Statistics
| Branch: | Tag: | Revision:

root / snf-deploy / fabfile.py @ 093d25d8

History | View | Annotate | Download (41.7 kB)

1
# Too many lines in module pylint: disable-msg=C0302
2
# Too many arguments (7/5) pylint: disable-msg=R0913
3
"""
4
Fabric file for snf-deploy
5

6
"""
7

    
8
from __future__ import with_statement
9
from fabric.api import hide, env, settings, local, roles
10
from fabric.operations import run, put, get
11
import fabric
12
import re
13
import os
14
import shutil
15
import tempfile
16
import ast
17
from snfdeploy.lib import debug, Conf, Env, disable_color
18
from snfdeploy import massedit
19

    
20

    
21
def setup_env(confdir="conf", packages="packages", templates="files",
22
              cluster_name="ganeti1", autoconf=False, disable_colors=False,
23
              key_inject=False):
24
    """Setup environment"""
25
    print("Loading configuration for synnefo...")
26
    print(" * Using config files under %s..." % confdir)
27
    print(" * Using %s and %s for packages and templates accordingly..."
28
          % (packages, templates))
29

    
30
    autoconf = ast.literal_eval(autoconf)
31
    disable_colors = ast.literal_eval(disable_colors)
32
    env.key_inject = ast.literal_eval(key_inject)
33
    conf = Conf.configure(confdir=confdir, cluster_name=cluster_name,
34
                          autoconf=autoconf)
35
    env.env = Env(conf)
36

    
37
    env.local = autoconf
38
    env.password = env.env.password
39
    env.user = env.env.user
40
    env.shell = "/bin/bash -c"
41

    
42
    if disable_colors:
43
        disable_color()
44

    
45
    if env.env.cms.hostname in \
46
            [env.env.accounts.hostname, env.env.cyclades.hostname,
47
             env.env.pithos.hostname]:
48
        env.cms_pass = True
49
    else:
50
        env.cms_pass = False
51

    
52
    if env.env.accounts.hostname in \
53
            [env.env.cyclades.hostname, env.env.pithos.hostname]:
54
        env.csrf_disable = True
55
    else:
56
        env.csrf_disable = False
57

    
58
    env.roledefs = {
59
        "nodes": env.env.ips,
60
        "ips": env.env.ips,
61
        "accounts": [env.env.accounts.ip],
62
        "cyclades": [env.env.cyclades.ip],
63
        "pithos": [env.env.pithos.ip],
64
        "cms": [env.env.cms.ip],
65
        "mq": [env.env.mq.ip],
66
        "db": [env.env.db.ip],
67
        "mq": [env.env.mq.ip],
68
        "db": [env.env.db.ip],
69
        "ns": [env.env.ns.ip],
70
        "client": [env.env.client.ip],
71
        "router": [env.env.router.ip],
72
    }
73

    
74
    env.enable_lvm = False
75
    env.enable_drbd = False
76
    if ast.literal_eval(env.env.create_extra_disk) and env.env.extra_disk:
77
        env.enable_lvm = True
78
        env.enable_drbd = True
79

    
80
    env.roledefs.update({
81
        "ganeti": env.env.cluster_ips,
82
        "master": [env.env.master.ip],
83
    })
84

    
85

    
86
def install_package(package):
87
    debug(env.host, " * Installing package %s..." % package)
88
    apt_get = "export DEBIAN_FRONTEND=noninteractive ;" + \
89
              "apt-get install -y --force-yes "
90

    
91
    host_info = env.env.ips_info[env.host]
92
    env.env.update_packages(host_info.os)
93
    if ast.literal_eval(env.env.use_local_packages):
94
        with settings(warn_only=True):
95
            deb = local("ls %s/%s*%s_all.deb"
96
                        % (env.env.packages, package, host_info.os),
97
                        capture=True)
98
            if deb:
99
                debug(env.host,
100
                      " * Package %s found in %s..."
101
                      % (package, env.env.packages))
102
                try_put(deb, "/tmp/")
103
                try_run("dpkg -i /tmp/%s || "
104
                        % os.path.basename(deb) + apt_get + "-f")
105
                try_run("rm /tmp/%s" % os.path.basename(deb))
106
                return
107

    
108
    info = getattr(env.env, package)
109
    if info in \
110
            ["squeeze-backports", "squeeze", "stable",
111
             "testing", "unstable", "wheezy"]:
112
        apt_get += " -t %s %s " % (info, package)
113
    elif info:
114
        apt_get += " %s=%s " % (package, info)
115
    else:
116
        apt_get += package
117

    
118
    try_run(apt_get)
119

    
120
    return
121

    
122

    
123
@roles("ns")
124
def update_ns_for_ganeti():
125
    debug(env.host,
126
          "Updating name server entries for backend %s..."
127
          % env.env.cluster.fqdn)
128
    update_arecord(env.env.cluster)
129
    update_ptrrecord(env.env.cluster)
130
    try_run("/etc/init.d/bind9 restart")
131

    
132

    
133
@roles("ns")
134
def update_ns_for_node(node):
135
    info = env.env.nodes_info.get(node)
136
    update_arecord(info)
137
    update_ptrrecord(info)
138
    try_run("/etc/init.d/bind9 restart")
139

    
140

    
141
@roles("ns")
142
def update_arecord(host):
143
    filename = "/etc/bind/zones/" + env.env.domain
144
    cmd = """
145
    echo '{0}' >> {1}
146
    """.format(host.arecord, filename)
147
    try_run(cmd)
148

    
149

    
150
@roles("ns")
151
def update_cnamerecord(host):
152
    filename = "/etc/bind/zones/" + env.env.domain
153
    cmd = """
154
    echo '{0}' >> {1}
155
    """.format(host.cnamerecord, filename)
156
    try_run(cmd)
157

    
158

    
159
@roles("ns")
160
def update_ptrrecord(host):
161
    filename = "/etc/bind/rev/synnefo.in-addr.arpa.zone"
162
    cmd = """
163
    echo '{0}' >> {1}
164
    """.format(host.ptrrecord, filename)
165
    try_run(cmd)
166

    
167

    
168
@roles("nodes")
169
def apt_get_update():
170
    debug(env.host, "apt-get update....")
171
    try_run("apt-get update")
172

    
173

    
174
@roles("ns")
175
def setup_ns():
176
    debug(env.host, "Setting up name server..")
177
    #WARNING: this should be remove after we are done
178
    # because gevent does pick randomly nameservers and google does
179
    # not know our setup!!!!!
180
    apt_get_update()
181
    install_package("bind9")
182
    tmpl = "/etc/bind/named.conf.local"
183
    replace = {
184
        "domain": env.env.domain,
185
    }
186
    custom = customize_settings_from_tmpl(tmpl, replace)
187
    try_put(custom, tmpl)
188

    
189
    try_run("mkdir -p /etc/bind/zones")
190
    tmpl = "/etc/bind/zones/example.com"
191
    replace = {
192
        "domain": env.env.domain,
193
        "ns_node_ip": env.env.ns.ip,
194
    }
195
    custom = customize_settings_from_tmpl(tmpl, replace)
196
    remote = "/etc/bind/zones/" + env.env.domain
197
    try_put(custom, remote)
198

