Made the following changes:
1. Reordered file and module imports 2. Sorted director IPs 3. Added unit fqdn in /etc/hosts of plumgrid-lxc 4. Loading plumgrid specific iptables on install 5. Added temporary upgrade hook to load iptables 6. stop_pg() is being used in restart_pg() 7. persistant iptables
This commit is contained in:
commit
c4868ea751
|
@ -3,14 +3,17 @@
|
||||||
# This file contains the class that generates context for
|
# This file contains the class that generates context for
|
||||||
# PLUMgrid template files.
|
# PLUMgrid template files.
|
||||||
|
|
||||||
|
from charmhelpers.contrib.openstack import context
|
||||||
|
from charmhelpers.contrib.openstack.utils import get_host_ip
|
||||||
from charmhelpers.core.hookenv import (
|
from charmhelpers.core.hookenv import (
|
||||||
relation_ids,
|
relation_ids,
|
||||||
related_units,
|
related_units,
|
||||||
relation_get,
|
relation_get,
|
||||||
)
|
)
|
||||||
from charmhelpers.contrib.openstack import context
|
from socket import (
|
||||||
from charmhelpers.contrib.openstack.utils import get_host_ip
|
gethostname,
|
||||||
from socket import gethostname as get_unit_hostname
|
getfqdn
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def _pg_dir_settings():
|
def _pg_dir_settings():
|
||||||
|
@ -60,7 +63,7 @@ class PGGwContext(context.NeutronContext):
|
||||||
return {}
|
return {}
|
||||||
|
|
||||||
pg_dir_ips = ''
|
pg_dir_ips = ''
|
||||||
pg_dir_settings = _pg_dir_settings()
|
pg_dir_settings = sorted(_pg_dir_settings())
|
||||||
single_ip = True
|
single_ip = True
|
||||||
for ip in pg_dir_settings:
|
for ip in pg_dir_settings:
|
||||||
if single_ip:
|
if single_ip:
|
||||||
|
@ -69,8 +72,9 @@ class PGGwContext(context.NeutronContext):
|
||||||
else:
|
else:
|
||||||
pg_dir_ips = pg_dir_ips + ',' + str(ip)
|
pg_dir_ips = pg_dir_ips + ',' + str(ip)
|
||||||
pg_ctxt['local_ip'] = pg_dir_ips
|
pg_ctxt['local_ip'] = pg_dir_ips
|
||||||
unit_hostname = get_unit_hostname()
|
unit_hostname = gethostname()
|
||||||
pg_ctxt['pg_hostname'] = unit_hostname
|
pg_ctxt['pg_hostname'] = unit_hostname
|
||||||
|
pg_ctxt['pg_fqdn'] = getfqdn()
|
||||||
from pg_gw_utils import (
|
from pg_gw_utils import (
|
||||||
get_mgmt_interface,
|
get_mgmt_interface,
|
||||||
get_gw_interfaces,
|
get_gw_interfaces,
|
||||||
|
|
|
@ -30,7 +30,8 @@ from pg_gw_utils import (
|
||||||
remove_iovisor,
|
remove_iovisor,
|
||||||
ensure_mtu,
|
ensure_mtu,
|
||||||
add_lcm_key,
|
add_lcm_key,
|
||||||
fabric_interface_changed
|
fabric_interface_changed,
|
||||||
|
load_iptables,
|
||||||
)
|
)
|
||||||
|
|
||||||
hooks = Hooks()
|
hooks = Hooks()
|
||||||
|
@ -42,6 +43,7 @@ def install():
|
||||||
'''
|
'''
|
||||||
Install hook is run when the charm is first deployed on a node.
|
Install hook is run when the charm is first deployed on a node.
