X-Git-Url: http://git.onelab.eu/?a=blobdiff_plain;f=xenserver%2Fopt_xensource_libexec_interface-reconfigure;h=2b6f62b46dd9ddf1be560ecbe73b5740e283e29b;hb=6bab37989b1b5e8981bee80e1fedef621799332c;hp=1ff53590d11bcf93dbcf4dc36ac5ccba7da8c6e0;hpb=58b7527ecbf053004cc555aa433168395f0ec622;p=sliver-openvswitch.git diff --git a/xenserver/opt_xensource_libexec_interface-reconfigure b/xenserver/opt_xensource_libexec_interface-reconfigure index 1ff53590d..2b6f62b46 100755 --- a/xenserver/opt_xensource_libexec_interface-reconfigure +++ b/xenserver/opt_xensource_libexec_interface-reconfigure @@ -1,26 +1,40 @@ #!/usr/bin/python # -# Copyright (c) Citrix Systems 2008. All rights reserved. +# Copyright (c) 2008,2009 Citrix Systems, Inc. # Copyright (c) 2009 Nicira Networks. # +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License as published +# by the Free Software Foundation; version 2.1 only. with the special +# exception on linking described in file LICENSE. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License for more details. +# """Usage: - %(command-name)s --session --pif [up|down|rewrite] - %(command-name)s --force [up|down|rewrite ] + %(command-name)s up + %(command-name)s down + %(command-name)s [] rewrite + %(command-name)s --force up + %(command-name)s --force down + %(command-name)s --force rewrite --device= %(command-name)s --force all down - where, - = --device= --mode=dhcp - = --device= --mode=static --ip= --netmask= [--gateway=] + where is one of: + --session --pif + --pif-uuid + and is one of: + --mode=dhcp + --mode=static --ip= --netmask= [--gateway=] Options: --session A session reference to use to access the xapi DB - --pif A PIF reference. - --force-interface An interface name. Mutually exclusive with --session/--pif. - - Either both --session and --pif or just --pif-uuid. - - is either "up" or "down" or "rewrite" + --pif A PIF reference within the session. + --pif-uuid The UUID of a PIF. + --force An interface name. """ # @@ -28,7 +42,6 @@ # # --output-directory= Write configuration to . Also disables actually # raising/lowering the interfaces -# --pif-uuid A PIF UUID, use instead of --session/--pif. # # # @@ -38,39 +51,58 @@ # 3. A network may have an associated bridge, allowing vifs to be attached # 4. A network may be bridgeless (there's no point having a bridge over a storage pif) -# XXX: --force-interface=all down - -# XXX: --force-interface rewrite - -# XXX: Sometimes this leaves "orphaned" datapaths, e.g. a datapath whose -# only port is the local port. Should delete those. - -# XXX: This can leave crud in ovs-vswitchd.conf in this scenario: -# - Create bond in XenCenter. -# - Create VLAN on bond in XenCenter. -# - Attempt to delete bond in XenCenter (this will fail because there -# is a VLAN on the bond, although the error may not be reported -# until the next step) -# - Delete VLAN in XenCenter. -# - Delete bond in XenCenter. -# At this point there will still be some configuration data for the bond -# or the VLAN in ovs-vswitchd.conf. - import XenAPI import os, sys, getopt, time, signal import syslog import traceback -import time import re -import pickle +import random +from xml.dom.minidom import getDOMImplementation +from xml.dom.minidom import parse as parseXML output_directory = None db = None management_pif = None -dbcache_file = "/etc/ovs-vswitch.dbcache" -vswitch_config_dir = "/etc/openvswitch" +vswitch_state_dir = "/var/lib/openvswitch/" +dbcache_file = vswitch_state_dir + "dbcache" + +# +# Debugging and Logging. +# + +def debug_mode(): + return output_directory is not None + +def log(s): + if debug_mode(): + print >>sys.stderr, s + else: + syslog.syslog(s) + +def log_pif_action(action, pif): + pifrec = db.get_pif_record(pif) + rec = {} + rec['uuid'] = pifrec['uuid'] + rec['ip_configuration_mode'] = pifrec['ip_configuration_mode'] + rec['action'] = action + rec['pif_netdev_name'] = pif_netdev_name(pif) + rec['message'] = "Bring %(action)s PIF %(uuid)s" % rec + log("%(message)s: %(pif_netdev_name)s configured as %(ip_configuration_mode)s" % rec) + + +def run_command(command): + log("Running command: " + ' '.join(command)) + rc = os.spawnl(os.P_WAIT, command[0], *command) + if rc != 0: + log("Command failed %d: " % rc + ' '.join(command)) + return False + return True + +# +# Exceptions. +# class Usage(Exception): def __init__(self, msg): @@ -82,6 +114,10 @@ class Error(Exception): Exception.__init__(self) self.msg = msg +# +# Configuration File Handling. +# + class ConfigurationFile(object): """Write a file, tracking old and new versions. @@ -92,23 +128,23 @@ class ConfigurationFile(object): __STATE = {"OPEN":"OPEN", "NOT-APPLIED":"NOT-APPLIED", "APPLIED":"APPLIED", "REVERTED":"REVERTED", "COMMITTED": "COMMITTED"} - + def __init__(self, fname, path="/etc/sysconfig/network-scripts"): self.__state = self.__STATE['OPEN'] self.__fname = fname self.__children = [] - + if debug_mode(): dirname = output_directory else: dirname = path - + self.__path = os.path.join(dirname, fname) self.__oldpath = os.path.join(dirname, "." + fname + ".xapi-old") self.__newpath = os.path.join(dirname, "." + fname + ".xapi-new") self.__unlink = False - + self.__f = open(self.__newpath, "w") def attach_child(self, child): @@ -122,7 +158,7 @@ class ConfigurationFile(object): return open(self.path()).readlines() except: return "" - + def write(self, args): if self.__state != self.__STATE['OPEN']: raise Error("Attempt to write to file in state %s" % self.__state) @@ -134,11 +170,11 @@ class ConfigurationFile(object): self.__unlink = True self.__f.close() self.__state = self.__STATE['NOT-APPLIED'] - + def close(self): if self.__state != self.__STATE['OPEN']: raise Error("Attempt to close file in state %s" % self.__state) - + self.__f.close() self.__state = self.__STATE['NOT-APPLIED'] @@ -171,7 +207,7 @@ class ConfigurationFile(object): if not self.__unlink: os.link(self.__newpath, self.__path) else: - pass # implicit unlink of original file + pass # implicit unlink of original file # Remove temporary file. os.unlink(self.__newpath) @@ -202,9 +238,9 @@ class ConfigurationFile(object): os.unlink(self.__oldpath) # Leave .*.xapi-new as an aid to debugging. - + self.__state = self.__STATE['REVERTED'] - + def commit(self): if self.__state != self.__STATE['APPLIED']: raise Error("Attempt to commit configuration from state %s" % self.__state) @@ -213,7 +249,7 @@ class ConfigurationFile(object): child.commit() log("Committing changes to %s configuration" % self.__fname) - + if os.access(self.__oldpath, os.F_OK): os.unlink(self.__oldpath) if os.access(self.__newpath, os.F_OK): @@ -221,38 +257,225 @@ class ConfigurationFile(object): self.__state = self.__STATE['COMMITTED'] -def debug_mode(): - return output_directory is not None +# +# Helper functions for encoding/decoding database attributes to/from XML. +# -def log(s): - if debug_mode(): - print >>sys.stderr, s +def str_to_xml(xml, parent, tag, val): + e = xml.createElement(tag) + parent.appendChild(e) + v = xml.createTextNode(val) + e.appendChild(v) +def str_from_xml(n): + def getText(nodelist): + rc = "" + for node in nodelist: + if node.nodeType == node.TEXT_NODE: + rc = rc + node.data + return rc + return getText(n.childNodes).strip() + +def bool_to_xml(xml, parent, tag, val): + if val: + str_to_xml(xml, parent, tag, "True") else: - syslog.syslog(s) + str_to_xml(xml, parent, tag, "False") +def bool_from_xml(n): + s = str_from_xml(n) + if s == "True": + return True + elif s == "False": + return False + else: + raise Error("Unknown boolean value %s" % s) + +def strlist_to_xml(xml, parent, ltag, itag, val): + e = xml.createElement(ltag) + parent.appendChild(e) + for v in val: + c = xml.createElement(itag) + e.appendChild(c) + cv = xml.createTextNode(v) + c.appendChild(cv) +def strlist_from_xml(n, ltag, itag): + ret = [] + for n in n.childNodes: + if n.nodeName == itag: + ret.append(str_from_xml(n)) + return ret + +def otherconfig_to_xml(xml, parent, val, attrs): + otherconfig = xml.createElement("other_config") + parent.appendChild(otherconfig) + for n,v in val.items(): + if not n in attrs: + raise Error("Unknown other-config attribute: %s" % n) + str_to_xml(xml, otherconfig, n, v) +def otherconfig_from_xml(n, attrs): + ret = {} + for n in n.childNodes: + if n.nodeName in attrs: + ret[n.nodeName] = str_from_xml(n) + return ret -def check_allowed(pif): - pifrec = db.get_pif_record(pif) - try: - f = open("/proc/ardence") - macline = filter(lambda x: x.startswith("HWaddr:"), f.readlines()) +# +# Definitions of the database objects (and their attributes) used by interface-reconfigure. +# +# Each object is defined by a dictionary mapping an attribute name in +# the xapi database to a tuple containing two items: +# - a function which takes this attribute and encodes it as XML. +# - a function which takes XML and decocdes it into a value. +# +# other-config attributes are specified as a simple array of strings + +PIF_XML_TAG = "pif" +VLAN_XML_TAG = "vlan" +BOND_XML_TAG = "bond" +NETWORK_XML_TAG = "network" + +ETHTOOL_OTHERCONFIG_ATTRS = ['ethtool-%s' % x for x in 'autoneg', 'speed', 'duplex', 'rx', 'tx', 'sg', 'tso', 'ufo', 'gso' ] + +PIF_OTHERCONFIG_ATTRS = [ 'domain', 'peerdns', 'defaultroute', 'mtu', 'static-routes' ] + \ + [ 'bond-%s' % x for x in 'mode', 'miimon', 'downdelay', 'updelay', 'use_carrier' ] + \ + ETHTOOL_OTHERCONFIG_ATTRS + +PIF_ATTRS = { 'uuid': (str_to_xml,str_from_xml), + 'management': (bool_to_xml,bool_from_xml), + 'network': (str_to_xml,str_from_xml), + 'device': (str_to_xml,str_from_xml), + 'bond_master_of': (lambda x, p, t, v: strlist_to_xml(x, p, 'bond_master_of', 'slave', v), + lambda n: strlist_from_xml(n, 'bond_master_of', 'slave')), + 'bond_slave_of': (str_to_xml,str_from_xml), + 'VLAN': (str_to_xml,str_from_xml), + 'VLAN_master_of': (str_to_xml,str_from_xml), + 'VLAN_slave_of': (lambda x, p, t, v: strlist_to_xml(x, p, 'VLAN_slave_of', 'master', v), + lambda n: strlist_from_xml(n, 'VLAN_slave_Of', 'master')), + 'ip_configuration_mode': (str_to_xml,str_from_xml), + 'IP': (str_to_xml,str_from_xml), + 'netmask': (str_to_xml,str_from_xml), + 'gateway': (str_to_xml,str_from_xml), + 'DNS': (str_to_xml,str_from_xml), + 