Merge "os-xenapi: Add utility to enable conntrack service"

os_xenapi/tests/utils/test_conntrack_service.py

@@ -0,0 +1,55 @@
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+import mock
+import os
+
+from os_xenapi.tests import base
+from os_xenapi.utils import conntrack_service
+
+
+class XenapiConntrackServiceTestCase(base.TestCase):
+    @mock.patch.object(os.path, 'dirname')
+    def test_ensure_conntrack_packages(self, mock_dirname):
+        client = mock.Mock()
+        client.ssh.return_value = '/tmp/domu_sh.fake'
+        mock_dirname.return_value = '/fake_dir'
+        ssh_expect_call = [mock.call("mkdir -p /tmp/domu_sh.fake"),
+                           mock.call("chmod +x /tmp/domu_sh.fake/"
+                                     "install_conntrack.sh"),
+                           mock.call("/tmp/domu_sh.fake/install_conntrack.sh"),
+                           mock.call("rm -rf /tmp/domu_sh.fake")]
+
+        conntrack_service.ensure_conntrack_packages(client)
+        client.ssh.assert_has_calls(ssh_expect_call)
+        client.scp.assert_called_once_with(
+            '/fake_dir/sh_tools/install_conntrack.sh',
+            '/tmp/domu_sh.fake/install_conntrack.sh')
+
+    @mock.patch.object(os.path, 'dirname')
+    @mock.patch.object(conntrack_service, 'ensure_conntrack_packages')
+    def test_enable_conntrack_service(self, mock_ensure_conntrack,
+                                      mock_dir_name):
+        client = mock.Mock()
+        client.ssh.return_value = '/tmp/domu_sh.fake'
+        mock_dir_name.return_value = '/fake_dir'
+        ssh_expect_call = [mock.call("mkdir -p /tmp/domu_sh.fake"),
+                           mock.call("chmod +x /tmp/domu_sh.fake/"
+                                     "enable_conntrack.sh"),
+                           mock.call("/tmp/domu_sh.fake/enable_conntrack.sh"),
+                           mock.call("rm -rf /tmp/domu_sh.fake")]
+
+        conntrack_service.enable_conntrack_service(client)
+        client.ssh.assert_has_calls(ssh_expect_call)
+        client.scp.assert_called_once_with(
+            '/fake_dir/sh_tools/enable_conntrack.sh',
+            '/tmp/domu_sh.fake/enable_conntrack.sh')
+        mock_ensure_conntrack.assert_called_once_with(client)

os_xenapi/utils/common_function.py

@@ -16,11 +16,13 @@
 
 It contains the common functions used by XenAPI utils."""
 
+import inspect
 import ipaddress
 import logging
 import netifaces
 import os
 import subprocess
+import sys
 
 from os_xenapi.client import exception
 
@@ -28,6 +30,11 @@ from os_xenapi.client import exception
 LOG = logging.getLogger('XenAPI_utils')
 
 
+def exit_with_error(err_msg):
+    sys.stderr.write(err_msg)
+    sys.exit(1)
+
+
 def detailed_execute(*cmd, **kwargs):
     cmd = map(str, cmd)
     _env = kwargs.get('env')
@@ -110,3 +117,19 @@ def get_host_ipv4s(host_client):
             ipv4s.append(ipv4)
 
     return ipv4s
+
+
+def scp_and_execute(dom0_client, script_name):
+    # copy script to remote host and execute it
+    TMP_SH_DIR = dom0_client.ssh("mktemp -d /tmp/domu_sh.XXXXXX", output=True)
+    TMP_SH_PATH = TMP_SH_DIR + '/' + script_name
+    Util_DIR = os.path.dirname(
+        os.path.abspath(inspect.getfile(inspect.currentframe())))
+    SH_TOOLS_DIR = Util_DIR + '/sh_tools/'
+    dom0_client.ssh("mkdir -p " + TMP_SH_DIR)
+    try:
+        dom0_client.scp(SH_TOOLS_DIR + script_name, TMP_SH_PATH)
+        dom0_client.ssh("chmod +x " + TMP_SH_PATH)
+        dom0_client.ssh(TMP_SH_PATH)
+    finally:
+        dom0_client.ssh("rm -rf " + TMP_SH_DIR)

