[eucalyptus/f18] Multiple eucalyptus-console fixes
Andy Grimm
arg at fedoraproject.org
Tue Mar 5 21:51:02 UTC 2013
commit 27ba1b8602d3e04dcc1ba5411b65a490a2e868ee
Author: Andy Grimm <agrimm at gmail.com>
Date: Tue Mar 5 16:50:53 2013 -0500
Multiple eucalyptus-console fixes
eucalyptus-EUCA-5306.patch | 105 +++++++++++++++++++++++++++
eucalyptus-console.service | 2 +-
eucalyptus-no-console-cert-validation.patch | 11 ---
eucalyptus.spec | 49 +++++++++++--
4 files changed, 150 insertions(+), 17 deletions(-)
---
diff --git a/eucalyptus-EUCA-5306.patch b/eucalyptus-EUCA-5306.patch
new file mode 100644
index 0000000..1730049
--- /dev/null
+++ b/eucalyptus-EUCA-5306.patch
@@ -0,0 +1,105 @@
+From 68f06dbdd5af301647840ff4f7e648f83a5151f7 Mon Sep 17 00:00:00 2001
+From: dkavanagh <dkavanagh at gmail.com>
+Date: Tue, 5 Mar 2013 16:18:37 -0500
+Subject: [PATCH] EUCA-5306
+ fixes references to placement and handles turning ssl cert validation off, both needed for boto greater than 2.5.2
+
+---
+ console/eucaconsole/botoclcinterface.py | 7 ++++++-
+ console/static/js/dashboard.js | 6 +++++-
+ console/static/js/instance.js | 13 ++++++++++++-
+ console/static/js/volume.js | 10 +++++++++-
+ 4 files changed, 32 insertions(+), 4 deletions(-)
+
+diff --git a/console/eucaconsole/botoclcinterface.py b/console/eucaconsole/botoclcinterface.py
+index 6302a12..2f9c765 100644
+--- a/console/eucaconsole/botoclcinterface.py
++++ b/console/eucaconsole/botoclcinterface.py
+@@ -51,9 +51,14 @@ class BotoClcInterface(ClcInterface):
+ port=443
+ except ConfigParser.Error:
+ pass
+- self.conn = EC2Connection(access_id, secret_key, region=reg,
++ if boto.__version__ < 2.6:
++ self.conn = EC2Connection(access_id, secret_key, region=reg,
+ port=port, path=path,
+ is_secure=True, security_token=token, debug=0)
++ else:
++ self.conn = EC2Connection(access_id, secret_key, region=reg,
++ port=port, path=path, validate_certs=False,
++ is_secure=True, security_token=token, debug=0)
+ self.conn.APIVersion = '2012-03-01'
+ self.conn.http_connection_kwargs['timeout'] = 30
+
+diff --git a/console/static/js/dashboard.js b/console/static/js/dashboard.js
+index c75eeb1..56dec91 100644
+--- a/console/static/js/dashboard.js
++++ b/console/static/js/dashboard.js
+@@ -101,7 +101,11 @@
+ var az=$instObj.find('#dashboard-instance-az select').val();
+ var results = describe('instance');
+ $.each(results, function (idx, instance){
+- if (az==='all' || instance.placement === az ){
++ var placement = instance.placement;
++ if (placement == undefined) {
++ placement = instance._placement.zone;
++ }
++ if (az==='all' || placement === az ){
+ var state = instance.state;
+ if (state == undefined) {
+ state = instance._state.name;
+diff --git a/console/static/js/instance.js b/console/static/js/instance.js
+index 462a060..1236fcb 100644
+--- a/console/static/js/instance.js
++++ b/console/static/js/instance.js
+@@ -91,7 +91,15 @@
+ },
+ },
+ { "mDataProp": "image_id"},
+- { "mDataProp": "placement" },
++ {
++ "fnRender": function(oObj) {
++ var placement = oObj.aData.placement;
++ if (placement == undefined) {
++ placement = oObj.aData._placement.zone;
++ }
++ return placement;
++ }
++ },
+ {
+ "mDataProp": "public_dns_name",
+ "sClass": "wrap-content"
+@@ -975,6 +983,9 @@
+
+ var selectedType = instance.instance_type;
+ var zone = instance.placement;
++ if (zone == undefined) {
++ zone = oObj.aData._placement.zone;
++ }
+ $summary = $('<div>').append(
+ $('<div>').attr('id','summary-type-insttype').append($('<div>').text(launch_instance_summary_type), $('<span>').text(selectedType)),
+ $('<div>').attr('id','summary-type-zone').append($('<div>').text(launch_instance_summary_zone), $('<span>').text(zone)),
+diff --git a/console/static/js/volume.js b/console/static/js/volume.js
+index 8f7801c..5bcef0d 100644
+--- a/console/static/js/volume.js
