Change in vdsm[master]: configure verb: replace libvirt_configure.sh call with pytho...
by mtayer@redhat.com
mooli tayer has uploaded a new change for review.
Change subject: configure verb: replace libvirt_configure.sh call with python code.
......................................................................
configure verb: replace libvirt_configure.sh call with python code.
Change-Id: Ie37988ef230f889e7154e504a889f28db5be7328
Signed-off-by: Mooli Tayer <mtayer(a)redhat.com>
---
M lib/vdsm/constants.py.in
M lib/vdsm/tool/configurator.py
M lib/vdsm/utils.py
M tests/toolTests.py
4 files changed, 168 insertions(+), 21 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/30/27130/1
diff --git a/lib/vdsm/constants.py.in b/lib/vdsm/constants.py.in
index 90a04a0..35ead6d 100644
--- a/lib/vdsm/constants.py.in
+++ b/lib/vdsm/constants.py.in
@@ -42,7 +42,11 @@
QEMU_PROCESS_GROUP = '@QEMUGROUP@'
# Sanlock definitions
+SANLOCK_ENABLED = '@ENABLE_LIBVIRT_SANLOCK@' == 'yes'
SANLOCK_USER = '@SNLKUSER@'
+
+# Libvirt selinux
+LIBVIRT_SELINUX = '@ENABLE_LIBVIRT_SELINUX@' == 'yes'
#
# The username of SASL authenticating for libvirt connection
@@ -75,6 +79,7 @@
P_VDSM_CONF = '@CONFDIR@/'
P_VDSM_KEYS = '/etc/pki/vdsm/keys/'
P_VDSM_LIBVIRT_PASSWD = P_VDSM_KEYS + 'libvirt_password'
+P_VDSM_CERT = '/etc/pki/vdsm/certs/vdsmcert.pem'
P_VDSM_CLIENT_LOG = '@VDSMRUNDIR(a)/client.log'
P_VDSM_LOG = '@VDSMLOGDIR@'
diff --git a/lib/vdsm/tool/configurator.py b/lib/vdsm/tool/configurator.py
index 53d9875..e782762 100644
--- a/lib/vdsm/tool/configurator.py
+++ b/lib/vdsm/tool/configurator.py
@@ -26,23 +26,122 @@
import rpm
import shutil
import traceback
+import uuid
from .. import utils
-from . import service, expose
+from . import service, expose, validate_ovirt_certs
from .configfile import ConfigFile
-from ..constants import P_VDSM_EXEC, QEMU_PROCESS_GROUP, VDSM_GROUP, \
- SANLOCK_USER, SYSCONF_PATH
+from ..constants import P_VDSM_EXEC, QEMU_PROCESS_GROUP, \
+ SANLOCK_USER, VDSM_GROUP, SYSCONF_PATH, P_VDSM_CERT, \
+ SANLOCK_ENABLED, LIBVIRT_SELINUX
+from vdsm.config import config
+
+try:
+ from ovirtnode import ovirtfunctions
+except ImportError:
+ pass
CONF_PREFIX = '## beginning of configuration section by vdsm'
CONF_SUFFIX = '## end of configuration section by vdsm'
+CONF_VER = '4.13.0'
+PKI = os.path.join(SYSCONF_PATH, 'pki/vdsm')
+CA_FILE = os.path.join(PKI, 'certs/cacert.pem')
+CERT_FILE = os.path.join(PKI, 'certs/vdsmcert.pem')
+KEY_FILE = os.path.join(PKI, 'keys/vdsmkey.pem')
+LS_CERT_DIR = os.path.join(PKI, 'libvirt-spice')
+
+VDSMM_CONF = os.path.join(SYSCONF_PATH, '/etc/vdsm/vdsm.conf')
+
+# Libvirt daemon configuration
LCONF = os.path.join(SYSCONF_PATH, '/etc/libvirt/libvirtd.conf')
+LCONF_GENERAL = {
+ 'listen_addr': '"0.0.0.0"',
+ 'unix_sock_group': '"qemu"',
+ 'unix_sock_rw_perms': '"0770"',
+ 'auth_unix_rw': '"sasl"',
+ 'host_uuid': uuid.uuid4(),
+ 'keepalive_interval': -1,
+ # FIXME until we are confident with libvirt integration,
+ # let us have a verbose log
+ 'log_outputs': '"1:file:/var/log/libvirt/libvirtd.log"',
+ 'log_filters': '"3:virobject 3:virfile 2:virnetlink \
+ 3:cgroup 3:event 3:json 1:libvirt 1:util 1:qemu"',
+}
+LCONF_SSL = {
+ 'ca_file': '\"' + CA_FILE + '\"',
+ 'cert_file': '\"' + CERT_FILE + '\"',
+ 'key_file': '\"' + KEY_FILE + '\"',
+}
+LCONF_NO_SSL = {
+ 'auth_tcp': '"none"',
+ 'listen_tcp': 1,
+ 'listen_tls': 0,
+}
+
+# qemu configuration
QCONF = os.path.join(SYSCONF_PATH, 'libvirt/qemu.conf')
+QCONF_GENERAL = {
+ 'dynamic_ownership': 0,
+ 'save_image_format': '"lzop"',
+ 'remote_display_port_min': 5900,
+ 'remote_display_port_max': 6923,
+ 'auto_dump_path': "/var/log/core",
+}
+
+QCONF_NO_SELINUX = {
+ 'security_driver': '"none"',
+}
+
+QCONF_SANLOCK = {
+ 'lock_manager': '"sanlock"'
+}
+
+QCONF_SSL = {
+ 'spice_tls': 1
+}
+
+QCONF_NO_SSL = {
+ 'spice_tls': 0
+}
+
+QCONF_SSL_CERTS = {
+ 'spice_tls_x509_cert_dir': '\"' + LS_CERT_DIR + '\"'
+}
+
+# libvirt sysconfig file
LDCONF = os.path.join(SYSCONF_PATH, '/sysconfig/libvirtd')
+LDCONF_GENERAL = {
+ 'LIBVIRTD_ARGS': '--listen',
+ 'DAEMON_COREFILE_LIMIT': 'unlimited',
+}
+
+# sanlock configuration file
QLCONF = os.path.join(SYSCONF_PATH, 'libvirt/qemu-sanlock.conf')
+
+QLCONF_SANLOCK = {
+ 'auto_disk_leases': 0,
+ 'require_lease_for_disks': 0,
+}
+
+# libvirt log rotate configuration
+LRCONF = os.path.join(SYSCONF_PATH, '/etc/logrotate.d/libvirtd')
+
+LLOGR_CONF = """
+/var/log/libvirt/libvirtd.log {
+ rotate 100
+ missingok
+ copytruncate
+ size 15M
+ compress
+ compresscmd /usr/bin/xz
+ uncompresscmd /usr/bin/unxz
+ compressext .xz
+}
+"""
class _ModuleConfigure(object):
@@ -114,7 +213,58 @@
return (os.path.join(P_VDSM_EXEC, 'libvirt_configure.sh'), )
def configure(self):
- self._exec_libvirt_configure("reconfigure")
+ self.libvirtd_sysv2upstart()
+ if utils.isOvirtNode():
+ # TODO mtayer: Move the existance check to validate_ovirt_certs?
+ if not os.path.exists(P_VDSM_CERT):
+ raise RuntimeError(
+ "vdsm: Missing certificate, vdsm not registered")
+ validate_ovirt_certs.validate_ovirt_certs()
+ # Remove a previous configuration (if present)
+ self.removeConf()
+ lconf_maps = [LCONF_GENERAL]
+ qconf_maps = [QCONF_GENERAL]
+ ldconf_maps = [LDCONF_GENERAL]
+ qlconf_maps = []
+ # determine configuration
+ config.read(VDSMM_CONF)
+ if config.getboolean('vars', 'ssl'):
+ qconf_maps.append(QCONF_SSL)
+ if all(os.path.isfile(f) for f in
+ [CA_FILE, CERT_FILE, KEY_FILE]):
+ lconf_maps.append(LCONF_SSL)
+ qconf_maps.append(QCONF_SSL_CERTS)
+ else:
+ lconf_maps.append(LCONF_NO_SSL)
+ else:
+ qconf_maps.append(QCONF_NO_SSL)
+ lconf_maps.append(LCONF_NO_SSL)
+ if SANLOCK_ENABLED:
+ qconf_maps.append(QCONF_SANLOCK)
+ qlconf_maps.append(QLCONF_SANLOCK)
+ if not LIBVIRT_SELINUX:
+ qconf_maps.append(QCONF_NO_SELINUX)
+
+ # write configuration
+ for file_name, configuration_maps in \
+ [(LCONF, lconf_maps), (QCONF, qconf_maps),
+ (LDCONF, ldconf_maps), (QLCONF, qlconf_maps)]:
+ with ConfigFile(file_name,
+ '-'.join((CONF_PREFIX, CONF_VER)),
+ '-'.join((CONF_SUFFIX, CONF_VER))) as conff:
+ for key, val in dict(configuration_maps):
+ conff.addEntry(key, val)
+
+ os.remove('/etc/libvirt/qemu/networks/autostart/default.xml')
+
+ with ConfigFile(LRCONF, CONF_PREFIX, CONF_SUFFIX) as conf:
+ conf.prefixLines('# VDSM backup')
+ conf.prependSection(LLOGR_CONF)
+
+ for fname in (LCONF, QCONF, LDCONF, QLCONF, LRCONF):
+ if utils.isOvirtNode() and ovirtfunctions:
+ ovirtfunctions.ovirt_store_config(fname)
+ sys.stdout.write("Reconfiguration of libvirt is done.")