    
199
    try_run("mkdir -p /etc/bind/rev")
200
    tmpl = "/etc/bind/rev/synnefo.in-addr.arpa.zone"
201
    replace = {
202
        "domain": env.env.domain,
203
    }
204
    custom = customize_settings_from_tmpl(tmpl, replace)
205
    try_put(custom, tmpl)
206

    
207
    tmpl = "/etc/bind/named.conf.options"
208
    replace = {
209
        "NODE_IPS": ";".join(env.env.ips),
210
    }
211
    custom = customize_settings_from_tmpl(tmpl, replace)
212
    try_put(custom, tmpl, mode=0644)
213

    
214
    for role, info in env.env.roles.iteritems():
215
        if role == "ns":
216
            continue
217
        update_cnamerecord(info)
218
    for node, info in env.env.nodes_info.iteritems():
219
        update_arecord(info)
220
        update_ptrrecord(info)
221

    
222
    try_run("/etc/init.d/bind9 restart")
223

    
224

    
225
@roles("nodes")
226
def check_dhcp():
227
    debug(env.host, "Checking IPs for synnefo..")
228
    for n, info in env.env.nodes_info.iteritems():
229
        try_run("ping -c 1 " + info.ip)
230

    
231

    
232
@roles("nodes")
233
def check_dns():
234
    debug(env.host, "Checking fqdns for synnefo..")
235
    for n, info in env.env.nodes_info.iteritems():
236
        try_run("ping -c 1 " + info.fqdn)
237

    
238
    for n, info in env.env.roles.iteritems():
239
        try_run("ping -c 1 " + info.fqdn)
240

    
241

    
242
@roles("nodes")
243
def check_connectivity():
244
    debug(env.host, "Checking internet connectivity..")
245
    try_run("ping -c 1 www.google.com")
246

    
247

    
248
@roles("nodes")
249
def check_ssh():
250
    debug(env.host, "Checking password-less ssh..")
251
    for n, info in env.env.nodes_info.iteritems():
252
        try_run("ssh " + info.fqdn + "  date")
253

    
254

    
255
@roles("ips")
256
def add_keys():
257
    if not env.key_inject:
258
        debug(env.host, "Skipping ssh keys injection..")
259
        return
260
    else:
261
        debug(env.host, "Adding rsa/dsa keys..")
262
    try_run("mkdir -p /root/.ssh")
263
    cmd = """
264
for f in $(ls /root/.ssh/*); do
265
  cp $f $f.bak
266
done
267
    """
268
    try_run(cmd)
269
    files = ["authorized_keys", "id_dsa", "id_dsa.pub",
270
             "id_rsa", "id_rsa.pub"]
271
    for f in files:
272
        tmpl = "/root/.ssh/" + f
273
        replace = {}
274
        custom = customize_settings_from_tmpl(tmpl, replace)
275
        try_put(custom, tmpl, mode=0600)
276

    
277
    cmd = """
278
if [ -e /root/.ssh/authorized_keys.bak ]; then
279
  cat /root/.ssh/authorized_keys.bak >> /root/.ssh/authorized_keys
280
fi
281
    """
282
    debug(env.host, "Updating exising authorized keys..")
283
    try_run(cmd)
284

    
285

    
286
@roles("ips")
287
def setup_resolv_conf():
288
    debug(env.host, "Tweak /etc/resolv.conf...")
289
    try_run("/etc/init.d/network-manager stop", abort=False)
290
    tmpl = "/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate"
291
    replace = {}
292
    custom = customize_settings_from_tmpl(tmpl, replace)
293
    try_put(custom, tmpl, mode=0644)
294
    try_run("cp /etc/resolv.conf /etc/resolv.conf.bak")
295
    tmpl = "/etc/resolv.conf"
296
    replace = {
297
        "domain": env.env.domain,
298
        "ns_node_ip": env.env.ns.ip,
299
    }
300
    custom = customize_settings_from_tmpl(tmpl, replace)
301
    try:
302
        try_put(custom, tmpl)
303
        cmd = """
304
        echo "\
305
# This has been generated automatically by snf-deploy, at
306
# $(date).
307
# The immutable bit (+i attribute) has been used to avoid it being
308
# overwritten by software such as NetworkManager or resolvconf.
309
# Use lsattr/chattr to view or modify its file attributes.
310

311

312
$(cat {0})" > {0}
313
""".format(tmpl)
314
        try_run(cmd)
315
    except:
316
        pass
317
    try_run("chattr +i /etc/resolv.conf")
318

    
319

    
320
@roles("ips")
321
def setup_hosts():
322
    debug(env.host, "Tweaking /etc/hosts and ssh_config files...")
323
    try_run("echo StrictHostKeyChecking no >> /etc/ssh/ssh_config")
324
    cmd = "sed -i 's/^127.*$/127.0.0.1 localhost/g' /etc/hosts "
325
    try_run(cmd)
326
    host_info = env.env.ips_info[env.host]
327
    cmd = "hostname %s" % host_info.hostname
328
    try_run(cmd)
329
    cmd = "echo %s > /etc/hostname" % host_info.hostname
330
    try_run(cmd)
331

    
332

    
333
def try_run(cmd, abort=True):
334
    try:
335
        if env.local:
336
            return local(cmd, capture=True)
337
        else:
338
            return run(cmd)
339
    except BaseException as e:
340
        if abort:
341
            fabric.utils.abort(e)
342
        else:
343
            debug(env.host, "WARNING: command failed. Continuing anyway...")
344

    
345

    
346
def try_put(local_path=None, remote_path=None, abort=True, **kwargs):
347
    try:
348
        put(local_path=local_path, remote_path=remote_path, **kwargs)
349
    except BaseException as e:
350
        if abort:
351
            fabric.utils.abort(e)
352
        else:
353
            debug(env.host, "WARNING: command failed. Continuing anyway...")
354

    
355

    
356
def try_get(remote_path, local_path=None, abort=True, **kwargs):
357
    try:
358
        get(remote_path, local_path=local_path, **kwargs)
359
    except BaseException as e:
360
        if abort:
361
            fabric.utils.abort(e)
362
        else:
363
            debug(env.host, "WARNING: command failed. Continuing anyway...")
364

    
365

    
366
def create_bridges():
367
    debug(env.host, " * Creating bridges...")
368
    install_package("bridge-utils")
369
    cmd = """
370
    brctl addbr {0} ; ip link set {0} up
371
    """.format(env.env.common_bridge)
372
    try_run(cmd)
373

    
374

    
375
def connect_bridges():
376
    debug(env.host, " * Connecting bridges...")
377
    #cmd = """
378
    #brctl addif {0} {1}
379
    #""".format(env.env.common_bridge, env.env.public_iface)
380
    #try_run(cmd)
381

    
382

    
383
@roles("ganeti")
384
def setup_net_infra():
385
    debug(env.host, "Setup networking infrastracture..")
386
    create_bridges()
387
    connect_bridges()
388

