fabfile.py 41.5 KB
Newer Older
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1
2
3
4
5
6
7
# Too many lines in module pylint: disable-msg=C0302
# Too many arguments (7/5) pylint: disable-msg=R0913
"""
Fabric file for snf-deploy

"""

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
8
from __future__ import with_statement
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
9
10
from fabric.api import hide, env, settings, local, roles
from fabric.operations import run, put, get
11
import fabric
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
12
import re
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
13
14
import os
import shutil
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
15
16
import tempfile
import ast
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
17
from snfdeploy.lib import debug, Conf, Env, disable_color
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
18
19
20
from snfdeploy import massedit


Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
21
22
23
24
def setup_env(confdir="conf", packages="packages", templates="files",
              cluster_name="ganeti1", autoconf=False, disable_colors=False,
              key_inject=False):
    """Setup environment"""
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
25
26
    print("Loading configuration for synnefo...")
    print(" * Using config files under %s..." % confdir)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
27
28
    print(" * Using %s and %s for packages and templates accordingly..."
          % (packages, templates))
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
29
30

    autoconf = ast.literal_eval(autoconf)
31
    disable_colors = ast.literal_eval(disable_colors)
32
    env.key_inject = ast.literal_eval(key_inject)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
33
34
    conf = Conf.configure(confdir=confdir, cluster_name=cluster_name,
                          autoconf=autoconf)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
35
36
37
38
39
40
41
    env.env = Env(conf)

    env.local = autoconf
    env.password = env.env.password
    env.user = env.env.user
    env.shell = "/bin/bash -c"

42
43
44
    if disable_colors:
        disable_color()

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
45
46
47
48
    if env.env.cms.hostname in \
            [env.env.accounts.hostname, env.env.cyclades.hostname,
             env.env.pithos.hostname]:
        env.cms_pass = True
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
49
    else:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
50
        env.cms_pass = False
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
51

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
52
53
54
    if env.env.accounts.hostname in \
            [env.env.cyclades.hostname, env.env.pithos.hostname]:
        env.csrf_disable = True
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
55
    else:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
56
        env.csrf_disable = False
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
57
58
59
60
61
62
63
64
65
66

    env.roledefs = {
        "nodes": env.env.ips,
        "ips": env.env.ips,
        "accounts": [env.env.accounts.ip],
        "cyclades": [env.env.cyclades.ip],
        "pithos": [env.env.pithos.ip],
        "cms": [env.env.cms.ip],
        "mq": [env.env.mq.ip],
        "db": [env.env.db.ip],
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
67
68
        "mq": [env.env.mq.ip],
        "db": [env.env.db.ip],
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
        "ns": [env.env.ns.ip],
        "client": [env.env.client.ip],
        "router": [env.env.router.ip],
    }

    env.enable_lvm = False
    env.enable_drbd = False
    if ast.literal_eval(env.env.create_extra_disk) and env.env.extra_disk:
        env.enable_lvm = True
        env.enable_drbd = True

    env.roledefs.update({
        "ganeti": env.env.cluster_ips,
        "master": [env.env.master.ip],
    })


def install_package(package):
    debug(env.host, " * Installing package %s..." % package)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
88
89
    apt_get = "export DEBIAN_FRONTEND=noninteractive ;" + \
              "apt-get install -y --force-yes "
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
90

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
91
    host_info = env.env.ips_info[env.host]
92
    env.env.update_packages(host_info.os)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
93
94
    if ast.literal_eval(env.env.use_local_packages):
        with settings(warn_only=True):
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
95
96
            deb = local("ls %s/%s*%s_all.deb"
                        % (env.env.packages, package, host_info.os),
97
                        capture=True)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
98
            if deb:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
99
100
101
                debug(env.host,
                      " * Package %s found in %s..."
                      % (package, env.env.packages))
102
                try_put(deb, "/tmp/")
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
103
104
                try_run("dpkg -i /tmp/%s || "
                        % os.path.basename(deb) + apt_get + "-f")
105
                try_run("rm /tmp/%s" % os.path.basename(deb))
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
106
107
108
                return

    info = getattr(env.env, package)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
109
110
111
112
    if info in \
            ["squeeze-backports", "squeeze", "stable",
             "testing", "unstable", "wheezy"]:
        apt_get += " -t %s %s " % (info, package)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
113
    elif info:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
114
        apt_get += " %s=%s " % (package, info)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
115
    else:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
116
        apt_get += package
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
117

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
118
    try_run(apt_get)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
119
120
121
122
123
124

    return


@roles("ns")
def update_ns_for_ganeti():
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
125
126
127
    debug(env.host,
          "Updating name server entries for backend %s..."
          % env.env.cluster.fqdn)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
    update_arecord(env.env.cluster)
    update_ptrrecord(env.env.cluster)
    try_run("/etc/init.d/bind9 restart")


@roles("ns")
def update_ns_for_node(node):
    info = env.env.nodes_info.get(node)
    update_arecord(info)
    update_ptrrecord(info)
    try_run("/etc/init.d/bind9 restart")


@roles("ns")
def update_arecord(host):
    filename = "/etc/bind/zones/" + env.env.domain
    cmd = """
    echo '{0}' >> {1}
    """.format(host.arecord, filename)
    try_run(cmd)


@roles("ns")
def update_cnamerecord(host):
    filename = "/etc/bind/zones/" + env.env.domain
    cmd = """
    echo '{0}' >> {1}
    """.format(host.cnamerecord, filename)
    try_run(cmd)


@roles("ns")
def update_ptrrecord(host):
    filename = "/etc/bind/rev/synnefo.in-addr.arpa.zone"
    cmd = """
    echo '{0}' >> {1}
    """.format(host.ptrrecord, filename)
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
167

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
168
169
170
171
172
@roles("nodes")
def apt_get_update():
    debug(env.host, "apt-get update....")
    try_run("apt-get update")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
173

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
174
175
176
177
178
179
180
181
182
183
@roles("ns")
def setup_ns():
    debug(env.host, "Setting up name server..")
    #WARNING: this should be remove after we are done
    # because gevent does pick randomly nameservers and google does
    # not know our setup!!!!!
    apt_get_update()
    install_package("bind9")
    tmpl = "/etc/bind/named.conf.local"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
184
185
        "domain": env.env.domain,
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
186
    custom = customize_settings_from_tmpl(tmpl, replace)
187
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
188
189
190
191

    try_run("mkdir -p /etc/bind/zones")
    tmpl = "/etc/bind/zones/example.com"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
192
193
194
        "domain": env.env.domain,
        "ns_node_ip": env.env.ns.ip,
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
195
196
    custom = customize_settings_from_tmpl(tmpl, replace)
    remote = "/etc/bind/zones/" + env.env.domain
197
    try_put(custom, remote)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
198
199
200
201

    try_run("mkdir -p /etc/bind/rev")
    tmpl = "/etc/bind/rev/synnefo.in-addr.arpa.zone"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
202
203
        "domain": env.env.domain,
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
204
    custom = customize_settings_from_tmpl(tmpl, replace)
205
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
206
207
208

    tmpl = "/etc/bind/named.conf.options"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
209
210
        "NODE_IPS": ";".join(env.env.ips),
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
211
    custom = customize_settings_from_tmpl(tmpl, replace)
212
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228

    for role, info in env.env.roles.iteritems():
        if role == "ns":
            continue
        update_cnamerecord(info)
    for node, info in env.env.nodes_info.iteritems():
        update_arecord(info)
        update_ptrrecord(info)

    try_run("/etc/init.d/bind9 restart")


