[PATCH] [Wok 0/3] Remove Kimchi options from wok and improve how plugins are loaded
Aline Manera (3): Remove federation and create_iso_pool options from Wok server Get root application name from plugin name and automatically import plugin sub_nodes Update /config API to return the authentication method docs/API/config.md | 1 + docs/wokd.8.in | 57 ------------------------------------------------- src/wok.conf.in | 7 ------ src/wok/config.py.in | 2 -- src/wok/model/config.py | 11 ++++------ src/wok/server.py | 37 +++++++++++++++----------------- src/wokd.in | 10 +-------- tests/test_api.py | 2 +- ui/js/src/wok.api.js | 17 +++++++++++++-- ui/js/src/wok.main.js | 9 +++++++- 10 files changed, 47 insertions(+), 106 deletions(-) -- 2.5.0
Those options are related to Kimchi and should not be on Wok server configuration. Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- docs/wokd.8.in | 57 ---------------------------------------------------- src/wok.conf.in | 7 ------- src/wok/config.py.in | 2 -- src/wokd.in | 10 +-------- 4 files changed, 1 insertion(+), 75 deletions(-) diff --git a/docs/wokd.8.in b/docs/wokd.8.in index d715e87..c7a6f3f 100644 --- a/docs/wokd.8.in +++ b/docs/wokd.8.in @@ -7,7 +7,6 @@ Kimchi \- HTML5 based management tool for KVM [\fB--ssl-port\fP \fIssl_port\fP] [\fB--cherrypy_port\fP \fIcherrypy_port\fP] [\fB--log-level\fP \fIlog_level\fP] [\fB--access-log\fP \fIaccess_log\fP] [\fB--error-log\fP \fIerror_log\fP] [\fB--environment\fP \fIenvironment\fP] -[\fB--federation\fP \fIfederation\fP] [\fB--test\fP] .SH DESCRIPTION \fBKimchi\fP is an HTML5 based management tool for KVM. It is designed to make it as easy as possible to get started with KVM and create your first guest. @@ -41,67 +40,11 @@ Specify the access log location where kimchi should create the access log file. \fB\-\-environment\fP [\fIdevelopment\fP | \fIproduction\fP] Specify the running environment of kimchi server. Check cherrypy documentation for more details (default \fIproduction\fP). .TP -\fB\-\-federation\fP [\fIon\fP | \fIoff\fP] Register and discover Kimchi peers in the same network using OpenSLP. Check below the \fBFEDERATION\fP section for more details (default \fIoff\fP). .TP \fB\-\-test\fP Run kimchi on a mock version that does not affect the system. For testing proposals. -.SH FEDERATION -Federation feature is a mechanism to discover Kimchi peers in the same network. -It uses OpenSLP tool (http://www.openslp.org/) to register and find the Kimchi -servers. - -By default this feature is disabled on Kimchi as it is not critical for KVM -virtualization and requires additional software installation. - -To enable it, do the following: - -1. Install OpenSLP server package - -2. OpenSLP uses port 427 (UDP) and port 427 (TCP) so make sure to open those - ports in your firewall configuration - - For system using firewalld, do: - sudo firewall-cmd \-\-permanent \-\-add-port=427/udp - sudo firewall-cmd \-\-permanent \-\-add-port=427/tcp - sudo firewall-cmd \-\-reload - - For openSUSE systems, do: - sudo /sbin/SuSEfirewall2 open EXT TCP 427 - sudo /sbin/SuSEfirewall2 open EXT UDP 427 - - For system using iptables, do: - sudo iptables \-A INPUT \-p tcp \-\-dport 427 \-j ACCEPT - sudo iptables \-A INPUT \-p udp \-\-dport 427 \-j ACCEPT - -3. In addition to the OpenSLP ports, you also need to allow multicast in the - firewall configuration - - For system using firewalld, do: - sudo firewall-cmd \-\-direct \-\-add-rule ipv4 filter INPUT 0 \-s <subnet> \-j ACCEPT - - For openSUSE systems, do: - Add the subnet to the trusted networks listed on FW_TRUSTED_NETS in - /etc/sysconfig/SuSEfirewall2 file. - Make sure to restart /sbin/SuSEfirewall2 after modifying /etc/sysconfig/SuSEfirewall2 - - For system using iptables, do: - sudo iptables \-A INPUT \-s <subnet> \-j ACCEPT - -4. Start slpd service and make sure it is up while running Kimchi - sudo service slpd start - -5. Enable federation on Kimchi by editing the /etc/kimchi/kimchi.conf file: - - federation = on - -6. Then start Kimchi service - sudo service kimchid start - -The Kimchi server will be registered on OpenSLP on server starting up and will -be found by other Kimchi peers (with federation feature enabled) in the same -network. .SH LICENCE .br Kimchi is distributed pursuant to the