    
389

    
390
@roles("ganeti")
391
def setup_lvm():
392
    debug(env.host, "create volume group %s for ganeti.." % env.env.vg)
393
    if env.enable_lvm:
394
        install_package("lvm2")
395
        cmd = """
396
        pvcreate {0}
397
        vgcreate {1} {0}
398
        """.format(env.env.extra_disk, env.env.vg)
399
        try_run(cmd)
400

    
401

    
402
def customize_settings_from_tmpl(tmpl, replace):
403
    debug(env.host, " * Customizing template %s..." % tmpl)
404
    local = env.env.templates + tmpl
405
    _, custom = tempfile.mkstemp()
406
    shutil.copyfile(local, custom)
407
    for k, v in replace.iteritems():
408
        regex = "re.sub('%{0}%', '{1}', line)".format(k.upper(), v)
409
        massedit.edit_files([custom], [regex], dry_run=False)
410

    
411
    return custom
412

    
413

    
414
@roles("nodes")
415
def setup_apt():
416
    debug(env.host, "Setting up apt sources...")
417
    install_package("curl")
418
    cmd = """
419
    echo 'APT::Install-Suggests "false";' >> /etc/apt/apt.conf
420
    curl -k https://dev.grnet.gr/files/apt-grnetdev.pub | apt-key add -
421
    """
422
    try_run(cmd)
423
    host_info = env.env.ips_info[env.host]
424
    if host_info.os == "squeeze":
425
        tmpl = "/etc/apt/sources.list.d/synnefo.squeeze.list"
426
    else:
427
        tmpl = "/etc/apt/sources.list.d/synnefo.wheezy.list"
428
    replace = {}
429
    custom = customize_settings_from_tmpl(tmpl, replace)
430
    try_put(custom, tmpl)
431
    apt_get_update()
432

    
433

    
434
@roles("cyclades", "cms", "pithos", "accounts")
435
def restart_services():
436
    debug(env.host, " * Restarting apache2 and gunicorn...")
437
    try_run("/etc/init.d/gunicorn restart")
438
    try_run("/etc/init.d/apache2 restart")
439

    
440

    
441
def setup_gunicorn():
442
    debug(env.host, " * Setting up gunicorn...")
443
    install_package("gunicorn")
444
    tmpl = "/etc/gunicorn.d/synnefo"
445
    replace = {}
446
    custom = customize_settings_from_tmpl(tmpl, replace)
447
    try_put(custom, tmpl, mode=0644)
448
    try_run("/etc/init.d/gunicorn restart")
449

    
450

    
451
def setup_apache():
452
    debug(env.host, " * Setting up apache2...")
453
    host_info = env.env.ips_info[env.host]
454
    install_package("apache2")
455
    tmpl = "/etc/apache2/sites-available/synnefo"
456
    replace = {
457
        "HOST": host_info.fqdn,
458
    }
459
    custom = customize_settings_from_tmpl(tmpl, replace)
460
    try_put(custom, tmpl)
461
    tmpl = "/etc/apache2/sites-available/synnefo-ssl"
462
    custom = customize_settings_from_tmpl(tmpl, replace)
463
    try_put(custom, tmpl)
464
    cmd = """
465
    a2enmod ssl
466
    a2enmod rewrite
467
    a2dissite default
468
    a2ensite synnefo
469
    a2ensite synnefo-ssl
470
    a2enmod headers
471
    a2enmod proxy_http
472
    a2dismod autoindex
473
    """
474
    try_run(cmd)
475
    try_run("/etc/init.d/apache2 restart")
476

    
477

    
478
@roles("mq")
479
def setup_mq():
480
    debug(env.host, "Setting up RabbitMQ...")
481
    install_package("rabbitmq-server")
482
    cmd = """
483
    rabbitmqctl add_user {0} {1}
484
    rabbitmqctl set_permissions {0} ".*" ".*" ".*"
485
    rabbitmqctl delete_user guest
486
    rabbitmqctl set_user_tags {0} administrator
487
    """.format(env.env.synnefo_user, env.env.synnefo_rabbitmq_passwd)
488
    try_run(cmd)
489
    try_run("/etc/init.d/rabbitmq-server restart")
490

    
491

    
492
@roles("db")
493
def allow_access_in_db(ip, user="all", method="md5"):
494
    cmd = """
495
    pg_hba=$(ls /etc/postgresql/*/main/pg_hba.conf)
496
    echo host all {0} {1}/32 {2} >> $pg_hba
497
    """.format(user, ip, method)
498
    try_run(cmd)
499
    cmd = """
500
    pg_hba=$(ls /etc/postgresql/*/main/pg_hba.conf)
501
    sed -i 's/\(host.*127.0.0.1.*\)md5/\\1trust/' $pg_hba
502
    """
503
    try_run(cmd)
504
    try_run("/etc/init.d/postgresql restart")
505

    
506

    
507
@roles("db")
508
def setup_db():
509
    debug(env.host, "Setting up DataBase server...")
510
    install_package("postgresql")
511

    
512
    tmpl = "/tmp/db-init.psql"
513
    replace = {
514
        "synnefo_user": env.env.synnefo_user,
515
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
516
        }
517
    custom = customize_settings_from_tmpl(tmpl, replace)
518
    try_put(custom, tmpl)
519
    cmd = 'su - postgres -c "psql -w -f %s" ' % tmpl
520
    try_run(cmd)
521
    cmd = """
522
    conf=$(ls /etc/postgresql/*/main/postgresql.conf)
523
    echo "listen_addresses = '*'" >> $conf
524
    """
525
    try_run(cmd)
526

    
527
    if env.env.testing_vm:
528
        cmd = """
529
        conf=$(ls /etc/postgresql/*/main/postgresql.conf)
530
        echo "fsync=off\nsynchronous_commit=off\nfull_page_writes=off" >> $conf
531
        """
532
        try_run(cmd)
533

    
534
    allow_access_in_db(env.host, "all", "trust")
535
    try_run("/etc/init.d/postgresql restart")
536

    
537

    
538
@roles("db")
539
def destroy_db():
540
    try_run("""su - postgres -c ' psql -w -c "drop database snf_apps" '""")
541
    try_run("""su - postgres -c ' psql -w -c "drop database snf_pithos" '""")
542

    
543

    
544
def setup_webproject():
545
    debug(env.host, " * Setting up snf-webproject...")
546
    with settings(hide("everything")):
547
        try_run("ping -c1 " + env.env.db.ip)
548
    setup_common()
549
    install_package("snf-webproject")
550
    install_package("python-psycopg2")
551
    install_package("python-gevent")
552
    install_package("python-django")
553
    tmpl = "/etc/synnefo/webproject.conf"
554
    replace = {
555
        "synnefo_user": env.env.synnefo_user,
556
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
557
        "db_node": env.env.db.ip,
558
        "domain": env.env.domain,
559
    }
560
    custom = customize_settings_from_tmpl(tmpl, replace)
561
    try_put(custom, tmpl, mode=0644)
562
    with settings(host_string=env.env.db.ip):
563
        host_info = env.env.ips_info[env.host]
564
        allow_access_in_db(host_info.ip, "all", "trust")
565
    try_run("/etc/init.d/gunicorn restart")
566

    
567

    
568
def setup_common():
569
    debug(env.host, " * Setting up snf-common...")
570
    host_info = env.env.ips_info[env.host]
571
    install_package("python-objpool")
572
    install_package("snf-common")
573
    install_package("python-astakosclient")
574
    install_package("snf-django-lib")
575
    install_package("snf-branding")
576
    tmpl = "/etc/synnefo/common.conf"
577
    replace = {
578
        #FIXME:
579
        "EMAIL_SUBJECT_PREFIX": env.host,
580
        "domain": env.env.domain,
581
        "HOST": host_info.fqdn,
582
        "MAIL_DIR": env.env.mail_dir,
583
    }
584
    custom = customize_settings_from_tmpl(tmpl, replace)
585
    try_put(custom, tmpl, mode=0644)
586
    try_run("mkdir -p {0}; chmod 777 {0}".format(env.env.mail_dir))
587
    try_run("/etc/init.d/gunicorn restart")
588

    
589

    
590
@roles("accounts")
591
def astakos_loaddata():
592
    debug(env.host, " * Loading initial data to astakos...")
593
    cmd = """
594
    snf-manage loaddata groups
595
    """
596
    try_run(cmd)
597

    
598

    
599
@roles("accounts")
600
def astakos_register_components():
601
    debug(env.host, " * Register services in astakos...")
602

    
603
    cyclades_base_url = "https://%s/cyclades" % env.env.cyclades.fqdn
604
    pithos_base_url = "https://%s/pithos" % env.env.pithos.fqdn
605
    astakos_base_url = "https://%s/astakos" % env.env.accounts.fqdn
606

    
607
    cmd = """
608
    snf-manage component-add "home" --ui-url https://{0}
609
    snf-manage component-add "cyclades" --base-url {1} --ui-url {1}/ui
610
    snf-manage component-add "pithos" --base-url {2} --ui-url {2}/ui
611
    snf-manage component-add "astakos" --base-url {3} --ui-url {3}/ui
612
    """.format(env.env.cms.fqdn, cyclades_base_url,
613
               pithos_base_url, astakos_base_url)
614
    try_run(cmd)
615

    
616

    
617
@roles("accounts")
618
def add_user():
619
    debug(env.host, " * adding user %s to astakos..." % env.env.user_email)
620
    email = env.env.user_email
621
    name = env.env.user_name
622
    lastname = env.env.user_lastname
623
    passwd = env.env.user_passwd
624
    cmd = """
625
    snf-manage user-add {0} {1} {2}
626
    """.format(email, name, lastname)
627
    try_run(cmd)
628
    with settings(host_string=env.env.db.ip):
629
        uid, user_auth_token, user_uuid = get_auth_token_from_db(email)
630
    cmd = """
631
    snf-manage user-modify --password {0} {1}
632
    """.format(passwd, uid)
633
    try_run(cmd)
634

    
635

    
636
@roles("accounts")
637
def activate_user(user_email=None):
638
    if not user_email:
639
        user_email = env.env.user_email
640
    debug(env.host, " * Activate user %s..." % user_email)
641
    with settings(host_string=env.env.db.ip):
642
        uid, user_auth_token, user_uuid = get_auth_token_from_db(user_email)
643

    
644
    cmd = """
645
    snf-manage user-modify --verify {0}
646
    snf-manage user-modify --accept {0}
647
    """.format(uid)
648
    try_run(cmd)
649

    
650

    
651
@roles("accounts")
652
def setup_astakos():
653
    debug(env.host, "Setting up snf-astakos-app...")
654
    setup_gunicorn()
655
    setup_apache()
656
    setup_webproject()
657
    install_package("python-django-south")
658
    install_package("snf-astakos-app")
659
    install_package("kamaki")
660

    
661
    tmpl = "/etc/synnefo/astakos.conf"
662
    replace = {
663
        "ACCOUNTS": env.env.accounts.fqdn,
664
        "domain": env.env.domain,
665
        "CYCLADES": env.env.cyclades.fqdn,
666
        "PITHOS": env.env.pithos.fqdn,
667
    }
668
    custom = customize_settings_from_tmpl(tmpl, replace)
669
    try_put(custom, tmpl, mode=0644)
670
    if env.csrf_disable:
671
        cmd = """
672
cat <<EOF >> /etc/synnefo/astakos.conf
673
try:
674
  MIDDLEWARE_CLASSES.remove('django.middleware.csrf.CsrfViewMiddleware')
675
except:
676
  pass
677
EOF
678
"""
679
        try_run(cmd)
680

    
681
    try_run("/etc/init.d/gunicorn restart")
682

    
683
    cmd = """
684
    snf-manage syncdb --noinput
685
    snf-manage migrate im --delete-ghost-migrations
686
    snf-manage migrate quotaholder_app
687
    """
688
    try_run(cmd)
689

    
690

    
691
@roles("accounts")
692
def get_service_details(service="pithos"):
693
    debug(env.host,
694
          " * Getting registered details for %s service..." % service)
695
    result = try_run("snf-manage component-list -o id,name,token")
696
    r = re.compile(r".*%s.*" % service, re.M)
697
    service_id, _, service_token = r.search(result).group().split()
698
    # print("%s: %s %s" % (service, service_id, service_token))
699
    return (service_id, service_token)
700

    
701

    
702
@roles("db")
703
def get_auth_token_from_db(user_email=None):
704
    if not user_email:
705
        user_email = env.env.user_email
706
    debug(env.host,
707
          " * Getting authentication token and uuid for user %s..."
708
          % user_email)
709
    cmd = """
710
echo "select id, auth_token, uuid, email from auth_user, im_astakosuser \
711
where auth_user.id = im_astakosuser.user_ptr_id and auth_user.email = '{0}';" \
712
> /tmp/psqlcmd
713
su - postgres -c  "psql -w -d snf_apps -f /tmp/psqlcmd"
714
""".format(user_email)
715

    
716
    result = try_run(cmd)
717
    r = re.compile(r"(\d+)[ |]*(\S+)[ |]*(\S+)[ |]*" + user_email, re.M)
718
    match = r.search(result)
719
    uid, user_auth_token, user_uuid = match.groups()
720
    # print("%s: %s %s %s" % ( user_email, uid, user_auth_token, user_uuid))
721

    
722
    return (uid, user_auth_token, user_uuid)
723

    
724

    
725
@roles("cms")
726
def cms_loaddata():
727
    debug(env.host, " * Loading cms initial data...")
728
    if env.cms_pass:
729
        debug(env.host, "Aborting. Prerequisites not met.")
730
        return
731
    tmpl = "/tmp/sites.json"
732
    replace = {}
733
    custom = customize_settings_from_tmpl(tmpl, replace)
734
    try_put(custom, tmpl)
735

    
736
    tmpl = "/tmp/page.json"
737
    replace = {}
738
    custom = customize_settings_from_tmpl(tmpl, replace)
739
    try_put(custom, tmpl)
740

