Merge pull request #13878 from Security-Onion-Solutions/vlb2

vlb2

pillar/top.sls

@@ -69,6 +69,8 @@ base:
     - kafka.soc_kafka
     - kafka.adv_kafka
     - hypervisor.nodes
+    - hypervisor.soc_hypervisor
+    - hypervisor.adv_hypervisor
     - stig.soc_stig
 
   '*_sensor':

salt/_modules/qcow2.py

@@ -34,7 +34,7 @@ def modify_network_config(image, interface, mode, ip4=None, gw4=None, dns4=None,
 
     .. code-block:: bash
 
-        salt '*' qcow2.modify_network_config image='/path/to/image.qcow2' interface='eth0' mode='static4' ip4='192.168.1.10/24' gw4='192.168.1.1' dns4='8.8.8.8,8.8.4.4' search4='example.local'
+        salt '*' qcow2.modify_network_config image='/path/to/image.qcow2' interface='eth0' mode='static4' ip4='192.168.1.10/24' gw4='192.168.1.1' dns4='192.168.1.1,8.8.8.8' search4='example.local'
 
     '''
 

salt/hypervisor/defaults.yaml

@@ -0,0 +1,62 @@
+hypervisor:
+  nodes: []
+  model1:
+    hardware:
+      cpu:
+        total: 128
+        free: 128
+      memory:
+        total: 128
+        free: 128
+      disks:
+        free:
+          3: pci_0000_c7_00_0
+          4: pci_0000_c8_00_0
+        claimed:
+          1: pci_0000_c5_00_0
+          2: pci_0000_c6_00_0
+      copper:
+        free:
+          1: pci_0000_c4_00_0
+          2: pci_0000_c4_00_1
+          3: pci_0000_c4_00_2
+          4: pci_0000_c4_00_3
+        claimed: {}
+      sfp:
+        free:
+          5: pci_0000_41_00_0
+          6: pci_0000_41_00_1
+        claimed: {}
+  model2:
+    hardware:
+      cpu:
+        total: 128
+        free: 128
+      memory:
+        total: 512
+        free: 512
+      disks:
+        free:
+          3: pci_0000_c8_00_0
+          4: pci_0000_c9_00_0
+          5: pci_0000_c10_00_0
+          6: pci_0000_c11_00_0
+        claimed:
+          1: pci_0000_c6_00_0
+          2: pci_0000_c7_00_0
+      copper:
+        free:
+          1: pci_0000_c4_00_0
+          2: pci_0000_c4_00_1
+          3: pci_0000_c4_00_2
+          4: pci_0000_c4_00_3
+          5: pci_0000_c5_00_0
+          6: pci_0000_c5_00_1
+          7: pci_0000_c5_00_2
+          8: pci_0000_c5_00_3
+        claimed: {}
+      sfp:
+        free:
+          9: pci_0000_41_00_0
+          10: pci_0000_41_00_1
+        claimed: {}

salt/hypervisor/soc_hypervisor.yaml

@@ -1,35 +1,15 @@
+# This is the start of an example of what this file will look like. It will be generated by Salt, so this yaml file is not used by Salt.
 hypervisor:
   hosts:
-    defaultHost:
-      add_guest:
-        description: List of hypervisor nodes.
-        forcedType: "[]string"
-        global: True
-        multiline: True
-      guests:
-        defaultGuest:
-          copper:
-            description: Copper nics
-            forcedType: "[]int"
-            global: True
-            multiline: True
-          sfp:
-            description: sfp nics
-            forcedType: "[]int"
-            global: True
-            multiline: True
-          disks:
-            description: disk
-            forcedType: "[]int"
-            global: True
-            multiline: True
-          cpu:
-            description: cpu
-            forcedType: int
-            global: True
-            multiline: True
-          memory:
-            description: mem
-            forcedType: int
-            global: True
-            multiline: True
+    jpphype1:
+      add_searchnode:
+        description: Add a new searchnode to the hypervisor.
+        file: true
+        global: true
+        multiline: true
+      add_sensor:
+        description: Add a new sensor to the hypervisor.
+        file: true
+        global: true
+        multiline: true
+      guests: {}

salt/hypervisor/tools/sbin/so-kvm-modify-hardware

@@ -101,6 +101,14 @@ def redefine_vm(conn, new_xml_desc, logger):
         sys.exit(1)
 
 def main():
+    # Set up logging using the so_logging_utils library
+    logger = setup_logging(
+        logger_name='so-kvm-modify-hardware',
+        log_file_path='/opt/so/log/hypervisor/so-kvm-modify-hardware.log',
+        log_level=logging.INFO,
+        format_str='%(asctime)s - %(levelname)s - %(message)s'
+    )
+
     try:
         args = parse_arguments()
 
@@ -110,14 +118,6 @@ def main():
         pci_id = args.pci
         start_vm_flag = args.start
 
-        # Set up logging using the so_logging_utils library
-        logger = setup_logging(
-            logger_name='so-kvm-modify-hardware',
-            log_file_path='/opt/so/log/hypervisor/so-kvm-modify-hardware.log',
-            log_level=logging.INFO,
-            format_str='%(asctime)s - %(levelname)s - %(message)s'
-        )
-
         # Connect to libvirt
         try:
             conn = libvirt.open(None)

salt/hypervisor/tools/sbin/so-qcow2-modify-network

@@ -12,9 +12,9 @@ Usage:
     python so-qcow2-modify-network.py -I <qcow2_image_path> -i <interface> (--dhcp4 | --static4 --ip4 <ip_address> --gw4 <gateway>) [--dns4 <dns_servers>] [--search4 <search_domain>]
 
