1
0
mirror of https://github.com/OpenNebula/one.git synced 2024-12-23 17:33:56 +03:00
Commit Graph

121 Commits

Author SHA1 Message Date
Petr Ospalý
5d7ae36c68
F OpenNebula/one#5178: Add time to supervisord log (#635)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2021-01-13 19:09:49 +01:00
Vlastimil Holer
0026fa2b14
F #5217: Unify package names (#617) 2021-01-11 21:12:28 +01:00
Petr Ospalý
10fa7ca4ce
F OpenNebula/one#5178: Add onedb upgrade (#606)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2021-01-11 10:06:14 +01:00
Petr Ospalý
fce39e1493
F OpenNebula/one#5178: Ignore logrotate's failure (#585)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2021-01-05 12:57:28 +01:00
Petr Ospalý
36e6cbe546
F OpenNebula/one#5178: Add logrotate to supervisor (#579)
Enforce logrotate before the start of any opennebula's supervisor
service - as is done similarly in the systemd services.

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-12-21 18:56:40 +01:00
Vlastimil Holer
4682a50a31
F #5214 #5075: Fix canonical ip path on Debian-like (#576) 2020-12-20 22:49:54 +01:00
Petr Ospalý
5d066ea8f4
F OpenNebula/one#5178: Add optional configs (#574)
Each supervisord service (where missing or usable) can use its own
config file which will be sourced. Thanks to this services do not rely
on properly populated environment with all needed variables.

Useful when supervisord is run like this:
% env -i /usr/bin/supervisord

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-12-18 13:12:29 +01:00
Jan Orel
96068ef185
F #5214 #5075: New provision templates.
* Public IP no longer uses NAT'ing
* Improved handle of host collections and indexes
* Update of ansible roles and playbooks

Co-authored-by: Ruben S. Montero <rsmontero@opennebula.org>
2020-12-15 10:07:06 +01:00
Petr Ospalý
bb0b4aa526
B OpenNebula/one#5086: Add fuse support (#541)
This commit solves issues with creating new VM images based on the
docker images inside a container environment.

If fuse2fs command is present then prefer its use instead of the default
mount command which will work only under root or otherwise privileged
user.

This commit solves the mounting issue inside the rootless container
environment.

Also add a new environment file to the oned supervisord service so we
can start oned process with some additional env. variables - notably
DOCKER_HOST.

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-12-10 17:30:27 +01:00
Petr Ospalý
4d9a0fd5fc
B #5189: Remove oned's stale lock in supervisord (#522)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-12-04 10:54:54 +01:00
Petr Ospalý
2edcdae638
F OpenNebula/one#5178: Add docker services (#511)
- New supervisord service containerd
- New supervisord service docker
- Small fix in function.sh to pick up also socket files

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-12-02 15:25:49 +01:00
Petr Ospalý
ff2cb0ab6d
B #5189: Add stopwaitsecs to supervisord services (#496)
By default supervisord waits only 10s before it sends SIGKILL to its
services. This commit raises this limit to 90s in all services -
matching the default in systemd (DefaultTimeoutStopSec).

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-12-01 09:58:49 +01:00
Petr Ospalý
c65a119a2e
F OpenNebula/one#5178: Add stunnel service (#481)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-11-26 17:21:38 +01:00
Vlastimil Holer
5358eeba7a
F #5178: Fix +x permissions to supervisord scripts (#422) 2020-11-13 19:44:47 +01:00
Petr Ospalý
96aab61096
M #-: Fix paths and locations for fireedge/guacd (#411)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-11-11 18:35:00 +01:00
Petr Ospalý
fa22e988b0
M #-: Add supervisord services fireedge, guacd (#389)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-11-06 11:43:18 +01:00
Vlastimil Holer
16f5499fd6
F #3951: Systemd service opennebula-guacd (#376) 2020-10-29 16:13:06 +01:00
Vlastimil Holer
6311392a0b
F OpenNebula/one#3951: FireEdge package-lock.json, service (#333) 2020-10-19 19:02:02 +02:00
Tino Vazquez
f5a78e9b9c
F #3951: Add fireedge logrotate 2020-10-01 18:51:16 +02:00
Petr Ospalý
6fb4b2acd2
M #-: Add supervisord services definition (#269)
* M #-: Add supervisord services definition

Currently only for CentOS 8 but there should be needed only few changes
to make it work on other systems: crond, apache/httpd, mysql/mariadb...

The rest is pretty much system agnostic.

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>

* M #-: Adjust supervisor directories

Co-authored-by: Vlastimil Holer <vholer@opennebula.io>
2020-09-30 17:27:20 +02:00
Vlastimil Holer
7a837b081f
B #4939: Schedule ssh-socks-cleaner by OnCalendar (#32) 2020-06-22 15:21:57 +02:00
Vlastimil Holer
830045e17e
F #1473: Conditional service with SELinux workaround (#4871) 2020-06-03 13:39:24 +02:00
Petr Ospalý
365d1955ff
F #865: Add oneshowback compute timer
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-05-22 03:00:32 +02:00
Christian González
6e5ffdeb24
F #4089: add CPU limitations 2020-05-19 14:55:53 +02:00
Christian González
acf6454c6e
F #4089: Improve DockerHub integration (#4688)
Add LINK attribute to marketapps
lint marketplace
2020-05-18 02:54:11 +02:00
Petr Ospalý
a96de2f14a
F #1473: Update SSH config and sockets (#4733)
* F #1473: Update SSH config and sockets

- install files via install.sh script
- replace crontab with systemd timer
- update opennebula.service dependency
- move ssh master sockets from ~oneadmin to /run/one/ssh-socks
- modify ssh wrapper to not use external programs but only bash builtins
- update ssh configs