terms of two different licenses. diff --git a/src/wok.conf.in b/src/wok.conf.in index 7406671..7d479d3 100644 --- a/src/wok.conf.in +++ b/src/wok.conf.in @@ -29,16 +29,9 @@ # Running environment of the server #environment = production -# Federation feature: register Wok server on openSLP and discover peers -# in the same network. Check README-federation for more details. -#federation = off - # Max request body size in KB, default value is 4GB #max_body_size = 4 * 1024 * 1024 -# Automatically create ISO pool on server start up -#create_iso_pool = true - [logging] # Log directory #log_dir = @localstatedir@/log/wok diff --git a/src/wok/config.py.in b/src/wok/config.py.in index e84be5f..c6b1db2 100644 --- a/src/wok/config.py.in +++ b/src/wok/config.py.in @@ -236,8 +236,6 @@ def _get_config(): config.set("server", "ssl_cert", "") config.set("server", "ssl_key", "") config.set("server", "environment", "production") - config.set("server", "federation", "off") - config.set("server", "create_iso_pool", "true") config.set('server', 'max_body_size', '4*1024*1024') config.add_section("authentication") config.set("authentication", "method", "pam") diff --git a/src/wokd.in b/src/wokd.in index 1108445..733338a 100644 --- a/src/wokd.in +++ b/src/wokd.in @@ -2,7 +2,7 @@ # # Project Wok # -# Copyright IBM, Corp. 2013-2015 +# Copyright IBM, Corp. 2013-2016 # # Code derived from Project Kimchi # @@ -49,8 +49,6 @@ def main(options): cherrypy_port = config.config.get("server", "cherrypy_port") websockets_port = config.config.get("server", "websockets_port") runningEnv = config.config.get("server", "environment") - federation = config.config.get("server", "federation") - isopool = config.config.get("server", "create_iso_pool") logDir = config.config.get("logging", "log_dir") logLevel = config.config.get("logging", "log_level") @@ -76,12 +74,6 @@ def main(options): help="Error log file") parser.add_option('--environment', default=runningEnv, help="Running environment of wok server") - parser.add_option('--federation', default=federation, - help="Register and discover Kimchi peers in the same " - "network using openSLP. Check README-federation for" - " more details.") - parser.add_option('--create_iso_pool', default=isopool, - help="Automatically create ISO pool on server start up.") parser.add_option('--test', action='store_true', help="Run server in mock model") (options, args) = parser.parse_args() -- 2.5.0
Before this patch, the application name and plugin sub_nodes information was listed in the plugin configuration file. But those kind of information must not be edited, otherwise the user can break the application. To allow removing those kind of information from plugin configuration file, automatically get the application name from plugin name and import plugin sub_nodes on server start up. Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- src/wok/server.py | 37 +++++++++++++++++-------------------- 1 file changed, 17 insertions(+), 20 deletions(-) diff --git a/src/wok/server.py b/src/wok/server.py index 59ecdc0..4fd380c 100644 --- a/src/wok/server.py +++ b/src/wok/server.py @@ -1,7 +1,7 @@ # # Project Wok # -# Copyright IBM, Corp. 2013-2015 +# Copyright IBM, Corp. 2013-2016 # # Code derived from Project Kimchi # @@ -146,9 +146,7 @@ class Server(object): try: plugin_class = ('plugins.%s.%s' % (plugin_name, - plugin_config['wok']['plugin_class'])) - extra_auth = plugin_config['wok'].get('extra_auth_api_class', - None) + plugin_name[0].upper() + plugin_name[1:])) script_name = plugin_config['wok']['uri'] del plugin_config['wok'] @@ -171,22 +169,21 @@ class Server(object): plugin_config.update(get_custom_conf()) # dynamically add tools.wokauth.on = True to extra plugin APIs - if extra_auth: - try: - authed_apis = import_class(('plugins.%s.%s' % - (plugin_name, extra_auth))) - except ImportError, e: - cherrypy.log.error_log.error( - "Failed to import subnodes for plugin %s, " - "error: %s" % (plugin_class, e.message) - ) - continue - - urlSubNodes = {} - for ident, node in authed_apis.items(): - if node.url_auth: - ident = "/%s" % ident - urlSubNodes[ident] = {'tools.wokauth.on': True} + try: + sub_nodes = import_class('plugins.%s.control.sub_nodes' % + plugin_name) + except ImportError, e: + cherrypy.log.error_log.error( + "Failed to import subnodes for plugin %s, " + "error: %s" % (plugin_class, e.message) + ) + continue + + urlSubNodes = {} + for ident, node in sub_nodes.items(): + if node.url_auth: + ident = "/%s" % ident + urlSubNodes[ident] = {'tools.wokauth.on': True} plugin_config.update(urlSubNodes) -- 2.5.0