|
||||||
'''
|
'''
|
||||||
|
load_iptables()
|
||||||
configure_sources(update=True)
|
configure_sources(update=True)
|
||||||
pkgs = determine_packages()
|
pkgs = determine_packages()
|
||||||
for pkg in pkgs:
|
for pkg in pkgs:
|
||||||
|
@ -98,6 +100,15 @@ def config_changed():
|
||||||
restart_pg()
|
restart_pg()
|
||||||
|
|
||||||
|
|
||||||
|
@hooks.hook('upgrade-charm')
|
||||||
|
def upgrade_charm():
|
||||||
|
load_iptables()
|
||||||
|
ensure_mtu()
|
||||||
|
ensure_files()
|
||||||
|
CONFIGS.write_all()
|
||||||
|
restart_pg()
|
||||||
|
|
||||||
|
|
||||||
@hooks.hook('stop')
|
@hooks.hook('stop')
|
||||||
def stop():
|
def stop():
|
||||||
'''
|
'''
|
||||||
|
|
|
@ -2,8 +2,18 @@
|
||||||
|
|
||||||
# This file contains functions used by the hooks to deploy PLUMgrid Gateway.
|
# This file contains functions used by the hooks to deploy PLUMgrid Gateway.
|
||||||
|
|
||||||
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
|
import pg_gw_context
|
||||||
|
import subprocess
|
||||||
|
import time
|
||||||
|
import os
|
||||||
|
import json
|
||||||
|
from collections import OrderedDict
|
||||||
|
from socket import gethostname as get_unit_hostname
|
||||||
from copy import deepcopy
|
from copy import deepcopy
|
||||||
|
from charmhelpers.contrib.openstack.neutron import neutron_plugin_attribute
|
||||||
|
from charmhelpers.contrib.storage.linux.ceph import modprobe
|
||||||
|
from charmhelpers.core.host import set_nic_mtu
|
||||||
|
from charmhelpers.contrib.openstack import templating
|
||||||
from charmhelpers.core.hookenv import (
|
from charmhelpers.core.hookenv import (
|
||||||
log,
|
log,
|
||||||
config,
|
config,
|
||||||
|
@ -22,33 +32,22 @@ from charmhelpers.core.host import (
|
||||||
service_stop,
|
service_stop,
|
||||||
)
|
)
|
||||||
from charmhelpers.fetch import (
|
from charmhelpers.fetch import (
|
||||||
apt_cache
|
apt_cache,
|
||||||
|
apt_install
|
||||||
)
|
)
|
||||||
from charmhelpers.contrib.storage.linux.ceph import modprobe
|
|
||||||
from charmhelpers.core.host import set_nic_mtu
|
|
||||||
from charmhelpers.contrib.openstack import templating
|
|
||||||
from collections import OrderedDict
|
|
||||||
from charmhelpers.contrib.openstack.utils import (
|
from charmhelpers.contrib.openstack.utils import (
|
||||||
os_release,
|
os_release,
|
||||||
)
|
)
|
||||||
from socket import gethostname as get_unit_hostname
|
|
||||||
import pg_gw_context
|
|
||||||
import subprocess
|
|
||||||
import time
|
|
||||||
import os
|
|
||||||
import json
|
|
||||||
|
|
||||||
LXC_CONF = "/etc/libvirt/lxc.conf"
|
LXC_CONF = "/etc/libvirt/lxc.conf"
|
||||||
TEMPLATES = 'templates/'
|
TEMPLATES = 'templates/'
|
||||||
PG_LXC_DATA_PATH = '/var/lib/libvirt/filesystems/plumgrid-data'
|
PG_LXC_DATA_PATH = '/var/lib/libvirt/filesystems/plumgrid-data'
|
||||||
|
|
||||||
PG_CONF = '%s/conf/pg/plumgrid.conf' % PG_LXC_DATA_PATH
|
PG_CONF = '%s/conf/pg/plumgrid.conf' % PG_LXC_DATA_PATH
|
||||||
PG_HN_CONF = '%s/conf/etc/hostname' % PG_LXC_DATA_PATH
|
PG_HN_CONF = '%s/conf/etc/hostname' % PG_LXC_DATA_PATH
|
||||||
PG_HS_CONF = '%s/conf/etc/hosts' % PG_LXC_DATA_PATH
|
PG_HS_CONF = '%s/conf/etc/hosts' % PG_LXC_DATA_PATH
|
||||||
PG_IFCS_CONF = '%s/conf/pg/ifcs.conf' % PG_LXC_DATA_PATH
|
PG_IFCS_CONF = '%s/conf/pg/ifcs.conf' % PG_LXC_DATA_PATH
|
||||||
AUTH_KEY_PATH = '%s/root/.ssh/authorized_keys' % PG_LXC_DATA_PATH
|
AUTH_KEY_PATH = '%s/root/.ssh/authorized_keys' % PG_LXC_DATA_PATH
|
||||||
IFC_LIST_GW = '/var/run/plumgrid/lxc/ifc_list_gateway'
|
IFC_LIST_GW = '/var/run/plumgrid/lxc/ifc_list_gateway'
|
||||||
|
|
||||||
SUDOERS_CONF = '/etc/sudoers.d/ifc_ctl_sudoers'
|
SUDOERS_CONF = '/etc/sudoers.d/ifc_ctl_sudoers'
|
||||||
|
|
||||||
BASE_RESOURCE_MAP = OrderedDict([
|
BASE_RESOURCE_MAP = OrderedDict([
|
||||||
|
@ -141,9 +140,7 @@ def restart_pg():
|
||||||
'''
|
'''
|
||||||
Stops and Starts PLUMgrid service after flushing iptables.
