Esempio n. 1
0
    def install(self, node, ajp_port, java_opts):
        """ Installs Tomcat and the monitoring tools using Chef """
        # Tomcat manager configuration
        with open("%s/tomcat-users.json" % self.__templatedir) as f:
            tomcat_users = DataBag.builder() \
                .name("tomcat_users") \
                .item("abiquo", f.read()) \
                .build()

        # Node configuration
        with open("%s/tomcat-node.json" % self.__templatedir) as f:
            attrs = f.read() % {
                'javaopts': java_opts,
                'ajpport': ajp_port,
                'jvmroute': "node%d" % ajp_port,
                'bprobe_org': self._boundary_org,
                'bprobe_key': self._boundary_key,
                'newrelic_key': self._newrelic_key
            }

        # Recipes to install
        runlist = RunList.builder() \
            .recipe("java") \
            .recipe("tomcat") \
            .recipe("tomcat::users") \
            .recipe("bprobe") \
            .recipe("newrelic") \
            .build()

        chef = ChefSolo.builder() \
            .defineDataBag(tomcat_users) \
            .jsonAttributes(attrs) \
            .runlist(runlist) \
            .build()

        return [git.install()] + self._clone_required_cookbooks() + [chef]
Esempio n. 2
0
def install(idp_fqdn=FQDN):
    """
    Installe un serveur d'indentité disponible à *idp_fqdn*.
    """
    # DEPS
    lasso.install()
    mysql.install()
    ssl.install()
    git.install()
    apache.install()
    apache.add_mod_rewrite()
    apache.add_mod_ssl()
    apache.add_mod_wsgi()
    venv.install_virtualenv()
    runcmd('apt-get install -y python-ldap')
    runcmd('apt-get install -y python-mysqldb --force-yes')

    # DB
    db_name = idp_fqdn.replace('.', '_')
    mysql.setup_db(db_name)

    # WEB
    ssl.create_certificats(idp_fqdn)
    extra = {'venv': venv.get_path(idp_fqdn), }
    apache.add_vhost(idp_fqdn, 'idp_vhost.txt', extra)

    # SOURCE
    git.clone('git://git.auf.org/authentic2', idp_fqdn)
    git.checkout(idp_fqdn, 'master')

    # VIRTUALENV
    venv.mkenv(idp_fqdn)
    bin_pip = venv.get_bin_pip(idp_fqdn)
    with cd(git.home(idp_fqdn)):
        git.sudo("%s install -r requirements.txt" % bin_pip)
        git.sudo("%s install django-auth-ldap" % bin_pip)

    # WSGI
    data = {
        'project_path': git.home(idp_fqdn),
        'venv': venv.get_path(idp_fqdn),
        }
    filename = os.path.join(TPL_DIR, 'idp_wsgi.txt')
    destination = os.path.join(venv.get_bin_path(idp_fqdn), 'idp_wsgi.py')
    upload_template(
        filename,
        destination,
        context=data,
        use_sudo=True,)
    runcmd('chown %s:%s %s' % (git.GIT_USER, git.GIT_GROUP, destination,))
    runcmd('chmod 644 %s' % (destination, ))

    # LOG file
    log_file = os.path.join(git.home(idp_fqdn), 'log.log')
    runcmd('touch %s' % log_file)
    runcmd('chmod g+w %s' % log_file)
    runcmd('chown %s:www-data %s' % (git.GIT_USER, log_file))

    # CONF
    data.update({
        'db_name': db_name,
        'db_user': db_name,
        'db_password': db_name,
        })
    filename = os.path.join(TPL_DIR, 'idp_local_settings.txt')
    destination = os.path.join(
        git.home(idp_fqdn),
        'aufcustom',
        'local_settings.py')
    upload_template(
        filename,
        destination,
        context=data,
        use_sudo=True,)
    runcmd('chown %s:%s %s' % (git.GIT_USER, git.GIT_GROUP, destination,))

    # manage.py
    data.update({
        'venv': venv.get_path(idp_fqdn),
        })
    filename = os.path.join(TPL_DIR, 'idp_manage.txt')
    destination = os.path.join(
        git.home(idp_fqdn),
        'manage.py')
    upload_template(
        filename,
        destination,
        context=data,
        use_sudo=True,)
    runcmd('chown %s:%s %s' % (git.GIT_USER, git.GIT_GROUP, destination,))
    runcmd('chmod +x %s' % (destination,))
    git.sudo('%s syncdb --migrate --noinput' % (destination,))
    git.sudo('%s collectstatic --noinput' % (destination,))

    apache.restart()
Esempio n. 3
0
def setup_server4(hostname=None, domain=None, pc="1", forge_modules=["puppetlabs/stdlib", "puppetlabs/concat", "puppetlabs/firewall", "puppetlabs/apt"]):
    """Setup Puppet 4 server"""
    import package, util, git, service

    # Local files to copy over
    basedir = "/etc/puppetlabs"
    local_master_conf = "files/puppet-master.conf"
    remote_master_conf = basedir+"/puppet/puppet.conf"
    local_hiera_yaml = "files/hiera.yaml"
    remote_hiera_yaml = basedir+"/code/hiera.yaml"
    local_fileserver_conf = "files/fileserver.conf"
    remote_fileserver_conf = basedir+"/puppet/fileserver.conf"
    local_environments = "files/environments"
    remote_codedir = basedir+"/code"
    local_gitignore = "files/gitignore"
    remote_gitignore = basedir+"/.gitignore"
    modules_dir = basedir+"/code/environments/production/modules"

