vmware-nsx/bin/quantum-rootwrap-xen-dom0
Maru Newby 7ff0c53564 Add support for OVS l2 agent in XS/XCP domU.
* Config doc: http://wiki.openstack.org/QuantumDevstackOvsXcp

 * The Open vSwitch agent needs to be deployed on domU but
   interact with a dom0 bridge.
 * Add a root wrapper and associated XenAPI plugin to allow the
   agent to execute networking commands against dom0 from domU.
 * Update ovs_lib mac address discovery to use ip_lib to
   ensure that discovery works even for bridges not local to
   the agent (i.e. dom0 bridges).  A bridge configured with
   a dom0 root wrapper will execute ip link on dom0.
 * Update ip_lib to use a root helper by default to ensure that
   the 'ip' command will execute on dom0.
 * Remove obselete rpm spec and installer for dom0 agent.
 * Credit where credit is due - the XenAPI plugin and its
   packaging were largely copied from nova.
 * Supports blueprint xenapi-ovs

Change-Id: I7795446ee1267712c896f5cb3401f84fb1763ce7
2013-05-01 23:10:53 +00:00

120 lines
3.8 KiB
Python
Executable File

#!/usr/bin/env python
# Copyright (c) 2012 Openstack, LLC.
# All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""Quantum root wrapper for dom0.
Executes networking commands in dom0. The XenAPI plugin is
responsible determining whether a command is safe to execute.
"""
import ConfigParser
import json
import os
import sys
import traceback
import XenAPI
RC_UNAUTHORIZED = 99
RC_NOCOMMAND = 98
RC_BADCONFIG = 97
RC_XENAPI_ERROR = 96
def parse_args():
# Split arguments, require at least a command
exec_name = sys.argv.pop(0)
# argv[0] required; path to conf file
if len(sys.argv) < 2:
print "%s: No command specified" % exec_name
sys.exit(RC_NOCOMMAND)
config_file = sys.argv.pop(0)
user_args = sys.argv[:]
return exec_name, config_file, user_args
def load_configuration(exec_name, config_file):
config = ConfigParser.RawConfigParser()
config.read(config_file)
try:
filters_path = config.get("DEFAULT", "filters_path").split(",")
section = 'XENAPI'
url = config.get(section, "xenapi_connection_url")
username = config.get(section, "xenapi_connection_username")
password = config.get(section, "xenapi_connection_password")
except ConfigParser.Error:
print "%s: Incorrect configuration file: %s" % (exec_name, config_file)
sys.exit(RC_BADCONFIG)
if not url or not password:
msg = ("%s: Must specify xenapi_connection_url, "
"xenapi_connection_username (optionally), and "
"xenapi_connection_password in %s") % (exec_name, config_file)
print msg
sys.exit(RC_BADCONFIG)
return dict(
filters_path=filters_path,
url=url,
username=username,
password=password,
)
def filter_command(exec_name, filters_path, user_args):
# Add ../ to sys.path to allow running from branch
possible_topdir = os.path.normpath(os.path.join(os.path.abspath(exec_name),
os.pardir, os.pardir))
if os.path.exists(os.path.join(possible_topdir, "quantum", "__init__.py")):
sys.path.insert(0, possible_topdir)
from quantum.rootwrap import wrapper
# Execute command if it matches any of the loaded filters
filters = wrapper.load_filters(filters_path)
filter_match = wrapper.match_filter(filters, user_args)
if not filter_match:
print "Unauthorized command: %s" % ' '.join(user_args)
sys.exit(RC_UNAUTHORIZED)
def run_command(url, username, password, user_args):
try:
session = XenAPI.Session(url)
session.login_with_password(username, password)
host = session.xenapi.session.get_this_host(session.handle)
result = session.xenapi.host.call_plugin(
host, 'netwrap', 'run_command', {'cmd': json.dumps(user_args)})
return json.loads(result)
except Exception as e:
traceback.print_exc()
sys.exit(RC_XENAPI_ERROR)
def main():
exec_name, config_file, user_args = parse_args()
config = load_configuration(exec_name, config_file)
filter_command(exec_name, config['filters_path'], user_args)
return run_command(config['url'], config['username'], config['password'],
user_args)
if __name__ == '__main__':
print main()