And also update the UI code to get the Wok configuration. Signed-off-by: Aline Manera <alinefm@linux.vnet.ibm.com> --- docs/API/config.md | 1 + src/wok/model/config.py | 11 ++++------- tests/test_api.py | 2 +- ui/js/src/wok.api.js | 17 +++++++++++++++-- ui/js/src/wok.main.js | 9 ++++++++- 5 files changed, 29 insertions(+), 11 deletions(-) diff --git a/docs/API/config.md b/docs/API/config.md index c18b605..bdf5c16 100644 --- a/docs/API/config.md +++ b/docs/API/config.md @@ -11,6 +11,7 @@ Contains information about the application environment and configuration. * **GET**: Retrieve configuration information * ssl_port: SSL port to list on * websockets_port: Port for websocket proxy to listen on + * auth: Authentication method used to log in to Wok * version: Wok version * **POST**: *See Task Actions* diff --git a/src/wok/model/config.py b/src/wok/model/config.py index d39222a..3b5619f 100644 --- a/src/wok/model/config.py +++ b/src/wok/model/config.py @@ -17,8 +17,7 @@ # License along with this library; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA -from wok.config import config as kconfig -from wok.config import get_version +from wok.config import config, get_version class ConfigModel(object): @@ -26,9 +25,7 @@ class ConfigModel(object): pass def lookup(self, name): - ssl_port = kconfig.get('server', 'ssl_port') - websockets_port = kconfig.get('server', 'websockets_port') - - return {'ssl_port': ssl_port, - 'websockets_port': websockets_port, + return {'ssl_port': config.get('server', 'ssl_port'), + 'websockets_port': config.get('server', 'websockets_port'), + 'auth': config.get('authentication', 'method'), 'version': get_version()} diff --git a/tests/test_api.py b/tests/test_api.py index 39888c8..3150c1e 100644 --- a/tests/test_api.py +++ b/tests/test_api.py @@ -53,5 +53,5 @@ class APITests(unittest.TestCase): def test_config(self): resp = self.request('/config').read() conf = json.loads(resp) - keys = ["ssl_port", "websockets_port", "version"] + keys = ["auth", "ssl_port", "websockets_port", "version"] self.assertEquals(sorted(keys), sorted(conf.keys())) diff --git a/ui/js/src/wok.api.js b/ui/js/src/wok.api.js index bc73cdd..c97dba8 100644 --- a/ui/js/src/wok.api.js +++ b/ui/js/src/wok.api.js @@ -1,7 +1,7 @@ /* * Project Wok * - * Copyright IBM, Corp. 2013-2015 + * Copyright IBM, Corp. 2013-2016 * * Code derived from Project Kimchi * @@ -89,5 +89,18 @@ var wok = { success : suc, error : err }); - }, + }, + + getConfig: function(suc, err, sync) { + wok.requestJSON({ + url : 'config', + type : 'GET', + contentType : 'application/json', + dataType : 'json', + resend: true, + async : !sync, + success : suc, + error : err + }); + }, }; diff --git a/ui/js/src/wok.main.js b/ui/js/src/wok.main.js index 2a41bc5..736001f 100644 --- a/ui/js/src/wok.main.js +++ b/ui/js/src/wok.main.js @@ -1,7 +1,7 @@ /* * Project Wok * - * Copyright IBM, Corp. 2013-2015 + * Copyright IBM, Corp. 2013-2016 * * Code derived from Project Kimchi * @@ -20,6 +20,13 @@ wok.tabMode = {}; +wok.config = undefined; +wok.getConfig(function(result) { + wok.config = result; +}, function() { + wok.config = {}; +}); + wok.main = function() { wok.isLoggingOut = false; wok.popable(); -- 2.5.0
Reviewed-by: Paulo Vital <pvital@linux.vnet.ibm.com> On 01/22/2016 10:31 AM, Aline Manera wrote:
Aline Manera (3): Remove federation and create_iso_pool options from Wok server Get root application name from plugin name and automatically import plugin sub_nodes Update /config API to return the authentication method
docs/API/config.md | 1 + docs/wokd.8.in | 57 ------------------------------------------------- src/wok.conf.in | 7 ------ src/wok/config.py.in | 2 -- src/wok/model/config.py | 11 ++++------ src/wok/server.py | 37 +++++++++++++++----------------- src/wokd.in | 10 +-------- tests/test_api.py | 2 +- ui/js/src/wok.api.js | 17 +++++++++++++-- ui/js/src/wok.main.js | 9 +++++++- 10 files changed, 47 insertions(+), 106 deletions(-)
participants (2)
-
Aline Manera -
Paulo Vital