[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Ovirt-devel] [PATCH node] generalized configuration persistence for oVirt Node



If local OVIRT partition is available, persist selected configuration files,
for now: Kerberos config, libvirt keytab and SSH host key.

To initialize OVIRT partition, boot oVirt Node with ovirt_init=scsi parameter,
this will format the first disk and create the partition.
For more details see http://ovirt.org/page/Local_Disk_Usage

Signed-off-by: Alan Pevec <apevec redhat com>
---
 ovirt-node.spec.in      |    1 +
 scripts/ovirt           |   53 ++++++++++++++++++++--------------------------
 scripts/ovirt-early     |   10 ++------
 scripts/ovirt-functions |   38 +++++++++++++++++++++++++++++++++
 scripts/ovirt-post      |    7 +++++-
 5 files changed, 71 insertions(+), 38 deletions(-)
 mode change 100755 => 100644 scripts/ovirt-early

diff --git a/ovirt-node.spec.in b/ovirt-node.spec.in
index 92905fd..fb31c4f 100644
--- a/ovirt-node.spec.in
+++ b/ovirt-node.spec.in
@@ -12,6 +12,7 @@ Requires(post):  /sbin/chkconfig
 Requires(preun): /sbin/chkconfig
 BuildRequires:  libvirt-devel
 BuildRequires:  dbus-devel hal-devel
+Requires:       augeas
 Requires:       libvirt
 Requires:       hal
 Requires:       collectd
diff --git a/scripts/ovirt b/scripts/ovirt
index 0878a9e..d81a72e 100644
--- a/scripts/ovirt
+++ b/scripts/ovirt
@@ -11,30 +11,31 @@
 . /etc/init.d/ovirt-functions
 
 start() {
-    krb5_conf=/etc/krb5.conf
-    krb5_tab=/etc/libvirt/krb5.tab
-    # retrieve config from local oVirt partition if available
-    #   krb5.conf krb5.tab
-    #   TODO local admin password, ssh server key - what else?
+    # retrieve config from local OVIRT partition if available
     ovirt=$(mktemp -d)
+    ovirt_mount $ovirt
+    # /config on OVIRT partition contains persisted /etc files
     cfg=$ovirt/config
-    if [ -e /dev/disk/by-label/$OVIRT_LABEL ]; then
-      mount -r /dev/disk/by-label/$OVIRT_LABEL $ovirt
-    else
-      mount -r /dev/live $ovirt
-    fi
-    if [ -e $cfg/krb5.conf ]; then
-      cp -a $cfg/krb5.conf $krb5_conf
-    fi
-    if [ -e $cfg/krb5.tab ]; then
-      cp -a $cfg/krb5.tab $krb5_tab
+    if [ -d $cfg/etc ]; then
+      cp -rv $cfg/etc/* /etc
+      restorecon -r /etc
     fi
-    if [ -s $krb5_tab ]; then
-      krb5_tab=
+    # and optional Augeas augtool script
+    aug=$cfg/config.aug
+    if [ -f $aug ]; then
+      tmpaug=$(mktemp)
+      cp $aug $tmpaug
+      echo "save" >> $tmpaug
+      augtool < $tmpaug > /dev/null 2>&1
+      if [ $? -eq 0 ]; then
+        printf "$aug applied."
+      fi
     fi
+    umount $ovirt && rmdir $ovirt
 
     find_srv ipa tcp
     if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
+        krb5_conf=/etc/krb5.conf
         # FIXME this is IPA specific
         wget -q \
             http://$SRV_HOST:$SRV_PORT/ipa/config/krb5.ini -O $krb5_conf.tmp
@@ -42,33 +43,25 @@ start() {
             echo "Failed to get $krb5_conf"; return 1
         fi
         mv $krb5_conf.tmp $krb5_conf
-        # store config in oVirt partition
-        if [ -e $cfg ]; then
-            mount -o remount,rw $ovirt
-            cp -a $krb5_conf $cfg/krb5.conf
-        fi
     else
         echo "skipping Kerberos configuration"
     fi
 
