From eceb24ee5cff19fe77a3f5a54e995bc0e9daf6be Mon Sep 17 00:00:00 2001 From: stewie925 Date: Fri, 14 Sep 2018 10:56:44 -0700 Subject: [PATCH] Ranger Changes - 1. add database drop script 2. fix uuidgen config 3. fix logic to reset rangeragent version to 1.0 4. rename ranger services in start_services.sh script Change-Id: Ib9bddaa0385295c3bdea0b3eed942d6b0f71cb59 --- etc/ranger/ranger.conf | 69 ++++++++++--------- orm/base_config.py | 12 ++++ orm/cmd/db_drop.py | 21 ++++++ orm/orm_client/ormcli/config.py | 4 +- orm/services/db_cleanup.py | 60 ++++++++++++++++ orm/services/id_generator/config.py | 4 +- orm/services/resource_distributor/config.py | 27 +++----- .../rds/services/yaml_customer_builder.py | 23 ++----- tools/start_services.sh | 14 ++-- 9 files changed, 155 insertions(+), 79 deletions(-) create mode 100644 orm/cmd/db_drop.py create mode 100644 orm/services/db_cleanup.py diff --git a/etc/ranger/ranger.conf b/etc/ranger/ranger.conf index c221d270..19ee90f3 100644 --- a/etc/ranger/ranger.conf +++ b/etc/ranger/ranger.conf @@ -1,53 +1,58 @@ [DEFAULT] -protocol = -orm_host = -ranger_base = -ssl_verify = -log_location = +protocol = 'http' +orm_host = '127.0.0.1' +ranger_url = 'http://127.0.0.1' +ranger_base = '/opt/stack/ranger' +ssl_verify = False +ranger_agent_https_enabled = False +ranger_agent_client_cert_path = '' +log_location = '/var/log/ranger/' [keystone_authtoken] -username = -password = -project_name = -region = -project_domain_name = -user_domain_name = +username = 'admin' +password = 'password' +project_name = 'admin' +region = 'RegionOne' +project_domain_name = 'default' +user_domain_name = 'default' +## version may be '2.0' or '3' ('3' by default) +version = '2.0' +auth_enabled = False [database] -connection = -max_retries = +connection = 'mysql://user:pass@localhost:3306/' +max_retries = 3 +user_role = 'admin' [uuid] -port = -log = +port = 7001 +log = 'uuid.log' [cms] -port = -log = +port = 7080 +log ='cms.log' [fms] -port = -log = +port = 8082 +log = 'fms.log' [audit] -port = -log = +port = 7002 +log = 'audit.log' [ims] -port = -log = +port = 8084 +log = 'ims.log' [rms] -port = -log = +port = 7003 +log = 'rms.log' [rds] -port = -repo_local_location = -repo_remote_location = -repo_user = -repo_email = -log = +port = 8777 +repo_local_location = '/home/stack/orm_repo' +repo_remote_location = 'git@127.0.0.1:/home/stack/orm_repo.git' +log = 'rdstest.log' [cli] -base_region = +base_region = 'RegionOne' diff --git a/orm/base_config.py b/orm/base_config.py index 87dfc875..f8fc4665 100644 --- a/orm/base_config.py +++ b/orm/base_config.py @@ -25,12 +25,21 @@ OrmOpts = [ cfg.HostAddressOpt('orm_host', default='127.0.0.1', help='Orm server IP address.'), + cfg.URIOpt('ranger_url', + default='http://127.0.0.1', + help='Ranger URL.'), cfg.StrOpt('ranger_base', default='/opt/stack/ranger', help='Orm base directory.'), cfg.BoolOpt('ssl_verify', default=False, help='Flag for SSL verfiy Enabled/Disabled.'), + cfg.BoolOpt('ranger_agent_https_enabled', + default=False, + help='Ranger Agent https_enabled flag - True/False.'), + cfg.StrOpt('ranger_agent_client_cert_path', + default='', + help='Ranger Agent certificate path.'), cfg.StrOpt('log_location', default='/var/log/ranger', help='Orm log directory.'), @@ -239,6 +248,7 @@ CONF.register_opts(OrmCliGroup, orm_cli_group) debug_level = CONF.debug_level protocol = CONF.protocol orm_host = CONF.orm_host +ranger_url = CONF.ranger_url ranger_base = CONF.ranger_base ssl_verify = CONF.ssl_verify token_auth_enabled = CONF.keystone_authtoken.auth_enabled @@ -250,6 +260,8 @@ conn = CONF.database.connection db_connect = conn.replace("mysql+pymysql", "mysql") if conn else None # pass keystone version '2.0' or '3' token_auth_version = '3' if (CONF.keystone_authtoken.version == 'v3') else '2.0' +cert_path = CONF.ranger_agent_client_cert_path +https_enabled = CONF.ranger_agent_https_enabled uuid = {'port': CONF.uuid.port, diff --git a/orm/cmd/db_drop.py b/orm/cmd/db_drop.py new file mode 100644 index 00000000..39b212da --- /dev/null +++ b/orm/cmd/db_drop.py @@ -0,0 +1,21 @@ +#!