|
Stops and Starts PLUMgrid service after flushing iptables.
|
||||||
'''
|
'''
|
||||||
service_stop('plumgrid')
|
stop_pg()
|
||||||
time.sleep(30)
|
|
||||||
_exec_cmd(cmd=['iptables', '-F'])
|
|
||||||
service_start('plumgrid')
|
service_start('plumgrid')
|
||||||
time.sleep(30)
|
time.sleep(30)
|
||||||
|
|
||||||
|
@ -153,7 +150,7 @@ def stop_pg():
|
||||||
Stops PLUMgrid service.
|
Stops PLUMgrid service.
|
||||||
'''
|
'''
|
||||||
service_stop('plumgrid')
|
service_stop('plumgrid')
|
||||||
time.sleep(2)
|
time.sleep(30)
|
||||||
|
|
||||||
|
|
||||||
def load_iovisor():
|
def load_iovisor():
|
||||||
|
@ -168,7 +165,7 @@ def remove_iovisor():
|
||||||
Removes iovisor kernel module.
|
Removes iovisor kernel module.
|
||||||
'''
|
'''
|
||||||
_exec_cmd(cmd=['rmmod', 'iovisor'],
|
_exec_cmd(cmd=['rmmod', 'iovisor'],
|
||||||
error_msg='Error Loading Iovisor Kernel Module')
|
error_msg='Error Removing IOVisor Kernel Module')
|
||||||
time.sleep(1)
|
time.sleep(1)
|
||||||
|
|
||||||
|
|
||||||
|
@ -327,3 +324,48 @@ def add_lcm_key():
|
||||||
fa.write('\n')
|
fa.write('\n')
|
||||||
fa.close()
|
fa.close()
|
||||||
return 1
|
return 1
|
||||||
|
|
||||||
|
|
||||||
|
def load_iptables():
|
||||||
|
'''
|
||||||
|
Loads iptables rules to allow all PLUMgrid communication.
|
||||||
|
'''
|
||||||
|
network = get_cidr_from_iface(get_mgmt_interface())
|
||||||
|
if network:
|
||||||
|
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'tcp',
|
||||||
|
'-j', 'ACCEPT', '-s', network, '-d',
|
||||||
|
network, '-m', 'state', '--state', 'NEW'])
|
||||||
|
_exec_cmd(['sudo', 'iptables', '-A', 'INPUT', '-p', 'udp', '-j',
|
||||||
|
'ACCEPT', '-s', network, '-d', network,
|
||||||
|
'-m', 'state', '--state', 'NEW'])
|
||||||
|
apt_install('iptables-persistent')
|
||||||
|
|
||||||
|
|
||||||
|
def get_cidr_from_iface(interface):
|
||||||
|
'''
|
||||||
|
Determines Network CIDR from interface.
