def dry_run(server_id):
#return jsonify({'nginx': {'port_status': {7777: True, 1636: True, 80: True, 30865: True, 1689: True, 443: True, 4444: False, 8989: True}, 'ssh': True}, 'server': {'port_status': {7777: True, 1636: True, 80: True, 30865: True, 1689: True, 443: True, 4444: False, 8989: False}, 'ssh': True}})
result = {'server':{'ssh':False, 'port_status':{}}, 'nginx':{'ssh':False, 'port_status':{}}}
server_ports = [1689, 443, 4444, 1636, 80, 8989, 7777, 30865]
for p in server_ports:
result['nginx']['port_status'][p] = False
result['server']['port_status'][p] = False
server = Server.query.get(server_id)
appconf = AppConfiguration.query.first()
c = RemoteClient(server.hostname, server.ip)
try:
c.startup()
result['server']['ssh']=True
except:
pass
if result['server']['ssh']:
#Test is any process listening ports that will be used by gluu-server
for p in server_ports:
r = c.run('nc -zv {} {}'.format(server.ip, p))
if r[2].strip().endswith('open') or r[2].strip().endswith('succeeded!'):
result['server']['port_status'][p] = True
if appconf.external_load_balancer:
c_host = appconf.cache_host
c_ip = appconf.cache_ip
else:
c_host = appconf.nginx_host
c_ip = appconf.nginx_ip
c_nginx = RemoteClient(c_host, c_ip)
try:
c_nginx.startup()
result['nginx']['ssh']=True
except:
pass
if result['nginx']['ssh']:
for p in server_ports:
if not result['server']['port_status'][p]:
r = test_port(c, c_nginx, p)
if r:
result['nginx']['port_status'][p] = True
else:
r = c_nginx.run('nc -zv {} {}'.format(server.ip, p))
if r[2].strip().endswith('open') or r[2].strip().endswith('succeeded!'):
result['nginx']['port_status'][p] = True
return jsonify(result)
class RemoteClientTestCase(unittest.TestCase):
def setUp(self):
with patch("clustermgr.core.remote.SSHClient") as mock_client:
self.sshclient = mock_client.return_value
# self.sshclient.open_sftp.return_value = MagicMock(name="sftp")
self.rc = RemoteClient('server')
self.rc.startup()
@patch('clustermgr.core.remote.SSHClient')
def test_starup_falls_back_to_ip(self, mock_client):
instance = mock_client.return_value
instance.connect = MagicMock(side_effect=[SSHException, None])
RemoteClient('server', ip='0.0.0.0').startup()
instance.connect.assert_called_with('0.0.0.0',
port=22,
username='******')
def test_download_calls_sftpclient_get(self):
rv = self.rc.download('remote', 'local')
self.rc.sftpclient.get.assert_called_with('remote', 'local')
assert "successful" in rv
def test_download_returns_errors_when_get_throws_errors(self):
self.rc.sftpclient.get.side_effect = OSError
rv = self.rc.download('remote', 'local_1')
self.assertIn('Error: Local', rv)
self.rc.sftpclient.get.side_effect = IOError
rv = self.rc.download('remote', 'local_2')
self.assertIn('Error: Remote', rv)
def test_upload_calls_sftpclient_put(self):
rv = self.rc.upload('local', 'remote')
self.rc.sftpclient.put.assert_called_with('local', 'remote')
assert "successful" in rv
def test_upload_returns_errors_when_put_throws_errors(self):
self.rc.sftpclient.put.side_effect = IOError
rv = self.rc.upload('local', 'remote')
self.assertIn('Error: Remote', rv)
self.rc.sftpclient.put.side_effect = OSError
rv = self.rc.upload('local_2', 'remote_2')
self.assertIn('Error: Local', rv)
def test_upload_and_download_throws_error_if_sftpclient_is_none(self):
self.rc.sftpclient = None
with self.assertRaises(ClientNotSetupException):
self.rc.upload('s', 't')
with self.assertRaises(ClientNotSetupException):
self.rc.download('s', 't')
def test_exists_and_run_throws_error_if_client_is_none(self):
self.rc.client = None
with self.assertRaises(ClientNotSetupException):
self.rc.exists('s')
with self.assertRaises(ClientNotSetupException):
self.rc.run('s')
def get_status():
status = {'redis': {}, 'stunnel': {}}
servers = Server.query.all()
check_cmd = 'python -c "import socket;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);print s.connect_ex((\'{0}\', {1}))"'
cache_servers = get_cache_servers()
stunnel_port = cache_servers[0].stunnel_port if cache_servers else None
for server in servers + cache_servers:
key = server.ip.replace('.', '_')
c = RemoteClient(host=server.hostname, ip=server.ip)
try:
c.startup()
except:
status['stunnel'][key] = False
status['redis'][key] = False
else:
status['stunnel'][key] = False
if server in cache_servers:
r = c.run(check_cmd.format('localhost', 6379))
stat = r[1].strip()
if stat == '0':
status['redis'][key] = True
else:
status['redis'][key] = False
if stunnel_port:
r = c.run(check_cmd.format(server.ip, stunnel_port))
stat = r[1].strip()
if stat == '0':
status['stunnel'][key] = True
else:
if stunnel_port:
r = c.run(check_cmd.format('localhost', '6379'))
stat = r[1].strip()
if stat == '0':
status['stunnel'][key] = True
c.close()
return jsonify(status)
def get_uptime(host):
"""Retreives uptime for host
Args:
host (string): hostname of server
returns:
Uptime for host
"""
c = RemoteClient(host)
try:
c.startup()
except:
flash(
"SSH Connection to host {} could not be established".format(host))
return
try:
#Execute script on the remote server, fetch output and convert json data
#to Python dictionary
cmd = 'python /var/monitoring/scripts/get_data.py age'
result = c.run(cmd)
data = json.loads(result[1])
return str(timedelta(seconds=data['data']['uptime']))
except:
flash("Uptime information could not be fethced from {}".format(host))
def get_status():
status = {'redis': {}, 'stunnel': {}}
servers = Server.query.all()
check_cmd = 'python -c "import socket;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);print s.connect_ex((\'{0}\', {1}))"'
for server in servers:
r = os.popen3(check_cmd.format(server.ip, 7777))
stat = r[1].read().strip()
if stat == '0':
status['stunnel'][server.id] = True
else:
status['stunnel'][server.id] = False
c = RemoteClient(host=server.hostname, ip=server.ip)
try:
c.startup()
except:
status['stunnel'][server.id] = False
r = c.run(check_cmd.format('localhost', 6379))
stat = r[1].strip()
if stat == '0':
status['redis'][server.id] = True
else:
status['redis'][server.id] = False
return jsonify(status)
def get_server_status():
servers = Server.query.all()
services = {
'oxauth': '.well-known/openid-configuration',
'identity': 'identity/restv1/scim-configuration',
'shib': 'idp/shibboleth',
'passport': 'passport'
}
status = {}
active_services = ['oxauth', 'identity']
prop = get_setup_properties()
if prop['installSaml']:
active_services.append('shib')
if prop['installPassport']:
active_services.append('passport')
for server in servers:
status[server.id] = {}
c = RemoteClient(server.hostname)
c.ok = False
try:
c.startup()
c.ok = True
except Exception as e:
pass
for service in active_services:
status[server.id][service] = False
if c.ok:
try:
result = c.run("curl -kLI https://localhost/" +
services[service] +
" -o /dev/null -w '%{http_code}\n' -s")
if result[1].strip() == '200':
status[server.id][service] = True
except Exception as e:
print "Error getting service status of {0} for {1}. ERROR: {2}".format(
server.hostname, service, e)
return jsonify(status)
def get_opendj_replication_status():
"""Retreives opendj replication status form primary server
:returns: A string that shows replication status
"""
primary_server = Server.query.filter_by(primary_server=True).first()
app_config = AppConfiguration.query.first()
#Make ssh connection to primary server
c = RemoteClient(primary_server.hostname, ip=primary_server.ip)
chroot = '/opt/gluu-server-' + app_config.gluu_version
cmd_run = '{}'
#determine execution environment for differetn OS types
if (primary_server.os == 'CentOS 7') or (primary_server.os == 'RHEL 7'):
chroot = None
cmd_run = ('ssh -o IdentityFile=/etc/gluu/keys/gluu-console '
'-o Port=60022 -o LogLevel=QUIET '
'-o StrictHostKeyChecking=no '
'-o UserKnownHostsFile=/dev/null '
'-o PubkeyAuthentication=yes root@localhost "{}"')
else:
cmd_run = 'chroot %s /bin/bash -c "{}"' % (chroot)
try:
c.startup()
except Exception as e:
return False, "Cannot establish SSH connection {0}".format(e)
#This command queries server for replication status
cmd = ('/opt/opendj/bin/dsreplication status -n -X -h {} '
'-p 4444 -I admin -w $\'{}\'').format(
primary_server.hostname,
app_config.replication_pw.replace("'", "\\'"))
print "executing", cmd
cmd = cmd_run.format(cmd)
si, so, se = c.run(cmd)
return True, so
class BaseInstaller(object):
"""Base class for component installers.
