def setup(name, **kwargs):
env = Environment.get_instance()
config = env.config.mongodb.copy()
config.update(kwargs)
config['configpath'] = "/etc/mongodb/%s.conf" % name
if 'dbpath' not in kwargs:
config['dbpath'] = os.path.join(config.dbpath, name)
if 'logfilename' not in kwargs:
config['logfilename'] = "%s.log" % name
Directory("/etc/mongodb", owner="root", group="root", mode=0755)
Directory(config.dbpath,
owner="mongodb",
group="mongodb",
mode=0755,
recursive=True)
File(config.configpath,
owner="root",
group="root",
mode=0644,
content=Template("mongodb/mongodb.conf.j2",
variables=dict(mongodb=config)))
# notifies = [("restart", env.resources["MonitService"]["mongodb-%s" % name])])
controller = kwargs.get("controller")
if controller == "monit":
env.include_recipe("monit")
env.cookbooks.monit.rc(
"mongodb-%s" % name,
Template("mongodb/monit.conf.j2",
variables=dict(name=name, mongodb=config)))
env.cookbooks.monit.MonitService(
"mongodb-%s" % name,
subscribes=[("restart", env.resources["File"][config.configpath])])
elif controller == "supervisord":
env.include_recipe("supervisor")
env.cookbooks.supervisor.configuration(
"mongodb-%s" % name,
Template("mongodb/supervisord.conf.j2",
variables=dict(name=name, mongodb=config)))
env.cookbooks.supervisor.SupervisorService(
"mongodb-%s" % name,
subscribes=[("restart", env.resources["File"][config.configpath])])
else:
Service("mongodb-%s" % name,
subscribes=[("restart",
env.resources["File"][config.configpath])])
File("/etc/init/mongodb-%s.conf" % name,
owner="root",
group="root",
mode=0644,
content=Template("mongodb/upstart.conf.j2",
variables=dict(mongodb=config)),
notifies=[
("reload", env.resources["Service"]["mongodb-%s" % name],
True),
])
def Service(service_description,
host_name=None,
hostgroup_name=None,
check_command=None,
use="generic-service",
notification_interval=0,
action="create"):
env = Environment.get_instance()
values = dict(
host_name=host_name,
hostgroup_name=hostgroup_name,
service_description=service_description,
check_command=check_command,
use=use,
notification_interval=notification_interval,
)
if host_name:
env.config.nagios3.hosts[host_name]["services"][
service_description] = values
return
File("/etc/nagios3/conf.d/service_%s.cfg" % service_description.lower(),
content=Template("nagios3/service.cfg.j2", values),
action=action,
notifies=[("restart", env.resources["Service"]["nagios3"])])
dirname = filename
while dirname.rsplit('.', 1)[-1] in ('gz', 'tar', 'tgz', 'bz2'):
dirname = dirname.rsplit('.', 1)[0]
if not dirname:
raise Fail(
"Unable to figure out directory name of project for URL %s" % url)
Script("install-%s" % name,
not_if=lambda: os.path.exists(creates),
cwd="/usr/local/src",
code=("wget %(url)s\n"
"tar -zxvf %(filename)s\n"
"cd %(dirname)s\n"
"./configure && make install\n"
"ldconfig\n") %
dict(url=url, dirname=dirname, filename=filename))
Package("uuid-dev")
Package("libevent-dev")
Package("g++")
install_package(
"gearmand",
creates="/usr/local/sbin/gearmand",
url=
"http://launchpad.net/gearmand/trunk/0.14/+download/gearmand-0.14.tar.gz")
Directory("/var/run/gearmand", owner="nobody", mode=0755)
env.cookbooks.monit.rc("gearmand", content=Template("gearmand/monit.conf.j2"))
Service("nagios3",
supports_status=True,
supports_restart=True,
supports_reload=True)
# NRPE plugin
Package("nagios-nrpe-plugin")
##
File("/etc/nagios3/cgi.cfg",
owner="root",
group="root",
mode=0644,
content=Template("nagios3/cgi.cfg.j2"),
notifies=[("restart", env.resources["Service"]["nagios3"])])
if env.system.ec2:
File("/etc/nagios3/conf.d/host-gateway_nagios3.cfg",
action="delete",
notifies=[("restart", env.resources["Service"]["nagios3"])])
File("/etc/nagios3/conf.d/extinfo_nagios2.cfg",
action="delete",
notifies=[("restart", env.resources["Service"]["nagios3"])])
# nagios3 hostgroups
File("/etc/nagios3/conf.d/hostgroups_nagios2.cfg",
action="delete",
import os
from kokki import Execute, File, Template
