CLOUDSTACK-2792: Call savepassword.sh inside VR for Xen Also only set password when password service is running, thus avoid setting for redundant router BACKUP router.
Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/3c8be550 Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/3c8be550 Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/3c8be550 Branch: refs/heads/4.2 Commit: 3c8be550f0dbde0e2cc8ca2d8c190e9e8d6daf9c Parents: 93188b4 Author: Sheng Yang <sheng.y...@citrix.com> Authored: Thu Oct 17 18:46:08 2013 -0700 Committer: Sheng Yang <sheng.y...@citrix.com> Committed: Thu Oct 17 18:46:08 2013 -0700 ---------------------------------------------------------------------- .../virtualnetwork/VirtualRoutingResource.java | 14 ++--- .../debian/config/opt/cloud/bin/savepassword.sh | 62 ++++++++++++++++++++ .../redundant_router/check_heartbeat.sh.templ | 5 +- .../config/root/redundant_router/fault.sh.templ | 4 ++ .../systemvm/debian/config/root/savepassword.sh | 58 ------------------ .../vmware/resource/VmwareResource.java | 4 +- .../xen/resource/CitrixResourceBase.java | 8 +-- 7 files changed, 79 insertions(+), 76 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java ---------------------------------------------------------------------- diff --git a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java index 2354391..0fc6dd1 100755 --- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java +++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java @@ -549,13 +549,14 @@ public class VirtualRoutingResource implements Manager { final String vmIpAddress = cmd.getVmIpAddress(); final String local = vmName; - // Run save_password_to_domr.sh - final String result = savePassword(routerPrivateIPAddress, vmIpAddress, password, local); + String args = "-v " + vmIpAddress; + args += " -p " + password; + + String result = routerProxy("savepassword.sh", routerPrivateIPAddress, args); if (result != null) { return new Answer(cmd, false, "Unable to save password to DomR."); - } else { - return new Answer(cmd); } + return new Answer(cmd); } protected Answer execute (final DhcpEntryCommand cmd) { @@ -1169,11 +1170,6 @@ public class VirtualRoutingResource implements Manager { throw new ConfigurationException("Unable to find the call_loadbalancer.sh"); } - _savepasswordPath = findScript("save_password_to_domr.sh"); - if(_savepasswordPath == null) { - throw new ConfigurationException("Unable to find save_password_to_domr.sh"); - } - _dhcpEntryPath = findScript("dhcp_entry.sh"); if(_dhcpEntryPath == null) { throw new ConfigurationException("Unable to find dhcp_entry.sh"); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh ---------------------------------------------------------------------- diff --git a/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh b/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh new file mode 100644 index 0000000..9c59757 --- /dev/null +++ b/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh @@ -0,0 +1,62 @@ +#!/bin/bash +# Copyright 2012 Citrix Systems, Inc. Licensed under the +# Apache License, Version 2.0 (the "License"); you may not use this +# file except in compliance with the License. Citrix Systems, Inc. +# reserves all rights not expressly granted by the License. +# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +# Automatically generated by addcopyright.py at 04/03/2012 + + + + + +# Usage +# save_password -v <user VM IP> -p <password> + +source /root/func.sh + +lock="passwdlock" +#default timeout value is 30 mins as password reset command is not synchronized on agent side any more, +#and multiple commands can be sent to the same VR at a time +locked=$(getLockFile $lock 1800) +if [ "$locked" != "1" ] +then + exit 1 +fi + +PASSWD_FILE=/var/cache/cloud/passwords + +while getopts 'v:p:' OPTION +do + case $OPTION in + v) VM_IP="$OPTARG" + ;; + p) + ENCODEDPASSWORD="$OPTARG" + PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]') + ;; + ?) echo "Incorrect usage" + unlock_exit 1 $lock $locked + ;; + esac +done + +[ -f $PASSWD_FILE ] || touch $PASSWD_FILE + +sed -i /$VM_IP/d $PASSWD_FILE + +ps aux | grep serve_password.sh |grep -v grep 2>&1 > /dev/null +if [ $? -eq 0 ] +then + echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE +else + echo "$VM_IP=saved_password" >> $PASSWD_FILE +fi + +unlock_exit $? $lock $locked http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ ---------------------------------------------------------------------- diff --git a/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ b/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ index 1a390e6..95cabd6b 100755 --- a/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ +++ b/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ @@ -25,10 +25,13 @@ then if [ $diff -lt 30 ] then echo Keepalived process is dead! >> [RROUTER_LOG] + [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1 + [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 + [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1 service keepalived stop >> [RROUTER_LOG] 2>&1 service conntrackd stop >> [RROUTER_LOG] 2>&1 pkill -9 keepalived >> [RROUTER_LOG] 2>&1 - [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 + pkill -9 conntrackd >> [RROUTER_LOG] 2>&1 echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG] exit fi http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ ---------------------------------------------------------------------- diff --git a/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ b/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ index aecb08d..c008a9c 100644 --- a/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ +++ b/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ @@ -27,7 +27,11 @@ fi echo To fault called >> [RROUTER_LOG] [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1 +echo Disable public ip >> [RROUTER_LOG] +[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1 +echo Stop services $? >> [RROUTER_LOG] [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1 +echo Switch conntrackd mode fault $? >> [RROUTER_LOG] echo Status: FAULT >> [RROUTER_LOG] releaseLockFile $lock $locked http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/patches/systemvm/debian/config/root/savepassword.sh ---------------------------------------------------------------------- diff --git a/patches/systemvm/debian/config/root/savepassword.sh b/patches/systemvm/debian/config/root/savepassword.sh deleted file mode 100755 index fc73603..0000000 --- a/patches/systemvm/debian/config/root/savepassword.sh +++ /dev/null @@ -1,58 +0,0 @@ -#!/bin/bash -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. - - - - -# Usage -# save_password -v <user VM IP> -p <password> - -source /root/func.sh - -lock="passwdlock" -#default timeout value is 30 mins as password reset command is not synchronized on agent side any more, -#and multiple commands can be sent to the same VR at a time -locked=$(getLockFile $lock 1800) -if [ "$locked" != "1" ] -then - exit 1 -fi - -PASSWD_FILE=/var/cache/cloud/passwords - -while getopts 'v:p:' OPTION -do - case $OPTION in - v) VM_IP="$OPTARG" - ;; - p) - ENCODEDPASSWORD="$OPTARG" - PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]') - ;; - ?) echo "Incorrect usage" - unlock_exit 1 $lock $locked - ;; - esac -done - -[ -f $PASSWD_FILE ] || touch $PASSWD_FILE - -sed -i /$VM_IP/d $PASSWD_FILE -echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE - -unlock_exit $? $lock $locked http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java index 464fd20..8ee2b10 100755 --- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java +++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java @@ -2084,7 +2084,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa String args = " -v " + vmIpAddress; if (s_logger.isDebugEnabled()) { - s_logger.debug("Run command on domain router " + controlIp + ", /root/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword())); + s_logger.debug("Run command on domain router " + controlIp + ", /opt/cloud/bin/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword())); } args += " -p " + password; @@ -2092,7 +2092,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa try { VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME); - Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/root/savepassword.sh " + args); + Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/savepassword.sh " + args); if (!result.first()) { s_logger.error("savepassword command on domain router " + controlIp + " failed, message: " + result.second()); http://git-wip-us.apache.org/repos/asf/cloudstack/blob/3c8be550/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java ---------------------------------------------------------------------- diff --git a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java index 4fd2353..f6ffa69 100644 --- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java +++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java @@ -2229,16 +2229,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe Connection conn = getConnection(); final String password = cmd.getPassword(); final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP); - final String vmName = cmd.getVmName(); final String vmIpAddress = cmd.getVmIpAddress(); - final String local = vmName; - // Run save_password_to_domr.sh - String args = "-r " + routerPrivateIPAddress; + String args = "savepassword.sh " + routerPrivateIPAddress; args += " -v " + vmIpAddress; args += " -p " + password; - args += " " + local; - String result = callHostPlugin(conn, "vmops", "savePassword", "args", args); + String result = callHostPlugin(conn, "vmops", "routerProxy", "args", args); if (result == null || result.isEmpty()) { return new Answer(cmd, false, "savePassword failed");
