Sandro Bonazzola has uploaded a new change for review.
Change subject: bin: added --console command
......................................................................
bin: added --console command
Added --console switch to hosted-engine command.
Refactored some plugins for having all required
variables inside the configuration file.
Fixed also some issues found configuring the vm
for using spice.
Change-Id: Iadbcb35a07d59ed8bfc5a998ae6dbc723705eafd
Signed-off-by: Sandro Bonazzola <sbona...@redhat.com>
---
M src/bin/hosted-engine.in
M src/ovirt_hosted_engine_setup/constants.py
M src/plugins/ovirt-hosted-engine-setup/core/conf.py
M src/plugins/ovirt-hosted-engine-setup/pki/vdsmpki.py
M src/plugins/ovirt-hosted-engine-setup/vm/runvm.py
M templates/hosted-engine.conf.in
6 files changed, 81 insertions(+), 53 deletions(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-hosted-engine-setup
refs/changes/14/17114/1
diff --git a/src/bin/hosted-engine.in b/src/bin/hosted-engine.in
index be37410..33e6d29 100644
--- a/src/bin/hosted-engine.in
+++ b/src/bin/hosted-engine.in
@@ -115,6 +115,21 @@
${sdUUID}
${spUUID}
;;
+ --console)
+ if [ "${console}" == "vnc" ] ; then
+ echo "Use the password you've set using --add-console-password
for logging in"
+ exec /bin/remote-viewer vnc://localhost:5900
+ elif [ "${console}" == "qxl" ] ; then
+ if [ ! -r "${ca_cert}" ] ; then
+ echo "Missing spice PKI certificate"
+ exit 1
+ fi
+ exec /bin/remote-viewer \
+ --spice-ca-file=${ca_cert} \
+ spice://localhost?tls-port=5900 \
+ --spice-host-subject="${ca_subject}"
+ fi
+ ;;
--help)
rc=0
usage
diff --git a/src/ovirt_hosted_engine_setup/constants.py
b/src/ovirt_hosted_engine_setup/constants.py
index 933aaac..5afcd1b 100644
--- a/src/ovirt_hosted_engine_setup/constants.py
+++ b/src/ovirt_hosted_engine_setup/constants.py
@@ -359,6 +359,12 @@
def PKI_SUBJECT(self):
return 'OVEHOSTED_VDSM/pkiSubject'
+ @ohostedattrs(
+ answerfile=True,
+ )
+ def SPICE_SUBJECT(self):
+ return 'OVEHOSTED_VDSM/spicePkiSubject'
+
VDSM_CPU = 'OVEHOSTED_VDSM/cpu'
