master to 3c429ee

bhaisaab Tue, 17 Mar 2015 03:27:15 -0700

generate random password for redundant VPC


Project: http://git-wip-us.apache.org/repos/asf/cloudstack/repo
Commit: http://git-wip-us.apache.org/repos/asf/cloudstack/commit/4b660431
Tree: http://git-wip-us.apache.org/repos/asf/cloudstack/tree/4b660431
Diff: http://git-wip-us.apache.org/repos/asf/cloudstack/diff/4b660431

Branch: refs/heads/master
Commit: 4b6604318dad00d92c0307a114ef7d84b9096e16
Parents: baa758a
Author: wilderrodrigues <wrodrig...@schubergphilis.com>
Authored: Tue Feb 10 16:43:40 2015 +0100
Committer: wilderrodrigues <wrodrig...@schubergphilis.com>
Committed: Mon Mar 16 11:40:06 2015 +0100

----------------------------------------------------------------------
 .../VirtualNetworkApplianceManagerImpl.java     | 26 +++++++++++++++++++-
 .../VpcVirtualNetworkApplianceManagerImpl.java  |  3 ---
 .../debian/config/opt/cloud/bin/cs/CsDatabag.py |  5 ++++
 .../config/opt/cloud/bin/cs/CsRedundant.py      |  1 +
 .../opt/cloud/templates/keepalived.conf.templ   |  2 +-
 5 files changed, 32 insertions(+), 5 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4b660431/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
----------------------------------------------------------------------
diff --git 
a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java 
b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
index 234c745..5a97eb3 100644
--- 
a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
+++ 
b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java
@@ -17,6 +17,9 @@
 
 package com.cloud.network.router;
 
+import java.math.BigInteger;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
 import java.util.ArrayList;
@@ -177,6 +180,8 @@ import com.cloud.network.rules.StaticNat;
 import com.cloud.network.rules.StaticNatImpl;
 import com.cloud.network.rules.StaticNatRule;
 import com.cloud.network.rules.dao.PortForwardingRulesDao;
+import com.cloud.network.vpc.Vpc;
+import com.cloud.network.vpc.dao.VpcDao;
 import com.cloud.network.vpn.Site2SiteVpnManager;
 import com.cloud.offering.NetworkOffering;
 import com.cloud.offering.ServiceOffering;
@@ -356,6 +361,8 @@ Configurable, StateListener<State, VirtualMachine.Event, 
VirtualMachine> {
     @Inject
     AsyncJobManager _asyncMgr;
     @Inject
+    protected VpcDao _vpcDao;
+    @Inject
     protected ApiAsyncJobDispatcher _asyncDispatcher;
     @Inject
     OpRouterMonitorServiceDao _opRouterMonitorServiceDao;
@@ -1174,7 +1181,7 @@ Configurable, StateListener<State, VirtualMachine.Event, 
VirtualMachine> {
                         router = router1;
                     }
                     // && router.getState() == State.Stopped
-                    if (router.getHostId() == null) {
+                    if (router.getHostId() == null && router.getState() == 
State.Running) {
                         s_logger.debug("Skip router pair (" + 
router0.getInstanceName() + "," + router1.getInstanceName() + ") due to can't 
find host");
                         continue;
                     }
@@ -1623,6 +1630,23 @@ Configurable, StateListener<State, VirtualMachine.Event, 
VirtualMachine> {
                 // For a redundant VPC router, both shall have the same router 
id. It will be used by the VRRP virtural_router_id attribute.
                 // So we use the VPC id to avoid group problems.
                 buf.append(" router_id=").append(vpcId);
+
+                // Will build the routers password based on the VPC ID and 
UUID.
+                final Vpc vpc = _vpcDao.findById(vpcId);
+
+                try {
+                    final MessageDigest digest = 
MessageDigest.getInstance("SHA-512");
+                    final byte [] rawDigest = vpc.getUuid().getBytes();
+                    digest.update(rawDigest);
+
+                    final BigInteger password = new BigInteger(1, 
digest.digest());
+                    buf.append(" router_password=").append(password);
+
+                } catch (final NoSuchAlgorithmException e) {
+                    s_logger.error("Failed to pssword! Will use the plan B 
instead.");
+                    buf.append(" router_password=").append(vpc.getUuid());
+                }
+
             } else {
                 routers = _routerDao.listByNetworkAndRole(nic.getNetworkId(), 
Role.VIRTUAL_ROUTER);
             }

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4b660431/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
----------------------------------------------------------------------
diff --git 
a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
 
b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
index 77cc0de..f10e5a1 100644
--- 
a/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
+++ 
b/server/src/com/cloud/network/router/VpcVirtualNetworkApplianceManagerImpl.java
@@ -74,7 +74,6 @@ import com.cloud.network.vpc.VpcManager;
 import com.cloud.network.vpc.VpcVO;
 import com.cloud.network.vpc.dao.PrivateIpDao;
 import com.cloud.network.vpc.dao.StaticRouteDao;
-import com.cloud.network.vpc.dao.VpcDao;
 import com.cloud.network.vpc.dao.VpcGatewayDao;
 import com.cloud.network.vpn.Site2SiteVpnManager;
 import com.cloud.user.UserStatisticsVO;
@@ -100,8 +99,6 @@ public class VpcVirtualNetworkApplianceManagerImpl extends 
VirtualNetworkApplian
     private static final Logger s_logger = 
Logger.getLogger(VpcVirtualNetworkApplianceManagerImpl.class);
 
     @Inject
-    private VpcDao _vpcDao;
-    @Inject
     private NetworkACLManager _networkACLMgr;
     @Inject
     private VMInstanceDao _vmDao;

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4b660431/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py 
b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
index 4ace7bb..d58a642 100644
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsDatabag.py
@@ -127,3 +127,8 @@ class CsCmdLine(CsDataBag):
         if "router_id" in self.idata():
             return self.idata()['router_id']
         return 1
+
+    def get_router_password(self):
+        if "router_password" in self.idata():
+            return self.idata()['router_password']
+        return "k3ep@liv3D"

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4b660431/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
----------------------------------------------------------------------
diff --git a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py 
b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
index 5054f76..a947fd1 100644
--- a/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
+++ b/systemvm/patches/debian/config/opt/cloud/bin/cs/CsRedundant.py
@@ -122,6 +122,7 @@ class CsRedundant(object):
         file.search(" state ", "    state %s" % "EQUAL")
         file.search(" virtual_router_id ", "    virtual_router_id %s" % 
self.cl.get_router_id())
         file.greplace("[RROUTER_BIN_PATH]", self.CS_ROUTER_DIR)
+        file.section("authentication {", "}", [ "        auth_type AH \n", "   
     auth_pass %s\n" % self.cl.get_router_password()] )
         file.section("virtual_ipaddress {", "}", self._collect_ips())
         file.commit()
 

http://git-wip-us.apache.org/repos/asf/cloudstack/blob/4b660431/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ
----------------------------------------------------------------------
diff --git 
a/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ 
b/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ
index 957b913..f494df0 100644
--- a/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ
+++ b/systemvm/patches/debian/config/opt/cloud/templates/keepalived.conf.templ
@@ -40,7 +40,7 @@ vrrp_instance inside_network {
     advert_int 1
     authentication {
         auth_type AH
-        auth_pass k33p@live
+        auth_pass PASS
     }
 
     virtual_ipaddress {

[35/50] git commit: updated refs/heads/master to 3c429ee

Reply via email to