def finalizeInstallation():
"""
Final steps of the installation, such as setting swift.conf and restarting services
"""
confFile = '/etc/swift/swift.conf'
localFile = 'swift.conf'
msg = 'Put base config file on node'
out = put(localFile,confFile)
if out.succeeded:
printMessage('good',msg)
else:
printMessage('oops',msg)
# In the [swift-hash] section, configure the hash path prefix and suffix for your environment
set_parameter(confFile,'swift-hash','swift_hash_path_prefix',env_config.hashPathPrefix)
set_parameter(confFile,'swift-hash','swift_hash_path_suffix',env_config.hashPathSuffix)
# In the [storage-policy:0] section, configure the default storage policy
set_parameter(confFile,'storage-policy:0','name','Policy-0')
set_parameter(confFile,'storage-policy:0','default','yes')
msg = 'Change ownership of the configuration directory to swift'
run("chown -R swift:swift /etc/swift")
execute(startServicesController)
execute(startServicesStorage)
def finalizeInstallation():
"""
Final steps of the installation, such as setting swift.conf and restarting services
"""
confFile = '/etc/swift/swift.conf'
localFile = 'swift.conf'
msg = 'Put base config file on node'
out = put(localFile, confFile)
if out.succeeded:
printMessage('good', msg)
else:
printMessage('oops', msg)
# In the [swift-hash] section, configure the hash path prefix and suffix for your environment
set_parameter(confFile, 'swift-hash', 'swift_hash_path_prefix',
env_config.hashPathPrefix)
set_parameter(confFile, 'swift-hash', 'swift_hash_path_suffix',
env_config.hashPathSuffix)
# In the [storage-policy:0] section, configure the default storage policy
set_parameter(confFile, 'storage-policy:0', 'name', 'Policy-0')
set_parameter(confFile, 'storage-policy:0', 'default', 'yes')
msg = 'Change ownership of the configuration directory to swift'
run("chown -R swift:swift /etc/swift")
execute(startServicesController)
execute(startServicesStorage)
def installConfigureChrony():
msg = 'installing chrony on %s' % env.host
sudo('yum -y install chrony')
var1 = run('rpm -qa |grep chrony ')
printMessage("good", msg)
logging.info(msg + " version " + var1)
if env.host == 'controller':
sed('/etc/chrony.conf', 'server 0.centos.pool.ntp.org iburst',
'server time1.srv.ualberta.ca iburst')
sed('/etc/chrony.conf', 'server 1.centos.pool.ntp.org iburst',
'server time2.srv.ualberta.ca iburst')
sed('/etc/chrony.conf', 'server 2.centos.pool.ntp.org iburst',
'server time3.srv.ualberta.ca iburst')
sed('/etc/chrony.conf', 'server 3.centos.pool.ntp.org iburst', '')
sed("/etc/chrony.conf", "#allow 192.168/16", "allow 192.168/16")
else:
run('echo "server controller iburst" > /etc/chrony.conf')
run('systemctl restart chronyd.service')
result = run('systemctl status chronyd.service')
if result.failed:
logging.info(" starting Chrony on " + env.host)
run('systemctl start chronyd.service')
run('systemctl enable chronyd.service')
else:
logging.info(" restarting Chrony on " + env.host)
run('systemctl restart chronyd.service')
printMessage("good", msg)
var1 = run('systemctl status chronyd.service |grep Active')
logging.info(env.host + " Chrony is " + var1)
def wait_to_finish(elementType, listCommand, elementName, finishWord):
print(blue("Waiting for %s to finish" % elementType))
with settings(warn_only=True):
msg = 'Create %s' % elementType
finishCheck = run("%s | grep %s | grep -i %s" %
(listCommand, elementName, finishWord),
quiet=True)
while finishCheck == '':
finishCheck = run("%s | grep %s | grep -i %s" %
(listCommand, elementName, finishWord),
quiet=True)
time = run('date +"%Y-%m-%d %H:%M:%S"', quiet=True)
errorCheck = run("%s | grep %s | grep -i ERROR" %