Args:
server (class:`clustermgr.models.Server`): the server object denoting
the server where server should be installed
tid (string): the task id of the celery task to add logs
"""
def __init__(self, server, tid):
self.server = server
self.tid = tid
self.rc = RemoteClient(server.hostname, ip=server.ip)
def install(self):
"""install() detects the os of the server and calls the appropriate
function to install redis on that server.
Returns:
boolean status of the install process
"""
try:
self.rc.startup()
except Exception as e:
wlogger.log(self.tid, "Could not connect to {0}".format(e),
"error", server_id=self.server.id)
return False
cin, cout, cerr = self.rc.run("ls /etc/*release")
files = cout.split()
cin, cout, cerr = self.rc.run("cat " + files[0])
status = False
if "Ubuntu" in cout:
status = self.install_in_ubuntu()
elif "CentOS" in cout:
status = self.install_in_centos()
else:
wlogger.log(self.tid, "Server OS is not supported. {0}".format(
cout), "error", server_id=self.server.id)
self.rc.close()
return status
def install_in_ubuntu(self):
"""This method should be overridden by the sub classes. Run the
commands needed to install your component.
Returns:
boolean status of success of the install
"""
pass
def install_in_centos(self):
"""This method should be overridden by the sub classes. Run the
commands needed to install your component.
Returns:
boolean status of success of the install
"""
pass
def run_command(self, cmd):
wlogger.log(self.tid, cmd, "debug", server_id=self.server.id)
return self.rc.run(cmd)
def setup_sharded(tid):
servers = Server.query.filter(Server.redis.is_(True)).filter(
Server.stunnel.is_(True)).all()
appconf = AppConfiguration.query.first()
# Store the redis server info in the LDAP
ports_count = len(servers) - 1
for server in servers:
wlogger.log(tid,
"Updating oxCacheConfiguration ...",
"debug",
server_id=server.id)
server_string = ",".join(
['localhost:6379'] +
["localhost:700{0}".format(i) for i in xrange(ports_count)])
try:
dbm = DBManager(
server.hostname,
1636,
server.ldap_password,
ssl=True,
ip=server.ip,
)
except Exception as e:
wlogger.log(tid,
"Couldn't connect to LDAP. Error: {0}".format(e),
"error",
server_id=server.id)
wlogger.log(tid, "Make sure your LDAP server is listening to "
"connections from outside",
"debug",
server_id=server.id)
continue
entry = dbm.get_appliance_attributes('oxCacheConfiguration')
cache_conf = json.loads(entry.oxCacheConfiguration.value)
cache_conf['cacheProviderType'] = 'REDIS'
cache_conf['redisConfiguration']['redisProviderType'] = 'SHARDED'
cache_conf['redisConfiguration']['servers'] = server_string
result = dbm.set_applicance_attribute('oxCacheConfiguration',
[json.dumps(cache_conf)])
if not result:
wlogger.log(tid,
"oxCacheConfigutaion update failed",
"fail",
server_id=server.id)
continue
# generate stunnel configuration and upload it to the server
wlogger.log(tid, "Setting up stunnel", "info", server_id=server.id)
chdir = '/'
if server.gluu_server:
chdir = "/opt/gluu-server-{0}".format(appconf.gluu_version)
rc = RemoteClient(server.hostname, ip=server.ip)
try:
rc.startup()
except:
wlogger.log(tid, "Could not connect to the server over SSH. "
"Stunnel setup failed.",
"error",
server_id=server.id)
continue
wlogger.log(tid,
"Enable stunnel start on system boot",
"debug",
server_id=server.id)
# replace the /etc/default/stunnel4 to enable start on system startup
local = os.path.join(app.root_path, 'templates', 'stunnel',
'stunnel4.default')
remote = os.path.join(chdir, 'etc/default/stunnel4')
rc.upload(local, remote)
# setup the certificate file
wlogger.log(tid,
"Generating certificate for stunnel ...",
"debug",
server_id=server.id)
prop_buffer = StringIO()