os_xenapi/utils/conntrack_service.py

@@ -0,0 +1,47 @@
+# Copyright 2017 Citrix Systems
+#
+#    Licensed under the Apache License, Version 2.0 (the "License"); you may
+#    not use this file except in compliance with the License. You may obtain
+#    a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+#    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+#    License for the specific language governing permissions and limitations
+#    under the License.
+"""conntrack service utils
+
+It contains the utilities relative to conntrack service"""
+import logging
+import sys
+
+from os_xenapi.utils import common_function
+from os_xenapi.utils import sshclient
+
+LOG = logging.getLogger('conntrack_service')
+LOG.setLevel(logging.DEBUG)
+
+
+def ensure_conntrack_packages(dom0_client):
+    # Ensure the package be installed for conntrack service
+    LOG.info("Ensure the package be installed for conntrack service")
+
+    common_function.scp_and_execute(dom0_client, "install_conntrack.sh")
+
+
+def enable_conntrack_service(dom0_client):
+    # use conntrack statistic mode, so change conntrackd.conf
+    LOG.info("enable conntrack service")
+    ensure_conntrack_packages(dom0_client)
+
+    common_function.scp_and_execute(dom0_client, "enable_conntrack.sh")
+
+
+if __name__ == '__main__':
+    if len(sys.argv) != 4:
+        common_function.exit_with_error("Wrong parameters input.")
+    dom0_himn_ip, user_name, password = sys.argv[1:]
+    dom0_client = sshclient.SSHClient(dom0_himn_ip, user_name, password)
+    enable_conntrack_service(dom0_client)

os_xenapi/utils/shell_tools/enable_conntrack.sh

@@ -0,0 +1,23 @@
+#!/bin/bash
+# use conntrack statistic mode, so change conntrackd.conf
+set -e
+
+version=$(yum info conntrack-tools | grep '^Version' | awk '{print $3}')
+conf_pro_all=$(find /usr/share/doc/conntrack-tools-$version -name \
+               conntrackd.conf | grep stats)
+if ! ls /etc/conntrackd/conntrackd.conf.back;  then
+    cp -p /etc/conntrackd/conntrackd.conf /etc/conntrackd/conntrackd.conf.back
+fi
+cp -f $conf_pro_all /etc/conntrackd/
+
+cat >/etc/logrotate.d/conntrackd <<EOF
+/var/log/conntrackd*.log {
+    daily
+    maxsize 50M
+    rotate 7
+    copytruncate
+    missingok
+}
+EOF
+
+service conntrackd restart

os_xenapi/utils/shell_tools/install_conntrack.sh

@@ -0,0 +1,17 @@
+#!/bin/bash
+set -e
+
+REPO_NAME="CentOS-Base.repo"
+REPO_PATH="/etc/yum.repos.d/$REPO_NAME"
+TMP_REPO_DIR="/tmp/repo/"
+TMP_REPO_PATH=$TMP_REPO_DIR$REPO_NAME
+PKG_NAME="conntrack-tools"
+
+if ! yum list installed $PKG_NAME; then
+    mkdir -p $TMP_REPO_DIR
+    cp $REPO_PATH $TMP_REPO_DIR
+    sed -i s/#baseurl=/baseurl=/g $TMP_REPO_PATH
+    centos_ver=$(yum version nogroups |grep Installed | cut -d' ' -f 2 | cut -d'/' -f 1 | cut -d'-' -f 1)
+    yum install -y -c $TMP_REPO_PATH --enablerepo=base --releasever=$centos_ver $PKG_NAME
+    rm -rf $TMP_REPO_DIR
+fi