def StartAdminLoop(config, op='start'): """Start AdminRunner Loop as well as Loop for initial_config_Server""" install_state = install_utilities.install_state(config.VERSION) logging.info("Starting the AdminRunner") ar_args = [] ar_args.append("--port=2100") ar_args.append("--enthome=%s" % config.ENTERPRISE_HOME) ar_args.append("--installstate=%s" % install_state) ar_args.append("--reset_status_cache_timeout=60") restart_loop_AdminRunner = 0 if op == 'babysit': pidfile = E.GetPidFileName('loop_AdminRunner') pid = E.ReadPidFile(pidfile) if os_utils.GetAttr('pid', pid=pid, fallback_to_ps=0) == None: restart_loop_AdminRunner = 1 if op == 'start' or restart_loop_AdminRunner: E.su_exe_or_fail( config.ENTERPRISE_USER, """ ps axwwwww | fgrep AdminRunner | fgrep -v fgrep | \ colrm 7 | xargs kill -9 2> /dev/null; \ . %(eb)s; \ cd %(eh)s/local/google3/enterprise/legacy/scripts/ && \ ENT_ID=%(v)s_crawl ./loop_AdminRunner.py \ %(eh)s %(args)s >> \ /%(ld)s/loop_AdminOut_`whoami` 2>&1 &""" % { 'eh': config.ENTERPRISE_HOME, 'eb': config.ENTERPRISE_BASHRC, 'v': config.VERSION, 'ld': config.LOGDIR, 'args': string.join(map(commands.mkarg, ar_args)) }) restart_loop_webserver_config = 0 if op == 'babysit': pidfile = E.GetPidFileName('loop_webserver_config') pid = E.ReadPidFile(pidfile) if os_utils.GetAttr('pid', pid=pid, fallback_to_ps=0) == None: restart_loop_webserver_config = 1 if (install_state != "INSTALL" and (op == 'start' or restart_loop_webserver_config)): logging.info("Starting webserver_config") E.su_exe_or_fail( config.ENTERPRISE_USER, """ ps axwwwww | fgrep webserver_config.py | fgrep -v fgrep \ | colrm 7 | xargs kill -9 2> /dev/null; \ . %s; \ cd %s/enterprise/legacy/scripts/ && \ ENT_ID=%s_crawl ./loop_webserver_config.py %s \ >> /%s/loop_WebserverConfig_`whoami` 2>&1 &""" % (config.ENTERPRISE_BASHRC, config.MAIN_GOOGLE3_DIR, config.VERSION, config.GetConfigFileName(), config.LOGDIR))
def main(argv): # for cluster, gfs_aliases is passed as argv[6] if len(argv) != 7 and len(argv) != 8: sys.exit(__doc__) # gse_kill_command is roughly based on the babysitter's kill code. # The whole kill mechanism should be re-examined at some point. gse_kill_command = ( 'kill $(lsof -t -i :8000); sleep 3; ' 'kill -9 $(lsof -t -i :8000); sleep 3; ' 'kill -9 `ps axwwwwo pgid,pid,args | egrep "port=8000 " | egrep "java" | ' 'fgrep -v "egrep" | cut -b1-6 | sort -n | uniq | sed "s/[0-9]/-&/"`; ') if len(argv) == 8: gfs_aliases = argv[7] else: gfs_aliases = '' # LANG=en_US.utf-8 is specified so Java will use utf-8 as the default # encoding. # The maximum memory allowed for AdminConsole (-Xmx256m) directly # limits the size of import/export files supported. However, if it # set to 512m, other issues begin to appear, including adminrunner # timing out while processing the request. # # For the 1GB Lite virtual GSA, we do not specify any -Xm? flags # first, find out what product we are config = {} execfile('/etc/sysconfig/enterprise_config', config) ent_product = config.get('ENT_CONFIG_TYPE', '') gse_memory_flags = ' -Xms128m -Xmx256m ' if ent_product == 'LITE': gse_memory_flags = '' gse_restart_command = ( 'su -c %s nobody' % commands.mkarg( 'LD_LIBRARY_PATH=%s LANG=en_US.utf-8 ' '/usr/lib/jvm/java-1.6.0-openjdk-1.6.0.0/jre/bin/java ' '%s -Dswigdeps=EnterpriseAdminConsole_swigdeps.so ' '-classpath %s com.google.enterprise.servlets.EnterpriseAdminConsole ' '--port=8000 ' '--useripheader=X-User-Ip --secureheader=X-GFE-SSL --no_gwslog ' '--maxthreads=3 ' '--stderr_level=INFO %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s %s&' ) % ( ('%(ENTERPRISE_HOME)s/local/google/bin/EnterpriseAdminConsole_libs' % os.environ), # not mkarg, just a string for LD_LIBRARY_PATH gse_memory_flags, # not mkarg, just a string for -Xm? flags commands.mkarg( '%(ENTERPRISE_HOME)s/local/google:' '%(ENTERPRISE_HOME)s/local/google/bin/EnterpriseAdminConsole.jar' % os.environ), commands.mkarg( '--propertyfile=%(ENTERPRISE_HOME)s/local/conf/config.txt' % os.environ), commands.mkarg( '--contextbase=%(ENTERPRISE_HOME)s/local/googledata/html' % os.environ), commands.mkarg( '--ipwhitelist=%(ENTERPRISE_HOME)s/local/conf/AdminConsole_ipwhitelist' % os.environ), '--nowhitelist_internal_networks --forbidden_code=404', # /varz security commands.mkarg('--maxpostsize=%s' % GSE_MAXPOSTSIZE), commands.mkarg( '--keystore=%(ENTERPRISE_HOME)s/local/conf/server.p12' % os.environ), commands.mkarg( '--trustedca_path=%(ENTERPRISE_HOME)s/local/conf/certs' % os.environ), commands.mkarg('--crl_path=%(ENTERPRISE_HOME)s/local/conf/certs' % os.environ), commands.mkarg( '--connector_config_dir=%(ENTERPRISE_HOME)s/local/conf/connector/' % os.environ), commands.mkarg('--sso_rules_log_file=%s' % argv[0]), commands.mkarg('--sso_log_file=%s' % argv[1]), commands.mkarg('--sso_serving_efe_log_file=%s' % argv[2]), commands.mkarg( '--sso_serving_headrequestor_log_file=%s' % argv[3]), commands.mkarg('--gfs_aliases=%s' % gfs_aliases), commands.mkarg('--bnsresolver_use_svelte=false'), commands.mkarg('--external_web_ip=%s' % argv[4]), commands.mkarg('--sitesearch_interface=%s' % argv[5]), commands.mkarg('--license_notices=%s' % argv[6]))) # Check stunnel config stunnel_config = (''' cert = %(ENTERPRISE_HOME)s/local/conf/certs/server.crt key = %(ENTERPRISE_HOME)s/local/conf/certs/server.key chroot = %(ENTERPRISE_HOME)s/tmp setuid = nobody setgid = nobody pid = /stunnel.pid socket = l:TCP_NODELAY=1 socket = r:TCP_NODELAY=1 debug = 7 output = %(ENTERPRISE_HOME)s/logs/stunnel.log ciphers = HIGH:MEDIUM:!MD5:!RC4:!RC2:!EXP:@STRENGTH [https] accept = 8443 connect = 8000 ''' % os.environ) stunnel_restart_command = ('kill $(lsof -t -i :8443); sleep 3; ' 'kill -9 $(lsof -t -i :8443); sleep 3; ' 'echo %s | stunnel -fd 0 ' % commands.mkarg(stunnel_config)) pidfile = E.GetPidFileName('loop_AdminConsole') E.WritePidFile(pidfile) while True: # Check if GSE is running. if not check_healthz.CheckHealthz(8000): os.system(gse_kill_command) os.system(gse_restart_command) else: # Check if stunnel is running. stunnel_pid = E.ReadPidFile("%(ENTERPRISE_HOME)s/tmp/stunnel.pid" % os.environ) (status, output) = E.getstatusoutput("lsof -i:8443 -t") if not output or int(output) != stunnel_pid: os.system(stunnel_restart_command) # Sleep for a while. time.sleep(60)