@roles("nodes")
def check_dhcp():
    debug(env.host, "Checking IPs for synnefo..")
    for n, info in env.env.nodes_info.iteritems():
229
        try_run("ping -c 1 " + info.ip)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
230

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
231

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
232
233
234
235
@roles("nodes")
def check_dns():
    debug(env.host, "Checking fqdns for synnefo..")
    for n, info in env.env.nodes_info.iteritems():
236
        try_run("ping -c 1 " + info.fqdn)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
237
238

    for n, info in env.env.roles.iteritems():
239
        try_run("ping -c 1 " + info.fqdn)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
240

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
241

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
242
243
244
@roles("nodes")
def check_connectivity():
    debug(env.host, "Checking internet connectivity..")
245
    try_run("ping -c 1 www.google.com")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
246
247
248
249
250
251


@roles("nodes")
def check_ssh():
    debug(env.host, "Checking password-less ssh..")
    for n, info in env.env.nodes_info.iteritems():
252
        try_run("ssh " + info.fqdn + "  date")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
253
254
255
256


@roles("ips")
def add_keys():
257
    if not env.key_inject:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
258
259
        debug(env.host, "Skipping ssh keys injection..")
        return
260
    else:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
261
        debug(env.host, "Adding rsa/dsa keys..")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
262
263
264
265
266
267
268
269
270
271
    try_run("mkdir -p /root/.ssh")
    cmd = """
for f in $(ls /root/.ssh/*); do
  cp $f $f.bak
done
    """
    try_run(cmd)
    files = ["authorized_keys", "id_dsa", "id_dsa.pub",
             "id_rsa", "id_rsa.pub"]
    for f in files:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
272
273
274
        tmpl = "/root/.ssh/" + f
        replace = {}
        custom = customize_settings_from_tmpl(tmpl, replace)
275
        try_put(custom, tmpl, mode=0600)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
276
277
278
279
280
281
282
283
284

    cmd = """
if [ -e /root/.ssh/authorized_keys.bak ]; then
  cat /root/.ssh/authorized_keys.bak >> /root/.ssh/authorized_keys
fi
    """
    debug(env.host, "Updating exising authorized keys..")
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
285

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
286
287
288
@roles("ips")
def setup_resolv_conf():
    debug(env.host, "Tweak /etc/resolv.conf...")
289
    try_run("/etc/init.d/network-manager stop", abort=False)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
290
291
292
    tmpl = "/etc/dhcp/dhclient-enter-hooks.d/nodnsupdate"
    replace = {}
    custom = customize_settings_from_tmpl(tmpl, replace)
293
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
294
295
296
    try_run("cp /etc/resolv.conf /etc/resolv.conf.bak")
    tmpl = "/etc/resolv.conf"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
297
298
299
        "domain": env.env.domain,
        "ns_node_ip": env.env.ns.ip,
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
300
    custom = customize_settings_from_tmpl(tmpl, replace)
301
    try:
302
        try_put(custom, tmpl)
303
304
305
306
307
308
309
310
311
312
313
314
        cmd = """
        echo "\
# This has been generated automatically by snf-deploy, at
# $(date).
# The immutable bit (+i attribute) has been used to avoid it being
# overwritten by software such as NetworkManager or resolvconf.
# Use lsattr/chattr to view or modify its file attributes.


$(cat {0})" > {0}
""".format(tmpl)
        try_run(cmd)
315
    except:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
316
        pass
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
317
318
319
320
321
322
323
    try_run("chattr +i /etc/resolv.conf")


@roles("ips")
def setup_hosts():
    debug(env.host, "Tweaking /etc/hosts and ssh_config files...")
    try_run("echo StrictHostKeyChecking no >> /etc/ssh/ssh_config")
324
    cmd = "sed -i 's/^127.*$/127.0.0.1 localhost/g' /etc/hosts "
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
325
    try_run(cmd)
326
327
328
329
330
    host_info = env.env.ips_info[env.host]
    cmd = "hostname %s" % host_info.hostname
    try_run(cmd)
    cmd = "echo %s > /etc/hostname" % host_info.hostname
    try_run(cmd)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
331
332


333
def try_run(cmd, abort=True):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
334
    try:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
335
336
337
338
        if env.local:
            return local(cmd, capture=True)
        else:
            return run(cmd)
339
340
341
342
343
344
345
346
347
348
349
    except BaseException as e:
        if abort:
            fabric.utils.abort(e)
        else:
            debug(env.host, "WARNING: command failed. Continuing anyway...")


def try_put(local_path=None, remote_path=None, abort=True, **kwargs):
    try:
        put(local_path=local_path, remote_path=remote_path, **kwargs)
    except BaseException as e:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
350
        if abort:
351
352
353
354
355
356
357
358
359
360
361
362
363
            fabric.utils.abort(e)
        else:
            debug(env.host, "WARNING: command failed. Continuing anyway...")


def try_get(remote_path, local_path=None, abort=True, **kwargs):
    try:
        get(remote_path, local_path=local_path, **kwargs)
    except BaseException as e:
        if abort:
            fabric.utils.abort(e)
        else:
            debug(env.host, "WARNING: command failed. Continuing anyway...")
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
364

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
365
366
367
368
369
370
371
372
373
374
375
376

def create_bridges():
    debug(env.host, " * Creating bridges...")
    install_package("bridge-utils")
    cmd = """
    brctl addbr {0} ; ip link set {0} up
    """.format(env.env.common_bridge)
    try_run(cmd)


def connect_bridges():
    debug(env.host, " * Connecting bridges...")
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
377
378
379
    #cmd = """
    #brctl addif {0} {1}
    #""".format(env.env.common_bridge, env.env.public_iface)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
    #try_run(cmd)


@roles("ganeti")
def setup_net_infra():
    debug(env.host, "Setup networking infrastracture..")
    create_bridges()
    connect_bridges()


@roles("ganeti")
def setup_lvm():
    debug(env.host, "create volume group %s for ganeti.." % env.env.vg)
    if env.enable_lvm:
        install_package("lvm2")
        cmd = """
        pvcreate {0}
        vgcreate {1} {0}
        """.format(env.env.extra_disk, env.env.vg)
        try_run(cmd)


def customize_settings_from_tmpl(tmpl, replace):
    debug(env.host, " * Customizing template %s..." % tmpl)
    local = env.env.templates + tmpl
    _, custom = tempfile.mkstemp()
    shutil.copyfile(local, custom)
    for k, v in replace.iteritems():
        regex = "re.sub('%{0}%', '{1}', line)".format(k.upper(), v)
        massedit.edit_files([custom], [regex], dry_run=False)

    return custom


@roles("nodes")
def setup_apt():
    debug(env.host, "Setting up apt sources...")
    install_package("curl")
    cmd = """
    echo 'APT::Install-Suggests "false";' >> /etc/apt/apt.conf
    curl -k https://dev.grnet.gr/files/apt-grnetdev.pub | apt-key add -
    """
    try_run(cmd)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
423
424
    host_info = env.env.ips_info[env.host]
    if host_info.os == "squeeze":
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
425
        tmpl = "/etc/apt/sources.list.d/synnefo.squeeze.list"
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
426
    else:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
427
        tmpl = "/etc/apt/sources.list.d/synnefo.wheezy.list"
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
428
429
    replace = {}
    custom = customize_settings_from_tmpl(tmpl, replace)
430
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
    apt_get_update()


@roles("cyclades", "cms", "pithos", "accounts")
def restart_services():
    debug(env.host, " * Restarting apache2 and gunicorn...")
    try_run("/etc/init.d/gunicorn restart")
    try_run("/etc/init.d/apache2 restart")


def setup_gunicorn():
    debug(env.host, " * Setting up gunicorn...")
    install_package("gunicorn")
    tmpl = "/etc/gunicorn.d/synnefo"
    replace = {}
    custom = customize_settings_from_tmpl(tmpl, replace)
447
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
448
449
450
451
452
453
454
455
456
457
458
459
    try_run("/etc/init.d/gunicorn restart")


def setup_apache():
    debug(env.host, " * Setting up apache2...")
    host_info = env.env.ips_info[env.host]
    install_package("apache2")
    tmpl = "/etc/apache2/sites-available/synnefo"
    replace = {
        "HOST": host_info.fqdn,
    }
    custom = customize_settings_from_tmpl(tmpl, replace)
460
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
461
462
    tmpl = "/etc/apache2/sites-available/synnefo-ssl"
    custom = customize_settings_from_tmpl(tmpl, replace)
463
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
    cmd = """
    a2enmod ssl
    a2enmod rewrite
    a2dissite default
    a2ensite synnefo
    a2ensite synnefo-ssl
    a2enmod headers
    a2enmod proxy_http
    a2dismod autoindex
    """
    try_run(cmd)
    try_run("/etc/init.d/apache2 restart")


@roles("mq")
def setup_mq():
    debug(env.host, "Setting up RabbitMQ...")
    install_package("rabbitmq-server")
    cmd = """
    rabbitmqctl add_user {0} {1}
    rabbitmqctl set_permissions {0} ".*" ".*" ".*"
    rabbitmqctl delete_user guest
    rabbitmqctl set_user_tags {0} administrator
    """.format(env.env.synnefo_user, env.env.synnefo_rabbitmq_passwd)
    try_run(cmd)
    try_run("/etc/init.d/rabbitmq-server restart")


@roles("db")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
493
def allow_access_in_db(ip, user="all", method="md5"):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
494
    cmd = """
495
496
    pg_hba=$(ls /etc/postgresql/*/main/pg_hba.conf)
    echo host all {0} {1}/32 {2} >> $pg_hba
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
497
    """.format(user, ip, method)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
498
    try_run(cmd)
499
    cmd = """
500
501
    pg_hba=$(ls /etc/postgresql/*/main/pg_hba.conf)
    sed -i 's/\(host.*127.0.0.1.*\)md5/\\1trust/' $pg_hba
502
503
    """
    try_run(cmd)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
504
505
    try_run("/etc/init.d/postgresql restart")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
506

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
507
508
509
510
511
512
513
514
515
516
517
@roles("db")
def setup_db():
    debug(env.host, "Setting up DataBase server...")
    install_package("postgresql")

    tmpl = "/tmp/db-init.psql"
    replace = {
        "synnefo_user": env.env.synnefo_user,
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
        }
    custom = customize_settings_from_tmpl(tmpl, replace)
518
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
519
520
521
    cmd = 'su - postgres -c "psql -w -f %s" ' % tmpl
    try_run(cmd)
    cmd = """
522
523
    conf=$(ls /etc/postgresql/*/main/postgresql.conf)
    echo "listen_addresses = '*'" >> $conf
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
524
525
526
    """
    try_run(cmd)

527
528
    if env.env.testing_vm:
        cmd = """
529
530
        conf=$(ls /etc/postgresql/*/main/postgresql.conf)
        echo "fsync=off\nsynchronous_commit=off\nfull_page_writes=off" >> $conf
531
532
533
        """
        try_run(cmd)

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
534
    allow_access_in_db(env.host, "all", "trust")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
    try_run("/etc/init.d/postgresql restart")


@roles("db")
def destroy_db():
    try_run("""su - postgres -c ' psql -w -c "drop database snf_apps" '""")
    try_run("""su - postgres -c ' psql -w -c "drop database snf_pithos" '""")


def setup_webproject():
    debug(env.host, " * Setting up snf-webproject...")
    with settings(hide("everything")):
        try_run("ping -c1 " + env.env.db.ip)
    setup_common()
    install_package("snf-webproject")
    install_package("python-psycopg2")
    install_package("python-gevent")
    tmpl = "/etc/synnefo/webproject.conf"
    replace = {
        "synnefo_user": env.env.synnefo_user,
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
        "db_node": env.env.db.ip,
        "domain": env.env.domain,
    }
    custom = customize_settings_from_tmpl(tmpl, replace)
560
    try_put(custom, tmpl, mode=0644)
561
    with settings(host_string=env.env.db.ip):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
562
        host_info = env.env.ips_info[env.host]
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
563
        allow_access_in_db(host_info.ip, "all", "trust")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
    try_run("/etc/init.d/gunicorn restart")


def setup_common():
    debug(env.host, " * Setting up snf-common...")
    host_info = env.env.ips_info[env.host]
    install_package("python-objpool")
    install_package("snf-common")
    install_package("python-astakosclient")
    install_package("snf-django-lib")
    install_package("snf-branding")
    tmpl = "/etc/synnefo/common.conf"
    replace = {
        #FIXME:
        "EMAIL_SUBJECT_PREFIX": env.host,
        "domain": env.env.domain,
        "HOST": host_info.fqdn,
581
        "MAIL_DIR": env.env.mail_dir,
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
582
583
    }
    custom = customize_settings_from_tmpl(tmpl, replace)
584
    try_put(custom, tmpl, mode=0644)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
585
586
    try_run("mkdir -p {0}; chown root:www-data {0}; chmod 775 {0}".format(
            env.env.mail_dir))
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
587
588
    try_run("/etc/init.d/gunicorn restart")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
589

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
590
591
592
593
594
595
596
597
598
599
@roles("accounts")
def astakos_loaddata():
    debug(env.host, " * Loading initial data to astakos...")
    cmd = """
    snf-manage loaddata groups
    """
    try_run(cmd)


@roles("accounts")
600
def astakos_register_components():
601
602
603
604
605
606
    debug(env.host, " * Register services in astakos...")

    cyclades_base_url = "https://%s/cyclades/" % env.env.cyclades.fqdn
    pithos_base_url = "https://%s/pithos/" % env.env.pithos.fqdn
    astakos_base_url = "https://%s/astakos/" % env.env.accounts.fqdn

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
607
608
    cmd = """
    snf-manage component-add "home" https://{0} home-icon.png
609
610
611
612
    snf-manage component-add "cyclades" {1}ui/
    snf-manage component-add "pithos" {2}ui/
    snf-manage component-add "astakos" {3}ui/
    """.format(env.env.cms.fqdn, cyclades_base_url,
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
613
               pithos_base_url, astakos_base_url)
614
    try_run(cmd)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
615
616
617
618
619


@roles("accounts")
def add_user():
    debug(env.host, " * adding user %s to astakos..." % env.env.user_email)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
620
621
622
623
    email = env.env.user_email
    name = env.env.user_name
    lastname = env.env.user_lastname
    passwd = env.env.user_passwd
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
624
625
626
627
    cmd = """
    snf-manage user-add {0} {1} {2}
    """.format(email, name, lastname)
    try_run(cmd)
628
    with settings(host_string=env.env.db.ip):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
629
630
631
632
633
634
635
636
637
638
        uid, user_auth_token, user_uuid = get_auth_token_from_db(email)
    cmd = """
    snf-manage user-modify --password {0} {1}
    """.format(passwd, uid)
    try_run(cmd)


@roles("accounts")
def activate_user(user_email=None):
    if not user_email:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
639
        user_email = env.env.user_email
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
640
    debug(env.host, " * Activate user %s..." % user_email)
641
    with settings(host_string=env.env.db.ip):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
642
643
644
645
646
647
648
649
        uid, user_auth_token, user_uuid = get_auth_token_from_db(user_email)

    cmd = """
    snf-manage user-modify --verify {0}
    snf-manage user-modify --accept {0}
    """.format(uid)
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
650

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
651
652
653
654
655
656
657
658
659
660
661
662
@roles("accounts")
def setup_astakos():
    debug(env.host, "Setting up snf-astakos-app...")
    setup_gunicorn()
    setup_apache()
    setup_webproject()
    install_package("python-django-south")
    install_package("snf-astakos-app")
    install_package("kamaki")

    tmpl = "/etc/synnefo/astakos.conf"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
663
664
665
666
        "ACCOUNTS": env.env.accounts.fqdn,
        "domain": env.env.domain,
        "CYCLADES": env.env.cyclades.fqdn,
        "PITHOS": env.env.pithos.fqdn,
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
667
668
    }
    custom = customize_settings_from_tmpl(tmpl, replace)
669
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
670
    if env.csrf_disable:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
671
        cmd = """
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
672
673
674
675
676
677
678
cat <<EOF >> /etc/synnefo/astakos.conf
try:
  MIDDLEWARE_CLASSES.remove('django.middleware.csrf.CsrfViewMiddleware')
except:
  pass
EOF
"""
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
679
        try_run(cmd)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
680
681
682
683
684
685
686
687
688
689

    try_run("/etc/init.d/gunicorn restart")

    cmd = """
    snf-manage syncdb --noinput
    snf-manage migrate im --delete-ghost-migrations
    snf-manage migrate quotaholder_app
    """
    try_run(cmd)

690

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
691
692
@roles("accounts")
def get_service_details(service="pithos"):
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
693
694
    debug(env.host,
          " * Getting registered details for %s service..." % service)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
695
696
697
698
699
700
701
702
703
704
    result = try_run("snf-manage component-list")
    r = re.compile(r".*%s.*" % service, re.M)
    service_id, _, _, service_token = r.search(result).group().split()
    # print("%s: %s %s" % (service, service_id, service_token))
    return (service_id, service_token)


@roles("db")
def get_auth_token_from_db(user_email=None):
    if not user_email:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
705
706
707
708
        user_email = env.env.user_email
    debug(env.host,
          " * Getting authentication token and uuid for user %s..."
          % user_email)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
709
    cmd = """
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
710
711
712
713
714
echo "select id, auth_token, uuid, email from auth_user, im_astakosuser \
where auth_user.id = im_astakosuser.user_ptr_id and auth_user.email = '{0}';" \
> /tmp/psqlcmd
su - postgres -c  "psql -w -d snf_apps -f /tmp/psqlcmd"
""".format(user_email)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
715
716
717
718
719
720
721
722
723
724
725
726
727
728

    result = try_run(cmd)
    r = re.compile(r"(\d+)[ |]*(\S+)[ |]*(\S+)[ |]*" + user_email, re.M)
    match = r.search(result)
    uid, user_auth_token, user_uuid = match.groups()
    # print("%s: %s %s %s" % ( user_email, uid, user_auth_token, user_uuid))

    return (uid, user_auth_token, user_uuid)


@roles("cms")
def cms_loaddata():
    debug(env.host, " * Loading cms initial data...")
    if env.cms_pass:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
729
730
        debug(env.host, "Aborting. Prerequisites not met.")
        return
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
731
732
733
    tmpl = "/tmp/sites.json"
    replace = {}
    custom = customize_settings_from_tmpl(tmpl, replace)
734
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
735
736
737
738

    tmpl = "/tmp/page.json"
    replace = {}
    custom = customize_settings_from_tmpl(tmpl, replace)
739
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
740
741
742
743
744
745
746
747
748
749
750
751
752

    cmd = """
    snf-manage loaddata /tmp/sites.json
    snf-manage loaddata /tmp/page.json
    snf-manage createsuperuser --username=admin --email=admin@{0} --noinput
    """.format(env.env.domain)
    try_run(cmd)