def libvirtd_sysv2upstart(self):
"""
@@ -178,7 +328,7 @@
conff.removeConf()
def _get_conf_files(self):
- return LCONF, QCONF, LDCONF, QLCONF
+ return LCONF, QCONF, QLCONF, LDCONF
class SanlockModuleConfigure(_ModuleConfigure):
diff --git a/lib/vdsm/utils.py b/lib/vdsm/utils.py
index cd178da..b1ed86c 100644
--- a/lib/vdsm/utils.py
+++ b/lib/vdsm/utils.py
@@ -1149,6 +1149,14 @@
sys.exit(-3)
+@memoized
+def isOvirtNode():
+ return (
+ os.path.exists('/etc/rhev-hypervisor-release') or
+ glob.glob('/etc/ovirt-node-*-release')
+ )
+
+
# Copied from
# http://docs.python.org/2.6/library/itertools.html?highlight=grouper#recipes
def grouper(iterable, n, fillvalue=None):
diff --git a/tests/toolTests.py b/tests/toolTests.py
index 8752a99..cfa7ed5 100644
--- a/tests/toolTests.py
+++ b/tests/toolTests.py
@@ -172,22 +172,6 @@
self._setConfig('LCONF', 'empty')
self.assertFalse(libvirtConfigure.isconfigured())
- def testLibvirtConfigureToSSLTrue(self):
- libvirtConfigure = configurator.LibvirtModuleConfigure(test_env)
- self._setConfig('LCONF', 'empty')
- self._setConfig('VDSM_CONF_FILE', 'withssl')
- self.assertFalse(libvirtConfigure.isconfigured())
- libvirtConfigure.configure()
- self.assertTrue(libvirtConfigure.isconfigured())
-
- def testLibvirtConfigureToSSLFalse(self):
- libvirtConfigure = configurator.LibvirtModuleConfigure(test_env)
- self._setConfig('LCONF', 'empty')
- self._setConfig('VDSM_CONF_FILE', 'withnossl')
- self.assertFalse(libvirtConfigure.isconfigured())
- libvirtConfigure.configure()
- self.assertTrue(libvirtConfigure.isconfigured())
-
class ConfigFileTests(TestCase):
def setUp(self):
--
To view, visit http://gerrit.ovirt.org/27130
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Ie37988ef230f889e7154e504a889f28db5be7328
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: mooli tayer <mtayer(a)redhat.com>
9 years, 12 months
Change in vdsm[master]: This commit only adds the libvirtd_sysv2upstart to configura...
by mtayer@redhat.com
mooli tayer has uploaded a new change for review.
Change subject: This commit only adds the libvirtd_sysv2upstart to configurator. It will be used in a seperate commit.
......................................................................
This commit only adds the libvirtd_sysv2upstart to configurator.
It will be used in a seperate commit.
Change-Id: I872100a6d28ea6da40e6896939aeff4b514f3e71
Signed-off-by: Mooli Tayer <mtayer(a)redhat.com>
---
M lib/vdsm/tool/configurator.py
1 file changed, 39 insertions(+), 0 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/58/26958/1
diff --git a/lib/vdsm/tool/configurator.py b/lib/vdsm/tool/configurator.py
index f0944f3..744a8c6 100644
--- a/lib/vdsm/tool/configurator.py
+++ b/lib/vdsm/tool/configurator.py
@@ -21,6 +21,10 @@
import sys
import grp
import argparse
+import filecmp
+import itertools
+import rpm
+import shutil
from .. import utils
from . import service, expose
@@ -96,6 +100,41 @@
def configure(self):
self._exec_libvirt_configure("reconfigure")
+ def libvirtd_sysv2upstart(self):
+ """
+ On RHEL 6, libvirtd can be started by either SysV init or Upstart.
