From 80c588e6b6d04fa97d4934d12ae191aafde67319 Mon Sep 17 00:00:00 2001 From: Kelven Yang Date: Fri, 29 Mar 2013 13:44:12 -0700 Subject: [PATCH 1/5] CLOUDSTACK-1746: fix logging warning in usage server --- usage/src/com/cloud/usage/UsageServer.java | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/usage/src/com/cloud/usage/UsageServer.java b/usage/src/com/cloud/usage/UsageServer.java index 881962f5c79..3f2b43e2bc9 100644 --- a/usage/src/com/cloud/usage/UsageServer.java +++ b/usage/src/com/cloud/usage/UsageServer.java @@ -17,12 +17,14 @@ package com.cloud.usage; import java.io.File; +import java.io.FileNotFoundException; import org.apache.log4j.Logger; import org.apache.log4j.PropertyConfigurator; import org.apache.log4j.xml.DOMConfigurator; import org.springframework.context.ApplicationContext; import org.springframework.context.support.ClassPathXmlApplicationContext; +import org.springframework.util.Log4jConfigurer; import com.cloud.utils.PropertiesUtil; import com.cloud.utils.component.ComponentContext; @@ -75,12 +77,21 @@ public class UsageServer { static private void initLog4j() { File file = PropertiesUtil.findConfigFile("log4j-cloud.xml"); if (file != null) { - s_logger.info("log4j configuration found at " + file.getAbsolutePath()); - DOMConfigurator.configureAndWatch(file.getAbsolutePath()); + System.out.println("log4j configuration found at " + file.getAbsolutePath()); + try { + Log4jConfigurer.initLogging(file.getAbsolutePath()); + } catch (FileNotFoundException e) { + } + DOMConfigurator.configureAndWatch(file.getAbsolutePath()); + } else { file = PropertiesUtil.findConfigFile("log4j-cloud.properties"); if (file != null) { - s_logger.info("log4j configuration found at " + file.getAbsolutePath()); + System.out.println("log4j configuration found at " + file.getAbsolutePath()); + try { + Log4jConfigurer.initLogging(file.getAbsolutePath()); + } catch (FileNotFoundException e) { + } PropertyConfigurator.configureAndWatch(file.getAbsolutePath()); } } From 9cf20ae38bb2917afb50dae0f6cd76eb05c18178 Mon Sep 17 00:00:00 2001 From: Sheng Yang Date: Thu, 28 Mar 2013 15:02:45 -0700 Subject: [PATCH 2/5] CLOUDSTACK-1827: Fix redundant router update mechanism There is a bug that if the smaller number ID RvR stop running, that pair of RvR's status won't be updated. This patch fixed it. --- .../VirtualNetworkApplianceManagerImpl.java | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java index 1e1046ffef1..8b75b00f694 100755 --- a/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java +++ b/server/src/com/cloud/network/router/VirtualNetworkApplianceManagerImpl.java @@ -1280,13 +1280,22 @@ public class VirtualNetworkApplianceManagerImpl extends ManagerBase implements V * We update the router pair which the lower id router owned by this mgmt server, in order * to prevent duplicate update of router status from cluster mgmt servers */ - DomainRouterVO router = routers.get(0); - if (routers.get(1).getId() < router.getId()) { - router = routers.get(1); + DomainRouterVO router0 = routers.get(0); + DomainRouterVO router1 = routers.get(1); + DomainRouterVO router = router0; + if ((router0.getId() < router1.getId()) && router0.getHostId() != null) { + router = router0; + } else { + router = router1; + } + if (router.getHostId() == null) { + s_logger.debug("Skip router pair (" + router0.getInstanceName() + "," + router1.getInstanceName() + ") due to can't find host"); + continue; } HostVO host = _hostDao.findById(router.getHostId()); if (host == null || host.getManagementServerId() == null || host.getManagementServerId() != ManagementServerNode.getManagementServerId()) { + s_logger.debug("Skip router pair (" + router0.getInstanceName() + "," + router1.getInstanceName() + ") due to not belong to this mgmt server"); continue; } updateRoutersRedundantState(routers); From 11892d34d7ec0e37e3b5cf568a2a30d4be23590f Mon Sep 17 00:00:00 2001 From: Wido den Hollander Date: Sun, 31 Mar 2013 15:31:15 +0200 Subject: [PATCH 3/5] debian: Various packaging fixes from master This commit includes various packaging fixes already in master. --- debian/cloudstack-agent.postinst | 40 ++++++++++++++++++++++++++ debian/cloudstack-common.install | 1 + debian/cloudstack-management.install | 7 +++-- debian/cloudstack-management.postinst | 16 ++++++++++- debian/cloudstack-usage.postinst | 37 ++++++++++++++++++++++++ debian/rules | 17 ++++++++--- packaging/debian/init/cloud-management | 8 +++--- packaging/debian/replace.properties | 2 +- server/conf/cloudstack-limits.conf.in | 21 ++++++++++++++ server/conf/cloudstack-sudoers.in | 22 ++++++++++++++ 10 files changed, 158 insertions(+), 13 deletions(-) create mode 100644 debian/cloudstack-agent.postinst create mode 100644 debian/cloudstack-usage.postinst create mode 100644 server/conf/cloudstack-limits.conf.in create mode 100644 server/conf/cloudstack-sudoers.in diff --git a/debian/cloudstack-agent.postinst b/debian/cloudstack-agent.postinst new file mode 100644 index 00000000000..499ae6a695a --- /dev/null +++ b/debian/cloudstack-agent.postinst @@ -0,0 +1,40 @@ +#!/bin/bash + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +set -e + +case "$1" in + configure) + OLDCONFDIR="/etc/cloud/agent" + NEWCONFDIR="/etc/cloudstack/agent" + CONFFILES="agent.properties log4j.xml log4j-cloud.xml" + + # Copy old configuration so the admin doesn't have to do that + # Only do so when we are installing for the first time + if [ -z "$2" ]; then + for FILE in $CONFFILES; do + if [ -f "$OLDCONFDIR/${FILE}" ]; then + cp -a $OLDCONFDIR/$FILE $NEWCONFDIR/$FILE + fi + done + fi + ;; +esac + +exit 0 \ No newline at end of file diff --git a/debian/cloudstack-common.install b/debian/cloudstack-common.install index 9677f871cf0..021474e1b65 100644 --- a/debian/cloudstack-common.install +++ b/debian/cloudstack-common.install @@ -26,6 +26,7 @@ /usr/share/cloudstack-common/scripts/vm/hypervisor/kvm/* /usr/share/cloudstack-common/scripts/vm/hypervisor/versions.sh /usr/share/cloudstack-common/scripts/vm/hypervisor/xenserver/* +/usr/share/cloudstack-common/lib/* /usr/bin/cloud-set-guest-password /usr/bin/cloud-set-guest-sshkey /usr/lib/python2.?/*-packages/* diff --git a/debian/cloudstack-management.install b/debian/cloudstack-management.install index a8a18b4ecdf..b42343ad5a4 100644 --- a/debian/cloudstack-management.install +++ b/debian/cloudstack-management.install @@ -5,9 +5,9 @@ # to you under the Apache License, Version 2.0 (the # "License"); you may not use this file except in compliance # with the License. You may obtain a copy of the License at -# +# # http://www.apache.org/licenses/LICENSE-2.0 -# +# # Unless required by applicable law or agreed to in writing, # software distributed under the License is distributed on an # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY @@ -18,6 +18,8 @@ /etc/cloudstack/server/* /etc/cloudstack/management/* /etc/init.d/cloudstack-management +/etc/security/limits.d/cloudstack-limits.conf +/etc/sudoers.d/cloudstack /var/cache/cloudstack/management /var/cache/cloudstack/management/work /var/cache/cloudstack/management/temp @@ -29,5 +31,4 @@ /usr/bin/cloud-setup-databases /usr/bin/cloud-migrate-databases /usr/share/cloudstack-management/* -/usr/share/java/* /usr/share/tomcat6/lib/* diff --git a/debian/cloudstack-management.postinst b/debian/cloudstack-management.postinst