diff --git a/src/plugins/ovirt-hosted-engine-setup/core/conf.py
b/src/plugins/ovirt-hosted-engine-setup/core/conf.py
index ec52bd4..b3acbed 100644
--- a/src/plugins/ovirt-hosted-engine-setup/core/conf.py
+++ b/src/plugins/ovirt-hosted-engine-setup/core/conf.py
@@ -57,14 +57,6 @@
# TODO: what's an VM_DISK_ID and how can it change to another value?
self.logger.info(_('Updating hosted-engine configuration'))
- # Update spice display name
- if self.environment[
- ohostedcons.VMEnv.CONSOLE_TYPE
- ] == 'spice':
- self.environment[
- ohostedcons.VMEnv.CONSOLE_TYPE
- ] = 'qxl'
-
content = ohostedutil.processTemplate(
template=ohostedcons.FileLocations.OVIRT_HOSTED_ENGINE_TEMPLATE,
subst={
@@ -72,7 +64,7 @@
ohostedcons.NetworkEnv.OVIRT_HOSTED_ENGINE_FQDN
],
'@VM_DISK_ID@': self.environment[
- self.environment[ohostedcons.StorageEnv.IMG_UUID]
+ ohostedcons.StorageEnv.IMG_UUID
],
'@SHARED_STORAGE@': self.environment[
ohostedcons.StorageEnv.STORAGE_DOMAIN_CONNECTION
@@ -93,6 +85,10 @@
'@CONNECTION_UUID@': self.environment[
ohostedcons.StorageEnv.CONNECTION_UUID
],
+ '@CA_CERT@': ohostedcons.FileLocations.LIBVIRT_CA_CERT,
+ '@CA_SUBJECT@': self.environment[
+ ohostedcons.VDSMEnv.SPICE_SUBJECT
+ ],
}
)
with transaction.Transaction() as localtransaction:
diff --git a/src/plugins/ovirt-hosted-engine-setup/pki/vdsmpki.py
b/src/plugins/ovirt-hosted-engine-setup/pki/vdsmpki.py
index 963bd9a..3466859 100644
--- a/src/plugins/ovirt-hosted-engine-setup/pki/vdsmpki.py
+++ b/src/plugins/ovirt-hosted-engine-setup/pki/vdsmpki.py
@@ -26,6 +26,7 @@
import os
import shutil
import tempfile
+import re
from otopi import util
@@ -42,6 +43,17 @@
class Plugin(plugin.PluginBase):
"""VDSM PKI plugin."""
+ _RE_SUBJECT = re.compile(
+ flags=re.VERBOSE,
+ pattern=r"""
+ ^
+ \s+
+ Subject:\s*
+ (?P<subject>O=\w+,\s+CN=.*)
+ $
+ """
+ )
+
def __init__(self, context):
super(Plugin, self).__init__(context=context)
self._tmpdir = None
@@ -55,6 +67,27 @@
raiseOnError=True
)
+ def _getSPICEcerts(self):
+ subject = None
+ rc, stdout, stderr = self.execute(
+ (
+ self.command.get('openssl'),
+ 'x509',
+ '-noout',
+ '-text',
+ '-in', ohostedcons.FileLocations.LIBVIRT_SERVER_CERT
+ ),
+ raiseOnError=True
+ )
+ for line in stdout:
+ matcher = self._RE_SUBJECT.match(line)
+ if matcher is not None:
+ subject = matcher.group('subject')
+ break
+ if subject is None:
+ raise RuntimeError(_('Error parsing libvirt certificate'))
+ self.environment[ohostedcons.VDSMEnv.SPICE_SUBJECT] = subject
+
def _generateSPICEcerts(self):
#'https://fedoraproject.org/wiki/
#QA:Testcase_Virtualization_Manually_
@@ -62,7 +95,7 @@
self.logger.info(_('Generating libvirt-spice certificates'))
self._tmpdir = tempfile.mkdtemp()
expire = '1095' # FIXME: configurable?
- subj = self.environment[ohostedcons.VDSMEnv.PKI_SUBJECT]
+ subj = self.environment[ohostedcons.VDSMEnv.SPICE_SUBJECT]
# FIXME: configurable?
for key in ('ca-key.pem', 'server-key.pem'):
self.execute(
@@ -140,6 +173,10 @@
ohostedcons.VDSMEnv.PKI_SUBJECT,
ohostedcons.Defaults.DEFAULT_PKI_SUBJECT
)
+ self.environment.setdefault(
+ ohostedcons.VDSMEnv.SPICE_SUBJECT,
+ ohostedcons.Defaults.DEFAULT_PKI_SUBJECT
+ )
@plugin.event(
stage=plugin.Stages.STAGE_SETUP,
@@ -159,6 +196,8 @@
self._generateVDSMcerts()
if not os.path.exists(ohostedcons.FileLocations.LIBVIRT_SERVER_CERT):
self._generateSPICEcerts()
+ else:
+ self._getSPICEcerts()
@plugin.event(
stage=plugin.Stages.STAGE_CLEANUP,
diff --git a/src/plugins/ovirt-hosted-engine-setup/vm/runvm.py
b/src/plugins/ovirt-hosted-engine-setup/vm/runvm.py
index 39428ae..4715895 100644
--- a/src/plugins/ovirt-hosted-engine-setup/vm/runvm.py
+++ b/src/plugins/ovirt-hosted-engine-setup/vm/runvm.py
@@ -26,7 +26,6 @@
import string
import random
import gettext
-import re
from otopi import util
@@ -45,17 +44,6 @@
"""
VM configuration plugin.
