Made the following changes:

1. Reordered file and module imports
2. Sorted director IPs
3. Added unit fqdn in /etc/hosts of plumgrid-lxc
4. Loading plumgrid specific iptables on install
5. Added temporary upgrade hook to load iptables
6. stop_pg() is being used in restart_pg()
7. persistant iptables
This commit is contained in:
Bilal Baqar 2016-03-13 23:43:21 -07:00
commit c4868ea751
7 changed files with 90 additions and 28 deletions

View File

@ -3,14 +3,17 @@
# This file contains the class that generates context for # This file contains the class that generates context for
# PLUMgrid template files. # PLUMgrid template files.
from charmhelpers.contrib.openstack import context
from charmhelpers.contrib.openstack.utils import get_host_ip
from charmhelpers.core.hookenv import ( from charmhelpers.core.hookenv import (
relation_ids, relation_ids,
related_units, related_units,
relation_get, relation_get,
) )
from charmhelpers.contrib.openstack import context from socket import (
from charmhelpers.contrib.openstack.utils import get_host_ip gethostname,
from socket import gethostname as get_unit_hostname getfqdn
)
def _pg_dir_settings(): def _pg_dir_settings():
@ -60,7 +63,7 @@ class PGGwContext(context.NeutronContext):
return {} return {}
pg_dir_ips = '' pg_dir_ips = ''
pg_dir_settings = _pg_dir_settings() pg_dir_settings = sorted(_pg_dir_settings())
single_ip = True single_ip = True
for ip in pg_dir_settings: for ip in pg_dir_settings:
if single_ip: if single_ip:
@ -69,8 +72,9 @@ class PGGwContext(context.NeutronContext):
else: else:
pg_dir_ips = pg_dir_ips + ',' + str(ip) pg_dir_ips = pg_dir_ips + ',' + str(ip)
pg_ctxt['local_ip'] = pg_dir_ips pg_ctxt['local_ip'] = pg_dir_ips
unit_hostname = get_unit_hostname() unit_hostname = gethostname()
pg_ctxt['pg_hostname'] = unit_hostname pg_ctxt['pg_hostname'] = unit_hostname
pg_ctxt['pg_fqdn'] = getfqdn()
from pg_gw_utils import ( from pg_gw_utils import (
get_mgmt_interface, get_mgmt_interface,
get_gw_interfaces, get_gw_interfaces,

View File

@ -30,7 +30,8 @@ from pg_gw_utils import (
remove_iovisor, remove_iovisor,
ensure_mtu, ensure_mtu,
add_lcm_key, add_lcm_key,
fabric_interface_changed fabric_interface_changed,
load_iptables,
) )
hooks = Hooks() hooks = Hooks()
@ -42,6 +43,7 @@ def install():
''' '''
Install hook is run when the charm is first deployed on a node. Install hook is run when the charm is first deployed on a node.
''' '''
load_iptables()
configure_sources(update=True) configure_sources(update=True)
pkgs = determine_packages() pkgs = determine_packages()
for pkg in pkgs: for pkg in pkgs:
@ -98,6 +100,15 @@ def config_changed():
restart_pg() restart_pg()
@hooks.hook('upgrade-charm')
def upgrade_charm():
load_iptables()
ensure_mtu()
ensure_files()
CONFIGS.write_all()
restart_pg()
@hooks.hook('stop') @hooks.hook('stop')
def stop(): def stop():
''' '''

View File

@ -2,8 +2,18 @@
# This file contains functions used by the hooks to deploy PLUMgrid Gateway. # This file contains functions used by the hooks to deploy PLUMgrid Gateway.
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute import pg_gw_context
import subprocess
import time
import os
import json
from collections import OrderedDict
from socket import gethostname as get_unit_hostname
from copy import deepcopy from copy import deepcopy
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
from charmhelpers.contrib.storage.linux.ceph import modprobe
from charmhelpers.core.host import set_nic_mtu
from charmhelpers.contrib.openstack import templating
from charmhelpers.core.hookenv import ( from charmhelpers.core.hookenv import (
log, log,
config, config,
@ -22,33 +32,22 @@ from charmhelpers.core.host import (
service_stop, service_stop,
) )
from charmhelpers.fetch import ( from charmhelpers.fetch import (
apt_cache apt_cache,
apt_install
) )
from charmhelpers.contrib.storage.linux.ceph import modprobe
from charmhelpers.core.host import set_nic_mtu
from charmhelpers.contrib.openstack import templating
from collections import OrderedDict
from charmhelpers.contrib.openstack.utils import ( from charmhelpers.contrib.openstack.utils import (
os_release, os_release,
) )
from socket import gethostname as get_unit_hostname
import pg_gw_context
import subprocess
import time
import os
import json
LXC_CONF = "/etc/libvirt/lxc.conf" LXC_CONF = "/etc/libvirt/lxc.conf"
TEMPLATES = 'templates/' TEMPLATES = 'templates/'
PG_LXC_DATA_PATH = '/var/lib/libvirt/filesystems/plumgrid-data' PG_LXC_DATA_PATH = '/var/lib/libvirt/filesystems/plumgrid-data'
PG_CONF = '%s/conf/pg/plumgrid.conf' % PG_LXC_DATA_PATH PG_CONF = '%s/conf/pg/plumgrid.conf' % PG_LXC_DATA_PATH
PG_HN_CONF = '%s/conf/etc/hostname' % PG_LXC_DATA_PATH PG_HN_CONF = '%s/conf/etc/hostname' % PG_LXC_DATA_PATH
PG_HS_CONF = '%s/conf/etc/hosts' % PG_LXC_DATA_PATH PG_HS_CONF = '%s/conf/etc/hosts' % PG_LXC_DATA_PATH
PG_IFCS_CONF = '%s/conf/pg/ifcs.conf' % PG_LXC_DATA_PATH PG_IFCS_CONF = '%s/conf/pg/ifcs.conf' % PG_LXC_DATA_PATH
AUTH_KEY_PATH = '%s/root/.ssh/authorized_keys' % PG_LXC_DATA_PATH AUTH_KEY_PATH = '%s/root/.ssh/authorized_keys' % PG_LXC_DATA_PATH
IFC_LIST_GW = '/var/run/plumgrid/lxc/ifc_list_gateway' IFC_LIST_GW = '/var/run/plumgrid/lxc/ifc_list_gateway'
SUDOERS_CONF = '/etc/sudoers.d/ifc_ctl_sudoers' SUDOERS_CONF = '/etc/sudoers.d/ifc_ctl_sudoers'
BASE_RESOURCE_MAP = OrderedDict([ BASE_RESOURCE_MAP = OrderedDict([
@ -141,9 +140,7 @@ def restart_pg():
''' '''
Stops and Starts PLUMgrid service after flushing iptables. Stops and Starts PLUMgrid service after flushing iptables.
''' '''
service_stop('plumgrid') stop_pg()
time.sleep(30)
_exec_cmd(cmd=['iptables', '-F'])
service_start('plumgrid') service_start('plumgrid')
time.sleep(30) time.sleep(30)
@ -153,7 +150,7 @@ def stop_pg():
Stops PLUMgrid service. Stops PLUMgrid service.
''' '''
service_stop('plumgrid') service_stop('plumgrid')
time.sleep(2) time.sleep(30)
def load_iovisor(): def load_iovisor():
@ -168,7 +165,7 @@ def remove_iovisor():
Removes iovisor kernel module. Removes iovisor kernel module.
''' '''
_exec_cmd(cmd=['rmmod', 'iovisor'], _exec_cmd(cmd=['rmmod', 'iovisor'],
error_msg='Error Loading Iovisor Kernel Module') error_msg='Error Removing IOVisor Kernel Module')
time.sleep(1) time.sleep(1)
@ -327,3 +324,48 @@ def add_lcm_key():
fa.write('\n') fa.write('\n')
fa.close() fa.close()
return 1 return 1
def load_iptables():
'''
Loads iptables rules to allow all PLUMgrid communication.
'''
network = get_cidr_from_iface(get_mgmt_interface())
if network:
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'tcp',
'-j', 'ACCEPT', '-s', network, '-d',
network, '-m', 'state', '--state', 'NEW'])
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'udp', '-j',
'ACCEPT', '-s', network, '-d', network,
'-m', 'state', '--state', 'NEW'])
apt_install('iptables-persistent')
def get_cidr_from_iface(interface):
'''
Determines Network CIDR from interface.
'''
if not interface:
return None
apt_install('ohai')
try:
os_info = subprocess.check_output(['ohai', '-l', 'fatal'])
except OSError:
log('Unable to get operating system information')
return None
try:
os_info_json = json.loads(os_info)
except ValueError:
log('Unable to determine network')
return None
device = os_info_json['network']['interfaces'].get(interface)
if device is not None:
if device.get('routes'):
routes = device['routes']
for net in routes:
if 'scope' in net:
return net.get('destination')
else:
return None
else:
return None

1
hooks/upgrade-charm Symbolic link
View File

@ -0,0 +1 @@
pg_gw_hooks.py

View File

@ -1,5 +1,5 @@
127.0.0.1 localhost 127.0.0.1 localhost
127.0.1.1 {{ pg_hostname }} 127.0.1.1 {{ pg_fqdn }} {{ pg_hostname }}
# The following lines are desirable for IPv6 capable hosts # The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback ::1 ip6-localhost ip6-loopback

View File

@ -5,7 +5,8 @@ import pg_gw_utils as utils
import charmhelpers import charmhelpers
TO_PATCH = [ TO_PATCH = [
'get_unit_hostname', 'gethostname',
'getfqdn'
] ]
@ -55,7 +56,8 @@ class PGGwContextTest(CharmTestCase):
_npa.side_effect = mock_npa _npa.side_effect = mock_npa
_unit_get.return_value = '192.168.100.201' _unit_get.return_value = '192.168.100.201'
_unit_priv_ip.return_value = '192.168.100.201' _unit_priv_ip.return_value = '192.168.100.201'
self.get_unit_hostname.return_value = 'node0' self.gethostname.return_value = 'node0'
self.getfqdn.return_value = 'node0'
_is_clus.return_value = False _is_clus.return_value = False
_config_flag.return_value = False _config_flag.return_value = False
_pg_dir_settings.return_value = {'pg_dir_ip': '192.168.100.201'} _pg_dir_settings.return_value = {'pg_dir_ip': '192.168.100.201'}
@ -73,6 +75,7 @@ class PGGwContextTest(CharmTestCase):
'neutron_security_groups': None, 'neutron_security_groups': None,
'neutron_url': 'https://192.168.100.201:9696', 'neutron_url': 'https://192.168.100.201:9696',
'pg_hostname': 'node0', 'pg_hostname': 'node0',
'pg_fqdn': 'node0',
'interface': 'juju-br0', 'interface': 'juju-br0',
'fabric_interface': 'juju-br0', 'fabric_interface': 'juju-br0',
'label': 'node0', 'label': 'node0',

View File

@ -30,6 +30,7 @@ TO_PATCH = [
'ensure_mtu', 'ensure_mtu',
'add_lcm_key', 'add_lcm_key',
'determine_packages', 'determine_packages',
'load_iptables'
] ]
NEUTRON_CONF_DIR = "/etc/neutron" NEUTRON_CONF_DIR = "/etc/neutron"