propsfile = os.path.join(chdir, "install", "community-edition-setup",
"setup.properties.last")
rc.sftpclient.getfo(propsfile, prop_buffer)
prop_buffer.seek(0)
props = dict()
prop_in = lambda line: line.split("=")[1].strip()
for line in prop_buffer:
if re.match('^countryCode', line):
props['country'] = prop_in(line)
if re.match('^state', line):
props['state'] = prop_in(line)
if re.match('^city', line):
props['city'] = prop_in(line)
if re.match('^orgName', line):
props['org'] = prop_in(line)
if re.match('^hostname', line):
props['cn'] = prop_in(line)
if re.match('^admin_email', line):
props['email'] = prop_in(line)
subject = "'/C={country}/ST={state}/L={city}/O={org}/CN={cn}" \
"/emailAddress={email}'".format(**props)
cert_path = os.path.join(chdir, "etc", "stunnel", "server.crt")
key_path = os.path.join(chdir, "etc", "stunnel", "server.key")
pem_path = os.path.join(chdir, "etc", "stunnel", "cert.pem")
cmd = [
"/usr/bin/openssl", "req", "-subj", subject, "-new", "-newkey",
"rsa:2048", "-sha256", "-days", "365", "-nodes", "-x509",
"-keyout", key_path, "-out", cert_path
]
cin, cout, cerr = rc.run(" ".join(cmd))
rc.run("cat {cert} {key} > {pem}".format(cert=cert_path,
key=key_path,
pem=pem_path))
# verify certificate
cin, cout, cerr = rc.run("/usr/bin/openssl verify " + pem_path)
if props['cn'] in cout and props['org'] in cout:
wlogger.log(tid,
"Certificate generated successfully",
"success",
server_id=server.id)
else:
wlogger.log(tid, "Certificate generation failed. Add a SSL "
"certificate at /etc/stunnel/cert.pem",
"error",
server_id=server.id)
# Generate stunnel config
wlogger.log(tid,
"Setup stunnel listening and forwarding",
"debug",
server_id=server.id)
sconf = [
"cert = /etc/stunnel/cert.pem", "pid = /var/run/stunnel.pid",
"[redis-server]", "client = no",
"accept = {0}:7777".format(server.ip), "connect = 127.0.0.1:6379"
]
listen_port = 7000
for s in servers:
if s.id != server.id:
sconf.append("[client{0}]".format(s.id))
sconf.append("client = yes")
sconf.append("accept = 127.0.0.1:{0}".format(listen_port))
sconf.append("connect = {0}:7777".format(s.ip))
listen_port += 1
rc.put_file(os.path.join(chdir, "etc/stunnel/redis-gluu.conf"),
"\n".join(sconf))
return True
class BaseInstaller(object):
"""Base class for component installers.
Args:
server (class:`clustermgr.models.Server`): the server object denoting
the server where server should be installed
tid (string): the task id of the celery task to add logs
"""
def __init__(self, server, tid):
self.server = server
self.tid = tid
self.rc = RemoteClient(server.hostname, ip=server.ip)
self.chdir = None
if self.server.gluu_server:
version = AppConfiguration.query.first().gluu_version
self.chdir = "/opt/gluu-server-{0}".format(version)
def install(self):
"""install() detects the os of the server and calls the appropriate
function to install redis on that server.
Returns:
boolean status of the installs
"""
try:
self.rc.startup()
except Exception as e:
wlogger.log(self.tid,
"Could not connect to {0}".format(e),
"error",
server_id=self.server.id)
return False
cin, cout, cerr = self.rc.run("ls /etc/*release")
files = cout.split()
cin, cout, cerr = self.rc.run("cat " + files[0])
if "Ubuntu" in cout:
return self.install_in_ubuntu()
if "CentOS" in cout:
return self.install_in_centos()
else:
wlogger.log(self.tid,
"Server OS is not supported. {0}".format(cout),
"error",
server_id=self.server.id)
return False
def install_in_ubuntu(self):
"""This method should be overridden by the sub classes. Run the
commands needed to install your component.
Returns:
boolean status of success of the install
"""
pass
def install_in_centos(self):
"""This method should be overridden by the sub classes. Run the
commands needed to install your component.
Returns:
boolean status of success of the install
"""
pass
def _chcmd(self, cmd):
if self.chdir:
return 'chroot {0} /bin/bash -c "{1}"'.format(self.chdir, cmd)
else:
return cmd
def run_command(self, cmd):
wlogger.log(self.tid,
self._chcmd(cmd),
"debug",
server_id=self.server.id)
return self.rc.run(self._chcmd(cmd))
class Installer:
def __init__(self, c, gluu_version, server_os=None, logger_tid=None, server_id=None):
self.c = c
self.logger_tid = logger_tid
self.gluu_version = gluu_version
self.server_os = server_os
self.server_id=server_id
if not "RemoteClient" in str(type(c)):
self.server_os = c.os
self.server_id = c.id
self.c = RemoteClient(c.hostname, c.ip)
wlogger.log(
self.logger_tid,
"Making SSH connection to {} ...".format(c.hostname),
'info',
server_id=self.server_id,
)
try:
self.c.startup()
wlogger.log(
self.logger_tid,
"SSH connection to {} was successful.".format(c.hostname),
'success',
server_id=self.server_id,
)
except:
self.c = None
wlogger.log(
self.logger_tid,
"Can't make SSH connection to {}".format(c.hostname),
'fail',
server_id=self.server_id,
)
if self.server_os:
self.appy_config()
def appy_config(self):
if self.c and (not hasattr(self.c, 'fake_remote')):
self.container = '/opt/gluu-server-{}'.format(self.gluu_version)
if ('Ubuntu' in self.server_os) or ('Debian' in self.server_os):
self.run_command = 'chroot {} /bin/bash -c "{}"'.format(self.container,'{}')
self.install_command = 'chroot {} /bin/bash -c "apt-get install -y {}"'.format(self.container,'{}')
elif self.server_os in ( 'CentOS 7', 'RHEL 7', 'Ubuntu 18'):
self.run_command = ('ssh -o IdentityFile=/etc/gluu/keys/gluu-console '
'-o Port=60022 -o LogLevel=QUIET -o '
'StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null '
'-o PubkeyAuthentication=yes root@localhost \'{}\''
)
self.install_command = self.run_command.format('yum install -y {}')
else:
self.run_command = '{}'
def log(self, result):
if self.logger_tid:
if result[1]:
wlogger.log(self.logger_tid, result[1], 'debug', server_id=self.server_id)
if result[2]:
wlogger.log(self.logger_tid, result[2], 'debug', server_id=self.server_id)
def log_command(self, cmd):
if self.logger_tid:
wlogger.log(self.logger_tid, "Running {}".format(cmd), 'debug', server_id=self.server_id)
def run(self, cmd, inside_container=True):
if inside_container:
run_cmd = self.run_command.format(cmd)
else:
run_cmd = cmd
print "Installer> executing: {}".format(run_cmd)
self.log_command(run_cmd)
result = self.c.run(run_cmd)
self.log(result)
return result
def install(self, package):
run_cmd = self.install_command.format(package)
print "Installer> executing: {}".format(run_cmd)
self.log_command(cmd)
result = self.c.run(run_cmd)
self.log(result)
return result
def restart_gluu(self):
if self.server_os == 'CentOS 7' or self.server_os == 'RHEL 7':
cmd = '/sbin/gluu-serverd-{0} restart'.format(
self.gluu_version)
else:
cmd = '/etc/init.d/gluu-server-{0} restart'.format(
self.gluu_version)
print "Installer> executing: {}".format(cmd)
self.log_command(cmd)
result = self.c.run(cmd)
self.log(result)
return result
def remove_monitoring(self, local_id):
"""Celery task that removes monitoring components to remote server.
:param self: the celery task
:return: wether monitoring were removed successfully
"""
tid = self.request.id
installed = 0
servers = Server.query.all()
app_config = AppConfiguration.query.first()
for server in servers:
# 1. Make SSH Connection to the remote server
wlogger.log(tid,
"Making SSH connection to the server {0}".format(
server.hostname),
"info",
server_id=server.id)
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
except Exception as e:
wlogger.log(tid,
"Cannot establish SSH connection {0}".format(e),
"warning",
server_id=server.id)
wlogger.log(tid,
"Ending server setup process.",
"error",
server_id=server.id)
return False
# 2. remove monitoring directory
result = c.run('rm -r /var/monitoring/')
ctext = "\n".join(result)
if ctext.strip():
wlogger.log(tid, ctext, "debug", server_id=server.id)
wlogger.log(tid, "Directory /var/monitoring/ directory "
"were removed",
"success",
server_id=server.id)
# 3. remove crontab entry to collect data in every 5 minutes
c.run('rm /etc/cron.d/monitoring')
wlogger.log(tid,
"Crontab entry was removed",
"info",
server_id=server.id)
if ('CentOS' in server.os) or ('RHEL' in server.os):
package_cmd = ['service crond restart']
else:
package_cmd = [
'service cron restart',
]
# 4. Executing commands
wlogger.log(tid, "Restarting crontab", "info", server_id=server.id)
for cmd in package_cmd:
result = c.run(cmd)
rtext = "\n".join(result)
if rtext.strip():
wlogger.log(tid, rtext, "debug", server_id=server.id)
server.monitoring = False
# 5. Remove local settings
#create fake remote class that provides the same interface with RemoteClient
fc = FakeRemote()
#Getermine local OS type
localos = get_os_type(fc)
if 'Ubuntu' or 'Debian' in localos:
influx_cmd = [
'sudo apt-get -y remove influxdb',
]
elif localos == 'CentOS 7':
influx_cmd = [
'sudo yum remove -y influxdb',
]
#run commands to install influxdb on local machine
for cmd in influx_cmd:
result = fc.run(cmd)
rtext = "\n".join(result)
if rtext.strip():
wlogger.log(tid, rtext, "debug", server_id=local_id)
#Flag database that configuration is done for local machine
app_config = AppConfiguration.query.first()
app_config.monitoring = False
db.session.commit()
return True
def install_monitoring(self):
"""Celery task that installs monitoring components to remote server.
:param self: the celery task
:return: wether monitoring were installed successfully
"""
tid = self.request.id
installed = 0
servers = Server.query.all()
app_config = AppConfiguration.query.first()
for server in servers:
# 1. Make SSH Connection to the remote server
wlogger.log(tid,
"Making SSH connection to the server {0}".format(
server.hostname),
"info",
server_id=server.id)
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
except Exception as e:
wlogger.log(tid,
"Cannot establish SSH connection {0}".format(e),
"warning",
server_id=server.id)
wlogger.log(tid,
"Ending server setup process.",
"error",
server_id=server.id)
return False
# 2. create monitoring directory
result = c.run('mkdir -p /var/monitoring/scripts')
ctext = "\n".join(result)
if ctext.strip():
wlogger.log(tid, ctext, "debug", server_id=server.id)
wlogger.log(tid, "Directory /var/monitoring/scripts directory "
"was created",
"success",
server_id=server.id)
# 3. Upload scripts
scripts = ('cron_data_sqtile.py', 'get_data.py',
'sqlite_monitoring_tables.py')
for scr in scripts:
local_file = os.path.join(app.root_path, 'monitoring_scripts', scr)
remote_file = '/var/monitoring/scripts/' + scr
result = c.upload(local_file, remote_file)
if result.startswith("Upload successful"):
wlogger.log(tid,
"File {} was uploaded".format(scr),
"success",
server_id=server.id)
else:
wlogger.log(tid,
"File {} could not "
"be uploaded: {}".format(scr, result),
"error",
server_id=server.id)
return False
# 4. Upload gluu version, no need to determine gluu version each time
result = c.put_file('/var/monitoring/scripts/gluu_version.txt',
app_config.gluu_version)
# 5. Upload crontab entry to collect data in every 5 minutes
crontab_entry = ('*/5 * * * * root python '
'/var/monitoring/scripts/cron_data_sqtile.py\n')
result = c.put_file('/etc/cron.d/monitoring', crontab_entry)
if not result[0]:
wlogger.log(tid,
"An errorr occurred while uploading crontab entry"
": {}".format(result[1]),
"error",
server_id=server.id)
else:
wlogger.log(tid,
"Crontab entry was uploaded",
"success",
server_id=server.id)
# 6. Installing packages.
# 6a. First determine commands for each OS type
if ('CentOS' in server.os) or ('RHEL' in server.os):
package_cmd = [
'yum install -y epel-release', 'yum repolist',
'yum install -y gcc', 'yum install -y python-devel',
'yum install -y python-pip', 'service crond restart'
]
else:
package_cmd = [
'DEBIAN_FRONTEND=noninteractive apt-get install -y gcc',
'DEBIAN_FRONTEND=noninteractive apt-get install -y python-dev',
'DEBIAN_FRONTEND=noninteractive apt-get install -y python-pip',
'service cron restart',
]
# 6b. These commands are common for all OS types
package_cmd += [
'pip install ldap3', 'pip install psutil', 'pip install pyDes',
'python /var/monitoring/scripts/'
'sqlite_monitoring_tables.py'
]
# 6c. Executing commands
wlogger.log(tid,
"Installing Packages and Running Commands",
"info",
server_id=server.id)
for cmd in package_cmd:
result = c.run(cmd)
wlogger.log(tid, "\n".join(result), "debug", server_id=server.id)
err = False
if result[2].strip():
print "Writing error", cmd
if not ("pip install --upgrade pip" in result[2]
or 'Redirecting to /bin/systemctl' in result[2]):
wlogger.log(tid,
"An error occurrued while executing "
"{}: {}".format(cmd, result[2]),
"error",
server_id=server.id)
err = True
if not err:
wlogger.log(tid,
"Command was run successfully: {}".format(cmd),
"success",
server_id=server.id)
server.monitoring = True
db.session.commit()
return True
def wizard_step1(self):
"""Celery task that collects information about server.
:param self: the celery task
:return: the number of servers where both stunnel and redis were installed
successfully
"""
tid = self.request.id
wlogger.log(tid, "Analayzing Current Server")
server = Server.query.filter_by(primary_server=True).first()
app_conf = AppConfiguration.query.first()
c = RemoteClient(server.hostname, ip=server.ip)
try:
c.startup()
wlogger.log(tid, "SSH connection established", 'success')
except:
wlogger.log(tid, "Can't establish SSH connection",'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
os_type = get_os_type(c)
server.os = os_type
wlogger.log(tid, "OS type was determined as {}".format(os_type), 'debug')
gluu_path_version = None
oxauth_version = None
#Determine if a version of gluu server was installed.
r = c.listdir("/opt")
if r[0]:
for s in r[1]:
m=re.search('gluu-server-(?P<gluu_version>(\d+).(\d+).(\d+)(.\d+)?)$',s)
if m:
gluu_path_version = m.group("gluu_version")
wlogger.log(tid, "Gluu path was determined as gluu-server-{}".format(
gluu_path_version), 'debug')
oxauth_path = '/opt/gluu-server-{0}/opt/gluu/jetty/oxauth/webapps/oxauth.war'.format(gluu_path_version)
try:
result = c.run('''python -c "import zipfile;zf=zipfile.ZipFile('{}','r');print zf.read('META-INF/MANIFEST.MF')"'''.format(oxauth_path))
menifest = result[1]
for l in menifest.split('\n'):
ls = l.strip()
if 'Implementation-Version:' in ls:
version = ls.split(':')[1].strip()
oxauth_version = '.'.join(version.split('.')[:3])
wlogger.log(tid, "oxauth version was determined as {}".format(
oxauth_version), 'debug')
app_conf.gluu_version = oxauth_version
break
except:
pass
if not oxauth_version:
wlogger.log(tid, "Error determining oxauth version.", 'debug')
wlogger.log(tid, "Setting gluu version to path version", 'debug')
app_conf.gluu_version = gluu_path_version
if not gluu_path_version:
wlogger.log(tid, "Gluu server was not installed on this server",'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
gluu_path = '/opt/gluu-server-{}'.format(gluu_path_version)
server.gluu_server = True
setup_properties_last = os.path.join(gluu_path,
'install/community-edition-setup/setup.properties.last')
setup_properties_local = os.path.join(Config.DATA_DIR, 'setup.properties')
result = c.download(setup_properties_last, setup_properties_local)
prop = get_setup_properties()
prop['hostname'] = app_conf.nginx_host
write_setup_properties_file(prop)
if not result.startswith('Download successful'):
wlogger.log(tid, result,'fail')
wlogger.log(tid, "Ending analyzation of server.", 'error')
return
wlogger.log(tid, "setup.properties file was downloaded", 'debug')
server.ldap_password = prop['ldapPass']
wlogger.log(tid, "LDAP Bind password was identifed", 'success')
db.session.commit()
def wizard_step2(self):
tid = self.request.id
setup_prop = get_setup_properties()
server = Server.query.filter_by(primary_server=True).first()
app_conf = AppConfiguration.query.first()
gluu_path_version = None
c = RemoteClient(server.hostname, ip=server.ip)
wlogger.log(tid, "Making SSH Connection")
try:
c.startup()
wlogger.log(tid, "SSH connection established", 'success')
except:
wlogger.log(tid, "Can't establish SSH connection",'fail')
wlogger.log(tid, "Ending changing name.", 'error')
return
r = c.listdir("/opt")
if r[0]:
for s in r[1]:
m=re.search('gluu-server-(?P<gluu_version>(\d+).(\d+).(\d+)(.\d+)?)$',s)
if m:
gluu_path_version = m.group("gluu_version")
if not gluu_path_version:
wlogger.log(tid, "Error determining version from path", 'error')
if gluu_path_version != app_conf.gluu_version:
wlogger.log(tid, "Changing path to match oxauth version")
if server.os in ('CentOS 7', 'RHEL 7'):
server_bin = '/sbin/gluu-serverd-{0}'.format(gluu_path_version)
cmd = server_bin + ' stop'
wlogger.log(tid, "Executing " + cmd, 'debug')
c.run(cmd)
time.sleep(10)
cmd_list = [
server_bin + ' disable',
'mv /sbin/gluu-serverd-{0} /sbin/gluu-serverd-{1}'.format(gluu_path_version, app_conf.gluu_version),
'sed -i "s/GLUU_VERSION={0}/GLUU_VERSION={1}/" /sbin/gluu-serverd-{1}'.format(gluu_path_version, app_conf.gluu_version),
'cd /var/lib/container/ && ln -s /opt/gluu-server-{1} gluu_server_{1} && rm gluu_server_{0}'.format(gluu_path_version, app_conf.gluu_version),
'mv /usr/lib/systemd/system/systemd-nspawn\@gluu_server_{0}.service /usr/lib/systemd/system/systemd-nspawn\@gluu_server_{1}.service'.format(gluu_path_version, app_conf.gluu_version),
'mv /opt/gluu-server-{0} /opt/gluu-server-{1}'.format(gluu_path_version, app_conf.gluu_version),
'/sbin/gluu-serverd-{0} enable'.format(app_conf.gluu_version),
'/sbin/gluu-serverd-{0} start'.format(app_conf.gluu_version),
]
for cmd in cmd_list:
wlogger.log(tid, "Executing " + cmd, 'debug')
c.run(cmd)
#wait server to start
time.sleep(30)
run_cmd , cmd_chroot = get_run_cmd(server)
makeOpenDjListenIpAddr(tid, c, cmd_chroot, run_cmd, server)
name_changer = ChangeGluuHostname(
old_host = server.hostname,
new_host = app_conf.nginx_host,
cert_city = setup_prop['city'],
cert_mail = setup_prop['admin_email'],
cert_state = setup_prop['state'],
cert_country = setup_prop['countryCode'],
server = server.hostname,
ip_address = server.ip,
ldap_password = setup_prop['ldapPass'],
os_type = server.os,
gluu_version = app_conf.gluu_version,
local=False,
)
name_changer.logger_tid = tid
r = name_changer.startup()
if not r:
wlogger.log(tid, "Name changer can't be started",'fail')
wlogger.log(tid, "Ending changing name.", 'error')
return
wlogger.log(tid, "Cahnging LDAP Applience configurations")
name_changer.change_appliance_config()
wlogger.log(tid, "LDAP Applience configurations were changed", 'success')
wlogger.log(tid, "Cahnging LDAP Clients entries")
name_changer.change_clients()
wlogger.log(tid, "LDAP Applience Clients entries were changed", 'success')
wlogger.log(tid, "Cahnging LDAP Uma entries")
name_changer.change_uma()
wlogger.log(tid, "LDAP Applience Uma entries were changed", 'success')
wlogger.log(tid, "Modifying SAML & Passport")
name_changer.modify_saml_passport()
wlogger.log(tid, "SAML & Passport were changed", 'success')
wlogger.log(tid, "Reconfiguring http")
name_changer.change_httpd_conf()
wlogger.log(tid, " LDAP Applience Uma entries were changed", 'success')
wlogger.log(tid, "Creating certificates")
name_changer.create_new_certs()
wlogger.log(tid, "Changing /etc/hostname")
name_changer.change_host_name()
wlogger.log(tid, "/etc/hostname was changed", 'success')
wlogger.log(tid, "Modifying /etc/hosts")
name_changer.modify_etc_hosts()
wlogger.log(tid, "/etc/hosts was modified", 'success')
name_changer.installer.restart_gluu()