    
741
    cmd = """
742
    snf-manage loaddata /tmp/sites.json
743
    snf-manage loaddata /tmp/page.json
744
    snf-manage createsuperuser --username=admin --email=admin@{0} --noinput
745
    """.format(env.env.domain)
746
    try_run(cmd)
747

    
748

    
749
@roles("cms")
750
def setup_cms():
751
    debug(env.host, "Setting up cms...")
752
    if env.cms_pass:
753
        debug(env.host, "Aborting. Prerequisites not met.")
754
        return
755
    with settings(hide("everything")):
756
        try_run("ping -c1 accounts." + env.env.domain)
757
    setup_gunicorn()
758
    setup_apache()
759
    setup_webproject()
760
    install_package("snf-cloudcms")
761

    
762
    tmpl = "/etc/synnefo/cms.conf"
763
    replace = {
764
        "ACCOUNTS": env.env.accounts.fqdn,
765
        }
766
    custom = customize_settings_from_tmpl(tmpl, replace)
767
    try_put(custom, tmpl, mode=0644)
768
    try_run("/etc/init.d/gunicorn restart")
769

    
770
    cmd = """
771
    snf-manage syncdb
772
    snf-manage migrate --delete-ghost-migrations
773
    """.format(env.env.domain)
774
    try_run(cmd)
775

    
776

    
777
def setup_nfs_dirs():
778
    debug(env.host, " * Creating NFS mount point for pithos and ganeti...")
779
    cmd = """
780
    mkdir -p {0}
781
    cd {0}
782
    mkdir -p data
783
    chown www-data:www-data data
784
    chmod g+ws data
785
    mkdir -p {1}
786
    """.format(env.env.pithos_dir, env.env.image_dir)
787
    try_run(cmd)
788

    
789

    
790
@roles("nodes")
791
def setup_nfs_clients():
792
    if env.host == env.env.pithos.ip:
793
        return
794

    
795
    host_info = env.env.ips_info[env.host]
796
    debug(env.host, " * Mounting pithos NFS mount point...")
797
    with settings(hide("everything")):
798
        try_run("ping -c1 " + env.env.pithos.hostname)
799
    with settings(host_string=env.env.pithos.ip):
800
        update_nfs_exports(host_info.ip)
801

    
802
    install_package("nfs-common")
803
    for d in [env.env.pithos_dir, env.env.image_dir]:
804
        try_run("mkdir -p " + d)
805
        cmd = """
806
echo "{0}:{1} {1}  nfs defaults,rw,noatime,rsize=131072,\
807
wsize=131072,timeo=14,intr,noacl" >> /etc/fstab
808
""".format(env.env.pithos.ip, d)
809
        try_run(cmd)
810
        try_run("mount " + d)
811

    
812

    
813
@roles("pithos")
814
def update_nfs_exports(ip):
815
    tmpl = "/tmp/exports"
816
    replace = {
817
        "pithos_dir": env.env.pithos_dir,
818
        "image_dir": env.env.image_dir,
819
        "ip": ip,
820
    }
821
    custom = customize_settings_from_tmpl(tmpl, replace)
822
    try_put(custom, tmpl)
823
    try_run("cat %s >> /etc/exports" % tmpl)
824
    try_run("/etc/init.d/nfs-kernel-server restart")
825

    
826

    
827
@roles("pithos")
828
def setup_nfs_server():
829
    debug(env.host, " * Setting up NFS server for pithos...")
830
    setup_nfs_dirs()
831
    install_package("nfs-kernel-server")
832

    
833

    
834
@roles("pithos")
835
def setup_pithos():
836
    debug(env.host, "Setting up snf-pithos-app...")
837
    with settings(hide("everything")):
838
        try_run("ping -c1 accounts." + env.env.domain)
839
        try_run("ping -c1 " + env.env.db.ip)
840
    setup_gunicorn()
841
    setup_apache()
842
    setup_webproject()
843

    
844
    with settings(host_string=env.env.accounts.ip):
845
        service_id, service_token = get_service_details("pithos")
846

    
847
    install_package("kamaki")
848
    install_package("snf-pithos-backend")
849
    install_package("snf-pithos-app")
850
    tmpl = "/etc/synnefo/pithos.conf"
851
    replace = {
852
        "ACCOUNTS": env.env.accounts.fqdn,
853
        "PITHOS": env.env.pithos.fqdn,
854
        "db_node": env.env.db.ip,
855
        "synnefo_user": env.env.synnefo_user,
856
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
857
        "pithos_dir": env.env.pithos_dir,
858
        "PITHOS_SERVICE_TOKEN": service_token,
859
        "proxy": env.env.pithos.hostname == env.env.accounts.hostname
860
        }
861
    custom = customize_settings_from_tmpl(tmpl, replace)
862
    try_put(custom, tmpl, mode=0644)
863
    try_run("/etc/init.d/gunicorn restart")
864

    
865
    install_package("snf-pithos-webclient")
866
    tmpl = "/etc/synnefo/webclient.conf"
867
    replace = {
868
        "ACCOUNTS": env.env.accounts.fqdn,
869
        "PITHOS_UI_CLOUDBAR_ACTIVE_SERVICE": service_id,
870
        }
871
    custom = customize_settings_from_tmpl(tmpl, replace)
872
    try_put(custom, tmpl, mode=0644)
873

    
874
    try_run("/etc/init.d/gunicorn restart")
875
    #TOFIX: the previous command lets pithos-backend create blocks and maps
876
    #       with root owner
877
    try_run("chown -R www-data:www-data %s/data " % env.env.pithos_dir)
878
    #try_run("pithos-migrate stamp 4c8ccdc58192")
879
    #try_run("pithos-migrate upgrade head")
880

    
881

    
882
@roles("ganeti")
883
def setup_ganeti():
884
    debug(env.host, "Setting up snf-ganeti...")
885
    node_info = env.env.ips_info[env.host]
886
    with settings(hide("everything")):
887
        #if env.enable_lvm:
888
        #    try_run("vgs " + env.env.vg)
889
        try_run("getent hosts " + env.env.cluster.fqdn)
890
        try_run("getent hosts %s | grep -v ^127" % env.host)
891
        try_run("hostname -f | grep " + node_info.fqdn)
892
        #try_run("ip link show " + env.env.common_bridge)
893
        #try_run("ip link show " + env.env.common_bridge)
894
        #try_run("apt-get update")
895
    install_package("qemu-kvm")
896
    install_package("python-bitarray")
897
    install_package("ganeti-htools")
898
    install_package("snf-ganeti")
899
    try_run("mkdir -p /srv/ganeti/file-storage/")
900
    cmd = """
901
cat <<EOF > /etc/ganeti/file-storage-paths
902
/srv/ganeti/file-storage
903
/srv/ganeti/shared-file-storage
904
EOF
905
"""
906
    try_run(cmd)
907

