Merge pull request #2084 from shapeblue/passwd-speedup

Passwd speedup

Author: karuturi

systemvm/patches/debian/config/opt/cloud/bin/configure.py

@@ -45,36 +45,6 @@
 from cs.CsStaticRoutes import CsStaticRoutes
 
 
-class CsPassword(CsDataBag):
-
-    TOKEN_FILE="/tmp/passwdsrvrtoken"
-
-    def process(self):
-        for item in self.dbag:
-            if item == "id":
-                continue
-            self.__update(item, self.dbag[item])
-
-    def __update(self, vm_ip, password):
-        token = ""
-        try:
-            tokenFile = open(self.TOKEN_FILE)
-            token = tokenFile.read()
-        except IOError:
-            logging.debug("File %s does not exist" % self.TOKEN_FILE)
-
-        ips_cmd = "ip addr show | grep inet | awk '{print $2}'"
-        ips = CsHelper.execute(ips_cmd)
-        for ip in ips:
-            server_ip = ip.split('/')[0]
-            proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', server_ip])
-            if proc.find():
-                update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
-                '-F "token={TOKEN}" >/dev/null 2>/dev/null &'.format(SERVER_IP=server_ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
-                result = CsHelper.execute(update_command)
-                logging.debug("Update password server result ==> %s" % result)
-
-
 class CsAcl(CsDataBag):
     """
         Deal with Network acls

systemvm/patches/debian/config/opt/cloud/bin/cs/CsVmPassword.py

@@ -0,0 +1,61 @@
+#!/usr/bin/python
+# -- coding: utf-8 --
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+
+import CsHelper
+from CsProcess import CsProcess
+from netaddr import IPNetwork, IPAddress
+import logging
+
+
+class CsPassword:
+
+    TOKEN_FILE="/tmp/passwdsrvrtoken"
+
+    def __init__(self, dbag):
+        self.dbag = dbag
+        self.process()
+
+    def process(self):
+        self.__update(self.dbag['ip_address'], self.dbag['password'])
+
+    def __update(self, vm_ip, password):
+        token = ""
+        try:
+            tokenFile = open(self.TOKEN_FILE)
+            token = tokenFile.read()
+        except IOError:
+            logging.debug("File %s does not exist" % self.TOKEN_FILE)
+
+        logging.debug("Got VM '%s' and password '%s'" % (vm_ip, password))
+        get_cidrs_cmd = "ip addr show | grep inet | grep -v secondary | awk '{print $2}'"
+        cidrs = CsHelper.execute(get_cidrs_cmd)
+        logging.debug("Found these CIDRs: %s" % cidrs)
+        for cidr in cidrs:
+            logging.debug("Processing CIDR '%s'" % cidr)
+            if IPAddress(vm_ip) in IPNetwork(cidr):
+                ip = cidr.split('/')[0]
+                logging.debug("Cidr %s matches vm ip address %s so adding passwd to passwd server at %s" % (cidr, vm_ip, ip))
+                proc = CsProcess(['/opt/cloud/bin/passwd_server_ip.py', ip])
+                if proc.find():
+                    update_command = 'curl --header "DomU_Request: save_password" "http://{SERVER_IP}:8080/" -F "ip={VM_IP}" -F "password={PASSWORD}" ' \
+                                     '-F "token={TOKEN}" --interface 127.0.0.1 >/dev/null 2>/dev/null &'.format(SERVER_IP=ip, VM_IP=vm_ip, PASSWORD=password, TOKEN=token)
+                    result = CsHelper.execute(update_command)
+                    logging.debug("Update password server result ==> %s" % result)
+                else:
+                    logging.debug("Update password server skipped because we didn't find a passwd server process for %s (makes sense on backup routers)" % ip)

systemvm/patches/debian/config/opt/cloud/bin/cs_vmp.py

@@ -23,7 +23,6 @@
 import cs_ip
 import cs_guestnetwork
 import cs_cmdline
-import cs_vmp
 import cs_network_acl
 import cs_firewallrules
 import cs_loadbalancer
@@ -36,8 +35,6 @@
 import cs_vpnusers
 import cs_staticroutes
 
