class Directory(Resource):
action = ForcedListArgument(default="create")
path = ResourceArgument(default=lambda obj: obj.name)
mode = ResourceArgument()
owner = ResourceArgument()
group = ResourceArgument()
follow = BooleanArgument(default=True) # follow links?
"""
this works for 'create', 'delete' is anyway recursive
recursive means only "mkdir -p", it does NOT perform recursive chown/chmod
"""
recursive = BooleanArgument(default=False)
"""
Grants x-bit for all the folders up-to the directory
u - user who is owner
g - user from group
o - other users
a - all
The letters can be combined together.
"""
cd_access = ResourceArgument()
actions = Resource.actions + ["create", "delete"]
class Directory(Resource):
action = ForcedListArgument(default="create")
path = ResourceArgument(default=lambda obj: obj.name)
mode = ResourceArgument()
owner = ResourceArgument()
group = ResourceArgument()
follow = BooleanArgument(default=True) # follow links?
recursive = BooleanArgument(
default=False) # this work for 'create', 'delete' is anyway recursive
recursive_permission = BooleanArgument(
default=False
) # sets given perms to all non-existent folders which are created recursively
"""
Grants x-bit for all the folders up-to the directory
u - user who is owner
g - user from group
o - other users
a - all
The letters can be combined together.
"""
cd_access = ResourceArgument()
actions = Resource.actions + ["create", "delete"]
class Package(Resource):
action = ForcedListArgument(default="install")
package_name = ResourceArgument(default=lambda obj: obj.name)
location = ResourceArgument(default=lambda obj: obj.package_name)
# Allow using only specific list of repositories when performing action
use_repos = ResourceArgument(default=[])
skip_repos = ResourceArgument(default=[])
"""
True - log it in INFO mode
False - never log it
None (default) - log it in DEBUG mode
"""
logoutput = ResourceArgument(default=None)
"""
Retry if package manager is locked or unavailable.
Note that retry_on_lock works only for apt-get and zypper, while yum manages lock retries itself.
"""
retry_count = ResourceArgument(default=4)
retry_sleep = ResourceArgument(default=30)
retry_on_repo_unavailability = BooleanArgument(default=False)
retry_on_locked = BooleanArgument(default=True)
version = ResourceArgument()
actions = ["install", "upgrade", "remove"]
build_vars = ForcedListArgument(default=[])
"""
False - also remove any packages that depend on the one being removed
True - possibly break dependencies by keeping them installed
"""
ignore_dependencies = BooleanArgument(default=False)
class HdfsResource(Resource):
# Required: {target, type, action}
# path to hadoop file/directory
target = ResourceArgument(default=lambda obj: obj.name)
# "directory" or "file"
type = ResourceArgument()
# "create_delayed" or "delete_delayed" or "execute"
action = ForcedListArgument()
# if present - copies file/directory from local path {source} to hadoop path - {target}
source = ResourceArgument()
owner = ResourceArgument()
group = ResourceArgument()
mode = ResourceArgument()
logoutput = ResourceArgument()
recursive_chown = BooleanArgument(default=False)
recursive_chmod = BooleanArgument(default=False)
change_permissions_for_parents = BooleanArgument(default=False)
security_enabled = BooleanArgument(default=False)
principal_name = ResourceArgument()
keytab = ResourceArgument()
kinit_path_local = ResourceArgument()
user = ResourceArgument()
hadoop_bin_dir = ResourceArgument()
hadoop_conf_dir = ResourceArgument()
# WebHDFS needs these
hdfs_site = ResourceArgument()
default_fs = ResourceArgument()
#action 'execute' immediately creates all pending files/directories in efficient manner
#action 'create_delayed/delete_delayed' adds file/directory to list of pending directories
actions = Resource.actions + [
"create_on_execute", "delete_on_execute", "execute"
]
class HdfsResource(Resource):
# Required: {target, type, action}
# path to hadoop file/directory
target = ResourceArgument(default=lambda obj: obj.name)
# "directory" or "file"
type = ResourceArgument()
# "create_on_execute" or "delete_on_execute" or "download_on_execute" or "execute"
action = ForcedListArgument()
# if present - copies file/directory from local path {source} to hadoop path - {target}
source = ResourceArgument()
owner = ResourceArgument()
group = ResourceArgument()
mode = ResourceArgument()
logoutput = ResourceArgument()
recursive_chown = BooleanArgument(default=False)
recursive_chmod = BooleanArgument(default=False)
change_permissions_for_parents = BooleanArgument(default=False)
"""
If a file present in HDFS is different from source, should it be replaced?
"""
replace_existing_files = BooleanArgument(default=True)
security_enabled = BooleanArgument(default=False)
principal_name = ResourceArgument()
keytab = ResourceArgument()
kinit_path_local = ResourceArgument()
user = ResourceArgument()
hadoop_bin_dir = ResourceArgument()
hadoop_conf_dir = ResourceArgument()
"""
Path to file which contains '\n'-separated list of hdfs resources, which should not
be managed. (simply any action to be skipped on it)
This mean that if HdfsResource('/test1'..) is executed and /test1 is one of the lines
in the given file, the execution will be ignored.
Example value:
/var/lib/ambari-agent/data/.hdfs_resource_ignore
"""
hdfs_resource_ignore_file = ResourceArgument()
"""
If the name of the HdfsResource is in immutable_paths
and it is already created, any actions on it will be skipped
(like changing permissions/recursive permissions, copying from source, deleting etc.)
"""
immutable_paths = ResourceArgument(default=[])
# WebHDFS needs these
hdfs_site = ResourceArgument()
default_fs = ResourceArgument()
# To support HCFS
dfs_type = ResourceArgument(default="")
#action 'execute' immediately performs all pending actions in an efficient manner
#action 'create_on_execute/delete_on_execute/download_on_execute' adds to the list of pending actions
actions = Resource.actions + ["create_on_execute", "delete_on_execute", "download_on_execute", "execute"]
class Link(Resource):
action = ForcedListArgument(default="create")
path = ResourceArgument(default=lambda obj: obj.name)
to = ResourceArgument(required=True)
hard = BooleanArgument(default=False)
actions = Resource.actions + ["create", "delete"]
class Execute(Resource):
action = ForcedListArgument(default="run")
"""
Recommended:
command = ('rm','-f','myfile')
Not recommended:
command = 'rm -f myfile'
The first one helps to stop escaping issues
"""
command = ResourceArgument(default=lambda obj: obj.name)
creates = ResourceArgument()
cwd = ResourceArgument()
# this runs command with a specific env variables, env={'JAVA_HOME': '/usr/jdk'}
environment = ResourceArgument()
user = ResourceArgument()
group = ResourceArgument()
returns = ForcedListArgument(default=0)
tries = ResourceArgument(default=1)
try_sleep = ResourceArgument(default=0) # seconds
path = ForcedListArgument(default=[])
actions = Resource.actions + ["run"]
logoutput = BooleanArgument(default=False)
"""
if on_timeout is not set leads to failing after x seconds,
otherwise calls on_timeout
"""
timeout = ResourceArgument() # seconds
on_timeout = ResourceArgument()
"""
Wait for command to finish or not.
NOTE:
In case of False, since any command results are skipped, it disables some functionality:
- non-zero return code failure
- logoutput
- tries
- try_sleep
"""
wait_for_finish = BooleanArgument(default=True)
"""
if wait_for_finish is True then optionally the caller can ask for the pid to be written
"""
pid_file = ResourceArgument()
poll_after = ResourceArgument() #seconds
class ExecuteHadoop(Resource):
action = ForcedListArgument(default="run")
command = ResourceArgument(default=lambda obj: obj.name)
kinit_override = BooleanArgument(default=False)
tries = ResourceArgument(default=1)
try_sleep = ResourceArgument(default=0) # seconds
user = ResourceArgument()
logoutput = BooleanArgument(default=False)
principal = ResourceArgument(default=lambda obj: obj.user)
conf_dir = ResourceArgument()
security_enabled = BooleanArgument(default=False)
keytab = ResourceArgument()
kinit_path_local = ResourceArgument()
actions = Resource.actions + ["run"]
class Directory(Resource): action = ForcedListArgument(default="create") path = ResourceArgument(default=lambda obj: obj.name) mode = ResourceArgument() owner = ResourceArgument() group = ResourceArgument() recursive = BooleanArgument(default=False) # this work for 'create', 'delete' is anyway recursive actions = Resource.actions + ["create", "delete"]
class HdfsDirectory(Resource):
action = ForcedListArgument()
dir_name = ResourceArgument(default=lambda obj: obj.name)
owner = ResourceArgument()
group = ResourceArgument()
mode = ResourceArgument()
recursive_chown = BooleanArgument(default=False)
recursive_chmod = BooleanArgument(default=False)
conf_dir = ResourceArgument()
security_enabled = BooleanArgument(default=False)
keytab = ResourceArgument()
kinit_path_local = ResourceArgument()
hdfs_user = ResourceArgument()
#action 'create' immediately creates all pending directory in efficient manner
#action 'create_delayed' add directory to list of pending directories
actions = Resource.actions + ["create", "create_delayed"]
class Package(Resource):
action = ForcedListArgument(default="install")
package_name = ResourceArgument(default=lambda obj: obj.name)
location = ResourceArgument(default=lambda obj: obj.package_name)
"""
Dictionary of repositories (repo ID => repo file name) to allow using
only a specific list of repositories when performing action.
