factored out all non-openvz related rootwraps

2013-04-22 14:19:32 -05:00 · 2013-04-22 14:19:32 -05:00 · 38e64f70e1
parent 9e67e5a0fc
commit 38e64f70e1
2 changed files with 22 additions and 204 deletions
--- a/README.md
+++ b/README.md
@ -1,4 +1,11 @@
 openvz-nova-driver
 ==================

-Virt driver that allows openstack nova to control openvz containers.
+Virt driver that allows openstack nova to control openvz containers.
+
+Once installed simply set these flags in the nova.conf file:
+
+<code>
+compute_driver=openvz
+</code>
+
--- a/etc/nova/rootwrap.d/openvz.filters
+++ b/etc/nova/rootwrap.d/openvz.filters
@ -1,245 +1,56 @@
-# nova-rootwrap command filters for compute nodes
+# nova-rootwrap command filters for openvz nodes
 # This file should be owned by (and only-writeable by) the root user

-[Filters]
-# nova/virt/disk/mount/api.py: 'kpartx', '-a', device
-# nova/virt/disk/mount/api.py: 'kpartx', '-d', device
-kpartx: CommandFilter, /sbin/kpartx, root
-
-# nova/virt/xenapi/vm_utils.py: tune2fs, -O ^has_journal, part_path
-# nova/virt/xenapi/vm_utils.py: tune2fs, -j, partition_path
-tune2fs: CommandFilter, /sbin/tune2fs, root
-
-# nova/virt/disk/mount/api.py: 'mount', mapped_device
-# nova/virt/disk/api.py: 'mount', '-o', 'bind', src, target
-# nova/virt/xenapi/vm_utils.py: 'mount', '-t', 'ext2,ext3,ext4,reiserfs'..
-# nova/virt/configdrive.py: 'mount', device, mountdir
-# nova/virt/libvirt/volume.py: 'mount', '-t', 'sofs' ...
 # nova/virt/openvz/utils.py: 'mount', '-o', 'defaults' ...
 mount: CommandFilter, /bin/mount, root

-# nova/virt/disk/mount/api.py: 'umount', mapped_device
-# nova/virt/disk/api.py: 'umount' target
-# nova/virt/xenapi/vm_utils.py: 'umount', dev_path
-# nova/virt/configdrive.py: 'umount', mountdir
 # nova/virt/openvz/utils.py: 'umount'
 umount: CommandFilter, /bin/umount, root

-# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-c', device, image
-# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-d', device
-qemu-nbd: CommandFilter, /usr/bin/qemu-nbd, root
-
-# nova/virt/disk/mount/loop.py: 'losetup', '--find', '--show', image
-# nova/virt/disk/mount/loop.py: 'losetup', '--detach', device
-losetup: CommandFilter, /sbin/losetup, root
-
-# nova/virt/disk/vfs/localfs.py: 'tee', canonpath
-tee: CommandFilter, /usr/bin/tee, root
-
-# nova/virt/disk/vfs/localfs.py: 'mkdir', canonpath
+# nova/virt/openvz/utils.py: 'mkdir', path
 mkdir: CommandFilter, /bin/mkdir, root

-# nova/virt/disk/vfs/localfs.py: 'chown'
-# nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log
-# nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log
-# nova/virt/libvirt/connection.py: 'chown', 'root', basepath('disk')
-# nova/utils.py: 'chown', owner_uid, path
+# nova/virt/openvz/utils.py: 'chown', owner_uid, path
 chown: CommandFilter, /bin/chown, root

-# nova/virt/disk/vfs/localfs.py: 'chmod'
+# nova/virt/openvz/utils.py: 'chmod'
 chmod: CommandFilter, /bin/chmod, root

-# nova/virt/libvirt/vif.py: 'ip', 'tuntap', 'add', dev, 'mode', 'tap'
-# nova/virt/libvirt/vif.py: 'ip', 'link', 'set', dev, 'up'
-# nova/virt/libvirt/vif.py: 'ip', 'link', 'delete', dev
-# nova/network/linux_net.py: 'ip', 'addr', 'add', str(floating_ip)+'/32'i..
-# nova/network/linux_net.py: 'ip', 'addr', 'del', str(floating_ip)+'/32'..
-# nova/network/linux_net.py: 'ip', 'addr', 'add', '169.254.169.254/32',..
-# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', dev, 'scope',..
-# nova/network/linux_net.py: 'ip', 'addr', 'del/add', ip_params, dev)
-# nova/network/linux_net.py: 'ip', 'addr', 'del', params, fields[-1]
-# nova/network/linux_net.py: 'ip', 'addr', 'add', params, bridge
-# nova/network/linux_net.py: 'ip', '-f', 'inet6', 'addr', 'change', ..
-# nova/network/linux_net.py: 'ip', 'link', 'set', 'dev', dev, 'promisc',..
-# nova/network/linux_net.py: 'ip', 'link', 'add', 'link', bridge_if ...
-# nova/network/linux_net.py: 'ip', 'link', 'set', interface, address,..
-# nova/network/linux_net.py: 'ip', 'link', 'set', interface, 'up'
-# nova/network/linux_net.py: 'ip', 'link', 'set', bridge, 'up'
-# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, ..
-# nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, ..
-# nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up'
-ip: CommandFilter, /sbin/ip, root
-
-# nova/virt/libvirt/vif.py: 'tunctl', '-b', '-t', dev
-# nova/network/linux_net.py: 'tunctl', '-b', '-t', dev
-tunctl: CommandFilter, tunctl, root
-
-# nova/virt/libvirt/vif.py: 'ovs-vsctl', ...
-# nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ...
-# nova/network/linux_net.py: 'ovs-vsctl', ....
-ovs-vsctl: CommandFilter, /usr/bin/ovs-vsctl, root
-
-# nova/network/linux_net.py: 'ovs-ofctl', ....
-ovs-ofctl: CommandFilter, /usr/bin/ovs-ofctl, root
-
-# nova/virt/libvirt/connection.py: 'dd', if=%s % virsh_output, ...
-dd: CommandFilter, /bin/dd, root
-
-# nova/virt/xenapi/volume_utils.py: 'iscsiadm', '-m', ...
+# nova/virt/openvz/volume_drivers/iscsi.py: 'iscsiadm', '-m', ...
 iscsiadm: CommandFilter, iscsiadm, root

-# nova/virt/libvirt/volume.py: 'aoe-revalidate', aoedev
-# nova/virt/libvirt/volume.py: 'aoe-discover'
-aoe-revalidate: CommandFilter, /usr/sbin/aoe-revalidate, root
-aoe-discover: CommandFilter, /usr/sbin/aoe-discover, root
-
-# nova/virt/xenapi/vm_utils.py: parted, --script, ...
-# nova/virt/xenapi/vm_utils.py: 'parted', '--script', dev_path, ..*.
-parted: CommandFilter, parted, root
-
-# nova/virt/xenapi/vm_utils.py: 'pygrub', '-qn', dev_path
-pygrub: CommandFilter, /usr/bin/pygrub, root
-
-# nova/virt/xenapi/vm_utils.py: fdisk %(dev_path)s
 # nova/virt/openvz/volume.py: fdisk %(dev_path)s
 fdisk: CommandFilter, /sbin/fdisk, root

-# nova/virt/xenapi/vm_utils.py: e2fsck, -f, -p, partition_path
-# nova/virt/disk/api.py: e2fsck, -f, -p, image
-e2fsck: CommandFilter, /sbin/e2fsck, root
-
-# nova/virt/xenapi/vm_utils.py: resize2fs, partition_path
-# nova/virt/disk/api.py: resize2fs, image
-resize2fs: CommandFilter, /sbin/resize2fs, root
-
-# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ...
-iptables-save: CommandFilter, iptables-save, root
-ip6tables-save: CommandFilter, ip6tables-save, root
-
-# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,)
-iptables-restore: CommandFilter, iptables-restore, root
-ip6tables-restore: CommandFilter, ip6tables-restore, root
-
-# nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ...
-# nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],..
+# nova/virt/openvz/driver.py: 'arping', '-U', floating_ip, '-A', '-I', ...
 arping: CommandFilter, arping, root

-# nova/network/linux_net.py: 'route', '-n'
-# nova/network/linux_net.py: 'route', 'del', 'default', 'gw'
-# nova/network/linux_net.py: 'route', 'add', 'default', 'gw'
-# nova/network/linux_net.py: 'route', '-n'
-# nova/network/linux_net.py: 'route', 'del', 'default', 'gw', old_gw, ..
-# nova/network/linux_net.py: 'route', 'add', 'default', 'gw', old_gateway
-route: CommandFilter, /sbin/route, root
-
-# nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address
-dhcp_release: CommandFilter, /usr/bin/dhcp_release, root
-
-# nova/network/linux_net.py: 'kill', '-9', pid
-# nova/network/linux_net.py: 'kill', '-HUP', pid
-kill_dnsmasq: KillFilter, root, /usr/sbin/dnsmasq, -9, -HUP
-
-# nova/network/linux_net.py: 'kill', pid
-kill_radvd: KillFilter, root, /usr/sbin/radvd
-
-# nova/network/linux_net.py: dnsmasq call
-dnsmasq: DnsmasqFilter, /usr/sbin/dnsmasq, root
-dnsmasq_deprecated: DeprecatedDnsmasqFilter, /usr/sbin/dnsmasq, root
-
-# nova/network/linux_net.py: 'radvd', '-C', '%s' % _ra_file(dev, 'conf'..
-radvd: CommandFilter, /usr/sbin/radvd, root
-
-# nova/network/linux_net.py: 'brctl', 'addbr', bridge
-# nova/network/linux_net.py: 'brctl', 'setfd', bridge, 0
-# nova/network/linux_net.py: 'brctl', 'stp', bridge, 'off'
-# nova/network/linux_net.py: 'brctl', 'addif', bridge, interface
-brctl: CommandFilter, brctl, root
-
-# nova/virt/libvirt/utils.py: 'mkswap'
-# nova/virt/xenapi/vm_utils.py: 'mkswap'
-mkswap: CommandFilter, /sbin/mkswap, root
-
-# nova/virt/xenapi/vm_utils.py: 'mkfs'
-mkfs: CommandFilter, /sbin/mkfs, root
-
-# nova/virt/libvirt/utils.py: 'qemu-img'
-qemu-img: CommandFilter, /usr/bin/qemu-img, root
-
-# nova/virt/disk/vfs/localfs.py: 'readlink', '-e'
-readlink: CommandFilter, readlink, root
-
-# nova/virt/disk/api.py: 'touch', target
+# nova/virt/openvz/file.py: 'touch', target
 touch: CommandFilter, /usr/bin/touch, root