-from pprint import pprint
-
 
 class DataBag:
 
@@ -105,8 +102,6 @@ def process(self):
             dbag = self.processGuestNetwork(self.db.getDataBag())
         elif self.qFile.type == 'cmdline':
             dbag = self.processCL(self.db.getDataBag())
-        elif self.qFile.type == 'vmpassword':
-            dbag = self.processVMpassword(self.db.getDataBag())
         elif self.qFile.type == 'networkacl':
             dbag = self.process_network_acl(self.db.getDataBag())
         elif self.qFile.type == 'firewallrules':
@@ -188,9 +183,6 @@ def process_monitorservice(self, dbag):
     def process_staticroutes(self, dbag):
         return cs_staticroutes.merge(dbag, self.qFile.data)
 
-    def processVMpassword(self, dbag):
-        return cs_vmp.merge(dbag, self.qFile.data)
-
     def processForwardingRules(self, dbag):
         # to be used by both staticnat and portforwarding
         return cs_forwardingrules.merge(dbag, self.qFile.data)
@@ -275,13 +267,21 @@ class QueueFile:
     fileName = ''
     configCache = "/var/cache/cloud"
     keep = True
+    do_merge = True
     data = {}
 
+    def update_databag(self):
+        if self.do_merge:
+            logging.info("Merging because do_merge is %s" % self.do_merge)
+            updateDataBag(self)
+        else:
+            logging.info("Not merging because do_merge is %s" % self.do_merge)
+
     def load(self, data):
         if data is not None:
             self.data = data
             self.type = self.data["type"]
-            proc = updateDataBag(self)
+            self.update_databag()
             return
         fn = self.configCache + '/' + self.fileName
         try:
@@ -296,7 +296,7 @@ def load(self, data):
                 self.__moveFile(fn, self.configCache + "/processed")
             else:
                 os.remove(fn)
-            proc = updateDataBag(self)
+            self.update_databag()
 
     def setFile(self, name):
         self.fileName = name

systemvm/patches/debian/config/opt/cloud/bin/merge.py

@@ -25,6 +25,7 @@
 import os.path
 import configure
 import json
+from cs.CsVmPassword import *
 
 logging.basicConfig(filename='/var/log/cloud.log', level=logging.DEBUG, format='%(asctime)s  %(filename)s %(funcName)s:%(lineno)d %(message)s')
 
@@ -45,15 +46,30 @@ def finish_config():
     sys.exit(returncode)
 
 
-def process_file():
+def process(do_merge=True):
     print "[INFO] Processing JSON file %s" % sys.argv[1]
     qf = QueueFile()
     qf.setFile(sys.argv[1])
+    qf.do_merge = do_merge
     qf.load(None)
+
+    return qf
+
+
+def process_file():
+    print "[INFO] process_file"
+    qf = process()
     # Converge
     finish_config()
 
 
+def process_vmpasswd():
+    print "[INFO] process_vmpassword"
+    qf = process(False)
+    print "[INFO] Sending password to password server"
+    CsPassword(qf.getData())
+
+
 def is_guestnet_configured(guestnet_dict, keys):
 
     existing_keys = []
@@ -135,6 +151,10 @@ def is_guestnet_configured(guestnet_dict, keys):
     else:
         print "[INFO] update_config.py :: No GuestNetwork configured yet. Configuring first one now."
         process_file()
+# Bypass saving passwords and running full config/convergence, just feed passwd to passwd server and stop
+elif sys.argv[1].startswith("vm_password.json"):
+    print "[INFO] update_config.py :: Processing incoming vm_passwd file => %s" % sys.argv[1]
+    process_vmpasswd()
 else:
     print "[INFO] update_config.py :: Processing incoming file => %s" % sys.argv[1]
     process_file()