1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
|
##############################################################################
# Copyright (c) 2017 ZTE Corporation and others.
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
##############################################################################
import os
import shutil
from installer.base import BaseInstaller
from utils import load_json_file
from utils import write_json_file
class LocalInstaller(BaseInstaller):
computer_user_name = 'root'
nova_policy_file = '/etc/nova/policy.json'
nova_policy_file_backup = '%s%s' % (nova_policy_file, '.bak')
def __init__(self, conf, log):
super(LocalInstaller, self).__init__(conf, log)
self.policy_modified = False
self.add_policy_file = False
def setup(self):
self.get_ssh_key_from_installer()
self.set_apply_patches()
def cleanup(self):
self.restore_apply_patches()
def get_ssh_key_from_installer(self):
self.log.info('Assuming SSH keys already exchanged with computer for local installer type')
return
def set_apply_patches(self):
self._set_nova_policy()
def restore_apply_patches(self):
self._restore_nova_policy()
def _set_nova_policy(self):
host_status_policy = 'os_compute_api:servers:show:host_status'
host_status_rule = 'rule:admin_or_owner'
policy_data = {
'context_is_admin': 'role:admin',
'owner': 'user_id:%(user_id)s',
'admin_or_owner': 'rule:context_is_admin or rule:owner',
host_status_policy: host_status_rule
}
if os.path.isfile(self.nova_policy_file):
data = load_json_file(self.nova_policy_file)
if host_status_policy in data:
rule_origion = data[host_status_policy]
if host_status_rule == rule_origion:
self.log.info('Do not need to modify nova policy.')
self.policy_modified = False
else:
# update the host_status_policy
data[host_status_policy] = host_status_rule
self.policy_modified = True
else:
# add the host_status_policy, if the admin_or_owner is not
# defined, add it also
for policy, rule in policy_data.items():
if policy not in data:
data[policy] = rule
self.policy_modified = True
if self.policy_modified:
self.log.info('Nova policy is Modified.')
shutil.copyfile(self.nova_policy_file,
self.nova_policy_file_backup)
else:
# file does not exit, create a new one and add the policy
self.log.info('Nova policy file not exist. Creating a new one')
data = policy_data
self.add_policy_file = True
if self.policy_modified or self.add_policy_file:
write_json_file(self.nova_policy_file, data)
os.system('screen -S stack -p n-api -X stuff "^C^M^[[A^M"')
def _restore_nova_policy(self):
if self.policy_modified:
shutil.copyfile(self.nova_policy_file_backup, self.nova_policy_file)
os.remove(self.nova_policy_file_backup)
elif self.add_policy_file:
os.remove(self.nova_policy_file)
if self.add_policy_file or self.policy_modified:
os.system('screen -S stack -p n-api -X stuff "^C^M^[[A^M"')
self.add_policy_file = False
self.policy_modified = False
|