'MAC': (str_to_xml,str_from_xml), + 'other_config': (lambda x, p, t, v: otherconfig_to_xml(x, p, v, PIF_OTHERCONFIG_ATTRS), + lambda n: otherconfig_from_xml(n, PIF_OTHERCONFIG_ATTRS)), + + # Special case: We write the current value + # PIF.currently-attached to the cache but since it will + # not be valid when we come to use the cache later + # (i.e. after a reboot) we always read it as False. + 'currently_attached': (bool_to_xml, lambda n: False), + } + +VLAN_ATTRS = { 'uuid': (str_to_xml,str_from_xml), + 'tagged_PIF': (str_to_xml,str_from_xml), + 'untagged_PIF': (str_to_xml,str_from_xml), + } + +BOND_ATTRS = { 'uuid': (str_to_xml,str_from_xml), + 'master': (str_to_xml,str_from_xml), + 'slaves': (lambda x, p, t, v: strlist_to_xml(x, p, 'slaves', 'slave', v), + lambda n: strlist_from_xml(n, 'slaves', 'slave')), + } + +NETWORK_OTHERCONFIG_ATTRS = [ 'mtu', 'static-routes' ] + ETHTOOL_OTHERCONFIG_ATTRS + +NETWORK_ATTRS = { 'uuid': (str_to_xml,str_from_xml), + 'bridge': (str_to_xml,str_from_xml), + 'PIFs': (lambda x, p, t, v: strlist_to_xml(x, p, 'PIFs', 'PIF', v), + lambda n: strlist_from_xml(n, 'PIFs', 'PIF')), + 'other_config': (lambda x, p, t, v: otherconfig_to_xml(x, p, v, NETWORK_OTHERCONFIG_ATTRS), + lambda n: otherconfig_from_xml(n, NETWORK_OTHERCONFIG_ATTRS)), + } + +class DatabaseCache(object): + def __read_xensource_inventory(self): + filename = "/etc/xensource-inventory" + f = open(filename, "r") + lines = [x.strip("\n") for x in f.readlines()] f.close() - if len(macline) == 1: - p = re.compile(".*\s%(MAC)s\s.*" % pifrec, re.IGNORECASE) - if p.match(macline[0]): - log("Skipping PVS device %(device)s (%(MAC)s)" % pifrec) - return False - except IOError: - pass - return True -def interface_exists(i): - return os.path.exists("/sys/class/net/" + i) + defs = [ (l[:l.find("=")], l[(l.find("=") + 1):]) for l in lines ] + defs = [ (a, b.strip("'")) for (a,b) in defs ] + + return dict(defs) + def __pif_on_host(self,pif): + return self.__pifs.has_key(pif) + + def __get_pif_records_from_xapi(self, session, host): + self.__pifs = {} + for (p,rec) in session.xenapi.PIF.get_all_records().items(): + if rec['host'] != host: + continue + self.__pifs[p] = {} + for f in PIF_ATTRS: + self.__pifs[p][f] = rec[f] + self.__pifs[p]['other_config'] = {} + for f in PIF_OTHERCONFIG_ATTRS: + if not rec['other_config'].has_key(f): continue + self.__pifs[p]['other_config'][f] = rec['other_config'][f] + + def __get_vlan_records_from_xapi(self, session): + self.__vlans = {} + for v in session.xenapi.VLAN.get_all(): + rec = session.xenapi.VLAN.get_record(v) + if not self.__pif_on_host(rec['untagged_PIF']): + continue + self.__vlans[v] = {} + for f in VLAN_ATTRS: + self.__vlans[v][f] = rec[f] + + def __get_bond_records_from_xapi(self, session): + self.__bonds = {} + for b in session.xenapi.Bond.get_all(): + rec = session.xenapi.Bond.get_record(b) + if not self.__pif_on_host(rec['master']): + continue + self.__bonds[b] = {} + for f in BOND_ATTRS: + self.__bonds[b][f] = rec[f] + + def __get_network_records_from_xapi(self, session): + self.__networks = {} + for n in session.xenapi.network.get_all(): + rec = session.xenapi.network.get_record(n) + self.__networks[n] = {} + for f in NETWORK_ATTRS: + if f == "PIFs": + # drop PIFs on other hosts + self.__networks[n][f] = [p for p in rec[f] if self.__pif_on_host(p)] + else: + self.__networks[n][f] = rec[f] + self.__networks[n]['other_config'] = {} + for f in NETWORK_OTHERCONFIG_ATTRS: + if not rec['other_config'].has_key(f): continue + self.__networks[n]['other_config'][f] = rec['other_config'][f] + + def __to_xml(self, xml, parent, key, ref, rec, attrs): + """Encode a database object as XML""" + e = xml.createElement(key) + parent.appendChild(e) + if ref: + e.setAttribute('ref', ref) + + for n,v in rec.items(): + if attrs.has_key(n): + h,_ = attrs[n] + h(xml, e, n, v) + else: + raise Error("Unknown attribute %s" % n) + def __from_xml(self, e, attrs): + """Decode a database object from XML""" + ref = e.attributes['ref'].value + rec = {} + for n in e.childNodes: + if n.nodeName in attrs: + _,h = attrs[n.nodeName] + rec[n.nodeName] = h(n) + return (ref,rec) -class DatabaseCache(object): def __init__(self, session_ref=None, cache_file=None): if session_ref and cache_file: raise Error("can't specify session reference and cache file") - if cache_file == None: session = XenAPI.xapi_local() @@ -263,32 +486,70 @@ class DatabaseCache(object): session._session = session_ref try: - self.__vlans = session.xenapi.VLAN.get_all_records() - self.__bonds = session.xenapi.Bond.get_all_records() - self.__pifs = session.xenapi.PIF.get_all_records() - self.__networks = session.xenapi.network.get_all_records() + + inventory = self.__read_xensource_inventory() + assert(inventory.has_key('INSTALLATION_UUID')) + log("host uuid is %s" % inventory['INSTALLATION_UUID']) + + host = session.xenapi.host.get_by_uuid(inventory['INSTALLATION_UUID']) + + self.__get_pif_records_from_xapi(session, host) + + self.__get_vlan_records_from_xapi(session) + self.__get_bond_records_from_xapi(session) + self.__get_network_records_from_xapi(session) finally: if not session_ref: session.xenapi.session.logout() else: log("Loading xapi database cache from %s" % cache_file) - f = open(cache_file, 'r') - members = pickle.load(f) - self.extras = pickle.load(f) - f.close() - self.__vlans = members['vlans'] - self.__bonds = members['bonds'] - self.__pifs = members['pifs'] - self.__networks = members['networks'] + xml = parseXML(cache_file) + + self.__pifs = {} + self.__bonds = {} + self.__vlans = {} + self.__networks = {} + + assert(len(xml.childNodes) == 1) + toplevel = xml.childNodes[0] + + assert(toplevel.nodeName == "xenserver-network-configuration") + + for n in toplevel.childNodes: + if n.nodeName == "#text": + pass + elif n.nodeName == PIF_XML_TAG: + (ref,rec) = self.__from_xml(n, PIF_ATTRS) + self.__pifs[ref] = rec + elif n.nodeName == BOND_XML_TAG: + (ref,rec) = self.__from_xml(n, BOND_ATTRS) + self.__bonds[ref] = rec + elif n.nodeName == VLAN_XML_TAG: + (ref,rec) = self.__from_xml(n, VLAN_ATTRS) + self.__vlans[ref] = rec + elif n.nodeName == NETWORK_XML_TAG: + (ref,rec) = self.__from_xml(n, NETWORK_ATTRS) + self.__networks[ref] = rec + else: + raise Error("Unknown XML element %s" % n.nodeName) + + def save(self, cache_file): + + xml = getDOMImplementation().createDocument( + None, "xenserver-network-configuration", None) + for (ref,rec) in self.__pifs.items(): + self.__to_xml(xml, xml.documentElement, PIF_XML_TAG, ref, rec, PIF_ATTRS) + for (ref,rec) in self.__bonds.items(): + self.__to_xml(xml, xml.documentElement, BOND_XML_TAG, ref, rec, BOND_ATTRS) + for (ref,rec) in self.__vlans.items(): + self.__to_xml(xml, xml.documentElement, VLAN_XML_TAG, ref, rec, VLAN_ATTRS) + for (ref,rec) in self.__networks.items(): + self.__to_xml(xml, xml.documentElement, NETWORK_XML_TAG, ref, rec, + NETWORK_ATTRS) - def save(self, cache_file, extras): f = open(cache_file, 'w') - pickle.dump({'vlans': self.__vlans, - 'bonds': self.__bonds, - 'pifs': self.__pifs, - 'networks': self.__networks}, f) - pickle.dump(extras, f) + f.write(xml.toprettyxml()) f.close() def get_pif_by_uuid(self, uuid): @@ -302,70 +563,46 @@ class DatabaseCache(object): return pifs[0] - def get_pifs_by_record(self, record): - """record is partial pif record. - Get the pif(s) whose record matches. - """ - def match(pifrec): - for key in record: - if record[key] != pifrec[key]: - return False - return True - + def get_pifs_by_device(self, device): return map(lambda (ref,rec): ref, - filter(lambda (ref,rec): match(rec), + filter(lambda (ref,rec): rec['device'] == device, self.__pifs.items())) - def get_pif_by_record(self, record): - """record is partial pif record. - Get the pif whose record matches. - """ - pifs = self.get_pifs_by_record(record) - if len(pifs) == 0: - raise Error("No matching PIF \"%s\"" % str(record)) - elif len(pifs) > 1: - raise Error("Multiple matching PIFs \"%s\"" % str(record)) - - return pifs[0] - - def get_pif_by_bridge(self, host, bridge): + def get_pif_by_bridge(self, bridge): networks = map(lambda (ref,rec): ref, filter(lambda (ref,rec): rec['bridge'] == bridge, self.__networks.items())) if len(networks) == 0: - raise Error("No matching network \"%s\"") + raise Error("No matching network \"%s\"" % bridge) answer = None for network in networks: nwrec = self.get_network_record(network) for pif in nwrec['PIFs']: pifrec = self.get_pif_record(pif) - if pifrec['host'] != host: - continue if answer: - raise Error("Multiple PIFs on %s for network %s" % (host, bridge)) + raise Error("Multiple PIFs on host for network %s" % (bridge)) answer = pif if not answer: - raise Error("No PIF on %s for network %s" % (host, bridge)) + raise Error("No PIF on host for network %s" % (bridge)) return answer def get_pif_record(self, pif): if self.__pifs.has_key(pif): return self.__pifs[pif] - raise Error("Unknown PIF \"%s\"" % pif) + raise Error("Unknown PIF \"%s\" (get_pif_record)" % pif) def get_all_pifs(self): return self.__pifs def pif_exists(self, pif): return self.__pifs.has_key(pif) - - def get_management_pif(self, host): + + def get_management_pif(self): """ Returns the management pif on host """ all = self.get_all_pifs() - for pif in all: + for pif in all: pifrec = self.get_pif_record(pif) - if pifrec['management'] and pifrec['host'] == host : - return pif + if pifrec['management']: return pif return None def get_network_record(self, network): @@ -380,89 +617,285 @@ class DatabaseCache(object): return self.__bonds[bond] else: return None - + def get_vlan_record(self, vlan): if self.__vlans.has_key(vlan): return self.__vlans[vlan] else: return None - -def bridge_name(pif): - """Return the bridge name associated with pif, or None if network is bridgeless""" + +# +# Boot from Network filesystem or device. +# + +def check_allowed(pif): + """Determine whether interface-reconfigure should be manipulating this PIF. + + Used to prevent system PIFs (such as network root disk) from being interfered with. + """ + pifrec = db.get_pif_record(pif) - nwrec = db.get_network_record(pifrec['network']) + try: + f = open("/proc/ardence") + macline = filter(lambda x: x.startswith("HWaddr:"), f.readlines()) + f.close() + if len(macline) == 1: + p = re.compile(".*\s%(MAC)s\s.*" % pifrec, re.IGNORECASE) + if p.match(macline[0]): + log("Skipping PVS device %(device)s (%(MAC)s)" % pifrec) + return False + except IOError: + pass + return True - if nwrec['bridge']: - # TODO: sanity check that nwrec['bridgeless'] != 'true' - return nwrec['bridge'] - else: - # TODO: sanity check that nwrec['bridgeless'] == 'true' - return None +# +# Bare Network Devices -- network devices without IP configuration +# + +def netdev_exists(netdev): + return os.path.exists("/sys/class/net/" + netdev) -def interface_name(pif): - """Construct an interface name from the given PIF record.""" +def pif_netdev_name(pif): + """Get the netdev name for a PIF.""" pifrec = db.get_pif_record(pif) - if pifrec['VLAN'] == '-1': - return pifrec['device'] - else: + if pif_is_vlan(pif): return "%(device)s.%(VLAN)s" % pifrec + else: + return pifrec['device'] -def datapath_name(pif): - """Return the OpenFlow datapath name associated with pif. -For a non-VLAN PIF, the datapath name is the bridge name. -For a VLAN PIF, the datapath name is the bridge name for the PIF's VLAN slave. -(xapi will create a datapath named with the bridge name even though we won't -use it.) -""" +def netdev_down(netdev): + """Bring down a bare network device""" + if debug_mode(): + return + if not netdev_exists(netdev): + log("netdev: down: device %s does not exist, ignoring" % netdev) + return + run_command(["/sbin/ifconfig", netdev, 'down']) - pifrec = db.get_pif_record(pif) +def netdev_up(netdev, mtu=None): + """Bring up a bare network device""" + if debug_mode(): + return + if not netdev_exists(netdev): + raise Error("netdev: up: device %s does not exist" % netdev) - if pifrec['VLAN'] == '-1': - return bridge_name(pif) + if mtu: + mtu = ["mtu", mtu] else: - return bridge_name(get_vlan_slave_of_pif(pif)) + mtu = [] + + run_command(["/sbin/ifconfig", netdev, 'up'] + mtu) -def ipdev_name(pif): - """Return the the name of the network device that carries the -IP configuration (if any) associated with pif. -The ipdev name is the same as the bridge name. -""" +def netdev_remap_name(pif, already_renamed=[]): + """Check whether 'pif' exists and has the correct MAC. + If not, try to find a device with the correct MAC and rename it. + 'already_renamed' is used to avoid infinite recursion. + """ + + def read1(name): + file = None + try: + file = open(name, 'r') + return file.readline().rstrip('\n') + finally: + if file != None: + file.close() + + def get_netdev_mac(device): + try: + return read1("/sys/class/net/%s/address" % device) + except: + # Probably no such device. + return None + + def get_netdev_tx_queue_len(device): + try: + return int(read1("/sys/class/net/%s/tx_queue_len" % device)) + except: + # Probably no such device. + return None + + def get_netdev_by_mac(mac): + for device in os.listdir("/sys/class/net"): + dev_mac = get_netdev_mac(device) + if (dev_mac and mac.lower() == dev_mac.lower() and + get_netdev_tx_queue_len(device)): + return device + return None + + def rename_netdev(old_name, new_name): + log("Changing the name of %s to %s" % (old_name, new_name)) + run_command(['/sbin/ifconfig', old_name, 'down']) + if not run_command(['/sbin/ip', 'link', 'set', old_name, 'name', new_name]): + raise Error("Could not rename %s to %s" % (old_name, new_name)) pifrec = db.get_pif_record(pif) - return bridge_name(pif) + device = pifrec['device'] + mac = pifrec['MAC'] + + # Is there a network device named 'device' at all? + device_exists = netdev_exists(device) + if device_exists: + # Yes. Does it have MAC 'mac'? + found_mac = get_netdev_mac(device) + if found_mac and mac.lower() == found_mac.lower(): + # Yes, everything checks out the way we want. Nothing to do. + return + else: + log("No network device %s" % device) -def physdev_names(pif): - """Return the name(s) of the physical network device(s) associated with pif. -For a VLAN PIF, the physical devices are the VLAN slave's physical devices. -For a bond master PIF, the physical devices are the bond slaves. -For a non-VLAN, non-bond master PIF, the physical device is the PIF itself. -""" + # What device has MAC 'mac'? + cur_device = get_netdev_by_mac(mac) + if not cur_device: + log("No network device has MAC %s" % mac) + return + + # First rename 'device', if it exists, to get it out of the way + # for 'cur_device' to replace it. + if device_exists: + rename_netdev(device, "dev%d" % random.getrandbits(24)) + + # Rename 'cur_device' to 'device'. + rename_netdev(cur_device, device) +# +# IP Network Devices -- network devices with IP configuration +# + +def pif_ipdev_name(pif): + """Return the ipdev name associated with pif""" pifrec = db.get_pif_record(pif) + nwrec = db.get_network_record(pifrec['network']) - if pifrec['VLAN'] != '-1': - return physdev_names(get_vlan_slave_of_pif(pif)) - elif len(pifrec['bond_master_of']) != 0: - physdevs = [] - for slave in get_bond_slaves_of_pif(pif): - physdevs += physdev_names(slave) - return physdevs + if nwrec['bridge']: + # TODO: sanity check that nwrec['bridgeless'] != 'true' + return nwrec['bridge'] else: - return [pifrec['device']] + # TODO: sanity check that nwrec['bridgeless'] == 'true' + return pif_netdev_name(pif) + +def ifdown(netdev): + """Bring down a network interface""" + if debug_mode(): + return + if not netdev_exists(netdev): + log("ifdown: device %s does not exist, ignoring" % netdev) + return + if not os.path.exists("/etc/sysconfig/network-scripts/ifcfg-%s" % netdev): + log("ifdown: device %s exists but ifcfg %s does not" % (netdev,netdev)) + netdev_down(netdev) + run_command(["/sbin/ifdown", netdev]) + +def ifup(netdev): + """Bring up a network interface""" + if debug_mode(): + return + if not netdev_exists(netdev): + raise Error("ifup: device %s does not exist, ignoring" % netdev) + if not os.path.exists("/etc/sysconfig/network-scripts/ifcfg-%s" % netdev): + raise Error("ifup: device %s exists but ifcfg-%s does not" % (netdev,netdev)) + run_command(["/sbin/ifup", netdev]) + +# +# Bridges +# + +def pif_bridge_name(pif): + """Return the bridge name of a pif. + + PIF must not be a VLAN and must be a bridged PIF.""" -def log_pif_action(action, pif): pifrec = db.get_pif_record(pif) - pifrec['action'] = action - pifrec['interface-name'] = interface_name(pif) - if action == "rewrite": - pifrec['message'] = "Rewrite PIF %(uuid)s configuration" % pifrec + + if pif_is_vlan(pif): + raise Error("PIF %(uuid)s cannot be a bridge, VLAN is %(VLAN)s" % pifrec) + + nwrec = db.get_network_record(pifrec['network']) + + if nwrec['bridge']: + return nwrec['bridge'] else: - pifrec['message'] = "Bring %(action)s PIF %(uuid)s" % pifrec - log("%(message)s: %(interface-name)s configured as %(ip_configuration_mode)s" % pifrec) + raise Error("PIF %(uuid)s does not have a bridge name" % pifrec) + +# +# PIF miscellanea +# + +def pif_currently_in_use(pif): + """Determine if a PIF is currently in use. + + A PIF is determined to be currently in use if + - PIF.currently-attached is true + - Any bond master is currently attached + - Any VLAN master is currently attached + """ + rec = db.get_pif_record(pif) + if rec['currently_attached']: + log("configure_datapath: %s is currently attached" % (pif_netdev_name(pif))) + return True + for b in pif_get_bond_masters(pif): + if pif_currently_in_use(b): + log("configure_datapath: %s is in use by BOND master %s" % (pif_netdev_name(pif),pif_netdev_name(b))) + return True + for v in pif_get_vlan_masters(pif): + if pif_currently_in_use(v): + log("configure_datapath: %s is in use by VLAN master %s" % (pif_netdev_name(pif),pif_netdev_name(v))) + return True + return False + +# +# +# + +def ethtool_settings(oc): + settings = [] + if oc.has_key('ethtool-speed'): + val = oc['ethtool-speed'] + if val in ["10", "100", "1000"]: + settings += ['speed', val] + else: + log("Invalid value for ethtool-speed = %s. Must be 10|100|1000." % val) + if oc.has_key('ethtool-duplex'): + val = oc['ethtool-duplex'] + if val in ["10", "100", "1000"]: + settings += ['duplex', 'val'] + else: + log("Invalid value for ethtool-duplex = %s. Must be half|full." % val) + if oc.has_key('ethtool-autoneg'): + val = oc['ethtool-autoneg'] + if val in ["true", "on"]: + settings += ['autoneg', 'on'] + elif val in ["false", "off"]: + settings += ['autoneg', 'off'] + else: + log("Invalid value for ethtool-autoneg = %s. Must be on|true|off|false." % val) + offload = [] + for opt in ("rx", "tx", "sg", "tso", "ufo", "gso"): + if oc.has_key("ethtool-" + opt): + val = oc["ethtool-" + opt] + if val in ["true", "on"]: + offload += [opt, 'on'] + elif val in ["false", "off"]: + offload += [opt, 'off'] + else: + log("Invalid value for ethtool-%s = %s. Must be on|true|off|false." % (opt, val)) + return settings,offload + +def mtu_setting(oc): + if oc.has_key('mtu'): + try: + int(oc['mtu']) # Check that the value is an integer + return oc['mtu'] + except ValueError, x: + log("Invalid value for mtu = %s" % oc['mtu']) + return None -def get_bond_masters_of_pif(pif): +# +# Bonded PIFs +# +def pif_get_bond_masters(pif): """Returns a list of PIFs which are bond masters of this PIF""" pifrec = db.get_pif_record(pif) @@ -482,30 +915,36 @@ def get_bond_masters_of_pif(pif): return [bond['master'] for bond in bondrecs] -def get_bond_slaves_of_pif(pif): +def pif_get_bond_slaves(pif): """Returns a list of PIFs which make up the given bonded pif.""" - + pifrec = db.get_pif_record(pif) - host = pifrec['host'] bmo = pifrec['bond_master_of'] if len(bmo) > 1: raise Error("Bond-master-of contains too many elements") - + if len(bmo) == 0: return [] - + bondrec = db.get_bond_record(bmo[0]) if not bondrec: raise Error("No bond record for bond master PIF") return bondrec['slaves'] -def get_vlan_slave_of_pif(pif): +# +# VLAN PIFs +# + +def pif_is_vlan(pif): + return db.get_pif_record(pif)['VLAN'] != '-1' + +def pif_get_vlan_slave(pif): """Find the PIF which is the VLAN slave of pif. Returns the 'physical' PIF underneath the a VLAN PIF @pif.""" - + pifrec = db.get_pif_record(pif) vlan = pifrec['VLAN_master_of'] @@ -518,79 +957,154 @@ Returns the 'physical' PIF underneath the a VLAN PIF @pif.""" return vlanrec['tagged_PIF'] -def get_vlan_masters_of_pif(pif): +def pif_get_vlan_masters(pif): """Returns a list of PIFs which are VLANs on top of the given pif.""" - + pifrec = db.get_pif_record(pif) vlans = [db.get_vlan_record(v) for v in pifrec['VLAN_slave_of']] return [v['untagged_PIF'] for v in vlans if v and db.pif_exists(v['untagged_PIF'])] -def interface_deconfigure_commands(interface): - # The use of [!0-9] keeps an interface of 'eth0' from matching - # VLANs attached to eth0 (such as 'eth0.123'), which are distinct - # interfaces. - return ['--del-match=bridge.