CLOUDSTACK-2792: Call savepassword.sh inside VR

Also only set password when password service is running, thus avoid setting for redundant router BACKUP router.
2013-10-17 18:46:08 -07:00 · 2013-10-17 18:46:08 -07:00 · 484d6c4eb7
parent 85dc65c7f7
commit 484d6c4eb7
7 changed files with 87 additions and 30 deletions
--- a/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
+++ b/core/src/com/cloud/agent/resource/virtualnetwork/VirtualRoutingResource.java
@ -103,7 +103,6 @@ import com.cloud.utils.ssh.SshHelper;
@Local(value = {VirtualRoutingResource.class})
 public class VirtualRoutingResource implements Manager {
    private static final Logger s_logger = Logger.getLogger(VirtualRoutingResource.class);
-    private String _savepasswordPath; 	// This script saves a random password to the DomR file system
    private String _publicIpAddress;
    private String _firewallPath;
    private String _loadbPath;
@ -548,13 +547,14 @@ public class VirtualRoutingResource implements Manager {
        final String vmIpAddress = cmd.getVmIpAddress();
        final String local = vmName;

-        // Run save_password_to_domr.sh
-        final String result = savePassword(routerPrivateIPAddress, vmIpAddress, password, local);
+        String args = "-v " + vmIpAddress;
+        args += " -p " + password;
+        
+        String result = routerProxy("savepassword.sh", routerPrivateIPAddress, args);
        if (result != null) {
            return new Answer(cmd, false, "Unable to save password to DomR.");
-        } else {
-            return new Answer(cmd);
        }
+        return new Answer(cmd);
    }

    protected Answer execute(final DhcpEntryCommand cmd) {
@ -813,16 +813,6 @@ public class VirtualRoutingResource implements Manager {
        return new ConsoleProxyLoadAnswer(cmd, proxyVmId, proxyVmName, success, result);
    }

-    public String savePassword(final String privateIpAddress, final String vmIpAddress, final String password, final String localPath) {
-        final Script command = new Script(_savepasswordPath, _startTimeout, s_logger);
-        command.add("-r", privateIpAddress);
-        command.add("-v", vmIpAddress);
-        command.add("-p", password);
-        command.add(localPath);
-
-        return command.execute();
-    }
-
    public String assignGuestNetwork(final String dev, final String routerIP,
            final String routerGIP, final String gateway, final String cidr,
            final String netmask, final String dns, final String domainName) {
@ -1128,11 +1118,6 @@ public class VirtualRoutingResource implements Manager {
            throw new ConfigurationException("Unable to find the call_loadbalancer.sh");
        }

-        _savepasswordPath = findScript("save_password_to_domr.sh");
-        if (_savepasswordPath == null) {
-            throw new ConfigurationException("Unable to find save_password_to_domr.sh");
-        }
-
        _dhcpEntryPath = findScript("dhcp_entry.sh");
        if (_dhcpEntryPath == null) {
            throw new ConfigurationException("Unable to find dhcp_entry.sh");
--- a/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
+++ b/patches/systemvm/debian/config/opt/cloud/bin/savepassword.sh
@ -0,0 +1,62 @@
+#!/bin/bash
+# Copyright 2012 Citrix Systems, Inc. Licensed under the
+# Apache License, Version 2.0 (the "License"); you may not use this
+# file except in compliance with the License.  Citrix Systems, Inc.
+# reserves all rights not expressly granted by the License.
+# You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+# 
+# Automatically generated by addcopyright.py at 04/03/2012
+
+
+
+ 
+
+# Usage
+#	save_password -v <user VM IP> -p <password>
+
+source /root/func.sh
+
+lock="passwdlock"
+#default timeout value is 30 mins as password reset command is not synchronized on agent side any more,
+#and multiple commands can be sent to the same VR at a time
+locked=$(getLockFile $lock 1800)
+if [ "$locked" != "1" ]
+then
+    exit 1
+fi
+
+PASSWD_FILE=/var/cache/cloud/passwords
+
+while getopts 'v:p:' OPTION
+do
+  case $OPTION in
+  v)	VM_IP="$OPTARG"
+		;;
+  p)	
+		ENCODEDPASSWORD="$OPTARG"
+		PASSWORD=$(echo $ENCODEDPASSWORD | tr '[a-m][n-z][A-M][N-Z]' '[n-z][a-m][N-Z][A-M]')
+		;;
+  ?)	echo "Incorrect usage"
+                unlock_exit 1 $lock $locked
+		;;
+  esac
+done
+
+[ -f $PASSWD_FILE ] ||  touch $PASSWD_FILE
+
+sed -i /$VM_IP/d $PASSWD_FILE
+
+ps aux | grep serve_password.sh |grep -v grep 2>&1 > /dev/null
+if [ $? -eq 0 ]
+then
+    echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
+else
+    echo "$VM_IP=saved_password" >> $PASSWD_FILE
+fi
+
+unlock_exit $? $lock $locked
--- a/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
+++ b/plugins/hypervisors/vmware/src/com/cloud/hypervisor/vmware/resource/VmwareResource.java
@ -2052,7 +2052,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa
        String args = " -v " + vmIpAddress;