/usr/bin/env python +# Copyright (c) 2018 OpenStack Foundation +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from orm.services import db_cleanup + + +def main(): + db_cleanup.main() diff --git a/orm/orm_client/ormcli/config.py b/orm/orm_client/ormcli/config.py index e69883f2..18afa9df 100755 --- a/orm/orm_client/ormcli/config.py +++ b/orm/orm_client/ormcli/config.py @@ -5,6 +5,6 @@ import orm.base_config as config tenant_name = config.token_auth_tenant username = config.token_auth_user password = config.token_auth_pass -auth_region = config.cli['base_region'] -orm_base_url = '{}://{}'.format(config.protocol, config.orm_host) +auth_region = config.token_auth_version +orm_base_url = config.ranger_url verify = config.ssl_verify diff --git a/orm/services/db_cleanup.py b/orm/services/db_cleanup.py new file mode 100644 index 00000000..29ac06ad --- /dev/null +++ b/orm/services/db_cleanup.py @@ -0,0 +1,60 @@ +#!/usr/bin/env python +# Copyright (c) 2012 OpenStack Foundation +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); you may +# not use this file except in compliance with the License. You may obtain +# a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. + +from oslo_config import cfg +from sqlalchemy import * +import sys + +CONF = cfg.CONF + + +def main(argv=None): + + if argv is None: + argv = sys.argv + cfg.CONF(argv[1:], project='ranger', validate_default_values=True) + + orm_database_group = cfg.OptGroup(name='database', + title='Orm Database Options') + OrmDatabaseGroup = [ + cfg.StrOpt('connection', + help='The SQLAlchemy connection string to use to connect to ' + 'the ORM database.', + secret=True), + cfg.IntOpt('max_retries', + default=-1, + help='The maximum number of retries for database connection.') + ] + + CONF.register_group(orm_database_group) + CONF.register_opts(OrmDatabaseGroup, orm_database_group) + + drop_db_stmt = "SET sql_notes = 0;" \ + "DROP database orm;" \ + "DROP database orm_audit;" \ + "DROP database orm_cms_db;" \ + "DROP database orm_fms_db;" \ + "DROP database orm_rds;" \ + "DROP database orm_rms_db;" \ + "DROP database orm_uuidgen;" + + db_conn_url = CONF.database.connection + db_conn_url = db_conn_url and db_conn_url.replace("mysql+pymysql", "mysql") or '' + engine = create_engine(db_conn_url, echo=False) + + conn = engine.connect() + exec_script = conn.execute(drop_db_stmt) + conn.close() diff --git a/orm/services/id_generator/config.py b/orm/services/id_generator/config.py index 97f3b8ae..d7d48d4e 100755 --- a/orm/services/id_generator/config.py +++ b/orm/services/id_generator/config.py @@ -58,10 +58,8 @@ logging = { verify = config.ssl_verify # DB configurations -db_url = config.db_connect - database = { - 'connection_string': db_url.endswith('/orm') or (db_url + 'orm') + 'connection_string': config.db_connect } # Custom Configurations must be in Python dictionary format:: # diff --git a/orm/services/resource_distributor/config.py b/orm/services/resource_distributor/config.py index 0acfd35f..b2770f70 100755 --- a/orm/services/resource_distributor/config.py +++ b/orm/services/resource_distributor/config.py @@ -67,9 +67,9 @@ ordupdate = { 'discovery_port': config.rms['port'], 'template_type': 'hot', # This flag should be false only in case the ord does not support https. - 'https_enabled': False, + 'https_enabled': config.https_enabled, # ORD supports HTTPS and you don't need a certificate? set 'cert_path': '' - 'cert_path': '' + 