[Ovirt-devel] [PATCH] get rid of dhcp-hooks and use DNS SRV records
Perry N. Myers
pmyers at redhat.com
Fri Apr 4 07:10:38 UTC 2008
Remove use of dhcp options for communicating the location of services to the
managed node. Instead this is done using DNS SRV records. dhcp exit hooks
are only used for setting step-tickers now. The managed node moves most
of what was in exit hooks to a new init script called ovirt. The devel
wui setup now adds the DNS SRV records to the default DNS zone file.
Signed-off-by: Perry Myers <pmyers at redhat.com>
diff --git a/ovirt-host-creator/common-pkgs.ks b/ovirt-host-creator/common-pkgs.ks
index 62d47dc..196373a 100644
--- a/ovirt-host-creator/common-pkgs.ks
+++ b/ovirt-host-creator/common-pkgs.ks
@@ -21,6 +21,7 @@ cyrus-sasl-lib
collectd
tftp
nc
+bind-utils
-policycoreutils
-audit-libs-python
-hdparm
diff --git a/ovirt-host-creator/common-post.ks b/ovirt-host-creator/common-post.ks
index 6ebfe2c..146889a 100644
--- a/ovirt-host-creator/common-post.ks
+++ b/ovirt-host-creator/common-post.ks
@@ -26,18 +26,6 @@ cat > /etc/init.d/ovirt-early << \EOF
start() {
-dhcp_options='subnet-mask
-broadcast-address
-time-offset
-routers
-domain-name
-domain-name-servers
-host-name
-nis-domain
-nis-servers
-ntp-servers
-libvirt-auth-method'
-
# find all of the ethernet devices in the system
ETHDEVS=$(cd /sys/class/net && ls -d eth*)
for eth in $ETHDEVS; do
@@ -46,8 +34,6 @@ libvirt-auth-method'
> /etc/sysconfig/network-scripts/ifcfg-$eth
echo -e "DEVICE=$BRIDGE\nBOOTPROTO=dhcp\nONBOOT=yes\nTYPE=Bridge\nPEERNTP=yes" \
> /etc/sysconfig/network-scripts/ifcfg-$BRIDGE
- printf 'DHCLIENTARGS="-R %s"\n' $(printf "$dhcp_options"|tr '\n' ,)\
- >> /etc/sysconfig/network-scripts/ifcfg-$BRIDGE
done
# find all of the partitions on the system
@@ -75,24 +61,12 @@ libvirt-auth-method'
done
}
-stop() {
- # nothing to do
- return
-}
-
case "$1" in
start)
start
;;
- stop)
- stop
- ;;
- restart)
- stop
- start
- ;;
*)
- echo "Usage: ovirt-early {start|stop|restart}"
+ echo "Usage: ovirt-early {start}"
exit 2
esac
EOF
@@ -103,40 +77,7 @@ chmod +x /etc/init.d/ovirt-early
# just to get a boot warning to shut up
touch /etc/resolv.conf
-echo "Setting up dhclient"
-cat > /etc/dhclient.conf << EOF
-option libvirt-auth-method code 202 = text;
-EOF
-
-# NOTE that libvirt_auth_method is handled in the exit-hooks
cat > /etc/dhclient-exit-hooks << \EOF
-if [ -n "$new_libvirt_auth_method" ]; then
- METHOD=`echo $new_libvirt_auth_method | cut -d':' -f1`
- SERVER=`echo $new_libvirt_auth_method | cut -d':' -f2-`
- IP=`echo $new_libvirt_auth_method | cut -d':' -f2 | cut -d'/' -f1`
- if [ $METHOD = "krb5" ]; then
- mkdir -p /etc/libvirt
- # here, we wait for the "host-keyadd" service to finish adding our
- # keytab and returning to us; note that we will try 5 times and
- # then give up
- tries=0
- while [ "$VAL" != "SUCCESS" -a $tries -lt 5 ]; do
- VAL=`echo "KERB" | /usr/bin/nc $IP 6666`
- if [ "$VAL" == "SUCCESS" ]; then
- break
- fi
- tries=$(( $tries + 1 ))
- sleep 1
- done
- if [ ! -r /etc/libvirt/krb5.tab ]; then
- /usr/bin/wget -q http://$SERVER/$new_ip_address-libvirt.tab -O /etc/libvirt/krb5.tab