index 4e9b046caff..293810a97e7 100644 --- a/debian/cloudstack-management.postinst +++ b/debian/cloudstack-management.postinst @@ -20,7 +20,7 @@ if [ "$1" = configure ]; then if ! getent passwd cloud >/dev/null; then adduser --quiet --system --group --no-create-home --home /var/lib/cloudstack/management cloud else - usermod -m -d /var/lib/cloudstack/management cloud + usermod -m -d /var/lib/cloudstack/management cloud || true fi for i in /var/cache/cloudstack/management \ @@ -36,6 +36,20 @@ if [ "$1" = configure ]; then chgrp cloud $i done + OLDCONFDIR="/etc/cloud/management" + NEWCONFDIR="/etc/cloudstack/management" + CONFFILES="db.properties db-enc.properties cloud.keystore key" + + # Copy old configuration so the admin doesn't have to do that + # Only do so when we are installing for the first time + if [ -z "$2" ]; then + for FILE in $CONFFILES; do + if [ -f "$OLDCONFDIR/${FILE}" ]; then + cp -a $OLDCONFDIR/$FILE $NEWCONFDIR/$FILE + fi + done + fi + chmod 0640 /etc/cloudstack/management/db.properties chgrp cloud /etc/cloudstack/management/db.properties fi diff --git a/debian/cloudstack-usage.postinst b/debian/cloudstack-usage.postinst new file mode 100644 index 00000000000..2e15d5d3a43 --- /dev/null +++ b/debian/cloudstack-usage.postinst @@ -0,0 +1,37 @@ +#!/bin/bash + +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +set -e + +case "$1" in + configure) + # We copy the db.properties file from the management server to the usage server + # This used to be a symlink, but we don't do that anymore + if [ -f "/etc/cloud/management/db.properties" ]; then + cp -a /etc/cloud/management/db.properties /etc/cloudstack/usage/db.properties + fi + + # We also retain the log4j configuration + if [ -f "/etc/cloud/usage/log4j-cloud_usage.xml" ]; then + cp -a /etc/cloud/usage/log4j-cloud_usage.xml /etc/cloudstack/usage/log4j-cloud_usage.xml + fi + ;; +esac + +exit 0 \ No newline at end of file diff --git a/debian/rules b/debian/rules index d8e78802b3c..55496e4d6b3 100755 --- a/debian/rules +++ b/debian/rules @@ -38,12 +38,12 @@ build-indep-stamp: configure -Dcs.replace.properties=replace.properties.tmp touch $@ -clean: +clean: dh_testdir dh_testroot rm -f build-arch-stamp build-indep-stamp configure-stamp rm -f replace.properties.tmp - dh_clean + dh_clean install: dh_testdir @@ -75,6 +75,8 @@ install: # cloudstack-management mkdir $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/server mkdir $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management + mkdir -p $(DESTDIR)/$(SYSCONFDIR)/security/limits.d/ + mkdir -p $(DESTDIR)/$(SYSCONFDIR)/sudoers.d/ mkdir -p $(DESTDIR)/usr/share/$(PACKAGE)-management mkdir -p $(DESTDIR)/usr/share/$(PACKAGE)-management/webapps/client mkdir $(DESTDIR)/usr/share/$(PACKAGE)-management/setup @@ -89,13 +91,17 @@ install: cp -r client/target/cloud-client-ui-$(VERSION)-SNAPSHOT/* $(DESTDIR)/usr/share/$(PACKAGE)-management/webapps/client/ cp server/target/conf/* $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/server/ cp client/target/conf/* $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/ + + # nast hack for a couple of configuration files + mv $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/server/cloudstack-limits.conf $(DESTDIR)/$(SYSCONFDIR)/security/limits.d/ + mv $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/server/cloudstack-sudoers $(DESTDIR)/$(SYSCONFDIR)/sudoers.d/cloudstack + chmod 0440 $(DESTDIR)/$(SYSCONFDIR)/sudoers.d/cloudstack + ln -s tomcat6-nonssl.conf $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/tomcat6.conf mkdir -p $(DESTDIR)/$(SYSCONFDIR)/$(PACKAGE)/management/Catalina/localhost/client mkdir -p ${DESTDIR}/usr/share/tomcat6/lib - mkdir -p ${DESTDIR}/usr/share/java install -D packaging/debian/init/cloud-management $(DESTDIR)/$(SYSCONFDIR)/init.d/$(PACKAGE)-management install -D client/bindir/cloud-update-xenserver-licenses.in $(DESTDIR)/usr/bin/cloud-update-xenserver-licenses - install -D server/target/cloud-server-$(VERSION)-SNAPSHOT.jar $(DESTDIR)/usr/share/java/$(PACKAGE)-server.jar ln -s /usr/share/tomcat6/bin $(DESTDIR)/usr/share/$(PACKAGE)-management/bin ln -s ../../..