def update_ns_for_ganeti(): debug(env.host, "Updating name server entries for backend %s..." % env.env.cluster.fqdn) update_arecord(env.env.cluster) update_ptrrecord(env.env.cluster) try_run("/etc/init.d/bind9 restart")
def add_pools(): debug(env.host, " * Creating pools of resources (brigdes, mac prefixes) " + "in cyclades...") try_run("snf-manage pool-create --type=mac-prefix " + "--base=aa:00:0 --size=65536") try_run("snf-manage pool-create --type=bridge --base=prv --size=20")
def enable_drbd(): if env.enable_drbd: debug(env.host, " * Enabling DRBD...") install_package("drbd8-utils") try_run("modprobe drbd minor_count=255 usermode_helper=/bin/true") try_run("echo drbd minor_count=255 usermode_helper=/bin/true " + ">> /etc/modules")
def init_cluster(): debug(env.host, " * Initializing Ganeti backend...") # extra = "" # if env.enable_lvm: # extra += " --vg-name={0} ".format(env.env.vg) # else: # extra += " --no-lvm-storage " # if not env.enable_drbd: # extra += " --no-drbd-storage " extra = " --no-lvm-storage --no-drbd-storage " cmd = """ gnt-cluster init --enabled-hypervisors=kvm \ {0} \ --nic-parameters link={1},mode=bridged \ --master-netdev {2} \ --default-iallocator hail \ --specs-nic-count min=0,max=8 \ --hypervisor-parameters kvm:kernel_path=,vnc_bind_address=0.0.0.0 \ --no-ssh-init --no-etc-hosts \ {3} """.format(extra, env.env.common_bridge, env.env.cluster_netdev, env.env.cluster.fqdn) try_run(cmd) cmd = """gnt-cluster modify --enabled-disk-templates file,plain,ext""" try_run(cmd)
def get_service_details(service="pithos"): debug(env.host, " * Getting registered details for %s service..." % service) result = try_run("snf-manage component-list") r = re.compile(r".*%s.*" % service, re.M) service_id, _, _, service_token = r.search(result).group().split() # print("%s: %s %s" % (service, service_id, service_token)) return (service_id, service_token)
def setup_ganeti(): debug(env.host, "Setting up snf-ganeti...") node_info = env.env.ips_info[env.host] with settings(hide("everything")): #if env.enable_lvm: # try_run("vgs " + env.env.vg) try_run("getent hosts " + env.env.cluster.fqdn) try_run("getent hosts %s | grep -v ^127" % env.host) try_run("hostname -f | grep " + node_info.fqdn) #try_run("ip link show " + env.env.common_bridge) #try_run("ip link show " + env.env.common_bridge) #try_run("apt-get update") install_package("qemu-kvm") install_package("python-bitarray") install_package("ganeti-haskell") install_package("ganeti-htools") install_package("snf-ganeti") try_run("mkdir -p /srv/ganeti/file-storage/") cmd = """ cat <<EOF > /etc/ganeti/file-storage-paths /srv/ganeti/file-storage /srv/ganeti/shared-file-storage EOF """ try_run(cmd)
def add_pools(): debug( env.host, " * Creating pools of resources (brigdes, mac prefixes) " + "in cyclades...") try_run("snf-manage pool-create --type=mac-prefix " + "--base=aa:00:0 --size=65536") try_run("snf-manage pool-create --type=bridge --base=prv --size=20")
def install_package(package): debug(env.host, " * Installing package %s..." % package) apt_get = "export DEBIAN_FRONTEND=noninteractive ;" + \ "apt-get install -y --force-yes " host_info = env.env.ips_info[env.host] env.env.update_packages(host_info.os) if ast.literal_eval(env.env.use_local_packages): with settings(warn_only=True): deb = local("ls %s/%s*%s_*.deb" % (env.env.packages, package, host_info.os), capture=True) if deb: debug( env.host, " * Package %s found in %s..." % (package, env.env.packages)) try_put(deb, "/tmp/") try_run("dpkg -i /tmp/%s || " % os.path.basename(deb) + apt_get + "-f") try_run("rm /tmp/%s" % os.path.basename(deb)) return info = getattr(env.env, package) if info in \ ["squeeze-backports", "squeeze", "stable", "testing", "unstable", "wheezy"]: apt_get += " -t %s %s " % (info, package) elif info: apt_get += " %s=%s " % (package, info) else: apt_get += package try_run(apt_get) return
def setup_cms(): debug(env.host, "Setting up cms...") if env.cms_pass: debug(env.host, "Aborting. Prerequisites not met.") return with settings(hide("everything")): try_run("ping -c1 accounts." + env.env.domain) setup_gunicorn() setup_apache() setup_webproject() install_package("snf-cloudcms") tmpl = "/etc/synnefo/cms.conf" replace = { "ACCOUNTS": env.env.accounts.fqdn, } custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl, mode=0644) try_run("/etc/init.d/gunicorn restart") cmd = """ snf-manage syncdb snf-manage migrate --delete-ghost-migrations """.format(env.env.domain) try_run(cmd)
def setup_resolv_conf(): debug(env.host, "Tweak /etc/resolv.conf...") try_run("/etc/init.d/network-manager stop", abort=False) tmpl = "/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate" replace = {} custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl, mode=0644) try_run("cp /etc/resolv.conf /etc/resolv.conf.bak") tmpl = "/etc/resolv.conf" replace = { "domain": env.env.domain, "ns_node_ip": env.env.ns.ip, } custom = customize_settings_from_tmpl(tmpl, replace) try: try_put(custom, tmpl) cmd = """ echo "\ # This has been generated automatically by snf-deploy, at # $(date). # The immutable bit (+i attribute) has been used to avoid it being # overwritten by software such as NetworkManager or resolvconf. # Use lsattr/chattr to view or modify its file attributes. $(cat {0})" > {0} """.format(tmpl) try_run(cmd) except: pass try_run("chattr +i /etc/resolv.conf")
def setup_apache(): debug(env.host, " * Setting up apache2...") host_info = env.env.ips_info[env.host] install_package("apache2") tmpl = "/etc/apache2/sites-available/synnefo" replace = { "HOST": host_info.fqdn, } custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl) tmpl = "/etc/apache2/sites-available/synnefo-ssl" custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl) cmd = """ a2enmod ssl a2enmod rewrite a2dissite default a2ensite synnefo a2ensite synnefo-ssl a2enmod headers a2enmod proxy_http a2dismod autoindex """ try_run(cmd) try_run("/etc/init.d/apache2 restart")
def install_package(package): debug(env.host, " * Installing package %s..." % package) apt_get = "export DEBIAN_FRONTEND=noninteractive ;" + \ "apt-get install -y --force-yes " host_info = env.env.ips_info[env.host] env.env.update_packages(host_info.os) if ast.literal_eval(env.env.use_local_packages): with settings(warn_only=True): deb = local("ls %s/%s*%s_*.deb" % (env.env.packages, package, host_info.os), capture=True) if deb: debug(env.host, " * Package %s found in %s..." % (package, env.env.packages)) try_put(deb, "/tmp/") try_run("dpkg -i /tmp/%s || " % os.path.basename(deb) + apt_get + "-f") try_run("rm /tmp/%s" % os.path.basename(deb)) return info = getattr(env.env, package) if info in \ ["squeeze-backports", "squeeze", "stable", "testing", "unstable", "wheezy"]: apt_get += " -t %s %s " % (info, package) elif info: apt_get += " %s=%s " % (package, info) else: apt_get += package try_run(apt_get) return
def check_dns(): debug(env.host, "Checking fqdns for synnefo..") for n, info in env.env.nodes_info.iteritems(): try_run("ping -c 1 " + info.fqdn) for n, info in env.env.roles.iteritems(): try_run("ping -c 1 " + info.fqdn)
def create_bridges(): debug(env.host, " * Creating bridges...") install_package("bridge-utils") cmd = """ brctl addbr {0} ; ip link set {0} up """.format(env.env.common_bridge) try_run(cmd)
def setup_db(): debug(env.host, "Setting up DataBase server...") install_package("postgresql") tmpl = "/tmp/db-init.psql" replace = { "synnefo_user": env.env.synnefo_user, "synnefo_db_passwd": env.env.synnefo_db_passwd, } custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl) cmd = 'su - postgres -c "psql -w -f %s" ' % tmpl try_run(cmd) cmd = """ conf=$(ls /etc/postgresql/*/main/postgresql.conf) echo "listen_addresses = '*'" >> $conf """ try_run(cmd) if env.env.testing_vm: cmd = """ conf=$(ls /etc/postgresql/*/main/postgresql.conf) echo "fsync=off\nsynchronous_commit=off\nfull_page_writes=off" >> $conf """ try_run(cmd) allow_access_in_db(env.host, "all", "trust") try_run("/etc/init.d/postgresql restart")
def update_ns_for_ganeti(): debug( env.host, "Updating name server entries for backend %s..." % env.env.cluster.fqdn) update_arecord(env.env.cluster) update_ptrrecord(env.env.cluster) try_run("/etc/init.d/bind9 restart")
def try_get(remote_path, local_path=None, abort=True, **kwargs): try: get(remote_path, local_path=local_path, **kwargs) except BaseException as e: if abort: fabric.utils.abort(e) else: debug(env.host, "WARNING: command failed. Continuing anyway...")
