def setup_proxied(tid):
"""Configures the servers to use the Twemproxy installed in proxy server
for Redis caching securely via stunnel.
:param tid: task id for log identification
:return: None
"""
servers = Server.query.filter(Server.redis.is_(True)).filter(
Server.stunnel.is_(True)).all()
appconf = AppConfiguration.query.first()
chdir = "/opt/gluu-server-" + appconf.gluu_version
stunnel_base_conf = [
"cert = /etc/stunnel/cert.pem",
"pid = /var/run/stunnel.pid",
"output = /var/log/stunnel4/stunnel.log"
]
proxy_stunnel_conf = stunnel_base_conf
twemproxy_servers = []
proxy_ip = socket.gethostbyname(appconf.nginx_host)
primary = Server.query.filter(Server.primary_server.is_(True)).first()
if not primary:
wlogger.log(tid, "Primary Server is not setup yet. Cannot setup "
"clustered caching.", "error")
# Setup Stunnel and Redis in each server
for server in servers:
__update_LDAP_cache_method(tid, server, 'localhost:7000', 'STANDALONE')
stunnel_conf = [
"[redis-server]",
"client = no",
"accept = {0}:7777".format(server.ip),
"connect = 127.0.0.1:6379",
"[twemproxy]",
"client = yes",
"accept = 127.0.0.1:7000",
"connect = {0}:8888".format(proxy_ip)
]
stunnel_conf = stunnel_base_conf + stunnel_conf
status = __configure_stunnel(tid, server, stunnel_conf, chdir)
if not status:
continue
# if the setup was successful add the server to the list of stunnel
# clients in the proxy server configuration
client_conf = [
"[client{0}]".format(server.id),
"client = yes",
"accept = 127.0.0.1:{0}".format(7000+server.id),
"connect = {0}:7777".format(server.ip)
]
proxy_stunnel_conf.extend(client_conf)
twemproxy_servers.append(" - 127.0.0.1:{0}:1".format(7000+server.id))
wlogger.log(tid, "Configuring the proxy server ...")
# Setup Stunnel in the proxy server
mock_server = Server()
mock_server.hostname = appconf.nginx_host
mock_server.ip = proxy_ip
rc = __get_remote_client(mock_server, tid)
if not rc:
wlogger.log(tid, "Couldn't connect to proxy server. Twemproxy setup "
"failed.", "error")
return
mock_server.os = get_os_type(rc)
# Download the setup.properties file from the primary server
local = os.path.join(app.instance_path, "setup.properties")
remote = os.path.join("/opt/gluu-server-"+appconf.gluu_version,
"install", "community-edition-setup",
"setup.properties.last")
prc = __get_remote_client(primary, tid)
prc.download(remote, local)
prc.close()
rc.upload(local, "/tmp/setup.properties")
twem_server_conf = [
"[twemproxy]",
"client = no",
"accept = {0}:8888".format(proxy_ip),
"connect = 127.0.0.1:2222"
]
proxy_stunnel_conf.extend(twem_server_conf)
status = __configure_stunnel(tid, mock_server, proxy_stunnel_conf, None,
"/tmp/setup.properties")
if not status:
return False
# Setup Twemproxy
wlogger.log(tid, "Writing Twemproxy configuration")
twemproxy_conf = [
"alpha:",
" listen: 127.0.0.1:2222",
" hash: fnv1a_64",
" distribution: ketama",
" auto_eject_hosts: true",
" redis: true",
" server_failure_limit: 2",
" timeout: 400",
" preconnect: true",
" servers:"
]
twemproxy_conf.extend(twemproxy_servers)
remote = "/etc/nutcracker/nutcracker.yml"
rc.put_file(remote, "\n".join(twemproxy_conf))
wlogger.log(tid, "Configuration complete", "success")
def restart_services(self, method):
tid = self.request.id
servers = Server.query.filter(Server.redis.is_(True)).filter(
Server.stunnel.is_(True)).all()
appconf = AppConfiguration.query.first()
chdir = "/opt/gluu-server-" + appconf.gluu_version
ips = []
for server in servers:
ips.append(server.ip)
wlogger.log(tid, "(Re)Starting services ... ", "info",
server_id=server.id)
rc = __get_remote_client(server, tid)
if not rc:
continue
def get_cmd(cmd):
if server.gluu_server and not server.os == "CentOS 7":
return 'chroot {0} /bin/bash -c "{1}"'.format(chdir, cmd)
elif "CentOS 7" == server.os:
parts = ["ssh", "-o IdentityFile=/etc/gluu/keys/gluu-console",
"-o Port=60022", "-o LogLevel=QUIET",
"-o StrictHostKeyChecking=no",
"-o UserKnownHostsFile=/dev/null",
"-o PubkeyAuthentication=yes",
"root@localhost", "'{0}'".format(cmd)]
return " ".join(parts)
return cmd
# Common restarts for all
if server.os == 'CentOS 6':
run_and_log(rc, 'service redis restart', tid, server.id)
run_and_log(rc, 'service stunnel4 restart', tid, server.id)
elif server.os == 'CentOS 7' or server.os == 'RHEL 7':
run_and_log(rc, 'systemctl restart redis', tid, server.id)
run_and_log(rc, 'systemctl restart stunnel', tid, server.id)
else:
run_and_log(rc, 'service redis-server restart', tid, server.id)