- fi
- if [ ! -r /etc/krb5.conf ]; then
- rm -f /etc/krb5.conf ; /usr/bin/wget -q http://$SERVER/krb5.ini -O /etc/krb5.conf
- fi
- fi
-fi
-
if [ -n "$new_ntp_servers" ]; then
for ntp_server in $new_ntp_servers; do
echo "$ntp_server" >> /etc/ntp/step-tickers
@@ -145,6 +86,77 @@ fi
EOF
chmod +x /etc/dhclient-exit-hooks
+echo "Writing ovirt init script"
+# ovirt startup script to do krb init
+cat > /etc/init.d/ovirt << \EOF
+#!/bin/bash
+#
+# ovirt Start ovirt services
+#
+# chkconfig: 3 11 99
+# description: ovirt services
+#
+
+# Source functions library
+. /etc/init.d/functions
+
+start() {
+ echo -n $"Starting ovirt: "
+ IPA=$(/usr/bin/dig +short -t srv _ipa._tcp.$(/bin/dnsdomainname))
+ HOST=$(echo $IPA | head -1 | awk '{print $4}')
+ PORT=$(echo $IPA | head -1 | awk '{print $3}')
+
+ mkdir -p /etc/libvirt
+ # here, we wait for the "host-keyadd" service to finish adding our
+ # keytab and returning to us; note that we will try 5 times and
+ # then give up
+ tries=0
+ while [ "$VAL" != "SUCCESS" -a $tries -lt 5 ]; do
+ VAL=`echo "KERB" | /usr/bin/nc $HOST 6666`
+ if [ "$VAL" == "SUCCESS" ]; then
+ break
+ fi
+ tries=$(( $tries + 1 ))
+ sleep 1
+ echo -n "."
+ done
+
+ if [ "$VAL" != "SUCCESS" ]; then
+ echo -n "Failed generating keytab" ; failure ; echo ; exit 1
+ fi
+
+ if [ ! -s /etc/libvirt/krb5.tab ]; then
+ /usr/bin/wget -q http://$HOST:$PORT/config/$(/bin/hostname -i)-libvirt.tab -O /etc/libvirt/krb5.tab
+ if [ $? -ne 0 ]; then
+ echo -n "Failed getting keytab" ; failure ; echo ; exit 1
+ fi
+ fi
+
+ if [ ! -s /etc/krb5.conf ]; then
+ rm -f /etc/krb5.conf
+ /usr/bin/wget -q http://$HOST:$PORT/config/krb5.ini -O /etc/krb5.conf
+ if [ "$?" -ne 0 ]; then
+ echo "Failed getting krb5.conf" ; failure ; echo ; exit 1
+ fi
+ fi
+
+ success
+ echo
+}
+
+case "$1" in
+ start)
+ start
+ ;;
+ *)
+ echo "Usage: ovirt {start}"
+ exit 2
+esac
+EOF
+
+chmod +x /etc/init.d/ovirt
+/sbin/chkconfig ovirt on
+
echo "Setting up libvirt interfaces"
# make libvirtd listen on the external interfaces
sed -i -e 's/^#\(LIBVIRTD_ARGS="--listen"\).*/\1/' /etc/sysconfig/libvirtd
diff --git a/wui-appliance/devel-post.ks b/wui-appliance/devel-post.ks
index e1c7433..86c456a 100644
--- a/wui-appliance/devel-post.ks
+++ b/wui-appliance/devel-post.ks
@@ -23,15 +23,12 @@ allow bootp;
ddns-update-style interim;
ignore client-updates;
-option libvirt-auth-method code 202 = text;
-
subnet 192.168.50.0 netmask 255.255.255.0 {
option domain-name "priv.ovirt.org";
option domain-name-servers 192.168.50.2;
option ntp-servers 192.168.50.2;
next-server 192.168.50.2;
option routers 192.168.50.1;
- option libvirt-auth-method "krb5:192.168.50.2:8089/config";
filename "pxelinux.0";
host node3 {
fixed-address 192.168.50.3;
@@ -114,6 +111,9 @@ management IN A 192.168.50.2
node3 IN A 192.168.50.3
node4 IN A 192.168.50.4
node5 IN A 192.168.50.5
+_ovirt._tcp IN SRV 0 0 80 management
+_ipa._tcp IN SRV 0 0 8089 management
+_ldap._tcp IN SRV 0 0 389 management
EOF
cat > /var/named/chroot/var/named/50.168.192.in-addr.arpa.zone << \EOF
More information about the ovirt-devel
mailing list