def get_service_details(service="pithos"): debug(env.host, " * Getting registered details for %s service..." % service) result = try_run("snf-manage component-list -o id,name,token") r = re.compile(r".*%s.*" % service, re.M) service_id, _, service_token = r.search(result).group().split() # print("%s: %s %s" % (service, service_id, service_token)) return (service_id, service_token)
def gnt_network_add(name="test", subnet="10.0.0.0/26", gw="10.0.0.1", mode="bridged", link="br0"): debug(env.host, " * Adding test network to Ganeti...") cmd = """ gnt-network add --network={1} --gateway={2} {0} gnt-network connect {0} {3} {4} """.format(name, subnet, gw, mode, link) try_run(cmd)
def setup_gunicorn(): debug(env.host, " * Setting up gunicorn...") install_package("gunicorn") tmpl = "/etc/gunicorn.d/synnefo" replace = {} custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl, mode=0644) try_run("/etc/init.d/gunicorn restart")
def setup_lvm(): debug(env.host, "create volume group %s for ganeti.." % env.env.vg) if env.enable_lvm: install_package("lvm2") cmd = """ pvcreate {0} vgcreate {1} {0} """.format(env.env.extra_disk, env.env.vg) try_run(cmd)
def setup_drbd_dparams(): if env.enable_drbd: debug(env.host, " * Twicking drbd related disk parameters in Ganeti...") cmd = """ gnt-cluster modify --disk-parameters=drbd:metavg={0} gnt-group modify --disk-parameters=drbd:metavg={0} default """.format(env.env.vg) try_run(cmd)
def setup_vncauthproxy(): debug(env.host, " * Setting up vncauthproxy...") install_package("snf-vncauthproxy") cmd = """ echo CHUID="www-data:nogroup" >> /etc/default/vncauthproxy rm /var/log/vncauthproxy/vncauthproxy.log """ try_run(cmd) try_run("/etc/init.d/vncauthproxy restart")
def setup_gunicorn(): debug(env.host, " * Setting up gunicorn...") install_package("gunicorn") try_run("chown root.www-data /var/log/gunicorn") tmpl = "/etc/gunicorn.d/synnefo" replace = {} custom = customize_settings_from_tmpl(tmpl, replace) try_put(custom, tmpl, mode=0644) try_run("/etc/init.d/gunicorn restart")
def setup_hosts(): debug(env.host, "Tweaking /etc/hosts and ssh_config files...") try_run("echo StrictHostKeyChecking no >> /etc/ssh/ssh_config") cmd = "sed -i 's/^127.*$/127.0.0.1 localhost/g' /etc/hosts " try_run(cmd) host_info = env.env.ips_info[env.host] cmd = "hostname %s" % host_info.hostname try_run(cmd) cmd = "echo %s > /etc/hostname" % host_info.hostname try_run(cmd)
def enable_lvm(): if env.enable_lvm: debug(env.host, " * Enabling LVM...") cmd = """ gnt-cluster modify --vg-name={0} """.format(env.env.vg) try_run(cmd) else: debug(env.host, " * Disabling LVM...") try_run("gnt-cluster modify --no-lvm-storage")
def customize_settings_from_tmpl(tmpl, replace): debug(env.host, " * Customizing template %s..." % tmpl) local = env.env.templates + tmpl _, custom = tempfile.mkstemp() shutil.copyfile(local, custom) for k, v in replace.iteritems(): regex = "re.sub('%{0}%', '{1}', line)".format(k.upper(), v) massedit.edit_files([custom], [regex], dry_run=False) return custom
def astakos_register_pithos_view(): debug(env.host, " * Register pithos view as oauth2 client...") pithos_base_url = "https://%s/pithos" % env.env.pithos.fqdn cmd = """ snf-manage oauth2-client-add pithos-view --secret={0} --is-trusted \ --url {1} """.format(env.env.oa2_secret, '%s/ui/view' % pithos_base_url) try_run(cmd)
def setup_nfs_dirs(): debug(env.host, " * Creating NFS mount point for pithos and ganeti...") cmd = """ mkdir -p {0} cd {0} mkdir -p data chown www-data:www-data data chmod g+ws data mkdir -p {1} """.format(env.env.pithos_dir, env.env.image_dir) try_run(cmd)
def setup_mq(): debug(env.host, "Setting up RabbitMQ...") install_package("rabbitmq-server") cmd = """ rabbitmqctl add_user {0} {1} rabbitmqctl set_permissions {0} ".*" ".*" ".*" rabbitmqctl delete_user guest rabbitmqctl set_user_tags {0} administrator """.format(env.env.synnefo_user, env.env.synnefo_rabbitmq_passwd) try_run(cmd) try_run("/etc/init.d/rabbitmq-server restart")
def destroy_cluster(): debug(env.host, " * Destroying Ganeti cluster...") #TODO: remove instances first allnodes = env.env.cluster_hostnames[:] allnodes.remove(env.host) for n in allnodes: host_info = env.env.ips_info[env.host] debug(env.host, " * Removing node %s..." % n) cmd = "gnt-node remove " + host_info.fqdn try_run(cmd) try_run("gnt-cluster destroy --yes-do-it")
def try_run(cmd, abort=True): try: if env.local: return local(cmd, capture=True) else: return run(cmd) except BaseException as e: if abort: fabric.utils.abort(e) else: debug(env.host, "WARNING: command failed. Continuing anyway...")
def setup_router(): debug(env.host, " * Setting up internal router for NAT...") cmd = """ echo 1 > /proc/sys/net/ipv4/ip_forward iptables -t nat -A POSTROUTING -s {0} -o {3} -j MASQUERADE ip addr add {1} dev {2} ip route add {0} dev {2} src {1} """.format(env.env.synnefo_public_network_subnet, env.env.synnefo_public_network_gateway, env.env.common_bridge, env.env.public_iface) try_run(cmd)
def gnt_instance_add(name="test"): debug(env.host, " * Adding test instance to Ganeti...") osp = """img_passwd=gamwtosecurity,\ img_format=diskdump,img_id=debian_base,\ img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'""" cmd = """ gnt-instance add -o snf-image+default --os-parameters {0} \ -t plain --disk 0:size=1G --no-name-check --no-ip-check \ --net 0:ip=pool,network=test --no-install \ --hypervisor-parameters kvm:machine_version=pc-1.0 {1} """.format(osp, name) try_run(cmd)
def activate_user(user_email=None): if not user_email: user_email = env.env.user_email debug(env.host, " * Activate user %s..." % user_email) with settings(host_string=env.env.db.ip): uid, user_auth_token, user_uuid = get_auth_token_from_db(user_email) cmd = """ snf-manage user-modify --verify {0} snf-manage user-modify --accept {0} """.format(uid) try_run(cmd)
def setup_vncauthproxy(): debug(env.host, " * Setting up vncauthproxy...") user = "******" salt = "$6$7FUdSvFcWAs3hfVj$" passhash = "ZwvnvpQclTrDYWEwBvZDMRJZNgb6ZUKT1vNsh9NzUIxMpzBuGgMqYxCDTYF"\ "6OZcbunDZb88pjL2EIBnzrGMQW1" cmd = """ mkdir /var/lib/vncauthproxy echo '%s:%s%s' > /var/lib/vncauthproxy/users """ % (user, salt, passhash) try_run(cmd) install_package("snf-vncauthproxy")