+ We prefer upstart because it respawns libvirtd if when libvirtd
+ crashed.
+ """
+ INITCTL = '/sbin/initctl'
+ LIBVIRTD_UPSTART = 'libvirtd.upstart'
+ TARGET = "/etc/init/libvirtd.conf"
+ if os.path.isfile(INITCTL) and os.access(INITCTL, os.X_OK):
+ ts = rpm.TransactionSet()
+ mi = itertools.chain(*[ts.dbMatch('name', name)
+ for name in ['libvirt', 'libvirt-daemon']])
+ # libvirtd package does not provide libvirtd.upstart,
+ # this could happen in Ubuntu or other distro,
+ # so continue to use system default init mechanism
+ for filename in itertools.chain(*[h[rpm.RPMTAG_FILENAMES]
+ for h in mi]):
+ if LIBVIRTD_UPSTART in filename:
+ packeged = filename
+ break
+ if packeged is not None and os.path.isfile(packeged):
+ if not os.path.isfile(TARGET):
+ service.service_stop('libvirtd')
+ if not os.path.isfile(TARGET) or \
+ not filecmp.cmp(packeged, TARGET):
+ shutil.copyfile(packeged, TARGET)
+ rc, out, err = utils.execCmd((INITCTL,
+ "reload-configuration"))
+ if rc != 0:
+ sys.stdout.write(out)
+ sys.stderr.write(err)
+ raise RuntimeError(
+ "Failed to reload upstart configuration.")
+
def validate(self):
"""
Validate conflict in configured files
--
To view, visit http://gerrit.ovirt.org/26958
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I872100a6d28ea6da40e6896939aeff4b514f3e71
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: mooli tayer <mtayer(a)redhat.com>
9 years, 12 months
Change in vdsm[ovirt-3.4]: Create destination image as preallocated only if format is RAW
by tnisan@redhat.com
Tal Nisan has uploaded a new change for review.
Change subject: Create destination image as preallocated only if format is RAW
......................................................................
Create destination image as preallocated only if format is RAW
Create a destination image as preallocated only when the destination
domain does not supports sparseness and the image format is RAW, otherwise
create it as sparse
Signed-off-by: Tal Nisan <tnisan(a)redhat.com>
Bug-Url: https://bugzilla.redhat.com/1091956
Change-Id: I209bae70252a52f8a66be42a718c3dd73f2a6bd3
---
M vdsm/storage/image.py
1 file changed, 2 insertions(+), 1 deletion(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/74/27274/1
diff --git a/vdsm/storage/image.py b/vdsm/storage/image.py
index 637d4c8..830c9c5 100644
--- a/vdsm/storage/image.py
+++ b/vdsm/storage/image.py
@@ -358,7 +358,8 @@
# we create the target as a sparse volume (since it will be
# soon filled with the data coming from the copy) and then
# we change its metadata back to the original value.
- if destDom.supportsSparseness:
+ if (destDom.supportsSparseness or
+ volParams['volFormat'] != volume.RAW_FORMAT):
tmpVolPreallocation = volume.SPARSE_VOL
else:
tmpVolPreallocation = volume.PREALLOCATED_VOL
--
To view, visit http://gerrit.ovirt.org/27274
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I209bae70252a52f8a66be42a718c3dd73f2a6bd3
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: ovirt-3.4
Gerrit-Owner: Tal Nisan <tnisan(a)redhat.com>
9 years, 12 months
Change in vdsm[master]: core: return lver/spm id from pool metadata
by laravot@redhat.com
Liron Ar has uploaded a new change for review.
Change subject: core: return lver/spm id from pool metadata
......................................................................
core: return lver/spm id from pool metadata
Currently the lver/spm id are being returned as they appear in the
cluster lock if supported.
The fenceSpmStorage verb is currently used to manually confirm that
there's no current spm on the responsibillity of the caller. This verb
updates the lver/spm id in the pool metadata to indicate that the spm
role is free.
This won't help us currently as getSpmStatus will return the info from
the cluster lock (if supported) which wasn't edited at all. As currently
we can't edit the information return from cluster lock, we can return
the same results as in case it wasn't supported by the cluster lock.
