def installkey(self):
""" installs the staging key as the currently installed private key
returns:
0 on success,
1 on empty install key (not an error)
2 when the private key is invalid
3 when the private key could not be distributed
"""
self.updatelock.acquire()
try:
# first verify if the staging key is empty (not an error)
if (
not os.path.exists(ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"))
) or 0 == len(open(ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"), "r").read()):
return "1"
# next verify that the staging key is a valid file
verifycmd = "secure_script_wrapper -p2 %s verifystagingkey %s" % (
self.sslWrapperPath,
self.cfg.getGlobalParam("ENTERPRISE_HOME"),
)
outputList = []
verifycode = E.execute(["localhost"], verifycmd, outputList, 60)
if verifycode != 0:
E.rm(["localhost"], ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"))
logging.error("Verify failed for key [%s]; error code: %d" % (str(outputList), verifycode))
return "2"
# distribute the staging key
retcode = E.distribute(
self.cfg.getGlobalParam("MACHINES"),
ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"),
60,
)
if retcode != 0:
logging.error("Couldn't distribute private key, error %d" % retcode)
return "3"
# next, copy the key on all machines
cmd = "secure_script_wrapper -p2 %s installkey %s" % (
self.sslWrapperPath,
self.cfg.getGlobalParam("ENTERPRISE_HOME"),
)
outputList = []
retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList, 60)
if retcode != 0:
logging.error("Couldn't install cert: %s" % str(outputList))
return "3"
self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_KEY_INSTALLED)
finally:
self.updatelock.release()
return "0"
def distributedbfiles(self, filenames):
# Distribute local database files to all the nodes.
retcode = E.distribute(self.cfg.getGlobalParam("MACHINES"),
filenames, 1)
if retcode != 0:
logging.error("Couldn't distribute %s, error %d" % (filenames, retcode))
return "1"
return "0"
def installkey(self):
""" installs the staging key as the currently installed private key
returns:
0 on success,
1 on empty install key (not an error)
2 when the private key is invalid
3 when the private key could not be distributed
"""
self.updatelock.acquire()
try:
# first verify if the staging key is empty (not an error)
if (not os.path.exists(ssl_cert.STAGINGKEY_FILENAME % \
self.cfg.getGlobalParam("ENTERPRISE_HOME"))) or \
0 == len(open(ssl_cert.STAGINGKEY_FILENAME % \
self.cfg.getGlobalParam("ENTERPRISE_HOME"), "r").read()):
return "1"
# next verify that the staging key is a valid file
verifycmd = "secure_script_wrapper -p2 %s verifystagingkey %s" % (
self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME") )
outputList = []
verifycode = E.execute(['localhost'], verifycmd, outputList, 60)
if verifycode != 0:
E.rm(['localhost'],
ssl_cert.STAGINGKEY_FILENAME %
self.cfg.getGlobalParam("ENTERPRISE_HOME"))
logging.error("Verify failed for key [%s]; error code: %d" %
(str(outputList), verifycode) )
return "2"
# distribute the staging key
retcode = E.distribute(self.cfg.getGlobalParam("MACHINES"),
ssl_cert.STAGINGKEY_FILENAME %
self.cfg.getGlobalParam("ENTERPRISE_HOME"), 60)
if retcode != 0:
logging.error("Couldn't distribute private key, error %d" % retcode)
return "3"
# next, copy the key on all machines
cmd = "secure_script_wrapper -p2 %s installkey %s" % (
self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME"))
outputList = []
retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList,
60)
if retcode != 0:
logging.error("Couldn't install cert: %s" % str(outputList))
return "3"
self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_KEY_INSTALLED)
finally:
self.updatelock.release()
return "0"
def _distributeFiles(self, dir):
"""Distributes the files in directory named dir. Returns 0 on success,
the return code from E.distribute() otherwise."""
files = os.listdir(dir)
try:
files.remove('temp')
except ValueError:
logging.warn("expected to find file 'temp'")
files = map(lambda x: os.path.join(dir, x), files)
files_str = ' '.join(files)
return E.distribute(self.cfg.getGlobalParam('MACHINES'), files_str, 60)
def installcert(self):
""" installs the staging certificate as the currently installed certificate
returns:
0 on success, and
1 on failure
"""
self.updatelock.acquire()
try:
# first verify that the staging certificate is a valid file
verifycmd = "secure_script_wrapper -p2 %s verifystagingcert %s" % (
self.sslWrapperPath,
self.cfg.getGlobalParam("ENTERPRISE_HOME"),
)
outputList = []
verifycode = E.execute(["localhost"], verifycmd, outputList, 60)
if verifycode != 0:
E.rm(["localhost"], ssl_cert.STAGINGCERT_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"))
logging.error("Verify failed for certificate [%s]; error code: %d" % (str(outputList), verifycode))
return "1"
# distribute the staging certificate
retcode = E.distribute(
self.cfg.getGlobalParam("MACHINES"),
ssl_cert.STAGINGCERT_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"),
60,
)
if retcode != 0:
logging.error("Couldn't distribute apache cert, error %d" % retcode)
# next, generate the certificate on all machines
cmd = "secure_script_wrapper -p2 %s installcert %s" % (
self.sslWrapperPath,
self.cfg.getGlobalParam("ENTERPRISE_HOME"),
)
outputList = []
retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList, 60)
if retcode != 0:
logging.error("Couldn't install cert: %s" % str(outputList))
return "1"
self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_CERT_INSTALLED)
finally:
self.updatelock.release()
return "0"
def installcert(self):
""" installs the staging certificate as the currently installed certificate
returns:
0 on success, and
1 on failure
"""
self.updatelock.acquire()
try:
# first verify that the staging certificate is a valid file
verifycmd = "secure_script_wrapper -p2 %s verifystagingcert %s" % (
self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME") )
outputList = []
verifycode = E.execute(['localhost'], verifycmd, outputList, 60)
if verifycode != 0:
E.rm(['localhost'],
ssl_cert.STAGINGCERT_FILENAME %
self.cfg.getGlobalParam("ENTERPRISE_HOME"))
logging.error("Verify failed for certificate [%s]; error code: %d" %
(str(outputList), verifycode) )
return "1"
# distribute the staging certificate
retcode = E.distribute(self.cfg.getGlobalParam("MACHINES"),
ssl_cert.STAGINGCERT_FILENAME %
self.cfg.getGlobalParam("ENTERPRISE_HOME"), 60)
if retcode != 0:
logging.error("Couldn't distribute apache cert, error %d" % retcode)
# next, generate the certificate on all machines
cmd = "secure_script_wrapper -p2 %s installcert %s" % (
self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME"))
outputList = []
retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList,
60)
if retcode != 0:
logging.error("Couldn't install cert: %s" % str(outputList))
return "1"
self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_CERT_INSTALLED)
finally:
self.updatelock.release()
return "0"
def sync_password_file(self):
""" This updates the password file on all config replicas """
E.distribute(self.cfg.getGlobalParam("CONFIG_REPLICAS"),
self.get_password_file(), true)
E.distribute(self.cfg.getGlobalParam("CONFIG_REPLICAS"),
self.get_vmanager_password_file(), true)
def create(linkFarmDir, chunkDisksMap, chunkPrefix, chunkTermination, binDir, machines):
"""
This does the create job.
@param linkFarmDir the directory where is the link frm. Here we create
a data link, a log dir and log dir
@param chunkDisks the map from machines to datadisks
@param chunkPrefix
@param chunkTermination the dir termination
@param machines on which machines we create this datadir
@return boolean - the succes status
"""
ok = 1
for machine in machines:
if not chunkDisksMap.has_key(machine):
logging.error("ERROR: No entry for machine %s in data chunk disk map %s" % (machine, chunkDisksMap))
ok = 0
continue
chunkDisks = chunkDisksMap[machine]
# Prepare search.config content
searchConfig = []
searchConfig.append(
"""datapath %s
urlbuckets urlbuckets
sorttempdir .
"""
% chunkTermination
)
dirs = []
for d in ["-data", "-data/logs", "-data/%s" % C.RUNCONFIGDIR_DIRNAME]:
dirs.append("%s/%s%s" % (linkFarmDir, chunkTermination, d))
for d in chunkDisks:
searchConfig.append("disk %s/%s 1000\n" % (d, chunkPrefix))
dirs.append("%s/%s/%s" % (d, chunkPrefix, chunkTermination))
dirs.append("%s/%s/workqueue" % (d, chunkPrefix))
dirs.append("%s/%s/workqueue/bin" % (d, chunkPrefix))
if not E.mkdir([machine], string.join(dirs, " ")) or not E.ln(
[machine],
"%s/%s-data" % (linkFarmDir, chunkTermination),
"%s/%s-data/data" % (linkFarmDir, chunkTermination),
):
return false
# create the search.config and distribute it
fileName = "%s/%s-data/search.config" % (linkFarmDir, chunkTermination)
tmpFile = "/tmp/search.config.tmp-%s" % chunkTermination
try:
open(tmpFile, "w").write(string.join(searchConfig, ""))
if E.ERR_OK != E.distribute([machine], tmpFile, 1) or E.ERR_OK != E.execute(
[machine], "mv -f %s %s" % (tmpFile, fileName), None, true
):
ok = 0
E.rm([E.LOCALHOST, machine], tmpFile)
except IOError:
ok = 0
# set up link in workqueue slave binary directory (bin) to workqueue-slave
# binary so that workqueue-slave can checksum/update itself
for d in chunkDisks:
if not E.ln(
[machine],
"%s/workqueue-slave" % binDir["workqueue-slave"],
"%s/%s/workqueue/bin/current" % (d, chunkPrefix),
):
ok = 0
return ok
def create(linkFarmDir,
chunkDisksMap, chunkPrefix, chunkTermination,
binDir,
machines):
"""
This does the create job.
@param linkFarmDir the directory where is the link frm. Here we create
a data link, a log dir and log dir
@param chunkDisks the map from machines to datadisks
@param chunkPrefix
@param chunkTermination the dir termination
@param machines on which machines we create this datadir
@return boolean - the succes status
"""
ok = 1
for machine in machines:
if not chunkDisksMap.has_key(machine):
logging.error(
"ERROR: No entry for machine %s in data chunk disk map %s" % (
machine, chunkDisksMap))
ok = 0
continue
chunkDisks = chunkDisksMap[machine]
# Prepare search.config content
searchConfig = []
searchConfig.append("""datapath %s
urlbuckets urlbuckets
sorttempdir .
""" % chunkTermination)
dirs = []
for d in ["-data", "-data/logs", "-data/%s" % C.RUNCONFIGDIR_DIRNAME]:
dirs.append("%s/%s%s" % (linkFarmDir, chunkTermination, d))
for d in chunkDisks:
searchConfig.append("disk %s/%s 1000\n" % (d, chunkPrefix))
dirs.append("%s/%s/%s" % (d, chunkPrefix, chunkTermination))
dirs.append("%s/%s/workqueue" % (d, chunkPrefix))
dirs.append("%s/%s/workqueue/bin" % (d, chunkPrefix))
if ( not E.mkdir([machine], string.join(dirs, " ")) or
not E.ln([machine],
"%s/%s-data" % (linkFarmDir, chunkTermination),
"%s/%s-data/data" % (linkFarmDir, chunkTermination)) ):
return false
# create the search.config and distribute it
fileName = "%s/%s-data/search.config" % (linkFarmDir,
chunkTermination)
tmpFile = "/tmp/search.config.tmp-%s" % chunkTermination;
try:
open(tmpFile, "w").write(string.join(searchConfig, ""))
if ( E.ERR_OK != E.distribute([machine], tmpFile, 1) or
E.ERR_OK != E.execute([machine],
"mv -f %s %s" % (tmpFile, fileName),
None, true) ):
ok = 0
E.rm([E.LOCALHOST, machine], tmpFile)
except IOError:
ok = 0
# set up link in workqueue slave binary directory (bin) to workqueue-slave
# binary so that workqueue-slave can checksum/update itself
for d in chunkDisks:
if not E.ln([machine],
'%s/workqueue-slave' % binDir['workqueue-slave'],
'%s/%s/workqueue/bin/current' % (d, chunkPrefix)):
ok = 0
return ok;
def sync_password_file(self):
""" This updates the password file on all config replicas """
E.distribute(self.cfg.getGlobalParam("CONFIG_REPLICAS"),
self.get_password_file(), true)
E.distribute(self.cfg.getGlobalParam("CONFIG_REPLICAS"),
self.get_vmanager_password_file(), true)