$(SYSCONFDIR)/$(PACKAGE)/management $(DESTDIR)/usr/share/$(PACKAGE)-management/conf ln -s ../../../usr/share/tomcat6/lib $(DESTDIR)/usr/share/$(PACKAGE)-management/lib @@ -108,6 +114,7 @@ install: mkdir -p $(DESTDIR)/usr/share/$(PACKAGE)-common mkdir $(DESTDIR)/usr/share/$(PACKAGE)-common/scripts mkdir $(DESTDIR)/usr/share/$(PACKAGE)-common/setup + mkdir $(DESTDIR)/usr/share/$(PACKAGE)-common/lib cp -r scripts/installer $(DESTDIR)/usr/share/$(PACKAGE)-common/scripts cp -r scripts/network $(DESTDIR)/usr/share/$(PACKAGE)-common/scripts cp -r scripts/storage $(DESTDIR)/usr/share/$(PACKAGE)-common/scripts @@ -119,6 +126,8 @@ install: install -D client/target/utilities/bin/cloud-setup-databases $(DESTDIR)/usr/bin install -D client/target/utilities/bin/cloud-setup-management $(DESTDIR)/usr/bin install -D client/target/cloud-client-ui-$(VERSION)-SNAPSHOT/WEB-INF/classes/vms/systemvm.iso $(DESTDIR)/usr/share/$(PACKAGE)-common/vms/systemvm.iso + # We need jasypt for cloud-install-sys-tmplt, so this is a nasty hack to get it into the right place + install -D agent/target/dependencies/jasypt-1.9.0.jar $(DESTDIR)/usr/share/$(PACKAGE)-common/lib # cloudstack-python mkdir -p $(DESTDIR)/usr/lib/python2.7/dist-packages diff --git a/packaging/debian/init/cloud-management b/packaging/debian/init/cloud-management index 69a0428db21..3ebaa738861 100755 --- a/packaging/debian/init/cloud-management +++ b/packaging/debian/init/cloud-management @@ -19,7 +19,7 @@ # specific language governing permissions and limitations # under the License. ### BEGIN INIT INFO -# Provides: tomcat-vmops +# Provides: cloudstack-management # Required-Start: $local_fs $remote_fs $network # Required-Stop: $local_fs $remote_fs $network # Should-Start: $named @@ -34,7 +34,7 @@ PATH=/bin:/usr/bin:/sbin:/usr/sbin NAME=cloudstack-management DESC="CloudStack-specific Tomcat servlet engine" DAEMON=/usr/bin/jsvc -CATALINA_HOME=/usr/share/cloudstack/management +CATALINA_HOME=/usr/share/cloudstack-management DEFAULT=/etc/cloudstack/management/tomcat6.conf JVM_TMP=/tmp/$NAME-temp @@ -65,7 +65,7 @@ TOMCAT6_USER=tomcat6 # The first existing directory is used for JAVA_HOME (if JAVA_HOME is not # defined in $DEFAULT) -JDK_DIRS="/usr/lib/jvm/java-1.6.0-openjdk-amd64/ /usr/lib/jvm/java-1.6.0-openjdk-i386/ /usr/lib/jvm/java-1.6.0-openjdk/ /usr/lib/jvm/java-6-openjdk /usr/lib/jvm/java-6-sun" +JDK_DIRS="/usr/lib/jvm/java-7-openjdk-amd64 /usr/lib/jvm/java-7-openjdk-i386 /usr/lib/jvm/java-6-openjdk /usr/lib/jvm/java-6-openjdk-i386 /usr/lib/jvm/java-6-openjdk-amd64 /usr/lib/jvm/java-6-sun" # Look for the right JVM to use for jdir in $JDK_DIRS; do @@ -76,7 +76,7 @@ done export JAVA_HOME # Directory for per-instance configuration files and webapps -CATALINA_BASE=/usr/share/cloudstack/management +CATALINA_BASE=/usr/share/cloudstack-management # Use the Java security manager? (yes/no) TOMCAT6_SECURITY=no diff --git a/packaging/debian/replace.properties b/packaging/debian/replace.properties index 8705c78a8f7..8c852060c02 100644 --- a/packaging/debian/replace.properties +++ b/packaging/debian/replace.properties @@ -34,7 +34,7 @@ AWSAPILOG=/var/log/cloudstack/awsapi/awsapi.log BINDIR=/usr/bin