Statistics
| Branch: | Tag: | Revision:

root / snf-deploy / fabfile.py @ b3adfb20

History | View | Annotate | Download (41.5 kB)

1
# Too many lines in module pylint: disable-msg=C0302
2
# Too many arguments (7/5) pylint: disable-msg=R0913
3
"""
4
Fabric file for snf-deploy
5

6
"""
7

    
8
from __future__ import with_statement
9
from fabric.api import hide, env, settings, local, roles
10
from fabric.operations import run, put, get
11
import fabric
12
import re
13
import os
14
import shutil
15
import tempfile
16
import ast
17
from snfdeploy.lib import debug, Conf, Env, disable_color
18
from snfdeploy import massedit
19

    
20

    
21
def setup_env(confdir="conf", packages="packages", templates="files",
22
              cluster_name="ganeti1", autoconf=False, disable_colors=False,
23
              key_inject=False):
24
    """Setup environment"""
25
    print("Loading configuration for synnefo...")
26
    print(" * Using config files under %s..." % confdir)
27
    print(" * Using %s and %s for packages and templates accordingly..."
28
          % (packages, templates))
29

    
30
    autoconf = ast.literal_eval(autoconf)
31
    disable_colors = ast.literal_eval(disable_colors)
32
    env.key_inject = ast.literal_eval(key_inject)
33
    conf = Conf.configure(confdir=confdir, cluster_name=cluster_name,
34
                          autoconf=autoconf)
35
    env.env = Env(conf)
36

    
37
    env.local = autoconf
38
    env.password = env.env.password
39
    env.user = env.env.user
40
    env.shell = "/bin/bash -c"
41

    
42
    if disable_colors:
43
        disable_color()
44

    
45
    if env.env.cms.hostname in \
46
            [env.env.accounts.hostname, env.env.cyclades.hostname,
47
             env.env.pithos.hostname]:
48
        env.cms_pass = True
49
    else:
50
        env.cms_pass = False
51

    
52
    if env.env.accounts.hostname in \
53
            [env.env.cyclades.hostname, env.env.pithos.hostname]:
54
        env.csrf_disable = True
55
    else:
56
        env.csrf_disable = False
57

    
58
    env.roledefs = {
59
        "nodes": env.env.ips,
60
        "ips": env.env.ips,
61
        "accounts": [env.env.accounts.ip],
62
        "cyclades": [env.env.cyclades.ip],
63
        "pithos": [env.env.pithos.ip],
64
        "cms": [env.env.cms.ip],
65
        "mq": [env.env.mq.ip],
66
        "db": [env.env.db.ip],
67
        "mq": [env.env.mq.ip],
68
        "db": [env.env.db.ip],
69
        "ns": [env.env.ns.ip],
70
        "client": [env.env.client.ip],
71
        "router": [env.env.router.ip],
72
    }
73

    
74
    env.enable_lvm = False
75
    env.enable_drbd = False
76
    if ast.literal_eval(env.env.create_extra_disk) and env.env.extra_disk:
77
        env.enable_lvm = True
78
        env.enable_drbd = True
79

    
80
    env.roledefs.update({
81
        "ganeti": env.env.cluster_ips,
82
        "master": [env.env.master.ip],
83
    })
84

    
85

    
86
def install_package(package):
87
    debug(env.host, " * Installing package %s..." % package)
88
    apt_get = "export DEBIAN_FRONTEND=noninteractive ;" + \
89
              "apt-get install -y --force-yes "
90

    
91
    host_info = env.env.ips_info[env.host]
92
    env.env.update_packages(host_info.os)
93
    if ast.literal_eval(env.env.use_local_packages):
94
        with settings(warn_only=True):
95
            deb = local("ls %s/%s*%s_all.deb"
96
                        % (env.env.packages, package, host_info.os),
97
                        capture=True)
98
            if deb:
99
                debug(env.host,
100
                      " * Package %s found in %s..."
101
                      % (package, env.env.packages))
102
                try_put(deb, "/tmp/")
103
                try_run("dpkg -i /tmp/%s || "
104
                        % os.path.basename(deb) + apt_get + "-f")
105
                try_run("rm /tmp/%s" % os.path.basename(deb))
106
                return
107

    
108
    info = getattr(env.env, package)
109
    if info in \
110
            ["squeeze-backports", "squeeze", "stable",
111
             "testing", "unstable", "wheezy"]:
112
        apt_get += " -t %s %s " % (info, package)
113
    elif info:
114
        apt_get += " %s=%s " % (package, info)
115
    else:
116
        apt_get += package
117

    
118
    try_run(apt_get)
119

    
120
    return
121

    
122

    
123
@roles("ns")
124
def update_ns_for_ganeti():
125
    debug(env.host,
126
          "Updating name server entries for backend %s..."
127
          % env.env.cluster.fqdn)
128
    update_arecord(env.env.cluster)
129
    update_ptrrecord(env.env.cluster)
130
    try_run("/etc/init.d/bind9 restart")
131

    
132

    
133
@roles("ns")
134
def update_ns_for_node(node):
135
    info = env.env.nodes_info.get(node)
136
    update_arecord(info)
137
    update_ptrrecord(info)
138
    try_run("/etc/init.d/bind9 restart")
139

    
140

    
141
@roles("ns")
142
def update_arecord(host):
143
    filename = "/etc/bind/zones/" + env.env.domain
144
    cmd = """
145
    echo '{0}' >> {1}
146
    """.format(host.arecord, filename)
147
    try_run(cmd)
148

    
149

    
150
@roles("ns")
151
def update_cnamerecord(host):
152
    filename = "/etc/bind/zones/" + env.env.domain
153
    cmd = """
154
    echo '{0}' >> {1}
155
    """.format(host.cnamerecord, filename)
156
    try_run(cmd)
157

    
158

    
159
@roles("ns")
160
def update_ptrrecord(host):
161
    filename = "/etc/bind/rev/synnefo.in-addr.arpa.zone"
162
    cmd = """
163
    echo '{0}' >> {1}
164
    """.format(host.ptrrecord, filename)
165
    try_run(cmd)
166

    
167

    
168
@roles("nodes")
169
def apt_get_update():
170
    debug(env.host, "apt-get update....")
171
    try_run("apt-get update")
172

    
173

    
174
@roles("ns")
175
def setup_ns():
176
    debug(env.host, "Setting up name server..")
177
    #WARNING: this should be remove after we are done
178
    # because gevent does pick randomly nameservers and google does
179
    # not know our setup!!!!!
180
    apt_get_update()
181
    install_package("bind9")
182
    tmpl = "/etc/bind/named.conf.local"
183
    replace = {
184
        "domain": env.env.domain,
185
    }
186
    custom = customize_settings_from_tmpl(tmpl, replace)
187
    try_put(custom, tmpl)
188

    
189
    try_run("mkdir -p /etc/bind/zones")
190
    tmpl = "/etc/bind/zones/example.com"
191
    replace = {
192
        "domain": env.env.domain,
193
        "ns_node_ip": env.env.ns.ip,
194
    }
195
    custom = customize_settings_from_tmpl(tmpl, replace)
196
    remote = "/etc/bind/zones/" + env.env.domain
197
    try_put(custom, remote)
198

    
199
    try_run("mkdir -p /etc/bind/rev")
200
    tmpl = "/etc/bind/rev/synnefo.in-addr.arpa.zone"
201
    replace = {
202
        "domain": env.env.domain,
203
    }
204
    custom = customize_settings_from_tmpl(tmpl, replace)
205
    try_put(custom, tmpl)
206

    
207
    tmpl = "/etc/bind/named.conf.options"
208
    replace = {
209
        "NODE_IPS": ";".join(env.env.ips),
210
    }
211
    custom = customize_settings_from_tmpl(tmpl, replace)
212
    try_put(custom, tmpl, mode=0644)
213

    
214
    for role, info in env.env.roles.iteritems():
215
        if role == "ns":
216
            continue
217
        update_cnamerecord(info)
218
    for node, info in env.env.nodes_info.iteritems():
219
        update_arecord(info)
220
        update_ptrrecord(info)
221

    
222
    try_run("/etc/init.d/bind9 restart")
223

    
224

    
225
@roles("nodes")
226
def check_dhcp():
227
    debug(env.host, "Checking IPs for synnefo..")
228
    for n, info in env.env.nodes_info.iteritems():
229
        try_run("ping -c 1 " + info.ip)
230

    
231

    
232
@roles("nodes")
233
def check_dns():
234
    debug(env.host, "Checking fqdns for synnefo..")
235
    for n, info in env.env.nodes_info.iteritems():
236
        try_run("ping -c 1 " + info.fqdn)
237

    
238
    for n, info in env.env.roles.iteritems():
239
        try_run("ping -c 1 " + info.fqdn)
240

    
241

    
242
@roles("nodes")
243
def check_connectivity():
244
    debug(env.host, "Checking internet connectivity..")
245
    try_run("ping -c 1 www.google.com")
246

    
247

    
248
@roles("nodes")
249
def check_ssh():
250
    debug(env.host, "Checking password-less ssh..")
251
    for n, info in env.env.nodes_info.iteritems():
252
        try_run("ssh " + info.fqdn + "  date")
253

    
254

    
255
@roles("ips")
256
def add_keys():
257
    if not env.key_inject:
258
        debug(env.host, "Skipping ssh keys injection..")
259
        return
260
    else:
261
        debug(env.host, "Adding rsa/dsa keys..")
262
    try_run("mkdir -p /root/.ssh")
263
    cmd = """
264
for f in $(ls /root/.ssh/*); do
265
  cp $f $f.bak
266
done
267
    """
268
    try_run(cmd)
269
    files = ["authorized_keys", "id_dsa", "id_dsa.pub",
270
             "id_rsa", "id_rsa.pub"]
271
    for f in files:
272
        tmpl = "/root/.ssh/" + f
273
        replace = {}
274
        custom = customize_settings_from_tmpl(tmpl, replace)
275
        try_put(custom, tmpl, mode=0600)
276

    
277
    cmd = """
278
if [ -e /root/.ssh/authorized_keys.bak ]; then
279
  cat /root/.ssh/authorized_keys.bak >> /root/.ssh/authorized_keys
280
fi
281
    """
282
    debug(env.host, "Updating exising authorized keys..")
283
    try_run(cmd)
284

    
285

    
286
@roles("ips")
287
def setup_resolv_conf():
288
    debug(env.host, "Tweak /etc/resolv.conf...")
289
    try_run("/etc/init.d/network-manager stop", abort=False)
290
    tmpl = "/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate"
291
    replace = {}
292
    custom = customize_settings_from_tmpl(tmpl, replace)
293
    try_put(custom, tmpl, mode=0644)
294
    try_run("cp /etc/resolv.conf /etc/resolv.conf.bak")
295
    tmpl = "/etc/resolv.conf"
296
    replace = {
297
        "domain": env.env.domain,
298
        "ns_node_ip": env.env.ns.ip,
299
    }
300
    custom = customize_settings_from_tmpl(tmpl, replace)
301
    try:
302
        try_put(custom, tmpl)
303
        cmd = """
304
        echo "\
305
# This has been generated automatically by snf-deploy, at
306
# $(date).
307
# The immutable bit (+i attribute) has been used to avoid it being
308
# overwritten by software such as NetworkManager or resolvconf.
309
# Use lsattr/chattr to view or modify its file attributes.
310

311

312
$(cat {0})" > {0}
313
""".format(tmpl)
314
        try_run(cmd)
315
    except:
316
        pass
317
    try_run("chattr +i /etc/resolv.conf")
318

    
319

    
320
@roles("ips")
321
def setup_hosts():
322
    debug(env.host, "Tweaking /etc/hosts and ssh_config files...")
323
    try_run("echo StrictHostKeyChecking no >> /etc/ssh/ssh_config")
324
    cmd = "sed -i 's/^127.*$/127.0.0.1 localhost/g' /etc/hosts "
325
    try_run(cmd)
326
    host_info = env.env.ips_info[env.host]
327
    cmd = "hostname %s" % host_info.hostname
328
    try_run(cmd)
329
    cmd = "echo %s > /etc/hostname" % host_info.hostname
330
    try_run(cmd)
331

    
332

    
333
def try_run(cmd, abort=True):
334
    try:
335
        if env.local:
336
            return local(cmd, capture=True)
337
        else:
338
            return run(cmd)
339
    except BaseException as e:
340
        if abort:
341
            fabric.utils.abort(e)
342
        else:
343
            debug(env.host, "WARNING: command failed. Continuing anyway...")
344

    
345

    
346
def try_put(local_path=None, remote_path=None, abort=True, **kwargs):
347
    try:
348
        put(local_path=local_path, remote_path=remote_path, **kwargs)
349
    except BaseException as e:
350
        if abort:
351
            fabric.utils.abort(e)
352
        else:
353
            debug(env.host, "WARNING: command failed. Continuing anyway...")
354

    
355

    
356
def try_get(remote_path, local_path=None, abort=True, **kwargs):
357
    try:
358
        get(remote_path, local_path=local_path, **kwargs)
359
    except BaseException as e:
360
        if abort:
361
            fabric.utils.abort(e)
362
        else:
363
            debug(env.host, "WARNING: command failed. Continuing anyway...")
364

    
365

    
366
def create_bridges():
367
    debug(env.host, " * Creating bridges...")
368
    install_package("bridge-utils")
369
    cmd = """
370
    brctl addbr {0} ; ip link set {0} up
371
    """.format(env.env.common_bridge)
372
    try_run(cmd)
373

    
374

    
375
def connect_bridges():
376
    debug(env.host, " * Connecting bridges...")
377
    #cmd = """
378
    #brctl addif {0} {1}
379
    #""".format(env.env.common_bridge, env.env.public_iface)
380
    #try_run(cmd)
381

    
382

    
383
@roles("ganeti")
384
def setup_net_infra():
385
    debug(env.host, "Setup networking infrastracture..")
386
    create_bridges()
387
    connect_bridges()
388

    
389

    
390
@roles("ganeti")
391
def setup_lvm():
392
    debug(env.host, "create volume group %s for ganeti.." % env.env.vg)
393
    if env.enable_lvm:
394
        install_package("lvm2")
395
        cmd = """
396
        pvcreate {0}
397
        vgcreate {1} {0}
398
        """.format(env.env.extra_disk, env.env.vg)
399
        try_run(cmd)
400

    
401

    
402
def customize_settings_from_tmpl(tmpl, replace):
403
    debug(env.host, " * Customizing template %s..." % tmpl)
404
    local = env.env.templates + tmpl
405
    _, custom = tempfile.mkstemp()
406
    shutil.copyfile(local, custom)
407
    for k, v in replace.iteritems():
408
        regex = "re.sub('%{0}%', '{1}', line)".format(k.upper(), v)
409
        massedit.edit_files([custom], [regex], dry_run=False)
410

    
411
    return custom
412

    
413

    
414
@roles("nodes")
415
def setup_apt():
416
    debug(env.host, "Setting up apt sources...")
417
    install_package("curl")
418
    cmd = """
419
    echo 'APT::Install-Suggests "false";' >> /etc/apt/apt.conf
420
    curl -k https://dev.grnet.gr/files/apt-grnetdev.pub | apt-key add -
421
    """
422
    try_run(cmd)
423
    host_info = env.env.ips_info[env.host]
424
    if host_info.os == "squeeze":
425
        tmpl = "/etc/apt/sources.list.d/synnefo.squeeze.list"
426
    else:
427
        tmpl = "/etc/apt/sources.list.d/synnefo.wheezy.list"
428
    replace = {}
429
    custom = customize_settings_from_tmpl(tmpl, replace)
430
    try_put(custom, tmpl)
431
    apt_get_update()
432

    
433

    
434
@roles("cyclades", "cms", "pithos", "accounts")
435
def restart_services():
436
    debug(env.host, " * Restarting apache2 and gunicorn...")
437
    try_run("/etc/init.d/gunicorn restart")
438
    try_run("/etc/init.d/apache2 restart")
439

    
440

    
441
def setup_gunicorn():
442
    debug(env.host, " * Setting up gunicorn...")
443
    install_package("gunicorn")
444
    tmpl = "/etc/gunicorn.d/synnefo"
445
    replace = {}
446
    custom = customize_settings_from_tmpl(tmpl, replace)
447
    try_put(custom, tmpl, mode=0644)
448
    try_run("/etc/init.d/gunicorn restart")
449

    
450

    
451
def setup_apache():
452
    debug(env.host, " * Setting up apache2...")
453
    host_info = env.env.ips_info[env.host]
454
    install_package("apache2")
455
    tmpl = "/etc/apache2/sites-available/synnefo"
456
    replace = {
457
        "HOST": host_info.fqdn,
458
    }
459
    custom = customize_settings_from_tmpl(tmpl, replace)
460
    try_put(custom, tmpl)
461
    tmpl = "/etc/apache2/sites-available/synnefo-ssl"
462
    custom = customize_settings_from_tmpl(tmpl, replace)
463
    try_put(custom, tmpl)
464
    cmd = """
465
    a2enmod ssl
466
    a2enmod rewrite
467
    a2dissite default
468
    a2ensite synnefo
469
    a2ensite synnefo-ssl
470
    a2enmod headers
471
    a2enmod proxy_http
472
    a2dismod autoindex
473
    """
474
    try_run(cmd)
475
    try_run("/etc/init.d/apache2 restart")
476

    
477

    
478
@roles("mq")
479
def setup_mq():
480
    debug(env.host, "Setting up RabbitMQ...")
481
    install_package("rabbitmq-server")
482
    cmd = """
483
    rabbitmqctl add_user {0} {1}
484
    rabbitmqctl set_permissions {0} ".*" ".*" ".*"
485
    rabbitmqctl delete_user guest
486
    rabbitmqctl set_user_tags {0} administrator
487
    """.format(env.env.synnefo_user, env.env.synnefo_rabbitmq_passwd)
488
    try_run(cmd)
489
    try_run("/etc/init.d/rabbitmq-server restart")
490

    
491

    
492
@roles("db")
493
def allow_access_in_db(ip, user="all", method="md5"):
494
    cmd = """
495
    pg_hba=$(ls /etc/postgresql/*/main/pg_hba.conf)
496
    echo host all {0} {1}/32 {2} >> $pg_hba
497
    """.format(user, ip, method)
498
    try_run(cmd)
499
    cmd = """
500
    pg_hba=$(ls /etc/postgresql/*/main/pg_hba.conf)
501
    sed -i 's/\(host.*127.0.0.1.*\)md5/\\1trust/' $pg_hba
502
    """
503
    try_run(cmd)
504
    try_run("/etc/init.d/postgresql restart")
505

    
506

    
507
@roles("db")
508
def setup_db():
509
    debug(env.host, "Setting up DataBase server...")
510
    install_package("postgresql")
511

    
512
    tmpl = "/tmp/db-init.psql"
513
    replace = {
514
        "synnefo_user": env.env.synnefo_user,
515
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
516
        }
517
    custom = customize_settings_from_tmpl(tmpl, replace)
518
    try_put(custom, tmpl)
519
    cmd = 'su - postgres -c "psql -w -f %s" ' % tmpl
520
    try_run(cmd)
521
    cmd = """
522
    conf=$(ls /etc/postgresql/*/main/postgresql.conf)
523
    echo "listen_addresses = '*'" >> $conf
524
    """
525
    try_run(cmd)
526

    
527
    if env.env.testing_vm:
528
        cmd = """
529
        conf=$(ls /etc/postgresql/*/main/postgresql.conf)
530
        echo "fsync=off\nsynchronous_commit=off\nfull_page_writes=off" >> $conf
531
        """
532
        try_run(cmd)
533

    
534
    allow_access_in_db(env.host, "all", "trust")
535
    try_run("/etc/init.d/postgresql restart")
536

    
537

    
538
@roles("db")
539
def destroy_db():
540
    try_run("""su - postgres -c ' psql -w -c "drop database snf_apps" '""")
541
    try_run("""su - postgres -c ' psql -w -c "drop database snf_pithos" '""")
542

    
543

    
544
def setup_webproject():
545
    debug(env.host, " * Setting up snf-webproject...")
546
    with settings(hide("everything")):
547
        try_run("ping -c1 " + env.env.db.ip)
548
    setup_common()
549
    install_package("snf-webproject")
550
    install_package("python-psycopg2")
551
    install_package("python-gevent")
552
    tmpl = "/etc/synnefo/webproject.conf"
553
    replace = {
554
        "synnefo_user": env.env.synnefo_user,
555
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
556
        "db_node": env.env.db.ip,
557
        "domain": env.env.domain,
558
    }
559
    custom = customize_settings_from_tmpl(tmpl, replace)
560
    try_put(custom, tmpl, mode=0644)
561
    with settings(host_string=env.env.db.ip):
562
        host_info = env.env.ips_info[env.host]
563
        allow_access_in_db(host_info.ip, "all", "trust")
564
    try_run("/etc/init.d/gunicorn restart")
565

    
566

    
567
def setup_common():
568
    debug(env.host, " * Setting up snf-common...")
569
    host_info = env.env.ips_info[env.host]
570
    install_package("python-objpool")
571
    install_package("snf-common")
572
    install_package("python-astakosclient")
573
    install_package("snf-django-lib")
574
    install_package("snf-branding")
575
    tmpl = "/etc/synnefo/common.conf"
576
    replace = {
577
        #FIXME:
578
        "EMAIL_SUBJECT_PREFIX": env.host,
579
        "domain": env.env.domain,
580
        "HOST": host_info.fqdn,
581
        "MAIL_DIR": env.env.mail_dir,
582
    }
583
    custom = customize_settings_from_tmpl(tmpl, replace)
584
    try_put(custom, tmpl, mode=0644)
585
    try_run("mkdir -p {0}; chown root:www-data {0}; chmod 775 {0}".format(
586
            env.env.mail_dir))
587
    try_run("/etc/init.d/gunicorn restart")
588

    
589

    
590
@roles("accounts")
591
def astakos_loaddata():
592
    debug(env.host, " * Loading initial data to astakos...")
593
    cmd = """
594
    snf-manage loaddata groups
595
    """
596
    try_run(cmd)
597

    
598

    
599
@roles("accounts")
600
def astakos_register_components():
601
    debug(env.host, " * Register services in astakos...")
602

    
603
    cyclades_base_url = "https://%s/cyclades" % env.env.cyclades.fqdn
604
    pithos_base_url = "https://%s/pithos" % env.env.pithos.fqdn
605
    astakos_base_url = "https://%s/astakos" % env.env.accounts.fqdn
606

    
607
    cmd = """
608
    snf-manage component-add "home" --ui-url https://{0}
609
    snf-manage component-add "cyclades" --base-url {1} --ui-url {1}/ui
610
    snf-manage component-add "pithos" --base-url {2} --ui-url {2}/ui
611
    snf-manage component-add "astakos" --base-url {3} --ui-url {3}/ui
612
    """.format(env.env.cms.fqdn, cyclades_base_url,
613
               pithos_base_url, astakos_base_url)
614
    try_run(cmd)
615

    
616

    
617
@roles("accounts")
618
def add_user():
619
    debug(env.host, " * adding user %s to astakos..." % env.env.user_email)
620
    email = env.env.user_email
621
    name = env.env.user_name
622
    lastname = env.env.user_lastname
623
    passwd = env.env.user_passwd
624
    cmd = """
625
    snf-manage user-add {0} {1} {2}
626
    """.format(email, name, lastname)
627
    try_run(cmd)
628
    with settings(host_string=env.env.db.ip):
629
        uid, user_auth_token, user_uuid = get_auth_token_from_db(email)
630
    cmd = """
631
    snf-manage user-modify --password {0} {1}
632
    """.format(passwd, uid)
633
    try_run(cmd)
634

    
635

    
636
@roles("accounts")
637
def activate_user(user_email=None):
638
    if not user_email:
639
        user_email = env.env.user_email
640
    debug(env.host, " * Activate user %s..." % user_email)
641
    with settings(host_string=env.env.db.ip):
642
        uid, user_auth_token, user_uuid = get_auth_token_from_db(user_email)
643

    
644
    cmd = """
645
    snf-manage user-modify --verify {0}
646
    snf-manage user-modify --accept {0}
647
    """.format(uid)
648
    try_run(cmd)
649

    
650

    
651
@roles("accounts")
652
def setup_astakos():
653
    debug(env.host, "Setting up snf-astakos-app...")
654
    setup_gunicorn()
655
    setup_apache()
656
    setup_webproject()
657
    install_package("python-django-south")
658
    install_package("snf-astakos-app")
659
    install_package("kamaki")
660

    
661
    tmpl = "/etc/synnefo/astakos.conf"
662
    replace = {
663
        "ACCOUNTS": env.env.accounts.fqdn,
664
        "domain": env.env.domain,
665
        "CYCLADES": env.env.cyclades.fqdn,
666
        "PITHOS": env.env.pithos.fqdn,
667
    }
668
    custom = customize_settings_from_tmpl(tmpl, replace)
669
    try_put(custom, tmpl, mode=0644)
670
    if env.csrf_disable:
671
        cmd = """
672
cat <<EOF >> /etc/synnefo/astakos.conf
673
try:
674
  MIDDLEWARE_CLASSES.remove('django.middleware.csrf.CsrfViewMiddleware')
675
except:
676
  pass
677
EOF
678
"""
679
        try_run(cmd)
680

    
681
    try_run("/etc/init.d/gunicorn restart")
682

    
683
    cmd = """
684
    snf-manage syncdb --noinput
685
    snf-manage migrate im --delete-ghost-migrations
686
    snf-manage migrate quotaholder_app
687
    """
688
    try_run(cmd)
689

    
690

    
691
@roles("accounts")
692
def get_service_details(service="pithos"):
693
    debug(env.host,
694
          " * Getting registered details for %s service..." % service)
695
    result = try_run("snf-manage component-list -o id,name,token")
696
    r = re.compile(r".*%s.*" % service, re.M)
697
    service_id, _, service_token = r.search(result).group().split()
698
    # print("%s: %s %s" % (service, service_id, service_token))
699
    return (service_id, service_token)
700

    
701

    
702
@roles("db")
703
def get_auth_token_from_db(user_email=None):
704
    if not user_email:
705
        user_email = env.env.user_email
706
    debug(env.host,
707
          " * Getting authentication token and uuid for user %s..."
708
          % user_email)
709
    cmd = """
710
echo "select id, auth_token, uuid, email from auth_user, im_astakosuser \
711
where auth_user.id = im_astakosuser.user_ptr_id and auth_user.email = '{0}';" \
712
> /tmp/psqlcmd
713
su - postgres -c  "psql -w -d snf_apps -f /tmp/psqlcmd"
714
""".format(user_email)
715

    
716
    result = try_run(cmd)
717
    r = re.compile(r"(\d+)[ |]*(\S+)[ |]*(\S+)[ |]*" + user_email, re.M)
718
    match = r.search(result)
719
    uid, user_auth_token, user_uuid = match.groups()
720
    # print("%s: %s %s %s" % ( user_email, uid, user_auth_token, user_uuid))
721

    
722
    return (uid, user_auth_token, user_uuid)
723

    
724

    
725
@roles("cms")
726
def cms_loaddata():
727
    debug(env.host, " * Loading cms initial data...")
728
    if env.cms_pass:
729
        debug(env.host, "Aborting. Prerequisites not met.")
730
        return
731
    tmpl = "/tmp/sites.json"
732
    replace = {}
733
    custom = customize_settings_from_tmpl(tmpl, replace)
734
    try_put(custom, tmpl)
735

    
736
    tmpl = "/tmp/page.json"
737
    replace = {}
738
    custom = customize_settings_from_tmpl(tmpl, replace)
739
    try_put(custom, tmpl)
740

    
741
    cmd = """
742
    snf-manage loaddata /tmp/sites.json
743
    snf-manage loaddata /tmp/page.json
744
    snf-manage createsuperuser --username=admin --email=admin@{0} --noinput
745
    """.format(env.env.domain)
746
    try_run(cmd)
747

    
748

    
749
@roles("cms")
750
def setup_cms():
751
    debug(env.host, "Setting up cms...")
752
    if env.cms_pass:
753
        debug(env.host, "Aborting. Prerequisites not met.")
754
        return
755
    with settings(hide("everything")):
756
        try_run("ping -c1 accounts." + env.env.domain)
757
    setup_gunicorn()
758
    setup_apache()
759
    setup_webproject()
760
    install_package("snf-cloudcms")
761

    
762
    tmpl = "/etc/synnefo/cms.conf"
763
    replace = {
764
        "ACCOUNTS": env.env.accounts.fqdn,
765
        }
766
    custom = customize_settings_from_tmpl(tmpl, replace)
767
    try_put(custom, tmpl, mode=0644)
768
    try_run("/etc/init.d/gunicorn restart")
769

    
770
    cmd = """
771
    snf-manage syncdb
772
    snf-manage migrate --delete-ghost-migrations
773
    """.format(env.env.domain)
774
    try_run(cmd)
775

    
776

    
777
def setup_nfs_dirs():
778
    debug(env.host, " * Creating NFS mount point for pithos and ganeti...")
779
    cmd = """
780
    mkdir -p {0}
781
    cd {0}
782
    mkdir -p data
783
    chown www-data:www-data data
784
    chmod g+ws data
785
    mkdir -p /srv/okeanos
786
    """.format(env.env.pithos_dir)
787
    try_run(cmd)
788

    
789

    
790
@roles("nodes")
791
def setup_nfs_clients():
792
    if env.host == env.env.pithos.ip:
793
        return
794

    
795
    host_info = env.env.ips_info[env.host]
796
    debug(env.host, " * Mounting pithos NFS mount point...")
797
    with settings(hide("everything")):
798
        try_run("ping -c1 " + env.env.pithos.hostname)
799
    with settings(host_string=env.env.pithos.ip):
800
        update_nfs_exports(host_info.ip)
801

    
802
    install_package("nfs-common")
803
    for d in [env.env.pithos_dir, env.env.image_dir]:
804
        try_run("mkdir -p " + d)
805
        cmd = """
806
echo "{0}:{1} {1}  nfs defaults,rw,noatime,rsize=131072,\
807
wsize=131072,timeo=14,intr,noacl" >> /etc/fstab
808
""".format(env.env.pithos.ip, d)
809
        try_run(cmd)
810
        try_run("mount " + d)
811

    
812

    
813
@roles("pithos")
814
def update_nfs_exports(ip):
815
    tmpl = "/tmp/exports"
816
    replace = {
817
        "pithos_dir": env.env.pithos_dir,
818
        "image_dir": env.env.image_dir,
819
        "ip": ip,
820
    }
821
    custom = customize_settings_from_tmpl(tmpl, replace)
822
    try_put(custom, tmpl)
823
    try_run("cat %s >> /etc/exports" % tmpl)
824
    try_run("/etc/init.d/nfs-kernel-server restart")
825

    
826

    
827
@roles("pithos")
828
def setup_nfs_server():
829
    debug(env.host, " * Setting up NFS server for pithos...")
830
    setup_nfs_dirs()
831
    install_package("nfs-kernel-server")
832

    
833

    
834
@roles("pithos")
835
def setup_pithos():
836
    debug(env.host, "Setting up snf-pithos-app...")
837
    with settings(hide("everything")):
838
        try_run("ping -c1 accounts." + env.env.domain)
839
        try_run("ping -c1 " + env.env.db.ip)
840
    setup_gunicorn()
841
    setup_apache()
842
    setup_webproject()
843

    
844
    with settings(host_string=env.env.accounts.ip):
845
        service_id, service_token = get_service_details("pithos")
846

    
847
    install_package("kamaki")
848
    install_package("snf-pithos-backend")
849
    install_package("snf-pithos-app")
850
    tmpl = "/etc/synnefo/pithos.conf"
851
    replace = {
852
        "ACCOUNTS": env.env.accounts.fqdn,
853
        "PITHOS": env.env.pithos.fqdn,
854
        "db_node": env.env.db.ip,
855
        "synnefo_user": env.env.synnefo_user,
856
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
857
        "pithos_dir": env.env.pithos_dir,
858
        "PITHOS_SERVICE_TOKEN": service_token,
859
        "proxy": env.env.pithos.hostname == env.env.accounts.hostname
860
        }
861
    custom = customize_settings_from_tmpl(tmpl, replace)
862
    try_put(custom, tmpl, mode=0644)
863
    try_run("/etc/init.d/gunicorn restart")
864

    
865
    install_package("snf-pithos-webclient")
866
    tmpl = "/etc/synnefo/webclient.conf"
867
    replace = {
868
        "ACCOUNTS": env.env.accounts.fqdn,
869
        "PITHOS_UI_CLOUDBAR_ACTIVE_SERVICE": service_id,
870
        }
871
    custom = customize_settings_from_tmpl(tmpl, replace)
872
    try_put(custom, tmpl, mode=0644)
873

    
874
    try_run("/etc/init.d/gunicorn restart")
875
    #TOFIX: the previous command lets pithos-backend create blocks and maps
876
    #       with root owner
877
    try_run("chown -R www-data:www-data %s/data " % env.env.pithos_dir)
878
    #try_run("pithos-migrate stamp 4c8ccdc58192")
879
    #try_run("pithos-migrate upgrade head")
880

    
881

    
882
@roles("ganeti")
883
def setup_ganeti():
884
    debug(env.host, "Setting up snf-ganeti...")
885
    node_info = env.env.ips_info[env.host]
886
    with settings(hide("everything")):
887
        #if env.enable_lvm:
888
        #    try_run("vgs " + env.env.vg)
889
        try_run("getent hosts " + env.env.cluster.fqdn)
890
        try_run("getent hosts %s | grep -v ^127" % env.host)
891
        try_run("hostname -f | grep " + node_info.fqdn)
892
        #try_run("ip link show " + env.env.common_bridge)
893
        #try_run("ip link show " + env.env.common_bridge)
894
        #try_run("apt-get update")
895
    install_package("qemu-kvm")
896
    install_package("python-bitarray")
897
    install_package("ganeti-htools")
898
    install_package("snf-ganeti")
899
    try_run("mkdir -p /srv/ganeti/file-storage/")
900
    cmd = """
901
cat <<EOF > /etc/ganeti/file-storage-paths
902
/srv/ganeti/file-storage
903
/srv/ganeti/shared-file-storage
904
EOF
905
"""
906
    try_run(cmd)
907

