[node-patches] Change in ovirt-node[master]: [DRAFT] engine: Rework engine page and logic

fabiand at fedoraproject.org fabiand at fedoraproject.org
Mon Feb 11 19:39:21 UTC 2013


Fabian Deutsch has uploaded a new change for review.

Change subject: [DRAFT] engine: Rework engine page and logic
......................................................................

[DRAFT] engine: Rework engine page and logic

Change-Id: Ic0765360f1006bf031f07e209f194e5fd08b0aac
Signed-off-by: Fabian Deutsch <fabiand at fedoraproject.org>
---
M scripts/tui/src/ovirt/node/setup/engine_page.py
1 file changed, 124 insertions(+), 117 deletions(-)


  git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/43/11943/1

diff --git a/scripts/tui/src/ovirt/node/setup/engine_page.py b/scripts/tui/src/ovirt/node/setup/engine_page.py
index 328ce8d..1f83fab 100644
--- a/scripts/tui/src/ovirt/node/setup/engine_page.py
+++ b/scripts/tui/src/ovirt/node/setup/engine_page.py
@@ -40,7 +40,8 @@
         model = {
             "vdsm_cfg.address": cfg["server"] or "",
             "vdsm_cfg.port": cfg["port"] or "443",
-            "vdsm_cfg.connect_and_validate": True,
+            "vdsm_cfg.cert": "Verified"
+            if utils.fs.Config().exists(cfg["cert_path"]) else "Unspecified",
             "vdsm_cfg.password": "",
             "vdsm_cfg.password_confirmation": "",
         }
@@ -61,8 +62,8 @@
               ui.Entry("vdsm_cfg.address", "Management Server:"),
               ui.Entry("vdsm_cfg.port", "Management Server Port:"),
               ui.Divider("divider[0]"),
-              ui.Checkbox("vdsm_cfg.connect_and_validate",
-                          "Connect to oVirt Engine and Validate Certificate"),
+              ui.SaveButton("action.fetch_cert", "Retrieve Certificate"),
+              ui.KeywordLabel("vdsm_cfg.cert", "Certificate Status: "),
               ui.Divider("divider[1]"),
               ui.Label("vdsm_cfg.password._label",
                        "Optional password for adding Node through oVirt " +
@@ -71,10 +72,11 @@
               ui.PasswordEntry("vdsm_cfg.password_confirmation",
                                "Confirm Password:"),
               ]
-        # Save it "locally" as a dict, for better accessability
-        self.widgets.add(ws)
 
         page = ui.Page("page", ws)
+        page.buttons = [ui.SaveButton("action.register", "Save & Register")]
+
+        self.widgets.add(page)
         return page
 
     def on_change(self, changes):
@@ -89,35 +91,129 @@
         self.logger.debug("Changes: %s" % changes)
         self.logger.debug("Effective Model: %s" % effective_model)
 
-        txs = utils.Transaction("Configuring oVirt Engine")
+        if changes.contains_any(["action.fetch_cert"]):
+            try:
+                server = effective_model["vdsm_cfg.address"]
+                port = findPort(server, effective_model["vdsm_cfg.port"])
+                self._cert_path, fingerprint = retrieveCetrificate(server,
+                                                                   port)
+                self._server, self._port = server, port
+            except Exception as e:
+                fingerprint = str(e)
 
-        vdsm_keys = ["vdsm_cfg.address", "vdsm_cfg.port"]
-        if changes.contains_any(vdsm_keys):
-            values = effective_model.values_for(vdsm_keys)
-            self.logger.debug("Setting VDSM server and port (%s)" % values)
+            self._fp_dialog = ui.Dialog("dialog.engine.fp",
+                                        "@ENGINENAME@ Fingerprint",
+                                        [ui.Label("dialog.label[0]", "TBD"),
+                                         ui.Label("dialog.fp", fingerprint)])
+            self._fp_dialog.buttons = [ui.Button("action.cert.accept",
+                                                 "Accept"),
+                                       ui.Button("action.cert.reject",
+                                                 "Reject")]
+            return self._fp_dialog
 
-            # Use the VDSM class below to build a transaction
+        elif changes.contains_any(["action.cert.accept"]):
+            self._fp_dialog.close()
             model = VDSM()
-            model.update(*values)
-            txs += model.transaction()
+            model.update(self._server, self._port, self._cert_path)
+            utils.fs.Config().persist(self._cert_path)
+
+        elif changes.contains_any(["action.cert.reject"]):
+            model = VDSM()
+            model.update(cert_path=None)
+            utils.fs.Config().unpersist(self._cert_path)
+            self._fp_dialog.close()
+
+
+        txs = utils.Transaction("Configuring oVirt Engine")
 
         if changes.contains_any(["vdsm_cfg.password_confirmation"]):
             self.logger.debug("Setting engine password")
             txs += [SetEnginePassword()]
 
