Merge pull request #642 from jschoiRR/mold-main#2025

[Mold API, Agent] Glue 클러스터가 2개 이상인 경우 'rbd map' 실행시 클러스터 구분되도록 반영/가상머신 생성시 네트워크 보안 기능 활성화 여부 글로벌 설정 추가

Author: jschoiRR

api/src/main/java/com/cloud/agent/api/to/NetworkTO.java

@@ -44,6 +44,7 @@ public class NetworkTO {
     protected String ip6Dns1;
     protected String ip6Dns2;
     protected boolean linkState = true;
+    protected boolean nwfilter = false;
 
     public NetworkTO() {
     }
@@ -241,4 +242,11 @@ public void setLinkState(boolean linkState) {
         this.linkState = linkState;
     }
 
+    public boolean getNwfilter() {
+        return nwfilter;
+    }
+
+    public void setNwfilter(boolean nwfilter) {
+        this.nwfilter = nwfilter;
+    }
 }

core/src/main/java/com/cloud/resource/ServerResourceBase.java

@@ -20,6 +20,8 @@
 package com.cloud.resource;
 
 import java.io.File;
+import java.io.FileWriter;
+import java.io.IOException;
 import java.io.PrintWriter;
 import java.io.StringWriter;
 import java.net.NetworkInterface;
@@ -64,6 +66,7 @@ public abstract class ServerResourceBase implements ServerResource {
     protected NetworkInterface storageNic;
     protected NetworkInterface storageNic2;
     protected IAgentControl agentControl;
+    protected static final String DEFAULT_LOCAL_STORAGE_PATH = "/var/lib/libvirt/images/";
 
     @Override
     public String getName() {
@@ -178,27 +181,27 @@ protected Answer listHostDevices() {
         return new ListHostDeviceAnswer(true, hostDevicesText);
     }
 
-    protected Answer createImageRbd(String names, long sizes, String poolPath) {
-        sizes = (sizes * 1024);
-        String cmdout = Script.runSimpleBashScript("rbd -p " + poolPath + " create -s " + sizes + " " + names);
+    protected Answer createImageRbd(String poolUuid, String skey, String authUserName, String host, String names, long sizes, String poolPath) {
+        createRBDSecretKeyFileIfNoExist(poolUuid, DEFAULT_LOCAL_STORAGE_PATH, skey);
+        String cmdout = Script.runSimpleBashScript("rbd -p " + poolPath + " --id " + authUserName + " -m " + host + " -K " + DEFAULT_LOCAL_STORAGE_PATH + poolUuid + " create -s " + (sizes * 1024) + " " + names);
         if (cmdout == null) {
             logger.debug(cmdout);
         }else{
         }
         return new ListRbdObjectsAnswer(true, names);
     }
 
-    protected Answer deleteImageRbd(String name, String poolPath) {
-
-        String cmdout = Script.runSimpleBashScript("rbd -p " + poolPath + " rm " + name);
+    protected Answer deleteImageRbd(String poolUuid, String skey, String authUserName, String host, String name, String poolPath) {
+        createRBDSecretKeyFileIfNoExist(poolUuid, DEFAULT_LOCAL_STORAGE_PATH, skey);
+        String cmdout = Script.runSimpleBashScript("rbd -p " + poolPath + " --id " + authUserName + " -m " + host + " -K " + DEFAULT_LOCAL_STORAGE_PATH + poolUuid + " rm " + name);
         if (cmdout == null) {
             logger.debug(cmdout);
         }else{
         }
         return new ListRbdObjectsAnswer(true, name);
     }
 
-    protected Answer listRbdFilesAtPath(int startIndex, int pageSize, String poolPath, String keyword) {
+    protected Answer listRbdFilesAtPath(String poolUuid, String skey, String authUserName, String host, int startIndex, int pageSize, String poolPath, String keyword) {
         int count = 0;
         List<String> names = new ArrayList<>();
         List<String> paths = new ArrayList<>();
@@ -207,13 +210,15 @@ protected Answer listRbdFilesAtPath(int startIndex, int pageSize, String poolPat
         List<Long> sizes = new ArrayList<>();
         List<Long> modifiedList = new ArrayList<>();
 
