
|
||||
help='Initialize freezer scheduler with insecure mode'),
|
||||
_COMMON = [
|
||||
cfg.StrOpt('job',
|
||||
default=None,
|
||||
dest='job_id',
|
||||
short='j',
|
||||
help='Name or ID of the job'),
|
||||
cfg.StrOpt('session',
|
||||
default=None,
|
||||
dest='session_id',
|
||||
short='s',
|
||||
help='Name or ID of the session'),
|
||||
cfg.StrOpt('file',
|
||||
default=None,
|
||||
dest='fname',
|
||||
help='Local file that contains the resource to be '
|
||||
'uploaded/downloaded'),
|
||||
cfg.StrOpt('client-id',
|
||||
default=None,
|
||||
dest='client_id',
|
||||
short='c',
|
||||
help='Specifies the client_id used when contacting the '
|
||||
'service.\n If not specified it will be automatically '
|
||||
'created \n using the tenant-id and the machine '
|
||||
'hostname.'),
|
||||
cfg.BoolOpt('no-api',
|
||||
default=False,
|
||||
dest='no_api',
|
||||
short='n',
|
||||
help='Prevents the scheduler from using the api service'),
|
||||
cfg.BoolOpt('active-only',
|
||||
default=False,
|
||||
dest='active_only',
|
||||
short='a',
|
||||
help='Filter only active jobs/session'),
|
||||
cfg.StrOpt('conf',
|
||||
default=scheduler_conf_d,
|
||||
dest='jobs_dir',
|
||||
short='f',
|
||||
help='Used to store/retrieve files on local storage, '
|
||||
'including those exchanged with the api service.Default'
|
||||
' value is {0} (Env: FREEZER_SCHEDULER_CONF_D)'
|
||||
.format(scheduler_conf_d)),
|
||||
cfg.IntOpt('interval',
|
||||
default=60,
|
||||
dest='interval',
|
||||
short='i',
|
||||
help='Specifies the api-polling interval in seconds. '
|
||||
'Defaults to 60 seconds'),
|
||||
cfg.BoolOpt('no-daemon',
|
||||
default=False,
|
||||
dest='no_daemon',
|
||||
help='Prevents the scheduler from running in daemon mode'),
|
||||
cfg.BoolOpt('insecure',
|
||||
default=False,
|
||||
dest='insecure',
|
||||
help='Initialize freezer scheduler with insecure mode'),
|
||||
cfg.BoolOpt('disable-exec',
|
||||
default=False,
|
||||
dest='disable_exec',
|
||||
help='Allow Freezer Scheduler to deny jobs that execute '
|
||||
'commands for security reasons')
|
||||
]
|
||||
|
||||
return common_opts
|
||||
return _COMMON
|
||||
|
||||
|
||||
def parse_args(choices):
|
||||
default_conf = cfg.find_config_files('freezer', 'scheduler',
|
||||
'.conf')
|
||||
default_conf = cfg.find_config_files('freezer', 'scheduler', '.conf')
|
||||
CONF.register_cli_opts(api_client.build_os_options())
|
||||
CONF.register_cli_opts(getCommonOpts())
|
||||
CONF.register_cli_opts(get_common_opts())
|
||||
log.register_options(CONF)
|
||||
|
||||
positional = [
|
||||
|
@ -123,11 +125,11 @@ def parse_args(choices):
|
|||
|
||||
def setup_logging():
|
||||
_DEFAULT_LOG_LEVELS = ['amqp=WARN', 'amqplib=WARN', 'boto=WARN',
|
||||
'qpid=WARN', 'stevedore=WARN',
|
||||
'oslo_log=INFO', 'iso8601=WARN',
|
||||
'requests.packages.urllib3.connectionpool=WARN',
|
||||
'urllib3.connectionpool=WARN', 'websocket=WARN',
|
||||
'keystonemiddleware=WARN', 'freezer=INFO']
|
||||
'qpid=WARN', 'stevedore=WARN', 'oslo_log=INFO',
|
||||
'iso8601=WARN', 'urllib3.connectionpool=WARN',
|
||||
'requests.packages.urllib3.connectionpool=WARN',
|
||||
'websocket=WARN', 'keystonemiddleware=WARN',
|
||||
'freezer=INFO']
|
||||
|
||||
_DEFAULT_LOGGING_CONTEXT_FORMAT = ('%(asctime)s.%(msecs)03d %(process)d '
|
||||
'%(levelname)s %(name)s [%(request_id)s '
|
||||
|
@ -139,6 +141,6 @@ def setup_logging():
|
|||
|
||||
def list_opts():
|
||||
_opt = {
|
||||
None: getCommonOpts()
|
||||
None: get_common_opts()
|
||||
}
|
||||
return _opt.items()
|
||||
|
|
|
@ -17,14 +17,19 @@ limitations under the License.
|
|||
|
||||
import datetime
|
||||
import json
|
||||
import logging
|
||||
import os
|
||||
from six.moves import configparser
|
||||
import subprocess
|
||||
import tempfile
|
||||
import time
|
||||
|
||||
from freezer import utils
|
||||
from oslo_config import cfg
|
||||
from oslo_log import log
|
||||
from six.moves import configparser
|
||||
|
||||
|
||||
CONF = cfg.CONF
|
||||
logging = log.getLogger(__name__)
|
||||
|
||||
|
||||
class StopState(object):
|
||||
|
@ -323,6 +328,15 @@ class Job(object):
|
|||
|
||||
return Job.FAIL_RESULT
|
||||
|
||||
def contains_exec(self):
|
||||
jobs = self.job_doc.get('job_actions')
|
||||
for job in jobs:
|
||||
freezer_action = job.get('freezer_action')
|
||||
action = freezer_action.get('action')
|
||||
if action == 'exec':
|
||||
return True
|
||||
return False
|
||||
|
||||
def execute(self):
|
||||
result = Job.SUCCESS_RESULT
|
||||
with self.scheduler.execution_lock:
|
||||
|
@ -333,6 +347,15 @@ class Job(object):
|
|||
self.scheduler.update_job_status(self.id, self.job_doc_status)
|
||||
|
||||
self.start_session()
|
||||
# if the job contains exec action and the scheduler passes the
|
||||
# parameter --disable-exec job execuation should fail
|
||||
if self.contains_exec() and CONF.disable_exec:
|
||||
logging.info("Job {0} failed because it contains exec action "
|
||||
"and exec actions are disabled by scheduler"
|
||||
.format(self.id))
|
||||
self.result = Job.FAIL_RESULT
|
||||
self.finish()
|
||||
return
|
||||
|
||||
for job_action in self.job_doc.get('job_actions', []):
|
||||
if job_action.get('mandatory', False) or\
|
||||
|
|
Loading…
Reference in New Issue