Commit 61dac5d1 by Dudás Ádám

Merge branch 'master' of ssh://giccero.cloud.ik.bme.hu/cloud

Conflicts:
	firewall/fw.py
parents 3cf01a3e e21437b1
......@@ -179,7 +179,13 @@ AUTH_PROFILE_MODULE = 'school.Person'
import djcelery
djcelery.setup_loader()
BROKER_URL = 'django://'
BROKER_URL = 'amqp://nyuszi:teszt@localhost:5672/django'
CELERY_ROUTES = {
'firewall.tasks.ReloadTask': {'queue': 'local'},
'firewall.tasks.reload_dns_task': {'queue': 'dns'},
'firewall.tasks.reload_firewall_task': {'queue': 'firewall'},
'firewall.tasks.reload_dhcp_task': {'queue': 'dhcp'},
}
store_settings = {
"basic_auth": "True",
......
......@@ -315,6 +315,12 @@ class firewall:
process.communicate('\n'.join(self.RULES) + '\n' +
'\n'.join(self.RULES_NAT) + '\n')
def get(self):
if self.IPV6:
return { 'filter': self.SZABALYOK, }
else:
return { 'filter': self.SZABALYOK, 'nat':self.SZABALYOK_NAT }
def show(self):
if self.IPV6:
return '\n'.join(self.RULES) + '\n'
......@@ -420,6 +426,7 @@ def dns():
{'fqdn': d['name'], 'mx': mx[1], 'dist': mx[0],
'ttl': d['ttl']})
return DNS
process = subprocess.Popen(['/usr/bin/ssh', 'tinydns@%s' %
settings['dns_hostname']], shell=False, stdin=subprocess.PIPE)
process.communicate("\n".join(DNS)+"\n")
......@@ -484,6 +491,7 @@ def dhcp():
'ipv4': i_host.ipv4,
})
return DHCP
process = subprocess.Popen(['/usr/bin/ssh', 'fw2',
'cat > /tools/dhcp3/dhcpd.conf.generated;'
'sudo /etc/init.d/isc-dhcp-server restart'], shell=False,
......
......@@ -9,6 +9,7 @@ from south.modelsinspector import add_introspection_rules
from django.core.validators import MinValueValidator, MaxValueValidator
from cloud.settings import firewall_settings as settings
from django.utils.ipv6 import is_valid_ipv6_address
from django.db.models.signals import post_save
import re
class Rule(models.Model):
......@@ -270,4 +271,16 @@ class Record(models.Model):
return retval
def send_task(sender, instance, created, **kwargs):
from firewall.tasks import ReloadTask
ReloadTask.apply_async(args=[sender.__name__])
post_save.connect(send_task, sender=Host)
post_save.connect(send_task, sender=Rule)
post_save.connect(send_task, sender=Domain)
post_save.connect(send_task, sender=Record)
post_save.connect(send_task, sender=Vlan)
post_save.connect(send_task, sender=Firewall)
post_save.connect(send_task, sender=Group)
post_save.connect(send_task, sender=Host)
from celery.task import Task, PeriodicTask
import celery
from django.core.cache import cache
import os
import time
from firewall.fw import *
from cloud.settings import firewall_settings as settings
def reload_firewall_lock():
acquire_lock = lambda: cache.add("reload_lock1", "true", 9)
if acquire_lock():
print "megszereztem"
ReloadTask.delay()
else:
print "nem szereztem meg"
@celery.task
def reload_dns_task(data):
pass
@celery.task
def reload_firewall_task(data4, data6):
pass
@celery.task
def reload_dhcp_task(data):
pass
class ReloadTask(Task):
def run(self, **kwargs):
acquire_lock = lambda: cache.add("reload_lock1", "true", 90)
release_lock = lambda: cache.delete("reload_lock1")
def run(self, type):
if type in ["Host", "Records", "Domain", "Vlan"]:
lock = lambda: cache.add("dns_lock", "true", 9)
if lock():
reload_dns_task.delay(dns())
if not acquire_lock():
print "mar folyamatban van egy reload"
return
if type == "Host":
lock = lambda: cache.add("dhcp_lock", "true", 9)
if lock():
reload_dhcp_task.delay(dhcp())
print "indul"
try:
sleep = float(settings['reload_sleep'])
except:
sleep = 10
time.sleep(sleep)
if type in ["Host", "Rule", "Firewall"]:
lock = lambda: cache.add("firewall_lock", "true", 9)
if lock():
ipv4 = firewall().get()
ipv6 = firewall(True).get()
reload_firewall_task.delay(ipv4, ipv6)
try:
print "ipv4"
ipv4 = firewall()
ipv4.reload()
# print ipv4.show()
print "ipv6"
ipv6 = firewall(True)
ipv6.reload()
print "dns"
dns()
print "dhcp"
dhcp()
print "vege"
except:
raise
print "nem sikerult :("
print type
print "leall"
release_lock()
......@@ -8,7 +8,6 @@ from django.db.models.signals import post_save
from django import forms
from django.utils.translation import ugettext_lazy as _
from firewall.models import Host, Rule, Vlan
from firewall.tasks import reload_firewall_lock
from one.util import keygen
from school.models import Person, Group
from datetime import timedelta as td
......@@ -531,7 +530,6 @@ class Instance(models.Model):
host.add_port("tcp", inst.get_port(), {"rdp": 3389, "nx": 22, "ssh": 22}[inst.template.access_type])
inst.firewall_host=host
inst.save()
reload_firewall_lock()
return inst
"""
......@@ -549,7 +547,6 @@ class Instance(models.Model):
self.firewall_host = None
self.save()
h.delete()
reload_firewall_lock()
def _update_vm(self, template):
out = ""
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or sign in to comment