def chekFSR(server, gluu_version):
c = RemoteClient(server.hostname, ip=server.ip)
paths = []
try:
c.startup()
except Exception as e:
flash("Can't establish SSH connection to {}".format(server.hostname),
"warning")
return False, [], paths
csync_config = '/opt/gluu-server-{}/etc/csync2.cfg'.format(gluu_version)
result = c.get_file(csync_config)
if result[0]:
servers = []
paths
for l in result[1].readlines():
ls = l.strip()
if ls.startswith('host') and ls.endswith(';'):
hostname = ls.split()[1][:-1]
servers.append(hostname)
elif ls.startswith('include') and ls.endswith(';'):
ipath = ls.split('include')[1].strip().strip(';').strip()
paths.append(ipath)
if servers:
return True, servers, paths
return False, [], paths
def index():
servers = Server.query.all()
appconf = AppConfiguration.query.first()
if not appconf:
flash(
"The application needs to be configured first. Kindly set the "
"values before attempting clustering.", "warning")
return redirect(url_for("index.app_configuration"))
if not servers:
flash("Add servers to the cluster before attempting to manage cache",
"warning")
return redirect(url_for('index.home'))
if appconf.external_load_balancer:
c_host = appconf.cache_host
c_ip = appconf.cache_ip
else:
c_host = appconf.nginx_host
c_ip = appconf.nginx_ip
c = RemoteClient(host=c_host, ip=c_ip)
try:
c.startup()
except:
flash("SSH connection can't be established to cache server", "warning")
result = c.get_file('/etc/stunnel/stunnel.conf')
installed_servers = []
if result[0]:
installed_servers = get_redis_config(result[1])
for server in servers:
if server.ip in installed_servers:
server.redis = True
else:
server.redis = False
version = int(appconf.gluu_version.replace(".", ""))
if version < 311:
flash(
"Cache Management is available only for clusters configured with"
" Gluu Server version 3.1.1 and above", "danger")
return redirect(url_for('index.home'))
form = CacheSettingsForm()
return render_template('cache_index.html', servers=servers, form=form)
def edit_slapd_conf(server_id):
"""This view provides editing of slapd.conf file before depoloyments."""
server = Server.query.get(server_id)
appconf = AppConfiguration.query.first()
# If there is no server with server_id return to home
if not server:
flash("No such server.", "warning")
return redirect(url_for('index.home'))
if not server.gluu_server:
chroot = '/'
else:
chroot = '/opt/gluu-server-' + appconf.gluu_version
# slapd.conf file will be downloaded from server. Make ssh connection
# and download it
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
except ClientNotSetupException as e:
flash(str(e), "danger")
return redirect(url_for('index.home'))
slapd_conf_file = os.path.join(chroot, 'opt/symas/etc/openldap/slapd.conf')
if request.method == 'POST':
config = request.form.get('conf')
r = c.put_file(slapd_conf_file, config)
if not r[0]:
flash("Cant' saved to server: {0}".format(r[1]), "danger")
else:
flash('File {0} was saved on {1}'.format(slapd_conf_file,
server.hostname))
return redirect(url_for('index.home'))
# After editing, slapd.conf file will be uploaded to server via ssh
r = c.get_file(slapd_conf_file)
if not r[0]:
flash("Cant't get file {0}: {1}".format(slapd_conf_file, r[1]),
"success")
return redirect(url_for('index.home'))
config = r[1].read()
return render_template('conf_editor.html',
config=config,
hostname=server.hostname)
def edit_slapd_conf(server_id):
server = Server.query.get(server_id)
appconf = AppConfiguration.query.first()
if not server:
print "Yoook"
flash("No such server.", "warning")
return redirect(url_for('index.home'))
if not server.gluu_server:
chroot = '/'
else:
chroot = '/opt/gluu-server-' + appconf.gluu_version
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
except ClientNotSetupException as e:
flash(str(e), "danger")
return redirect(url_for('index.home'))
slapd_conf_file = os.path.join(chroot, 'opt/symas/etc/openldap/slapd.conf')
if request.method == 'POST':
config = request.form.get('conf')
r = c.put_file(slapd_conf_file, config)
if not r[0]:
flash("Cant' saved to server: {0}".format(r[1]), "danger")
else:
flash('File {0} was saved on {1}'.format(slapd_conf_file,
server.hostname))
return redirect(url_for('index.home'))
r = c.get_file(slapd_conf_file)
if not r[0]:
flash("Cant't get file {0}: {1}".format(slapd_conf_file, r[1]),
"success")
return redirect(url_for('index.home'))
config = r[1].read()
return render_template('conf_editor.html',
config=config,
hostname=server.hostname)
def install_cache_cluster(self, servers_id_list, cache_servers_id_list):
tid = self.request.id
servers = [ Server.query.get(id) for id in servers_id_list ]
cache_servers = [ CacheServer.query.get(id) for id in cache_servers_id_list ]
app_conf = AppConfiguration.query.first()
primary_cache = None
primary_cache_server = CacheServer.query.first()
for server in cache_servers:
rc = __get_remote_client(server, tid)
if not rc:
wlogger.log(tid, "SSH connection to server failed", "error", server_id=server.id)