 Examples:
-    python so-qcow2-modify-network.py -I path_to_image -i eth0 --static4 --ip4 192.168.1.10/24 --gw4 192.168.1.1 --dns4 192.168.1.1,8.8.8.8 --search4 example.local
+    python so-qcow2-modify-network.py -I /var/lib/libvirt/images/coreol9/coreol9.qcow2 -i eth0 --static4 --ip4 192.168.1.10/24 --gw4 192.168.1.1 --dns4 192.168.1.1,8.8.8.8 --search4 example.local
 
-    python so-qcow2-modify-network.py -I path_to_image -i eth0 --dhcp4
+    python so-qcow2-modify-network.py -I /var/lib/libvirt/images/coreol9/coreol9.qcow2 -i eth0 --dhcp4
 """
 
 import argparse
@@ -161,14 +161,14 @@ def parse_arguments():
     return args
 
 def main():
+    # Set up logging using the so_logging_utils library
+    logger = setup_logging(
+        logger_name='so-qcow2-modify-network',
+        log_file_path='/opt/so/log/hypervisor/so-qcow2-modify-network.log',
+        log_level=logging.INFO,
+        format_str='%(asctime)s - %(levelname)s - %(message)s'
+    )
     try:
-        # Set up logging using the so_logging_utils library
-        logger = setup_logging(
-            logger_name='so-qcow2-modify-network',
-            log_file_path='/opt/so/log/hypervisor/so-qcow2-modify-network.log',
-            log_level=logging.INFO,
-            format_str='%(asctime)s - %(levelname)s - %(message)s'
-        )
         args = parse_arguments()
 
         validate_interface_name(args.interface)

salt/soc/dynamic_annotations/hypervisor/add_node

@@ -0,0 +1,11 @@
+hostname:
+network_mode:
+ip4:
+gw4:
+dns4:
+sarch4:
+cpu:
+memory:
+disk:
+copper:
+sfp:

salt/soc/dynamic_annotations/hypervisor/hypervisor.yaml

@@ -1,9 +1,14 @@
 hypervisor:
   hosts:
     defaultHost:
-      add_guest:
-        description: Add a new guest to the hypervisor.
-        forcedType: "[]string"
+      add_searchnode:
+        description: Add a new searchnode to the hypervisor.
+        file: True
+        global: True
+        multiline: True
+      add_sensor:
+        description: Add a new sensor to the hypervisor.
+        file: True
         global: True
         multiline: True
       guests:

salt/soc/dynamic_annotations/hypervisor/init.sls

@@ -1,5 +1,28 @@
+{% from 'soc/dynamic_annotations/hypervisor/map.jinja' import HYPERVISORS %}
+
 hypervisor_annotation:
   file.managed:
     - name: /opt/so/saltstack/default/salt/hypervisor/soc_hypervisor.yaml
     - source: salt://soc/dynamic_annotations/hypervisor/soc_hypervisor.yaml.jinja
     - template: jinja
+    - defaults:
+        HYPERVISORS: {{ HYPERVISORS }}
+
+{% for role in HYPERVISORS %}
+{%   for hypervisor in HYPERVISORS[role].keys() %}
+hypervisor_host_directory_{{hypervisor}}:
+  file.directory:
+    - name: /opt/so/saltstack/local/salt/hypervisor/hosts/{{hypervisor}}
+    - makedirs: True
+
+add_searchnode_file_{{hypervisor}}:
+  file.managed:
+    - name: /opt/so/saltstack/local/salt/hypervisor/hosts/{{hypervisor}}/add_searchnode
+    - source: salt://soc/dynamic_annotations/hypervisor/add_node
+
+add_sensor_file_{{hypervisor}}:
+  file.managed:
+    - name: /opt/so/saltstack/local/salt/hypervisor/hosts/{{hypervisor}}/add_sensor
+    - source: salt://soc/dynamic_annotations/hypervisor/add_node
+{%   endfor %}
+{% endfor %}

salt/soc/dynamic_annotations/hypervisor/map.jinja

@@ -0,0 +1 @@
+{% set HYPERVISORS = salt['pillar.get']('hypervisor:nodes', {}) %}

salt/soc/dynamic_annotations/hypervisor/soc_hypervisor.yaml.jinja

@@ -1,12 +1,13 @@
 {% import_yaml 'soc/dynamic_annotations/hypervisor/hypervisor.yaml' as ANNOTATION %}
-{% set HYPERVISORS = salt['pillar.get']('hypervisor:nodes', {}) %}
 
 {% set TEMPLATE = ANNOTATION.hypervisor.hosts.pop('defaultHost') %}
 {# remove defaultGuest so that it is not shown in Grid Configuration UI #}
 {% do TEMPLATE['guests'].pop('defaultGuest') %}
 
-{% for hypervisor in HYPERVISORS.hypervisor %}
-{%   do ANNOTATION.hypervisor.hosts.update({hypervisor: TEMPLATE}) %}
+{% for role in HYPERVISORS %}
+{%   for hypervisor in HYPERVISORS[role].keys() %}
+{%     do ANNOTATION.hypervisor.hosts.update({hypervisor: TEMPLATE}) %}
+{%   endfor %}
 {% endfor %}
 
 {{ ANNOTATION | yaml(False) }}