    
908

    
909
@roles("master")
910
def add_rapi_user():
911
    debug(env.host, " * Adding RAPI user to Ganeti backend...")
912
    cmd = """
913
    echo -n "{0}:Ganeti Remote API:{1}" | openssl md5
914
    """.format(env.env.synnefo_user, env.env.synnefo_rapi_passwd)
915
    result = try_run(cmd)
916
    cmd = """
917
    echo "{0} {1}{2} write" >> /var/lib/ganeti/rapi/users
918
    """.format(env.env.synnefo_user, '{ha1}', result)
919
    try_run(cmd)
920
    try_run("/etc/init.d/ganeti restart")
921

    
922

    
923
@roles("master")
924
def add_nodes():
925
    nodes = env.env.cluster_nodes.split(",")
926
    nodes.remove(env.env.master_node)
927
    debug(env.host, " * Adding nodes to Ganeti backend...")
928
    for n in nodes:
929
        add_node(n)
930

    
931

    
932
@roles("master")
933
def add_node(node):
934
    node_info = env.env.nodes_info[node]
935
    debug(env.host, " * Adding node %s to Ganeti backend..." % node_info.fqdn)
936
    cmd = "gnt-node add --no-ssh-key-check --master-capable=yes " + \
937
          "--vm-capable=yes " + node_info.fqdn
938
    try_run(cmd)
939

    
940

    
941
@roles("ganeti")
942
def enable_drbd():
943
    if env.enable_drbd:
944
        debug(env.host, " * Enabling DRBD...")
945
        try_run("modprobe drbd minor_count=255 usermode_helper=/bin/true")
946
        try_run("echo drbd minor_count=255 usermode_helper=/bin/true " +
947
                ">> /etc/modules")
948

    
949

    
950
@roles("master")
951
def setup_drbd_dparams():
952
    if env.enable_drbd:
953
        debug(env.host,
954
              " * Twicking drbd related disk parameters in Ganeti...")
955
        cmd = """
956
        gnt-cluster modify --disk-parameters=drbd:metavg={0}
957
        gnt-group modify --disk-parameters=drbd:metavg={0} default
958
        """.format(env.env.vg)
959
        try_run(cmd)
960

    
961

    
962
@roles("master")
963
def enable_lvm():
964
    if env.enable_lvm:
965
        debug(env.host, " * Enabling LVM...")
966
        cmd = """
967
        gnt-cluster modify --vg-name={0}
968
        """.format(env.env.vg)
969
        try_run(cmd)
970
    else:
971
        debug(env.host, " * Disabling LVM...")
972
        try_run("gnt-cluster modify --no-lvm-storage")
973

    
974

    
975
@roles("master")
976
def destroy_cluster():
977
    debug(env.host, " * Destroying Ganeti cluster...")
978
    #TODO: remove instances first
979
    allnodes = env.env.cluster_hostnames[:]
980
    allnodes.remove(env.host)
981
    for n in allnodes:
982
        host_info = env.env.ips_info[env.host]
983
        debug(env.host, " * Removing node %s..." % n)
984
        cmd = "gnt-node remove  " + host_info.fqdn
985
        try_run(cmd)
986
    try_run("gnt-cluster destroy --yes-do-it")
987

    
988

    
989
@roles("master")
990
def init_cluster():
991
    debug(env.host, " * Initializing Ganeti backend...")
992
    # extra = ""
993
    # if env.enable_lvm:
994
    #     extra += " --vg-name={0} ".format(env.env.vg)
995
    # else:
996
    #     extra += " --no-lvm-storage "
997
    # if not env.enable_drbd:
998
    #     extra += " --no-drbd-storage "
999
    extra = " --no-lvm-storage --no-drbd-storage "
1000
    cmd = """
1001
    gnt-cluster init --enabled-hypervisors=kvm \
1002
        {0} \
1003
        --nic-parameters link={1},mode=bridged \
1004
        --master-netdev {2} \
1005
        --default-iallocator hail \
1006
        --hypervisor-parameters kvm:kernel_path=,vnc_bind_address=0.0.0.0 \
1007
        --no-ssh-init --no-etc-hosts \
1008
        {3}
1009
    """.format(extra, env.env.common_bridge,
1010
               env.env.cluster_netdev, env.env.cluster.fqdn)
1011
    try_run(cmd)
1012

    
1013

    
1014
@roles("ganeti")
1015
def debootstrap():
1016
    install_package("ganeti-instance-debootstrap")
1017

    
1018

    
1019
@roles("ganeti")
1020
def setup_image_host():
1021
    debug(env.host, "Setting up snf-image...")
1022
    install_package("snf-pithos-backend")
1023
    install_package("snf-image")
1024
    try_run("mkdir -p %s" % env.env.image_dir)
1025
    tmpl = "/etc/default/snf-image"
1026
    replace = {
1027
        "synnefo_user": env.env.synnefo_user,
1028
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
1029
        "pithos_dir": env.env.pithos_dir,
1030
        "db_node": env.env.db.ip,
1031
    }
1032
    custom = customize_settings_from_tmpl(tmpl, replace)
1033
    try_put(custom, tmpl)
1034

    
1035

    
1036
@roles("ganeti")
1037
def setup_image_helper():
1038
    debug(env.host, " * Updating helper image...")
1039
    cmd = """
1040
    snf-image-update-helper -y
1041
    """
1042
    try_run(cmd)
1043

    
1044

    
1045
@roles("ganeti")
1046
def setup_gtools():
1047
    debug(env.host, " * Setting up snf-cyclades-gtools...")
1048
    with settings(hide("everything")):
1049
        try_run("ping -c1 " + env.env.mq.ip)
1050
    setup_common()
1051
    install_package("snf-cyclades-gtools")
1052
    tmpl = "/etc/synnefo/gtools.conf"
1053
    replace = {
1054
        "synnefo_user": env.env.synnefo_user,
1055
        "synnefo_rabbitmq_passwd": env.env.synnefo_rabbitmq_passwd,
1056
        "mq_node": env.env.mq.ip,
1057
    }
1058
    custom = customize_settings_from_tmpl(tmpl, replace)
1059
    try_put(custom, tmpl)
1060

    
1061
    cmd = """
1062
    sed -i 's/false/true/' /etc/default/snf-ganeti-eventd
1063
    /etc/init.d/snf-ganeti-eventd start
1064
    """
1065
    try_run(cmd)
1066

    
1067

    
1068
@roles("ganeti")
1069
def setup_iptables():
1070
    debug(env.host, " * Setting up iptables to mangle DHCP requests...")
1071
    cmd = """
1072
    iptables -t mangle -A PREROUTING -i br+ -p udp -m udp --dport 67 \
1073
            -j NFQUEUE --queue-num 42
1074
    iptables -t mangle -A PREROUTING -i tap+ -p udp -m udp --dport 67 \
1075
            -j NFQUEUE --queue-num 42
1076
    iptables -t mangle -A PREROUTING -i prv+ -p udp -m udp --dport 67 \
1077
            -j NFQUEUE --queue-num 42
1078

1079
    ip6tables -t mangle -A PREROUTING -i br+ -p ipv6-icmp -m icmp6 \
1080
            --icmpv6-type 133 -j NFQUEUE --queue-num 43
1081
    ip6tables -t mangle -A PREROUTING -i br+ -p ipv6-icmp -m icmp6 \
1082
            --icmpv6-type 135 -j NFQUEUE --queue-num 44
1083
    """
1084
    try_run(cmd)
1085

    
1086

    
1087
@roles("ganeti")
1088
def setup_network():
1089
    debug(env.host,
1090
          "Setting up networking for Ganeti instances (nfdhcpd, etc.)...")
1091
    install_package("nfqueue-bindings-python")
1092
    install_package("nfdhcpd")
1093
    tmpl = "/etc/nfdhcpd/nfdhcpd.conf"
1094
    replace = {
1095
        "ns_node_ip": env.env.ns.ip
1096
    }
1097
    custom = customize_settings_from_tmpl(tmpl, replace)
1098
    try_put(custom, tmpl)
1099
    try_run("/etc/init.d/nfdhcpd restart")
1100

    
1101
    install_package("snf-network")
1102
    cmd = """
1103
sed -i 's/MAC_MASK.*/MAC_MASK = ff:ff:f0:00:00:00/' /etc/default/snf-network
1104
    """
1105
    try_run(cmd)
1106

    
1107

    
1108
@roles("router")
1109
def setup_router():
1110
    debug(env.host, " * Setting up internal router for NAT...")
1111
    cmd = """
1112
    echo 1 > /proc/sys/net/ipv4/ip_forward
1113
    iptables -t nat -A POSTROUTING -s {0} -o {3} -j MASQUERADE
1114
    ip addr add {1} dev {2}
1115
    ip route add {0} dev {2} src {1}
1116
    """.format(env.env.synnefo_public_network_subnet,
1117
               env.env.synnefo_public_network_gateway,
1118
               env.env.common_bridge, env.env.public_iface)
1119
    try_run(cmd)
1120

    
1121

    
1122
@roles("cyclades")
1123
def cyclades_loaddata():
1124
    debug(env.host, " * Loading initial data for cyclades...")
1125
    try_run("snf-manage flavor-create %s %s %s %s" % (env.env.flavor_cpu,
1126
                                                      env.env.flavor_ram,
1127
                                                      env.env.flavor_disk,
1128
                                                      env.env.flavor_storage))
1129
    #run("snf-manage loaddata flavors")
1130

    
1131

    
1132
@roles("cyclades")
1133
def setup_cyclades():
1134
    debug(env.host, "Setting up snf-cyclades-app...")
1135
    with settings(hide("everything")):
1136
        try_run("ping -c1 accounts." + env.env.domain)
1137
        try_run("ping -c1 " + env.env.db.ip)
1138
        try_run("ping -c1 " + env.env.mq.ip)
1139
    setup_gunicorn()
1140
    setup_apache()
1141
    setup_webproject()
1142
    install_package("memcached")
1143
    install_package("python-memcache")
1144
    install_package("snf-pithos-backend")
1145
    install_package("kamaki")
1146
    install_package("snf-cyclades-app")
1147
    install_package("python-django-south")
1148
    tmpl = "/etc/synnefo/cyclades.conf"
1149

    
1150
    with settings(host_string=env.env.accounts.ip):
1151
        service_id, service_token = get_service_details("cyclades")
1152

    
1153
    replace = {
1154
        "ACCOUNTS": env.env.accounts.fqdn,
1155
        "CYCLADES": env.env.cyclades.fqdn,
1156
        "mq_node": env.env.mq.ip,
1157
        "db_node": env.env.db.ip,
1158
        "synnefo_user": env.env.synnefo_user,
1159
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
1160
        "synnefo_rabbitmq_passwd": env.env.synnefo_rabbitmq_passwd,
1161
        "pithos_dir": env.env.pithos_dir,
1162
        "common_bridge": env.env.common_bridge,
1163
        "HOST": env.env.cyclades.ip,
1164
        "domain": env.env.domain,
1165
        "CYCLADES_SERVICE_TOKEN": service_token,
1166
        "proxy": env.env.cyclades.hostname == env.env.accounts.hostname
1167
        }
1168
    custom = customize_settings_from_tmpl(tmpl, replace)
1169
    try_put(custom, tmpl, mode=0644)
1170
    try_run("/etc/init.d/gunicorn restart")
1171

    
1172
    cmd = """
1173
    sed -i 's/false/true/' /etc/default/snf-dispatcher
1174
    /etc/init.d/snf-dispatcher start
1175
    """
1176
    try_run(cmd)
1177

    
1178
    try_run("snf-manage syncdb")
1179
    try_run("snf-manage migrate --delete-ghost-migrations")
1180

    
1181

    
1182
@roles("cyclades")
1183
def get_backend_id(cluster_name="ganeti1.synnefo.deploy.local"):
1184
    backend_id = try_run("snf-manage backend-list 2>/dev/null " +
1185
                         "| grep %s | awk '{print $1}'" % cluster_name)
1186
    return backend_id
1187

    
1188

    
1189
@roles("cyclades")
1190
def add_backend():
1191
    debug(env.host,
1192
          "adding %s ganeti backend to cyclades..." % env.env.cluster.fqdn)
1193
    with settings(hide("everything")):
1194
        try_run("ping -c1 " + env.env.cluster.fqdn)
1195
    cmd = """
1196
    snf-manage backend-add --clustername={0} --user={1} --pass={2}
1197
    """.format(env.env.cluster.fqdn, env.env.synnefo_user,
1198
               env.env.synnefo_rapi_passwd)
1199
    try_run(cmd)
1200
    backend_id = get_backend_id(env.env.cluster.fqdn)
1201
    try_run("snf-manage backend-modify --drained=False " + backend_id)
1202

    
1203

    
1204
@roles("cyclades")
1205
def pin_user_to_backend(user_email):
1206
    backend_id = get_backend_id(env.env.cluster.fqdn)
1207
    # pin user to backend
1208
    cmd = """
1209
cat <<EOF >> /etc/synnefo/cyclades.conf
1210

1211
BACKEND_PER_USER = {
1212
  '{0}': {1},
1213
}
1214

1215
EOF
1216
/etc/init.d/gunicorn restart
1217
""".format(user_email, backend_id)
1218
    try_run(cmd)
1219

    
1220

    
1221
@roles("cyclades")
1222
def add_pools():
1223
    debug(env.host,
1224
          " * Creating pools of resources (brigdes, mac prefixes) " +
1225
          "in cyclades...")
1226
    try_run("snf-manage pool-create --type=mac-prefix " +
1227
            "--base=aa:00:0 --size=65536")
1228
    try_run("snf-manage pool-create --type=bridge --base=prv --size=20")
1229

    
1230

    
1231
@roles("accounts", "cyclades", "pithos")
1232
def export_services():
1233
    debug(env.host, " * Exporting services...")
1234
    host = env.host
1235
    services = []
1236
    if host == env.env.cyclades.ip:
1237
        services.append("cyclades")
1238
    if host == env.env.pithos.ip:
1239
        services.append("pithos")
1240
    if host == env.env.accounts.ip:
1241
        services.append("astakos")
1242
    for service in services:
1243
        filename = "%s_services.json" % service
1244
        cmd = "snf-manage service-export-%s > %s" % (service, filename)
1245
        run(cmd)
1246
        try_get(filename, filename+".local")
1247

    
1248

    
1249
@roles("accounts")
1250
def import_services():
1251
    debug(env.host, " * Registering services to astakos...")
1252
    for service in ["cyclades", "pithos", "astakos"]:
1253
        filename = "%s_services.json" % service
1254
        try_put(filename + ".local", filename)
1255
        cmd = "snf-manage service-import --json=%s" % filename
1256
        run(cmd)
1257

    
1258
    debug(env.host, " * Setting default quota...")
1259
    cmd = """
1260
    snf-manage resource-modify --limit 40G pithos.diskspace
1261
    snf-manage resource-modify --limit 2 astakos.pending_app
1262
    snf-manage resource-modify --limit 4 cyclades.vm
1263
    snf-manage resource-modify --limit 40G cyclades.disk
1264
    snf-manage resource-modify --limit 16G cyclades.ram
1265
    snf-manage resource-modify --limit 8G cyclades.active_ram
1266
    snf-manage resource-modify --limit 32 cyclades.cpu
1267
    snf-manage resource-modify --limit 16 cyclades.active_cpu
1268
    snf-manage resource-modify --limit 4 cyclades.network.private
1269
    """
1270
    try_run(cmd)
1271

    
1272

    
1273
@roles("cyclades")
1274
def add_network():
1275
    debug(env.host, " * Adding public network in cyclades...")
1276
    backend_id = get_backend_id(env.env.cluster.fqdn)
1277
    cmd = """
1278
    snf-manage network-create --subnet={0} --gateway={1} --public \
1279
        --dhcp=True --flavor={2} --mode=bridged --link={3} --name=Internet \
1280
        --backend-id={4}
1281
    """.format(env.env.synnefo_public_network_subnet,
1282
               env.env.synnefo_public_network_gateway,
1283
               env.env.synnefo_public_network_type,
1284
               env.env.common_bridge, backend_id)
1285
    try_run(cmd)
1286

    
1287

    
1288
@roles("cyclades")
1289
def setup_vncauthproxy():
1290
    debug(env.host, " * Setting up vncauthproxy...")
1291
    install_package("snf-vncauthproxy")
1292
    cmd = """
1293
    echo CHUID="www-data:nogroup" >> /etc/default/vncauthproxy
1294
    rm /var/log/vncauthproxy/vncauthproxy.log
1295
    """
1296
    try_run(cmd)
1297
    try_run("/etc/init.d/vncauthproxy restart")
1298

    
1299

    
1300
@roles("client")
1301
def setup_kamaki():
1302
    debug(env.host, "Setting up kamaki client...")
1303
    with settings(hide("everything")):
1304
        try_run("ping -c1 accounts." + env.env.domain)
1305
        try_run("ping -c1 cyclades." + env.env.domain)
1306
        try_run("ping -c1 pithos." + env.env.domain)
1307

    
1308
    with settings(host_string=env.env.db.ip):
1309
        uid, user_auth_token, user_uuid = \
1310
            get_auth_token_from_db(env.env.user_email)
1311

    
1312
    install_package("python-progress")
1313
    install_package("kamaki")
1314
    cmd = """
1315
    kamaki config set cloud.default.url "https://{0}/astakos/identity/v2.0/"
1316
    kamaki config set cloud.default.token {1}
1317
    """.format(env.env.accounts.fqdn, user_auth_token)
1318
    try_run(cmd)
1319
    try_run("kamaki file create images")
1320

    
1321

    
1322
@roles("client")
1323
def upload_image(image="debian_base.diskdump"):
1324
    debug(env.host, " * Uploading initial image to pithos...")
1325
    image = "debian_base.diskdump"
1326
    try_run("wget {0} -O /tmp/{1}".format(env.env.debian_base_url, image))
1327
    try_run("kamaki file upload --container images /tmp/{0} {0}".format(image))
1328

    
1329

    
1330
@roles("client")
1331
def register_image(image="debian_base.diskdump"):
1332
    debug(env.host, " * Register image to plankton...")
1333
    # with settings(host_string=env.env.db.ip):
1334
    #     uid, user_auth_token, user_uuid = \
1335
    #        get_auth_token_from_db(env.env.user_email)
1336

    
1337
    image_location = "images:{0}".format(image)
1338
    cmd = """
1339
    sleep 5
1340
    kamaki image register "Debian Base" {0} --public --disk-format=diskdump \
1341
            --property OSFAMILY=linux --property ROOT_PARTITION=1 \
1342
            --property description="Debian Squeeze Base System" \
1343
            --property size=450M --property kernel=2.6.32 \
1344
            --property GUI="No GUI" --property sortorder=1 \
1345
            --property USERS=root --property OS=debian
1346
    """.format(image_location)
1347
    try_run(cmd)
1348

    
1349

    
1350
@roles("client")
1351
def setup_burnin():
1352
    debug(env.host, "Setting up burnin testing tool...")
1353
    install_package("kamaki")
1354
    install_package("snf-tools")
1355

    
1356

    
1357
@roles("pithos")
1358
def add_image_locally():
1359
    debug(env.host,
1360
          " * Getting image locally in order snf-image to use it directly..")
1361
    image = "debian_base.diskdump"
1362
    try_run("wget {0} -O {1}/{2}".format(
1363
            env.env.debian_base_url, env.env.image_dir, image))
1364

    
1365

    
1366
@roles("master")
1367
def gnt_instance_add(name="test"):
1368
    debug(env.host, " * Adding test instance to Ganeti...")
1369
    osp = """img_passwd=gamwtosecurity,\
1370
img_format=diskdump,img_id=debian_base,\
1371
img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'"""
1372
    cmd = """
1373
    gnt-instance add  -o snf-image+default --os-parameters {0} \
1374
            -t plain --disk 0:size=1G --no-name-check --no-ip-check \
1375
            --net 0:ip=pool,network=test --no-install \
1376
            --hypervisor-parameters kvm:machine_version=pc-1.0 {1}
1377
    """.format(osp, name)
1378
    try_run(cmd)
1379

    
1380

    
1381
@roles("master")
1382
def gnt_network_add(name="test", subnet="10.0.0.0/26", gw="10.0.0.1",
1383
                    mode="bridged", link="br0"):
1384
    debug(env.host, " * Adding test network to Ganeti...")
1385
    cmd = """
1386
    gnt-network add --network={1} --gateway={2} {0}
1387
    gnt-network connect {0} {3} {4}
1388
    """.format(name, subnet, gw, mode, link)
1389
    try_run(cmd)
1390

    
1391

    
1392
@roles("ips")
1393
def test():
1394
    debug(env.host, "Testing...")
1395
    try_run("hostname && date")