return False
ri = RedisInstaller(server, tid, rc)
if app_conf.offline:
if not ri.check_installed():
wlogger.log(
tid,
'Redis Server was not installed. Please install Redis '
' Server and retry.',
'error',
server_id=server.id
)
return False
redis_installed = ri.install()
wlogger.log(
tid,
'Setting Redis password',
'info',
server_id=server.id
)
ri.set_redis_password()
if redis_installed:
wlogger.log(tid, "Redis install successful", "success",
server_id=server.id)
else:
wlogger.log(tid, "Redis install failed", "fail",
server_id=server.id)
return False
ri.run_sysctl('enable')
ri.run_sysctl('restart')
si = StunnelInstaller(server, tid, rc)
if app_conf.offline:
if not si.check_installed():
wlogger.log(
tid,
'Stunnel was not installed. Please install stunnel '
'and retry.',
'error',
server_id=server.id
)
return False
if si.check_installed():
server.stunnel = True
else:
wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id)
stunnel_installed = si.install()
if stunnel_installed:
server.stunnel = True
wlogger.log(tid, "Stunnel install successful", "success",
server_id=server.id)
else:
server.stunnel = False
wlogger.log(tid, "Stunnel install failed", "fail",
server_id=server.id)
return False
if si.os_type == 'rpm':
si.upload_service_file()
if si.os_type == 'deb':
wlogger.log(tid, "Enabling stunnel", "debug", server_id=server.id)
si.run_command("sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4")
if not primary_cache:
primary_cache = server.ip
if not rc.exists('/etc/stunnel/redis-server.crt'):
wlogger.log(tid, "Creating SSL certificate for stunnel", "info",
server_id=server.id)
si.run_command(
'openssl req -x509 -nodes -days 3650 -newkey rsa:2048 '
'-batch -keyout /etc/stunnel/redis-server.key '
'-out /etc/stunnel/redis-server.crt'
)
si.run_command('chmod 600 /etc/stunnel/redis-server.key')
wlogger.log(tid, "Retreiving server certificate", "info",
server_id=server.id)
stunnel_redis_conf = (
'pid = /run/stunnel-redis.pid\n'
'[redis-server]\n'
'cert = /etc/stunnel/redis-server.crt\n'
'key = /etc/stunnel/redis-server.key\n'
'accept = {0}:{1}\n'
'connect = 127.0.0.1:6379\n'
).format(server.ip, primary_cache_server.stunnel_port)
wlogger.log(tid, "Writing redis stunnel configurations", "info",
server_id=server.id)
rc.put_file('/etc/stunnel/stunnel.conf', stunnel_redis_conf)
si.run_sysctl('enable')
si.run_sysctl('restart')
server.installed = True
db.session.commit()
rc.close()
wlogger.log(tid, "2", "set_step")
# retreive stunnel certificate
rc = RemoteClient(primary_cache_server.hostname, ip=primary_cache_server.ip)
rc.startup()
stunnel_cert = rc.get_file('/etc/stunnel/redis-server.crt')
if not stunnel_cert[0]:
print "Can't retreive server certificate from primary cache server"
return False
stunnel_cert = stunnel_cert[1].read()
for server in servers:
rc = __get_remote_client(server, tid)
if not rc:
wlogger.log(tid, "SSH connection to server failed", "error", server_id=server.id)
return False
si = StunnelInstaller(server, tid, rc)
wlogger.log(tid, "Installing Stunnel", "debug", server_id=server.id)
if si.rc.exists('/usr/bin/stunnel') or si.rc.exists('/bin/stunnel'):
wlogger.log(tid, "Stunnel was allready installed", "info",
server_id=server.id)
server.stunnel = True
else:
wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id)
stunnel_installed = si.install()
if stunnel_installed:
server.stunnel = True
wlogger.log(tid, "Stunnel install successful", "success",
server_id=server.id)
else:
server.stunnel = False
wlogger.log(tid, "Stunnel install failed", "fail",
server_id=server.id)
return False
if si.os_type == 'rpm':
si.upload_service_file()
if si.os_type == 'deb':
wlogger.log(tid, "Enabling stunnel", "debug", server_id=server.id)
si.run_command("sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4")
stunnel_redis_conf = (
'pid = /run/stunnel-redis.pid\n'
'[redis-client]\n'
'client = yes\n'
'accept = 127.0.0.1:{1}\n'
'connect = {0}:{1}\n'
'CAfile = /etc/stunnel/redis-server.crt\n'
'verify = 4\n'
).format(primary_cache, primary_cache_server.stunnel_port)
wlogger.log(tid, "Writing redis stunnel configurations", "info",
server_id=server.id)
rc.put_file('/etc/stunnel/stunnel.conf', stunnel_redis_conf)
wlogger.log(tid, "Uploading server certificate", "info",
server_id=server.id)
rc.put_file('/etc/stunnel/redis-server.crt', stunnel_cert)
si.run_sysctl('enable')
si.run_sysctl('restart')
if server.primary_server:
server_string = 'localhost:{0}'.format(primary_cache_server.stunnel_port)
__update_LDAP_cache_method(tid, server, server_string, redis_password=primary_cache_server.redis_password)
wlogger.log(tid, "Restarting Gluu Server", "info",
server_id=server.id)
if server.os in ('RHEL 7', 'CentOS 7', 'Ubuntu 18'):
si.run_command('/sbin/gluu-serverd-{} restart'.format(app_conf.gluu_version))
else:
si.run_command('systemctl restart gluu-server-{}'.format(app_conf.gluu_version))
wlogger.log(tid, "3", "set_step")