+        createRBDSecretKeyFileIfNoExist(poolUuid, DEFAULT_LOCAL_STORAGE_PATH, skey);
+
         Script listCommand = new Script("/bin/bash", logger);
         listCommand.add("-c");
 
         if (keyword != null && !keyword.isEmpty()) {
-            listCommand.add("rbd -p " + poolPath + " ls | grep " + keyword );
+            listCommand.add("rbd ls -p " + poolPath + " --id " + authUserName + " -m " + host + " -K " + DEFAULT_LOCAL_STORAGE_PATH + poolUuid + " | grep " + keyword );
         } else {
-            listCommand.add("rbd -p " + poolPath + " ls");
+            listCommand.add("rbd ls -p " + poolPath + " --id " + authUserName + " -m " + host + " -K " + DEFAULT_LOCAL_STORAGE_PATH + poolUuid);
         }
         OutputInterpreter.AllLinesParser listParser = new OutputInterpreter.AllLinesParser();
         String listResult = listCommand.execute(listParser);
@@ -231,6 +236,9 @@ protected Answer listRbdFilesAtPath(int startIndex, int pageSize, String poolPat
 
                     Script infoCommand = new Script("rbd");
                     infoCommand.add("-p", poolPath);
+                    infoCommand.add("--id", authUserName);
+                    infoCommand.add("-m", host);
+                    infoCommand.add("-K", DEFAULT_LOCAL_STORAGE_PATH + poolUuid);
                     infoCommand.add("info", imageName.trim());
                     OutputInterpreter.AllLinesParser infoParser = new OutputInterpreter.AllLinesParser();
                     String infoResult = infoCommand.execute(infoParser);
@@ -265,49 +273,65 @@ protected Answer listRbdFilesAtPath(int startIndex, int pageSize, String poolPat
         return new ListDataStoreObjectsAnswer(true, count, names, paths, absPaths, isDirs, sizes, modifiedList);
     }
 
+    public void createRBDSecretKeyFileIfNoExist(String uuid, String localPath, String skey) {
+        File file = new File(localPath + File.separator + uuid);
+        try {
+            // 파일이 존재하지 않을 때만 생성
+            if (!file.exists()) {
+                boolean isCreated = file.createNewFile();
+                if (isCreated) {
+                    // 파일 생성 후 내용 작성
+                    FileWriter writer = new FileWriter(file);
+                    writer.write(skey);
+                    writer.close();
+                }
+            }
+        } catch (IOException e) {}
+    }
 