'cert_path': config.cert_path } UUID_URL = config.uuid['base_url'] + 'v1/uuids' @@ -99,17 +99,12 @@ yaml_configs = { 'subnets': 'subnet' } }, - 'cms_template_version': { - 'resource_v1': { - 'ranger_agent_version': 3.0, - 'quota_unsupported_params': ['vips', 'members', 'pools', - 'nat_instance', 'route_table', - 'health_monitors', 'loadbalancer', - 'listener'] - }, - 'resource_v2': { - 'ranger_agent_version': 3.6, - 'quota_unsupported_params': [] + 'cms_quota': { + 'resource_quotas': { + 'quota_supported_params': ['vips', 'members', 'pools', + 'nat_instance', 'route_table', + 'health_monitors', 'loadbalancer', + 'listener'] } } }, @@ -158,9 +153,9 @@ region_resource_id_status = { }, 'allowed_ranger_agent_resource_version': { - 'customer': '3.0', - 'image': '3.0', - 'flavor': '3.0' + 'customer': '1.0', + 'image': '1.0', + 'flavor': '1.0' } } diff --git a/orm/services/resource_distributor/rds/services/yaml_customer_builder.py b/orm/services/resource_distributor/rds/services/yaml_customer_builder.py index 8d6fa7a4..03dc7eec 100755 --- a/orm/services/resource_distributor/rds/services/yaml_customer_builder.py +++ b/orm/services/resource_distributor/rds/services/yaml_customer_builder.py @@ -149,10 +149,7 @@ def yamlbuilder(alldata, region): class CMSAdjustResource(object): def __init__(self, rangerAgentVersion): - if rangerAgentVersion >= conf.yaml_configs.customer_yaml.cms_template_version.resource_v2.ranger_agent_version: - self.adjust_quota_parameters = CMSAdjustResourceV2().adjust_quota_parameters - else: - self.adjust_quota_parameters = CMSAdjustResourceV1().adjust_quota_parameters + self.adjust_quota_parameters = CMSAdjustQuotaResource().adjust_quota_parameters def fix_quota_resource_item(self, uuid, quotas, resources, options): if conf.yaml_configs.customer_yaml.yaml_options.quotas: @@ -175,23 +172,11 @@ class CMSAdjustResource(object): {"type": options[item][1], "properties": items[item]} -class CMSAdjustResourceV1(object): +class CMSAdjustQuotaResource(object): def __init__(self): - self.unsupported_params = conf.yaml_configs.customer_yaml.cms_template_version.resource_v1.quota_unsupported_params - - def adjust_quota_parameters(self, key, item): - if key in self.unsupported_params: - del item[key] - logger.warning("Region does not support Quota Parameter {}." - " removed from resource".format(key)) - - -class CMSAdjustResourceV2(object): - - def __init__(self): - self.supported_new_params = conf.yaml_configs.customer_yaml.cms_template_version.resource_v1.quota_unsupported_params + self.supported_new_params = conf.yaml_configs.customer_yaml.cms_quota.resource_quotas.quota_supported_params def adjust_quota_parameters(self, key, item): if key in self.supported_new_params: - logger.debug("New quota Parameter {} is added to quota resource".format(key)) + logger.debug("New quota parameter {} is added to quota resource".format(key)) diff --git a/tools/start_services.sh b/tools/start_services.sh index 86760aa4..1996d86d 100755 --- a/tools/start_services.sh +++ b/tools/start_services.sh @@ -4,31 +4,31 @@ set -e echo "Starting the audit service" -nohup orm-audit > /dev/null 2>&1& +nohup ranger-audit > /dev/null 2>&1& echo "Starting the uuidgen service" -nohup orm-uuidgen > /dev/null 2>&1& +nohup ranger-uuidgen > /dev/null 2>&1& echo "Starting the rds service" -nohup orm-rds > /dev/null 2>&1& +nohup ranger-rds > /dev/null 2>&1& echo "Starting the rms service" -nohup orm-rms > /dev/null 2>&1& +nohup ranger-rms > /dev/null 2>&1& echo "Starting the cms service" -nohup orm-cms > /dev/null 2>&1& +nohup ranger-cms > /dev/null 2>&1& echo "Starting the ims service" -nohup orm-ims > /dev/null 2>&1& +nohup ranger-ims > /dev/null 2>&1& echo "Starting the fms service" -nohup orm-fms > /dev/null 2>&1& +nohup ranger-fms > /dev/null 2>&1&