protected override void OnExecuteOperation(DeploymentParameters parameters, ClusterManifestType clusterManifest, Infrastructure infrastructure)
{
var isRunningAsAdmin = AccountHelper.IsAdminUser();
if (!isRunningAsAdmin)
{
DeployerTrace.WriteWarning(StringResources.Warning_DeployerNotRunAsAdminSkipFirewallAndPerformanceCounter);
return;
}
if (clusterManifest == null)
{
DeployerTrace.WriteError(StringResources.Error_FabricHostStartedWithoutConfiguringTheNode);
throw new ArgumentException(StringResources.Error_FabricHostStartedWithoutConfiguringTheNode);
}
this.parameters = parameters;
this.manifest = clusterManifest;
this.infrastructure = infrastructure;
this.fabricValidator = new FabricValidatorWrapper(parameters, manifest, infrastructure);
fabricValidator.ValidateAndEnsureDefaultImageStore();
if (!parameters.SkipFirewallConfiguration)
{
var securitySection = manifest.FabricSettings.FirstOrDefault(fabSetting => fabSetting.Name.Equals(Constants.SectionNames.Security, StringComparison.OrdinalIgnoreCase));
#if DotNetCoreClrLinux
if (isRunningAsAdmin && clusterManifest.Infrastructure.Item is ClusterManifestTypeInfrastructureLinux)
{
var currentInfrastructure = clusterManifest.Infrastructure.Item as ClusterManifestTypeInfrastructureLinux;
#else
if (isRunningAsAdmin && clusterManifest.Infrastructure.Item is ClusterManifestTypeInfrastructureWindowsServer)
{
var currentInfrastructure = clusterManifest.Infrastructure.Item as ClusterManifestTypeInfrastructureWindowsServer;
#endif
var nodeSettings = GetNodeSettings();
var isScaleMin = currentInfrastructure.IsScaleMin;
FirewallManager.EnableFirewallSettings(nodeSettings, isScaleMin, securitySection, this is UpdateNodeStateOperation);
NetworkApiHelper.ReduceDynamicPortRange(nodeSettings, isScaleMin);
}
else if (isRunningAsAdmin)
{
var nodeSettings = GetNodeSettings();
FirewallManager.EnableFirewallSettings(nodeSettings, false, securitySection, this is UpdateNodeStateOperation);
NetworkApiHelper.ReduceDynamicPortRange(nodeSettings, false);
}
}
#if !DotNetCoreClrIOT && !DotNetCoreClrLinux
ResetNetworks(parameters, clusterManifest, infrastructure);
#endif
#if !DotNetCoreClrIOT
if (parameters.ContainerDnsSetup == ContainerDnsSetup.Allow || parameters.ContainerDnsSetup == ContainerDnsSetup.Require)
{
try
{
string currentNodeIPAddressOrFQDN = string.Empty;
if ((infrastructure != null) && (infrastructure.InfrastructureNodes != null))
{
foreach (var infraNode in infrastructure.InfrastructureNodes)
{
DeployerTrace.WriteInfo("Infra node <{0}> params.NodeName <{1}>", infraNode.NodeName, parameters.NodeName);
if (NetworkApiHelper.IsAddressForThisMachine(infraNode.IPAddressOrFQDN))
{
currentNodeIPAddressOrFQDN = infraNode.IPAddressOrFQDN;
DeployerTrace.WriteInfo("Found node IPAddressOrFQDN <{0}>", currentNodeIPAddressOrFQDN);
break;
}
}
}
new DockerDnsHelper(parameters, currentNodeIPAddressOrFQDN).SetupAsync().GetAwaiter().GetResult();
}
catch (Exception ex)
{
if (parameters.ContainerDnsSetup == ContainerDnsSetup.Require)
{
DeployerTrace.WriteError(
StringResources.Error_FabricDeployer_DockerDnsSetup_ErrorNotContinuing,
Constants.ParameterNames.ContainerDnsSetup,
parameters.ContainerDnsSetup,
ex);
throw;
}
DeployerTrace.WriteWarning(
StringResources.Warning_FabricDeployer_DockerDnsSetup_ErrorContinuing,
Constants.ParameterNames.ContainerDnsSetup,
parameters.ContainerDnsSetup,
ex);
}
}
else if (parameters.ContainerDnsSetup == ContainerDnsSetup.Disallow)
{
// cleanupasync catches all exceptions
new DockerDnsHelper(parameters, string.Empty).CleanupAsync().GetAwaiter().GetResult();
}
#endif
#if !DotNetCoreClr // Disable compiling on windows for now. Need to correct when porting FabricDeployer for windows.