(listCommand, elementName),
quiet=True)
if errorCheck != '':
myLib.printMessage('oops', msg)
errormsg = 'Failure on: ' + msg
logging.error(errormsg)
logging.error(errorCheck)
myLib.checkLog(time)
sys.exit("%s couldn't finish. Check logs above" % elementType)
myLib.printMessage('good', msg)
logging.info('Success on: ' + msg)
logging.debug(finishCheck)
print(green("%s done!" % elementType))
def mustDoOnHost():
selinuxStatus = run("grep -w ^SELINUX /etc/selinux/config")
if ("enforcing" in selinuxStatus):
sed('/etc/selinux/config', 'SELINUX=enforcing', 'SELINUX=disabled')
print(
red(" REBOOT ") + green(" REBOOT ") + blue(" REBOOT ") +
" REBOOT ")
abort("you must reboot")
with settings(warn_only=True):
fwdstatus = run("systemctl is-active firewalld")
if (fwdstatus != "unknown"):
msg = 'Stop & Disable firewalld on ' + env.host
runCheck(msg,
'systemctl stop firewalld ; systemctl disable firewalld')
msg = 'Renaming host to %s' % env['host']
run('hostnamectl set-hostname %s' % env['host'])
printMessage("good", msg)
logging.info(msg)
with settings(warn_only=True):
hostsStatus = run('grep controller /etc/hosts')
if (hostsStatus.return_code != 0):
msg = "updating /etc/hosts"
for host in nicDictionary.keys():
newline = '%s\t%s' % (nicDictionary[host]['mgtIPADDR'], host)
runCheck(msg, "echo '%s' >> /etc/hosts" % newline)
def installConfigureChrony():
msg='installing chrony on %s'% env.host
sudo('yum -y install chrony')
var1=run('rpm -qa |grep chrony ')
printMessage("good", msg)
logging.info(msg +" version "+ var1)
if env.host == 'controller':
sed ('/etc/chrony.conf',
'server 0.centos.pool.ntp.org iburst',
'server time1.srv.ualberta.ca iburst')
sed ('/etc/chrony.conf',
'server 1.centos.pool.ntp.org iburst',
'server time2.srv.ualberta.ca iburst')
sed ('/etc/chrony.conf',
'server 2.centos.pool.ntp.org iburst',
'server time3.srv.ualberta.ca iburst')
sed ('/etc/chrony.conf',
'server 3.centos.pool.ntp.org iburst',
'')
sed("/etc/chrony.conf","#allow 192.168/16","allow 192.168/16")
else:
run('echo "server controller iburst" > /etc/chrony.conf')
run('systemctl restart chronyd.service')
result=run('systemctl status chronyd.service')
if result.failed:
logging.info(" starting Chrony on " +env.host)
run('systemctl start chronyd.service')
run('systemctl enable chronyd.service')
else:
logging.info(" restarting Chrony on " +env.host)
run('systemctl restart chronyd.service')
printMessage("good",msg)
var1=run('systemctl status chronyd.service |grep Active')
logging.info(env.host +" Chrony is "+ var1)
def secureDB():
if (env.host != "controller"):
return
run('echo "DELETE FROM mysql.user WHERE User=\'\';" | mysql ')
run('echo "DELETE FROM mysql.db WHERE Db=\'test\' " | mysql ')
run("""echo "update mysql.user set password=password('%s') where user='******'; " |mysql """ % env_config.passwd['ROOT_SECRET'])
run('systemctl restart mariadb.service')
run("""echo 'select user,password from mysql.user where user="******"' | mysql -u root -p%s """ % env_config.passwd['ROOT_SECRET'])
printMessage("good","********** MySQL is installed, configured and secured *************")
logging.info("********** MySQL is installed, configured and secured *************")
def tdd_DB():
if (env.host != "controller"):
return
msg=" talk to database engine"
result = run('mysql -u root -p%s -e "SHOW DATABASES"'% env_config.passwd['ROOT_SECRET'])
if result.failed :
printMessage("oops",msg)
else:
printMessage("good",msg)
print("Here is a list of the current databases:\n %s"% result)
def tdd_DB():
if (env.host != "controller"):
return
msg = " talk to database engine"
result = run('mysql -u root -p%s -e "SHOW DATABASES"' %
env_config.passwd['ROOT_SECRET'])
if result.failed:
printMessage("oops", msg)
else:
printMessage("good", msg)
print("Here is a list of the current databases:\n %s" % result)
def secureDB():
if (env.host != "controller"):
return
run('echo "DELETE FROM mysql.user WHERE User=\'\';" | mysql ')
run('echo "DELETE FROM mysql.db WHERE Db=\'test\' " | mysql ')
run("""echo "update mysql.user set password=password('%s') where user='******'; " |mysql """
% env_config.passwd['ROOT_SECRET'])
run('systemctl restart mariadb.service')
run("""echo 'select user,password from mysql.user where user="******"' | mysql -u root -p%s """
% env_config.passwd['ROOT_SECRET'])
printMessage(
"good",
"********** MySQL is installed, configured and secured *************")
logging.info(
"********** MySQL is installed, configured and secured *************")
def configureController():
confFile = '/etc/swift/proxy-server.conf'
localFile = 'proxy-server.conf'
# proxyServerConf is a config file made based on this model:
# https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxy-server.conf-sample
msg = "Put base {} on controller".format(confFile)
out = put(localFile, confFile)
if out.succeeded:
printMessage('good', msg)
else:
printMessage('oops', msg)
# set parameters
set_parameter(confFile, 'DEFAULT', 'bind_port', '8080')
set_parameter(confFile, 'DEFAULT', 'user', 'swift')
set_parameter(confFile, 'DEFAULT', 'swift_dir', '/etc/swift')
set_parameter(
confFile, 'pipeline:main', 'pipeline',
"'authtoken cache healthcheck keystoneauth proxy-logging proxy-server'"
)
set_parameter(confFile, 'app:proxy-server', 'allow_account_management',
'true')
set_parameter(confFile, 'app:proxy-server', 'account_autocreate', 'true')
set_parameter(confFile, 'filter:keystoneauth', 'use',
'egg:swift#keystoneauth')
set_parameter(confFile, 'filter:keystoneauth', 'operator_roles',
'admin,_member_')
set_parameter(confFile, 'filter:authtoken', 'paste.filter_factory',
'keystonemiddleware.auth_token:filter_factory')
set_parameter(confFile, 'filter:authtoken', 'auth_uri',
'http://controller:5000/v2.0')
set_parameter(confFile, 'filter:authtoken', 'identity_uri',
'http://controller:35357')
set_parameter(confFile, 'filter:authtoken', 'admin_tenant_name', 'service')
set_parameter(confFile, 'filter:authtoken', 'admin_user', 'swift')
set_parameter(confFile, 'filter:authtoken', 'admin_password',
passwd['SWIFT_PASS'])
set_parameter(confFile, 'filter:authtoken', 'delay_auth_decision', 'true')
set_parameter(confFile, 'filter:cache', 'memcache_servers',
'127.0.0.1:11211')
def wait_to_finish(elementType, listCommand, elementName, finishWord):
print(blue("Waiting for %s to finish" % elementType))
with settings(warn_only=True):
msg = 'Create %s' % elementType
finishCheck = run("%s | grep %s | grep -i %s" % (listCommand, elementName, finishWord), quiet=True)
while finishCheck == '':
finishCheck = run("%s | grep %s | grep -i %s" % (listCommand, elementName, finishWord), quiet=True)
time = run('date +"%Y-%m-%d %H:%M:%S"',quiet=True)
errorCheck = run("%s | grep %s | grep -i ERROR" % (listCommand, elementName), quiet=True)
if errorCheck != '':
myLib.printMessage('oops',msg)
errormsg = 'Failure on: ' + msg
logging.error(errormsg)
logging.error(errorCheck)
myLib.checkLog(time)
sys.exit("%s couldn't finish. Check logs above" % elementType)
myLib.printMessage('good',msg)
logging.info('Success on: ' + msg)
logging.debug(finishCheck)
print(green("%s done!" % elementType))
def mustDoOnHost():
selinuxStatus=run("grep -w ^SELINUX /etc/selinux/config")
if( "enforcing" in selinuxStatus):
sed('/etc/selinux/config','SELINUX=enforcing','SELINUX=disabled')
print(red(" REBOOT ")+green(" REBOOT ")+blue(" REBOOT ")+" REBOOT ")
abort("you must reboot")
with settings(warn_only=True):
fwdstatus=run("systemctl is-active firewalld")
if ( fwdstatus != "unknown"):
msg = 'Stop & Disable firewalld on ' + env.host
runCheck(msg, 'systemctl stop firewalld ; systemctl disable firewalld')
msg='Renaming host to %s' % env['host']
run('hostnamectl set-hostname %s' % env['host'])
printMessage("good", msg)
logging.info(msg)
with settings(warn_only=True):
hostsStatus=run('grep controller /etc/hosts')
if(hostsStatus.return_code != 0):
msg="updating /etc/hosts"
for host in nicDictionary.keys():
newline = '%s\t%s' % (nicDictionary[host]['mgtIPADDR'], host)
runCheck(msg,"echo '%s' >> /etc/hosts" % newline)
def configureController():
confFile = '/etc/swift/proxy-server.conf'
localFile = 'proxy-server.conf'
# proxyServerConf is a config file made based on this model:
# https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxy-server.conf-sample
msg = "Put base {} on controller".format(confFile)
out = put(localFile,confFile)
if out.succeeded:
printMessage('good',msg)
else:
printMessage('oops',msg)
# set parameters
set_parameter(confFile,'DEFAULT','bind_port','8080')
set_parameter(confFile,'DEFAULT','user','swift')
set_parameter(confFile,'DEFAULT','swift_dir','/etc/swift')
set_parameter(confFile,'pipeline:main','pipeline',"'authtoken cache healthcheck keystoneauth proxy-logging proxy-server'")
set_parameter(confFile,'app:proxy-server','allow_account_management','true')
set_parameter(confFile,'app:proxy-server','account_autocreate','true')
set_parameter(confFile,'filter:keystoneauth','use','egg:swift#keystoneauth')
set_parameter(confFile,'filter:keystoneauth','operator_roles','admin,_member_')
set_parameter(confFile,'filter:authtoken','paste.filter_factory','keystonemiddleware.auth_token:filter_factory')
set_parameter(confFile,'filter:authtoken','auth_uri','http://controller:5000/v2.0')
set_parameter(confFile,'filter:authtoken','identity_uri','http://controller:35357')
set_parameter(confFile,'filter:authtoken','admin_tenant_name','service')
set_parameter(confFile,'filter:authtoken','admin_user','swift')
set_parameter(confFile,'filter:authtoken','admin_password',passwd['SWIFT_PASS'])
set_parameter(confFile,'filter:authtoken','delay_auth_decision','true')
set_parameter(confFile,'filter:cache','memcache_servers','127.0.0.1:11211')
def configureStorage():
"""
Set the account-, container-, and object-server conf files
"""
serverConfFiles = ['account-server.conf','container-server.conf','object-server.conf']
ip = env_config.nicDictionary['compute1']['mgtIPADDR']
devicepath = swiftGlusterDir
# devicepath = '/srv/node'
# save base files into the host
for fil in serverConfFiles:
remotefile = '/etc/swift/' + fil
out = put(fil,remotefile)
msg = "Save file {} on host {}".format(fil,env.host)
if out.succeeded:
printMessage('good', msg)
else:
printMessage('oops', msg)
# set variables that are the same in all conf files
for confFile in serverConfFiles:
set_parameter('/etc/swift/' + confFile,'DEFAULT','bind_ip',ip)
set_parameter('/etc/swift/' + confFile,'DEFAULT','user','swift')
set_parameter('/etc/swift/' + confFile,'DEFAULT','swift_dir','/etc/swift')
set_parameter('/etc/swift/' + confFile,'DEFAULT','devices',devicepath)
set_parameter('/etc/swift/' + confFile,'filter:recon','recon_cache_path','/var/cache/swift')
# when the device isn't an actual disk,
# we need to set mount_check to false
set_parameter('/etc/swift/' + confFile,'DEFAULT','mount_check','false')
# Edit the account-server.conf file
confFile = '/etc/swift/' + serverConfFiles[0]
set_parameter(confFile,'DEFAULT','bind_port','6002')
set_parameter(confFile,'pipeline:main','pipeline',"'healthcheck recon account-server'")