Execute("pip install newrelic=={0}".format(env.config.newrelic.version))
File("{0}".format(env.config.newrelic.ini_file),
content=Template("newrelic/newrelic.ini.j2"),
owner="deploy",
group="root",
mode=0644)
File("{0}".format(env.config.newrelic.log_file),
content="",
owner="deploy",
group="root",
mode=0644)
else: # debian, ubuntu
Service("apache2",
supports_restart=True,
supports_reload=True,
supports_status=True)
Directory("%s/ssl" % env.config.apache.dir,
mode=0755,
owner="root",
group="root")
File("apache2.conf",
path=("%s/conf/httpd.conf" if env.system.platform in
("centos", "redhat", "fedora") else "%s/apache2.conf") %
env.config.apache.dir,
content=Template("apache2/apache2.conf.j2"),
owner="root",
group="root",
mode=0644,
notifies=[("restart", env.resources["Service"]["apache2"])])
File("apache2-security",
path="%s/conf.d/security" % env.config.apache.dir,
content=Template("apache2/security.j2"),
owner="root",
group="root",
mode=0644,
notifies=[("restart", env.resources["Service"]["apache2"])])
File("apache2-charset",
path="%s/conf.d/charset" % env.config.apache.dir,
action="delete",
notifies=[("stop", env.resources["Service"]["mongodb"], True)])
File("/etc/init/mongodb.conf", action="delete")
File("/etc/init.d/mongodb", action="delete")
else:
Directory(env.config.mongodb.dbpath,
owner="mongodb",
group="mongodb",
mode=0755,
recursive=True)
Service("mongodb")
File("/etc/init/mongodb.conf",
owner="root",
group="root",
mode=0644,
content=Template("mongodb/upstart.conf.j2",
variables=dict(mongodb=env.config.mongodb)),
notifies=[
("restart", env.resources["Service"]["mongodb"], True),
])
File(env.config.mongodb.configpath,
owner="root",
group="root",
mode=0644,
content=Template("mongodb/mongodb.conf.j2",
variables=dict(mongodb=env.config.mongodb)),
notifies=[("restart", env.resources["Service"]["mongodb"])])
from kokki import Package, Service, File, Template
Package("exim4", action="upgrade")
Service("exim4", supports_restart=True)
File("/etc/exim4/update-exim4.conf.conf",
owner="root",
group="root",
mode=0644,
content=Template("exim4/update-exim4.conf.conf.j2"),
notifies=[("restart", env.resources["Service"]["exim4"])])
File("/etc/exim4/exim4.conf.localmacros",
owner="root",
group="root",
mode=0644,
content="AUTH_CLIENT_ALLOW_NOTLS_PASSWORDS = 1\nMAIN_TLS_ENABLE = 1\n",
notifies=[("restart", env.resources["Service"]["exim4"])])
File("/etc/exim4/passwd.client",
mode=0640,
content=Template("exim4/passwd.client.j2"),
notifies=[("restart", env.resources["Service"]["exim4"])])
Package("monit")
Service("monit",
supports_status=False,
supports_restart=True,
action="nothing")
File("%s/monitrc" % env.config.monit.config_path,
owner="root",
group="root",
mode=0700,
content=Template("monit/monitrc.j2"),
notifies=[("restart", env.resources["Service"]["monit"])])
if env.system.platform == "ubuntu":
File("/etc/default/monit",
content=Template("monit/default.j2"),
notifies=[("restart", env.resources["Service"]["monit"])])
Directory("%s/monit.d" % env.config.monit.config_path,
owner="root",
group="root",
mode=0700)
from kokki import Package, Directory, File, Template, Service
Package("nginx")
Directory(env.config.nginx.log_dir,
mode=0755,
owner=env.config.nginx.user,
action='create')
for nxscript in ('nxensite', 'nxdissite'):
File("/usr/sbin/%s" % nxscript,
content=Template("nginx/%s.j2" % nxscript),
mode=0755,
owner="root",
group="root")
File("nginx.conf",
path="%s/nginx.conf" % env.config.nginx.dir,
content=Template("nginx/nginx.conf.j2"),
owner="root",
group="root",
mode=0644)
File("%s/sites-available/default" % env.config.nginx.dir,
content=Template("nginx/default-site.j2"),
owner="root",
group="root",
mode=0644)
Service("nginx",
supports_status=True,
Package("python-rackspace-cloudfiles")
Package("duplicity")
Directory("{0}/dbdumps/".format(env.config.cloudfiles.deploy_home),
owner = "postgres",
group = "deploy",
mode = 0750)
# /etc/crontab and the files in /etc/cron.d must be owned by root# and must *not* be group- or other-writable
File("/etc/cron.d/dbdumps",
owner = "root",
group = "root",
mode = 0644,
content = Template("postgresql-cloudfiles-backup/cronfile.j2"),
)
File("{0}/duplicity_uploader.sh".format(env.config.cloudfiles.deploy_home),
owner = "postgres",
group = "postgres",
mode = 0740,
content = Template("postgresql-cloudfiles-backup/duplicity_uploader.sh.j2"),
)
File("{0}/duplicity_downloader.sh".format(env.config.cloudfiles.deploy_home),
owner = "postgres",
group = "postgres",
mode = 0740,
content = Template("postgresql-cloudfiles-backup/duplicity_downloader.sh.j2"),
)
from kokki import Package, Directory, File, Template
Package("munin")
Directory(env.config.munin.dbdir, owner="munin", group="munin", mode=0755)
File("/etc/munin/munin.conf",
owner="root",
group="root",
mode=0644,
content=Template("munin/munin.conf.j2"))
from kokki import Package, File, Template, Service
if env.system.platform == "amazon":
Package("perl-NetAddr-IP")
Package("munin-node")
File("munin-node.conf",
path = "/etc/munin/munin-node.conf",
owner = "root",
group = "root",
mode = 0644,
content = Template("munin/munin-node.conf.j2"))
Service("munin-node",
subscribes = [("restart", env.resources["File"]["munin-node.conf"])])
File("/etc/munin/plugin-conf.d/python",
owner = "root",
group = "root",
mode = 0644,
content = (
"[*]\n"
"env.PYTHON_EGG_CACHE /tmp/munin-egg-cache\n"
),
notifies = [("restart", env.resources["Service"]["munin-node"])])
if env.system.ec2:
File("/etc/munin/plugins/if_err_eth0",
action = "delete",
from kokki import Package, File, Execute, Template
Package("unattended-upgrades")
Execute("update-package-index", command="apt-get -qq update", action="nothing")
File("/etc/apt/apt.conf",
owner="root",
group="root",
mode=0644,
content=Template("apt/apt.conf.j2"))
File("/etc/apt/sources.list",
owner="root",
group="root",
mode=0644,
content="%s\n" % "\n".join(env.config.apt.sources),
notifies=[("run", env.resources["Execute"]["update-package-index"])])
from kokki import File, Template
File("/etc/security/limits.conf",
owner="root",
group="root",
mode=0644,
content=Template("limits/limits.conf.j2"))
from kokki import Package, Service, File, Template, Link
Package("memcached", action="upgrade")
Package("libmemcache-dev", action="upgrade")
Service("memcached")
File("/etc/memcached.conf",
content=Template("memcached/memcached.conf.j2"),
owner="root",
group="root",
mode=0644,
notifies=[("restart", env.resources["Service"]["memcached"], True)])
if "librato.silverline" in env.included_recipes:
File("/etc/default/memcached",
owner="root",
group="root",
mode=0644,
content=("ENABLE_MEMCACHED=yes\n"
"export SL_NAME=memcached\n"),
notifies=[("restart", env.resources["Service"]["memcached"])])
if "munin.node" in env.included_recipes:
for n in ('bytes', 'connections', 'curr_items', 'items', 'queries'):
Link("/etc/munin/plugins/memcached_%s" % n,
to="/etc/munin/python-munin/plugins/memcached_%s" % n,
notifies=[("restart", env.resources['Service']['munin-node'])])
from kokki import Package, Service, File, Template
Package("pdns-server")
Service("pdns")
File("/etc/powerdns/pdns.conf",
owner="root",
group="root",
mode=0644,
content=Template("powerdns/pdns.conf"),
notifies=[("reload", env.resources["Service"]["pdns"])])
for be in env.config.powerdns.backends:
Package("pdns-backend-%s" % be)
command = "apt-get update",
action = "nothing")
Execute("curl http://www.serverdensity.com/downloads/boxedice-public.key | apt-key add -",
not_if = "(apt-key list | grep 'Server Density' > /dev/null)")
File(apt_list_path,
owner = "root",
group ="root",
mode = 0644,
content = apt+"\n",
notifies = [("run", env.resources["Execute"]["apt-update-serverdensity"], True)])
Package("sd-agent")
Directory(env.config.serverdensity.plugin_directory,
owner = "sd-agent",
group = "sd-agent",
mode = 0770,
recursive = True)
Service("sd-agent",
