Revision 3c3bccab
b/ci/schemas/one_node_wheezy/ganeti.conf | ||
---|---|---|
1 | 1 |
[ganeti1] |
2 |
cluster_nodes = node1
|
|
2 |
cluster_nodes = |
|
3 | 3 |
master_node = node1 |
4 | 4 |
|
5 | 5 |
cluster_netdev = eth0 |
b/ci/schemas/one_node_wheezy/nodes.conf | ||
---|---|---|
21 | 21 |
node1 = 52:54:00:00:00:01 |
22 | 22 |
# node2 = 52:54:00:00:00:02 |
23 | 23 |
|
24 |
[passwords] |
|
25 |
node1 = 12345 |
|
26 |
# node2 = 67890 |
|
27 |
|
|
24 | 28 |
[info] |
25 | 29 |
# Here we define which nodes from the predefined ones to use |
30 |
# comma separated node names e.g. node1,node2 |
|
26 | 31 |
nodes = node1 |
27 | 32 |
|
28 | 33 |
# login credentials for the nodes |
/dev/null | ||
---|---|---|
1 |
[debian] |
|
2 |
rabbitmq-server = squeeze-backports |
|
3 |
gunicorn = squeeze-backports |
|
4 |
qemu-kvm = squeeze-backports |
|
5 |
qemu = squeeze-backports |
|
6 |
python-gevent = squeeze-backports |
|
7 |
apache2 = |
|
8 |
postgresql = |
|
9 |
python-psycopg2 = |
|
10 |
python-argparse = |
|
11 |
nfs-kernel-server = squeeze-backports |
|
12 |
nfs-common = squeeze-backports |
|
13 |
bind9 = |
|
14 |
vlan = |
|
15 |
vlan = |
|
16 |
lvm2 = |
|
17 |
curl = |
|
18 |
memcached = |
|
19 |
python-memcache = |
|
20 |
bridge-utils = |
|
21 |
python-progress = |
|
22 |
ganeti-instance-debootstrap = |
|
23 |
python-django-south = squeeze-backports |
|
24 |
drbd8-utils = |
|
25 |
|
|
26 |
|
|
27 |
[synnefo] |
|
28 |
snf-astakos-app = squeeze |
|
29 |
snf-common = squeeze |
|
30 |
snf-cyclades-app = squeeze |
|
31 |
snf-cyclades-gtools = squeeze |
|
32 |
snf-django-lib = squeeze |
|
33 |
python-astakosclient = squeeze |
|
34 |
snf-branding = squeeze |
|
35 |
snf-webproject = squeeze |
|
36 |
snf-pithos-app = squeeze |
|
37 |
snf-pithos-backend = squeeze |
|
38 |
snf-tools = squeeze |
|
39 |
|
|
40 |
|
|
41 |
[ganeti] |
|
42 |
snf-ganeti = 2.6.2+ippool11+hotplug5+extstorage3+rbdfix1+kvmfix2+nolvm+netxen-1~squeeze |
|
43 |
ganeti-htools = 2.6.2+ippool11+hotplug5+extstorage3+rbdfix1+kvmfix2+nolvm+netxen-1~squeeze |
|
44 |
|
|
45 |
[other] |
|
46 |
snf-cloudcms = squeeze |
|
47 |
snf-vncauthproxy = squeeze |
|
48 |
snf-pithos-webclient = squeeze |
|
49 |
snf-image = squeeze |
|
50 |
snf-network = squeeze |
|
51 |
python-objpool = squeeze |
|
52 |
nfdhcpd = squeeze |
|
53 |
kamaki = squeeze |
|
54 |
python-bitarray = squeeze-backports |
|
55 |
nfqueue-bindings-python = 0.3+physindev-1 |
b/ci/schemas/one_node_wheezy/synnefo.conf | ||
---|---|---|
23 | 23 |
client = node1 |
24 | 24 |
router = node1 |
25 | 25 |
stats = node1 |
26 |
nfs = node1 |
|
26 | 27 |
|
27 | 28 |
|
28 | 29 |
[synnefo] |
b/ci/schemas/one_node_wheezy/wheezy.conf | ||
---|---|---|
24 | 24 |
python-django = |
25 | 25 |
drbd8-utils = |
26 | 26 |
collectd = |
27 |
dnsutils = |
|
27 | 28 |
|
28 | 29 |
|
29 | 30 |
[synnefo] |
... | ... | |
45 | 46 |
snf-ganeti = wheezy |
46 | 47 |
ganeti-htools = wheezy |
47 | 48 |
ganeti-haskell = wheezy |
49 |
ganeti2 = wheezy |
|
48 | 50 |
|
49 | 51 |
|
50 | 52 |
[other] |
51 | 53 |
snf-cloudcms = wheezy |
52 |
snf-vncauthproxy = unstable
|
|
54 |
snf-vncauthproxy = wheezy
|
|
53 | 55 |
snf-pithos-webclient = wheezy |
54 | 56 |
snf-image = wheezy |
55 | 57 |
snf-network = wheezy |
b/ci/utils.py | ||
---|---|---|
893 | 893 |
self.logger.debug("Change password in nodes.conf file") |
894 | 894 |
cmd = """ |
895 | 895 |
sed -i 's/^password =.*/password = {0}/' /etc/snf-deploy/nodes.conf |
896 |
sed -i 's/12345/{0}/' /etc/snf-deploy/nodes.conf |
|
896 | 897 |
""".format(fabric.env.password) |
897 | 898 |
_run(cmd, False) |
898 | 899 |
|
b/snf-deploy/COPYRIGHT | ||
---|---|---|
1 |
Copyright (C) 2010, 2011, 2012, 2013 GRNET S.A. All rights reserved. |
|
2 |
|
|
3 |
Redistribution and use in source and binary forms, with or |
|
4 |
without modification, are permitted provided that the following |
|
5 |
conditions are met: |
|
6 |
|
|
7 |
1. Redistributions of source code must retain the above |
|
8 |
copyright notice, this list of conditions and the following |
|
9 |
disclaimer. |
|
10 |
|
|
11 |
2. Redistributions in binary form must reproduce the above |
|
12 |
copyright notice, this list of conditions and the following |
|
13 |
disclaimer in the documentation and/or other materials |
|
14 |
provided with the distribution. |
|
15 |
|
|
16 |
THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A. OR |
|
20 |
CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
POSSIBILITY OF SUCH DAMAGE. |
|
28 |
|
|
29 |
The views and conclusions contained in the software and |
|
30 |
documentation are those of the authors and should not be |
|
31 |
interpreted as representing official policies, either expressed |
|
32 |
or implied, of GRNET S.A. |
b/snf-deploy/conf/ganeti.conf | ||
---|---|---|
1 | 1 |
[ganeti1] |
2 |
cluster_nodes = node1
|
|
2 |
cluster_nodes = |
|
3 | 3 |
master_node = node1 |
4 | 4 |
|
5 | 5 |
cluster_netdev = eth0 |
... | ... | |
8 | 8 |
|
9 | 9 |
vg = autovg |
10 | 10 |
|
11 |
synnefo_public_network_subnet = 10.0.1.0/24
|
|
12 |
synnefo_public_network_gateway = 10.0.1.1
|
|
11 |
synnefo_public_network_subnet = 10.2.1.0/24
|
|
12 |
synnefo_public_network_gateway = 10.2.1.1
|
|
13 | 13 |
synnefo_public_network_type = CUSTOM |
14 | 14 |
|
15 | 15 |
image_dir = /srv/okeanos |
b/snf-deploy/conf/nodes.conf | ||
---|---|---|
4 | 4 |
domain = synnefo.live |
5 | 5 |
|
6 | 6 |
[os] |
7 |
node1 = squeeze
|
|
7 |
node1 = wheezy
|
|
8 | 8 |
# node2 = wheezy |
9 | 9 |
|
10 | 10 |
[hostnames] |
... | ... | |
21 | 21 |
node1 = 52:54:00:00:00:01 |
22 | 22 |
# node2 = 52:54:00:00:00:02 |
23 | 23 |
|
24 |
[passwords] |
|
25 |
node1 = 12345 |
|
26 |
# node2 = 67890 |
|
27 |
|
|
24 | 28 |
[info] |
25 | 29 |
# Here we define which nodes from the predefined ones to use |
30 |
# comma separated node names e.g. node1,node2 |
|
26 | 31 |
nodes = node1 |
27 | 32 |
|
28 | 33 |
# login credentials for the nodes |
/dev/null | ||
---|---|---|
1 |
[debian] |
|
2 |
rabbitmq-server = squeeze-backports |
|
3 |
gunicorn = squeeze-backports |
|
4 |
qemu-kvm = squeeze-backports |
|
5 |
qemu = squeeze-backports |
|
6 |
python-gevent = squeeze-backports |
|
7 |
apache2 = |
|
8 |
postgresql = |
|
9 |
python-psycopg2 = |
|
10 |
python-argparse = |
|
11 |
nfs-kernel-server = squeeze-backports |
|
12 |
nfs-common = squeeze-backports |
|
13 |
bind9 = |
|
14 |
vlan = |
|
15 |
vlan = |
|
16 |
lvm2 = |
|
17 |
curl = |
|
18 |
memcached = |
|
19 |
python-memcache = |
|
20 |
bridge-utils = |
|
21 |
python-progress = |
|
22 |
ganeti-instance-debootstrap = |
|
23 |
python-django-south = squeeze-backports |
|
24 |
python-django = squeeze-backports |
|
25 |
drbd8-utils = |
|
26 |
|
|
27 |
|
|
28 |
[synnefo] |
|
29 |
snf-astakos-app = squeeze |
|
30 |
snf-common = squeeze |
|
31 |
snf-cyclades-app = squeeze |
|
32 |
snf-cyclades-gtools = squeeze |
|
33 |
snf-django-lib = squeeze |
|
34 |
python-astakosclient = squeeze |
|
35 |
snf-branding = squeeze |
|
36 |
snf-webproject = squeeze |
|
37 |
snf-pithos-app = squeeze |
|
38 |
snf-pithos-backend = squeeze |
|
39 |
snf-tools = squeeze |
|
40 |
|
|
41 |
|
|
42 |
[ganeti] |
|
43 |
snf-ganeti = 2.6.2+ippool11+hotplug5+extstorage3+rbdfix1+kvmfix2+nolvm+netxen-1~squeeze |
|
44 |
ganeti-htools = 2.6.2+ippool11+hotplug5+extstorage3+rbdfix1+kvmfix2+nolvm+netxen-1~squeeze |
|
45 |
|
|
46 |
[other] |
|
47 |
snf-cloudcms = squeeze |
|
48 |
snf-vncauthproxy = squeeze |
|
49 |
snf-pithos-webclient = squeeze |
|
50 |
snf-image = squeeze |
|
51 |
snf-network = squeeze |
|
52 |
python-objpool = squeeze |
|
53 |
nfdhcpd = squeeze |
|
54 |
kamaki = squeeze |
|
55 |
python-bitarray = squeeze-backports |
|
56 |
nfqueue-bindings-python = 0.3+physindev-1 |
|
57 |
|
b/snf-deploy/conf/synnefo.conf | ||
---|---|---|
23 | 23 |
client = node1 |
24 | 24 |
router = node1 |
25 | 25 |
stats = node1 |
26 |
nfs = node1 |
|
26 | 27 |
|
27 | 28 |
|
28 | 29 |
[synnefo] |
b/snf-deploy/conf/wheezy.conf | ||
---|---|---|
24 | 24 |
python-django = |
25 | 25 |
drbd8-utils = |
26 | 26 |
collectd = |
27 |
dnsutils = |
|
27 | 28 |
|
28 | 29 |
|
29 | 30 |
[synnefo] |
... | ... | |
45 | 46 |
snf-ganeti = wheezy |
46 | 47 |
ganeti-htools = wheezy |
47 | 48 |
ganeti-haskell = wheezy |
49 |
ganeti2 = wheezy |
|
50 |
|
|
48 | 51 |
|
49 | 52 |
[other] |
50 | 53 |
snf-cloudcms = wheezy |
b/snf-deploy/files/etc/bind/named.conf.local | ||
---|---|---|
6 | 6 |
// organization |
7 | 7 |
//include "/etc/bind/zones.rfc1918"; |
8 | 8 |
|
9 |
include "/etc/bind/ddns.key"; |
|
10 |
|
|
11 |
// all synnefo components share the same domain/zone |
|
9 | 12 |
zone "%DOMAIN%" in { |
10 | 13 |
type master; |
14 |
notify no; |
|
11 | 15 |
file "/etc/bind/zones/%DOMAIN%"; |
16 |
allow-update { key DDNS_UPDATE; }; |
|
17 |
}; |
|
18 |
|
|
19 |
# domain/zone for the VMs |
|
20 |
zone "vm.%DOMAIN%" in { |
|
21 |
type master; |
|
22 |
notify no; |
|
23 |
file "/etc/bind/zones/vm.%DOMAIN%"; |
|
24 |
allow-update { key DDNS_UPDATE; }; |
|
12 | 25 |
}; |
13 | 26 |
|
27 |
// reverse dns zone for all IPs |
|
14 | 28 |
zone "in-addr.arpa" in { |
15 | 29 |
type master; |
30 |
notify no; |
|
16 | 31 |
file "/etc/bind/rev/synnefo.in-addr.arpa.zone"; |
32 |
allow-update { key DDNS_UPDATE; }; |
|
17 | 33 |
}; |
34 |
|
|
35 |
// v6 reverse dns zone for all IPs |
|
36 |
zone "ip6.arpa" in { |
|
37 |
type master; |
|
38 |
notify no; |
|
39 |
file "/etc/bind/rev/synnefo.ip6.arpa.zone"; |
|
40 |
allow-update { key DDNS_UPDATE; }; |
|
41 |
}; |
|
42 |
|
b/snf-deploy/files/etc/bind/rev/synnefo.ip6.arpa.zone | ||
---|---|---|
1 |
$TTL 86400 |
|
2 |
$ORIGIN ip6.arpa. |
|
3 |
@ IN SOA ns.%DOMAIN%. admin.%DOMAIN%. ( |
|
4 |
2012070900; the Serial Number |
|
5 |
172800; the Refresh Rate |
|
6 |
7200; the Retry Time |
|
7 |
604800; the Expiration Time |
|
8 |
3600) ; the Minimum Time |
|
9 |
|
|
10 |
@ IN NS ns.%DOMAIN%. |
|
11 |
|
b/snf-deploy/files/etc/bind/synnefo.ip6.arpa.zone | ||
---|---|---|
1 |
$ORIGIN . |
|
2 |
$TTL 86400 ; 1 day |
|
3 |
ip6.arpa IN SOA ns.vm.qa.live. admin.vm.qa.live. ( |
|
4 |
2012071070 ; serial |
|
5 |
172800 ; refresh (2 days) |
|
6 |
7200 ; retry (2 hours) |
|
7 |
604800 ; expire (1 week) |
|
8 |
3600 ; minimum (1 hour) |
|
9 |
) |
|
10 |
NS ns.vm.qa.live. |
b/snf-deploy/files/etc/bind/zones/vm.example.com | ||
---|---|---|
1 |
$TTL 14400 |
|
2 |
$origin vm.%DOMAIN%. |
|
3 |
@ IN SOA ns.vm.%DOMAIN%. admin.vm.%DOMAIN%. ( |
|
4 |
2012111903; the Serial Number |
|
5 |
172800; the Refresh Rate |
|
6 |
7200; the Retry Time |
|
7 |
604800; the Expiration Time |
|
8 |
3600; the Minimum Time |
|
9 |
) |
|
10 |
|
|
11 |
@ IN NS ns.vm.%DOMAIN%. |
|
12 |
@ IN A %NS_NODE_IP% |
|
13 |
ns IN A %NS_NODE_IP% |
b/snf-deploy/files/etc/default/snf-image | ||
---|---|---|
8 | 8 |
|
9 | 9 |
# IMAGE_DIR: directory location for disk images |
10 | 10 |
# IMAGE_DIR="/var/lib/snf-image" |
11 |
IMAGE_DIR=%IMAGE_DIR% |
|
12 | 11 |
|
13 | 12 |
# IMAGE_DEBUG: turn on debugging output for the scripts |
14 | 13 |
# IMAGE_DEBUG=no |
... | ... | |
43 | 42 |
# for days. |
44 | 43 |
# HELPER_SOFT_TIMEOUT="20" |
45 | 44 |
# HELPER_HARD_TIMEOUT="5" |
46 |
HELPER_SOFT_TIMEOUT=100 |
|
47 | 45 |
|
48 | 46 |
# HELPER_USER: For security reasons, it is recommended that the helper VM |
49 | 47 |
# runs as an unprivileged user. KVM drops root privileges and runs as |
... | ... | |
60 | 58 |
|
61 | 59 |
# PITHOS_DB: Pithos database in SQLAlchemy format |
62 | 60 |
# PITHOS_DB="sqlite:////var/lib/pithos/backend.db" |
63 |
PITHOS_DB=postgresql://%SYNNEFO_USER%:%SYNNEFO_DB_PASSWD%@%DB_NODE%:5432/snf_pithos |
|
64 | 61 |
|
65 | 62 |
# PITHOS_DATA: Directory where pithos data are hosted |
66 | 63 |
# PITHOS_DATA="/var/lib/pithos/data" |
67 |
PITHOS_DATA=%PITHOS_DIR%/data |
|
68 | 64 |
|
69 | 65 |
# PROGRESS_MONITOR: External program that monitors the progress of the image |
70 | 66 |
# deployment. The snf-image monitor messages will be redirected to the standard |
71 | 67 |
# input of this program. |
72 | 68 |
# PROGRESS_MONITOR="" |
73 |
PROGRESS_MONITOR=snf-progress-monitor |
|
74 | 69 |
|
75 | 70 |
# UNATTEND: This variables overwrites the unattend.xml file used when deploying |
76 | 71 |
# a windows image. snf-image-helper will use its own unattend.xml file if this |
... | ... | |
87 | 82 |
# INSTALL_MBR="install-mbr" |
88 | 83 |
# TIMELIMIT="timelimit" |
89 | 84 |
# CURL="curl" |
85 |
IMAGE_DIR=%IMAGE_DIR% |
|
86 |
HELPER_SOFT_TIMEOUT=100 |
|
87 |
PITHOS_DB=postgresql://%SYNNEFO_USER%:%SYNNEFO_DB_PASSWD%@%DB_NODE%:5432/snf_pithos |
|
88 |
PITHOS_DATA=%PITHOS_DIR%/data |
|
89 |
PROGRESS_MONITOR=snf-progress-monitor |
|
90 | 90 |
CURL="curl -k" |
b/snf-deploy/files/etc/default/snf-network | ||
---|---|---|
1 |
MAC_MASK=ff:ff:f0:00:00:00 |
|
2 |
|
|
3 |
TAP_CONSTANT_MAC=cc:47:52:4e:45:54 # GRNET in hex :-) |
|
4 |
MAC2EUI64=/usr/bin/mac2eui64 |
|
5 |
NFDHCPD_STATE_DIR=/var/lib/nfdhcpd |
|
6 |
GANETI_NIC_DIR=/var/run/ganeti/xen-hypervisor/nic |
|
7 |
|
|
8 |
MAC_FILTERED_TAG=private-filtered |
|
9 |
NFDHCPD_TAG=nfdhcpd |
|
10 |
IP_LESS_ROUTED_TAG=ip-less-routed |
|
11 |
MASQ_TAG=masq |
|
12 |
PUBLIC_TAG=public |
|
13 |
DNS_TAG=public |
|
14 |
|
|
15 |
# Default options for runlocked helper script (uncomment to modify) |
|
16 |
#RUNLOCKED_OPTS="--id 10001 --retry-sec 0.5" |
|
17 |
|
|
18 |
# NS options needed by nsupdate |
|
19 |
# A proper bind configuration is a prerequisite |
|
20 |
# Please see: https://wiki.debian.org/DDNS |
|
21 |
# If one of the following vars are not set dnshook wont do a thing |
|
22 |
# Name server IP/FQDN |
|
23 |
SERVER=%SERVER% |
|
24 |
# zone for the vms |
|
25 |
FZONE=vm.%DOMAIN% |
|
26 |
# keyfile path to pass to nsupdate with -k option |
|
27 |
# see man page for more info |
|
28 |
KEYFILE=%KEYFILE% |
b/snf-deploy/files/etc/ganeti/file-storage-paths | ||
---|---|---|
1 |
/srv/ganeti/file-storage |
|
2 |
/srv/ganeti/shared-file-storage |
b/snf-deploy/files/etc/gunicorn.d/synnefo | ||
---|---|---|
8 | 8 |
'group': 'www-data', |
9 | 9 |
'args': ( |
10 | 10 |
'--bind=127.0.0.1:8080', |
11 |
'--workers=8',
|
|
11 |
'--workers=6',
|
|
12 | 12 |
'--worker-class=gevent', |
13 | 13 |
# '--worker-class=sync', |
14 | 14 |
'--log-level=debug', |
b/snf-deploy/files/etc/rc.local | ||
---|---|---|
1 |
#!/bin/bash |
|
2 |
|
|
3 |
brctl addbr %COMMON_BRIDGE% |
|
4 |
ip link set %COMMON_BRIDGE% up |
|
5 |
|
|
6 |
iptables -t mangle -A PREROUTING -i %COMMON_BRIDGE% -p udp -m udp --dport 67 -j NFQUEUE --queue-num 42 |
|
7 |
|
|
8 |
if [ %ROUTER_IP% == %NODE_IP% ]; then |
|
9 |
iptables -t nat -A POSTROUTING -o %PUBLIC_IFACE% -s %SUBNET% -j MASQUERADE |
|
10 |
echo 1 > /proc/sys/net/ipv4/ip_forward |
|
11 |
ip addr add %GATEWAY% dev %COMMON_BRIDGE% |
|
12 |
ip route add %SUBNET% dev %COMMON_BRIDGE% src %GATEWAY% |
|
13 |
fi |
|
14 |
|
|
15 |
exit 0 |
b/snf-deploy/files/etc/resolv.conf | ||
---|---|---|
1 |
# This has been generated automatically by snf-deploy, at %DATE% |
|
2 |
# The immutable bit (+i attribute) has been used to avoid it being |
|
3 |
# overwritten by software such as NetworkManager or resolvconf. |
|
4 |
# Use lsattr/chattr to view or modify its file attributes. |
|
1 | 5 |
domain %DOMAIN% |
2 | 6 |
search %DOMAIN% |
3 | 7 |
nameserver %NS_NODE_IP% |
b/snf-deploy/files/etc/synnefo/cyclades.conf | ||
---|---|---|
2 | 2 |
PUBLIC_USE_POOL = True |
3 | 3 |
DEFAULT_MAC_FILTERED_BRIDGE = '%COMMON_BRIDGE%' |
4 | 4 |
|
5 |
CUSTOM_BRIDGED_BRIDGE = '%COMMON_BRIDGE%'
|
|
5 |
DEFAULT_BRIDGE = '%COMMON_BRIDGE%'
|
|
6 | 6 |
|
7 | 7 |
MAX_VMS_PER_USER = 5 |
8 | 8 |
VMS_USER_QUOTA = { |
b/snf-deploy/files/tmp/page.json | ||
---|---|---|
1 | 1 |
[ |
2 | 2 |
{ |
3 | 3 |
"fields": { |
4 |
"_cached_url": "/", |
|
4 |
"_cached_url": "/home/",
|
|
5 | 5 |
"_content_title": "", |
6 | 6 |
"_page_title": "", |
7 | 7 |
"active": true, |
... | ... | |
14 | 14 |
"meta_keywords": "", |
15 | 15 |
"modification_date": "2012-11-16 14:52:19", |
16 | 16 |
"navigation_extension": null, |
17 |
"override_url": "/", |
|
17 |
"override_url": "/home/",
|
|
18 | 18 |
"parent": null, |
19 | 19 |
"publication_date": "2012-11-16 14:50:00", |
20 | 20 |
"publication_end_date": null, |
21 | 21 |
"redirect_to": "", |
22 | 22 |
"rght": 2, |
23 | 23 |
"site": 1, |
24 |
"slug": "okeanos",
|
|
24 |
"slug": "synnefo",
|
|
25 | 25 |
"symlinked_page": null, |
26 | 26 |
"template_key": "twocolwide", |
27 |
"title": "Okeanos",
|
|
27 |
"title": "Synnefo",
|
|
28 | 28 |
"translation_of": null, |
29 | 29 |
"tree_id": 1 |
30 | 30 |
}, |
... | ... | |
36 | 36 |
"ordering": 0, |
37 | 37 |
"parent": 1, |
38 | 38 |
"region": "main", |
39 |
"text": "Welcome to Okeanos!!\r\n\r\n"
|
|
39 |
"text": "Welcome to Synnefo!!\r\n\r\n"
|
|
40 | 40 |
}, |
41 | 41 |
"model": "page.rawcontent", |
42 | 42 |
"pk": 1 |
b/snf-deploy/files/tmp/sites.json | ||
---|---|---|
3 | 3 |
"pk": 1, |
4 | 4 |
"model": "sites.site", |
5 | 5 |
"fields": { |
6 |
"domain": "okeanos.grnet.gr",
|
|
7 |
"name": "okeanos.grnet.gr"
|
|
6 |
"domain": "%DOMAIN%",
|
|
7 |
"name": "%DOMAIN%"
|
|
8 | 8 |
} |
9 | 9 |
} |
10 | 10 |
] |
b/snf-deploy/snfdeploy/__init__.py | ||
---|---|---|
1 |
# Copyright (C) 2010, 2011, 2012, 2013 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A. OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
1 | 34 |
import time |
2 | 35 |
import os |
3 | 36 |
import argparse |
... | ... | |
5 | 38 |
import re |
6 | 39 |
import random |
7 | 40 |
import ast |
41 |
import glob |
|
8 | 42 |
from snfdeploy.lib import check_pidfile, create_dir, get_default_route, \ |
9 |
random_mac, Conf, Env |
|
10 |
from snfdeploy import fabfile |
|
43 |
random_mac, Conf, Env, Status |
|
44 |
# from snfdeploy import fabfile |
|
45 |
from snfdeploy import fabfile2 as fabfile |
|
11 | 46 |
from fabric.api import hide, settings, execute, show |
12 | 47 |
|
13 | 48 |
|
... | ... | |
35 | 70 |
|
36 | 71 |
""" |
37 | 72 |
|
38 |
if command == "prepare": |
|
39 |
print """ |
|
40 |
Usage: snf-deploy prepare |
|
41 |
|
|
42 |
Run the following actions concerning deployment preparation: |
|
43 |
|
|
44 |
- Setup an internal Domain Name Server |
|
45 |
- Tweak hosts and add ssh keys |
|
46 |
- Check network setup |
|
47 |
- Setup apt repository and apt-get update |
|
48 |
- Setup the nfs server and clients among all nodes |
|
49 |
|
|
50 |
""" |
|
51 |
|
|
52 | 73 |
if command == "backend": |
53 | 74 |
print """ |
54 |
Usage: snf-deploy backend [update]
|
|
75 |
Usage: snf-deploy backend |
|
55 | 76 |
|
56 | 77 |
Run the following actions concerning a ganeti backend: |
57 | 78 |
|
58 | 79 |
- Create and add a backend to cyclades |
59 |
- Does all the net-infra specific actions in backend nodes |
|
60 |
(create/connect bridges, iptables..) |
|
61 |
- Does all the storage-infra specific actions in backend nodes |
|
62 |
depending on the --extra-disk option \ |
|
63 |
(create VG, enable lvm/drbd storage..) |
|
64 |
|
|
65 |
or |
|
66 |
|
|
67 |
- Update packages in an already registered backend in cyclades. |
|
68 | 80 |
|
69 | 81 |
""" |
70 | 82 |
|
... | ... | |
74 | 86 |
|
75 | 87 |
Run any of the following fabric commands: |
76 | 88 |
|
89 |
Role setup: |
|
90 |
|
|
91 |
setup_ns_role |
|
92 |
setup_nfs_role |
|
93 |
setup_db_role |
|
94 |
setup_mq_role |
|
95 |
setup_astakos_role |
|
96 |
setup_pithos_role |
|
97 |
setup_cyclades_role |
|
98 |
setup_cms_role |
|
99 |
setup_ganeti_role |
|
100 |
setup_master_role |
|
101 |
setup_stats_role |
|
102 |
setup_client_role |
|
103 |
|
|
104 |
Helper commands: |
|
105 |
|
|
106 |
update_env_with_user_info |
|
107 |
update_env_with_service_info |
|
108 |
update_env_with_backend_info |
|
77 | 109 |
|
78 |
Setup commands: Init commands: Admin commands: |
|
79 |
setup_apache add_pools activate_user |
|
80 |
setup_apt add_rapi_user add_backend |
|
81 |
setup_astakos add_nodes add_image_locally |
|
82 |
setup_cms astakos_loaddata add_network |
|
83 |
setup_collectd |
|
84 |
setup_common astakos_register_components add_ns |
|
85 |
setup_cyclades cms_loaddata add_user |
|
86 |
setup_db cyclades_loaddata connect_bridges |
|
87 |
setup_ganeti enable_drbd create_bridges |
|
88 |
setup_ganeti_collectd |
|
89 |
setup_gtools init_cluster create_vlans |
|
90 |
setup_gunicorn setup_nfs_clients destroy_db |
|
91 |
setup_hosts setup_nfs_server \ |
|
92 |
get_auth_token_from_db |
|
93 |
setup_image_helper update_ns_for_ganeti get_service_details |
|
94 |
setup_image_host astakos_register_pithos_view gnt_instance_add |
|
95 |
setup_iptables gnt_network_add |
|
96 |
setup_kamaki Test commands: register_image |
|
97 |
setup_lvm test restart_services |
|
98 |
setup_mq setup_drbd_dparams |
|
99 |
setup_net_infra |
|
100 |
setup_network |
|
101 |
setup_ns |
|
102 |
setup_pithos |
|
103 |
setup_pithos_dir |
|
104 |
setup_router |
|
105 |
setup_stats |
|
106 |
setup_stats_collectd |
|
107 |
setup_vncauthproxy |
|
108 |
setup_webproject |
|
110 |
Admin commands: |
|
111 |
|
|
112 |
update_ns_for_node |
|
113 |
update_exports_for_node |
|
114 |
allow_db_access |
|
115 |
add_ganeti_backend |
|
116 |
add_synnefo_user |
|
117 |
activate_user |
|
118 |
set_default_quota |
|
119 |
add_public_networks |
|
120 |
add_image |
|
121 |
|
|
122 |
|
|
123 |
Custom command: |
|
124 |
|
|
125 |
setup --node NODE [--role ROLE | --method METHOD --component COMPONENT] |
|
109 | 126 |
|
110 | 127 |
""" |
111 | 128 |
|
... | ... | |
216 | 233 |
|
217 | 234 |
|
218 | 235 |
def image(args, env): |
236 |
#FIXME: Create a clean wheezy image and use it for vcluster |
|
219 | 237 |
if env.os == "ubuntu": |
220 | 238 |
url = env.ubuntu_image_url |
221 | 239 |
else: |
... | ... | |
270 | 288 |
if nodes: |
271 | 289 |
ips = [env.nodes_info[n].ip for n in nodes] |
272 | 290 |
|
273 |
fabfile.setup_env(args) |
|
291 |
fabfile.setup_env(args, env)
|
|
274 | 292 |
with settings(hide(*lhide), show(*lshow)): |
275 | 293 |
print " ".join(actions) |
276 | 294 |
for a in actions: |
277 | 295 |
fn = getattr(fabfile, a) |
278 |
if not args.dry_run: |
|
279 |
if nodes: |
|
280 |
execute(fn, hosts=ips) |
|
281 |
else: |
|
282 |
execute(fn) |
|
296 |
if nodes: |
|
297 |
execute(fn, hosts=ips) |
|
298 |
else: |
|
299 |
execute(fn) |
|
283 | 300 |
|
284 | 301 |
|
285 | 302 |
def cluster(args, env): |
... | ... | |
379 | 396 |
"console or not") |
380 | 397 |
parser.add_argument("--force", dest="force", |
381 | 398 |
default=False, action="store_true", |
382 |
help="Force the creation of new ssh key pairs") |
|
399 |
help="Force things (creation of key pairs" |
|
400 |
" do not abort execution if something fails") |
|
383 | 401 |
|
384 | 402 |
parser.add_argument("-i", "--ssh-key", dest="ssh_key", |
385 | 403 |
default=None, |
... | ... | |
399 | 417 |
default=None, |
400 | 418 |
help="The node to add to the existing cluster") |
401 | 419 |
|
420 |
# options related to custom setup |
|
421 |
parser.add_argument("--component", dest="component", |
|
422 |
default=None, |
|
423 |
help="The component class") |
|
424 |
|
|
425 |
parser.add_argument("--method", dest="method", |
|
426 |
default=None, |
|
427 |
help="The component method") |
|
428 |
|
|
429 |
parser.add_argument("--role", dest="role", |
|
430 |
default=None, |
|
431 |
help="The target node's role") |
|
432 |
|
|
433 |
parser.add_argument("--node", dest="node", |
|
434 |
default="node1", |
|
435 |
help="The target node") |
|
436 |
|
|
402 | 437 |
# available commands |
403 | 438 |
parser.add_argument("command", type=str, |
404 |
choices=["packages", "vcluster", "prepare", |
|
405 |
"synnefo", "backend", "ganeti", |
|
406 |
"run", "cleanup", "test", |
|
407 |
"all", "add", "keygen"], |
|
439 |
choices=["packages", "vcluster", "cleanup", |
|
440 |
"run", "test", "all", "keygen"], |
|
408 | 441 |
help="Run on of the supported deployment commands") |
409 | 442 |
|
410 | 443 |
# available actions for the run command |
... | ... | |
421 | 454 |
|
422 | 455 |
def get_actions(*args): |
423 | 456 |
actions = { |
424 |
# prepare actions |
|
425 |
"ns": ["setup_ns", "setup_resolv_conf"], |
|
426 |
"hosts": ["setup_hosts", "add_keys"], |
|
427 |
"check": ["check_dhcp", "check_dns", |
|
428 |
"check_connectivity", "check_ssh"], |
|
429 |
"apt": ["apt_get_update", "setup_apt"], |
|
430 |
"nfs": ["setup_nfs_server", "setup_nfs_clients"], |
|
431 |
"prepare": [ |
|
432 |
"setup_hosts", "add_keys", |
|
433 |
"setup_ns", "setup_resolv_conf", |
|
434 |
"check_dhcp", "check_dns", "check_connectivity", "check_ssh", |
|
435 |
"apt_get_update", "setup_apt", |
|
436 |
"setup_nfs_server", "setup_nfs_clients" |
|
437 |
], |
|
438 |
# synnefo actions |
|
439 |
"synnefo": [ |
|
440 |
"setup_mq", "setup_db", |
|
441 |
"setup_astakos", |
|
442 |
#TODO: astakos-quota fails if no user is added. |
|
443 |
# add_user fails if no groups found |
|
444 |
"astakos_loaddata", "add_user", "activate_user", |
|
445 |
"astakos_register_components", |
|
446 |
"astakos_register_pithos_view", |
|
447 |
"setup_cms", "cms_loaddata", |
|
448 |
"setup_pithos", |
|
449 |
"setup_vncauthproxy", |
|
450 |
"setup_cyclades", "cyclades_loaddata", "add_pools", |
|
451 |
"export_services", "import_services", "set_user_quota", |
|
452 |
"setup_kamaki", "upload_image", "register_image", |
|
453 |
"setup_burnin", |
|
454 |
"setup_stats" |
|
455 |
], |
|
456 |
"supdate": [ |
|
457 |
"apt_get_update", "setup_astakos", |
|
458 |
"setup_cms", "setup_pithos", "setup_cyclades" |
|
459 |
], |
|
460 |
# backend actions |
|
461 | 457 |
"backend": [ |
462 |
"setup_hosts", |
|
463 |
"update_ns_for_ganeti", |
|
464 |
"setup_ganeti", "init_cluster", |
|
465 |
"add_rapi_user", "add_nodes", |
|
466 |
"setup_image_host", "setup_image_helper", |
|
467 |
"setup_network", |
|
468 |
"setup_gtools", "add_backend", "add_network", |
|
469 |
"setup_lvm", "enable_lvm", |
|
470 |
"enable_drbd", "setup_drbd_dparams", |
|
471 |
"setup_net_infra", "setup_iptables", "setup_router", |
|
472 |
], |
|
473 |
"bstorage": [ |
|
474 |
"setup_lvm", "enable_lvm", |
|
475 |
"enable_drbd", "setup_drbd_dparams" |
|
458 |
"setup_master_role", |
|
459 |
"setup_ganeti_role", |
|
460 |
"add_ganeti_backend", |
|
476 | 461 |
], |
477 |
"bnetwork": ["setup_net_infra", "setup_iptables", "setup_router"], |
|
478 |
"bupdate": [ |
|
479 |
"apt_get_update", "setup_ganeti", "setup_image_host", |
|
480 |
"setup_image_helper", "setup_network", "setup_gtools" |
|
481 |
], |
|
482 |
# ganeti actions |
|
483 | 462 |
"ganeti": [ |
484 |
"update_ns_for_ganeti", |
|
485 |
"setup_ganeti", "init_cluster", "add_nodes", |
|
486 |
"setup_image_host", "setup_image_helper", "add_image_locally", |
|
487 |
"debootstrap", "setup_net_infra", |
|
488 |
"setup_lvm", "enable_lvm", "enable_drbd", "setup_drbd_dparams", |
|
489 |
"setup_ganeti_collectd" |
|
463 |
"setup_ns_role", |
|
464 |
"setup_nfs_role", |
|
465 |
"setup_master_role", |
|
466 |
"setup_ganeti_role", |
|
467 |
], |
|
468 |
"all": [ |
|
469 |
"setup_ns_role", |
|
470 |
"setup_nfs_role", |
|
471 |
"setup_db_role", |
|
472 |
"setup_mq_role", |
|
473 |
"setup_astakos_role", |
|
474 |
"setup_pithos_role", |
|
475 |
"setup_cyclades_role", |
|
476 |
"setup_cms_role", |
|
477 |
"setup_master_role", |
|
478 |
"setup_ganeti_role", |
|
479 |
"setup_stats_role", |
|
480 |
"set_default_quota", |
|
481 |
"add_ganeti_backend", |
|
482 |
"add_public_networks", |
|
483 |
"add_synnefo_user", |
|
484 |
"activate_user", |
|
485 |
"setup_client_role", |
|
486 |
"add_image", |
|
490 | 487 |
], |
491 |
"gupdate": ["setup_apt", "setup_ganeti"], |
|
492 |
"gdestroy": ["destroy_cluster"], |
|
488 |
|
|
493 | 489 |
} |
494 | 490 |
|
495 | 491 |
ret = [] |
... | ... | |
499 | 495 |
return ret |
500 | 496 |
|
501 | 497 |
|
502 |
def must_create_keys(force, env): |
|
503 |
"""Check if we need to create ssh keys |
|
504 |
|
|
505 |
If force is true we are going to overide the old keys. |
|
506 |
Else if there are already generated keys to use, don't create new ones. |
|
498 |
def must_create_keys(env): |
|
499 |
"""Check if we ssh keys already exist |
|
507 | 500 |
|
508 | 501 |
""" |
509 |
if force: |
|
510 |
return True |
|
511 | 502 |
d = os.path.join(env.templates, "root/.ssh") |
512 | 503 |
auth_keys_exists = os.path.exists(os.path.join(d, "authorized_keys")) |
513 | 504 |
dsa_exists = os.path.exists(os.path.join(d, "id_dsa")) |
... | ... | |
535 | 526 |
os.system(cmd) |
536 | 527 |
|
537 | 528 |
|
538 |
def add_node(args, env): |
|
539 |
actions = [ |
|
540 |
"update_ns_for_node:" + args.cluster_node, |
|
541 |
] |
|
542 |
fabcommand(args, env, actions) |
|
543 |
actions = [ |
|
544 |
"setup_resolv_conf", |
|
545 |
"apt_get_update", |
|
546 |
"setup_apt", |
|
547 |
"setup_hosts", |
|
548 |
"add_keys", |
|
549 |
] |
|
550 |
fabcommand(args, env, actions, [args.cluster_node]) |
|
551 |
|
|
552 |
actions = get_actions("check") |
|
553 |
fabcommand(args, env, actions) |
|
554 |
|
|
555 |
actions = [ |
|
556 |
"setup_nfs_clients", |
|
557 |
"setup_ganeti", |
|
558 |
"setup_image_host", "setup_image_helper", |
|
559 |
"setup_network", "setup_gtools", |
|
560 |
] |
|
561 |
fabcommand(args, env, actions, [args.cluster_node]) |
|
562 |
|
|
563 |
actions = [ |
|
564 |
"add_node:" + args.cluster_node, |
|
565 |
] |
|
566 |
fabcommand(args, env, actions) |
|
567 |
|
|
568 |
actions = [ |
|
569 |
"setup_lvm", "enable_drbd", |
|
570 |
"setup_net_infra", "setup_iptables", |
|
571 |
] |
|
572 |
fabcommand(args, env, actions, [args.cluster_node]) |
|
529 |
def must_create_ddns_keys(env): |
|
530 |
d = os.path.join(env.templates, "root/ddns") |
|
531 |
key_exists = glob.glob(os.path.join(d, "Kddns*key")) |
|
532 |
private_exists = glob.glob(os.path.join(d, "Kddns*private")) |
|
533 |
bind_key_exists = os.path.exists(os.path.join(d, "ddns.key")) |
|
534 |
return not (key_exists and private_exists and bind_key_exists) |
|
535 |
|
|
536 |
|
|
537 |
def find_ddns_key_files(env): |
|
538 |
d = os.path.join(env.templates, "root/ddns") |
|
539 |
keys = glob.glob(os.path.join(d, "Kddns*")) |
|
540 |
# Here we must have a key! |
|
541 |
return map(os.path.basename, keys) |
|
542 |
|
|
543 |
|
|
544 |
def do_create_ddns_keys(args, env): |
|
545 |
d = os.path.join(env.templates, "root/ddns") |
|
546 |
if not os.path.exists(d): |
|
547 |
os.mkdir(d) |
|
548 |
for filename in os.listdir(d): |
|
549 |
os.remove(os.path.join(d, filename)) |
|
550 |
cmd = """ |
|
551 |
dnssec-keygen -a HMAC-MD5 -b 128 -K {0} -r /dev/urandom -n USER DDNS_UPDATE |
|
552 |
key=$(cat {0}/Kddns_update*.key | awk '{{ print $7 }}') |
|
553 |
cat > {0}/ddns.key <<EOF |
|
554 |
key DDNS_UPDATE {{ |
|
555 |
algorithm HMAC-MD5.SIG-ALG.REG.INT; |
|
556 |
secret "$key"; |
|
557 |
}}; |
|
558 |
EOF |
|
559 |
""".format(d) |
|
560 |
os.system(cmd) |
|
561 |
|
|
573 | 562 |
|
574 | 563 |
|
575 | 564 |
def main(): |
... | ... | |
577 | 566 |
|
578 | 567 |
conf = Conf(args) |
579 | 568 |
env = Env(conf) |
569 |
env.status = Status(args) |
|
580 | 570 |
|
581 | 571 |
create_dir(env.run, False) |
582 | 572 |
create_dir(env.dns, False) |
583 | 573 |
|
584 | 574 |
# Check if there are keys to use |
585 | 575 |
if args.command == "keygen": |
586 |
if must_create_keys(args.force, env): |
|
587 |
do_create_keys(args, env) |
|
588 |
return 0 |
|
589 |
else: |
|
590 |
print "Keys already existed.. aborting" |
|
591 |
return 1 |
|
576 |
if not args.force: |
|
577 |
if not must_create_keys(env) or not must_create_ddns_keys(env): |
|
578 |
print "Keys already exist.." |
|
579 |
print "To override existing ones use --force." |
|
580 |
return 1 |
|
581 |
do_create_keys(args, env) |
|
582 |
do_create_ddns_keys(args, env) |
|
583 |
return 0 |
|
592 | 584 |
else: |
593 |
if (args.key_inject and (args.ssh_key is None)
|
|
594 |
and must_create_keys(False, env)):
|
|
595 |
print "No ssh keys to use. Run `snf-deploy keygen' first." |
|
585 |
if ((args.key_inject and not args.ssh_key and must_create_keys(env)) or
|
|
586 |
must_create_ddns_keys(env)):
|
|
587 |
print "No ssh/ddns keys to use. Run `snf-deploy keygen' first."
|
|
596 | 588 |
return 1 |
589 |
env.ddns_keys = find_ddns_key_files(env) |
|
590 |
env.ddns_private_key = "/root/ddns/" + env.ddns_keys[0] |
|
597 | 591 |
|
598 | 592 |
if args.command == "test": |
599 | 593 |
conf.print_config() |
... | ... | |
612 | 606 |
dnsmasq(args, env) |
613 | 607 |
cluster(args, env) |
614 | 608 |
|
615 |
if args.command == "prepare": |
|
616 |
actions = get_actions("prepare") |
|
617 |
fabcommand(args, env, actions) |
|
618 |
|
|
619 |
if args.command == "synnefo": |
|
620 |
actions = get_actions("synnefo") |
|
621 |
fabcommand(args, env, actions) |
|
622 |
|
|
623 | 609 |
if args.command == "backend": |
624 | 610 |
actions = get_actions("backend") |
625 | 611 |
fabcommand(args, env, actions) |
... | ... | |
629 | 615 |
fabcommand(args, env, actions) |
630 | 616 |
|
631 | 617 |
if args.command == "all": |
632 |
actions = get_actions("prepare", "synnefo", "backend")
|
|
618 |
actions = get_actions("all")
|
|
633 | 619 |
fabcommand(args, env, actions) |
634 | 620 |
|
635 |
if args.command == "add": |
|
636 |
if args.cluster_node: |
|
637 |
add_node(args, env) |
|
638 |
else: |
|
639 |
actions = get_actions("backend") |
|
640 |
fabcommand(args, env, actions) |
|
641 |
|
|
642 | 621 |
if args.command == "run": |
643 | 622 |
if not args.actions: |
644 | 623 |
print_available_actions(args.command) |
b/snf-deploy/snfdeploy/components.py | ||
---|---|---|
1 |
# Copyright (C) 2010, 2011, 2012, 2013 GRNET S.A. All rights reserved. |
|
2 |
# |
|
3 |
# Redistribution and use in source and binary forms, with or |
|
4 |
# without modification, are permitted provided that the following |
|
5 |
# conditions are met: |
|
6 |
# |
|
7 |
# 1. Redistributions of source code must retain the above |
|
8 |
# copyright notice, this list of conditions and the following |
|
9 |
# disclaimer. |
|
10 |
# |
|
11 |
# 2. Redistributions in binary form must reproduce the above |
|
12 |
# copyright notice, this list of conditions and the following |
|
13 |
# disclaimer in the documentation and/or other materials |
|
14 |
# provided with the distribution. |
|
15 |
# |
|
16 |
# THIS SOFTWARE IS PROVIDED BY GRNET S.A. ``AS IS'' AND ANY EXPRESS |
|
17 |
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED |
|
18 |
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR |
|
19 |
# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL GRNET S.A. OR |
|
20 |
# CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, |
|
21 |
# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT |
|
22 |
# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF |
|
23 |
# USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED |
|
24 |
# AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|
25 |
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN |
|
26 |
# ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
|
27 |
# POSSIBILITY OF SUCH DAMAGE. |
|
28 |
# |
|
29 |
# The views and conclusions contained in the software and |
|
30 |
# documentation are those of the authors and should not be |
|
31 |
# interpreted as representing official policies, either expressed |
|
32 |
# or implied, of GRNET S.A. |
|
33 |
|
|
34 |
import datetime |
|
35 |
from snfdeploy.utils import debug |
|
36 |
|
|
37 |
class SynnefoComponent(object): |
|
38 |
|
|
39 |
REQUIRED_PACKAGES = [] |
|
40 |
|
|
41 |
def debug(self, msg, info=""): |
|
42 |
debug(self.__class__.__name__, msg, info) |
|
43 |
|
|
44 |
def __init__(self, node_info, env, *args, **kwargs): |
|
45 |
""" Take a node_info and env as argument and initialize local vars """ |
|
46 |
self.node_info = node_info |
|
47 |
self.env = env |
|
48 |
|
|
49 |
def check(self): |
|
50 |
""" Returns a list of bash commands that check prerequisites """ |
|
51 |
return [] |
|
52 |
|
|
53 |
def install(self): |
|
54 |
""" Returns a list of debian packages to install """ |
|
55 |
return self.REQUIRED_PACKAGES |
|
56 |
|
|
57 |
def prepare(self): |
|
58 |
""" Returs a list of bash commands that prepares the component """ |
|
59 |
return [] |
|
60 |
|
|
61 |
def configure(self): |
|
62 |
""" Must return a list of tuples (tmpl_path, replace_dict, mode) """ |
|
63 |
return [] |
|
64 |
|
|
65 |
def initialize(self): |
|
66 |
""" Returs a list of bash commands that initialize the component """ |
|
67 |
return [] |
|
68 |
|
|
69 |
def test(self): |
|
70 |
""" Returs a list of bash commands that test existing installation """ |
|
71 |
return [] |
|
72 |
|
|
73 |
def restart(self): |
|
74 |
return [] |
|
75 |
|
|
76 |
#TODO: add cleanup method for each component |
|
77 |
def clean(self): |
|
78 |
return [] |
|
79 |
|
|
80 |
|
|
81 |
class HW(SynnefoComponent): |
|
82 |
def test(self): |
|
83 |
return [ |
|
84 |
"ping -c 1 %s" % self.node_info.ip, |
|
85 |
"ping -c 1 www.google.com", |
|
86 |
"apt-get update", |
|
87 |
] |
|
88 |
|
|
89 |
class SSH(SynnefoComponent): |
|
90 |
def prepare(self): |
|
91 |
return [ |
|
92 |
"mkdir -p /root/.ssh", |
|
93 |
"for f in $(ls /root/.ssh/*); do cp $f $f.bak ; done", |
|
94 |
"echo StrictHostKeyChecking no >> /etc/ssh/ssh_config", |
|
95 |
] |
|
96 |
|
|
97 |
def configure(self): |
|
98 |
files = [ |
|
99 |
"authorized_keys", "id_dsa", "id_dsa.pub", "id_rsa", "id_rsa.pub" |
|
100 |
] |
|
101 |
ssh = [("/root/.ssh/%s" % f, {}, {"mode":0600}) for f in files] |
|
102 |
return ssh |
|
103 |
|
|
104 |
def initialize(self): |
|
105 |
f = "/root/.ssh/authorized_keys" |
|
106 |
return [ |
|
107 |
"test -e {0}.bak && cat {0}.bak >> {0}".format(f) |
|
108 |
] |
|
109 |
|
|
110 |
def test(self): |
|
111 |
return ["ssh %s date" % self.node_info.ip] |
|
112 |
|
|
113 |
|
|
114 |
class DNS(SynnefoComponent): |
|
115 |
def prepare(self): |
|
116 |
return [ |
|
117 |
"chattr -i /etc/resolv.conf", |
|
118 |
"sed -i 's/^127.*$/127.0.0.1 localhost/g' /etc/hosts", |
|
119 |
] |
|
120 |
|
|
121 |
def configure(self): |
|
122 |
r1 = { |
|
123 |