run_and_log(rc, 'service stunnel4 restart', tid, server.id)
# sometime apache service is stopped (happened in Ubuntu 16)
# when install_cache_components task is executed; hence we also need to
# restart the service
run_and_log(rc, get_cmd('service apache2 restart'), tid, server.id)
run_and_log(rc, get_cmd('service oxauth restart'), tid, server.id)
run_and_log(rc, get_cmd('service identity restart'), tid, server.id)
rc.close()
if method != 'STANDALONE':
wlogger.log(tid, "All services restarted.", "success")
return
host = appconf.nginx_host
mock_server = Server()
mock_server.hostname = host
rc = __get_remote_client(mock_server, tid)
if not rc:
wlogger.log(tid, "Couldn't connect to proxy server to restart services"
"fail")
return
mock_server.os = get_os_type(rc)
if mock_server.os in ['Ubuntu 14', 'Ubuntu 16', 'CentOS 6']:
run_and_log(rc, "service stunnel4 restart", tid, None)
run_and_log(rc, "service nutcracker restart", tid, None)
if mock_server.os in ["CentOS 7", "RHEL 7"]:
run_and_log(rc, "systemctl restart stunnel", tid, None)
run_and_log(rc, "systemctl restart nutcracker", tid, None)
rc.close()
def setup_proxied(tid, server_id_list):
"""Configures the servers to use the Twemproxy installed in proxy server
for Redis caching securely via stunnel.
:param tid: task id for log identification
:return: None
"""
servers = []
for server_id in server_id_list:
qserver = Server.query.filter(Server.redis.is_(True)).filter(
Server.stunnel.is_(True)).filter(Server.id.is_(server_id)).first()
if qserver:
servers.append(qserver)
appconf = AppConfiguration.query.first()
chdir = "/opt/gluu-server-" + appconf.gluu_version
if appconf.external_load_balancer:
cache_ip = appconf.cache_ip
else:
cache_ip = appconf.nginx_ip
primary = Server.query.filter(Server.primary_server.is_(True)).first()
if not primary:
wlogger.log(
tid, "Primary Server is not setup yet. Cannot setup "
"clustered caching.", "error")
# Setup Stunnel and Redis in each server
for server in servers:
#Since replication is active, we only need to update on primary server
if server.primary_server:
__update_LDAP_cache_method(tid, server, 'localhost:7000',
'STANDALONE')
stunnel_conf = [
"cert = /etc/stunnel/cert.pem", "pid = /var/run/stunnel.pid",
"output = /var/log/stunnel4/stunnel.log", "[redis-server]",
"client = no", "accept = {0}:7777".format(server.ip),
"connect = 127.0.0.1:6379", "[twemproxy]", "client = yes",
"accept = 127.0.0.1:7000", "connect = {0}:8888".format(cache_ip)
]
status = __configure_stunnel(tid, server, stunnel_conf, chdir)
if not status:
continue
wlogger.log(tid, "Configuring the cahce server ...")
# Setup Stunnel in the proxy server
mock_server = Server()
if appconf.external_load_balancer:
mock_server.hostname = appconf.cache_host
mock_server.ip = appconf.cache_ip
else:
mock_server.hostname = appconf.nginx_host
mock_server.ip = appconf.nginx_ip
rc = __get_remote_client(mock_server, tid)
if not rc:
wlogger.log(
tid, "Couldn't connect to proxy server. Twemproxy setup "
"failed.", "error")
return
mock_server.os = get_os_type(rc)
if rc.exists('/usr/bin/redis-server') or rc.exists('/bin/redis-server'):
wlogger.log(
tid, "Redis was already installed on server {0}".format(
mock_server.hostname), "info")
else:
wlogger.log(
tid, "Installing Redis in server {0}".format(mock_server.hostname),
"info")
ri = RedisInstaller(mock_server, tid)
redis_installed = ri.install()
if redis_installed:
mock_server.redis = True
wlogger.log(tid, "Redis install successful", "success")
else:
mock_server.redis = False
wlogger.log(tid, "Redis install failed", "fail")
# Download the setup.properties file from the primary server
local = os.path.join(app.instance_path, "setup.properties")
remote = os.path.join("/opt/gluu-server-" + appconf.gluu_version,
"install", "community-edition-setup",
"setup.properties.last")
prc = __get_remote_client(primary, tid)
prc.download(remote, local)
prc.close()
rc.upload(local, "/tmp/setup.properties")
proxy_stunnel_conf = make_proxy_stunnel_conf()
status = __configure_stunnel(tid, mock_server, proxy_stunnel_conf, None,
"/tmp/setup.properties")
if not status:
return False
# Setup Twemproxy
wlogger.log(tid, "Writing Twemproxy configuration")
twemproxy_conf = make_twem_proxy_conf()
remote = "/etc/nutcracker/nutcracker.yml"
rc.put_file(remote, twemproxy_conf)
run_command(tid, rc, 'service nutcracker restart')
wlogger.log(tid, "Configuration complete", "success")