    
908

    
909
@roles("master")
910
def add_rapi_user():
911
    debug(env.host, " * Adding RAPI user to Ganeti backend...")
912
    cmd = """
913
    echo -n "{0}:Ganeti Remote API:{1}" | openssl md5
914
    """.format(env.env.synnefo_user, env.env.synnefo_rapi_passwd)
915
    result = try_run(cmd)
916
    if result.startswith("(stdin)= "):
917
        result = result.split("(stdin)= ")[1]
918
    cmd = """
919
    echo "{0} {1}{2} write" >> /var/lib/ganeti/rapi/users
920
    """.format(env.env.synnefo_user, '{ha1}', result)
921
    try_run(cmd)
922
    try_run("/etc/init.d/ganeti restart")
923

    
924

    
925
@roles("master")
926
def add_nodes():
927
    nodes = env.env.cluster_nodes.split(",")
928
    nodes.remove(env.env.master_node)
929
    debug(env.host, " * Adding nodes to Ganeti backend...")
930
    for n in nodes:
931
        add_node(n)
932

    
933

    
934
@roles("master")
935
def add_node(node):
936
    node_info = env.env.nodes_info[node]
937
    debug(env.host, " * Adding node %s to Ganeti backend..." % node_info.fqdn)
938
    cmd = "gnt-node add --no-ssh-key-check --master-capable=yes " + \
939
          "--vm-capable=yes " + node_info.fqdn
940
    try_run(cmd)
941

    
942

    
943
@roles("ganeti")
944
def enable_drbd():
945
    if env.enable_drbd:
946
        debug(env.host, " * Enabling DRBD...")
947
        try_run("modprobe drbd minor_count=255 usermode_helper=/bin/true")
948
        try_run("echo drbd minor_count=255 usermode_helper=/bin/true " +
949
                ">> /etc/modules")
950

    
951

    
952
@roles("master")
953
def setup_drbd_dparams():
954
    if env.enable_drbd:
955
        debug(env.host,
956
              " * Twicking drbd related disk parameters in Ganeti...")
957
        cmd = """
958
        gnt-cluster modify --disk-parameters=drbd:metavg={0}
959
        gnt-group modify --disk-parameters=drbd:metavg={0} default
960
        """.format(env.env.vg)
961
        try_run(cmd)
962

    
963

    
964
@roles("master")
965
def enable_lvm():
966
    if env.enable_lvm:
967
        debug(env.host, " * Enabling LVM...")
968
        cmd = """
969
        gnt-cluster modify --vg-name={0}
970
        """.format(env.env.vg)
971
        try_run(cmd)
972
    else:
973
        debug(env.host, " * Disabling LVM...")
974
        try_run("gnt-cluster modify --no-lvm-storage")
975

    
976

    
977
@roles("master")
978
def destroy_cluster():
979
    debug(env.host, " * Destroying Ganeti cluster...")
980
    #TODO: remove instances first
981
    allnodes = env.env.cluster_hostnames[:]
982
    allnodes.remove(env.host)
983
    for n in allnodes:
984
        host_info = env.env.ips_info[env.host]
985
        debug(env.host, " * Removing node %s..." % n)
986
        cmd = "gnt-node remove  " + host_info.fqdn
987
        try_run(cmd)
988
    try_run("gnt-cluster destroy --yes-do-it")
989

    
990

    
991
@roles("master")
992
def init_cluster():
993
    debug(env.host, " * Initializing Ganeti backend...")
994
    # extra = ""
995
    # if env.enable_lvm:
996
    #     extra += " --vg-name={0} ".format(env.env.vg)
997
    # else:
998
    #     extra += " --no-lvm-storage "
999
    # if not env.enable_drbd:
1000
    #     extra += " --no-drbd-storage "
1001
    extra = " --no-lvm-storage --no-drbd-storage "
1002
    cmd = """
1003
    gnt-cluster init --enabled-hypervisors=kvm \
1004
        {0} \
1005
        --nic-parameters link={1},mode=bridged \
1006
        --master-netdev {2} \
1007
        --default-iallocator hail \
1008
        --hypervisor-parameters kvm:kernel_path=,vnc_bind_address=0.0.0.0 \
1009
        --no-ssh-init --no-etc-hosts \
1010
        {3}
1011
    """.format(extra, env.env.common_bridge,
1012
               env.env.cluster_netdev, env.env.cluster.fqdn)
1013
    try_run(cmd)
1014

    
1015

    
1016
@roles("ganeti")
1017
def debootstrap():
1018
    install_package("ganeti-instance-debootstrap")
1019

    
1020

    
1021
@roles("ganeti")
1022
def setup_image_host():
1023
    debug(env.host, "Setting up snf-image...")
1024
    install_package("snf-pithos-backend")
1025
    install_package("snf-image")
1026
    try_run("mkdir -p %s" % env.env.image_dir)
1027
    tmpl = "/etc/default/snf-image"
1028
    replace = {
1029
        "synnefo_user": env.env.synnefo_user,
1030
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
1031
        "pithos_dir": env.env.pithos_dir,
1032
        "db_node": env.env.db.ip,
1033
        "image_dir": env.env.image_dir,
1034
    }
1035
    custom = customize_settings_from_tmpl(tmpl, replace)
1036
    try_put(custom, tmpl)
1037

    
1038

    
1039
@roles("ganeti")
1040
def setup_image_helper():
1041
    debug(env.host, " * Updating helper image...")
1042
    cmd = """
1043
    snf-image-update-helper -y
1044
    """
1045
    try_run(cmd)
1046

    
1047

    
1048
@roles("ganeti")
1049
def setup_gtools():
1050
    debug(env.host, " * Setting up snf-cyclades-gtools...")
1051
    with settings(hide("everything")):
1052
        try_run("ping -c1 " + env.env.mq.ip)
1053
    setup_common()
1054
    install_package("snf-cyclades-gtools")
1055
    tmpl = "/etc/synnefo/gtools.conf"
1056
    replace = {
1057
        "synnefo_user": env.env.synnefo_user,
1058
        "synnefo_rabbitmq_passwd": env.env.synnefo_rabbitmq_passwd,
1059
        "mq_node": env.env.mq.ip,
1060
    }
1061
    custom = customize_settings_from_tmpl(tmpl, replace)
1062
    try_put(custom, tmpl)
1063

    
1064
    cmd = """
1065
    sed -i 's/false/true/' /etc/default/snf-ganeti-eventd
1066
    /etc/init.d/snf-ganeti-eventd start
1067
    """
1068
    try_run(cmd)
1069

    
1070

    
1071
@roles("ganeti")
1072
def setup_iptables():
1073
    debug(env.host, " * Setting up iptables to mangle DHCP requests...")
1074
    cmd = """
1075
    iptables -t mangle -A PREROUTING -i br+ -p udp -m udp --dport 67 \
1076
            -j NFQUEUE --queue-num 42
1077
    iptables -t mangle -A PREROUTING -i tap+ -p udp -m udp --dport 67 \
1078
            -j NFQUEUE --queue-num 42
1079
    iptables -t mangle -A PREROUTING -i prv+ -p udp -m udp --dport 67 \
1080
            -j NFQUEUE --queue-num 42
1081