        if (s_logger.isDebugEnabled()) {
-            s_logger.debug("Run command on domain router " + controlIp + ", /root/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword()));
+            s_logger.debug("Run command on domain router " + controlIp + ", /opt/cloud/bin/savepassword.sh " + args + " -p " + StringUtils.getMaskedPasswordForDisplay(cmd.getPassword()));
        }

        args += " -p " + password;
@ -2060,7 +2060,7 @@ public class VmwareResource implements StoragePoolResource, ServerResource, Vmwa

        try {
            VmwareManager mgr = getServiceContext().getStockObject(VmwareManager.CONTEXT_STOCK_NAME);
-            Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/root/savepassword.sh " + args);
+            Pair<Boolean, String> result = SshHelper.sshExecute(controlIp, DEFAULT_DOMR_SSHPORT, "root", mgr.getSystemVMKeyFile(), null, "/opt/cloud/bin/savepassword.sh " + args);

            if (!result.first()) {
                s_logger.error("savepassword command on domain router " + controlIp + " failed, message: " + result.second());
--- a/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
+++ b/plugins/hypervisors/xen/src/com/cloud/hypervisor/xen/resource/CitrixResourceBase.java
@ -2228,16 +2228,12 @@ public abstract class CitrixResourceBase implements ServerResource, HypervisorRe
        Connection conn = getConnection();
        final String password = cmd.getPassword();
        final String routerPrivateIPAddress = cmd.getAccessDetail(NetworkElementCommand.ROUTER_IP);
-        final String vmName = cmd.getVmName();
        final String vmIpAddress = cmd.getVmIpAddress();
-        final String local = vmName;

-        // Run save_password_to_domr.sh
-        String args = "-r " + routerPrivateIPAddress;
+        String args = "savepassword.sh " + routerPrivateIPAddress;
        args += " -v " + vmIpAddress;
        args += " -p " + password;
-        args += " " + local;
-        String result = callHostPlugin(conn, "vmops", "savePassword", "args", args);
+        String result = callHostPlugin(conn, "vmops", "routerProxy", "args", args);

        if (result == null || result.isEmpty()) {
            return new Answer(cmd, false, "savePassword failed");
--- a/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh
+++ b/systemvm/patches/debian/config/opt/cloud/bin/savepassword.sh
@ -53,6 +53,13 @@ done
 [ -f $PASSWD_FILE ] ||  touch $PASSWD_FILE

 sed -i /$VM_IP/d $PASSWD_FILE
-echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
+
+ps aux | grep serve_password.sh |grep -v grep 2>&1 > /dev/null
+if [ $? -eq 0 ]
+then
+    echo "$VM_IP=$PASSWORD" >> $PASSWD_FILE
+else
+    echo "$VM_IP=saved_password" >> $PASSWD_FILE
+fi

 unlock_exit $? $lock $locked
--- a/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
+++ b/systemvm/patches/debian/config/root/redundant_router/check_heartbeat.sh.templ
@ -25,10 +25,13 @@ then
    if [ $diff -lt 30 ]
    then
        echo Keepalived process is dead! >> [RROUTER_LOG]
+        [RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
+        [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+        [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
        service keepalived stop >> [RROUTER_LOG] 2>&1
        service conntrackd stop >> [RROUTER_LOG] 2>&1
 	pkill -9 keepalived >> [RROUTER_LOG] 2>&1
-        [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+	pkill -9 conntrackd >> [RROUTER_LOG] 2>&1
        echo Status: FAULT \(keepalived process is dead\) >> [RROUTER_LOG]
        exit
    fi
--- a/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
+++ b/systemvm/patches/debian/config/root/redundant_router/fault.sh.templ
@ -27,7 +27,11 @@ fi

 echo To fault called >> [RROUTER_LOG]
 [RROUTER_BIN_PATH]/disable_pubip.sh >> [RROUTER_LOG] 2>&1
+echo Disable public ip >> [RROUTER_LOG]
+[RROUTER_BIN_PATH]/services.sh stop >> [RROUTER_LOG] 2>&1
+echo Stop services $? >> [RROUTER_LOG]
 [RROUTER_BIN_PATH]/primary-backup.sh fault >> [RROUTER_LOG] 2>&1
+echo Switch conntrackd mode fault $? >> [RROUTER_LOG]
 echo Status: FAULT >> [RROUTER_LOG]

 releaseLockFile $lock $locked