-# nova/virt/disk/api.py:
-mkfs.ext3: CommandFilter, /sbin/mkfs.ext3, root
-mkfs.ntfs: CommandFilter, /sbin/mkfs.ntfs, root
-
-# nova/virt/libvirt/connection.py:
-read_initiator: ReadFileFilter, /etc/iscsi/initiatorname.iscsi
-
-# nova/virt/libvirt/connection.py:
-lvremove: CommandFilter, /sbin/lvremove, root
-
-# nova/virt/libvirt/utils.py:
-lvcreate: CommandFilter, /sbin/lvcreate, root
-
-# nova/virt/libvirt/utils.py:
-lvs: CommandFilter, /sbin/lvs, root
-
-# nova/virt/libvirt/utils.py:
-vgs: CommandFilter, /sbin/vgs, root
-
-# nova/virt/baremetal/volume_driver.py: 'tgtadm', '--lld', 'iscsi', ...
-tgtadm: CommandFilter, /usr/sbin/tgtadm, root
-
-# nova/utils.py:read_file_as_root: 'cat', file_path
-# (called from nova/virt/disk/vfs/localfs.py:VFSLocalFS.read_file)
-read_passwd: RegExpFilter, cat, root, cat, (/var|/usr)?/tmp/openstack-vfs-localfs[^/]+/etc/passwd
-read_shadow: RegExpFilter, cat, root, cat, (/var|/usr)?/tmp/openstack-vfs-localfs[^/]+/etc/shadow
-
-# nova/virt/libvirt/volume.py: 'multipath' '-R'
-multipath: CommandFilter, /sbin/multipath, root
-
-# nova/virt/libvirt/utils.py:
-systool: CommandFilter, /usr/bin/systool, root
-
-# nova/virt/libvirt/volume.py:
-sginfo: CommandFilter, /usr/bin/sginfo, root
-sg_scan: CommandFilter, /usr/bin/sg_scan, root
-
-# nova/virt/xenapi/vm_utils.py:
-xenstore-read: CommandFilter, /usr/bin/xenstore-read, root
-
-# nova/virt/baremetal/tilera.py: '/usr/sbin/rpc.mountd'
-rpc.mountd: CommandFilter, /usr/sbin/rpc.mountd, root
-
 # Rackspace Openvz starts here
 # nova/compute/manager.py: 'blockdev', '--getsize64', host_device
 blockdev: CommandFilter, /sbin/blockdev, root

-# nova/virt/openvz_conn.py: '/usr/sbin/vzlist'
+# nova/virt/openvz/driver.py: '/usr/sbin/vzlist'
 vzlist: CommandFilter, /usr/sbin/vzlist, root

-# nova/virt/openvz_conn.py: '/usr/sbin/vzctl'
+# nova/virt/openvz/driver.py: '/usr/sbin/vzctl'
 vzctl: CommandFilter, /usr/sbin/vzctl, root

-# nova/virt/openvz_conn.py: '/usr/sbin/arping'
-arping_usrsbin: CommandFilter, /usr/sbin/arping, root
-
-# nova/virt/openvz_conn.py: '/bin/rm'
+# nova/virt/openvz/driver.py: '/bin/rm'
 rm: CommandFilter, /bin/rm, root

-# nova/virt/openvz_conn.py:
+# nova/virt/openvz/driver.py:
 cpuinfo: ReadFileFilter, /proc/cpuinfo

-# nova/virt/openvz_conn.py:
+# nova/virt/openvz/driver.py:
 meminfo: ReadFileFilter, /proc/meminfo

-# nova/virt/openvz_conn.py: '/usr/sbin/vzcpucheck'
+# nova/virt/openvz/driver.py: '/usr/sbin/vzcpucheck'
 vzcpucheck: CommandFilter, /usr/sbin/vzcpucheck, root

-# nova/virt/openvz_conn.py: '/bin/rmdir'
+# nova/virt/openvz/driver.py: '/bin/rmdir'
 rmdir: CommandFilter, /bin/rmdir, root

 # nova/virt/openvz/volume_drivers/iscsi.py: '/usr/bin/iscsiadm'