1082
    ip6tables -t mangle -A PREROUTING -i br+ -p ipv6-icmp -m icmp6 \
1083
            --icmpv6-type 133 -j NFQUEUE --queue-num 43
1084
    ip6tables -t mangle -A PREROUTING -i br+ -p ipv6-icmp -m icmp6 \
1085
            --icmpv6-type 135 -j NFQUEUE --queue-num 44
1086
    """
1087
    try_run(cmd)
1088

    
1089

    
1090
@roles("ganeti")
1091
def setup_network():
1092
    debug(env.host,
1093
          "Setting up networking for Ganeti instances (nfdhcpd, etc.)...")
1094
    install_package("nfqueue-bindings-python")
1095
    install_package("nfdhcpd")
1096
    tmpl = "/etc/nfdhcpd/nfdhcpd.conf"
1097
    replace = {
1098
        "ns_node_ip": env.env.ns.ip
1099
    }
1100
    custom = customize_settings_from_tmpl(tmpl, replace)
1101
    try_put(custom, tmpl)
1102
    try_run("/etc/init.d/nfdhcpd restart")
1103

    
1104
    install_package("snf-network")
1105
    cmd = """
1106
sed -i 's/MAC_MASK.*/MAC_MASK = ff:ff:f0:00:00:00/' /etc/default/snf-network
1107
    """
1108
    try_run(cmd)
1109

    
1110

    
1111
@roles("router")
1112
def setup_router():
1113
    debug(env.host, " * Setting up internal router for NAT...")
1114
    cmd = """
1115
    echo 1 > /proc/sys/net/ipv4/ip_forward
1116
    iptables -t nat -A POSTROUTING -s {0} -o {3} -j MASQUERADE
1117
    ip addr add {1} dev {2}
1118
    ip route add {0} dev {2} src {1}
1119
    """.format(env.env.synnefo_public_network_subnet,
1120
               env.env.synnefo_public_network_gateway,
1121
               env.env.common_bridge, env.env.public_iface)
1122
    try_run(cmd)
1123

    
1124

    
1125
@roles("cyclades")
1126
def cyclades_loaddata():
1127
    debug(env.host, " * Loading initial data for cyclades...")
1128
    try_run("snf-manage flavor-create %s %s %s %s" % (env.env.flavor_cpu,
1129
                                                      env.env.flavor_ram,
1130
                                                      env.env.flavor_disk,
1131
                                                      env.env.flavor_storage))
1132
    #run("snf-manage loaddata flavors")
1133

    
1134

    
1135
@roles("cyclades")
1136
def setup_cyclades():
1137
    debug(env.host, "Setting up snf-cyclades-app...")
1138
    with settings(hide("everything")):
1139
        try_run("ping -c1 accounts." + env.env.domain)
1140
        try_run("ping -c1 " + env.env.db.ip)
1141
        try_run("ping -c1 " + env.env.mq.ip)
1142
    setup_gunicorn()
1143
    setup_apache()
1144
    setup_webproject()
1145
    install_package("memcached")
1146
    install_package("python-memcache")
1147
    install_package("snf-pithos-backend")
1148
    install_package("kamaki")
1149
    install_package("snf-cyclades-app")
1150
    install_package("python-django-south")
1151
    tmpl = "/etc/synnefo/cyclades.conf"
1152

    
1153
    with settings(host_string=env.env.accounts.ip):
1154
        service_id, service_token = get_service_details("cyclades")
1155

    
1156
    replace = {
1157
        "ACCOUNTS": env.env.accounts.fqdn,
1158
        "CYCLADES": env.env.cyclades.fqdn,
1159
        "mq_node": env.env.mq.ip,
1160
        "db_node": env.env.db.ip,
1161
        "synnefo_user": env.env.synnefo_user,
1162
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
1163
        "synnefo_rabbitmq_passwd": env.env.synnefo_rabbitmq_passwd,
1164
        "pithos_dir": env.env.pithos_dir,
1165
        "common_bridge": env.env.common_bridge,
1166
        "HOST": env.env.cyclades.ip,
1167
        "domain": env.env.domain,
1168
        "CYCLADES_SERVICE_TOKEN": service_token,
1169
        "proxy": env.env.cyclades.hostname == env.env.accounts.hostname
1170
        }
1171
    custom = customize_settings_from_tmpl(tmpl, replace)
1172
    try_put(custom, tmpl, mode=0644)
1173
    try_run("/etc/init.d/gunicorn restart")
1174

    
1175
    cmd = """
1176
    sed -i 's/false/true/' /etc/default/snf-dispatcher
1177
    /etc/init.d/snf-dispatcher start
1178
    """
1179
    try_run(cmd)
1180

    
1181
    try_run("snf-manage syncdb")
1182
    try_run("snf-manage migrate --delete-ghost-migrations")
1183

    
1184

    
1185
@roles("cyclades")
1186
def get_backend_id(cluster_name="ganeti1.synnefo.deploy.local"):
1187
    backend_id = try_run("snf-manage backend-list 2>/dev/null " +
1188
                         "| grep %s | awk '{print $1}'" % cluster_name)
1189
    return backend_id
1190

    
1191

    
1192
@roles("cyclades")
1193
def add_backend():
1194
    debug(env.host,
1195
          "adding %s ganeti backend to cyclades..." % env.env.cluster.fqdn)
1196
    with settings(hide("everything")):
1197
        try_run("ping -c1 " + env.env.cluster.fqdn)
1198
    cmd = """
1199
    snf-manage backend-add --clustername={0} --user={1} --pass={2}
1200
    """.format(env.env.cluster.fqdn, env.env.synnefo_user,
1201
               env.env.synnefo_rapi_passwd)
1202
    try_run(cmd)
1203
    backend_id = get_backend_id(env.env.cluster.fqdn)
1204
    try_run("snf-manage backend-modify --drained=False " + backend_id)
1205

    
1206

    
1207
@roles("cyclades")
1208
def pin_user_to_backend(user_email):
1209
    backend_id = get_backend_id(env.env.cluster.fqdn)
1210
    # pin user to backend
1211
    cmd = """
1212
cat <<EOF >> /etc/synnefo/cyclades.conf
1213

1214
BACKEND_PER_USER = {
1215
  '{0}': {1},
1216
}
1217

1218
EOF
1219
/etc/init.d/gunicorn restart
1220
""".format(user_email, backend_id)
1221
    try_run(cmd)
1222

    
1223

    
1224
@roles("cyclades")
1225
def add_pools():
1226
    debug(env.host,
1227
          " * Creating pools of resources (brigdes, mac prefixes) " +
1228
          "in cyclades...")
1229
    try_run("snf-manage pool-create --type=mac-prefix " +
1230
            "--base=aa:00:0 --size=65536")
1231
    try_run("snf-manage pool-create --type=bridge --base=prv --size=20")
1232