(APT requires repo file names while other providers can filter by repo ID,
hence the need to pass both.)
"""
use_repos = ResourceArgument(default={})
"""
List of repositories to avoid using (currently only respected by YUM provider)
"""
skip_repos = ResourceArgument(default=[])
"""
True - log it in INFO mode
False - never log it
None (default) - log it in DEBUG mode
"""
logoutput = ResourceArgument(default=None)
"""
Retry if package manager is locked or unavailable.
Note that retry_on_lock works only for apt-get and zypper, while yum manages lock retries itself.
"""
retry_count = ResourceArgument(default=4)
retry_sleep = ResourceArgument(default=30)
retry_on_repo_unavailability = BooleanArgument(default=False)
retry_on_locked = BooleanArgument(default=True)
version = ResourceArgument()
actions = ["install", "upgrade", "remove"]
build_vars = ForcedListArgument(default=[])
"""
False - also remove any packages that depend on the one being removed
True - possibly break dependencies by keeping them installed
"""
ignore_dependencies = BooleanArgument(default=False)
class User(Resource):
action = ForcedListArgument(default="create")
username = ResourceArgument(default=lambda obj: obj.name)
comment = ResourceArgument()
uid = ResourceArgument()
gid = ResourceArgument()
"""
If the user exists, and there are some groups, appends to existant
"""
groups = ForcedListArgument(default=[]) # supplementary groups
home = ResourceArgument()
shell = ResourceArgument()
password = ResourceArgument()
system = BooleanArgument(default=False)
"""
On some envs, with ldap enabled, fetching information
for all the groups - grp.getgrall() - is pretty slow.
This parameter enables us fetching information about only local users (which is fast).
"""
fetch_nonlocal_groups = BooleanArgument(default=True)
actions = Resource.actions + ["create", "remove"]
class User(Resource):
action = ForcedListArgument(default="create")
username = ResourceArgument(default=lambda obj: obj.name)
comment = ResourceArgument()
uid = ResourceArgument()
gid = ResourceArgument()
groups = ForcedListArgument(default=[]) # supplementary groups
home = ResourceArgument()
shell = ResourceArgument()
password = ResourceArgument()
system = BooleanArgument(default=False)
actions = Resource.actions + ["create", "remove"]
class Execute(Resource):
action = ForcedListArgument(default="run")
"""
Recommended:
command = ('rm','-f','myfile')
Not recommended:
command = 'rm -f myfile'
The first one helps to stop escaping issues
"""
command = ResourceArgument(default=lambda obj: obj.name)
creates = ResourceArgument()
cwd = ResourceArgument()
# this runs command with a specific env variables, env={'JAVA_HOME': '/usr/jdk'}
environment = ResourceArgument()
user = ResourceArgument()
group = ResourceArgument()
returns = ForcedListArgument(default=0)
tries = ResourceArgument(default=1)
try_sleep = ResourceArgument(default=0) # seconds
path = ForcedListArgument(default=[])
actions = Resource.actions + ["run"]
logoutput = BooleanArgument(default=False)
class Execute(Resource):
action = ForcedListArgument(default="run")
"""
Recommended:
command = ('rm','-f','myfile')
Not recommended:
command = 'rm -f myfile'
The first one helps to stop escaping issues
"""
command = ResourceArgument(default=lambda obj: obj.name)
creates = ResourceArgument()
"""
cwd won't work for:
- commands run as sudo
- commands run as user (which uses sudo as well)
This is because non-interactive sudo commands doesn't support that.
"""
cwd = ResourceArgument()
# this runs command with a specific env variables, env={'JAVA_HOME': '/usr/jdk'}
environment = ResourceArgument(default={})
user = ResourceArgument()
group = ResourceArgument()
returns = ForcedListArgument(default=0)
tries = ResourceArgument(default=1)
try_sleep = ResourceArgument(default=0) # seconds
path = ForcedListArgument(default=[])
actions = Resource.actions + ["run"]
# TODO: handle how this is logged / tested?
"""
A one-argument function, which will be executed,
once new line comes into command output.
The only parameter of this function is a new line which comes to output.
"""
on_new_line = ResourceArgument()
"""
True - log it in INFO mode
False - never log it
None (default) - log it in DEBUG mode
"""
logoutput = ResourceArgument(default=None)
"""
if on_timeout is not set leads to failing after x seconds,
otherwise calls on_timeout
"""
timeout = ResourceArgument() # seconds
on_timeout = ResourceArgument()
"""
Wait for command to finish or not.
NOTE:
In case of False, since any command results are skipped, it disables some functionality:
- non-zero return code failure
- logoutput
- tries
- try_sleep
"""
wait_for_finish = BooleanArgument(default=True)
"""
For calling more advanced commands use as_sudo(command) option.
Example:
command1 = as_sudo(["cat,"/etc/passwd"]) + " | grep user"
command2 = as_sudo(["ls", "/root/example.txt") + " && " + as_sudo(["rm","-f","example.txt"])
"""
sudo = BooleanArgument(default=False)
"""
subprocess.PIPE - enable output gathering
None - disable output to gathering, and output to Python out straightly (even if logoutput is False)
subprocess.STDOUT - redirect to stdout (not valid as value for stdout agument)
{int fd} - redirect to file with descriptor.
{string filename} - redirects to a file with name.
"""
stdout = ResourceArgument(default=subprocess.PIPE)
stderr = ResourceArgument(default=subprocess.STDOUT)
class Directory(Resource):
action = ForcedListArgument(default="create")
path = ResourceArgument(default=lambda obj: obj.name)
mode = ResourceArgument()
owner = ResourceArgument()
group = ResourceArgument()
follow = BooleanArgument(default=True) # follow links?
"""
Example:
Directory('/a/b/c/d', create_parents=False) # will fail unless /a/b/c exists
Directory('/a/b/c/d', create_parents=True) # will succeed if /a/b/c doesn't exists
"""
create_parents = BooleanArgument(default=False)
"""
Grants x-bit for all the folders up-to the directory
u - user who is owner
g - user from group
o - other users
a - all
The letters can be combined together.
"""
cd_access = ResourceArgument()
"""
If True sets the user and group mentioned in arguments, for all the contents of folder and its subfolder.
CAUNTION: THIS IS NO RECOMENDED TO USE THIS, please treat such a usages as last resort hacks.
The problem with using recursive permissions setting is that the system can be damaged badly by doing this,
imagine recursively setting for '/' or '/etc' (it can break the system) or other important for user folder.
This is partially fixed by 'safemode_folders' feature, but still is risky.
See also: safemode_folders, recursion_follow_links
"""
recursive_ownership = BooleanArgument(default=False)
"""
A dictionary, which gives the mode flags which should be set for files in key 'f', and for
directories in key 'd'.
The format of those flags should be symbolic format used in chmod. From chmod man page:
the format of a symbolic mode is [ugoa...][[+-=][perms...]...],
where perms is either zero or more letters from the set rwxXst, or a single letter from the set ugo.
Multiple symbolic modes can be given, separated by commas.
u - user who is owner
g - user from group
o - other users
a - all
Example:
recursive_mode_flags = {
'd': 'u+rwx,g+rx' # for subfolders, enforce 'rwx' (read,write,execute) for owner of the file, and 'rx' (read,execute) for group, don't change 'others' permissions
'f': 'u+rw,go+r' # for files in the directory, enforce 'rw' (read, write) for owner of the file, and 'r' (read) for group and others.
}
recursive_mode_flags = {
'd': 'a+rwx' # for subfolders, enforce rwxrwxrwx (777) permisons.
'f': 'a+rw' # for files in the directory, enforce adding 'rw' (read,write) to original permissions. If file had 'x' bit before it will stay there.
}
CAUNTION: THIS IS NO RECOMENDED TO USE THIS, please treat such a usages as last resort hacks.
The problem with using recursive permissions setting is that the system can be damaged badly by doing this,
imagine recursively setting permissions for '/' or '/etc' (it can break the system) or other important for user folder.
This is partially fixed by 'safemode_folders' feature, but still is risky.
See also: safemode_folders, recursion_follow_links
"""
recursive_mode_flags = ResourceArgument(default=None)
"""
This is the list folder which are not allowed to be recursively chmod-ed or chown-ed. (recursive_ownership and recursive_mode_flags).
Fail exception will appear if tried.
Example of a dangerous code, which will not be succeed:
Directory("/",
owner="my_user",
recursive_ownership=True
)
This aims to the resolve the problem of mistakenly doing recursive actions for system necessary folders.
which results in damaging the operating system.
"""
safemode_folders = ForcedListArgument(default=["/", "/bin", "/sbin", "/etc", "/dev",
"/proc", "/var", "/usr", "/home", "/boot", "/lib", "/opt",
"/mnt", "/media", "/srv", "/root", "/sys" ])
"""
If True while recursive chown/chmod is done (recursive_ownership or recursive_mode_flags),
symlinks will be followed, duing recursion walking, also
this will also make chmod/chown to set permissions for symlink targets, not for symlink itself.
Note: if recursion_follow_links=False chmod will not set permissions nor on symlink neither on targets.
As according to chmod man: 'This is not a problem since the permissions of symbolic links are never used'.
"""
recursion_follow_links = BooleanArgument(default=False)
actions = Resource.actions + ["create", "delete"]