X-Git-Url: https://osm.etsi.org/gitweb/?p=osm%2FN2VC.git;a=blobdiff_plain;f=n2vc%2Fprovisioner.py;h=ab25993f2b00129c07a0418d9b23f8c0f786437f;hp=c4d8b5b1df1db724b8aaabe5c946723d6f3da1f1;hb=9074b05b797b591eeb9b86b54c5a699b30454906;hpb=ba6e532cda6464759381585452b18f9fd1a19dd3 diff --git a/n2vc/provisioner.py b/n2vc/provisioner.py index c4d8b5b..ab25993 100644 --- a/n2vc/provisioner.py +++ b/n2vc/provisioner.py @@ -41,9 +41,9 @@ def normalize_arch(rawArch): DETECTION_SCRIPT = """#!/bin/bash set -e os_id=$(grep '^ID=' /etc/os-release | tr -d '"' | cut -d= -f2) -if [ "$os_id" = 'centos' ]; then +if [ "$os_id" = 'centos' ] || [ "$os_id" = 'rhel' ] ; then os_version=$(grep '^VERSION_ID=' /etc/os-release | tr -d '"' | cut -d= -f2) - echo "centos$os_version" + echo "$os_id$os_version" else lsb_release -cs fi @@ -74,6 +74,22 @@ iptables -t nat -A OUTPUT -p tcp -d {} -j DNAT --to-destination {} netfilter-persistent save """ +IPTABLES_SCRIPT_RHEL = """#!/bin/bash +set -e +[ -v `which firewalld` ] && yum install -q -y firewalld +systemctl is-active --quiet firewalld || systemctl start firewalld \ + && firewall-cmd --permanent --zone=public --set-target=ACCEPT +systemctl is-enabled --quiet firewalld || systemctl enable firewalld +firewall-cmd --direct --permanent --add-rule ipv4 nat OUTPUT 0 -d {} -p tcp \ + -j DNAT --to-destination {} +firewall-cmd --reload +""" + +CLOUD_INIT_WAIT_SCRIPT = """#!/bin/bash +set -e +cloud-init status --wait +""" + class AsyncSSHProvisioner: """Provision a manually created machine via SSH.""" @@ -239,7 +255,8 @@ class AsyncSSHProvisioner: params.series = hw["series"] params.instance_id = "manual:{}".format(self.host) params.nonce = "manual:{}:{}".format( - self.host, str(uuid.uuid4()), + self.host, + str(uuid.uuid4()), ) # a nop for Juju w/manual machines params.hardware_characteristics = { "arch": hw["arch"], @@ -250,12 +267,15 @@ class AsyncSSHProvisioner: return params - async def install_agent(self, connection, nonce, machine_id, proxy=None): + async def install_agent( + self, connection, nonce, machine_id, proxy=None, series=None + ): """ :param object connection: Connection to Juju API :param str nonce: The nonce machine specification :param str machine_id: The id assigned to the machine :param str proxy: IP of the API_PROXY + :param str series: OS name :return: bool: If the initialization was successful """ @@ -284,8 +304,16 @@ class AsyncSSHProvisioner: - 127.0.0.1:17070 - '[::1]:17070' """ + try: + # Wait until cloud-init finish + await self._run_configure_script(CLOUD_INIT_WAIT_SCRIPT) + except Exception: + self.log.debug("cloud-init not present in machine {}".format(machine_id)) + if proxy: - m = re.search(r"apiaddresses:\n- (\d+\.\d+\.\d+\.\d+):17070", results.script) + m = re.search( + r"apiaddresses:\n- (\d+\.\d+\.\d+\.\d+):17070", results.script + ) apiaddress = m.group(1) """Add IP Table rule @@ -297,7 +325,10 @@ class AsyncSSHProvisioner: iptables rule, routing traffic to the appropriate LXD container. """ - script = IPTABLES_SCRIPT.format(apiaddress, proxy) + if series and ("centos" in series or "rhel" in series): + script = IPTABLES_SCRIPT_RHEL.format(apiaddress, proxy) + else: + script = IPTABLES_SCRIPT.format(apiaddress, proxy) # Run this in a retry loop, because dpkg may be running and cause the # script to fail. @@ -311,7 +342,10 @@ class AsyncSSHProvisioner: stdout, stderr = await self._run_configure_script(script) break except Exception as e: - self.log.debug("Waiting for dpkg, sleeping {} seconds".format(delay)) + self.log.debug( + "Waiting for DNAT rules to be applied and saved, " + "sleeping {} seconds".format(delay) + ) if attempts > retry: raise e else: