def chekFSR(server, gluu_version): c = RemoteClient(server.hostname, ip=server.ip) paths = [] try: c.startup() except Exception as e: flash("Can't establish SSH connection to {}".format(server.hostname), "warning") return False, [], paths csync_config = '/opt/gluu-server-{}/etc/csync2.cfg'.format(gluu_version) result = c.get_file(csync_config) if result[0]: servers = [] paths for l in result[1].readlines(): ls = l.strip() if ls.startswith('host') and ls.endswith(';'): hostname = ls.split()[1][:-1] servers.append(hostname) elif ls.startswith('include') and ls.endswith(';'): ipath = ls.split('include')[1].strip().strip(';').strip() paths.append(ipath) if servers: return True, servers, paths return False, [], paths
def index(): servers = Server.query.all() appconf = AppConfiguration.query.first() if not appconf: flash( "The application needs to be configured first. Kindly set the " "values before attempting clustering.", "warning") return redirect(url_for("index.app_configuration")) if not servers: flash("Add servers to the cluster before attempting to manage cache", "warning") return redirect(url_for('index.home')) if appconf.external_load_balancer: c_host = appconf.cache_host c_ip = appconf.cache_ip else: c_host = appconf.nginx_host c_ip = appconf.nginx_ip c = RemoteClient(host=c_host, ip=c_ip) try: c.startup() except: flash("SSH connection can't be established to cache server", "warning") result = c.get_file('/etc/stunnel/stunnel.conf') installed_servers = [] if result[0]: installed_servers = get_redis_config(result[1]) for server in servers: if server.ip in installed_servers: server.redis = True else: server.redis = False version = int(appconf.gluu_version.replace(".", "")) if version < 311: flash( "Cache Management is available only for clusters configured with" " Gluu Server version 3.1.1 and above", "danger") return redirect(url_for('index.home')) form = CacheSettingsForm() return render_template('cache_index.html', servers=servers, form=form)
def edit_slapd_conf(server_id): """This view provides editing of slapd.conf file before depoloyments.""" server = Server.query.get(server_id) appconf = AppConfiguration.query.first() # If there is no server with server_id return to home if not server: flash("No such server.", "warning") return redirect(url_for('index.home')) if not server.gluu_server: chroot = '/' else: chroot = '/opt/gluu-server-' + appconf.gluu_version # slapd.conf file will be downloaded from server. Make ssh connection # and download it c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() except ClientNotSetupException as e: flash(str(e), "danger") return redirect(url_for('index.home')) slapd_conf_file = os.path.join(chroot, 'opt/symas/etc/openldap/slapd.conf') if request.method == 'POST': config = request.form.get('conf') r = c.put_file(slapd_conf_file, config) if not r[0]: flash("Cant' saved to server: {0}".format(r[1]), "danger") else: flash('File {0} was saved on {1}'.format(slapd_conf_file, server.hostname)) return redirect(url_for('index.home')) # After editing, slapd.conf file will be uploaded to server via ssh r = c.get_file(slapd_conf_file) if not r[0]: flash("Cant't get file {0}: {1}".format(slapd_conf_file, r[1]), "success") return redirect(url_for('index.home')) config = r[1].read() return render_template('conf_editor.html', config=config, hostname=server.hostname)
def edit_slapd_conf(server_id): server = Server.query.get(server_id) appconf = AppConfiguration.query.first() if not server: print "Yoook" flash("No such server.", "warning") return redirect(url_for('index.home')) if not server.gluu_server: chroot = '/' else: chroot = '/opt/gluu-server-' + appconf.gluu_version c = RemoteClient(server.hostname, ip=server.ip) try: c.startup() except ClientNotSetupException as e: flash(str(e), "danger") return redirect(url_for('index.home')) slapd_conf_file = os.path.join(chroot, 'opt/symas/etc/openldap/slapd.conf') if request.method == 'POST': config = request.form.get('conf') r = c.put_file(slapd_conf_file, config) if not r[0]: flash("Cant' saved to server: {0}".format(r[1]), "danger") else: flash('File {0} was saved on {1}'.format(slapd_conf_file, server.hostname)) return redirect(url_for('index.home')) r = c.get_file(slapd_conf_file) if not r[0]: flash("Cant't get file {0}: {1}".format(slapd_conf_file, r[1]), "success") return redirect(url_for('index.home')) config = r[1].read() return render_template('conf_editor.html', config=config, hostname=server.hostname)
def install_cache_cluster(self, servers_id_list, cache_servers_id_list): tid = self.request.id servers = [ Server.query.get(id) for id in servers_id_list ] cache_servers = [ CacheServer.query.get(id) for id in cache_servers_id_list ] app_conf = AppConfiguration.query.first() primary_cache = None primary_cache_server = CacheServer.query.first() for server in cache_servers: rc = __get_remote_client(server, tid) if not rc: wlogger.log(tid, "SSH connection to server failed", "error", server_id=server.id) return False ri = RedisInstaller(server, tid, rc) if app_conf.offline: if not ri.check_installed(): wlogger.log( tid, 'Redis Server was not installed. Please install Redis ' ' Server and retry.', 'error', server_id=server.id ) return False redis_installed = ri.install() wlogger.log( tid, 'Setting Redis password', 'info', server_id=server.id ) ri.set_redis_password() if redis_installed: wlogger.log(tid, "Redis install successful", "success", server_id=server.id) else: wlogger.log(tid, "Redis install failed", "fail", server_id=server.id) return False ri.run_sysctl('enable') ri.run_sysctl('restart') si = StunnelInstaller(server, tid, rc) if app_conf.offline: if not si.check_installed(): wlogger.log( tid, 'Stunnel was not installed. Please install stunnel ' 'and retry.', 'error', server_id=server.id ) return False if si.check_installed(): server.stunnel = True else: wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id) stunnel_installed = si.install() if stunnel_installed: server.stunnel = True wlogger.log(tid, "Stunnel install successful", "success", server_id=server.id) else: server.stunnel = False wlogger.log(tid, "Stunnel install failed", "fail", server_id=server.id) return False if si.os_type == 'rpm': si.upload_service_file() if si.os_type == 'deb': wlogger.log(tid, "Enabling stunnel", "debug", server_id=server.id) si.run_command("sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4") if not primary_cache: primary_cache = server.ip if not rc.exists('/etc/stunnel/redis-server.crt'): wlogger.log(tid, "Creating SSL certificate for stunnel", "info", server_id=server.id) si.run_command( 'openssl req -x509 -nodes -days 3650 -newkey rsa:2048 ' '-batch -keyout /etc/stunnel/redis-server.key ' '-out /etc/stunnel/redis-server.crt' ) si.run_command('chmod 600 /etc/stunnel/redis-server.key') wlogger.log(tid, "Retreiving server certificate", "info", server_id=server.id) stunnel_redis_conf = ( 'pid = /run/stunnel-redis.pid\n' '[redis-server]\n' 'cert = /etc/stunnel/redis-server.crt\n' 'key = /etc/stunnel/redis-server.key\n' 'accept = {0}:{1}\n' 'connect = 127.0.0.1:6379\n' ).format(server.ip, primary_cache_server.stunnel_port) wlogger.log(tid, "Writing redis stunnel configurations", "info", server_id=server.id) rc.put_file('/etc/stunnel/stunnel.conf', stunnel_redis_conf) si.run_sysctl('enable') si.run_sysctl('restart') server.installed = True db.session.commit() rc.close() wlogger.log(tid, "2", "set_step") # retreive stunnel certificate rc = RemoteClient(primary_cache_server.hostname, ip=primary_cache_server.ip) rc.startup() stunnel_cert = rc.get_file('/etc/stunnel/redis-server.crt') if not stunnel_cert[0]: print "Can't retreive server certificate from primary cache server" return False stunnel_cert = stunnel_cert[1].read() for server in servers: rc = __get_remote_client(server, tid) if not rc: wlogger.log(tid, "SSH connection to server failed", "error", server_id=server.id) return False si = StunnelInstaller(server, tid, rc) wlogger.log(tid, "Installing Stunnel", "debug", server_id=server.id) if si.rc.exists('/usr/bin/stunnel') or si.rc.exists('/bin/stunnel'): wlogger.log(tid, "Stunnel was allready installed", "info", server_id=server.id) server.stunnel = True else: wlogger.log(tid, "Installing Stunnel", "info", server_id=server.id) stunnel_installed = si.install() if stunnel_installed: server.stunnel = True wlogger.log(tid, "Stunnel install successful", "success", server_id=server.id) else: server.stunnel = False wlogger.log(tid, "Stunnel install failed", "fail", server_id=server.id) return False if si.os_type == 'rpm': si.upload_service_file() if si.os_type == 'deb': wlogger.log(tid, "Enabling stunnel", "debug", server_id=server.id) si.run_command("sed -i 's/ENABLED=0/ENABLED=1/g' /etc/default/stunnel4") stunnel_redis_conf = ( 'pid = /run/stunnel-redis.pid\n' '[redis-client]\n' 'client = yes\n' 'accept = 127.0.0.1:{1}\n' 'connect = {0}:{1}\n' 'CAfile = /etc/stunnel/redis-server.crt\n' 'verify = 4\n' ).format(primary_cache, primary_cache_server.stunnel_port) wlogger.log(tid, "Writing redis stunnel configurations", "info", server_id=server.id) rc.put_file('/etc/stunnel/stunnel.conf', stunnel_redis_conf) wlogger.log(tid, "Uploading server certificate", "info", server_id=server.id) rc.put_file('/etc/stunnel/redis-server.crt', stunnel_cert) si.run_sysctl('enable') si.run_sysctl('restart') if server.primary_server: server_string = 'localhost:{0}'.format(primary_cache_server.stunnel_port) __update_LDAP_cache_method(tid, server, server_string, redis_password=primary_cache_server.redis_password) wlogger.log(tid, "Restarting Gluu Server", "info", server_id=server.id) if server.os in ('RHEL 7', 'CentOS 7', 'Ubuntu 18'): si.run_command('/sbin/gluu-serverd-{} restart'.format(app_conf.gluu_version)) else: si.run_command('systemctl restart gluu-server-{}'.format(app_conf.gluu_version)) wlogger.log(tid, "3", "set_step")