supports_restart = True)
File("/etc/sd-agent/config.cfg",
owner = "sd-agent",
group = "sd-agent",
mode = 0660,
content = Template("serverdensity/config.cfg.j2"),
notifies = [("restart", env.resources["Service"]["sd-agent"])])
from kokki import Package, Directory, Link, File, Template
env.include_recipe("cloudera")
Package("flume")
Directory("/etc/flume/conf.kokki", owner="root", group="root", mode=0755)
Link("/etc/flume/conf", to="/etc/flume/conf.kokki")
File("flume-config",
path="/etc/flume/conf.kokki/flume-conf.xml",
owner="root",
group="root",
mode=0644,
content=Template("flume/flume-conf.xml.j2"))
File("flume-site-config",
path="/etc/flume/conf.kokki/flume-site.xml",
owner="root",
group="root",
mode=0644,
content=Template("flume/flume-site.xml.j2"))
File("flume-log-config",
path="/etc/flume/conf.kokki/log4j.properties",
owner="root",
group="root",
mode=0644,
content=Template("flume/log4j.properties.j2"))
from kokki import Directory, File, Template
Directory("{0}gunicorn/".format(env.config.deploy_home),
mode=0755,
owner="deploy",
action="create")
for site in env.config.gunicorn.sites:
File("{0}gunicorn/{1}.conf".format(env.config.deploy_home, site["name"]),
content=Template(
"gunicorn/gunicorn.conf.j2",
variables={
"name": site["name"],
"port": site["port"],
"worker_count": site["worker_count"],
"python_version": env.config.python_version,
"virtualenvs_root": env.config.virtualenvs_root,
},
),
owner="root",
group="root",
mode=0644)
# apt = "deb http://apt.librato.com/debian/ lenny non-free"
if not apt:
raise Fail("Can't find a cloudkick package for your platform/version")
Execute("apt-update-cloudkick", command="apt-get update", action="nothing")
Execute(
"curl http://packages.cloudkick.com/cloudkick.packages.key | apt-key add -",
not_if="(apt-key list | grep 'Cloudkick' > /dev/null)")
File(apt_list_path,
owner="root",
group="root",
mode=0644,
content=apt + "\n",
notifies=[("run", env.resources["Execute"]["apt-update-cloudkick"], True)
])
File("/etc/cloudkick.conf",
owner="root",
group="root",
mode=0644,
content=Template("cloudkick/cloudkick.conf.j2"))
Package("cloudkick-agent", action="upgrade")
Service("cloudkick-agent",
supports_restart=True,
subscribes=[("restart", env.resources["File"]["/etc/cloudkick.conf"])])
Package("python-pycurl")
Package("python-imaging")
# Clone project
Directory(os.path.dirname(env.config.avatartare.path), mode=0755)
Execute(
"git clone git://github.com/samuel/avatartare.git %s" %
env.config.avatartare.path,
creates=env.config.avatartare.path,
)
# Bootstrap the environment
Execute(
"avatartare-bootstrap",
command="python bin/bootstrap.py env",
cwd=env.config.avatartare.path,
creates="%s/env" % env.config.avatartare.path,
)
# Config
File("avatartare-local_settings.py",
path="%s/local_settings.py" % env.config.avatartare.path,
content=Template("avatartare/local_settings.py.j2"),
notifies=[("restart", env.resources["SupervisorService"]["avatartare"])])
# Setup Supervisor to start and monitor the processes
File("%s/avatartare.conf" % env.config.supervisor.custom_config_path,
content=Template("avatartare/supervisor.j2"),
notifies=[("restart", env.resources["SupervisorService"]["avatartare"])])
from kokki import Package, File, Template
Package("sudo", action="upgrade")
File(
"/etc/sudoers",
owner="root",
group="root",
mode=0440,
content=Template("sudo/sudoers.j2"),
)
supports_status=True,
action="nothing")
Directory(env.config.redis.dbdir,
owner = "root",
group = "root",
mode = 0700,
recursive = True)
File("redis.conf",
path = env.config.redis.configfile,
owner = "root",
group = "root",
mode = 0644,
content = Template("redis/redis.conf.j2"),
notifies = [("reload", env.resources["Service"]["redis"], True)])
# env.cookbooks.monit.rc("redis",
# content = Template("redis/monit.conf.j2"))
File("/etc/init.d/redis",
owner = "root",
group = "root",
mode = 0755,
content = Template("redis/init.conf.j2",
variables = dict(
redis = dict(