-        if effective_model.contains_any(["vdsm_cfg.connect_and_validate"]):
-            if effective_model["vdsm_cfg.connect_and_validate"]:
-                self.logger.debug("Connecting to engine")
-                txs += [ActivateVDSM(changes["vdsm_cfg.connect_and_validate"])]
+        if effective_model.contains_any(["action.register"]):
+            self.logger.debug("Connecting to engine")
+            txs += [ActivateVDSM()]
 
-        progress_dialog = ui.TransactionProgressDialog("dialog.txs", txs, self)
-        progress_dialog.run()
-
-        # VDSM messes with logging, and we just reset it
-        app.configure_logging()
+        if len(txs) > 0:
+            progress_dialog = ui.TransactionProgressDialog("dialog.txs", txs, self)
+            progress_dialog.run()
+    
+            # VDSM messes with logging, and we just reset it
+            app.configure_logging()
 
         # Acts like a page reload
         return self.ui_content()
+
+
+def findPort(engineServer, enginePort):
+    """Function to find the correct port for a given server
+    """
+    # pylint: disable-msg=E0611,F0401
+    sys.path.append('/usr/share/vdsm-reg')
+    import deployUtil  # @UnresolvedImport
+
+    from ovirt_config_setup.engine import \
+        isHostReachable  # @UnresolvedImport
+    from ovirt_config_setup.engine import \
+        TIMEOUT_FIND_HOST_SEC  # @UnresolvedImport
+    from ovirt_config_setup.engine import \
+        compatiblePort  # @UnresolvedImport
+    # pylint: enable-msg=E0611,F0401
+
+    compatPort, sslPort = compatiblePort(enginePort)
+
+    deployUtil.nodeCleanup()
+    if not isHostReachable(host=engineServer,
+                           port=enginePort, ssl=sslPort,
+                           timeout=TIMEOUT_FIND_HOST_SEC):
+        if compatPort is None:
+            # Try one more time with SSL=False
+            if not isHostReachable(host=engineServer,
+                                   port=enginePort, ssl=False,
+                                   timeout=TIMEOUT_FIND_HOST_SEC):
+                msgConn = "Can't connect to @ENGINENAME@ in the " + \
+                          "specific port %s" % enginePort
+                raise RuntimeError(msgConn)
+        else:
+            msgConn = "Can't connect to @ENGINENAME@ port %s," \
+                " trying compatible port %s" % \
+                (enginePort, compatPort)
+
+            #  FIXME logger.debug(msgConn)
+
+            if not isHostReachable(host=engineServer,
+                                   port=compatPort, ssl=sslPort,
+                                   timeout=TIMEOUT_FIND_HOST_SEC):
+                msgConn = "Can't connect to @ENGINENAME@ using" \
+                    " compatible port %s" % compatPort
+                raise RuntimeError(msgConn)
+            else:
+                # compatible port found
+                enginePort = compatPort
+
+    return enginePort
+
+
+def retrieveCetrificate(engineServer, enginePort):
+    """Function to retrieve and store the certificate from an Engine
+    """
+    fingerprint = None
+
+    from ovirtnode.ovirtfunctions import ovirt_store_config
+
+    # pylint: disable-msg=E0611,F0401
+    sys.path.append('/usr/share/vdsm-reg')
+    import deployUtil  # @UnresolvedImport
+    # pylint: enable-msg=E0611,F0401
+
+    if deployUtil.getRhevmCert(engineServer, enginePort):
+        _, _, path = deployUtil.certPaths('')
+        fingerprint = deployUtil.generateFingerPrint(path)
+    else:
+        msgCert = "Failed downloading @ENGINENAME@ certificate"
+        raise RuntimeError(msgCert)
+
+    return path, fingerprint
 
 
 #
@@ -137,27 +233,13 @@
     [('port', '1234'), ('server', 'engine.example.com')]
     """
     keys = ("OVIRT_MANAGEMENT_SERVER",
-            "OVIRT_MANAGEMENT_PORT")
+            "OVIRT_MANAGEMENT_PORT",
+            "OVIRT_MANAGEMENT_CERTIFICATE")
 