"""
-
- _RE_SUBJECT = re.compile(
- flags=re.VERBOSE,
- pattern=r"""
- ^
- \s+
- Subject:\s*
- (?P<subject>O=\w+, CN=.*)
- $
- """
- )
def __init__(self, context):
super(Plugin, self).__init__(context=context)
@@ -81,24 +69,7 @@
ohostedcons.VMEnv.VM_PASSWD
],
)
- elif console_type == 'spice':
- subject = ''
- out, rc = self.execute(
- (
- self.command.get('openssl'),
- 'x509',
- '-noout',
- '-text',
- '-in', ohostedcons.FileLocations.LIBVIRT_SERVER_CERT
- ),
- raiseOnError=True
- )
- for line in out.splitlines():
- matcher = self._RE_SUBJECT.match(line)
- if matcher is not None:
- subject = matcher.group('param')
- break
-
+ elif console_type == 'qxl':
return _(
'You can now connect to the VM with the following command:\n'
'\t{remote} --spice-ca-file={ca_cert} '
@@ -106,9 +77,9 @@
'"--spice-host-subject=${subject}"\nUse temporary password '
'"{password}" to connect to spice console.'
).format(
- remote=self.command.get('remove-viewer'),
+ remote=self.command.get('remote-viewer'),
ca_cert=ohostedcons.FileLocations.LIBVIRT_CA_CERT,
- subject=subject,
+ subject=self.environment[ohostedcons.VDSMEnv.SPICE_SUBJECT],
password=self.environment[
ohostedcons.VMEnv.VM_PASSWD
],
@@ -194,7 +165,6 @@
# Can't use python api here, it will call sys.exit
self.command.detect('vdsClient')
self.command.detect('remote-viewer')
- self.command.detect('openssl')
@plugin.event(
stage=plugin.Stages.STAGE_CUSTOMIZATION,
@@ -207,13 +177,15 @@
interactive = self.environment[
ohostedcons.VMEnv.CONSOLE_TYPE
] is None
+ answermap = {
+ 'vnc': 'vnc',
+ 'spice': 'qxl'
+ }
while not validConsole:
if self.environment[
ohostedcons.VMEnv.CONSOLE_TYPE
] is None:
- self.environment[
- ohostedcons.VMEnv.CONSOLE_TYPE
- ] = self.dialog.queryString(
+ answer = self.dialog.queryString(
name='OVEHOSTED_VM_CONSOLE_TYPE',
note=_(
'Please specify the console type '
@@ -222,17 +194,15 @@
),
prompt=True,
caseSensitive=False,
- validValues=[
- 'vnc',
- 'spice',
- ],
+ validValues=answermap.keys(),
default='vnc',
)
- if self.environment[
- ohostedcons.VMEnv.CONSOLE_TYPE
- ] in ('vnc', 'spice'):
+ if answer in answermap:
validConsole = True
+ self.environment[
+ ohostedcons.VMEnv.CONSOLE_TYPE
+ ] = answermap[answer]
elif interactive:
self.logger.error(
'Unsuppored console type provided.'
diff --git a/templates/hosted-engine.conf.in b/templates/hosted-engine.conf.in
index 933658b..2844f59 100644
--- a/templates/hosted-engine.conf.in
+++ b/templates/hosted-engine.conf.in
@@ -10,3 +10,5 @@
spUUID=@SP_UUID@
sdUUID=@SD_UUID@
connectionUUID=@CONNECTION_UUID@
+ca_cert=@CA_CERT@
+ca_subject="@CA_SUBJECT@"
--
To view, visit http://gerrit.ovirt.org/17114
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: Iadbcb35a07d59ed8bfc5a998ae6dbc723705eafd
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-hosted-engine-setup
Gerrit-Branch: master
Gerrit-Owner: Sandro Bonazzola <sbona...@redhat.com>
_______________________________________________
Engine-patches mailing list
Engine-patches@ovirt.org
http://lists.ovirt.org/mailman/listinfo/engine-patches