@roles("cms")
def setup_cms():
    debug(env.host, "Setting up cms...")
    if env.cms_pass:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
753
754
        debug(env.host, "Aborting. Prerequisites not met.")
        return
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
755
756
757
758
759
760
761
762
763
764
765
766
    with settings(hide("everything")):
        try_run("ping -c1 accounts." + env.env.domain)
    setup_gunicorn()
    setup_apache()
    setup_webproject()
    install_package("snf-cloudcms")

    tmpl = "/etc/synnefo/cms.conf"
    replace = {
        "ACCOUNTS": env.env.accounts.fqdn,
        }
    custom = customize_settings_from_tmpl(tmpl, replace)
767
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
    try_run("/etc/init.d/gunicorn restart")

    cmd = """
    snf-manage syncdb
    snf-manage migrate --delete-ghost-migrations
    """.format(env.env.domain)
    try_run(cmd)


def setup_nfs_dirs():
    debug(env.host, " * Creating NFS mount point for pithos and ganeti...")
    cmd = """
    mkdir -p {0}
    cd {0}
    mkdir -p data
    chown www-data:www-data data
    chmod g+ws data
    mkdir -p /srv/okeanos
    """.format(env.env.pithos_dir)
    try_run(cmd)


@roles("nodes")
def setup_nfs_clients():
792
    if env.host == env.env.pithos.ip:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
793
        return
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
794

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
795
    host_info = env.env.ips_info[env.host]
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
796
797
798
    debug(env.host, " * Mounting pithos NFS mount point...")
    with settings(hide("everything")):
        try_run("ping -c1 " + env.env.pithos.hostname)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
799
800
801
    with settings(host_string=env.env.pithos.ip):
        update_nfs_exports(host_info.ip)

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
802
    install_package("nfs-common")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
803
    for d in [env.env.pithos_dir, env.env.image_dir]:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
804
805
806
807
808
809
810
811
        try_run("mkdir -p " + d)
        cmd = """
echo "{0}:{1} {1}  nfs defaults,rw,noatime,rsize=131072,\
wsize=131072,timeo=14,intr,noacl" >> /etc/fstab
""".format(env.env.pithos.ip, d)
        try_run(cmd)
        try_run("mount " + d)

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
812
813

@roles("pithos")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
814
815
def update_nfs_exports(ip):
    tmpl = "/tmp/exports"
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
816
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
817
818
819
820
        "pithos_dir": env.env.pithos_dir,
        "image_dir": env.env.image_dir,
        "ip": ip,
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
821
    custom = customize_settings_from_tmpl(tmpl, replace)
822
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
823
    try_run("cat %s >> /etc/exports" % tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
824
825
    try_run("/etc/init.d/nfs-kernel-server restart")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
826

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
827
828
829
830
831
832
@roles("pithos")
def setup_nfs_server():
    debug(env.host, " * Setting up NFS server for pithos...")
    setup_nfs_dirs()
    install_package("nfs-kernel-server")

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
833
834
835
836
837
838
839
840
841
842
843

@roles("pithos")
def setup_pithos():
    debug(env.host, "Setting up snf-pithos-app...")
    with settings(hide("everything")):
        try_run("ping -c1 accounts." + env.env.domain)
        try_run("ping -c1 " + env.env.db.ip)
    setup_gunicorn()
    setup_apache()
    setup_webproject()

844
    with settings(host_string=env.env.accounts.ip):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
        service_id, service_token = get_service_details("pithos")

    install_package("kamaki")
    install_package("snf-pithos-backend")
    install_package("snf-pithos-app")
    tmpl = "/etc/synnefo/pithos.conf"
    replace = {
        "ACCOUNTS": env.env.accounts.fqdn,
        "PITHOS": env.env.pithos.fqdn,
        "db_node": env.env.db.ip,
        "synnefo_user": env.env.synnefo_user,
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
        "pithos_dir": env.env.pithos_dir,
        "PITHOS_SERVICE_TOKEN": service_token,
        "proxy": env.env.pithos.hostname == env.env.accounts.hostname
        }
    custom = customize_settings_from_tmpl(tmpl, replace)
862
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
863
864
865
866
867
868
869
870
871
    try_run("/etc/init.d/gunicorn restart")

    install_package("snf-pithos-webclient")
    tmpl = "/etc/synnefo/webclient.conf"
    replace = {
        "ACCOUNTS": env.env.accounts.fqdn,
        "PITHOS_UI_CLOUDBAR_ACTIVE_SERVICE": service_id,
        }
    custom = customize_settings_from_tmpl(tmpl, replace)
872
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915

    try_run("/etc/init.d/gunicorn restart")
    #TOFIX: the previous command lets pithos-backend create blocks and maps
    #       with root owner
    try_run("chown -R www-data:www-data %s/data " % env.env.pithos_dir)
    #try_run("pithos-migrate stamp 4c8ccdc58192")
    #try_run("pithos-migrate upgrade head")


@roles("ganeti")
def setup_ganeti():
    debug(env.host, "Setting up snf-ganeti...")
    node_info = env.env.ips_info[env.host]
    with settings(hide("everything")):
        #if env.enable_lvm:
        #    try_run("vgs " + env.env.vg)
        try_run("getent hosts " + env.env.cluster.fqdn)
        try_run("getent hosts %s | grep -v ^127" % env.host)
        try_run("hostname -f | grep " + node_info.fqdn)
        #try_run("ip link show " + env.env.common_bridge)
        #try_run("ip link show " + env.env.common_bridge)
        #try_run("apt-get update")
    install_package("qemu-kvm")
    install_package("python-bitarray")
    install_package("ganeti-htools")
    install_package("snf-ganeti")
    try_run("mkdir -p /srv/ganeti/file-storage/")
    cmd = """
cat <<EOF > /etc/ganeti/file-storage-paths
/srv/ganeti/file-storage
/srv/ganeti/shared-file-storage
EOF
"""
    try_run(cmd)


@roles("master")
def add_rapi_user():
    debug(env.host, " * Adding RAPI user to Ganeti backend...")
    cmd = """
    echo -n "{0}:Ganeti Remote API:{1}" | openssl md5
    """.format(env.env.synnefo_user, env.env.synnefo_rapi_passwd)
    result = try_run(cmd)
916
917
    if result.startswith("(stdin)= "):
        result = result.split("(stdin)= ")[1]
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
918
919
    cmd = """
    echo "{0} {1}{2} write" >> /var/lib/ganeti/rapi/users
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
920
    """.format(env.env.synnefo_user, '{ha1}', result)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
921
922
923
    try_run(cmd)
    try_run("/etc/init.d/ganeti restart")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
924

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
925
926
927
928
929
930
931
932
@roles("master")
def add_nodes():
    nodes = env.env.cluster_nodes.split(",")
    nodes.remove(env.env.master_node)
    debug(env.host, " * Adding nodes to Ganeti backend...")
    for n in nodes:
        add_node(n)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
933

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
934
935
936
937
@roles("master")
def add_node(node):
    node_info = env.env.nodes_info[node]
    debug(env.host, " * Adding node %s to Ganeti backend..." % node_info.fqdn)
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
938
939
    cmd = "gnt-node add --no-ssh-key-check --master-capable=yes " + \
          "--vm-capable=yes " + node_info.fqdn
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
940
941
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
942

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
943
944
945
946
947
@roles("ganeti")
def enable_drbd():
    if env.enable_drbd:
        debug(env.host, " * Enabling DRBD...")
        try_run("modprobe drbd minor_count=255 usermode_helper=/bin/true")
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
948
949
950
        try_run("echo drbd minor_count=255 usermode_helper=/bin/true " +
                ">> /etc/modules")

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
951
952
953
954

@roles("master")
def setup_drbd_dparams():
    if env.enable_drbd:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
955
956
        debug(env.host,
              " * Twicking drbd related disk parameters in Ganeti...")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
957
958
959
960
961
962
        cmd = """
        gnt-cluster modify --disk-parameters=drbd:metavg={0}
        gnt-group modify --disk-parameters=drbd:metavg={0} default
        """.format(env.env.vg)
        try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
963

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
964
965
966
967
968
969
970
971
972
973
974
975
@roles("master")
def enable_lvm():
    if env.enable_lvm:
        debug(env.host, " * Enabling LVM...")
        cmd = """
        gnt-cluster modify --vg-name={0}
        """.format(env.env.vg)
        try_run(cmd)
    else:
        debug(env.host, " * Disabling LVM...")
        try_run("gnt-cluster modify --no-lvm-storage")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
976

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
977
978
979
980
981
982
983
@roles("master")
def destroy_cluster():
    debug(env.host, " * Destroying Ganeti cluster...")
    #TODO: remove instances first
    allnodes = env.env.cluster_hostnames[:]
    allnodes.remove(env.host)
    for n in allnodes:
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
984
985
986
987
        host_info = env.env.ips_info[env.host]
        debug(env.host, " * Removing node %s..." % n)
        cmd = "gnt-node remove  " + host_info.fqdn
        try_run(cmd)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
988
989
990
991
992
993
994
995
996
997
998
999
1000
1001
1002
1003
    try_run("gnt-cluster destroy --yes-do-it")


@roles("master")
def init_cluster():
    debug(env.host, " * Initializing Ganeti backend...")
    # extra = ""
    # if env.enable_lvm:
    #     extra += " --vg-name={0} ".format(env.env.vg)
    # else:
    #     extra += " --no-lvm-storage "
    # if not env.enable_drbd:
    #     extra += " --no-drbd-storage "
    extra = " --no-lvm-storage --no-drbd-storage "
    cmd = """
    gnt-cluster init --enabled-hypervisors=kvm \
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1004
1005
1006
1007
1008
1009
1010
        {0} \
        --nic-parameters link={1},mode=bridged \
        --master-netdev {2} \
        --default-iallocator hail \
        --hypervisor-parameters kvm:kernel_path=,vnc_bind_address=0.0.0.0 \
        --no-ssh-init --no-etc-hosts \
        {3}
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1011
1012
1013
1014
1015
1016
1017
1018
1019
1020
1021
1022
1023
1024
1025
    """.format(extra, env.env.common_bridge,
               env.env.cluster_netdev, env.env.cluster.fqdn)
    try_run(cmd)


@roles("ganeti")
def debootstrap():
    install_package("ganeti-instance-debootstrap")


@roles("ganeti")
def setup_image_host():
    debug(env.host, "Setting up snf-image...")
    install_package("snf-pithos-backend")
    install_package("snf-image")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1026
    try_run("mkdir -p %s" % env.env.image_dir)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1027
1028
1029
1030
1031
1032
1033
1034
    tmpl = "/etc/default/snf-image"
    replace = {
        "synnefo_user": env.env.synnefo_user,
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
        "pithos_dir": env.env.pithos_dir,
        "db_node": env.env.db.ip,
    }
    custom = customize_settings_from_tmpl(tmpl, replace)
1035
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1036
1037
1038
1039
1040
1041
1042
1043
1044
1045
1046
1047
1048
1049
1050
1051
1052
1053
1054
1055
1056
1057
1058
1059
1060


@roles("ganeti")
def setup_image_helper():
    debug(env.host, " * Updating helper image...")
    cmd = """
    snf-image-update-helper -y
    """
    try_run(cmd)


@roles("ganeti")
def setup_gtools():
    debug(env.host, " * Setting up snf-cyclades-gtools...")
    with settings(hide("everything")):
        try_run("ping -c1 " + env.env.mq.ip)
    setup_common()
    install_package("snf-cyclades-gtools")
    tmpl = "/etc/synnefo/gtools.conf"
    replace = {
        "synnefo_user": env.env.synnefo_user,
        "synnefo_rabbitmq_passwd": env.env.synnefo_rabbitmq_passwd,
        "mq_node": env.env.mq.ip,
    }
    custom = customize_settings_from_tmpl(tmpl, replace)
1061
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1062
1063
1064
1065
1066
1067
1068
1069
1070
1071
1072
1073

    cmd = """
    sed -i 's/false/true/' /etc/default/snf-ganeti-eventd
    /etc/init.d/snf-ganeti-eventd start
    """
    try_run(cmd)


@roles("ganeti")
def setup_iptables():
    debug(env.host, " * Setting up iptables to mangle DHCP requests...")
    cmd = """
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1074
1075
1076
1077
1078
1079
1080
1081
1082
1083
1084
    iptables -t mangle -A PREROUTING -i br+ -p udp -m udp --dport 67 \
            -j NFQUEUE --queue-num 42
    iptables -t mangle -A PREROUTING -i tap+ -p udp -m udp --dport 67 \
            -j NFQUEUE --queue-num 42
    iptables -t mangle -A PREROUTING -i prv+ -p udp -m udp --dport 67 \
            -j NFQUEUE --queue-num 42

    ip6tables -t mangle -A PREROUTING -i br+ -p ipv6-icmp -m icmp6 \
            --icmpv6-type 133 -j NFQUEUE --queue-num 43
    ip6tables -t mangle -A PREROUTING -i br+ -p ipv6-icmp -m icmp6 \
            --icmpv6-type 135 -j NFQUEUE --queue-num 44
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1085
1086
1087
    """
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1088