    
1233

    
1234
@roles("accounts", "cyclades", "pithos")
1235
def export_services():
1236
    debug(env.host, " * Exporting services...")
1237
    host = env.host
1238
    services = []
1239
    if host == env.env.cyclades.ip:
1240
        services.append("cyclades")
1241
    if host == env.env.pithos.ip:
1242
        services.append("pithos")
1243
    if host == env.env.accounts.ip:
1244
        services.append("astakos")
1245
    for service in services:
1246
        filename = "%s_services.json" % service
1247
        cmd = "snf-manage service-export-%s > %s" % (service, filename)
1248
        run(cmd)
1249
        try_get(filename, filename+".local")
1250

    
1251

    
1252
@roles("accounts")
1253
def import_services():
1254
    debug(env.host, " * Registering services to astakos...")
1255
    for service in ["cyclades", "pithos", "astakos"]:
1256
        filename = "%s_services.json" % service
1257
        try_put(filename + ".local", filename)
1258
        cmd = "snf-manage service-import --json=%s" % filename
1259
        run(cmd)
1260

    
1261
    debug(env.host, " * Setting default quota...")
1262
    cmd = """
1263
    snf-manage resource-modify --limit 40G pithos.diskspace
1264
    snf-manage resource-modify --limit 2 astakos.pending_app
1265
    snf-manage resource-modify --limit 4 cyclades.vm
1266
    snf-manage resource-modify --limit 40G cyclades.disk
1267
    snf-manage resource-modify --limit 16G cyclades.ram
1268
    snf-manage resource-modify --limit 8G cyclades.active_ram
1269
    snf-manage resource-modify --limit 32 cyclades.cpu
1270
    snf-manage resource-modify --limit 16 cyclades.active_cpu
1271
    snf-manage resource-modify --limit 4 cyclades.network.private
1272
    snf-manage resource-modify --limit 4 cyclades.floating_ip
1273
    """
1274
    try_run(cmd)
1275

    
1276

    
1277
@roles("cyclades")
1278
def add_network():
1279
    debug(env.host, " * Adding public network in cyclades...")
1280
    backend_id = get_backend_id(env.env.cluster.fqdn)
1281
    cmd = """
1282
    snf-manage network-create --subnet={0} --gateway={1} --public \
1283
        --dhcp=True --flavor={2} --mode=bridged --link={3} --name=Internet \
1284
        --backend-id={4}
1285
    """.format(env.env.synnefo_public_network_subnet,
1286
               env.env.synnefo_public_network_gateway,
1287
               env.env.synnefo_public_network_type,
1288
               env.env.common_bridge, backend_id)
1289
    try_run(cmd)
1290

    
1291

    
1292
@roles("cyclades")
1293
def setup_vncauthproxy():
1294
    debug(env.host, " * Setting up vncauthproxy...")
1295
    install_package("snf-vncauthproxy")
1296
    cmd = """
1297
    echo CHUID="www-data:nogroup" >> /etc/default/vncauthproxy
1298
    rm /var/log/vncauthproxy/vncauthproxy.log
1299
    """
1300
    try_run(cmd)
1301
    try_run("/etc/init.d/vncauthproxy restart")
1302

    
1303

    
1304
@roles("client")
1305
def setup_kamaki():
1306
    debug(env.host, "Setting up kamaki client...")
1307
    with settings(hide("everything")):
1308
        try_run("ping -c1 accounts." + env.env.domain)
1309
        try_run("ping -c1 cyclades." + env.env.domain)
1310
        try_run("ping -c1 pithos." + env.env.domain)
1311

    
1312
    with settings(host_string=env.env.db.ip):
1313
        uid, user_auth_token, user_uuid = \
1314
            get_auth_token_from_db(env.env.user_email)
1315

    
1316
    install_package("python-progress")
1317
    install_package("kamaki")
1318
    cmd = """
1319
    kamaki config set cloud.default.url "https://{0}/astakos/identity/v2.0/"
1320
    kamaki config set cloud.default.token {1}
1321
    """.format(env.env.accounts.fqdn, user_auth_token)
1322
    try_run(cmd)
1323
    try_run("kamaki file create images")
1324

    
1325

    
1326
@roles("client")
1327
def upload_image(image="debian_base.diskdump"):
1328
    debug(env.host, " * Uploading initial image to pithos...")
1329
    image = "debian_base.diskdump"
1330
    try_run("wget {0} -O /tmp/{1}".format(env.env.debian_base_url, image))
1331
    try_run("kamaki file upload --container images /tmp/{0} {0}".format(image))
1332

    
1333

    
1334
@roles("client")
1335
def register_image(image="debian_base.diskdump"):
1336
    debug(env.host, " * Register image to plankton...")
1337
    # with settings(host_string=env.env.db.ip):
1338
    #     uid, user_auth_token, user_uuid = \
1339
    #        get_auth_token_from_db(env.env.user_email)
1340

    
1341
    image_location = "images:{0}".format(image)
1342
    cmd = """
1343
    sleep 5
1344
    kamaki image register "Debian Base" {0} --public --disk-format=diskdump \
1345
            --property OSFAMILY=linux --property ROOT_PARTITION=1 \
1346
            --property description="Debian Squeeze Base System" \
1347
            --property size=450M --property kernel=2.6.32 \
1348
            --property GUI="No GUI" --property sortorder=1 \
1349
            --property USERS=root --property OS=debian
1350
    """.format(image_location)
1351
    try_run(cmd)
1352

    
1353

    
1354
@roles("client")
1355
def setup_burnin():
1356
    debug(env.host, "Setting up burnin testing tool...")
1357
    install_package("kamaki")
1358
    install_package("snf-tools")
1359

    
1360

    
1361
@roles("pithos")
1362
def add_image_locally():
1363
    debug(env.host,
1364
          " * Getting image locally in order snf-image to use it directly..")
1365
    image = "debian_base.diskdump"
1366
    try_run("wget {0} -O {1}/{2}".format(
1367
            env.env.debian_base_url, env.env.image_dir, image))
1368

    
1369

    
1370
@roles("master")
1371
def gnt_instance_add(name="test"):
1372
    debug(env.host, " * Adding test instance to Ganeti...")
1373
    osp = """img_passwd=gamwtosecurity,\
1374
img_format=diskdump,img_id=debian_base,\
1375
img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'"""
1376
    cmd = """
1377
    gnt-instance add  -o snf-image+default --os-parameters {0} \
1378
            -t plain --disk 0:size=1G --no-name-check --no-ip-check \
1379
            --net 0:ip=pool,network=test --no-install \
1380
            --hypervisor-parameters kvm:machine_version=pc-1.0 {1}
1381
    """.format(osp, name)
1382
    try_run(cmd)
1383

    
1384

    
1385
@roles("master")
1386
def gnt_network_add(name="test", subnet="10.0.0.0/26", gw="10.0.0.1",
1387
                    mode="bridged", link="br0"):
1388
    debug(env.host, " * Adding test network to Ganeti...")
1389
    cmd = """
1390
    gnt-network add --network={1} --gateway={2} {0}
1391
    gnt-network connect {0} {3} {4}
1392
    """.format(name, subnet, gw, mode, link)
1393
    try_run(cmd)
1394

    
1395

    
1396
@roles("ips")
1397
def test():
1398
    debug(env.host, "Testing...")
1399
    try_run("hostname && date")