if (!PerformanceCounters.StartCollection(clusterManifest.FabricSettings, parameters.DeploymentSpecification))
{
DeployerTrace.WriteWarning(StringResources.Error_FabricDeployer_StartCounterCollectionFailed_Formatted);
}
if (fabricValidator.ShouldRegisterSpnForMachineAccount)
{
if (!SpnManager.EnsureSpn())
{
throw new InvalidDeploymentException(StringResources.Error_FabricDeployer_FailedToRegisterSpn_Formatted);
}
}
#endif
}
protected override void OnExecuteOperation(DeploymentParameters parameters, ClusterManifestType clusterManifest, Infrastructure infrastructure)
{
var isRunningAsAdmin = AccountHelper.IsAdminUser();
if (!isRunningAsAdmin)
{
DeployerTrace.WriteWarning(StringResources.Warning_DeployerNotRunAsAdminSkipFirewallAndPerformanceCounter);
return;
}
if (clusterManifest == null)
{
DeployerTrace.WriteError(StringResources.Error_FabricHostStartedWithoutConfiguringTheNode);
throw new ArgumentException(StringResources.Error_FabricHostStartedWithoutConfiguringTheNode);
}
this.parameters = parameters;
this.manifest = clusterManifest;
this.infrastructure = infrastructure;
this.fabricValidator = new FabricValidatorWrapper(parameters, manifest, infrastructure);
fabricValidator.ValidateAndEnsureDefaultImageStore();
if (!parameters.SkipFirewallConfiguration)
{
var securitySection = manifest.FabricSettings.FirstOrDefault(fabSetting => fabSetting.Name.Equals(Constants.SectionNames.Security, StringComparison.OrdinalIgnoreCase));
#if DotNetCoreClrLinux
if (isRunningAsAdmin && clusterManifest.Infrastructure.Item is ClusterManifestTypeInfrastructureLinux)
{
var currentInfrastructure = clusterManifest.Infrastructure.Item as ClusterManifestTypeInfrastructureLinux;
#else
if (isRunningAsAdmin && clusterManifest.Infrastructure.Item is ClusterManifestTypeInfrastructureWindowsServer)
{
var currentInfrastructure = clusterManifest.Infrastructure.Item as ClusterManifestTypeInfrastructureWindowsServer;
#endif
var nodeSettings = GetNodeSettings();
var isScaleMin = currentInfrastructure.IsScaleMin;
FirewallManager.EnableFirewallSettings(nodeSettings, isScaleMin, securitySection, this is UpdateNodeStateOperation);
NetworkApiHelper.ReduceDynamicPortRange(nodeSettings, isScaleMin);
}
else if (isRunningAsAdmin)
{
var nodeSettings = GetNodeSettings();
FirewallManager.EnableFirewallSettings(nodeSettings, false, securitySection, this is UpdateNodeStateOperation);
NetworkApiHelper.ReduceDynamicPortRange(nodeSettings, false);
}
}
#if !DotNetCoreClrIOT && !DotNetCoreClrLinux
#region Container Network Reset
// CreateOrUpdate operation inherits from RestartOperation.
// This check will invoke network reset only in the restart case.
// This is a work around to handle the case where the flat network was not usable after VM reboot.
if (parameters.Operation == DeploymentOperations.None)
{
if (!parameters.SkipContainerNetworkResetOnReboot)
{
var lastBootUpTimeFromRegistry = Utility.GetNodeLastBootUpTimeFromRegistry();
var lastBootUpTimeFromSystem = Utility.GetNodeLastBootUpTimeFromSystem();
DeployerTrace.WriteInfo("Last boot up time from registry:{0} from system:{1}", lastBootUpTimeFromRegistry, lastBootUpTimeFromSystem);
if (!string.Equals(lastBootUpTimeFromRegistry.ToString(), lastBootUpTimeFromSystem.ToString(), StringComparison.OrdinalIgnoreCase))
{
DeployerTrace.WriteInfo("Invoking container network reset.");
// This check is needed to allow clean up on azure. This is symmetrical to the set up condition.
if (clusterManifest.Infrastructure.Item is ClusterManifestTypeInfrastructureWindowsAzure ||
clusterManifest.Infrastructure.Item is ClusterManifestTypeInfrastructurePaaS)
{
var containerNetworkCleanupOperation = new ContainerNetworkCleanupOperation();
containerNetworkCleanupOperation.ExecuteOperation(parameters.ContainerNetworkName, parameters.Operation);
}
if (parameters.ContainerNetworkSetup)
{
// set up docker network.
var containerNetworkSetupOperation = new ContainerNetworkSetupOperation();
containerNetworkSetupOperation.ExecuteOperation(parameters, clusterManifest, infrastructure);
}
// Record last boot up time
Utility.SaveNodeLastBootUpTimeToRegistry(lastBootUpTimeFromSystem);
}
}
else
{
DeployerTrace.WriteInfo("Skipping container network reset on reboot because SkipContainerNetworkResetOnReboot flag is enabled.");
}
}
#endregion
#endif
#if !DotNetCoreClrIOT
if (parameters.ContainerDnsSetup == ContainerDnsSetup.Allow || parameters.ContainerDnsSetup == ContainerDnsSetup.Require)
{
try
{
string currentNodeIPAddressOrFQDN = string.Empty;
if ((infrastructure != null) && (infrastructure.InfrastructureNodes != null))
{
foreach (var infraNode in infrastructure.InfrastructureNodes)
{
DeployerTrace.WriteInfo("Infra node <{0}> params.NodeName <{1}>", infraNode.NodeName, parameters.NodeName);
if (NetworkApiHelper.IsAddressForThisMachine(infraNode.IPAddressOrFQDN))
{
currentNodeIPAddressOrFQDN = infraNode.IPAddressOrFQDN;
DeployerTrace.WriteInfo("Found node IPAddressOrFQDN <{0}>", currentNodeIPAddressOrFQDN);
break;
}
}
}
new DockerDnsHelper(parameters, currentNodeIPAddressOrFQDN).SetupAsync().GetAwaiter().GetResult();
}
catch (Exception ex)
{
if (parameters.ContainerDnsSetup == ContainerDnsSetup.Require)
{
DeployerTrace.WriteError(
StringResources.Error_FabricDeployer_DockerDnsSetup_ErrorNotContinuing,
Constants.ParameterNames.ContainerDnsSetup,
parameters.ContainerDnsSetup,
ex);
throw;
}
DeployerTrace.WriteWarning(
StringResources.Warning_FabricDeployer_DockerDnsSetup_ErrorContinuing,
Constants.ParameterNames.ContainerDnsSetup,
parameters.ContainerDnsSetup,
ex);
}
}
else if (parameters.ContainerDnsSetup == ContainerDnsSetup.Disallow)
{
// cleanupasync catches all exceptions
new DockerDnsHelper(parameters, string.Empty).CleanupAsync().GetAwaiter().GetResult();
}
#endif
#if !DotNetCoreClr // Disable compiling on windows for now. Need to correct when porting FabricDeployer for windows.
if (!PerformanceCounters.StartCollection(clusterManifest.FabricSettings, parameters.DeploymentSpecification))
{
DeployerTrace.WriteWarning(StringResources.Error_FabricDeployer_StartCounterCollectionFailed_Formatted);
}
if (fabricValidator.ShouldRegisterSpnForMachineAccount)
{
if (!SpnManager.EnsureSpn())
{
throw new InvalidDeploymentException(StringResources.Error_FabricDeployer_FailedToRegisterSpn_Formatted);
}
}
#endif
}