++++ b/console/static/js/volume.js
+@@ -343,7 +343,15 @@
+ if ( volume && results ) {
+ for( res in results) {
+ var instance = results[res];
+- if ( instance.state === 'running' && instance.placement === volume.zone)
++ var state = instance.state;
++ if (state == undefined) {
++ state = instance._state.name;
++ }
++ var placement = instance.placement;
++ if (placement == undefined) {
++ placement = instance._placement.zone;
++ }
++ if ( state === 'running' && placement === volume.zone)
+ inst_ids.push(instance.id);
+ }
+ }
+--
+1.7.2.2
+
diff --git a/eucalyptus-console.service b/eucalyptus-console.service
index 1d48f49..27dae70 100644
--- a/eucalyptus-console.service
+++ b/eucalyptus-console.service
@@ -1,5 +1,5 @@
[Unit]
-Description=The Eucalyptus Cluster Controller service
+Description=The Eucalyptus User Console service
After=syslog.target network.target remote-fs.target nss-lookup.target
[Service]
diff --git a/eucalyptus.spec b/eucalyptus.spec
index 19d89f2..601bc26 100644
--- a/eucalyptus.spec
+++ b/eucalyptus.spec
@@ -14,7 +14,7 @@
Summary: Elastic Utility Computing Architecture
Name: eucalyptus
Version: 3.2.1
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv3 and (GPLv3 and ASL 2.0) and (GPLv3 and BSD)
URL: http://www.eucalyptus.com
Group: Applications/System
@@ -209,8 +209,10 @@ Patch27: eucalyptus-bad-tgt-check.patch
Patch28: eucalyptus-unlink-mod_rampart.patch
# cert validation in boto 2.6.0 breaks the user console,
-# since the CLC has a self-signed cert
-Patch29: eucalyptus-no-console-cert-validation.patch
+# since the CLC has a self-signed cert. There's some other
+# required patching for this boto version, too.
+# https://eucalyptus.atlassian.net/browse/EUCA-5306
+Patch29: eucalyptus-EUCA-5306.patch
%description
Eucalyptus is a service overlay that implements elastic computing
@@ -791,8 +793,8 @@ staticpath: /usr/share/eucalyptus-console/static
# on the first run of the service.
#
# Fixes EUCA-3901
-sed -i -e 's@^#sslcert:.*$@sslcert: /etc/eucalyptus-console/console.crt@' \
- -e 's@^#sslkey:.*$@sslkey: /etc/eucalyptus-console/console.key@' \
+sed -i -e 's@^#sslcert=.*$@sslcert: /etc/eucalyptus-console/console.crt@' \
+ -e 's@^#sslkey=.*$@sslkey: /etc/eucalyptus-console/console.key@' \
$RPM_BUILD_ROOT/etc/eucalyptus-console/console.ini
# Create directory for pid file
@@ -1003,8 +1005,41 @@ udevadm control --reload-rules
usermod -a -G kvm eucalyptus
%systemd_post eucalyptus-nc.service
+%define sslcert %{_sysconfdir}/eucalyptus-console/console.crt
+%define sslkey %{_sysconfdir}/eucalyptus-console/console.key
+
%post console
%systemd_post eucalyptus-console.service
+umask 077
+
+if [ -f %{sslkey} -o -f %{sslcert} ]; then
+ exit 0
+fi
+
+%{_bindir}/openssl genrsa -rand /proc/apm:/proc/cpuinfo:/proc/dma:/proc/filesystems:/proc/interrupts:/proc/ioports:/proc/pci:/proc/rtc:/proc/uptime 1024 > %{sslkey} 2> /dev/null
+
+cn=$( getent hosts $(hostname) | awk '{ print $2 }' )
+if [ -z "$cn" ]; then
+ cn=$(hostname)
+ if [ -z "$cn" ]; then
+ cn=localhost.localdomain
+ fi
+fi
+
+cat <<EOF | %{_bindir}/openssl req -new -key %{sslkey} \
+ -x509 -days 365 -set_serial $RANDOM -extensions v3_req \
+ -out %{sslcert} 2>/dev/null
+US
+CA
+"Santa Barbara"
+"Eucalyptus Systems, Inc."
+"Eucalyptus User Console"
+$cn
+eucaconsole@$cn
+EOF
+
+chown eucaconsole:eucaconsole %{sslcert}
+chown eucaconsole:eucaconsole %{sslkey}
%preun common-java
%systemd_preun eucalyptus-cloud.service
@@ -1025,6 +1060,10 @@ if [ "$1" = "0" ]; then
fi
%changelog
+* Tue Mar 5 2013 Andy Grimm <agrimm at gmail.com> - 3.2.1-2
+- Fix eucalyptus-console systemd unit name (RHBZ#917434)
+- Generate SSL certs for eucalyptus-console (RHBZ#917433)
+
* Thu Feb 28 2013 Andy Grimm <agrimm at gmail.com> - 3.2.1-1
- Update to 3.2.1 (CVE-2012-4066)
More information about the scm-commits
mailing list