Ovirt devel - Apr 2008 - [PATCH] get rid of dhcp-hooks and use DNS SRV records

Remove use of dhcp options for communicating the location of services to the
    managed node.  Instead this is done using DNS SRV records.  dhcp exit hooks
    are only used for setting step-tickers now.  The managed node moves most
    of what was in exit hooks to a new init script called ovirt.  The devel
    wui setup now adds the DNS SRV records to the default DNS zone file.
    
    Signed-off-by: Perry Myers <pmyers at redhat.com>

diff --git a/ovirt-host-creator/common-pkgs.ks
b/ovirt-host-creator/common-pkgs.ks
index 62d47dc..196373a 100644
--- a/ovirt-host-creator/common-pkgs.ks
+++ b/ovirt-host-creator/common-pkgs.ks
@@ -21,6 +21,7 @@ cyrus-sasl-lib
 collectd
 tftp
 nc
+bind-utils
 -policycoreutils
 -audit-libs-python
 -hdparm
diff --git a/ovirt-host-creator/common-post.ks
b/ovirt-host-creator/common-post.ks
index 6ebfe2c..146889a 100644
--- a/ovirt-host-creator/common-post.ks
+++ b/ovirt-host-creator/common-post.ks
@@ -26,18 +26,6 @@ cat > /etc/init.d/ovirt-early << \EOF
 
 start() {
 
-dhcp_options='subnet-mask
-broadcast-address
-time-offset
-routers
-domain-name
-domain-name-servers
-host-name
-nis-domain
-nis-servers
-ntp-servers
-libvirt-auth-method'
-
         # find all of the ethernet devices in the system
         ETHDEVS=$(cd /sys/class/net && ls -d eth*)
         for eth in $ETHDEVS; do
@@ -46,8 +34,6 @@ libvirt-auth-method'
              > /etc/sysconfig/network-scripts/ifcfg-$eth
             echo -e
"DEVICE=$BRIDGE\nBOOTPROTO=dhcp\nONBOOT=yes\nTYPE=Bridge\nPEERNTP=yes"
\
              > /etc/sysconfig/network-scripts/ifcfg-$BRIDGE
-           printf 'DHCLIENTARGS="-R %s"\n' $(printf
"$dhcp_options"|tr '\n' ,)\
-             >> /etc/sysconfig/network-scripts/ifcfg-$BRIDGE
         done
 
         # find all of the partitions on the system
@@ -75,24 +61,12 @@ libvirt-auth-method'
         done
 }
 
-stop() {
-        # nothing to do
-        return
-}
-
 case "$1" in
   start)
         start
         ;;
-  stop)
-        stop
-        ;;
-  restart)
-        stop
-        start
-        ;;
   *)
-        echo "Usage: ovirt-early {start|stop|restart}"
+        echo "Usage: ovirt-early {start}"
         exit 2
 esac
 EOF
@@ -103,40 +77,7 @@ chmod +x /etc/init.d/ovirt-early
 # just to get a boot warning to shut up
 touch /etc/resolv.conf
 
-echo "Setting up dhclient"
-cat > /etc/dhclient.conf << EOF
-option libvirt-auth-method code 202 = text;
-EOF
-
-# NOTE that libvirt_auth_method is handled in the exit-hooks
 cat > /etc/dhclient-exit-hooks << \EOF
-if [ -n "$new_libvirt_auth_method" ]; then
-    METHOD=`echo $new_libvirt_auth_method | cut -d':' -f1`
-    SERVER=`echo $new_libvirt_auth_method | cut -d':' -f2-`
-    IP=`echo $new_libvirt_auth_method | cut -d':' -f2 | cut
-d'/' -f1`
-    if [ $METHOD = "krb5" ]; then
-        mkdir -p /etc/libvirt
-        # here, we wait for the "host-keyadd" service to finish
adding our
-        # keytab and returning to us; note that we will try 5 times and
-        # then give up
-        tries=0
-        while [ "$VAL" != "SUCCESS" -a $tries -lt 5 ]; do
-            VAL=`echo "KERB" | /usr/bin/nc $IP 6666`
-            if [ "$VAL" == "SUCCESS" ]; then
-                break
-            fi
-            tries=$(( $tries + 1 ))
-            sleep 1
-        done
-        if [ ! -r /etc/libvirt/krb5.tab ]; then
-            /usr/bin/wget -q http://$SERVER/$new_ip_address-libvirt.tab -O
/etc/libvirt/krb5.tab
-        fi
-        if [ ! -r /etc/krb5.conf ]; then
-            rm -f /etc/krb5.conf ; /usr/bin/wget -q http://$SERVER/krb5.ini -O
/etc/krb5.conf
-        fi
-    fi
-fi
-
 if [ -n "$new_ntp_servers" ]; then
     for ntp_server in $new_ntp_servers; do
         echo "$ntp_server" >> /etc/ntp/step-tickers
@@ -145,6 +86,77 @@ fi
 EOF
 chmod +x /etc/dhclient-exit-hooks
 