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>

* F #1473: Update SSH config and sockets

* F #1473: Update SSH config and sockets

* F #1473: Update SSH wrapper

- rename SSH_USE_MASTER_SOCK to SSH_OPT_CONTROL_MASTER
- change the logic of this directive to be a value of the SSH
  'ControlMaster' option (default is 'auto')
- delete the SSH_USE_MASTER_SOCK from opennebula.service (not needed
  anymore)

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>

Co-authored-by: Vlastimil Holer <vholer@opennebula.io>
2020-05-15 18:51:04 +02:00
Petr Ospalý
523eff2a77
F #1473: Fix SSH persistent connections (#4724)
- add ssh wrapper which is used only on the fronted
- disable SSH master socket on the nodes
- add new PATH and SSH_USE_MASTER_SOCK into opennebula.service

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-05-13 21:34:38 +02:00
Petr Ospalý
51d6d2a99d
F #1473: Fix and improve SSH config (#4713)
- workaround issues with persistent connections
- add new cronjob

Co-authored-by: Vlastimil Holer <vholer@opennebula.io>
2020-05-12 18:37:23 +02:00
Petr Ospalý
448beb80fc
F #1473: Add oneadmin's SSH config (#4668)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>

Co-authored-by: Vlastimil Holer <vholer@opennebula.io>
2020-05-11 19:05:34 +02:00
Vlastimil Holer
4c77119fce
M #-: Restrict sudo ip usage (#4689)
Co-authored-by: Jan Orel <jorel@opennebula.systems>
2020-05-11 19:03:23 +02:00
Petr Ospalý
59426dd8fd
F #2152: Improve SSH agent service unit (#4627)
- change /run/one to /var/run/one - /run/one is either bind-mount or
  symlink and can be changed while /var/run/one is configured via
  tmpfiles.d/opennebula*.conf - it is more consistent now
- add a dependency to SSH agent unit for remote-fs in the cases when
  /var/lib/one (oneadmin's home) is on a network filesystem
- add SSH agent support to opennebula-hem service

Signed-off-by: Petr Ospalý <pospaly@opennebula.io>
2020-04-29 14:59:46 +02:00
Vlastimil Holer
1e0b6d2aa9
F #2152: Add OpenNebula SSH agent support (#4597)
Signed-off-by: Petr Ospalý <pospaly@opennebula.io>

Co-authored-by: Petr Ospalý <pospaly@opennebula.io>
2020-04-23 19:37:27 +02:00
Vlastimil Holer
3a1fb4a884
B #4557: Logrotates don't touch global defaults (#4592) 2020-04-23 14:06:57 +02:00
Vlastimil Holer
f6aeb26936
M #-: Independent LXD sudoers (#4576) 2020-04-21 18:03:44 +02:00
Vlastimil Holer
424ab046b7
M #-: Use non-interactive sudo, fix arping path on Debians (#4555)
* M #-: Force all sudo usage as non-interactive
* M #-: Fix sudoers arping path on Debian-like systems
2020-04-17 19:26:31 +02:00
Christian González
cbd3bda137
M #: remove useless file (#4515) 2020-04-13 16:19:46 +02:00
Ruben S. Montero
5cc301f482
Revert "B #-: Switch to KillMode=mixed (#4486)"
This reverts commit 1b90cb10f3.
2020-04-08 17:25:36 +02:00
Jan Orel
1b90cb10f3
B #-: Switch to KillMode=mixed (#4486) 2020-04-08 10:46:12 +02:00
Christian González
e137d98d34
F #4089: add changes to integrate with packages (#4480)
* F #4089: Add install-firecracker script

* F #4089: Update clean script path
2020-04-03 14:31:13 +02:00
Christian González
544c1ecfcd
F #4089: Firecracker node packages (#4412) 2020-03-27 11:18:18 +01:00
Jorge Lobo
c92db8e024 B #3268: Fix error disable support tab (#3907)
Signed-off-by: Jorge Lobo <jlobo@opennebula.systems>
2019-11-04 18:44:58 +01:00
Vlastimil Holer
8b7e661327 B #3046: Enable HA HEM server control and IP cmd (#3816) 2019-10-07 10:02:08 +02:00
Vlastimil Holer
cf0d1465df B #3046: Review sudoers (#3786) 2019-09-30 15:15:42 +02:00
Vlastimil Holer
4b4edb6460 B #3183: Service restart window (#3723)
Lower restart window from 300 to 60 seconds for existing services
opennebula and openenbula-scheduler, set same restart mechanism
to the rest of services.
2019-09-18 10:05:16 +02:00
Christian González
af1ec56a16
F #3380: Retry hem execution. Better hook management start process
(cherry picked from commit cb6ecaa8bebf4c8e2323ac35a5ff601f29b97c37)
(cherry picked from commit b8351898fc212065dc1abff14be531db5442cd82)
2019-09-09 16:59:51 +02:00
Ruben S. Montero
6143dd95ce
F #3380: New Hook system. Drivers, oned and command line tool
Co-authored-by: Christian González <cgonzalez@opennebula.systems>
2019-09-09 14:47:42 +02:00
Jan Orel
2373c255b4 F #3613: Replace brctl by iproute2 (#3646) 2019-09-04 13:31:39 +02:00
Vlastimil Holer
8ee034065a F #2531: Add platform sudoers, drop invalid RUBY_LIB_LOCATION (#2731) 2018-12-17 15:23:19 +01:00
kazh000
d4558b94c2 Driver fs_lvm. method resize has been implemented (#1917)
* Driver fs_lvm. method resize has been implemented

* Year bump, update sudo_commands.rb with lvextend
2018-06-20 11:15:05 +02:00
Vlastimil Holer
99536208e5 B #2009: Systemd service too aggressive with restart on failure (#2011) 2018-04-23 18:39:51 +02:00