*.port=%s' % interface, - '--del-match=bonding.%s.[!0-9]*' % interface, - '--del-match=bonding.*.slave=%s' % interface, - '--del-match=vlan.%s.[!0-9]*' % interface, - '--del-match=port.%s.[!0-9]*' % interface, - '--del-match=iface.%s.[!0-9]*' % interface] +# +# IP device configuration +# -def run_command(command): - log("Running command: " + ' '.join(command)) - if os.spawnl(os.P_WAIT, command[0], *command) != 0: - log("Command failed: " + ' '.join(command)) - return False - return True +def ipdev_configure_static_routes(interface, oc, f): + """Open a route- file for static routes. -def down_netdev(interface, deconfigure=True): - if not interface_exists(interface): - log("down_netdev: interface %s does not exist, ignoring" % interface) - return - argv = ["/sbin/ifconfig", interface, 'down'] - if deconfigure: - argv += ['0.0.0.0'] + Opens the static routes configuration file for interface and writes one + line for each route specified in the network's other config "static-routes" value. + E.g. if + interface ( RO): xenbr1 + other-config (MRW): static-routes: 172.16.0.0/15/192.168.0.3,172.18.0.0/16/192.168.0.4;... - # Kill dhclient. - pidfile_name = '/var/run/dhclient-%s.pid' % interface - pidfile = None - try: - pidfile = open(pidfile_name, 'r') - os.kill(int(pidfile.readline()), signal.SIGTERM) - except: - pass - if pidfile != None: - pidfile.close() + Then route-xenbr1 should be + 172.16.0.0/15 via 192.168.0.3 dev xenbr1 + 172.18.0.0/16 via 192.168.0.4 dev xenbr1 + """ + fname = "route-%s" % interface + if oc.has_key('static-routes'): + # The key is present - extract comma seperates entries + lines = oc['static-routes'].split(',') + else: + # The key is not present, i.e. there are no static routes + lines = [] - # Remove dhclient pidfile. - try: - os.remove(pidfile_name) - except: - pass - run_command(argv) + child = ConfigurationFile(fname) + child.write("# DO NOT EDIT: This file (%s) was autogenerated by %s\n" % \ + (os.path.basename(child.path()), os.path.basename(sys.argv[0]))) + + try: + for l in lines: + network, masklen, gateway = l.split('/') + child.write("%s/%s via %s dev %s\n" % (network, masklen, gateway, interface)) + + f.attach_child(child) + child.close() + + except ValueError, e: + log("Error in other-config['static-routes'] format for network %s: %s" % (interface, e)) + +def ipdev_open_ifcfg(pif): + ipdev = pif_ipdev_name(pif) -def up_netdev(interface): - run_command(["/sbin/ifconfig", interface, 'up']) + log("Writing network configuration for %s" % ipdev) -def find_distinguished_pifs(pif): - """Returns the PIFs on host that own DNS and the default route. -The peerdns pif will be the one with pif::other-config:peerdns=true, or the mgmt pif if none have this set. -The gateway pif will be the one with pif::other-config:defaultroute=true, or the mgmt pif if none have this set. + f = ConfigurationFile("ifcfg-%s" % ipdev) -Note: we prune out the bond master pif (if it exists). -This is because when we are called to bring up an interface with a bond master, it is implicit that -we should bring down that master.""" + f.write("# DO NOT EDIT: This file (%s) was autogenerated by %s\n" % \ + (os.path.basename(f.path()), os.path.basename(sys.argv[0]))) + f.write("XEMANAGED=yes\n") + f.write("DEVICE=%s\n" % ipdev) + f.write("ONBOOT=no\n") + + return f + +def ipdev_configure_network(pif): + """Write the configuration file for a network. + + Writes configuration derived from the network object into the relevant + ifcfg file. The configuration file is passed in, but if the network is + bridgeless it will be ifcfg-, otherwise it will be ifcfg-. + + This routine may also write ifcfg files of the networks corresponding to other PIFs + in order to maintain consistency. + + params: + pif: Opaque_ref of pif + f : ConfigurationFile(/path/to/ifcfg) to which we append network configuration + """ pifrec = db.get_pif_record(pif) - host = pifrec['host'] + nwrec = db.get_network_record(pifrec['network']) + + ipdev = pif_ipdev_name(pif) + + f = ipdev_open_ifcfg(pif) + + mode = pifrec['ip_configuration_mode'] + log("Configuring %s using %s configuration" % (ipdev, mode)) + + oc = None + if pifrec.has_key('other_config'): + oc = pifrec['other_config'] + + f.write("TYPE=Ethernet\n") + if pifrec['ip_configuration_mode'] == "DHCP": + f.write("BOOTPROTO=dhcp\n") + f.write("PERSISTENT_DHCLIENT=yes\n") + elif pifrec['ip_configuration_mode'] == "Static": + f.write("BOOTPROTO=none\n") + f.write("NETMASK=%(netmask)s\n" % pifrec) + f.write("IPADDR=%(IP)s\n" % pifrec) + f.write("GATEWAY=%(gateway)s\n" % pifrec) + elif pifrec['ip_configuration_mode'] == "None": + f.write("BOOTPROTO=none\n") + else: + raise Error("Unknown ip-configuration-mode %s" % pifrec['ip_configuration_mode']) + + if nwrec.has_key('other_config'): + settings,offload = ethtool_settings(nwrec['other_config']) + if len(settings): + f.write("ETHTOOL_OPTS=\"%s\"\n" % str.join(" ", settings)) + if len(offload): + f.write("ETHTOOL_OFFLOAD_OPTS=\"%s\"\n" % str.join(" ", offload)) + + mtu = mtu_setting(nwrec['other_config']) + if mtu: + f.write("MTU=%s\n" % mtu) + + ipdev_configure_static_routes(ipdev, nwrec['other_config'], f) + + if pifrec.has_key('DNS') and pifrec['DNS'] != "": + ServerList = pifrec['DNS'].split(",") + for i in range(len(ServerList)): f.write("DNS%d=%s\n" % (i+1, ServerList[i])) + if oc and oc.has_key('domain'): + f.write("DOMAIN='%s'\n" % oc['domain'].replace(',', ' ')) + + # We only allow one ifcfg-* to have PEERDNS=yes and there can be + # only one GATEWAYDEV in /etc/sysconfig/network. + # + # The peerdns pif will be the one with + # pif::other-config:peerdns=true, or the mgmt pif if none have + # this set. + # + # The gateway pif will be the one with + # pif::other-config:defaultroute=true, or the mgmt pif if none + # have this set. + # Work out which pif on this host should be the one with + # PEERDNS=yes and which should be the GATEWAYDEV + # + # Note: we prune out the bond master pif (if it exists). This is + # because when we are called to bring up an interface with a bond + # master, it is implicit that we should bring down that master. pifs_on_host = [ __pif for __pif in db.get_all_pifs() if - db.get_pif_record(__pif)['host'] == host and - (not __pif in get_bond_masters_of_pif(pif)) ] + not __pif in pif_get_bond_masters(pif) ] + other_pifs_on_host = [ __pif for __pif in pifs_on_host if __pif != pif ] peerdns_pif = None defaultroute_pif = None - + # loop through all the pifs on this host looking for one with # other-config:peerdns = true, and one with # other-config:default-route=true @@ -609,152 +1123,112 @@ we should bring down that master.""" else: log('Warning: multiple pifs with "defaultroute=true" - choosing %s and ignoring %s' % \ (db.get_pif_record(defaultroute_pif)['device'], __pifrec['device'])) - - # If no pif is explicitly specified then use the mgmt pif for peerdns/defaultroute + + # If no pif is explicitly specified then use the mgmt pif for + # peerdns/defaultroute. if peerdns_pif == None: peerdns_pif = management_pif if defaultroute_pif == None: defaultroute_pif = management_pif - return peerdns_pif, defaultroute_pif - -def ethtool_settings(oc): - # Options for "ethtool -s" - settings = [] - if oc.has_key('ethtool-speed'): - val = oc['ethtool-speed'] - if val in ["10", "100", "1000"]: - settings += ['speed', val] - else: - log("Invalid value for ethtool-speed = %s. Must be 10|100|1000." % val) - if oc.has_key('ethtool-duplex'): - val = oc['ethtool-duplex'] - if val in ["10", "100", "1000"]: - settings += ['duplex', 'val'] - else: - log("Invalid value for ethtool-duplex = %s. Must be half|full." % val) - if oc.has_key('ethtool-autoneg'): - val = oc['ethtool-autoneg'] - if val in ["true", "on"]: - settings += ['autoneg', 'on'] - elif val in ["false", "off"]: - settings += ['autoneg', 'off'] - else: - log("Invalid value for ethtool-autoneg = %s. Must be on|true|off|false." % val) + # Update all the other network's ifcfg files and ensure + # consistency. + for __pif in other_pifs_on_host: + __f = ipdev_open_ifcfg(__pif) + peerdns_line_wanted = 'PEERDNS=%s\n' % ((__pif == peerdns_pif) and 'yes' or 'no') + lines = __f.readlines() - # Options for "ethtool -K" - offload = [] - for opt in ("rx", "tx", "sg", "tso", "ufo", "gso"): - if oc.has_key("ethtool-" + opt): - val = oc["ethtool-" + opt] - if val in ["true", "on"]: - offload += [opt, 'on'] - elif val in ["false", "off"]: - offload += [opt, 'off'] - else: - log("Invalid value for ethtool-%s = %s. Must be on|true|off|false." % (opt, val)) + if not peerdns_line_wanted in lines: + # the PIF selected for DNS has changed and as a result this ifcfg file needs rewriting + for line in lines: + if not line.lstrip().startswith('PEERDNS'): + __f.write(line) + log("Setting %s in %s" % (peerdns_line_wanted.strip(), __f.path())) + __f.write(peerdns_line_wanted) + __f.close() + f.attach_child(__f) - return settings, offload + else: + # There is no need to change this ifcfg file. So don't attach_child. + pass -def configure_netdev(pif): - pifrec = db.get_pif_record(pif) - datapath = datapath_name(pif) - ipdev = ipdev_name(pif) + # ... and for this pif too + f.write('PEERDNS=%s\n' % ((pif == peerdns_pif) and 'yes' or 'no')) - host = pifrec['host'] - nw = pifrec['network'] - nwrec = db.get_network_record(nw) + # Update gatewaydev + fnetwork = ConfigurationFile("network", "/etc/sysconfig") + for line in fnetwork.readlines(): + if line.lstrip().startswith('GATEWAY') : + continue + fnetwork.write(line) + if defaultroute_pif: + gatewaydev = pif_ipdev_name(defaultroute_pif) + if not gatewaydev: + gatewaydev = pif_netdev_name(defaultroute_pif) + fnetwork.write('GATEWAYDEV=%s\n' % gatewaydev) + fnetwork.close() + f.attach_child(fnetwork) - ifconfig_argv = ['/sbin/ifconfig', ipdev, 'up'] - gateway = '' - if pifrec['ip_configuration_mode'] == "DHCP": - pass - elif pifrec['ip_configuration_mode'] == "Static": - ifconfig_argv += [pifrec['IP']] - ifconfig_argv += ['netmask', pifrec['netmask']] - gateway = pifrec['gateway'] - elif pifrec['ip_configuration_mode'] == "None": - # Nothing to do. - pass - else: - raise Error("Unknown IP-configuration-mode %s" % pifrec['ip_configuration_mode']) + return f - oc = {} - if pifrec.has_key('other_config'): - oc = pifrec['other_config'] - if oc.has_key('mtu'): - int(oc['mtu']) # Check that the value is an integer - ifconfig_argv += ['mtu', oc['mtu']] +# +# Datapath Configuration +# - run_command(ifconfig_argv) +def pif_datapath(pif): + """Return the OpenFlow datapath name associated with pif. +For a non-VLAN PIF, the datapath name is the bridge name. +For a VLAN PIF, the datapath name is the bridge name for the PIF's VLAN slave. +""" + if pif_is_vlan(pif): + return pif_datapath(pif_get_vlan_slave(pif)) - (peerdns_pif, defaultroute_pif) = find_distinguished_pifs(pif) - - if peerdns_pif == pif: - f = ConfigurationFile('resolv.conf', "/etc") - if oc.has_key('domain'): - f.write("search %s\n" % oc['domain']) - for dns in pifrec['DNS'].split(","): - f.write("nameserver %s\n" % dns) - f.close() - f.apply() - f.commit() + pifrec = db.get_pif_record(pif) + nwrec = db.get_network_record(pifrec['network']) + if not nwrec['bridge']: + raise Error("datapath PIF cannot be bridgeless") + else: + return pif - if defaultroute_pif == pif and gateway != '': - run_command(['/sbin/ip', 'route', 'replace', 'default', - 'via', gateway, 'dev', ipdev]) - - if oc.has_key('static-routes'): - for line in oc['static-routes'].split(','): - network, masklen, gateway = line.split('/') - run_command(['/sbin/ip', 'route', 'add', - '%s/%s' % (netmask, masklen), 'via', gateway, - 'dev', ipdev]) - - settings, offload = ethtool_settings(oc) - if settings: - run_command(['/sbin/ethtool', '-s', ipdev] + settings) - if offload: - run_command(['/sbin/ethtool', '-K', ipdev] + offload) +def datapath_get_physical_pifs(pif): + """Return the PIFs for the physical network device(s) associated with a datapath PIF. +For a bond master PIF, these are the bond slave PIFs. +For a non-VLAN, non-bond master PIF, the PIF is its own physical device PIF. - if pifrec['ip_configuration_mode'] == "DHCP": - print - print "Determining IP information for %s..." % ipdev, - argv = ['/sbin/dhclient', '-q', - '-lf', '/var/lib/dhclient/dhclient-%s.leases' % ipdev, - '-pf', '/var/run/dhclient-%s.pid' % ipdev, - ipdev] - if run_command(argv): - print 'done.' - else: - print 'failed.' +A VLAN PIF cannot be a datapath PIF. +""" + pifrec = db.get_pif_record(pif) -def modify_config(commands): - run_command(['/root/vswitch/bin/ovs-cfg-mod', '-vANY:console:emer', - '-F', '/etc/ovs-vswitchd.conf'] - + commands + ['-c']) - run_command(['/sbin/service', 'vswitch', 'reload']) + if pif_is_vlan(pif): + raise Error("get-physical-pifs should not get passed a VLAN") + elif len(pifrec['bond_master_of']) != 0: + return pif_get_bond_slaves(pif) + else: + return [pif] -def is_bond_pif(pif): - pifrec = db.get_pif_record(pif) - return len(pifrec['bond_master_of']) != 0 +def datapath_deconfigure_physical(netdev): + # The use of [!0-9] keeps an interface of 'eth0' from matching + # VLANs attached to eth0 (such as 'eth0.123'), which are distinct + # interfaces. + return ['--del-match=bridge.*.port=%s' % netdev, + '--del-match=port.%s.[!0-9]*' % netdev, + '--del-match=bonding.*.slave=%s' % netdev, + '--del-match=iface.%s.[!0-9]*' % netdev] -def configure_bond(pif): +def datapath_configure_bond(pif,slaves): pifrec = db.get_pif_record(pif) - interface = interface_name(pif) - ipdev = ipdev_name(pif) - datapath = datapath_name(pif) - physdevs = physdev_names(pif) + interface = pif_netdev_name(pif) argv = ['--del-match=bonding.%s.[!0-9]*' % interface] - argv += ["--add=bonding.%s.slave=%s" % (interface, slave) - for slave in physdevs] + argv += ["--add=bonding.%s.slave=%s" % (interface, pif_netdev_name(slave)) + for slave in slaves] + argv += ['--add=bonding.%s.fake-iface=true' % interface] if pifrec['MAC'] != "": argv += ['--add=port.%s.mac=%s' % (interface, pifrec['MAC'])] # Bonding options. - bond_options = { + bond_options = { "mode": "balance-slb", "miimon": "100", "downdelay": "200", @@ -772,284 +1246,333 @@ def configure_bond(pif): argv += ["--add=bonding.%s.%s=%s" % (interface, name, val)] return argv -def action_up(pif): - pifrec = db.get_pif_record(pif) +def datapath_deconfigure_bond(netdev): + # The use of [!0-9] keeps an interface of 'eth0' from matching + # VLANs attached to eth0 (such as 'eth0.123'), which are distinct + # interfaces. + return ['--del-match=bonding.%s.[!0-9]*' % netdev, + '--del-match=port.%s.[!0-9]*' % netdev] - bridge = bridge_name(pif) - interface = interface_name(pif) - ipdev = ipdev_name(pif) - datapath = datapath_name(pif) - physdevs = physdev_names(pif) - vlan_slave = None - if pifrec['VLAN'] != '-1': - vlan_slave = get_vlan_slave_of_pif(pif) - if vlan_slave and is_bond_pif(vlan_slave): - bond_master = vlan_slave - elif is_bond_pif(pif): - bond_master = pif - else: - bond_master = None - if bond_master: - bond_slaves = get_bond_slaves_of_pif(bond_master) - else: - bond_slaves = [] - bond_masters = get_bond_masters_of_pif(pif) +def datapath_deconfigure_ipdev(interface): + # The use of [!0-9] keeps an interface of 'eth0' from matching + # VLANs attached to eth0 (such as 'eth0.123'), which are distinct + # interfaces. + return ['--del-match=bridge.*.port=%s' % interface, + '--del-match=port.%s.[!0-9]*' % interface, + '--del-match=iface.%s.[!0-9]*' % interface, + '--del-match=vlan.%s.trunks=*' % interface, + '--del-match=vlan.%s.tag=*' % interface] - # Support "rpm -e vswitch" gracefully by keeping Centos configuration - # files up-to-date, even though we don't use them or need them. - f = configure_pif(pif) - mode = pifrec['ip_configuration_mode'] - if bridge: - log("Configuring %s using %s configuration" % (bridge, mode)) - br = open_network_ifcfg(pif) - configure_network(pif, br) - br.close() - f.attach_child(br) - else: - log("Configuring %s using %s configuration" % (interface, mode)) - configure_network(pif, f) - f.close() - for master in bond_masters: - master_bridge = bridge_name(master) - removed = unconfigure_pif(master) - f.attach_child(removed) - if master_bridge: - removed = open_network_ifcfg(master) - log("Unlinking stale file %s" % removed.path()) - removed.unlink() - f.attach_child(removed) +def datapath_modify_config(commands): + if debug_mode(): + log("modifying configuration:") + for c in commands: + log(" %s" % c) - # /etc/xensource/scripts/vif needs to know where to add VIFs. - if vlan_slave: - if not os.path.exists(vswitch_config_dir): - os.mkdir(vswitch_config_dir) - br = ConfigurationFile("br-%s" % bridge, vswitch_config_dir) - br.write("VLAN_SLAVE=%s\n" % datapath) - br.write("VLAN_VID=%s\n" % pifrec['VLAN']) - br.close() - f.attach_child(br) + rc = run_command(['/usr/bin/ovs-cfg-mod', '-vANY:console:emer', + '-F', '/etc/ovs-vswitchd.conf'] + + [c for c in commands if c[0] != '#'] + ['-c']) + if not rc: + raise Error("Failed to modify vswitch configuration") + run_command(['/sbin/service', 'vswitch', 'reload']) + return True - # Update all configuration files (both ours and Centos's). - f.apply() - f.commit() - - # "ifconfig down" the network device and delete its IP address, etc. - down_netdev(ipdev) - for physdev in physdevs: - down_netdev(physdev) - - # If we are bringing up a bond, remove IP addresses from the - # slaves (because we are implicitly being asked to take them down). - # - # Conversely, if we are bringing up an interface that has bond - # masters, remove IP addresses from the bond master (because we - # are implicitly being asked to take it down). - for bond_pif in bond_slaves + bond_masters: - run_command(["/sbin/ifconfig", ipdev_name(bond_pif), '0.0.0.0']) - - # Remove all keys related to pif and any bond masters linked to PIF. - del_ports = [ipdev] + physdevs + bond_masters - if vlan_slave and bond_master: - del_ports += [interface_name(bond_master)] - - # What ports do we need to add to the datapath? - # - # We definitely need the ipdev, and ordinarily we want the - # physical devices too, but for bonds we need the bond as bridge - # port. - add_ports = [ipdev, datapath] - if not bond_master: - add_ports += physdevs - else: - add_ports += [interface_name(bond_master)] +# +# Toplevel Datapath Configuration. +# - # What ports do we need to delete? - # - # - All the ports that we add, to avoid duplication and to drop - # them from another datapath in case they're misassigned. - # - # - The physical devices, since they will either be in add_ports - # or added to the bonding device (see below). - # - # - The bond masters for pif. (Ordinarily pif shouldn't have any - # bond masters. If it does then interface-reconfigure is - # implicitly being asked to take them down.) - del_ports = add_ports + physdevs + bond_masters +def configure_datapath(pif): + """Bring up the datapath configuration for PIF. - # What networks does this datapath carry? - # - # - The network corresponding to the datapath's PIF. - # - # - The networks corresponding to any VLANs attached to the - # datapath's PIF. - network_uuids = [] - for nwpif in db.get_pifs_by_record({'device': pifrec['device'], - 'host': pifrec['host']}): - net = db.get_pif_record(nwpif)['network'] - network_uuids += [db.get_network_record(net)['uuid']] - - # Bring up bond slaves early, because ovs-vswitchd initially - # enables or disables bond slaves based on whether carrier is - # detected when they are added, and a network device that is down - # always reports "no carrier". - bond_slave_physdevs = [] - for slave in bond_slaves: - bond_slave_physdevs += physdev_names(slave) - for slave_physdev in bond_slave_physdevs: - up_netdev(slave_physdev) - - # Now modify the ovs-vswitchd config file. - argv = [] - for port in set(del_ports): - argv += interface_deconfigure_commands(port) - for port in set(add_ports): - argv += ['--add=bridge.