From aa9d2502808673e6d8274e8817c6e860a69adb75 Mon Sep 17 00:00:00 2001 From: frank Date: Thu, 9 Feb 2012 14:18:54 -0800 Subject: [PATCH] port copy template fix to acton --- .../api/SecStorageFirewallCfgCommand.java | 10 +++++++++- console-proxy/scripts/ipfirewall.sh | 14 +++++++------- .../resource/NfsSecondaryStorageResource.java | 7 ++++--- .../secondary/SecondaryStorageManagerImpl.java | 18 +++++++++++++----- 4 files changed, 33 insertions(+), 16 deletions(-) mode change 100644 => 100755 api/src/com/cloud/agent/api/SecStorageFirewallCfgCommand.java diff --git a/api/src/com/cloud/agent/api/SecStorageFirewallCfgCommand.java b/api/src/com/cloud/agent/api/SecStorageFirewallCfgCommand.java old mode 100644 new mode 100755 index d1e23b2dc5a..e0b043fdbda --- a/api/src/com/cloud/agent/api/SecStorageFirewallCfgCommand.java +++ b/api/src/com/cloud/agent/api/SecStorageFirewallCfgCommand.java @@ -52,18 +52,26 @@ public class SecStorageFirewallCfgCommand extends Command { } private List portConfigs = new ArrayList(); + private boolean isAppendAIp = false; public SecStorageFirewallCfgCommand() { } - + public SecStorageFirewallCfgCommand(boolean isAppend) { + this.isAppendAIp = isAppend; + } + public void addPortConfig(String sourceIp, String port, boolean add, String intf) { PortConfig pc = new PortConfig(sourceIp, port, add, intf); this.portConfigs.add(pc); } + public boolean getIsAppendAIp() { + return isAppendAIp; + } + @Override public boolean executeInSequence() { return false; diff --git a/console-proxy/scripts/ipfirewall.sh b/console-proxy/scripts/ipfirewall.sh index a2201e49368..41ae6b6ddc3 100755 --- a/console-proxy/scripts/ipfirewall.sh +++ b/console-proxy/scripts/ipfirewall.sh @@ -15,11 +15,6 @@ # along with this program. If not, see . # - - - - - BASE_DIR="/var/www/html/copy/" HTACCESS="$BASE_DIR/.htaccess" @@ -36,13 +31,18 @@ config_htaccess() { } ips(){ + public_ip=`ip addr show eth2|grep "inet "|sed "s/^ *//"|cut -d "/" -f 1|cut -d " " -f 2` + ip route add $1 via $public_ip echo "allow from $1" >> $HTACCESS result=$? return $result } - -config_htaccess +is_append="$1" +shift +if [ $is_append != "true" ]; then + config_htaccess +fi for i in $@ do ips "$i" diff --git a/core/src/com/cloud/storage/resource/NfsSecondaryStorageResource.java b/core/src/com/cloud/storage/resource/NfsSecondaryStorageResource.java index 10240c1f56c..9d01d45f316 100755 --- a/core/src/com/cloud/storage/resource/NfsSecondaryStorageResource.java +++ b/core/src/com/cloud/storage/resource/NfsSecondaryStorageResource.java @@ -774,7 +774,7 @@ public class NfsSecondaryStorageResource extends ServerResourceBase implements S } boolean success = true; String result; - result = configureIpFirewall(ipList); + result = configureIpFirewall(ipList, cmd.getIsAppendAIp()); if (result !=null) success = false; @@ -1136,8 +1136,9 @@ public class NfsSecondaryStorageResource extends ServerResourceBase implements S return result; } - private String configureIpFirewall(List ipList){ - Script command = new Script(_configIpFirewallScr); + private String configureIpFirewall(List ipList, boolean isAppend){ + Script command = new Script(_configIpFirewallScr); + command.add(String.valueOf(isAppend)); for (String ip : ipList){ command.add(ip); } diff --git a/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java b/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java index ee696ab6d7f..326b8e2c39c 100755 --- a/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java +++ b/server/src/com/cloud/storage/secondary/SecondaryStorageManagerImpl.java @@ -400,7 +400,6 @@ public class SecondaryStorageManagerImpl implements SecondaryStorageVmManager, V return true; } HostVO ssAHost = _hostDao.findById(ssAHostId); - Long zoneId = ssAHost.getDataCenterId(); SecondaryStorageVmVO thisSecStorageVm = _secStorageVmDao.findByInstanceName(ssAHost.getName()); if (thisSecStorageVm == null) { @@ -409,16 +408,17 @@ public class SecondaryStorageManagerImpl implements SecondaryStorageVmManager, V } String copyPort = _useSSlCopy? "443" : Integer.toString(TemplateConstants.DEFAULT_TMPLT_COPY_PORT); - SecStorageFirewallCfgCommand cpc = new SecStorageFirewallCfgCommand(); - SecStorageFirewallCfgCommand thiscpc = new SecStorageFirewallCfgCommand(); + SecStorageFirewallCfgCommand thiscpc = new SecStorageFirewallCfgCommand(true); thiscpc.addPortConfig(thisSecStorageVm.getPublicIpAddress(), copyPort, true, TemplateConstants.DEFAULT_TMPLT_COPY_INTF); SearchCriteriaService sc = SearchCriteria2.create(HostVO.class); - sc.addAnd(sc.getEntity().getDataCenterId(), Op.EQ, zoneId); sc.addAnd(sc.getEntity().getType(), Op.EQ, Host.Type.SecondaryStorageVM); sc.addAnd(sc.getEntity().getStatus(), Op.IN, com.cloud.host.Status.Up, com.cloud.host.Status.Connecting); List ssvms = sc.list(); for (HostVO ssvm : ssvms) { + if (ssvm.getId() == ssAHostId) { + continue; + } Answer answer = _agentMgr.easySend(ssvm.getId(), thiscpc); if (answer != null && answer.getResult()) { if (s_logger.isDebugEnabled()) { @@ -432,7 +432,15 @@ public class SecondaryStorageManagerImpl implements SecondaryStorageVmManager, V } } - Answer answer = _agentMgr.easySend(ssAHostId, cpc); + SecStorageFirewallCfgCommand allSSVMIpList = new SecStorageFirewallCfgCommand(false); + for (HostVO ssvm : ssvms) { + if (ssvm.getId() == ssAHostId) { + continue; + } + allSSVMIpList.addPortConfig(ssvm.getPublicIpAddress(), copyPort, true, TemplateConstants.DEFAULT_TMPLT_COPY_INTF); + } + + Answer answer = _agentMgr.easySend(ssAHostId, allSSVMIpList); if (answer != null && answer.getResult()) { if (s_logger.isDebugEnabled()) { s_logger.debug("Successfully programmed firewall rules into " + thisSecStorageVm.getHostName());