CLOUDSTACK-2792: Call savepassword.sh inside VR for Xen

Also only set password when password service is running, thus avoid setting for redundant router BACKUP router.
2013-10-17 18:46:08 -07:00 · 2013-10-17 18:46:08 -07:00 · 3c8be550f0
parent 93188b449c
commit 3c8be550f0
7 changed files with 79 additions and 76 deletions
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@ -549,13 +549,14 @@ public class VirtualRoutingResource implements Manager {
        final String vmIpAddress = cmd.getVmIpAddress();
        final String local =  vmName;

-        // Run save_password_to_domr.sh
-        final String result = savePassword(routerPrivateIPAddress, vmIpAddress, password, local);
+        String args = "-v " + vmIpAddress;
+        args += " -p " + password;
+        
+        String result = routerProxy("savepassword.sh", routerPrivateIPAddress, args);
        if (result != null) {
            return new Answer(cmd, false, "Unable to save password to DomR.");
-        } else {
-            return new Answer(cmd);
        }
+        return new Answer(cmd);
    }

    protected Answer execute (final DhcpEntryCommand cmd) {
@ -1169,11 +1170,6 @@ public class VirtualRoutingResource implements Manager {
            throw new ConfigurationException("Unable to find the call_loadbalancer.sh");
        }

-        _savepasswordPath = findScript("save_password_to_domr.sh");
-        if(_savepasswordPath == null) {
-            throw new ConfigurationException("Unable to find save_password_to_domr.sh");
-        }
-
        _dhcpEntryPath = findScript("dhcp_entry.sh");
        if(_dhcpEntryPath == null) {
            throw new ConfigurationException("Unable to find dhcp_entry.sh");
--- a/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
@ -0,0 +1,62 @@
+#!/bin/bash
+# Copyright 2012 Citrix Systems, Inc. Licensed under the
+# Apache License, Version 2.0 (the "License"); you may not use this
+# file except in compliance with the License.  Citrix Systems, Inc.
+# reserves all rights not expressly granted by the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# 
+# Automatically generated by addcopyright.py at 04/03/2012
+
+
+
+ 
+
+# Usage
+#	save_password -v <user VM IP> -p <password>
+
+source /root/func.sh
+
+lock="passwdlock"
+#default timeout value is 30 mins as password reset command is not synchronized on agent side any more,
+#and multiple commands can be sent to the same VR at a time
+locked=$(getLockFile $lock 1800)
+if [ "$locked" != "1" ]
+then
+    exit 1
+fi
+
+PASSWD_FILE=/var/cache/cloud/passwords
+
+while getopts 'v:p:' OPTION
+do
+  case $OPTION in
+  v)	VM_IP="$OPTARG"
+		;;
+  p)	
+		ENCODEDPASSWORD="$OPTARG"
+		PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]')
+		;;
+  ?)	echo "Incorrect usage"
+                unlock_exit 1 $lock $locked
+		;;
+  esac
+done
+
+[ -f $PASSWD_FILE ] ||  touch $PASSWD_FILE
+
+sed -i /$VM_IP/d $PASSWD_FILE
+
+ps aux | grep serve_password.sh |grep -v grep 2>&1 > /dev/null
+if [ $? -eq 0 ]
+then
+    echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
+else
+    echo "$VM_IP=saved_password" >> $PASSWD_FILE
+fi
+
+unlock_exit $? $lock $locked
--- a/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/check_heartbeat.sh.templ
@ -25,10 +25,13 @@ then
    if [ $diff -lt 30 ]
    then
        echo Keepalived process is dead! >> [RROUTER_LOG]
+        [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
+        [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+        [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
        service keepalived stop >> [RROUTER_LOG] 2>&1
        service conntrackd stop >> [RROUTER_LOG] 2>&1
 	pkill -9 keepalived >> [RROUTER_LOG] 2>&1
-        [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+	pkill -9 conntrackd >> [RROUTER_LOG] 2>&1
        echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG]
        exit
    fi
--- a/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ
+++ b/patches/systemvm/debian/config/root/redundant_router/fault.sh.templ
@ -27,7 +27,11 @@ fi

 echo To fault called >> [RROUTER_LOG]
 [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+echo Disable public ip >> [RROUTER_LOG]
+[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
+echo Stop services $? >> [RROUTER_LOG]
 [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
+echo Switch conntrackd mode fault $? >> [RROUTER_LOG]
 echo Status: FAULT >> [RROUTER_LOG]

 releaseLockFile $lock $locked
--- a/patches/systemvm/debian/config/root/savepassword.sh
+++ b/patches/systemvm/debian/config/root/savepassword.sh
@ -1,58 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one
-# or more contributor license agreements.  See the NOTICE file
-# distributed with this work for additional information
-# regarding copyright ownership.  The ASF licenses this file
-# to you under the Apache License, Version 2.0 (the
-# "License"); you may not use this file except in compliance
-# with the License.  You may obtain a copy of the License at
-#
-#   http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing,
-# software distributed under the License is distributed on an
-# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
-# KIND, either express or implied.  See the License for the
-# specific language governing permissions and limitations
-# under the License.
-
-
- 
-
-# Usage
-#	save_password -v <user VM IP> -p <password>
-
-source /root/func.sh
-
-lock="passwdlock"
-#default timeout value is 30 mins as password reset command is not synchronized on agent side any more,
-#and multiple commands can be sent to the same VR at a time
-locked=$(getLockFile $lock 1800)
-if [ "$locked" != "1" ]
-then
-    exit 1
-fi
-
-PASSWD_FILE=/var/cache/cloud/passwords
-
-while getopts 'v:p:' OPTION
-do
-  case $OPTION in
-  v)	VM_IP="$OPTARG"
-		;;
-  p)	
-		ENCODEDPASSWORD="$OPTARG"
-		PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]')
-		;;
-  ?)	echo "Incorrect usage"
-                unlock_exit 1 $lock $locked
-		;;
-  esac
-done
-
-[ -f $PASSWD_FILE ] ||  touch $PASSWD_FILE
-
-sed -i /$VM_IP/d $PASSWD_FILE
-echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
-
-unlock_exit $? $lock $locked
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@ -2084,7 +2084,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
        String args = " -v " + vmIpAddress;

        if (s_logger.isDebugEnabled()) {
-            s_logger.debug("Run command on domain router " + controlIp + ", /root/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword()));
+            s_logger.debug("Run command on domain router " + controlIp + ", /opt/cloud/bin/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword()));
        }

        args += " -p " + password;
@ -2092,7 +2092,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa

        try {
            VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
-            Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/root/savepassword.sh " + args);
+            Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/savepassword.sh " + args);

            if (!result.first()) {
                s_logger.error("savepassword command on domain router " + controlIp + " failed, message: " + result.second());
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@ -2229,16 +2229,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
        Connection conn = getConnection();
        final String password = cmd.getPassword();
        final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
-        final String vmName = cmd.getVmName();
        final String vmIpAddress = cmd.getVmIpAddress();
-        final String local = vmName;

-        // Run save_password_to_domr.sh
-        String args = "-r " + routerPrivateIPAddress;
+        String args = "savepassword.sh " + routerPrivateIPAddress;
        args += " -v " + vmIpAddress;
        args += " -p " + password;
-        args += " " + local;
-        String result = callHostPlugin(conn, "vmops", "savePassword", "args", args);
+        String result = callHostPlugin(conn, "vmops", "routerProxy", "args", args);

        if (result == null || result.isEmpty()) {
            return new Answer(cmd, false, "savePassword failed");