%s.port=%s' % (datapath, port)] - if vlan_slave: - argv += ['--add=vlan.%s.tag=%s' % (ipdev, pifrec['VLAN'])] - argv += ['--add=iface.%s.internal=true' % (ipdev)] - - # xapi creates a bridge by the name of the ipdev and requires - # that the IP address will be on it. We need to delete this - # bridge because we need that device to be a member of our - # datapath. - argv += ['--del-match=bridge.%s.[!0-9]*' % ipdev] - - # xapi insists that its attempts to create the bridge succeed, - # so force that to happen. - argv += ['--add=iface.%s.fake-bridge=true' % (ipdev)] + Should be careful not to glitch existing users of the datapath, e.g. other VLANs etc. + + Should take care of tearing down other PIFs which encompass common physical devices. + + Returns a tuple containing + - A list containing the necessary cfgmod command line arguments + - A list of additional devices which should be brought up after + the configuration is applied. + """ + + cfgmod_argv = [] + extra_up_ports = [] + + bridge = pif_bridge_name(pif) + + physical_devices = datapath_get_physical_pifs(pif) + + # Determine additional devices to deconfigure. + # + # Given all physical devices which are part of this PIF we need to + # consider: + # - any additional bond which a physical device is part of. + # - any additional physical devices which are part of an additional bond. + # + # Any of these which are not currently in use should be brought + # down and deconfigured. + extra_down_bonds = [] + extra_down_ports = [] + for p in physical_devices: + for bond in pif_get_bond_masters(p): + if bond == pif: + log("configure_datapath: leaving bond %s up" % pif_netdev_name(bond)) + continue + if bond in extra_down_bonds: + continue + if db.get_pif_record(bond)['currently_attached']: + log("configure_datapath: implicitly tearing down currently-attached bond %s" % pif_netdev_name(bond)) + + extra_down_bonds += [bond] + + for s in pif_get_bond_slaves(bond): + if s in physical_devices: + continue + if s in extra_down_ports: + continue + if pif_currently_in_use(s): + continue + extra_down_ports += [s] + + log("configure_datapath: bridge - %s" % bridge) + log("configure_datapath: physical - %s" % [pif_netdev_name(p) for p in physical_devices]) + log("configure_datapath: extra ports - %s" % [pif_netdev_name(p) for p in extra_down_ports]) + log("configure_datapath: extra bonds - %s" % [pif_netdev_name(p) for p in extra_down_bonds]) + + # Need to fully deconfigure any bridge which any of the: + # - physical devices + # - bond devices + # - sibling devices + # refers to + for brpif in physical_devices + extra_down_ports + extra_down_bonds: + if brpif == pif: + continue + b = pif_bridge_name(brpif) + ifdown(b) + cfgmod_argv += ['# remove bridge %s' % b] + cfgmod_argv += ['--del-match=bridge.%s.*' % b] + + for n in extra_down_ports: + dev = pif_netdev_name(n) + cfgmod_argv += ['# deconfigure sibling physical device %s' % dev] + cfgmod_argv += datapath_deconfigure_physical(dev) + netdev_down(dev) + + for n in extra_down_bonds: + dev = pif_netdev_name(n) + cfgmod_argv += ['# deconfigure bond device %s' % dev] + cfgmod_argv += datapath_deconfigure_bond(dev) + netdev_down(dev) + + for p in physical_devices: + dev = pif_netdev_name(p) + cfgmod_argv += ['# deconfigure physical port %s' % dev] + cfgmod_argv += datapath_deconfigure_physical(dev) + + # Check the MAC address of each network device and remap if + # necessary to make names match our expectations. + for p in physical_devices: + netdev_remap_name(p) + + # Bring up physical devices early, because ovs-vswitchd initially + # enables or disables bond slaves based on whether carrier is + # detected when they are added, and a network device that is down + # always reports "no carrier". + for p in physical_devices: + oc = db.get_pif_record(p)['other_config'] + + dev = pif_netdev_name(p) + + mtu = mtu_setting(oc) + + netdev_up(dev, mtu) + + settings, offload = ethtool_settings(oc) + if len(settings): + run_command(['/sbin/ethtool', '-s', dev] + settings) + if len(offload): + run_command(['/sbin/ethtool', '-K', dev] + offload) + + if len(physical_devices) > 1: + cfgmod_argv += ['# deconfigure bond %s' % pif_netdev_name(pif)] + cfgmod_argv += datapath_deconfigure_bond(pif_netdev_name(pif)) + cfgmod_argv += ['--del-entry=bridge.%s.port=%s' % (bridge,pif_netdev_name(pif))] + cfgmod_argv += ['# configure bond %s' % pif_netdev_name(pif)] + cfgmod_argv += datapath_configure_bond(pif, physical_devices) + cfgmod_argv += ['--add=bridge.%s.port=%s' % (bridge,pif_netdev_name(pif)) ] + extra_up_ports += [pif_netdev_name(pif)] else: - try: - os.unlink("%s/br-%s" % (vswitch_config_dir, bridge)) - except OSError: - pass - argv += ['--del-match=bridge.%s.xs-network-uuids=*' % datapath] - argv += ['--add=bridge.%s.xs-network-uuids=%s' % (datapath, uuid) - for uuid in set(network_uuids)] - if bond_master: - argv += configure_bond(bond_master) - modify_config(argv) - - # Configure network devices. - configure_netdev(pif) - - # Bring up VLAN slave, plus physical devices other than bond - # slaves (which we brought up earlier). - if vlan_slave: - up_netdev(ipdev_name(vlan_slave)) - for physdev in set(physdevs) - set(bond_slave_physdevs): - up_netdev(physdev) - - # Update /etc/issue (which contains the IP address of the management interface) - os.system("/sbin/update-issue") - - if bond_slaves: - # There seems to be a race somewhere: without this sleep, using - # XenCenter to create a bond that becomes the management interface - # fails with "The underlying connection was closed: A connection that - # was expected to be kept alive was closed by the server." on every - # second or third try, even though /var/log/messages doesn't show - # anything unusual. - # - # The race is probably present even without vswitch, but bringing up a - # bond without vswitch involves a built-in pause of 10 seconds or more - # to wait for the bond to transition from learning to forwarding state. - time.sleep(5) + iface = pif_netdev_name(physical_devices[0]) + cfgmod_argv += ['# add physical device %s' % iface] + cfgmod_argv += ['--add=bridge.%s.port=%s' % (bridge,iface) ] + + return cfgmod_argv,extra_up_ports + +def deconfigure_datapath(pif): + cfgmod_argv = [] + + bridge = pif_bridge_name(pif) + + physical_devices = datapath_get_physical_pifs(pif) + + log("deconfigure_datapath: bridge - %s" % bridge) + log("deconfigure_datapath: physical devices - %s" % [pif_netdev_name(p) for p in physical_devices]) + + for p in physical_devices: + dev = pif_netdev_name(p) + cfgmod_argv += ['# deconfigure physical port %s' % dev] + cfgmod_argv += datapath_deconfigure_physical(dev) + netdev_down(dev) + + if len(physical_devices) > 1: + cfgmod_argv += ['# deconfigure bond %s' % pif_netdev_name(pif)] + cfgmod_argv += datapath_deconfigure_bond(pif_netdev_name(pif)) + + cfgmod_argv += ['# deconfigure bridge %s' % bridge] + cfgmod_argv += ['--del-match=bridge.%s.*' % bridge] + + return cfgmod_argv + +# +# Toplevel actions +# + +def action_up(pif): + pifrec = db.get_pif_record(pif) + cfgmod_argv = [] + extra_ports = [] + + ipdev = pif_ipdev_name(pif) + dp = pif_datapath(pif) + bridge = pif_bridge_name(dp) + + log("action_up: %s on bridge %s" % (ipdev, bridge)) + + ifdown(ipdev) + + if dp: + c,e = configure_datapath(dp) + cfgmod_argv += c + extra_ports += e + + cfgmod_argv += ['# configure xs-network-uuids'] + cfgmod_argv += ['--del-match=bridge.%s.xs-network-uuids=*' % bridge] + + for nwpif in db.get_pifs_by_device(db.get_pif_record(pif)['device']): + rec = db.get_pif_record(nwpif) + + # When state is read from dbcache PIF.currently_attached + # is always assumed to be false... Err on the side of + # listing even detached networks for the time being. + #if nwpif != pif and not rec['currently_attached']: + # log("Network PIF %s not currently attached (%s)" % (rec['uuid'],pifrec['uuid'])) + # continue + nwrec = db.get_network_record(rec['network']) + cfgmod_argv += ['--add=bridge.%s.xs-network-uuids=%s' % (bridge, nwrec['uuid'])] + + cfgmod_argv += ["# deconfigure ipdev %s" % ipdev] + cfgmod_argv += datapath_deconfigure_ipdev(ipdev) + cfgmod_argv += ["# reconfigure ipdev %s" % ipdev] + cfgmod_argv += ['--add=bridge.%s.port=%s' % (bridge, ipdev)] + + f = ipdev_configure_network(pif) + f.close() + + # /etc/xensource/scripts/vif needs to know where to add VIFs. + if pif_is_vlan(pif): + if not bridge: + raise Error("Unbridged VLAN devices not implemented yet") + cfgmod_argv += ['--add=vlan.%s.tag=%s' % (ipdev, pifrec['VLAN'])] + cfgmod_argv += ['--add=iface.%s.internal=true' % (ipdev)] + cfgmod_argv += ['--add=iface.%s.fake-bridge=true' % (ipdev)] -def action_down(pif): - rec = db.get_pif_record(pif) - interface = interface_name(pif) - bridge = bridge_name(pif) - ipdev = ipdev_name(pif) - - # Support "rpm -e vswitch" gracefully by keeping Centos configuration - # files up-to-date, even though we don't use them or need them. - f = unconfigure_pif(pif) - if bridge: - br = open_network_ifcfg(pif) - log("Unlinking stale file %s" % br.path()) - br.unlink() - f.attach_child(br) + # Apply updated configuration. try: f.apply() + + datapath_modify_config(cfgmod_argv) + + ifup(ipdev) + + for p in extra_ports: + netdev_up(p) + + # Update /etc/issue (which contains the IP address of the management interface) + os.system("/sbin/update-issue") + f.commit() except Error, e: - log("action_down failed to apply changes: %s" % e.msg) + log("failed to apply changes: %s" % e.msg) f.revert() raise - argv = [] - if rec['VLAN'] != '-1': - # Get rid of the VLAN device itself. - down_netdev(ipdev) - argv += interface_deconfigure_commands(ipdev) +def action_down(pif): + pifrec = db.get_pif_record(pif) + cfgmod_argv = [] + + ipdev = pif_ipdev_name(pif) + dp = pif_datapath(pif) + bridge = pif_bridge_name(dp) + + log("action_down: %s on bridge %s" % (ipdev, bridge)) + + ifdown(ipdev) + + if dp: + nw = db.get_pif_record(pif)['network'] + nwrec = db.get_network_record(nw) + cfgmod_argv += ['# deconfigure xs-network-uuids'] + cfgmod_argv += ['--del-entry=bridge.