-protected Answer listFilesAtPath(String nfsMountPoint, String relativePath, int startIndex, int pageSize, String keyword) {
-    int count = 0;
-    File file = new File(nfsMountPoint, relativePath);
-    List<String> names = new ArrayList<>();
-    List<String> paths = new ArrayList<>();
-    List<String> absPaths = new ArrayList<>();
-    List<Boolean> isDirs = new ArrayList<>();
-    List<Long> sizes = new ArrayList<>();
-    List<Long> modifiedList = new ArrayList<>();
-    if (file.isFile()) {
-        count = 1;
-        names.add(file.getName());
-        paths.add(file.getPath().replace(nfsMountPoint, ""));
-        absPaths.add(file.getPath());
-        isDirs.add(file.isDirectory());
-        sizes.add(file.length());
-        modifiedList.add(file.lastModified());
-    } else if (file.isDirectory()) {
-        String[] files = file.list();
-        List<String> filteredFiles = new ArrayList<>();
-        if (keyword != null && !"".equals(keyword)) {
-            for (String fileName : files) {
-                if (fileName.contains(keyword)) {
-                    filteredFiles.add(fileName);
+    protected Answer listFilesAtPath(String nfsMountPoint, String relativePath, int startIndex, int pageSize, String keyword) {
+        int count = 0;
+        File file = new File(nfsMountPoint, relativePath);
+        List<String> names = new ArrayList<>();
+        List<String> paths = new ArrayList<>();
+        List<String> absPaths = new ArrayList<>();
+        List<Boolean> isDirs = new ArrayList<>();
+        List<Long> sizes = new ArrayList<>();
+        List<Long> modifiedList = new ArrayList<>();
+        if (file.isFile()) {
+            count = 1;
+            names.add(file.getName());
+            paths.add(file.getPath().replace(nfsMountPoint, ""));
+            absPaths.add(file.getPath());
+            isDirs.add(file.isDirectory());
+            sizes.add(file.length());
+            modifiedList.add(file.lastModified());
+        } else if (file.isDirectory()) {
+            String[] files = file.list();
+            List<String> filteredFiles = new ArrayList<>();
+            if (keyword != null && !"".equals(keyword)) {
+                for (String fileName : files) {
+                    if (fileName.contains(keyword)) {
+                        filteredFiles.add(fileName);
+                    }
                 }
+            } else {
+                filteredFiles.addAll(Arrays.asList(files));
+            }
+            count = filteredFiles.size();
+            for (int i = startIndex; i < startIndex + pageSize && i < count; i++) {
+                File f = new File(nfsMountPoint, relativePath + '/' + filteredFiles.get(i));
+                names.add(f.getName());
+                paths.add(f.getPath().replace(nfsMountPoint, ""));
+                absPaths.add(f.getPath());
+                isDirs.add(f.isDirectory());
+                sizes.add(f.length());
+                modifiedList.add(f.lastModified());
             }
-        } else {
-            filteredFiles.addAll(Arrays.asList(files));
-        }
-        count = filteredFiles.size();
-        for (int i = startIndex; i < startIndex + pageSize && i < count; i++) {
-            File f = new File(nfsMountPoint, relativePath + '/' + filteredFiles.get(i));
-            names.add(f.getName());
-            paths.add(f.getPath().replace(nfsMountPoint, ""));
-            absPaths.add(f.getPath());
-            isDirs.add(f.isDirectory());
-            sizes.add(f.length());
-            modifiedList.add(f.lastModified());
         }
+        return new ListDataStoreObjectsAnswer(file.exists(), count, names, paths, absPaths, isDirs, sizes, modifiedList);
     }
-    return new ListDataStoreObjectsAnswer(file.exists(), count, names, paths, absPaths, isDirs, sizes, modifiedList);
-}
+
     protected Answer listFilesAtPath(String nfsMountPoint, String relativePath, int startIndex, int pageSize) {
         int count = 0;
         File file = new File(nfsMountPoint, relativePath);
@@ -340,6 +364,7 @@ protected Answer listFilesAtPath(String nfsMountPoint, String relativePath, int
         }
         return new ListDataStoreObjectsAnswer(file.exists(), count, names, paths, absPaths, isDirs, sizes, modifiedList);
     }
+
     protected void fillNetworkInformation(final StartupCommand cmd) {
         String[] info = null;
         if (privateNic != null) {

core/src/main/java/org/apache/cloudstack/storage/command/browser/CreateRbdObjectsCommand.java

@@ -20,23 +20,27 @@
 package org.apache.cloudstack.storage.command.browser;
 
 import com.cloud.agent.api.storage.StorageCommand;
+import com.cloud.agent.api.to.DataStoreTO;
 
 public class CreateRbdObjectsCommand extends StorageCommand {
 
-   private String names;
+    private DataStoreTO store;
 
-   private long sizes;
+    private String names;
 
-   private String poolType;
+    private long sizes;
 
-   private String poolPath;
+    private String poolType;
 
-   private String keyword;
+    private String poolPath;
 
-   private Long poolId;
+    private String keyword;
 