COMMONLIBDIR=/usr/share/cloudstack-common CONFIGUREVARS= -DEPSCLASSPATH= +DEPSCLASSPATH=/usr/share/tomcat6/bin/bootstrap.jar:/usr/share/tomcat6/bin/tomcat-juli.jar DOCDIR= IPALOCATORLOG=/var/log/cloudstack/management/ipallocator.log JAVADIR=/usr/share/cloudstack-management/webapps/client/WEB-INF/lib diff --git a/server/conf/cloudstack-limits.conf.in b/server/conf/cloudstack-limits.conf.in new file mode 100644 index 00000000000..c28ad8c3c78 --- /dev/null +++ b/server/conf/cloudstack-limits.conf.in @@ -0,0 +1,21 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# Specific limits for the CloudStack management server which +# runs under the user 'cloud' by default +@MSUSER hard nofile 4096 +@MSUSER soft nofile 4096 diff --git a/server/conf/cloudstack-sudoers.in b/server/conf/cloudstack-sudoers.in new file mode 100644 index 00000000000..c525d3cf44b --- /dev/null +++ b/server/conf/cloudstack-sudoers.in @@ -0,0 +1,22 @@ +# Licensed to the Apache Software Foundation (ASF) under one +# or more contributor license agreements. See the NOTICE file +# distributed with this work for additional information +# regarding copyright ownership. The ASF licenses this file +# to you under the Apache License, Version 2.0 (the +# "License"); you may not use this file except in compliance +# with the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, +# software distributed under the License is distributed on an +# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY +# KIND, either express or implied. See the License for the +# specific language governing permissions and limitations +# under the License. + +# The CloudStack management server needs sudo permissions +# without a password. + +@MSUSER ALL =NOPASSWD : ALL + From 9d1649c76293f661aa52ec6414f23232d8c57de0 Mon Sep 17 00:00:00 2001 From: Wido den Hollander Date: Sun, 31 Mar 2013 17:02:08 +0200 Subject: [PATCH 4/5] git: Add debian packaging files to .gitignore --- .gitignore | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.gitignore b/.gitignore index b2a905641ba..88e9a4ed6e7 100644 --- a/.gitignore +++ b/.gitignore @@ -74,3 +74,11 @@ docs/runbook/tmp docs/runbook/publish .project Gemfile.lock +debian/tmp +debian/files +debian/cloudstack-*/* +debian/*.substvars +debian/*.debhelper +replace.properties.tmp +build-indep-stamp +configure-stamp From 9eed6586092d4ecd268d403f1fec83ad196569b4 Mon Sep 17 00:00:00 2001 From: Pradeep Soundararajan Date: Mon, 1 Apr 2013 15:31:08 +0100 Subject: [PATCH 5/5] CLOUDSTACK-1689: Adding ipset as part of agent install for debian Signed-off-by: Chip Childers --- debian/control | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/debian/control b/debian/control index 8f82fc3ab2f..27a3150158e 100644 --- a/debian/control +++ b/debian/control @@ -22,7 +22,7 @@ Description: CloudStack server library Package: cloudstack-agent Architecture: all -Depends: openjdk-6-jre | openjdk-7-jre, cloudstack-common (= ${source:Version}), lsb-base (>= 3.2), libcommons-daemon-java, libjna-java, openssh-client, libvirt0, sysvinit-utils, chkconfig, qemu-kvm, libvirt-bin, uuid-runtime, rsync, grep, iproute, perl-base, perl-modules, ebtables, vlan, wget, jsvc +Depends: openjdk-6-jre | openjdk-7-jre, cloudstack-common (= ${source:Version}), lsb-base (>= 3.2), libcommons-daemon-java, libjna-java, openssh-client, libvirt0, sysvinit-utils, chkconfig, qemu-kvm, libvirt-bin, uuid-runtime, rsync, grep, iproute, perl-base, perl-modules, ebtables, vlan, wget, jsvc, ipset Conflicts: cloud-agent, cloud-agent-libs, cloud-agent-deps, cloud-agent-scripts Description: CloudStack agent The CloudStack agent is in charge of managing shared computing resources in