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1089
1090
@roles("ganeti")
def setup_network():
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1091
1092
    debug(env.host,
          "Setting up networking for Ganeti instances (nfdhcpd, etc.)...")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1093
1094
1095
1096
    install_package("nfqueue-bindings-python")
    install_package("nfdhcpd")
    tmpl = "/etc/nfdhcpd/nfdhcpd.conf"
    replace = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1097
1098
        "ns_node_ip": env.env.ns.ip
    }
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1099
    custom = customize_settings_from_tmpl(tmpl, replace)
1100
    try_put(custom, tmpl)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1101
1102
1103
1104
    try_run("/etc/init.d/nfdhcpd restart")

    install_package("snf-network")
    cmd = """
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1105
sed -i 's/MAC_MASK.*/MAC_MASK = ff:ff:f0:00:00:00/' /etc/default/snf-network
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1106
1107
1108
1109
1110
1111
1112
1113
1114
1115
1116
1117
1118
1119
1120
1121
1122
    """
    try_run(cmd)


@roles("router")
def setup_router():
    debug(env.host, " * Setting up internal router for NAT...")
    cmd = """
    echo 1 > /proc/sys/net/ipv4/ip_forward
    iptables -t nat -A POSTROUTING -s {0} -o {3} -j MASQUERADE
    ip addr add {1} dev {2}
    ip route add {0} dev {2} src {1}
    """.format(env.env.synnefo_public_network_subnet,
               env.env.synnefo_public_network_gateway,
               env.env.common_bridge, env.env.public_iface)
    try_run(cmd)

1123

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1124
1125
1126
@roles("cyclades")
def cyclades_loaddata():
    debug(env.host, " * Loading initial data for cyclades...")
1127
1128
1129
1130
    try_run("snf-manage flavor-create %s %s %s %s" % (env.env.flavor_cpu,
                                                      env.env.flavor_ram,
                                                      env.env.flavor_disk,
                                                      env.env.flavor_storage))
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1131
1132
1133
1134
1135
1136
1137
1138
1139
1140
1141
1142
1143
1144
1145
1146
1147
1148
1149
1150
1151
    #run("snf-manage loaddata flavors")


@roles("cyclades")
def setup_cyclades():
    debug(env.host, "Setting up snf-cyclades-app...")
    with settings(hide("everything")):
        try_run("ping -c1 accounts." + env.env.domain)
        try_run("ping -c1 " + env.env.db.ip)
        try_run("ping -c1 " + env.env.mq.ip)
    setup_gunicorn()
    setup_apache()
    setup_webproject()
    install_package("memcached")
    install_package("python-memcache")
    install_package("snf-pithos-backend")
    install_package("kamaki")
    install_package("snf-cyclades-app")
    install_package("python-django-south")
    tmpl = "/etc/synnefo/cyclades.conf"

1152
    with settings(host_string=env.env.accounts.ip):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1153
1154
1155
1156
1157
1158
1159
1160
1161
1162
1163
1164
1165
1166
1167
1168
1169
1170
        service_id, service_token = get_service_details("cyclades")

    replace = {
        "ACCOUNTS": env.env.accounts.fqdn,
        "CYCLADES": env.env.cyclades.fqdn,
        "mq_node": env.env.mq.ip,
        "db_node": env.env.db.ip,
        "synnefo_user": env.env.synnefo_user,
        "synnefo_db_passwd": env.env.synnefo_db_passwd,
        "synnefo_rabbitmq_passwd": env.env.synnefo_rabbitmq_passwd,
        "pithos_dir": env.env.pithos_dir,
        "common_bridge": env.env.common_bridge,
        "HOST": env.env.cyclades.ip,
        "domain": env.env.domain,
        "CYCLADES_SERVICE_TOKEN": service_token,
        "proxy": env.env.cyclades.hostname == env.env.accounts.hostname
        }
    custom = customize_settings_from_tmpl(tmpl, replace)
1171
    try_put(custom, tmpl, mode=0644)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1172
1173
1174
1175
1176
1177
1178
1179
1180
1181
1182
1183
1184
1185
    try_run("/etc/init.d/gunicorn restart")

    cmd = """
    sed -i 's/false/true/' /etc/default/snf-dispatcher
    /etc/init.d/snf-dispatcher start
    """
    try_run(cmd)

    try_run("snf-manage syncdb")
    try_run("snf-manage migrate --delete-ghost-migrations")


@roles("cyclades")
def get_backend_id(cluster_name="ganeti1.synnefo.deploy.local"):
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1186
1187
    backend_id = try_run("snf-manage backend-list 2>/dev/null " +
                         "| grep %s | awk '{print $1}'" % cluster_name)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1188
1189
1190
1191
1192
    return backend_id


@roles("cyclades")
def add_backend():
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1193
1194
    debug(env.host,
          "adding %s ganeti backend to cyclades..." % env.env.cluster.fqdn)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1195
1196
1197
1198
1199
1200
1201
1202
1203
1204
    with settings(hide("everything")):
        try_run("ping -c1 " + env.env.cluster.fqdn)
    cmd = """
    snf-manage backend-add --clustername={0} --user={1} --pass={2}
    """.format(env.env.cluster.fqdn, env.env.synnefo_user,
               env.env.synnefo_rapi_passwd)
    try_run(cmd)
    backend_id = get_backend_id(env.env.cluster.fqdn)
    try_run("snf-manage backend-modify --drained=False " + backend_id)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1205

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1206
1207
1208
1209
1210
1211
1212
1213
@roles("cyclades")
def pin_user_to_backend(user_email):
    backend_id = get_backend_id(env.env.cluster.fqdn)
    # pin user to backend
    cmd = """
cat <<EOF >> /etc/synnefo/cyclades.conf

BACKEND_PER_USER = {
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1214
  '{0}': {1},
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1215
1216
1217
1218
}

EOF
/etc/init.d/gunicorn restart
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1219
""".format(user_email, backend_id)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1220
1221
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1222

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1223
1224
@roles("cyclades")
def add_pools():
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1225
1226
1227
1228
1229
    debug(env.host,
          " * Creating pools of resources (brigdes, mac prefixes) " +
          "in cyclades...")
    try_run("snf-manage pool-create --type=mac-prefix " +
            "--base=aa:00:0 --size=65536")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1230
1231
1232
    try_run("snf-manage pool-create --type=bridge --base=prv --size=20")


1233
1234
1235
1236
1237
1238
1239
1240
1241
1242
1243
1244
1245
1246
1247
@roles("accounts", "cyclades", "pithos")
def export_services():
    debug(env.host, " * Exporting services...")
    host = env.host
    services = []
    if host == env.env.cyclades.ip:
        services.append("cyclades")
    if host == env.env.pithos.ip:
        services.append("pithos")
    if host == env.env.accounts.ip:
        services.append("astakos")
    for service in services:
        filename = "%s_services.json" % service
        cmd = "snf-manage service-export-%s > %s" % (service, filename)
        run(cmd)
1248
        try_get(filename, filename+".local")
1249
1250
1251
1252
1253
1254
1255