-    public CreateRbdObjectsCommand(String names, long sizes) {
+    private Long poolId;
+
+    public CreateRbdObjectsCommand(DataStoreTO store, String names, long sizes) {
         super();
+        this.store = store;
         this.names = names;
         this.sizes = sizes;
     }
@@ -46,6 +50,10 @@ public boolean executeInSequence() {
         return false;
     }
 
+    public DataStoreTO getStore() {
+        return store;
+    }
+
     public String getNames() {
         return names;
     }

core/src/main/java/org/apache/cloudstack/storage/command/browser/DeleteRbdObjectsCommand.java

@@ -20,17 +20,21 @@
 package org.apache.cloudstack.storage.command.browser;
 
 import com.cloud.agent.api.storage.StorageCommand;
+import com.cloud.agent.api.to.DataStoreTO;
 
 public class DeleteRbdObjectsCommand extends StorageCommand {
 
-   private String name;
+    private DataStoreTO store;
 
-   private String poolType;
+    private String name;
 
-   private String poolPath;
+    private String poolType;
 
-    public DeleteRbdObjectsCommand(String name) {
+    private String poolPath;
+
+    public DeleteRbdObjectsCommand(DataStoreTO store, String name) {
         super();
+        this.store = store;
         this.name = name;
     }
 
@@ -39,6 +43,10 @@ public boolean executeInSequence() {
         return false;
     }
 
+    public DataStoreTO getStore() {
+        return store;
+    }
+
     public String getName() {
         return name;
     }

plugins/hypervisors/kvm/src/main/java/com/cloud/hypervisor/kvm/resource/LibvirtComputingResource.java

@@ -21,6 +21,7 @@
 
 import java.io.File;
 import java.io.FileNotFoundException;
+import java.io.FileWriter;
 import java.io.IOException;
 import java.io.StringReader;
 import java.net.InetAddress;
@@ -3768,7 +3769,7 @@ private void createVif(final LibvirtVMDef vm, final VirtualMachineTO vmSpec, fin
             enableOVSDriver = true;
         }
 
-        if (!nic.isSecurityGroupEnabled() && !enableOVSDriver) {
+        if (!nic.isSecurityGroupEnabled() && !enableOVSDriver && nic.getNwfilter()) {
             interfaceDef.setFilterrefFilterTag();
         }
         if (vmSpec.getDetails() != null) {
@@ -5514,23 +5515,28 @@ public Answer listHostDevices(ListHostDeviceCommand command) {
     public Answer listFilesAtPath(ListDataStoreObjectsCommand command) {
         DataStoreTO store = command.getStore();
         if(command.getPoolType().equals("RBD")) {
-            return listRbdFilesAtPath(command.getStartIndex(), command.getPageSize(), command.getPoolPath(), command.getKeyword());
+            KVMStoragePool storagePool = storagePoolManager.getStoragePool(StoragePoolType.RBD, store.getUuid());
+            return listRbdFilesAtPath(storagePool.getUuid(), storagePool.getAuthSecret(), storagePool.getAuthUserName(), storagePool.getSourceHost(), command.getStartIndex(), command.getPageSize(), command.getPoolPath(), command.getKeyword());
         } else {
             KVMStoragePool storagePool = storagePoolManager.getStoragePool(StoragePoolType.NetworkFilesystem, store.getUuid());
             return listFilesAtPath(storagePool.getLocalPath(), command.getPath(), command.getStartIndex(), command.getPageSize(),command.getKeyword());
         }
     }
 
     public Answer createImageRbd(CreateRbdObjectsCommand command) {
+        DataStoreTO store = command.getStore();
         if(command.getPoolType().equals("RBD")) {
-            return createImageRbd(command.getNames(), command.getSizes(), command.getPoolPath());
+            KVMStoragePool storagePool = storagePoolManager.getStoragePool(StoragePoolType.RBD, store.getUuid());
+            return createImageRbd(storagePool.getUuid(), storagePool.getAuthSecret(), storagePool.getAuthUserName(), storagePool.getSourceHost(), command.getNames(), command.getSizes(), command.getPoolPath());
         }
         return null;
     }
 