%s.xs-network-uuids=%s' % (bridge,nwrec['uuid'])] + + log("deconfigure ipdev %s on %s" % (ipdev,bridge)) + cfgmod_argv += ["# deconfigure ipdev %s" % ipdev] + cfgmod_argv += datapath_deconfigure_ipdev(ipdev) + + f = ipdev_open_ifcfg(pif) + f.unlink() + + if pif_is_vlan(pif): + br = ConfigurationFile("br-%s" % bridge, vswitch_state_dir) + br.unlink() + f.attach_child(br) - # If the VLAN's slave is attached, stop here. - slave = get_vlan_slave_of_pif(pif) + # If the VLAN's slave is attached, leave datapath setup. + slave = pif_get_vlan_slave(pif) if db.get_pif_record(slave)['currently_attached']: - log("VLAN slave is currently attached") - modify_config(argv) - return - - # If the VLAN's slave has other VLANs that are attached, stop here. - masters = get_vlan_masters_of_pif(slave) - for m in masters: - if m != pif and db.get_pif_record(m)['currently_attached']: - log("VLAN slave has other master %s" % interface_naem(m)) - modify_config(argv) - return - - # Otherwise, take down the VLAN's slave too. - log("No more masters, bring down vlan slave %s" % interface_name(slave)) - pif = slave + log("action_down: vlan slave is currently attached") + dp = None + + # If the VLAN's slave has other VLANs that are attached, leave datapath setup. + for master in pif_get_vlan_masters(slave): + if master != pif and db.get_pif_record(master)['currently_attached']: + log("action_down: vlan slave has other master: %s" % pif_netdev_name(master)) + dp = None + + # Otherwise, take down the datapath too (fall through) + if dp: + log("action_down: no more masters, bring down slave %s" % bridge) else: # Stop here if this PIF has attached VLAN masters. - vlan_masters = get_vlan_masters_of_pif(pif) - log("VLAN masters of %s - %s" % (rec['device'], [interface_name(m) for m in vlan_masters])) - for m in vlan_masters: - if db.get_pif_record(m)['currently_attached']: - log("Leaving %s up due to currently attached VLAN master %s" % (interface, interface_name(m))) - return - - # pif is now either a bond or a physical device which needs to be - # brought down. pif might have changed so re-check all its attributes. - rec = db.get_pif_record(pif) - interface = interface_name(pif) - bridge = bridge_name(pif) - ipdev = ipdev_name(pif) + masters = [db.get_pif_record(m)['VLAN'] for m in pif_get_vlan_masters(pif) if db.get_pif_record(m)['currently_attached']] + if len(masters) > 0: + log("Leaving datapath %s up due to currently attached VLAN masters %s" % (bridge, masters)) + dp = None + if dp: + cfgmod_argv += deconfigure_datapath(dp) - bond_slaves = get_bond_slaves_of_pif(pif) - log("bond slaves of %s - %s" % (rec['device'], [interface_name(s) for s in bond_slaves])) - for slave in bond_slaves: - slave_interface = interface_name(slave) - log("bring down bond slave %s" % slave_interface) - argv += interface_deconfigure_commands(slave_interface) - down_netdev(slave_interface) + try: + f.apply() - argv += interface_deconfigure_commands(ipdev) - down_netdev(ipdev) + datapath_modify_config(cfgmod_argv) - argv += ['--del-match', 'bridge.%s.*' % datapath_name(pif)] - argv += ['--del-match', 'bonding.%s.[!0-9]*' % interface] - modify_config(argv) + f.commit() + except Error, e: + log("action_down failed to apply changes: %s" % e.msg) + f.revert() + raise def action_rewrite(pif): - # Support "rpm -e vswitch" gracefully by keeping Centos configuration - # files up-to-date, even though we don't use them or need them. - pifrec = db.get_pif_record(pif) - f = configure_pif(pif) - interface = interface_name(pif) - bridge = bridge_name(pif) - mode = pifrec['ip_configuration_mode'] - if bridge: - log("Configuring %s using %s configuration" % (bridge, mode)) - br = open_network_ifcfg(pif) - configure_network(pif, br) - br.close() - f.attach_child(br) - else: - log("Configuring %s using %s configuration" % (interface, mode)) - configure_network(pif, f) + f = ipdev_configure_network(pif) f.close() try: f.apply() @@ -1059,19 +1582,19 @@ def action_rewrite(pif): f.revert() raise - # We have no code of our own to run here. - pass +def action_force_rewrite(bridge, config): + raise Error("Force rewrite is not implemented yet.") def main(argv=None): global output_directory, management_pif - + session = None pif_uuid = None pif = None force_interface = None force_management = False - + if argv is None: argv = sys.argv @@ -1084,7 +1607,6 @@ def main(argv=None): "force=", "force-interface=", "management", - "test-mode", "device=", "mode=", "ip=", "netmask=", "gateway=", "help" ] arglist, args = getopt.gnu_getopt(argv[1:], shortops, longops) @@ -1092,7 +1614,7 @@ def main(argv=None): raise Usage(msg) force_rewrite_config = {} - + for o,a in arglist: if o == "--output-directory": output_directory = a @@ -1121,9 +1643,13 @@ def main(argv=None): raise Usage("Too many arguments") action = args[0] + + if not action in ["up", "down", "rewrite", "rewrite-configuration"]: + raise Usage("Unknown action \"%s\"" % action) + # backwards compatibility if action == "rewrite-configuration": action = "rewrite" - + if output_directory and ( session or pif ): raise Usage("--session/--pif cannot be used with --output-directory") if ( session or pif ) and pif_uuid: @@ -1132,6 +1658,8 @@ def main(argv=None): raise Usage("--session and --pif must be used together.") if force_interface and ( session or pif or pif_uuid ): raise Usage("--force is mutually exclusive with --session, --pif and --pif-uuid") + if force_interface == "all" and action != "down": + raise Usage("\"--force all\" only valid for down action") if len(force_rewrite_config) and not (force_interface and action == "rewrite"): raise Usage("\"--force rewrite\" needed for --device, --mode, --ip, --netmask, and --gateway") @@ -1141,55 +1669,58 @@ def main(argv=None): if action == "rewrite": action_force_rewrite(force_interface, force_rewrite_config) - else: + elif action in ["up", "down"]: + if action == "down" and force_interface == "all": + raise Error("Force all interfaces down not implemented yet") + db = DatabaseCache(cache_file=dbcache_file) - host = db.extras['host'] - pif = db.get_pif_by_bridge(host, force_interface) - management_pif = db.get_management_pif(host) + pif = db.get_pif_by_bridge(force_interface) + management_pif = db.get_management_pif() if action == "up": action_up(pif) elif action == "down": action_down(pif) - else: - raise Usage("Unknown action %s" % action) + else: + raise Error("Unknown action %s" % action) else: db = DatabaseCache(session_ref=session) if pif_uuid: pif = db.get_pif_by_uuid(pif_uuid) - - if not pif: - raise Usage("No PIF given") - if force_management: - # pif is going to be the management pif - management_pif = pif + if action == "rewrite" and not pif: + pass else: - # pif is not going to be the management pif. - # Search DB cache for pif on same host with management=true - pifrec = db.get_pif_record(pif) - host = pifrec['host'] - management_pif = db.get_management_pif(host) + if not pif: + raise Usage("No PIF given") + + if force_management: + # pif is going to be the management pif + management_pif = pif + else: + # pif is not going to be the management pif. + # Search DB cache for pif on same host with management=true + pifrec = db.get_pif_record(pif) + management_pif = db.get_management_pif() - log_pif_action(action, pif) + log_pif_action(action, pif) - if not check_allowed(pif): - return 0 + if not check_allowed(pif): + return 0 - if action == "up": - action_up(pif) - elif action == "down": - action_down(pif) - elif action == "rewrite": - action_rewrite(pif) - else: - raise Usage("Unknown action %s" % action) + if action == "up": + action_up(pif) + elif action == "down": + action_down(pif) + elif action == "rewrite": + action_rewrite(pif) + else: + raise Error("Unknown action %s" % action) # Save cache. - pifrec = db.get_pif_record(pif) - db.save(dbcache_file, {'host': pifrec['host']}) - + db.save(dbcache_file) + except Usage, err: print >>sys.stderr, err.msg print >>sys.stderr, "For help use --help." @@ -1197,405 +1728,9 @@ def main(argv=None): except Error, err: log(err.msg) return 1 - - return 0 - -# The following code allows interface-reconfigure to keep Centos -# network configuration files up-to-date, even though the vswitch -# never uses them. In turn, that means that "rpm -e vswitch" does not -# have to update any configuration files. - -def configure_ethtool(oc, f): - # Options for "ethtool -s" - settings = None - setting_opts = ["autoneg", "speed", "duplex"] - # Options for "ethtool -K" - offload = None - offload_opts = ["rx", "tx", "sg", "tso", "ufo", "gso"] - - for opt in [opt for opt in setting_opts + offload_opts if oc.has_key("ethtool-" + opt)]: - val = oc["ethtool-" + opt] - - if opt in ["speed"]: - if val in ["10", "100", "1000"]: - val = "speed " + val - else: - log("Invalid value for ethtool-speed = %s. Must be 10|100|1000." % val) - val = None - elif opt in ["duplex"]: - if val in ["half", "full"]: - val = "duplex " + val - else: - log("Invalid value for ethtool-duplex = %s. Must be half|full." % val) - val = None - elif opt in ["autoneg"] + offload_opts: - if val in ["true", "on"]: - val = opt + " on" - elif val in ["false", "off"]: - val = opt + " off" - else: - log("Invalid value for ethtool-%s = %s. Must be on|true|off|false." % (opt, val)) - val = None - - if opt in setting_opts: - if val and settings: - settings = settings + " " + val - else: - settings = val - elif opt in offload_opts: - if val and offload: - offload = offload + " " + val - else: - offload = val - - if settings: - f.write("ETHTOOL_OPTS=\"%s\"\n" % settings) - if offload: - f.write("ETHTOOL_OFFLOAD_OPTS=\"%s\"\n" % offload) - -def configure_mtu(oc, f): - if not oc.has_key('mtu'): - return - - try: - mtu = int(oc['mtu']) - f.write("MTU=%d\n" % mtu) - except ValueError, x: - log("Invalid value for mtu = %s" % mtu) - -def configure_static_routes(interface, oc, f): - """Open a route- file for static routes. - - Opens the static routes configuration file for interface and writes one - line for each route specified in the network's other config "static-routes" value. - E.g. if - interface ( RO): xenbr1 - other-config (MRW): static-routes: 