     find_srv identify tcp
     if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
+        krb5_tab=/etc/libvirt/krb5.tab
+        # skip ktab download if we got it from /config
+        if [ -s $krb5_tab ]; then
+          krb5_tab=
+        fi
         ovirt-awake start $SRV_HOST $SRV_PORT $krb5_tab
         if [ $? -ne 0 ]; then
             echo "ovirt-awake failed"; return 1
         fi
-        # store config in oVirt partition
-        if [ -n "$krb_tab" -a -e $cfg ]; then
-            mount -o remount,rw $ovirt
-            cp -a $krb5_tab $cfg/krb5.tab
-        fi
     else
         echo "skipping ovirt-awake, oVirt identify service not available"
     fi
 
-    # cleanup
-    umount $ovirt && rmdir $ovirt
-
     find_srv collectd tcp
     if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
         collectd_conf=/etc/collectd.conf
diff --git a/scripts/ovirt-early b/scripts/ovirt-early
old mode 100755
new mode 100644
index 6d9bd76..3ab9f47
--- a/scripts/ovirt-early
+++ b/scripts/ovirt-early
@@ -217,13 +217,9 @@ local_install() {
     mkdir -p $ovirt/config
     # update local config using the one embedded in livecd image
     # TODO admin tool for adding /config into livecd image
-    if [ -e $live/config/krb5.conf ]; then
-      cp -a $live/config/krb5.conf $ovirt/config \
-      || echo "krb5.conf copy failed"
-    fi
-    if [ -e $live/config/krb5.tab ]; then
-      cp -a $live/config/krb5.tab $ovirt/config \
-      || echo "krb5.tab copy failed"
+    if [ -d $live/config ]; then
+      cp -rv $live/config/* $ovirt/config \
+      || echo "config copy failed"
     fi
 
     if [ $local_os = 0 ]; then
diff --git a/scripts/ovirt-functions b/scripts/ovirt-functions
index 3bec877..bd59d09 100644
--- a/scripts/ovirt-functions
+++ b/scripts/ovirt-functions
@@ -47,3 +47,41 @@ ovirt_setup_libvirtd() {
        echo "mech_list: gssapi" >> $sasl_conf
     fi
 }
+
+ovirt_mount() {
+    if [ -e /dev/disk/by-label/$OVIRT_LABEL ]; then
+      mount -r /dev/disk/by-label/$OVIRT_LABEL $1
+    else
+      mount -r /dev/live $1
+    fi
+}
+
+md5() {
+  md5sum $1 2>/dev/null | (read MD5 filename; echo $MD5)
+}
+
+# persist configuration to /config on OVIRT partition
+#   ovirt_store_config /etc/config /etc/config2 ...
+ovirt_store_config() {
+    ovirt=$(mktemp -d)
+    ovirt_mount $ovirt
+    cfg=$ovirt/config
+    rw=0
+    printf "store config:"
+    for f in "$@"; do
+       # ignore non-/etc paths
+       if [ $f != ${f#/etc/} ]; then
+           # check if changed
+           if [ "$(md5 $f)" != "$(md5 $cfg$f)" ]; then
+               if [ $rw = 0 ]; then
+                   mount -o remount,rw $ovirt
+                   rw=1
+               fi
+               mkdir -p $cfg$(dirname $f)
+               cp $f $cfg$f
+               print " $f"
+           fi
+       fi
+    done
+    umount $ovirt && rmdir $ovirt
+}
diff --git a/scripts/ovirt-post b/scripts/ovirt-post
index d989940..046a2c0 100644
--- a/scripts/ovirt-post
+++ b/scripts/ovirt-post
@@ -11,8 +11,13 @@
 . /etc/init.d/ovirt-functions
 
 start() {
-    find_srv identify tcp
+    # persist selected configuration files
+    ovirt_store_config \
+      /etc/krb5.conf \
+      /etc/libvirt/krb5.tab \
+      /etc/ssh/ssh_host*_key*
 
+    find_srv identify tcp
     if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
         ovirt-identify-node -s $SRV_HOST -p $SRV_PORT
     else
-- 
1.5.5.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]