     public Answer deleteImageRbd(DeleteRbdObjectsCommand command) {
+        DataStoreTO store = command.getStore();
         if(command.getPoolType().equals("RBD")) {
-            return deleteImageRbd(command.getName(), command.getPoolPath());
+            KVMStoragePool storagePool = storagePoolManager.getStoragePool(StoragePoolType.RBD, store.getUuid());
+            return deleteImageRbd(storagePool.getUuid(), storagePool.getAuthSecret(), storagePool.getAuthUserName(), storagePool.getSourceHost(),command.getName(), command.getPoolPath());
         }
         return null;
     }
@@ -5754,8 +5760,9 @@ public String mapRbdDevice(final KVMPhysicalDisk disk, boolean kvdoEnable){
         final String[] splitPoolImage = disk.getPath().split("/");
         String device = Script.runSimpleBashScript("rbd showmapped | grep \""+splitPoolImage[0]+"[ ]*"+splitPoolImage[1]+"\" | grep -o \"[^ ]*[ ]*$\"");
         if(device == null) {
+            createRBDSecretKeyFileIfNoExist(pool.getUuid(), DEFAULT_LOCAL_STORAGE_PATH, pool.getAuthSecret());
             //If not mapped, map and return mapped device
-            Script.runSimpleBashScript("rbd map " + disk.getPath() + " --id " + pool.getAuthUserName());
+            Script.runSimpleBashScript("rbd map " + disk.getPath() + " -m " + pool.getSourceHost() + " --id " + pool.getAuthUserName() +" -K " + DEFAULT_LOCAL_STORAGE_PATH + pool.getUuid());
             device = Script.runSimpleBashScript("rbd showmapped | grep \""+splitPoolImage[0]+"[ ]*"+splitPoolImage[1]+"\" | grep -o \"[^ ]*[ ]*$\"");
         }
         if(kvdoEnable){
@@ -5767,7 +5774,6 @@ public String mapRbdDevice(final KVMPhysicalDisk disk, boolean kvdoEnable){
                 logger.info("createKvdoCmdLine Action Error : "+e);
             }
         }
-
         return device;
     }
 
@@ -5788,7 +5794,9 @@ public String unmapRbdDevice(final KVMPhysicalDisk disk, boolean kvdoEnable){
                     logger.info("unmapRbdDevice Action error : "+e);
                 }
             }
-            Script.runSimpleBashScript("rbd unmap " + disk.getPath() + " --id " + pool.getAuthUserName());
+            createRBDSecretKeyFileIfNoExist(pool.getUuid(), DEFAULT_LOCAL_STORAGE_PATH, pool.getAuthSecret());
+
+            Script.runSimpleBashScript("rbd unmap " + disk.getPath() + " -m " + pool.getSourceHost() + " --id " + pool.getAuthUserName() +" -K " + DEFAULT_LOCAL_STORAGE_PATH + pool.getUuid());
             device = Script.runSimpleBashScript("rbd showmapped | grep \""+splitPoolImage[0]+"[ ]*"+splitPoolImage[1]+"\" | grep -o \"[^ ]*[ ]*$\"");
         }
         return device;
@@ -6251,4 +6259,20 @@ public static String convertDiskPathToUuid(String diskPath) {
         }
         return uuid;
     }
+
+    public void createRBDSecretKeyFileIfNoExist(String uuid, String localPath, String skey) {
+        File file = new File(localPath + File.separator + uuid);
+        try {
+            // 파일이 존재하지 않을 때만 생성
+            if (!file.exists()) {
+                boolean isCreated = file.createNewFile();
+                if (isCreated) {
+                    // 파일 생성 후 내용 작성
+                    FileWriter writer = new FileWriter(file);
+                    writer.write(skey);
+                    writer.close();
+                }
+            }
+        } catch (IOException e) {}
+    }
 }