|
||||||
|
'''
|
||||||
|
if not interface:
|
||||||
|
return None
|
||||||
|
apt_install('ohai')
|
||||||
|
try:
|
||||||
|
os_info = subprocess.check_output(['ohai', '-l', 'fatal'])
|
||||||
|
except OSError:
|
||||||
|
log('Unable to get operating system information')
|
||||||
|
return None
|
||||||
|
try:
|
||||||
|
os_info_json = json.loads(os_info)
|
||||||
|
except ValueError:
|
||||||
|
log('Unable to determine network')
|
||||||
|
return None
|
||||||
|
device = os_info_json['network']['interfaces'].get(interface)
|
||||||
|
if device is not None:
|
||||||
|
if device.get('routes'):
|
||||||
|
routes = device['routes']
|
||||||
|
for net in routes:
|
||||||
|
if 'scope' in net:
|
||||||
|
return net.get('destination')
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
else:
|
||||||
|
return None
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
pg_gw_hooks.py
|
|
@ -1,5 +1,5 @@
|
||||||
127.0.0.1 localhost
|
127.0.0.1 localhost
|
||||||
127.0.1.1 {{ pg_hostname }}
|
127.0.1.1 {{ pg_fqdn }} {{ pg_hostname }}
|
||||||
|
|
||||||
# The following lines are desirable for IPv6 capable hosts
|
# The following lines are desirable for IPv6 capable hosts
|
||||||
::1 ip6-localhost ip6-loopback
|
::1 ip6-localhost ip6-loopback
|
||||||
|
|
|
@ -5,7 +5,8 @@ import pg_gw_utils as utils
|
||||||
import charmhelpers
|
import charmhelpers
|
||||||
|
|
||||||
TO_PATCH = [
|
TO_PATCH = [
|
||||||
'get_unit_hostname',
|
'gethostname',
|
||||||
|
'getfqdn'
|
||||||
]
|
]
|
||||||
|
|
||||||
|
|
||||||
|
@ -55,7 +56,8 @@ class PGGwContextTest(CharmTestCase):
|
||||||
_npa.side_effect = mock_npa
|
_npa.side_effect = mock_npa
|
||||||
_unit_get.return_value = '192.168.100.201'
|
_unit_get.return_value = '192.168.100.201'
|
||||||
_unit_priv_ip.return_value = '192.168.100.201'
|
_unit_priv_ip.return_value = '192.168.100.201'
|
||||||
self.get_unit_hostname.return_value = 'node0'
|
self.gethostname.return_value = 'node0'
|
||||||
|
self.getfqdn.return_value = 'node0'
|
||||||
_is_clus.return_value = False
|
_is_clus.return_value = False
|
||||||
_config_flag.return_value = False
|
_config_flag.return_value = False
|
||||||
_pg_dir_settings.return_value = {'pg_dir_ip': '192.168.100.201'}
|
_pg_dir_settings.return_value = {'pg_dir_ip': '192.168.100.201'}
|
||||||
|
@ -73,6 +75,7 @@ class PGGwContextTest(CharmTestCase):
|
||||||
'neutron_security_groups': None,
|
'neutron_security_groups': None,
|
||||||
'neutron_url': 'https://192.168.100.201:9696',
|
'neutron_url': 'https://192.168.100.201:9696',
|
||||||
'pg_hostname': 'node0',
|
'pg_hostname': 'node0',
|
||||||
|
'pg_fqdn': 'node0',
|
||||||
'interface': 'juju-br0',
|
'interface': 'juju-br0',
|
||||||
'fabric_interface': 'juju-br0',
|
'fabric_interface': 'juju-br0',
|
||||||
'label': 'node0',
|
'label': 'node0',
|
||||||
|
|
|
@ -30,6 +30,7 @@ TO_PATCH = [
|
||||||
'ensure_mtu',
|
'ensure_mtu',
|
||||||
'add_lcm_key',
|
'add_lcm_key',
|
||||||
'determine_packages',
|
'determine_packages',
|
||||||
|
'load_iptables'
|
||||||
]
|
]
|
||||||
NEUTRON_CONF_DIR = "/etc/neutron"
|
NEUTRON_CONF_DIR = "/etc/neutron"
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue