X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=xenserver%2Fetc_xapi.d_plugins_openvswitch-cfg-update;h=a4d97f58e0161fba4a8a59a83e1afe41f7852359;hb=0671665d935c88ebccc49675cbc615c108d9716d;hp=b573b035d00a717a7a7575cb275bb3450b0302b8;hpb=90056dc0a0836b1668ef8fdd971360bbedc3b035;p=sliver-openvswitch.git

diff --git a/xenserver/etc_xapi.d_plugins_openvswitch-cfg-update b/xenserver/etc_xapi.d_plugins_openvswitch-cfg-update
index b573b035d..a4d97f58e 100755
--- a/xenserver/etc_xapi.d_plugins_openvswitch-cfg-update
+++ b/xenserver/etc_xapi.d_plugins_openvswitch-cfg-update
@@ -4,7 +4,7 @@
 # ovs-vswitchd configuration that are managed in the xapi database when 
 # integrated with Citrix management tools.
 
-# Copyright (C) 2009, 2010 Nicira Networks, Inc.
+# Copyright (C) 2009, 2010, 2011 Nicira Networks, Inc.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -25,6 +25,7 @@ import XenAPIPlugin
 import XenAPI
 import os
 import subprocess
+import syslog
 
 vsctl="/usr/bin/ovs-vsctl"
 cacert_filename="/etc/openvswitch/vswitchd.cacert"
@@ -38,6 +39,15 @@ def delete_cacert():
         pass
 
 def update(session, args):
+    # Refresh bridge network UUIDs in case this host joined or left a pool.
+    script = "/opt/xensource/libexec/interface-reconfigure"
+    try:
+        retval = subprocess.call([script, "rewrite"])
+        if retval != 0:
+            syslog.syslog("%s exited with status %d" % (script, retval))
+    except OSError, e:
+        syslog.syslog("%s: failed to execute (%s)" % (script, e.strerror))
+
     pools = session.xenapi.pool.get_all()
     # We assume there is only ever one pool...
     if len(pools) == 0:
@@ -46,18 +56,64 @@ def update(session, args):
         raise XenAPIPlugin.Failure("MORE_THAN_ONE_POOL_FOR_HOST", [])
     pool = session.xenapi.pool.get_record(pools[0])
     try:
-        controller = pool["other_config"]["vSwitchController"]
+        try:
+            controller = pool["vswitch_controller"]
+        except KeyError:
+            # On systems older than XenServer 5.6.0, we needed to store
+            # the key in "other_config".
+            controller = pool["other_config"]["vSwitchController"]
     except KeyError, e:
         controller = ""
+    ret_str = ""
     currentController = vswitchCurrentController()
     if controller == "" and currentController != "":
         delete_cacert()
+        try:
+            emergency_reset(session, None)
+        except:
+            pass
         removeControllerCfg()
-        return "Successfully removed controller config"
+        ret_str += "Successfully removed controller config.  "
     elif controller != currentController:
         delete_cacert()
+        try:
+            emergency_reset(session, None)
+        except:
+            pass
         setControllerCfg(controller)
-        return "Successfully set controller to " + controller
+        ret_str += "Successfully set controller to %s.  " % controller
+
+    try:
+        fail_mode = pool["other_config"]["vswitch-controller-fail-mode"]
+    except KeyError, e:
+        fail_mode = None
+
+    if fail_mode != 'secure':
+        fail_mode = 'standalone'
+
+    fail_mode_changed = False
+    for (p, rec) in session.xenapi.PIF.get_all_records().items():
+        try:
+            network = session.xenapi.network.get_record(rec['network'])
+            bridge = network['bridge']
+        except Exception, e:
+            syslog.syslog("%s: failed to get bridge name (%s)" %
+                    (script, str(e)))
+            continue
+
+        bridge_fail_mode = vswitchCfgQuery(["get", "Bridge",
+            bridge, "fail_mode"]).strip('[]"')
+
+        if bridge_fail_mode != fail_mode:
+            vswitchCfgMod(['--', 'set', 'Bridge', bridge,
+                "fail_mode=%s" % fail_mode])
+            fail_mode_changed = True
+
+    if fail_mode_changed:
+        ret_str += "Set fail_mode to %s.  " % fail_mode
+
+    if ret_str != '':
+        return ret_str
     else:
         return "No change to configuration"
 
@@ -76,6 +132,8 @@ def removeControllerCfg():
                    "--", "del-ssl"])
 
 def setControllerCfg(controller):
+    # /etc/xensource/xapi-ssl.pem is mentioned twice below because it
+    # contains both the private key and the certificate.
     vswitchCfgMod(["--", "clear", "Open_vSwitch", ".", "managers",
                    "--", "del-ssl",
                    "--", "--bootstrap", "set-ssl",
@@ -86,7 +144,7 @@ def setControllerCfg(controller):
                    'managers="ssl:' + controller + ':6632"'])
 
 def vswitchCfgQuery(action_args):
-    cmd = [vsctl, "-vANY:console:emer"] + action_args
+    cmd = [vsctl, "--timeout=5", "-vANY:console:emer"] + action_args
     output = subprocess.Popen(cmd, stdout=subprocess.PIPE).communicate()
     if len(output) == 0 or output[0] == None:
         output = ""
@@ -95,11 +153,21 @@ def vswitchCfgQuery(action_args):
     return output
 
 def vswitchCfgMod(action_args):
-    cmd = [vsctl, "-vANY:console:emer"] + action_args
+    cmd = [vsctl, "--timeout=5", "-vANY:console:emer"] + action_args
     exitcode = subprocess.call(cmd)
     if exitcode != 0:
         raise XenAPIPlugin.Failure("VSWITCH_CONFIG_MOD_FAILURE",
                                    [ str(exitcode) , str(action_args) ])
+
+def emergency_reset(session, args):
+    cmd = [vsctl, "--timeout=5", "emer-reset"]
+    exitcode = subprocess.call(cmd)
+    if exitcode != 0:
+        raise XenAPIPlugin.Failure("VSWITCH_EMER_RESET_FAILURE",
+                                   [ str(exitcode) ])
+
+    return "Successfully reset configuration"
     
 if __name__ == "__main__":
-    XenAPIPlugin.dispatch({"update": update})
+    XenAPIPlugin.dispatch({"update": update,
+                           "emergency_reset": emergency_reset})