    # Verify that all the local files are in place
    try:
        open(local_master_conf)
        open(local_hiera_yaml)
    except IOError:
        print "ERROR: some local config files were missing!"
        sys.exit(1)

    # Autodetect hostname and domain from env.host, if they're not overridden
    # with method parameters
    if not hostname:
        hostname = util.get_hostname()
    if not domain:
        domain = util.get_domain()

    # Ensure that clock is correct before doing anything else, like creating SSL 
    # certificates.
    util.set_clock()

    # Start the install
    install_puppetlabs_release_package(pc)
    package.install("puppetserver")
    util.put_and_chown(local_master_conf, remote_master_conf)
    util.put_and_chown(local_hiera_yaml, remote_hiera_yaml)
    util.put_and_chown(local_fileserver_conf, remote_fileserver_conf)
    util.put_and_chown(local_gitignore, remote_gitignore)
    util.add_to_path("/opt/puppetlabs/bin")
    util.set_hostname(hostname + "." + domain)
    # "facter fqdn" return a silly name on EC2 without this
    util.add_host_entry("127.0.1.1", hostname, domain)

    # Copy over template environments
    util.put_and_chown(local_environments, remote_codedir)

    # Add modules from Puppet Forge. These should in my experience be limited to
    # those which provide new types and providers. In particular puppetlabs'
    # modules which control some daemon (puppetdb, postgresql, mysql) are
    # extremely complex, very prone to breakage and nasty to debug. 
    for module in forge_modules:
        add_forge_module(module)

    # Git setup
    git.install()
    git.init(basedir)
    if not exists(modules_dir):
        sudo("mkdir "+modules_dir)
    git.init(modules_dir)
    git.add_submodules(basedir=modules_dir)
    git.add_all(basedir)
    git.commit(basedir, "Initial commit")

    # Link hieradata and manifests from production to testing. This keeps the
    # testing environment identical to the production environment. The modules
    # directory in testing is separate and may (or may not) contain modules that
    # override or complement those in production.
    util.symlink(remote_codedir+"/environments/production/hieradata", remote_codedir+"/environments/testing/hieradata")
    util.symlink(remote_codedir+"/environments/production/manifests", remote_codedir+"/environments/testing/manifests")

    # Start puppetserver to generate the CA and server certificates/keys
    service.start("puppetserver")
    run_agent(noop="False")
Esempio n. 4
0
def setup_server4(hostname=None,
                  domain=None,
                  pc="1",
                  forge_modules=[
                      "puppetlabs/stdlib", "puppetlabs/concat",
                      "puppetlabs/firewall", "puppetlabs/apt"
                  ]):
    """Setup Puppet 4 server"""
    import package, util, git, service

    # Local files to copy over
    basedir = "/etc/puppetlabs"
    local_master_conf = "files/puppet-master.conf"
    remote_master_conf = basedir + "/puppet/puppet.conf"
    local_hiera_yaml = "files/hiera.yaml"
    remote_hiera_yaml = basedir + "/code/hiera.yaml"
    local_fileserver_conf = "files/fileserver.conf"
    remote_fileserver_conf = basedir + "/puppet/fileserver.conf"
    local_environments = "files/environments"
    remote_codedir = basedir + "/code"
    local_gitignore = "files/gitignore"
    remote_gitignore = basedir + "/.gitignore"
    modules_dir = basedir + "/code/environments/production/modules"

    # Verify that all the local files are in place
    try:
        open(local_master_conf)
        open(local_hiera_yaml)
    except IOError:
        print "ERROR: some local config files were missing!"
        sys.exit(1)

    # Autodetect hostname and domain from env.host, if they're not overridden
    # with method parameters
    if not hostname:
        hostname = util.get_hostname()
    if not domain:
        domain = util.get_domain()

    # Ensure that clock is correct before doing anything else, like creating SSL
    # certificates.
    util.set_clock()

    # Start the install
    install_puppetlabs_release_package(pc)
    package.install("puppetserver")
    util.put_and_chown(local_master_conf, remote_master_conf)
    util.put_and_chown(local_hiera_yaml, remote_hiera_yaml)
    util.put_and_chown(local_fileserver_conf, remote_fileserver_conf)
    util.put_and_chown(local_gitignore, remote_gitignore)
    util.add_to_path("/opt/puppetlabs/bin")
    util.set_hostname(hostname + "." + domain)
    # "facter fqdn" return a silly name on EC2 without this
    util.add_host_entry("127.0.1.1", hostname, domain)

    # Copy over template environments
    util.put_and_chown(local_environments, remote_codedir)

    # Add modules from Puppet Forge. These should in my experience be limited to
    # those which provide new types and providers. In particular puppetlabs'
    # modules which control some daemon (puppetdb, postgresql, mysql) are
    # extremely complex, very prone to breakage and nasty to debug.
    for module in forge_modules:
        add_forge_module(module)

    # Git setup
    git.install()
    git.init(basedir)
    if not exists(modules_dir):
        sudo("mkdir " + modules_dir)
    git.init(modules_dir)
    git.add_submodules(basedir=modules_dir)
    git.add_all(basedir)
    git.commit(basedir, "Initial commit")

    # Link hieradata and manifests from production to testing. This keeps the
    # testing environment identical to the production environment. The modules
    # directory in testing is separate and may (or may not) contain modules that
    # override or complement those in production.
    util.symlink(remote_codedir + "/environments/production/hieradata",
                 remote_codedir + "/environments/testing/hieradata")
    util.symlink(remote_codedir + "/environments/production/manifests",
                 remote_codedir + "/environments/testing/manifests")

    # Start puppetserver to generate the CA and server certificates/keys
    service.start("puppetserver")
    run_agent(noop="False")