Right now the solution is implemented in StoragePoolDiskBackend only as
a bug fix, as StoragePoolMemoryBackend isn't being used at the moment.
Change-Id: I460801329a9a1c5ee940bce22566ad3d29b351de
Signed-off-by: Liron Aravot <laravot(a)redhat.com>
---
M vdsm/storage/spbackends.py
1 file changed, 8 insertions(+), 19 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/26/27226/1
diff --git a/vdsm/storage/spbackends.py b/vdsm/storage/spbackends.py
index d090d5a..86714a3 100644
--- a/vdsm/storage/spbackends.py
+++ b/vdsm/storage/spbackends.py
@@ -26,7 +26,6 @@
import sd
import storage_exception as se
-from clusterlock import InquireNotSupportedError
from persistentDict import DictValidator
from persistentDict import unicodeDecoder
from persistentDict import unicodeEncoder
@@ -217,26 +216,16 @@
@unsecured
def getSpmStatus(self):
- try:
- # If the cluster lock implements inquire (e.g. sanlock) then we
- # can fetch the spmId and the lVer from it.
- lVer, spmId = self.masterDomain.inquireClusterLock()
- lVer, spmId = lVer or LVER_INVALID, spmId or SPM_ID_FREE
- except InquireNotSupportedError:
- # Legacy implementation for cluster locks that are not able to
- # return the spmId and the lVer.
+ poolMeta = self._getPoolMD(self.masterDomain)
+
+ # if we claim that we were the SPM (but we're currently not) we
+ # have to make sure that we're not returning stale data
+ if (poolMeta[PMDK_SPM_ID] == self.id
+ and not self.spmRole == SPM_ACQUIRED):
+ self.invalidateMetadata()
poolMeta = self._getPoolMD(self.masterDomain)
- # if we claim that we were the SPM (but we're currently not) we
- # have to make sure that we're not returning stale data
- if (poolMeta[PMDK_SPM_ID] == self.id
- and not self.spmRole == SPM_ACQUIRED):
- self.invalidateMetadata()
- poolMeta = self._getPoolMD(self.masterDomain)
-
- lVer, spmId = poolMeta[PMDK_LVER], poolMeta[PMDK_SPM_ID]
-
- return lVer, spmId
+ return poolMeta[PMDK_LVER], poolMeta[PMDK_SPM_ID]
def setSpmStatus(self, lVer=None, spmId=None):
self.invalidateMetadata()
--
To view, visit http://gerrit.ovirt.org/27226
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I460801329a9a1c5ee940bce22566ad3d29b351de
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Liron Ar <laravot(a)redhat.com>
9 years, 12 months
Change in vdsm[master]: storage: fix pep issue with image.py
by Douglas Schilling Landgraf
Douglas Schilling Landgraf has uploaded a new change for review.
Change subject: storage: fix pep issue with image.py
......................................................................
storage: fix pep issue with image.py
This patch fix the if indentation that pep complains.
Introduced by patch 7b4bd1b4.
Change-Id: I82b7e096292799b5c7e7f7f595e094643014ea69
Signed-off-by: Douglas Schilling Landgraf <dougsland(a)redhat.com>
---
M vdsm/storage/image.py
1 file changed, 1 insertion(+), 1 deletion(-)
git pull ssh://gerrit.ovirt.org:29418/vdsm refs/changes/73/27273/1
diff --git a/vdsm/storage/image.py b/vdsm/storage/image.py
index 3d32a22..f50ad29 100644
--- a/vdsm/storage/image.py
+++ b/vdsm/storage/image.py
@@ -359,7 +359,7 @@
# soon filled with the data coming from the copy) and then
# we change its metadata back to the original value.
if (destDom.supportsSparseness or
- volParams['volFormat'] != volume.RAW_FORMAT):
+ volParams['volFormat'] != volume.RAW_FORMAT):
tmpVolPreallocation = volume.SPARSE_VOL
else:
tmpVolPreallocation = volume.PREALLOCATED_VOL
--
To view, visit http://gerrit.ovirt.org/27273
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I82b7e096292799b5c7e7f7f595e094643014ea69
Gerrit-PatchSet: 1
Gerrit-Project: vdsm
Gerrit-Branch: master
Gerrit-Owner: Douglas Schilling Landgraf <dougsland(a)redhat.com>
9 years, 12 months