[Ovirt-devel] [PATCH node] generalized configuration persistence for oVirt Node
Alan Pevec
apevec at redhat.com
Fri Sep 19 17:54:12 UTC 2008
If local OVIRT partition is available, persist selected configuration files,
for now: Kerberos config, libvirt keytab and SSH host key.
To initialize OVIRT partition, boot oVirt Node with ovirt_init=scsi parameter,
this will format the first disk and create the partition.
For more details see http://ovirt.org/page/Local_Disk_Usage
Signed-off-by: Alan Pevec <apevec at redhat.com>
---
ovirt-node.spec.in | 1 +
scripts/ovirt | 53 ++++++++++++++++++++--------------------------
scripts/ovirt-early | 10 ++------
scripts/ovirt-functions | 38 +++++++++++++++++++++++++++++++++
scripts/ovirt-post | 7 +++++-
5 files changed, 71 insertions(+), 38 deletions(-)
mode change 100755 => 100644 scripts/ovirt-early
diff --git a/ovirt-node.spec.in b/ovirt-node.spec.in
index 92905fd..fb31c4f 100644
--- a/ovirt-node.spec.in
+++ b/ovirt-node.spec.in
@@ -12,6 +12,7 @@ Requires(post): /sbin/chkconfig
Requires(preun): /sbin/chkconfig
BuildRequires: libvirt-devel
BuildRequires: dbus-devel hal-devel
+Requires: augeas
Requires: libvirt
Requires: hal
Requires: collectd
diff --git a/scripts/ovirt b/scripts/ovirt
index 0878a9e..d81a72e 100644
--- a/scripts/ovirt
+++ b/scripts/ovirt
@@ -11,30 +11,31 @@
. /etc/init.d/ovirt-functions
start() {
- krb5_conf=/etc/krb5.conf
- krb5_tab=/etc/libvirt/krb5.tab
- # retrieve config from local oVirt partition if available
- # krb5.conf krb5.tab
- # TODO local admin password, ssh server key - what else?
+ # retrieve config from local OVIRT partition if available
ovirt=$(mktemp -d)
+ ovirt_mount $ovirt
+ # /config on OVIRT partition contains persisted /etc files
cfg=$ovirt/config
- if [ -e /dev/disk/by-label/$OVIRT_LABEL ]; then
- mount -r /dev/disk/by-label/$OVIRT_LABEL $ovirt
- else
- mount -r /dev/live $ovirt
- fi
- if [ -e $cfg/krb5.conf ]; then
- cp -a $cfg/krb5.conf $krb5_conf
- fi
- if [ -e $cfg/krb5.tab ]; then
- cp -a $cfg/krb5.tab $krb5_tab
+ if [ -d $cfg/etc ]; then
+ cp -rv $cfg/etc/* /etc
+ restorecon -r /etc
fi
- if [ -s $krb5_tab ]; then
- krb5_tab=
+ # and optional Augeas augtool script
+ aug=$cfg/config.aug
+ if [ -f $aug ]; then
+ tmpaug=$(mktemp)
+ cp $aug $tmpaug
+ echo "save" >> $tmpaug
+ augtool < $tmpaug > /dev/null 2>&1
+ if [ $? -eq 0 ]; then
+ printf "$aug applied."