# Edit the /etc/swift/container-server.conf file
confFile = '/etc/swift/' + serverConfFiles[1]
set_parameter(confFile,'DEFAULT','bind_port','6001')
set_parameter(confFile,'pipeline:main','pipeline',"'healthcheck recon container-server'")
# Edit the /etc/swift/object-server.conf
confFile = '/etc/swift/' + serverConfFiles[2]
set_parameter(confFile,'DEFAULT','bind_port','6000')
set_parameter(confFile,'pipeline:main','pipeline',"'healthcheck recon object-server'")
msg = 'Ensure proper ownership of the mount point directory structure'
runCheck(msg, "chown -R swift:swift {}".format(devicepath))
msg = 'Create the recon directory'
runCheck(msg, "mkdir -p /var/cache/swift")
msg = 'Ensure proper ownership of recon directory'
runCheck(msg, " chown -R swift:swift /var/cache/swift")
def check_firewall():
with settings(warn_only=True):
fwdstatus=run("systemctl is-active firewalld")
if ( fwdstatus == "unknown"):
msg="Verify firewall is down "
printMessage("good",msg)
def tdd_lvs():
msg = "TDD LVS Free space"
lvsFree=run("vgs | awk '/centos/ {print $7}'")
printMessage("good", msg +' '+ lvsFree)
def tdd_lvs():
msg = "TDD LVS Free space"
lvsFree = run("vgs | awk '/centos/ {print $7}'")
printMessage("good", msg + ' ' + lvsFree)
def check_firewall():
with settings(warn_only=True):
fwdstatus = run("systemctl is-active firewalld")
if (fwdstatus == "unknown"):
msg = "Verify firewall is down "
printMessage("good", msg)
def configureStorage():
"""
Set the account-, container-, and object-server conf files
"""
serverConfFiles = [
'account-server.conf', 'container-server.conf', 'object-server.conf'
]
ip = env_config.nicDictionary['compute1']['mgtIPADDR']
devicepath = swiftGlusterDir
# devicepath = '/srv/node'
# save base files into the host
for fil in serverConfFiles:
remotefile = '/etc/swift/' + fil
out = put(fil, remotefile)
msg = "Save file {} on host {}".format(fil, env.host)
if out.succeeded:
printMessage('good', msg)
else:
printMessage('oops', msg)
# set variables that are the same in all conf files
for confFile in serverConfFiles:
set_parameter('/etc/swift/' + confFile, 'DEFAULT', 'bind_ip', ip)
set_parameter('/etc/swift/' + confFile, 'DEFAULT', 'user', 'swift')
set_parameter('/etc/swift/' + confFile, 'DEFAULT', 'swift_dir',
'/etc/swift')
set_parameter('/etc/swift/' + confFile, 'DEFAULT', 'devices',
devicepath)
set_parameter('/etc/swift/' + confFile, 'filter:recon',
'recon_cache_path', '/var/cache/swift')
# when the device isn't an actual disk,
# we need to set mount_check to false
set_parameter('/etc/swift/' + confFile, 'DEFAULT', 'mount_check',
'false')
# Edit the account-server.conf file
confFile = '/etc/swift/' + serverConfFiles[0]
set_parameter(confFile, 'DEFAULT', 'bind_port', '6002')
set_parameter(confFile, 'pipeline:main', 'pipeline',
"'healthcheck recon account-server'")
# Edit the /etc/swift/container-server.conf file
confFile = '/etc/swift/' + serverConfFiles[1]
set_parameter(confFile, 'DEFAULT', 'bind_port', '6001')
set_parameter(confFile, 'pipeline:main', 'pipeline',
"'healthcheck recon container-server'")
# Edit the /etc/swift/object-server.conf
confFile = '/etc/swift/' + serverConfFiles[2]
set_parameter(confFile, 'DEFAULT', 'bind_port', '6000')
set_parameter(confFile, 'pipeline:main', 'pipeline',
"'healthcheck recon object-server'")
msg = 'Ensure proper ownership of the mount point directory structure'
runCheck(msg, "chown -R swift:swift {}".format(devicepath))
msg = 'Create the recon directory'
runCheck(msg, "mkdir -p /var/cache/swift")
msg = 'Ensure proper ownership of recon directory'
runCheck(msg, " chown -R swift:swift /var/cache/swift")