"date": str(datetime.datetime.today()), |
|
124 |
"domain": self.env.env.domain, |
|
125 |
"ns_node_ip": self.env.env.ns.ip, |
|
126 |
} |
|
127 |
resolv = [ |
|
128 |
("/etc/resolv.conf", r1, {}) |
|
129 |
] |
|
130 |
return resolv |
|
131 |
|
|
132 |
def initialize(self): |
|
133 |
return ["chattr +i /etc/resolv.conf"] |
|
134 |
|
|
135 |
|
|
136 |
class DDNS(SynnefoComponent): |
|
137 |
REQUIRED_PACKAGES = [ |
|
138 |
"dnsutils", |
|
139 |
] |
|
140 |
|
|
141 |
def prepare(self): |
|
142 |
return [ |
|
143 |
"mkdir -p /root/ddns/" |
|
144 |
] |
|
145 |
|
|
146 |
def configure(self): |
|
147 |
return [ |
|
148 |
("/root/ddns/" + k, {}, {}) for k in self.env.env.ddns_keys |
|
149 |
] |
|
150 |
|
|
151 |
|
|
152 |
class NS(SynnefoComponent): |
|
153 |
REQUIRED_PACKAGES = [ |
|
154 |
"bind9", |
|
155 |
] |
|
156 |
|
|
157 |
def nsupdate(self, cmd): |
|
158 |
ret = """ |
|
159 |
nsupdate -k {0} > /dev/null <<EOF || true |
|
160 |
server {1} |
|
161 |
{2} |
|
162 |
send |
|
163 |
EOF |
|
164 |
""".format(self.env.env.ddns_private_key, self.node_info.ip, cmd) |
|
165 |
return ret |
|
166 |
|
|
167 |
def prepare(self): |
|
168 |
return [ |
|
169 |
"mkdir -p /etc/bind/zones", |
|
170 |
"chmod g+w /etc/bind/zones", |
|
171 |
"mkdir -p /etc/bind/rev", |
|
172 |
"chmod g+w /etc/bind/rev", |
|
173 |
] |
|
174 |
|
|
175 |
def configure(self): |
|
176 |
d = self.env.env.domain |
|
177 |
ip = self.node_info.ip |
|
178 |
return [ |
|
179 |
("/etc/bind/named.conf.local", {"domain": d}, {}), |
|
180 |
("/etc/bind/zones/example.com", |
|
181 |
{"domain": d, "ns_node_ip": ip}, |
|
182 |
{"remote": "/etc/bind/zones/%s" % d}), |
|
183 |
("/etc/bind/zones/vm.example.com", |
|
184 |
{"domain": d, "ns_node_ip": ip}, |
|
185 |
{"remote": "/etc/bind/zones/vm.%s" % d}), |
|
186 |
("/etc/bind/rev/synnefo.in-addr.arpa.zone", {"domain": d}, {}), |
|
187 |
("/etc/bind/rev/synnefo.ip6.arpa.zone", {"domain": d}, {}), |
|
188 |
("/etc/bind/named.conf.options", |
|
189 |
{"node_ips": ";".join(self.env.env.ips)}, {}), |
|
190 |
("/root/ddns/ddns.key", {}, {"remote": "/etc/bind/ddns.key"}), |
|
191 |
] |
|
192 |
|
|
193 |
def update_cnamerecord(self, node_info): |
|
194 |
return self.nsupdate("update add %s" % node_info.cnamerecord) |
|
195 |
|
|
196 |
def update_arecord(self, node_info): |
|
197 |
return self.nsupdate("update add %s" % node_info.arecord) |
|
198 |
|
|
199 |
def update_ptrrecord(self, node_info): |
|
200 |
return self.nsupdate("update add %s" % node_info.ptrrecord) |
|
201 |
|
|
202 |
def update_ns_for_node(self, node_info): |
|
203 |
return [ |
|
204 |
self.update_arecord(node_info), |
|
205 |
self.update_cnamerecord(node_info), |
|
206 |
self.update_ptrrecord(node_info) |
|
207 |
] |
|
208 |
|
|
209 |
def initialize(self): |
|
210 |
a = [self.update_arecord(n) |
|
211 |
for n in self.env.env.nodes_info.values()] |
|
212 |
ptr = [self.update_ptrrecord(n) |
|
213 |
for n in self.env.env.nodes_info.values()] |
|
214 |
cnames = [self.update_cnamerecord(n) |
|
215 |
for n in self.env.env.roles_info.values()] |
|
216 |
|
|
217 |
return a + ptr + cnames |
|
218 |
|
|
219 |
def restart(self): |
|
220 |
return ["/etc/init.d/bind9 restart"] |
|
221 |
|
|
222 |
def test(self): |
|
223 |
n = ["host %s localhost" % i.fqdn |
|
224 |
for i in self.env.env.nodes_info.values()] |
|
225 |
a = ["host %s localhost" % i.fqdn |
|
226 |
for i in self.env.env.roles_info.values()] |
|
227 |
return n + a |
|
228 |
|
|
229 |
|
|
230 |
class APT(SynnefoComponent): |
|
231 |
""" Setup apt repos and check fqdns """ |
|
232 |
REQUIRED_PACKAGES = ["curl"] |
|
233 |
|
|
234 |
def prepare(self): |
|
235 |
return [ |
|
236 |
"echo 'APT::Install-Suggests \"false\";' >> /etc/apt/apt.conf", |
|
237 |
"curl -k https://dev.grnet.gr/files/apt-grnetdev.pub | apt-key add -", |
|
238 |
] |
|
239 |
|
|
240 |
def configure(self): |
|
241 |
return [ |
|
242 |
("/etc/apt/sources.list.d/synnefo.wheezy.list", {}, {}) |
|
243 |
] |
|
244 |
|
|
245 |
def initialize(self): |
|
246 |
return [ |
|
247 |
"apt-get update", |
|
248 |
] |
|
249 |
|
|
250 |
|
|
251 |
class MQ(SynnefoComponent): |
|
252 |
REQUIRED_PACKAGES = ["rabbitmq-server"] |
|
253 |
|
|
254 |
def check(self): |
|
255 |
return ["ping -c 1 mq.%s" % self.env.env.domain] |
|
256 |
|
|
257 |
def initialize(self): |
|
258 |
u = self.env.env.synnefo_user |
|
259 |
p = self.env.env.synnefo_rabbitmq_passwd |
|
260 |
return [ |
|
261 |
"rabbitmqctl add_user %s %s" % (u, p), |
|
262 |
"rabbitmqctl set_permissions %s \".*\" \".*\" \".*\"" % u, |
|
263 |
"rabbitmqctl delete_user guest", |
|
264 |
"rabbitmqctl set_user_tags %s administrator" % u, |
|
265 |
] |
|
266 |
|
|
267 |
|
|
268 |
class DB(SynnefoComponent): |
|
269 |
REQUIRED_PACKAGES = ["postgresql"] |
|
270 |
|
|
271 |
def check(self): |
|
272 |
return ["ping -c 1 db.%s" % self.env.env.domain] |
|
273 |
|
|
274 |
def get_user_info_from_db(self): |
|
275 |
cmd = """ |
|
276 |
cat > /tmp/psqlcmd <<EOF |
|
277 |
select id, auth_token, uuid, email from auth_user, im_astakosuser \ |
|
278 |
where auth_user.id = im_astakosuser.user_ptr_id and auth_user.email = '{0}'; |
|
279 |
EOF |
|
280 |
|
|
281 |
su - postgres -c "psql -w -d snf_apps -f /tmp/psqlcmd" |
|
282 |
""".format(self.env.env.user_email) |
|
283 |
|
|
284 |
return [cmd] |
|
285 |
|
|
286 |
def allow_access_in_db(self, node_info, user="all", method="md5"): |
|
287 |
f = "/etc/postgresql/*/main/pg_hba.conf" |
|
288 |
cmd1 = "echo host all %s %s/32 %s >> %s" % \ |
|
289 |
(user, node_info.ip, method, f) |
|
290 |
cmd2 = "sed -i 's/\(host.*127.0.0.1.*\)md5/\\1trust/' %s" % f |
|
291 |
return [cmd1, cmd2] + self.restart() |
|
292 |
|
|
293 |
def configure(self): |
|
294 |
u = self.env.env.synnefo_user |
|
295 |
p = self.env.env.synnefo_db_passwd |
|
296 |
replace = {"synnefo_user": u, "synnefo_db_passwd": p} |
|
297 |
return [ |
Also available in: Unified diff