def installkey(self): """ installs the staging key as the currently installed private key returns: 0 on success, 1 on empty install key (not an error) 2 when the private key is invalid 3 when the private key could not be distributed """ self.updatelock.acquire() try: # first verify if the staging key is empty (not an error) if ( not os.path.exists(ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME")) ) or 0 == len(open(ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"), "r").read()): return "1" # next verify that the staging key is a valid file verifycmd = "secure_script_wrapper -p2 %s verifystagingkey %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME"), ) outputList = [] verifycode = E.execute(["localhost"], verifycmd, outputList, 60) if verifycode != 0: E.rm(["localhost"], ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME")) logging.error("Verify failed for key [%s]; error code: %d" % (str(outputList), verifycode)) return "2" # distribute the staging key retcode = E.distribute( self.cfg.getGlobalParam("MACHINES"), ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"), 60, ) if retcode != 0: logging.error("Couldn't distribute private key, error %d" % retcode) return "3" # next, copy the key on all machines cmd = "secure_script_wrapper -p2 %s installkey %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME"), ) outputList = [] retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList, 60) if retcode != 0: logging.error("Couldn't install cert: %s" % str(outputList)) return "3" self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_KEY_INSTALLED) finally: self.updatelock.release() return "0"
def distributedbfiles(self, filenames): # Distribute local database files to all the nodes. retcode = E.distribute(self.cfg.getGlobalParam("MACHINES"), filenames, 1) if retcode != 0: logging.error("Couldn't distribute %s, error %d" % (filenames, retcode)) return "1" return "0"
def installkey(self): """ installs the staging key as the currently installed private key returns: 0 on success, 1 on empty install key (not an error) 2 when the private key is invalid 3 when the private key could not be distributed """ self.updatelock.acquire() try: # first verify if the staging key is empty (not an error) if (not os.path.exists(ssl_cert.STAGINGKEY_FILENAME % \ self.cfg.getGlobalParam("ENTERPRISE_HOME"))) or \ 0 == len(open(ssl_cert.STAGINGKEY_FILENAME % \ self.cfg.getGlobalParam("ENTERPRISE_HOME"), "r").read()): return "1" # next verify that the staging key is a valid file verifycmd = "secure_script_wrapper -p2 %s verifystagingkey %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME") ) outputList = [] verifycode = E.execute(['localhost'], verifycmd, outputList, 60) if verifycode != 0: E.rm(['localhost'], ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME")) logging.error("Verify failed for key [%s]; error code: %d" % (str(outputList), verifycode) ) return "2" # distribute the staging key retcode = E.distribute(self.cfg.getGlobalParam("MACHINES"), ssl_cert.STAGINGKEY_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"), 60) if retcode != 0: logging.error("Couldn't distribute private key, error %d" % retcode) return "3" # next, copy the key on all machines cmd = "secure_script_wrapper -p2 %s installkey %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME")) outputList = [] retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList, 60) if retcode != 0: logging.error("Couldn't install cert: %s" % str(outputList)) return "3" self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_KEY_INSTALLED) finally: self.updatelock.release() return "0"
def _distributeFiles(self, dir): """Distributes the files in directory named dir. Returns 0 on success, the return code from E.distribute() otherwise.""" files = os.listdir(dir) try: files.remove('temp') except ValueError: logging.warn("expected to find file 'temp'") files = map(lambda x: os.path.join(dir, x), files) files_str = ' '.join(files) return E.distribute(self.cfg.getGlobalParam('MACHINES'), files_str, 60)
def installcert(self): """ installs the staging certificate as the currently installed certificate returns: 0 on success, and 1 on failure """ self.updatelock.acquire() try: # first verify that the staging certificate is a valid file verifycmd = "secure_script_wrapper -p2 %s verifystagingcert %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME"), ) outputList = [] verifycode = E.execute(["localhost"], verifycmd, outputList, 60) if verifycode != 0: E.rm(["localhost"], ssl_cert.STAGINGCERT_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME")) logging.error("Verify failed for certificate [%s]; error code: %d" % (str(outputList), verifycode)) return "1" # distribute the staging certificate retcode = E.distribute( self.cfg.getGlobalParam("MACHINES"), ssl_cert.STAGINGCERT_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"), 60, ) if retcode != 0: logging.error("Couldn't distribute apache cert, error %d" % retcode) # next, generate the certificate on all machines cmd = "secure_script_wrapper -p2 %s installcert %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME"), ) outputList = [] retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList, 60) if retcode != 0: logging.error("Couldn't install cert: %s" % str(outputList)) return "1" self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_CERT_INSTALLED) finally: self.updatelock.release() return "0"
def installcert(self): """ installs the staging certificate as the currently installed certificate returns: 0 on success, and 1 on failure """ self.updatelock.acquire() try: # first verify that the staging certificate is a valid file verifycmd = "secure_script_wrapper -p2 %s verifystagingcert %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME") ) outputList = [] verifycode = E.execute(['localhost'], verifycmd, outputList, 60) if verifycode != 0: E.rm(['localhost'], ssl_cert.STAGINGCERT_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME")) logging.error("Verify failed for certificate [%s]; error code: %d" % (str(outputList), verifycode) ) return "1" # distribute the staging certificate retcode = E.distribute(self.cfg.getGlobalParam("MACHINES"), ssl_cert.STAGINGCERT_FILENAME % self.cfg.getGlobalParam("ENTERPRISE_HOME"), 60) if retcode != 0: logging.error("Couldn't distribute apache cert, error %d" % retcode) # next, generate the certificate on all machines cmd = "secure_script_wrapper -p2 %s installcert %s" % ( self.sslWrapperPath, self.cfg.getGlobalParam("ENTERPRISE_HOME")) outputList = [] retcode = E.execute(self.cfg.getGlobalParam("MACHINES"), cmd, outputList, 60) if retcode != 0: logging.error("Couldn't install cert: %s" % str(outputList)) return "1" self.writeAdminRunnerOpMsg(M.MSG_LOG_SSL_CERT_INSTALLED) finally: self.updatelock.release() return "0"
def sync_password_file(self): """ This updates the password file on all config replicas """ E.distribute(self.cfg.getGlobalParam("CONFIG_REPLICAS"), self.get_password_file(), true) E.distribute(self.cfg.getGlobalParam("CONFIG_REPLICAS"), self.get_vmanager_password_file(), true)
def create(linkFarmDir, chunkDisksMap, chunkPrefix, chunkTermination, binDir, machines): """ This does the create job. @param linkFarmDir the directory where is the link frm. Here we create a data link, a log dir and log dir @param chunkDisks the map from machines to datadisks @param chunkPrefix @param chunkTermination the dir termination @param machines on which machines we create this datadir @return boolean - the succes status """ ok = 1 for machine in machines: if not chunkDisksMap.has_key(machine): logging.error("ERROR: No entry for machine %s in data chunk disk map %s" % (machine, chunkDisksMap)) ok = 0 continue chunkDisks = chunkDisksMap[machine] # Prepare search.config content searchConfig = [] searchConfig.append( """datapath %s urlbuckets urlbuckets sorttempdir . """ % chunkTermination ) dirs = [] for d in ["-data", "-data/logs", "-data/%s" % C.RUNCONFIGDIR_DIRNAME]: dirs.append("%s/%s%s" % (linkFarmDir, chunkTermination, d)) for d in chunkDisks: searchConfig.append("disk %s/%s 1000\n" % (d, chunkPrefix)) dirs.append("%s/%s/%s" % (d, chunkPrefix, chunkTermination)) dirs.append("%s/%s/workqueue" % (d, chunkPrefix)) dirs.append("%s/%s/workqueue/bin" % (d, chunkPrefix)) if not E.mkdir([machine], string.join(dirs, " ")) or not E.ln( [machine], "%s/%s-data" % (linkFarmDir, chunkTermination), "%s/%s-data/data" % (linkFarmDir, chunkTermination), ): return false # create the search.config and distribute it fileName = "%s/%s-data/search.config" % (linkFarmDir, chunkTermination) tmpFile = "/tmp/search.config.tmp-%s" % chunkTermination try: open(tmpFile, "w").write(string.join(searchConfig, "")) if E.ERR_OK != E.distribute([machine], tmpFile, 1) or E.ERR_OK != E.execute( [machine], "mv -f %s %s" % (tmpFile, fileName), None, true ): ok = 0 E.rm([E.LOCALHOST, machine], tmpFile) except IOError: ok = 0 # set up link in workqueue slave binary directory (bin) to workqueue-slave # binary so that workqueue-slave can checksum/update itself for d in chunkDisks: if not E.ln( [machine], "%s/workqueue-slave" % binDir["workqueue-slave"], "%s/%s/workqueue/bin/current" % (d, chunkPrefix), ): ok = 0 return ok
def create(linkFarmDir, chunkDisksMap, chunkPrefix, chunkTermination, binDir, machines): """ This does the create job. @param linkFarmDir the directory where is the link frm. Here we create a data link, a log dir and log dir @param chunkDisks the map from machines to datadisks @param chunkPrefix @param chunkTermination the dir termination @param machines on which machines we create this datadir @return boolean - the succes status """ ok = 1 for machine in machines: if not chunkDisksMap.has_key(machine): logging.error( "ERROR: No entry for machine %s in data chunk disk map %s" % ( machine, chunkDisksMap)) ok = 0 continue chunkDisks = chunkDisksMap[machine] # Prepare search.config content searchConfig = [] searchConfig.append("""datapath %s urlbuckets urlbuckets sorttempdir . """ % chunkTermination) dirs = [] for d in ["-data", "-data/logs", "-data/%s" % C.RUNCONFIGDIR_DIRNAME]: dirs.append("%s/%s%s" % (linkFarmDir, chunkTermination, d)) for d in chunkDisks: searchConfig.append("disk %s/%s 1000\n" % (d, chunkPrefix)) dirs.append("%s/%s/%s" % (d, chunkPrefix, chunkTermination)) dirs.append("%s/%s/workqueue" % (d, chunkPrefix)) dirs.append("%s/%s/workqueue/bin" % (d, chunkPrefix)) if ( not E.mkdir([machine], string.join(dirs, " ")) or not E.ln([machine], "%s/%s-data" % (linkFarmDir, chunkTermination), "%s/%s-data/data" % (linkFarmDir, chunkTermination)) ): return false # create the search.config and distribute it fileName = "%s/%s-data/search.config" % (linkFarmDir, chunkTermination) tmpFile = "/tmp/search.config.tmp-%s" % chunkTermination; try: open(tmpFile, "w").write(string.join(searchConfig, "")) if ( E.ERR_OK != E.distribute([machine], tmpFile, 1) or E.ERR_OK != E.execute([machine], "mv -f %s %s" % (tmpFile, fileName), None, true) ): ok = 0 E.rm([E.LOCALHOST, machine], tmpFile) except IOError: ok = 0 # set up link in workqueue slave binary directory (bin) to workqueue-slave # binary so that workqueue-slave can checksum/update itself for d in chunkDisks: if not E.ln([machine], '%s/workqueue-slave' % binDir['workqueue-slave'], '%s/%s/workqueue/bin/current' % (d, chunkPrefix)): ok = 0 return ok;