logpath = os.path.dirname(env.config.redis.logfile),
dbdir = env.config.redis.dbdir,
configfile = env.config.redis.configfile,
Package("libgeos-3.2.2")
Package("libgeos-c1")
Package("libgeos-dev")
Package("libgdal1-1.8.0")
Package("libgdal1-dev")
Package("libxml2")
Package("libxml2-dev")
Package("checkinstall")
Package("proj")
File("pg_hba.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql9.config_dir, "pg_hba.conf"),
content=Template("postgresql9/pg_hba.conf.j2"),
notifies=[("reload", env.resources["Service"]["postgresql"])])
File("postgresql.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql9.config_dir, "postgresql.conf"),
content=Template("postgresql9/postgresql.conf.j2"),
notifies=[("restart", env.resources["Service"]["postgresql"])])
File("30-postgresql-shm.conf",
owner="root",
group="root",
mode=0644,
path="/etc/sysctl.d/30-postgresql-shm.conf",
import os
from kokki import Service, File, Package, Template
Service("postgresql",
supports_restart=True,
supports_reload=True,
supports_status=True,
action="nothing")
Package("postgresql-8.4",
notifies=[("stop", env.resources["Service"]["postgresql"], True)])
File("pg_hba.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql84.config_dir, "pg_hba.conf"),
content=Template("postgresql84/pg_hba.conf.j2"),
notifies=[("reload", env.resources["Service"]["postgresql"])])
File("postgresql.conf",
owner="postgres",
group="postgres",
mode=0600,
path=os.path.join(env.config.postgresql84.config_dir, "postgresql.conf"),
content=Template("postgresql84/postgresql.conf.j2"),
notifies=[("restart", env.resources["Service"]["postgresql"])])
supports_restart=True,
supports_reload=True,
supports_status=True,
action="nothing")
Package("sasl2-bin")
Package("sendmail")
Execute("sendmailconfig", command="sendmailconfig --no-reload", action="nothing")
Execute("newaliases", command="newaliases", action="nothing")
File("/etc/mail/sendmail.mc",
owner="root",
group="smmsp",
mode=0644,
content=Template("sendmail/sendmail.mc.j2"),
notifies=[("run", env.resources["Execute"]["sendmailconfig"], True),
("restart", env.resources["Service"]["sendmail"])])
File("/etc/mail/submit.mc",
owner="root",
group="smmsp",
mode=0644,
content=Template("sendmail/submit.mc.j2"),
notifies=[("run", env.resources["Execute"]["sendmailconfig"], True),
("restart", env.resources["Service"]["sendmail"])])
File("/etc/aliases",
owner="root",
group="root",
mode=0644,
from kokki import Service, Package, File, Template
if env.system.os == "linux":
Package("openssh-server", action="upgrade")
Package("openssh-client", action="upgrade")
if not env.config.sshd.service_name:
if env.system.platform in ("redhat", "fedora", "centos", "amazon"):
env.config.sshd.service_name = "sshd"
else:
env.config.sshd.service_name = "ssh"
Service("ssh", service_name=env.config.sshd.service_name)
File("sshd_config",
path="/etc/ssh/sshd_config",
content=Template("ssh/sshd_config.j2"),
mode=0644,
owner="root",
group="root",
notifies=[("restart", env.resources["Service"]["ssh"], True)])
for server in compute.servers.list():
if "loadbalancer" in server.name:
ip_addresses["loadbalancer_internal_ip"] = server.addresses[
"private"][0]
if "appnode" in server.name:
ip_addresses["appnode_internal_ips"] = server.addresses[
"private"]
return ip_addresses
Execute(
"iptables-restore",
action="nothing",
command=(
"iptables --flush && /sbin/iptables-restore < /etc/iptables.up.rules"),
)
File("/etc/iptables.up.rules",
owner="root",
group="root",
mode=0644,
notifies=[("run", env.resources["Execute"]["iptables-restore"], True)],
content=Template("iptables/iptables.up.rules.j2",
variables=get_openstack_ips()))
File("/etc/network/if-pre-up.d/iptables",
owner="root",
group="root",
mode=0644,
content=Template("iptables/iptables.j2"))
from kokki import File, Template
def SSHConfig(name, hosts, mode=0600, **kwargs):
File(name,
mode = mode,
content = Template("ssh/config.j2", {'hosts': hosts}),
**kwargs)