r113791 MediaWiki - Code Review archive

Repository:	MediaWiki
Revision:	< r113790‎ \| r113791 \| r113792 >
Date:	01:23, 14 March 2012
Author:	laner
Status:	new
Tags:
Comment:	Fixing global sharing to use NFS, and make it read only. Also ensuring that all volumes are shared with all bricks, by IP address (since hostname seemed to fail).
Modified paths:	/trunk/tools/subversion/user-management/manage-volumes (modified) (history)

Diff [purge]

Index: trunk/tools/subversion/user-management/manage-volumes
—	—	@@ -20,7 +20,7 @@
21	21	self.gluster_vol_dir = '/etc/glusterd/'
22	22	# Volumes in projects listed as global; so: { 'dumps': ['xml'] } would be
23	23	# an xml share in the dumps project being listed as global.
24		~~- self.global_shares = {}~~
	24	+ self.global_shares = {'publicdata': ['project']}
25	25	self.volume_quotas = {'home': '50GB','default': '300GB'}
26	26	self.default_options = ['nfs.disable on']
27	27	self.bricks = ['labstore1.pmtpa.wmnet', 'labstore2.pmtpa.wmnet', 'labstore3.pmtpa.wmnet', 'labstore4.pmtpa.wmnet']
—	—	@@ -57,6 +57,11 @@
58	58	project_name = project[1]["cn"][0]
59	59	hosts = []
60	60	if project_name in project_hosts:
	61	+ brick_ips = []
	62	+ for brick in self.bricks:
	63	+ brick_ips.append(socket.gethostbyname(brick))
	64	+ hosts.extend(brick_ips)
	65	+ hosts = list(set(hosts))
61	66	hosts = project_hosts[project_name]
62	67	hosts.sort()
63	68	for volume_name in self.volume_names:
—	—	@@ -83,10 +88,13 @@
84	89	volume_hosts.sort()
85	90	if project_name in self.global_shares and volume_name in self.global_shares[project_name]:
86	91	# This is a global share
87		~~- if volume_hosts != ['*']:~~
88		~~- self.setallow(project_name,volume_name,['*'])~~
89		~~- elif hosts:~~
90	92	# A host has been added or deleted, modify the auth.allow
	93	+ volume_nfs_hosts = ''
	94	+ if project_volume in project_volumes and 'nfs.rpc-auth-allow' in project_volumes[project_volume]:
	95	+ volume_nfs_hosts = project_volumes[project_volume]['nfs.rpc-auth-allow']
	96	+ if volume_nfs_hosts != '*':
	97	+ self.setglobal(project_name,volume_name)
	98	+ if hosts:
91	99	if volume_hosts != hosts:
92	100	self.setallow(project_name,volume_name,hosts)
93	101	else:
—	—	@@ -134,9 +142,15 @@
135	143	else:
136	144	hosts = 'NONE'
137	145	volume = project_name + '-' + volume_name
138		~~- self.ssh_exec_command('sudo gluster volume set ' + volume + ' auth.allow ' +hosts, True)~~
	146	+ self.ssh_exec_command('sudo gluster volume set ' + volume + ' auth.allow ' + hosts, True)
139	147	self.log("Modified auth.allow for: " + volume)
140	148
	149	+ def setglobal(self, project_name, volume_name):
	150	+ volume = project_name + '-' + volume_name
	151	+ self.ssh_exec_command('sudo gluster volume set ' + volume + ' nfs.disable ' + 'off', True)
	152	+ self.ssh_exec_command('sudo gluster volume set ' + volume + ' nfs.volume-access ' + 'read-only', True)
	153	+ self.ssh_exec_command('sudo gluster volume set ' + volume + ' nfs.rpc-auth-allow ' + '\*', True)
	154	+
141	155	def ssh_exec_command(self, command, single=False, return_stdout=False):
142	156	if single:
143	157	# Only run this on a single brick, we arbitrarily pick the first one
—	—	@@ -163,6 +177,8 @@
164	178	self.log(brick + ' - "' + command + '"')
165	179	chan.exec_command(command)
166	180	ret = chan.recv_exit_status()
	181	+ if self.loglevel >= DEBUG:
	182	+ self.log("Return value: " + str(ret))
167	183	if return_stdout:
168	184	# Since we are using a channel, we need to keep reading until there isn't
169	185	# any output left
—	—	@@ -202,19 +218,21 @@
203	219	current_volume = ''
204	220	for line in volumedata:
205	221	line = line.strip()
	222	+ if not line:
	223	+ current_volume = ''
	224	+ continue
206	225	line_arr = line.split(': ')
207	226	if len(line_arr) == 2 and line_arr[0] == "Volume Name":
208	227	current_volume = line_arr[1]
	228	+ volumes[current_volume] = {}
209	229	elif len(line_arr) == 2 and line_arr[0] == "auth.allow":
210	230	if line_arr[1] == "NONE":
211	231	hosts = []
212	232	else:
213	233	hosts = line_arr[1].split(',')
214		~~- volumes[current_volume] = {'auth.allow': hosts}~~
215		~~- # Let's reset the current_volume, in case there are any~~
216		~~- # weird formatting errors, we wouldn't want to add another~~
217		~~- # project's IPs to this volume.~~
218		~~- current_volume = ''~~
	234	+ volumes[current_volume]['auth.allow'] = hosts
	235	+ elif len(line_arr) == 2 and line_arr[0] == "nfs.rpc-auth-allow":
	236	+ volumes[current_volume]['nfs.rpc-auth-allow'] = line_arr[1]
219	237	return volumes
220	238
221	239	def search_s(self,ds,base,scope,query,attrlist=None):

Status & tagging log

17:06, 4 April 2012 Krinkle (talk | contribs) changed the status of r113791 [removed: deferred added: new]
23:48, 16 March 2012 Reedy (talk | contribs) changed the status of r113791 [removed: new added: deferred]