def setup_proxied(tid): """Configures the servers to use the Twemproxy installed in proxy server for Redis caching securely via stunnel. :param tid: task id for log identification :return: None """ servers = Server.query.filter(Server.redis.is_(True)).filter( Server.stunnel.is_(True)).all() appconf = AppConfiguration.query.first() chdir = "/opt/gluu-server-" + appconf.gluu_version stunnel_base_conf = [ "cert = /etc/stunnel/cert.pem", "pid = /var/run/stunnel.pid", "output = /var/log/stunnel4/stunnel.log" ] proxy_stunnel_conf = stunnel_base_conf twemproxy_servers = [] proxy_ip = socket.gethostbyname(appconf.nginx_host) primary = Server.query.filter(Server.primary_server.is_(True)).first() if not primary: wlogger.log(tid, "Primary Server is not setup yet. Cannot setup " "clustered caching.", "error") # Setup Stunnel and Redis in each server for server in servers: __update_LDAP_cache_method(tid, server, 'localhost:7000', 'STANDALONE') stunnel_conf = [ "[redis-server]", "client = no", "accept = {0}:7777".format(server.ip), "connect = 127.0.0.1:6379", "[twemproxy]", "client = yes", "accept = 127.0.0.1:7000", "connect = {0}:8888".format(proxy_ip) ] stunnel_conf = stunnel_base_conf + stunnel_conf status = __configure_stunnel(tid, server, stunnel_conf, chdir) if not status: continue # if the setup was successful add the server to the list of stunnel # clients in the proxy server configuration client_conf = [ "[client{0}]".format(server.id), "client = yes", "accept = 127.0.0.1:{0}".format(7000+server.id), "connect = {0}:7777".format(server.ip) ] proxy_stunnel_conf.extend(client_conf) twemproxy_servers.append(" - 127.0.0.1:{0}:1".format(7000+server.id)) wlogger.log(tid, "Configuring the proxy server ...") # Setup Stunnel in the proxy server mock_server = Server() mock_server.hostname = appconf.nginx_host mock_server.ip = proxy_ip rc = __get_remote_client(mock_server, tid) if not rc: wlogger.log(tid, "Couldn't connect to proxy server. Twemproxy setup " "failed.", "error") return mock_server.os = get_os_type(rc) # Download the setup.properties file from the primary server local = os.path.join(app.instance_path, "setup.properties") remote = os.path.join("/opt/gluu-server-"+appconf.gluu_version, "install", "community-edition-setup", "setup.properties.last") prc = __get_remote_client(primary, tid) prc.download(remote, local) prc.close() rc.upload(local, "/tmp/setup.properties") twem_server_conf = [ "[twemproxy]", "client = no", "accept = {0}:8888".format(proxy_ip), "connect = 127.0.0.1:2222" ] proxy_stunnel_conf.extend(twem_server_conf) status = __configure_stunnel(tid, mock_server, proxy_stunnel_conf, None, "/tmp/setup.properties") if not status: return False # Setup Twemproxy wlogger.log(tid, "Writing Twemproxy configuration") twemproxy_conf = [ "alpha:", " listen: 127.0.0.1:2222", " hash: fnv1a_64", " distribution: ketama", " auto_eject_hosts: true", " redis: true", " server_failure_limit: 2", " timeout: 400", " preconnect: true", " servers:" ] twemproxy_conf.extend(twemproxy_servers) remote = "/etc/nutcracker/nutcracker.yml" rc.put_file(remote, "\n".join(twemproxy_conf)) wlogger.log(tid, "Configuration complete", "success")
def restart_services(self, method): tid = self.request.id servers = Server.query.filter(Server.redis.is_(True)).filter( Server.stunnel.is_(True)).all() appconf = AppConfiguration.query.first() chdir = "/opt/gluu-server-" + appconf.gluu_version ips = [] for server in servers: ips.append(server.ip) wlogger.log(tid, "(Re)Starting services ... ", "info", server_id=server.id) rc = __get_remote_client(server, tid) if not rc: continue def get_cmd(cmd): if server.gluu_server and not server.os == "CentOS 7": return 'chroot {0} /bin/bash -c "{1}"'.format(chdir, cmd) elif "CentOS 7" == server.os: parts = ["ssh", "-o IdentityFile=/etc/gluu/keys/gluu-console", "-o Port=60022", "-o LogLevel=QUIET", "-o StrictHostKeyChecking=no", "-o UserKnownHostsFile=/dev/null", "-o PubkeyAuthentication=yes", "root@localhost", "'{0}'".format(cmd)] return " ".join(parts) return cmd # Common restarts for all if server.os == 'CentOS 6': run_and_log(rc, 'service redis restart', tid, server.id) run_and_log(rc, 'service stunnel4 restart', tid, server.id) elif server.os == 'CentOS 7' or server.os == 'RHEL 7': run_and_log(rc, 'systemctl restart redis', tid, server.id) run_and_log(rc, 'systemctl restart stunnel', tid, server.id) else: run_and_log(rc, 'service redis-server restart', tid, server.id) run_and_log(rc, 'service stunnel4 restart', tid, server.id) # sometime apache service is stopped (happened in Ubuntu 16) # when install_cache_components task is executed; hence we also need to # restart the service run_and_log(rc, get_cmd('service apache2 restart'), tid, server.id) run_and_log(rc, get_cmd('service oxauth restart'), tid, server.id) run_and_log(rc, get_cmd('service identity restart'), tid, server.id) rc.close() if method != 'STANDALONE': wlogger.log(tid, "All services restarted.", "success") return host = appconf.nginx_host mock_server = Server() mock_server.hostname = host rc = __get_remote_client(mock_server, tid) if not rc: wlogger.log(tid, "Couldn't connect to proxy server to restart services" "fail") return mock_server.os = get_os_type(rc) if mock_server.os in ['Ubuntu 14', 'Ubuntu 16', 'CentOS 6']: run_and_log(rc, "service stunnel4 restart", tid, None) run_and_log(rc, "service nutcracker restart", tid, None) if mock_server.os in ["CentOS 7", "RHEL 7"]: run_and_log(rc, "systemctl restart stunnel", tid, None) run_and_log(rc, "systemctl restart nutcracker", tid, None) rc.close()
def setup_proxied(tid, server_id_list): """Configures the servers to use the Twemproxy installed in proxy server for Redis caching securely via stunnel. :param tid: task id for log identification :return: None """ servers = [] for server_id in server_id_list: qserver = Server.query.filter(Server.redis.is_(True)).filter( Server.stunnel.is_(True)).filter(Server.id.is_(server_id)).first() if qserver: servers.append(qserver) appconf = AppConfiguration.query.first() chdir = "/opt/gluu-server-" + appconf.gluu_version if appconf.external_load_balancer: cache_ip = appconf.cache_ip else: cache_ip = appconf.nginx_ip primary = Server.query.filter(Server.primary_server.is_(True)).first() if not primary: wlogger.log( tid, "Primary Server is not setup yet. Cannot setup " "clustered caching.", "error") # Setup Stunnel and Redis in each server for server in servers: #Since replication is active, we only need to update on primary server if server.primary_server: __update_LDAP_cache_method(tid, server, 'localhost:7000', 'STANDALONE') stunnel_conf = [ "cert = /etc/stunnel/cert.pem", "pid = /var/run/stunnel.pid", "output = /var/log/stunnel4/stunnel.log", "[redis-server]", "client = no", "accept = {0}:7777".format(server.ip), "connect = 127.0.0.1:6379", "[twemproxy]", "client = yes", "accept = 127.0.0.1:7000", "connect = {0}:8888".format(cache_ip) ] status = __configure_stunnel(tid, server, stunnel_conf, chdir) if not status: continue wlogger.log(tid, "Configuring the cahce server ...") # Setup Stunnel in the proxy server mock_server = Server() if appconf.external_load_balancer: mock_server.hostname = appconf.cache_host mock_server.ip = appconf.cache_ip else: mock_server.hostname = appconf.nginx_host mock_server.ip = appconf.nginx_ip rc = __get_remote_client(mock_server, tid) if not rc: wlogger.log( tid, "Couldn't connect to proxy server. Twemproxy setup " "failed.", "error") return mock_server.os = get_os_type(rc) if rc.exists('/usr/bin/redis-server') or rc.exists('/bin/redis-server'): wlogger.log( tid, "Redis was already installed on server {0}".format( mock_server.hostname), "info") else: wlogger.log( tid, "Installing Redis in server {0}".format(mock_server.hostname), "info") ri = RedisInstaller(mock_server, tid) redis_installed = ri.install() if redis_installed: mock_server.redis = True wlogger.log(tid, "Redis install successful", "success") else: mock_server.redis = False wlogger.log(tid, "Redis install failed", "fail") # Download the setup.properties file from the primary server local = os.path.join(app.instance_path, "setup.properties") remote = os.path.join("/opt/gluu-server-" + appconf.gluu_version, "install", "community-edition-setup", "setup.properties.last") prc = __get_remote_client(primary, tid) prc.download(remote, local) prc.close() rc.upload(local, "/tmp/setup.properties") proxy_stunnel_conf = make_proxy_stunnel_conf() status = __configure_stunnel(tid, mock_server, proxy_stunnel_conf, None, "/tmp/setup.properties") if not status: return False # Setup Twemproxy wlogger.log(tid, "Writing Twemproxy configuration") twemproxy_conf = make_twem_proxy_conf() remote = "/etc/nutcracker/nutcracker.yml" rc.put_file(remote, twemproxy_conf) run_command(tid, rc, 'service nutcracker restart') wlogger.log(tid, "Configuration complete", "success")