     @NodeConfigFileSection.map_and_update_defaults_decorator
-    def update(self, server, port):
+    def update(self, server, port, cert_path):
         (valid.Empty() | valid.FQDNOrIPAddress())(server)
         (valid.Empty() | valid.Port())(port)
-
-    def transaction(self):
-        cfg = dict(self.retrieve())
-        server, port = (cfg["server"], cfg["port"])
-
-        class ConfigureVDSM(utils.Transaction.Element):
-            title = "Setting VDSM server and port"
-
-            def commit(self):
-                self.logger.info("Setting: %s:%s" % (server, port))
-
-        tx = utils.Transaction("Configuring VDSM")
-        tx.append(ConfigureVDSM())
-
-        return tx
 
 
 class SetRootPassword(utils.Transaction.Element):
@@ -179,68 +261,6 @@
 class ActivateVDSM(utils.Transaction.Element):
     title = "Activating VDSM"
 
-    def __init__(self, verify_engine_cert):
-        super(ActivateVDSM, self).__init__()
-        self.vdsm_cfg = VDSM()
-        self.verify_engine_cert = verify_engine_cert
-
-    def prepare(self):
-        """Ping the management server before we try to activate
-        the connection to it
-        """
-        cfg = dict(self.vdsm_cfg.retrieve())
-        self.engineServer = cfg["server"]
-        self.enginePort = cfg["port"]
-        if self.engineServer:
-            newPort = self.__prepare_server(self.engineServer, self.enginePort)
-            self.enginePort = newPort
-
-    def __prepare_server(self, engineServer, enginePort):
-        # pylint: disable-msg=E0611,F0401
-        sys.path.append('/usr/share/vdsm-reg')
-        import deployUtil  # @UnresolvedImport
-
-        from ovirt_config_setup.engine import \
-            isHostReachable  # @UnresolvedImport
-        from ovirt_config_setup.engine import \
-            TIMEOUT_FIND_HOST_SEC  # @UnresolvedImport
-        from ovirt_config_setup.engine import \
-            compatiblePort  # @UnresolvedImport
-        # pylint: enable-msg=E0611,F0401
-
-        compatPort, sslPort = compatiblePort(self.enginePort)
-
-        deployUtil.nodeCleanup()
-        if not isHostReachable(host=engineServer,
-                               port=enginePort, ssl=sslPort,
-                               timeout=TIMEOUT_FIND_HOST_SEC):
-            if compatPort is None:
-                # Try one more time with SSL=False
-                if not isHostReachable(host=engineServer,
-                                       port=enginePort, ssl=False,
-                                       timeout=TIMEOUT_FIND_HOST_SEC):
-                    msgConn = "Can't connect to @ENGINENAME@ in the " + \
-                              "specific port %s" % enginePort
-                    raise RuntimeError(msgConn)
-            else:
-                msgConn = "Can't connect to @ENGINENAME@ port %s," \
-                    " trying compatible port %s" % \
-                    (enginePort, compatPort)
-
-                #  FIXME self.notice(msgConn)
-
-                if not isHostReachable(host=self.engineServer,
-                                       port=compatPort, ssl=sslPort,
-                                       timeout=TIMEOUT_FIND_HOST_SEC):
-                    msgConn = "Can't connect to @ENGINENAME@ using" \
-                        " compatible port %s" % compatPort
-                    raise RuntimeError(msgConn)
-                else:
-                    # compatible port found
-                    enginePort = compatPort
-
-        return enginePort
-
     def commit(self):
         self.logger.info("Connecting to VDSM server")
 
@@ -257,25 +277,12 @@
             write_vdsm_config  # @UnresolvedImport
         # pylint: enable-msg=E0611,F0401
 
-        if self.verify_engine_cert:
-            if deployUtil.getRhevmCert(self.engineServer,
-                                       self.enginePort):
-                _, _, path = deployUtil.certPaths('')
-                #fp = deployUtil.generateFingerPrint(path)
-                #
-                # FIXME
-                #
-                # a) Allow interactive confirmation of key
-                # b) Remind to verify key (with dialog on ui.Page)
-                #
-                ovirt_store_config(path)
-            else:
-                msgCert = "Failed downloading @ENGINENAME@ certificate"
-                raise RuntimeError(msgCert)
+        cfg = VDSM().retrieve()
+
         # Stopping vdsm-reg may fail but its ok - its in the case when the
         # menus are run after installation
         deployUtil._logExec([constants.EXT_SERVICE, 'vdsm-reg', 'stop'])
-        if write_vdsm_config(self.engineServer, self.enginePort):
+        if write_vdsm_config(cfg["server"], cfg["port"]):
             deployUtil._logExec([constants.EXT_SERVICE, 'vdsm-reg',
                                  'start'])
 


--
To view, visit http://gerrit.ovirt.org/11943
To unsubscribe, visit http://gerrit.ovirt.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: Ic0765360f1006bf031f07e209f194e5fd08b0aac
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Fabian Deutsch <fabiand at fedoraproject.org>



More information about the node-patches mailing list