+ fi
fi
+ umount $ovirt && rmdir $ovirt
find_srv ipa tcp
if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
+ krb5_conf=/etc/krb5.conf
# FIXME this is IPA specific
wget -q \
http://$SRV_HOST:$SRV_PORT/ipa/config/krb5.ini -O $krb5_conf.tmp
@@ -42,33 +43,25 @@ start() {
echo "Failed to get $krb5_conf"; return 1
fi
mv $krb5_conf.tmp $krb5_conf
- # store config in oVirt partition
- if [ -e $cfg ]; then
- mount -o remount,rw $ovirt
- cp -a $krb5_conf $cfg/krb5.conf
- fi
else
echo "skipping Kerberos configuration"
fi
find_srv identify tcp
if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
+ krb5_tab=/etc/libvirt/krb5.tab
+ # skip ktab download if we got it from /config
+ if [ -s $krb5_tab ]; then
+ krb5_tab=
+ fi
ovirt-awake start $SRV_HOST $SRV_PORT $krb5_tab
if [ $? -ne 0 ]; then
echo "ovirt-awake failed"; return 1
fi
- # store config in oVirt partition
- if [ -n "$krb_tab" -a -e $cfg ]; then
- mount -o remount,rw $ovirt
- cp -a $krb5_tab $cfg/krb5.tab
- fi
else
echo "skipping ovirt-awake, oVirt identify service not available"
fi
- # cleanup
- umount $ovirt && rmdir $ovirt
-
find_srv collectd tcp
if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
collectd_conf=/etc/collectd.conf
diff --git a/scripts/ovirt-early b/scripts/ovirt-early
old mode 100755
new mode 100644
index 6d9bd76..3ab9f47
--- a/scripts/ovirt-early
+++ b/scripts/ovirt-early
@@ -217,13 +217,9 @@ local_install() {
mkdir -p $ovirt/config
# update local config using the one embedded in livecd image
# TODO admin tool for adding /config into livecd image
- if [ -e $live/config/krb5.conf ]; then
- cp -a $live/config/krb5.conf $ovirt/config \
- || echo "krb5.conf copy failed"
- fi
- if [ -e $live/config/krb5.tab ]; then
- cp -a $live/config/krb5.tab $ovirt/config \
- || echo "krb5.tab copy failed"
+ if [ -d $live/config ]; then
+ cp -rv $live/config/* $ovirt/config \
+ || echo "config copy failed"
fi
if [ $local_os = 0 ]; then
diff --git a/scripts/ovirt-functions b/scripts/ovirt-functions
index 3bec877..bd59d09 100644
--- a/scripts/ovirt-functions
+++ b/scripts/ovirt-functions
@@ -47,3 +47,41 @@ ovirt_setup_libvirtd() {
echo "mech_list: gssapi" >> $sasl_conf
fi
}
+
+ovirt_mount() {
+ if [ -e /dev/disk/by-label/$OVIRT_LABEL ]; then
+ mount -r /dev/disk/by-label/$OVIRT_LABEL $1
+ else
+ mount -r /dev/live $1
+ fi
+}
+
+md5() {
+ md5sum $1 2>/dev/null | (read MD5 filename; echo $MD5)
+}
+
+# persist configuration to /config on OVIRT partition
+# ovirt_store_config /etc/config /etc/config2 ...
+ovirt_store_config() {
+ ovirt=$(mktemp -d)
+ ovirt_mount $ovirt
+ cfg=$ovirt/config
+ rw=0
+ printf "store config:"
+ for f in "$@"; do
+ # ignore non-/etc paths
+ if [ $f != ${f#/etc/} ]; then
+ # check if changed
+ if [ "$(md5 $f)" != "$(md5 $cfg$f)" ]; then
+ if [ $rw = 0 ]; then
+ mount -o remount,rw $ovirt
+ rw=1
+ fi
+ mkdir -p $cfg$(dirname $f)
+ cp $f $cfg$f
+ print " $f"
+ fi
+ fi
+ done
+ umount $ovirt && rmdir $ovirt
+}
diff --git a/scripts/ovirt-post b/scripts/ovirt-post
index d989940..046a2c0 100644
--- a/scripts/ovirt-post
+++ b/scripts/ovirt-post
@@ -11,8 +11,13 @@
. /etc/init.d/ovirt-functions
start() {
- find_srv identify tcp
+ # persist selected configuration files
+ ovirt_store_config \
+ /etc/krb5.conf \
+ /etc/libvirt/krb5.tab \
+ /etc/ssh/ssh_host*_key*
+ find_srv identify tcp
if [ -n "$SRV_HOST" -a -n "$SRV_PORT" ]; then
ovirt-identify-node -s $SRV_HOST -p $SRV_PORT
else
--
1.5.5.1
More information about the ovirt-devel
mailing list