def configure_openldap(self):
"""Install and Configure Openldap over Non-SSL."""
# 1. Install and Configure Openldap over Non-SSL.
# 2. Enable slapd logging in rsyslog config
# 3. Set openldap-replication
# 4. Check number of nodes in the cluster
self.logger.info('Open ldap configuration started')
cmd = [
'/opt/seagate/cortx/s3/install/ldap/setup_ldap.sh',
'--ldapadminpasswd', f'{self.ldap_passwd}', '--rootdnpasswd',
f'{self.rootdn_passwd}', '--forceclean', '--skipssl'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
self.logger.info(f'output of setup_ldap.sh: {stdout}')
if retcode != 0:
self.logger.error(f'error of setup_ldap.sh: {stderr}')
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}"
)
else:
self.logger.warning(f'warning of setup_ldap.sh: {stderr}')
if os.path.isfile(
"/opt/seagate/cortx/s3/install/ldap/rsyslog.d/slapdlog.conf"):
try:
os.makedirs("/etc/rsyslog.d")
except OSError as e:
if e.errno != errno.EEXIST:
raise S3PROVError(
f"mkdir /etc/rsyslog.d failed with errno: {e.errno}, exception: {e}"
)
shutil.copy(
'/opt/seagate/cortx/s3/install/ldap/rsyslog.d/slapdlog.conf',
'/etc/rsyslog.d/slapdlog.conf')
# restart rsyslog service
try:
self.logger.info("Restarting rsyslog service...")
service_list = ["rsyslog"]
self.restart_services(service_list)
except Exception as e:
self.logger.error(f'Failed to restart rsyslog service, error: {e}')
raise e
self.logger.info("Restarted rsyslog service...")
# set openldap-replication
self.configure_openldap_replication()
self.logger.info('Open ldap configuration completed')
def configure_openldap(self):
"""Install and Configure Openldap over Non-SSL."""
# 1. Install and Configure Openldap over Non-SSL.
# 2. Enable slapd logging in rsyslog config
# 3. Set openldap-replication
# 4. Check number of nodes in the cluster
cmd = [
'/opt/seagate/cortx/s3/install/ldap/setup_ldap.sh',
'--ldapadminpasswd', f'{self.ldap_passwd}', '--rootdnpasswd',
f'{self.rootdn_passwd}', '--forceclean', '--skipssl'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
if os.path.isfile(
"/opt/seagate/cortx/s3/install/ldap/rsyslog.d/slapdlog.conf"):
try:
os.makedirs("/etc/rsyslog.d")
except OSError as e:
if e.errno != errno.EEXIST:
raise S3PROVError(
f"mkdir /etc/rsyslog.d failed with errno: {e.errno}, exception: {e}\n"
)
shutil.copy(
'/opt/seagate/cortx/s3/install/ldap/rsyslog.d/slapdlog.conf',
'/etc/rsyslog.d/slapdlog.conf')
cmd = ['systemctl', 'restart', 'rsyslog']
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
# set openldap-replication
self.configure_openldap_replication()
cmd = ['systemctl', 'restart', 'slapd']
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
def configure_haproxy(self):
"""Configure haproxy service."""
cmd = ['s3haproxyconfig', '--path', f'{self._url}']
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
cmd = ['systemctl', 'restart', 'haproxy']
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
def process(self):
"""Main processing function."""
sys.stdout.write(f"Processing {self.name} {self.url}\n")
self.phase_prereqs_validate(self.name)
try:
# Configure openldap and ldap-replication
self.configure_openldap()
sys.stdout.write(
"INFO: Successfully configured openldap on the node.\n")
# Configure haproxy
self.configure_haproxy()
sys.stdout.write(
"INFO: Successfully configured haproxy on the node.\n")
# create topic for background delete
bgdeleteconfig = CORTXS3Config()
if bgdeleteconfig.get_messaging_platform() == MESSAGE_BUS:
sys.stdout.write('INFO: Creating topic.\n')
self.create_topic(bgdeleteconfig.get_msgbus_admin_id,
bgdeleteconfig.get_msgbus_topic(),
self.get_msgbus_partition_count())
sys.stdout.write('INFO:Topic creation successful.\n')
except Exception as e:
raise S3PROVError(f'process() failed with exception: {e}\n')
def configure_openldap_replication(self):
"""Configure openldap replication within a storage set."""
self.logger.info('Cleaning up old Openldap replication configuration')
# Delete ldap replication cofiguration
self.delete_replication_config()
self.logger.info('Open ldap replication configuration started')
storage_set_count = self.get_confvalue(
self.get_confkey('CONFIG>CONFSTORE_STORAGE_SET_COUNT_KEY').replace(
"cluster-id", self.cluster_id))
index = 0
while index < int(storage_set_count):
server_nodes_list = self.get_confkey(
'CONFIG>CONFSTORE_STORAGE_SET_SERVER_NODES_KEY').replace(
"cluster-id",
self.cluster_id).replace("storage-set-count", str(index))
server_nodes_list = self.get_confvalue(server_nodes_list)
if type(server_nodes_list) is str:
# list is stored as string in the confstore file
server_nodes_list = literal_eval(server_nodes_list)
if len(server_nodes_list) > 1:
self.logger.info(
f'Setting ldap-replication for storage_set:{index}')
Path(self.s3_tmp_dir).mkdir(parents=True, exist_ok=True)
ldap_hosts_list_file = os.path.join(
self.s3_tmp_dir, "ldap_hosts_list_file.txt")
with open(ldap_hosts_list_file, "w") as f:
for node_machine_id in server_nodes_list:
private_fqdn = self.get_confvalue(
f'server_node>{node_machine_id}>network>data>private_fqdn'
)
f.write(f'{private_fqdn}\n')
self.logger.info(
f'output of ldap_hosts_list_file.txt: {private_fqdn}'
)
cmd = [
'/opt/seagate/cortx/s3/install/ldap/replication/setupReplicationScript.sh',
'-h', ldap_hosts_list_file, '-p', f'{self.rootdn_passwd}'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
self.logger.info(
f'output of setupReplicationScript.sh: {stdout}')
os.remove(ldap_hosts_list_file)
if retcode != 0:
self.logger.error(
f'error of setupReplicationScript.sh: {stderr}')
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}"
)
else:
self.logger.warning(
f'warning of setupReplicationScript.sh: {stderr}')
index += 1
# TODO: set replication across storage-sets
self.logger.info('Open ldap replication configuration completed')
def process(self):
"""Main processing function."""
self.logger.info(f"Processing {self.name}")
try:
self.logger.info("validations started")
self.phase_prereqs_validate(self.name)
self.logger.info("validations completed")
# merge_configs() is imported from the merge.py
# Upgrade config files
self.logger.info("merge configs started")
merge_configs()
self.logger.info("merge configs completed")
# Remove temporary .old files from S3 temporary location
self.logger.info("Remove sample.old files started")
regex = "*.sample.old"
self.DeleteFileOrDirWithRegex(self.s3_tmp_dir, regex)
self.logger.info("Remove sample.old files completed")
# Validating config files after upgrade
self.logger.info("config file validations started")
self.validate_config_files(self.name)
self.logger.info("config file validations completed")
except Exception as e:
raise S3PROVError(
f'process: {self.name} failed with exception: {e}')
def process(self,
configure_only_openldap=False,
configure_only_haproxy=False):
"""Main processing function."""
self.logger.info(f"Processing {self.name} {self.url}")
self.logger.info("validations started")
self.phase_prereqs_validate(self.name)
self.phase_keys_validate(self.url, self.name)
self.validate_config_files(self.name)
self.logger.info("validations completed")
try:
self.logger.info("update motr max units per request started")
self.update_motr_max_units_per_request()
self.logger.info("update motr max units per request completed")
# disable S3server, S3authserver, haproxy, BG delete services on reboot as
# it will be managed by HA
self.logger.info('Disable services on reboot started')
services_list = [
"haproxy", "s3backgroundproducer", "s3backgroundconsumer",
"s3server@*", "s3authserver"
]
self.disable_services(services_list)
self.logger.info('Disable services on reboot completed')
self.logger.info('create auth jks password started')
self.create_auth_jks_password()
self.logger.info('create auth jks password completed')
if configure_only_openldap == True:
# Configure openldap only
self.configure_openldap()
elif configure_only_haproxy == True:
# Configure haproxy only
self.configure_haproxy()
else:
# Configure both openldap and haproxy
self.configure_openldap()
self.configure_haproxy()
# create topic for background delete
bgdeleteconfig = CORTXS3Config()
if bgdeleteconfig.get_messaging_platform() == MESSAGE_BUS:
self.logger.info('Create topic started')
self.create_topic(bgdeleteconfig.get_msgbus_admin_id,
bgdeleteconfig.get_msgbus_topic(),
self.get_msgbus_partition_count())
self.logger.info('Create topic completed')
# create background delete account
self.logger.info("create background delete account started")
self.create_bgdelete_account()
self.logger.info("create background delete account completed")
except Exception as e:
raise S3PROVError(f'process() failed with exception: {e}')
def __init__(self, config: str):
"""Constructor."""
try:
super(ConfigCmd, self).__init__(config)
self.update_cluster_id()
self.read_ldap_credentials()
except Exception as e:
raise S3PROVError(f'exception: {e}\n')
def process(self):
"""Main processing function."""
self.logger.info(f"Processing {self.name} {self.url}")
try:
self.logger.info("validations started")
self.phase_prereqs_validate(self.name)
self.phase_keys_validate(self.url, self.name)
self.validate_config_files(self.name)
self.logger.info("validations completed")
except Exception as e:
raise S3PROVError(
f'process: {self.name} failed with exception: {e}')
def update_motr_max_units_per_request(self):
"""
update S3_MOTR_MAX_UNITS_PER_REQUEST in the s3config file based on VM/OVA/HW
S3_MOTR_MAX_UNITS_PER_REQUEST = 8 for VM/OVA
S3_MOTR_MAX_UNITS_PER_REQUEST = 32 for HW
"""
# get the motr_max_units_per_request count from the config file
motr_max_units_per_request = self.get_confvalue(
self.get_confkey('CONFIG>CONFSTORE_S3_MOTR_MAX_UNITS_PER_REQUEST'))
self.logger.info(
f'motr_max_units_per_request: {motr_max_units_per_request}')
#validate min and max unit should be between 1 to 128
if 2 <= int(motr_max_units_per_request) <= 128:
if math.log2(int(motr_max_units_per_request)).is_integer():
self.logger.info(
"motr_max_units_per_request is in valid range")
else:
raise S3PROVError(
"motr_max_units_per_request should be power of 2")
else:
raise S3PROVError(
"motr_max_units_per_request should be between 2 to 128")
# update the S3_MOTR_MAX_UNITS_PER_REQUEST in s3config.yaml file
s3configfile = self.get_confkey('S3_CONFIG_FILE')
if path.isfile(f'{s3configfile}') == False:
self.logger.error(f'{s3configfile} file is not present')
raise S3PROVError(f'{s3configfile} file is not present')
else:
motr_max_units_per_request_key = 'S3_MOTR_CONFIG>S3_MOTR_MAX_UNITS_PER_REQUEST'
s3configfileconfstore = S3CortxConfStore(
f'yaml://{s3configfile}', 'write_s3_motr_max_unit_idx')
s3configfileconfstore.set_config(motr_max_units_per_request_key,
int(motr_max_units_per_request),
True)
self.logger.info(
f'Key {motr_max_units_per_request_key} updated successfully in {s3configfile}'
)
def process(self):
"""Main processing function."""
self.logger.info(f"Processing {self.name}")
try:
self.logger.info("validations started")
self.phase_prereqs_validate(self.name)
self.logger.info("validations completed")
# Backing up .sample config file to .old
self.logger.info("Backup .sample to .old started")
self.backup_sample_file()
self.logger.info("Backup .sample to .old completed")
except Exception as e:
raise S3PROVError(
f'process: {self.name} failed with exception: {e}')
def process(self):
"""Main processing function."""
sys.stdout.write(f"Processing {self.name} {self.url}\n")
try:
# Configure openldap and ldap-replication
self.configure_openldap()
sys.stdout.write(
"INFO: Successfully configured openldap on the node.\n")
# Configure haproxy
self.configure_haproxy()
sys.stdout.write(
"INFO: Successfully configured haproxy on the node.\n")
except Exception as e:
raise S3PROVError(f'process() failed with exception: {e}\n')
def validate_ldap_account_cleanup(self):
"""Validate ldap data is cleaned."""
account_count = 0
try:
self.logger.info("Validating ldap account entries")
ldap_action_obj = LdapAccountAction(self.ldap_user,
self.ldap_passwd)
account_count = ldap_action_obj.get_account_count()
except Exception as e:
self.logger.error(
f"ERROR: Failed to find total count of ldap account, error: {str(e)}"
)
raise e
if account_count > 1:
raise S3PROVError(
"Stale account entries found in ldap !!!! hence reset needs to be performed before cleanup can be processed"
)
self.logger.info("Validation of ldap account entries successful.")
def detect_if_reset_done(self):
"""Validate if reset phase has done or not, throw exception."""
sys.stdout.write(f"Processing {self.name} detect_if_reset_done\n")
# Validate log file cleanup.
log_files = [
'/var/log/seagate/auth/server/app.log',
'/var/log/seagate/s3/s3server-*/s3server.INFO'
]
for fpath in log_files:
if os.path.exists(fpath):
raise S3PROVError(
"Stale log files found in system!!!! hence reset needs to be performed before cleanup can be processed\n"
)
# Validate ldap entry cleanup.
self.validate_ldap_account_cleanup()
sys.stdout.write(
f"Processing {self.name} detect_if_reset_done completed successfully..\n"
)
def create_auth_jks_password(self):
"""Create random password for auth jks keystore."""
cmd = [
'sh', '/opt/seagate/cortx/auth/scripts/create_auth_jks_password.sh'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
self.logger.info(f'output of create_auth_jks_password.sh: {stdout}')
if retcode != 0:
self.logger.error(
f'error of create_auth_jks_password.sh: {stderr}')
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}"
)
else:
self.logger.warning(
f'warning of create_auth_jks_password.sh: {stderr}')
self.logger.info(' Successfully set auth JKS keystore password.')
def configure_openldap_replication(self):
"""Configure openldap replication within a storage set."""
storage_set_count = self.get_confvalue(
self.get_confkey('CONFSTORE_STORAGE_SET_COUNT_KEY').format(
self.cluster_id))
index = 0
while index < int(storage_set_count):
server_nodes_list = self.get_confvalue(
self.get_confkey(
'CONFSTORE_STORAGE_SET_SERVER_NODES_KEY').format(
self.cluster_id, index))
if type(server_nodes_list) is str:
# list is stored as string in the confstore file
server_nodes_list = literal_eval(server_nodes_list)
if len(server_nodes_list) > 1:
sys.stdout.write(
f'\nSetting ldap-replication for storage_set:{index}\n\n')
with open("hosts_list_file.txt", "w") as f:
for node_machine_id in server_nodes_list:
hostname = self.get_confvalue(
f'server_node>{node_machine_id}>hostname')
f.write(f'{hostname}\n')
cmd = [
'/opt/seagate/cortx/s3/install/ldap/replication/setupReplicationScript.sh',
'-h', 'hosts_list_file.txt', '-p', f'{self.rootdn_passwd}'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
os.remove("hosts_list_file.txt")
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
index += 1
def __init__(self, config: str = None):
"""Constructor."""
try:
super(PostInstallCmd, self).__init__(config)
except Exception as e:
raise S3PROVError(f'exception: {e}')
def configure_openldap(self):
"""Install and Configure Openldap over Non-SSL."""
# 1. Install and Configure Openldap over Non-SSL.
# 2. Enable slapd logging in rsyslog config
# 3. Set openldap-replication
# 4. Check number of nodes in the cluster
cmd = [
'/opt/seagate/cortx/s3/install/ldap/setup_ldap.sh',
'--ldapadminpasswd', f'{self.ldap_passwd}', '--rootdnpasswd',
f'{self.rootdn_passwd}', '--forceclean', '--skipssl'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
if os.path.isfile(
"/opt/seagate/cortx/s3/install/ldap/rsyslog.d/slapdlog.conf"):
try:
os.makedirs("/etc/rsyslog.d")
except OSError as e:
if e.errno != errno.EEXIST:
raise S3PROVError(
f"mkdir /etc/rsyslog.d failed with errno: {e.errno}, exception: {e}\n"
)
shutil.copy(
'/opt/seagate/cortx/s3/install/ldap/rsyslog.d/slapdlog.conf',
'/etc/rsyslog.d/slapdlog.conf')
cmd = ['systemctl', 'restart', 'rsyslog']
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
if self.server_nodes_count > 1:
sys.stdout.write(
f"INFO: Setting ldap-replication as the cluster node_count {self.server_nodes_count} is greater than 2.\n"
)
with open("hosts_list_file.txt", "w") as f:
for host in self.hosts_list:
f.write(f"{host}\n")
sys.stdout.write(
"setting ldap-replication on all cluster nodes..\n")
cmd = [
'/opt/seagate/cortx/s3/install/ldap/replication/setupReplicationScript.sh',
'-h', 'hosts_list_file.txt', '-p', f'{self.rootdn_passwd}'
]
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
os.remove("hosts_list_file.txt")
cmd = ['systemctl', 'restart', 'slapd']
handler = SimpleProcess(cmd)
stdout, stderr, retcode = handler.run()
if retcode != 0:
raise S3PROVError(
f"{cmd} failed with err: {stderr}, out: {stdout}, ret: {retcode}\n"
)