172.16.0.0/15/192.168.0.3,172.18.0.0/16/192.168.0.4;... - - Then route-xenbr1 should be - 172.16.0.0/15 via 192.168.0.3 dev xenbr1 - 172.18.0.0/16 via 192.168.0.4 dev xenbr1 - """ - fname = "route-%s" % interface - if oc.has_key('static-routes'): - # The key is present - extract comma seperates entries - lines = oc['static-routes'].split(',') - else: - # The key is not present, i.e. there are no static routes - lines = [] - - child = ConfigurationFile(fname) - child.write("# DO NOT EDIT: This file (%s) was autogenerated by %s\n" % \ - (os.path.basename(child.path()), os.path.basename(sys.argv[0]))) - - try: - for l in lines: - network, masklen, gateway = l.split('/') - child.write("%s/%s via %s dev %s\n" % (network, masklen, gateway, interface)) - - f.attach_child(child) - child.close() - - except ValueError, e: - log("Error in other-config['static-routes'] format for network %s: %s" % (interface, e)) - -def __open_ifcfg(interface): - """Open a network interface configuration file. - - Opens the configuration file for interface, writes a header and - common options and returns the file object. - """ - fname = "ifcfg-%s" % interface - f = ConfigurationFile(fname) - - f.write("# DO NOT EDIT: This file (%s) was autogenerated by %s\n" % \ - (os.path.basename(f.path()), os.path.basename(sys.argv[0]))) - f.write("XEMANAGED=yes\n") - f.write("DEVICE=%s\n" % interface) - f.write("ONBOOT=no\n") - - return f - -def open_network_ifcfg(pif): - bridge = bridge_name(pif) - interface = interface_name(pif) - if bridge: - return __open_ifcfg(bridge) - else: - return __open_ifcfg(interface) - -def open_pif_ifcfg(pif): - pifrec = db.get_pif_record(pif) - - log("Configuring %s (%s)" % (interface_name(pif), pifrec['MAC'])) - - f = __open_ifcfg(interface_name(pif)) - - if pifrec.has_key('other_config'): - configure_ethtool(pifrec['other_config'], f) - configure_mtu(pifrec['other_config'], f) - - return f - -def configure_network(pif, f): - """Write the configuration file for a network. - - Writes configuration derived from the network object into the relevant - ifcfg file. The configuration file is passed in, but if the network is - bridgeless it will be ifcfg-, otherwise it will be ifcfg-. - - This routine may also write ifcfg files of the networks corresponding to other PIFs - in order to maintain consistency. - - params: - pif: Opaque_ref of pif - f : ConfigurationFile(/path/to/ifcfg) to which we append network configuration - """ - - pifrec = db.get_pif_record(pif) - host = pifrec['host'] - nw = pifrec['network'] - nwrec = db.get_network_record(nw) - oc = None - bridge = bridge_name(pif) - interface = interface_name(pif) - if bridge: - device = bridge - else: - device = interface - - if nwrec.has_key('other_config'): - configure_ethtool(nwrec['other_config'], f) - configure_mtu(nwrec['other_config'], f) - configure_static_routes(device, nwrec['other_config'], f) - - - if pifrec.has_key('other_config'): - oc = pifrec['other_config'] - - if device == bridge: - f.write("TYPE=Bridge\n") - f.write("DELAY=0\n") - f.write("STP=off\n") - f.write("PIFDEV=%s\n" % interface_name(pif)) - - if pifrec['ip_configuration_mode'] == "DHCP": - f.write("BOOTPROTO=dhcp\n") - f.write("PERSISTENT_DHCLIENT=yes\n") - elif pifrec['ip_configuration_mode'] == "Static": - f.write("BOOTPROTO=none\n") - f.write("NETMASK=%(netmask)s\n" % pifrec) - f.write("IPADDR=%(IP)s\n" % pifrec) - f.write("GATEWAY=%(gateway)s\n" % pifrec) - elif pifrec['ip_configuration_mode'] == "None": - f.write("BOOTPROTO=none\n") - else: - raise Error("Unknown ip-configuration-mode %s" % pifrec['ip_configuration_mode']) - - if pifrec.has_key('DNS') and pifrec['DNS'] != "": - ServerList = pifrec['DNS'].split(",") - for i in range(len(ServerList)): f.write("DNS%d=%s\n" % (i+1, ServerList[i])) - if oc and oc.has_key('domain'): - f.write("DOMAIN='%s'\n" % oc['domain'].replace(',', ' ')) - - # We only allow one ifcfg-xenbr* to have PEERDNS=yes and there can be only one GATEWAYDEV in /etc/sysconfig/network. - # The peerdns pif will be the one with pif::other-config:peerdns=true, or the mgmt pif if none have this set. - # The gateway pif will be the one with pif::other-config:defaultroute=true, or the mgmt pif if none have this set. - - # Work out which pif on this host should be the one with PEERDNS=yes and which should be the GATEWAYDEV - # - # Note: we prune out the bond master pif (if it exists). - # This is because when we are called to bring up an interface with a bond master, it is implicit that - # we should bring down that master. - pifs_on_host = [ __pif for __pif in db.get_all_pifs() if - db.get_pif_record(__pif)['host'] == host and - (not __pif in get_bond_masters_of_pif(pif)) ] - other_pifs_on_host = [ __pif for __pif in pifs_on_host if __pif != pif ] - - peerdns_pif = None - defaultroute_pif = None - - # loop through all the pifs on this host looking for one with - # other-config:peerdns = true, and one with - # other-config:default-route=true - for __pif in pifs_on_host: - __pifrec = db.get_pif_record(__pif) - __oc = __pifrec['other_config'] - if __oc.has_key('peerdns') and __oc['peerdns'] == 'true': - if peerdns_pif == None: - peerdns_pif = __pif - else: - log('Warning: multiple pifs with "peerdns=true" - choosing %s and ignoring %s' % \ - (db.get_pif_record(peerdns_pif)['device'], __pifrec['device'])) - if __oc.has_key('defaultroute') and __oc['defaultroute'] == 'true': - if defaultroute_pif == None: - defaultroute_pif = __pif - else: - log('Warning: multiple pifs with "defaultroute=true" - choosing %s and ignoring %s' % \ - (db.get_pif_record(defaultroute_pif)['device'], __pifrec['device'])) - - # If no pif is explicitly specified then use the mgmt pif for peerdns/defaultroute - if peerdns_pif == None: - peerdns_pif = management_pif - if defaultroute_pif == None: - defaultroute_pif = management_pif - - # Update all the other network's ifcfg files and ensure consistency - for __pif in other_pifs_on_host: - __f = open_network_ifcfg(__pif) - peerdns_line_wanted = 'PEERDNS=%s\n' % ((__pif == peerdns_pif) and 'yes' or 'no') - lines = __f.readlines() - - if not peerdns_line_wanted in lines: - # the PIF selected for DNS has changed and as a result this ifcfg file needs rewriting - for line in lines: - if not line.lstrip().startswith('PEERDNS'): - __f.write(line) - log("Setting %s in %s" % (peerdns_line_wanted.strip(), __f.path())) - __f.write(peerdns_line_wanted) - __f.close() - f.attach_child(__f) - - else: - # There is no need to change this ifcfg file. So don't attach_child. - pass - - # ... and for this pif too - f.write('PEERDNS=%s\n' % ((pif == peerdns_pif) and 'yes' or 'no')) - - # Update gatewaydev - fnetwork = ConfigurationFile("network", "/etc/sysconfig") - for line in fnetwork.readlines(): - if line.lstrip().startswith('GATEWAY') : - continue - fnetwork.write(line) - if defaultroute_pif: - gatewaydev = bridge_name(defaultroute_pif) - if not gatewaydev: - gatewaydev = interface_name(defaultroute_pif) - fnetwork.write('GATEWAYDEV=%s\n' % gatewaydev) - fnetwork.close() - f.attach_child(fnetwork) - - return - - -def configure_physical_interface(pif): - """Write the configuration for a physical interface. - - Writes the configuration file for the physical interface described by - the pif object. - - Returns the open file handle for the interface configuration file. - """ - - pifrec = db.get_pif_record(pif) - - f = open_pif_ifcfg(pif) - - f.write("TYPE=Ethernet\n") - f.write("HWADDR=%(MAC)s\n" % pifrec) - - return f - -def configure_bond_interface(pif): - """Write the configuration for a bond interface. - - Writes the configuration file for the bond interface described by - the pif object. Handles writing the configuration for the slave - interfaces. - - Returns the open file handle for the bond interface configuration - file. - """ - - pifrec = db.get_pif_record(pif) - oc = pifrec['other_config'] - f = open_pif_ifcfg(pif) - - if pifrec['MAC'] != "": - f.write("MACADDR=%s\n" % pifrec['MAC']) - - for slave in get_bond_slaves_of_pif(pif): - s = configure_physical_interface(slave) - s.write("MASTER=%(device)s\n" % pifrec) - s.write("SLAVE=yes\n") - s.close() - f.attach_child(s) - - # The bond option defaults - bond_options = { - "mode": "balance-slb", - "miimon": "100", - "downdelay": "200", - "updelay": "31000", - "use_carrier": "1", - } - - # override defaults with values from other-config whose keys being with "bond-" - overrides = filter(lambda (key,val): key.startswith("bond-"), oc.items()) - overrides = map(lambda (key,val): (key[5:], val), overrides) - bond_options.update(overrides) - - # write the bond options to ifcfg-bondX - f.write('BONDING_OPTS="') - for (name,val) in bond_options.items(): - f.write("%s=%s " % (name,val)) - f.write('"\n') - return f - -def configure_vlan_interface(pif): - """Write the configuration for a VLAN interface. - - Writes the configuration file for the VLAN interface described by - the pif object. Handles writing the configuration for the master - interface if necessary. - - Returns the open file handle for the VLAN interface configuration - file. - """ - - slave = configure_pif(get_vlan_slave_of_pif(pif)) - slave.close() - - f = open_pif_ifcfg(pif) - f.write("VLAN=yes\n") - f.attach_child(slave) - - return f - -def configure_pif(pif): - """Write the configuration for a PIF object. - - Writes the configuration file the PIF and all dependent - interfaces (bond slaves and VLAN masters etc). - - Returns the open file handle for the interface configuration file. - """ - - pifrec = db.get_pif_record(pif) - - if pifrec['VLAN'] != '-1': - f = configure_vlan_interface(pif) - elif len(pifrec['bond_master_of']) != 0: - f = configure_bond_interface(pif) - else: - f = configure_physical_interface(pif) - - bridge = bridge_name(pif) - if bridge: - f.write("BRIDGE=%s\n" % bridge) - - return f + return 0 -def unconfigure_pif(pif): - """Clear up the files created by configure_pif""" - f = open_pif_ifcfg(pif) - log("Unlinking stale file %s" % f.path()) - f.unlink() - return f - if __name__ == "__main__": rc = 1 try: @@ -1608,5 +1743,5 @@ if __name__ == "__main__": if not debug_mode(): syslog.closelog() - + sys.exit(rc)