@roles("accounts")
def import_services():
    debug(env.host, " * Registering services to astakos...")
    for service in ["cyclades", "pithos", "astakos"]:
        filename = "%s_services.json" % service
1256
        try_put(filename + ".local", filename)
1257
1258
1259
1260
1261
1262
1263
1264
1265
1266
1267
1268
1269
1270
1271
1272
1273
1274
        cmd = "snf-manage service-import --json=%s" % filename
        run(cmd)

    debug(env.host, " * Setting default quota...")
    cmd = """
    snf-manage resource-modify --limit 40G pithos.diskspace
    snf-manage resource-modify --limit 2 astakos.pending_app
    snf-manage resource-modify --limit 4 cyclades.vm
    snf-manage resource-modify --limit 40G cyclades.disk
    snf-manage resource-modify --limit 16G cyclades.ram
    snf-manage resource-modify --limit 8G cyclades.active_ram
    snf-manage resource-modify --limit 32 cyclades.cpu
    snf-manage resource-modify --limit 16 cyclades.active_cpu
    snf-manage resource-modify --limit 4 cyclades.network.private
    """
    try_run(cmd)


Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1275
1276
1277
1278
1279
@roles("cyclades")
def add_network():
    debug(env.host, " * Adding public network in cyclades...")
    backend_id = get_backend_id(env.env.cluster.fqdn)
    cmd = """
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1280
1281
1282
    snf-manage network-create --subnet={0} --gateway={1} \
            --public --dhcp --flavor={2} --mode=bridged --link={3} \
            --name=Internet --backend-id={4}
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1283
1284
1285
1286
1287
1288
1289
1290
1291
1292
1293
1294
1295
1296
1297
1298
1299
1300
    """.format(env.env.synnefo_public_network_subnet,
               env.env.synnefo_public_network_gateway,
               env.env.synnefo_public_network_type,
               env.env.common_bridge, backend_id)
    try_run(cmd)


@roles("cyclades")
def setup_vncauthproxy():
    debug(env.host, " * Setting up vncauthproxy...")
    install_package("snf-vncauthproxy")
    cmd = """
    echo CHUID="www-data:nogroup" >> /etc/default/vncauthproxy
    rm /var/log/vncauthproxy/vncauthproxy.log
    """
    try_run(cmd)
    try_run("/etc/init.d/vncauthproxy restart")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1301

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1302
1303
1304
1305
1306
1307
1308
1309
@roles("client")
def setup_kamaki():
    debug(env.host, "Setting up kamaki client...")
    with settings(hide("everything")):
        try_run("ping -c1 accounts." + env.env.domain)
        try_run("ping -c1 cyclades." + env.env.domain)
        try_run("ping -c1 pithos." + env.env.domain)

1310
    with settings(host_string=env.env.db.ip):
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1311
1312
        uid, user_auth_token, user_uuid = \
            get_auth_token_from_db(env.env.user_email)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1313
1314
1315
1316
1317
1318
1319
1320
1321
1322

    install_package("python-progress")
    install_package("kamaki")
    cmd = """
    kamaki config set cloud.default.url "https://{0}/astakos/identity/v2.0/"
    kamaki config set cloud.default.token {1}
    """.format(env.env.accounts.fqdn, user_auth_token)
    try_run(cmd)
    try_run("kamaki file create images")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1323

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1324
1325
1326
1327
1328
1329
1330
@roles("client")
def upload_image(image="debian_base.diskdump"):
    debug(env.host, " * Uploading initial image to pithos...")
    image = "debian_base.diskdump"
    try_run("wget {0} -O /tmp/{1}".format(env.env.debian_base_url, image))
    try_run("kamaki file upload --container images /tmp/{0} {0}".format(image))

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1331

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1332
1333
1334
@roles("client")
def register_image(image="debian_base.diskdump"):
    debug(env.host, " * Register image to plankton...")
1335
    # with settings(host_string=env.env.db.ip):
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1336
1337
    #     uid, user_auth_token, user_uuid = \
    #        get_auth_token_from_db(env.env.user_email)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1338

1339
    image_location = "images:{0}".format(image)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1340
1341
    cmd = """
    sleep 5
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1342
1343
1344
1345
1346
1347
    kamaki image register "Debian Base" {0} --public --disk-format=diskdump \
            --property OSFAMILY=linux --property ROOT_PARTITION=1 \
            --property description="Debian Squeeze Base System" \
            --property size=450M --property kernel=2.6.32 \
            --property GUI="No GUI" --property sortorder=1 \
            --property USERS=root --property OS=debian
1348
    """.format(image_location)
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1349
1350
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1351

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1352
1353
1354
1355
1356
1357
@roles("client")
def setup_burnin():
    debug(env.host, "Setting up burnin testing tool...")
    install_package("kamaki")
    install_package("snf-tools")

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1358

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1359
1360
@roles("pithos")
def add_image_locally():
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1361
1362
    debug(env.host,
          " * Getting image locally in order snf-image to use it directly..")
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1363
    image = "debian_base.diskdump"
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1364
1365
    try_run("wget {0} -O {1}/{2}".format(
            env.env.debian_base_url, env.env.image_dir, image))
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1366
1367
1368
1369
1370


@roles("master")
def gnt_instance_add(name="test"):
    debug(env.host, " * Adding test instance to Ganeti...")
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1371
1372
1373
    osp = """img_passwd=gamwtosecurity,\
img_format=diskdump,img_id=debian_base,\
img_properties='{"OSFAMILY":"linux"\,"ROOT_PARTITION":"1"}'"""
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1374
    cmd = """
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1375
1376
1377
1378
    gnt-instance add  -o snf-image+default --os-parameters {0} \
            -t plain --disk 0:size=1G --no-name-check --no-ip-check \
            --net 0:ip=pool,network=test --no-install \
            --hypervisor-parameters kvm:machine_version=pc-1.0 {1}
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1379
1380
1381
    """.format(osp, name)
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1382

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1383
@roles("master")
Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1384
1385
def gnt_network_add(name="test", subnet="10.0.0.0/26", gw="10.0.0.1",
                    mode="bridged", link="br0"):
Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1386
1387
1388
1389
1390
1391
1392
    debug(env.host, " * Adding test network to Ganeti...")
    cmd = """
    gnt-network add --network={1} --gateway={2} {0}
    gnt-network connect {0} {3} {4}
    """.format(name, subnet, gw, mode, link)
    try_run(cmd)

Ilias Tsitsimpis's avatar
Ilias Tsitsimpis committed
1393

Dimitris Aragiorgis's avatar
Dimitris Aragiorgis committed
1394
1395
1396
1397
@roles("ips")
def test():
    debug(env.host, "Testing...")
    try_run("hostname && date")