+echo "Writing ovirt init script"
+# ovirt startup script to do krb init
+cat > /etc/init.d/ovirt << \EOF
+#!/bin/bash
+#
+# ovirt Start ovirt services
+#
+# chkconfig: 3 11 99
+# description: ovirt services
+#
+
+# Source functions library
+. /etc/init.d/functions
+
+start() {
+    echo -n $"Starting ovirt: "
+    IPA=$(/usr/bin/dig +short -t srv _ipa._tcp.$(/bin/dnsdomainname))
+    HOST=$(echo $IPA | head -1 | awk '{print $4}')
+    PORT=$(echo $IPA | head -1 | awk '{print $3}')
+
+    mkdir -p /etc/libvirt
+    # here, we wait for the "host-keyadd" service to finish adding
our
+    # keytab and returning to us; note that we will try 5 times and
+    # then give up
+    tries=0
+    while [ "$VAL" != "SUCCESS" -a $tries -lt 5 ]; do
+        VAL=`echo "KERB" | /usr/bin/nc $HOST 6666`
+        if [ "$VAL" == "SUCCESS" ]; then
+            break
+        fi
+        tries=$(( $tries + 1 ))
+        sleep 1
+        echo -n "."
+    done
+
+    if [ "$VAL" != "SUCCESS" ]; then
+        echo -n "Failed generating keytab" ; failure ; echo ; exit 1
+    fi
+
+    if [ ! -s /etc/libvirt/krb5.tab ]; then
+        /usr/bin/wget -q http://$HOST:$PORT/config/$(/bin/hostname
-i)-libvirt.tab -O /etc/libvirt/krb5.tab
+        if [ $? -ne 0 ]; then
+            echo -n "Failed getting keytab" ; failure ; echo ; exit 1
+        fi
+    fi
+
+    if [ ! -s /etc/krb5.conf ]; then
+        rm -f /etc/krb5.conf
+        /usr/bin/wget -q http://$HOST:$PORT/config/krb5.ini -O /etc/krb5.conf
+        if [ "$?" -ne 0 ]; then
+            echo "Failed getting krb5.conf" ; failure ; echo ; exit 1
+        fi
+    fi
+
+    success
+    echo
+}
+
+case "$1" in
+  start)
+    start
+    ;;
+  *)
+    echo "Usage: ovirt {start}"
+    exit 2
+esac
+EOF
+
+chmod +x /etc/init.d/ovirt
+/sbin/chkconfig ovirt on
+
 echo "Setting up libvirt interfaces"
 # make libvirtd listen on the external interfaces
 sed -i -e 's/^#\(LIBVIRTD_ARGS="--listen"\).*/\1/'
/etc/sysconfig/libvirtd
diff --git a/wui-appliance/devel-post.ks b/wui-appliance/devel-post.ks
index e1c7433..86c456a 100644
--- a/wui-appliance/devel-post.ks
+++ b/wui-appliance/devel-post.ks
@@ -23,15 +23,12 @@ allow bootp;
 ddns-update-style interim;
 ignore client-updates;
 
-option libvirt-auth-method code 202 = text;
-
 subnet 192.168.50.0 netmask 255.255.255.0 {
         option domain-name "priv.ovirt.org";
         option domain-name-servers 192.168.50.2;
         option ntp-servers 192.168.50.2;
         next-server 192.168.50.2;
         option routers 192.168.50.1;
-        option libvirt-auth-method "krb5:192.168.50.2:8089/config";
         filename "pxelinux.0";
         host node3 {
                 fixed-address 192.168.50.3;
@@ -114,6 +111,9 @@ management      IN      A       192.168.50.2
 node3           IN      A       192.168.50.3
 node4           IN      A       192.168.50.4
 node5           IN      A       192.168.50.5
+_ovirt._tcp     IN      SRV     0 0 80 management
+_ipa._tcp       IN      SRV     0 0 8089 management
+_ldap._tcp      IN      SRV     0 0 389 management
 EOF
 
 cat > /var/named/chroot/var/named/50.168.192.in-addr.arpa.zone << \EOF

Perry N. Myers wrote:
>     Remove use of dhcp options for communicating the location of services
to the
>     managed node.  Instead this is done using DNS SRV records.  dhcp exit
hooks
>     are only used for setting step-tickers now.  The managed node moves
most
>     of what was in exit hooks to a new init script called ovirt.  The devel
>     wui setup now adds the DNS SRV records to the default DNS zone file.
>     
>     Signed-off-by: Perry Myers <pmyers at redhat.com>
<snip>
> +start() {
> +    echo -n $"Starting ovirt: "
> +    IPA=$(/usr/bin/dig +short -t srv _ipa._tcp.$(/bin/dnsdomainname))
> +    HOST=$(echo $IPA | head -1 | awk '{print $4}')
> +    PORT=$(echo $IPA | head -1 | awk '{print $3}')
> +
> +    mkdir -p /etc/libvirt
I don't think we need this; the libvirt package should own /etc/libvirt, so
I'm
pretty sure this will always exist.

Otherwise, this patch looks pretty good.  We don't seem to use _ovirt._tcp
DNS
SRV record yet, but we probably will for monitoring in the near future, so leave
it.

ACK

Chris Lalancette