cloud-mu 2.1.0beta → 3.0.0beta

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: b339d7f5e35d4ca0b753f23d4552fa4f5589b16f
-  data.tar.gz: 9e46c23f39cc04b1102ff2f671453105ac043d4b
+SHA256:
+  metadata.gz: d6d28f31ace29cfaab6ca01999ae6ac6555e2f997a7bd05a6368d6e3787b67bc
+  data.tar.gz: da3c08bb506f6952cb74a07710436d6c698acafa6c4f3fc5eeb3ac3cdaff58b4
 SHA512:
-  metadata.gz: 08acf7c80363ea2b446e356b65ce3fb8a3dc5687917f346fabd272de0ac1d4b827d1d70c187c1e796e5eb0472398923109c5115a0a6478b6c292ca6a4bcdf332
-  data.tar.gz: 09a509cb2f1d9c7dc65b44de161dc52ba8c0e84e1d57f1f1faee651145689802f9ae4e6f9abeb9dbab4954a3fe4ea777147d69281ffdb1e21c8685bbf7371c1c
+  metadata.gz: 3b6adb59f7ead95071f134ba9059042ff493cad6259fd19c1f0e32f78bbfb1e856403e7272c980a5cede5aae8fdf53bfe2c810ade5e23d2a045cad2f4264ab20
+  data.tar.gz: 283566f81d55c6a34871edb57ae895855bbf1ed3f2a8e6946ca40319839e780802bc0228f6c2b5d1ca2a0dffc10b2cd107b48770133a88b72144ad3478043800

data/Berksfile

@@ -1,5 +1,5 @@
-source "https://supermarket.chef.io"
 source chef_repo: "cookbooks/"
+source "https://supermarket.chef.io"
 
 # Mu Platform Cookbooks
 cookbook 'awscli'
@@ -7,12 +7,11 @@ cookbook 'mu-activedirectory'
 cookbook 'mu-splunk'
 cookbook 'mu-firewall'
 cookbook 'mu-glusterfs'
-cookbook 'mu-jenkins'
 cookbook 'mu-master'
 cookbook 'mu-mongo'
 cookbook 'mu-openvpn'
-cookbook 'mu-php54'
 cookbook 'mu-tools'
 cookbook 'mu-utility'
-cookbook 'nagios'
-cookbook 'firewall'
+cookbook 'mu-nagios' , '~> 8.2.0', git: "https://github.com/cloudamatic/mu-nagios.git"
+cookbook 'firewall', path: 'cookbooks/firewall'
+cookbook 'chocolatey'

data/Berksfile.lock

@@ -0,0 +1,179 @@
+DEPENDENCIES
+  awscli
+  chocolatey
+  firewall
+    path: cookbooks/firewall
+  mu-activedirectory
+  mu-firewall
+  mu-glusterfs
+  mu-master
+  mu-mongo
+  mu-nagios
+    git: https://github.com/cloudamatic/mu-nagios.git
+    revision: c1e3f6155d5ab9952c8403693b118664f8d50973
+  mu-openvpn
+  mu-splunk
+  mu-tools
+  mu-utility
+
+GRAPH
+  apache2 (5.2.1)
+  apt (7.2.0)
+  awscli (1.1.2)
+    python (~> 1.4)
+  bind (2.2.1)
+  bind9-ng (0.1.0)
+  build-essential (8.2.1)
+    mingw (>= 1.1)
+    seven_zip (>= 0.0.0)
+  chef-sugar (5.0.4)
+  chef-vault (3.1.1)
+  chocolatey (2.0.1)
+  consul (2.3.0)
+    build-essential (>= 0.0.0)
+    firewall (~> 2.0)
+    golang (>= 0.0.0)
+    nssm (>= 0.0.0)
+    poise (~> 2.2)
+    poise-archive (~> 1.3)
+    poise-service (~> 1.4)
+  consul-cluster (2.0.0)
+    consul (~> 2.1)
+    ssl_certificate (~> 1.11)
+  cpan (0.1.0)
+  database (6.1.1)
+    postgresql (>= 1.0.0)
+  firewall (2.7.1)
+  golang (1.7.0)
+  hashicorp-vault (2.5.0)
+    build-essential (>= 0.0.0)
+    golang (~> 1.7)
+    poise (~> 2.6)
+    poise-service (~> 1.1)
+    rubyzip (~> 1.0)
+  homebrew (5.0.8)
+  hostsfile (3.0.1)
+  java (2.2.1)
+    homebrew (>= 0.0.0)
+    windows (>= 0.0.0)
+  mingw (2.1.0)
+    seven_zip (>= 0.0.0)
+  mongodb (0.16.2)
+    apt (>= 1.8.2)
+    python (>= 0.0.0)
+    runit (>= 1.5.0)
+    yum (>= 3.0)
+  mu-activedirectory (0.2.0)
+    chef-vault (~> 3.1.1)
+    windows (~> 5.1.1)
+    yum-epel (~> 3.2.0)
+  mu-firewall (0.1.2)
+    firewall (~> 2.7.1)
+  mu-glusterfs (0.1.0)
+    mu-firewall (>= 0.0.0)
+    yum (~> 5.1.0)
+  mu-master (0.9.6)
+    apache2 (< 6.0.0)
+    bind (~> 2.2.0)
+    bind9-ng (~> 0.1.0)
+    chef-sugar (>= 0.0.0)
+    chef-vault (~> 3.1.1)
+    consul-cluster (~> 2.0.0)
+    hostsfile (~> 3.0.1)
+    mu-activedirectory (>= 0.0.0)
+    mu-firewall (>= 0.0.0)
+    mu-nagios (>= 0.0.0)
+    mu-tools (>= 0.0.0)
+    mu-utility (>= 0.0.0)
+    nrpe (~> 2.0.3)
+    postfix (~> 5.3.1)
+    s3fs (>= 0.0.0)
+    vault-cluster (~> 2.1.0)
+  mu-mongo (0.5.0)
+    chef-vault (~> 3.1.1)
+    mongodb (~> 0.16.2)
+  mu-nagios (8.2.2)
+    apache2 (< 6.0.0)
+    build-essential (>= 5.0)
+    nginx (>= 7.0)
+    nrpe (>= 0.0.0)
+    php (>= 0.0.0)
+    php-fpm (>= 0.7.9)
+    yum-epel (>= 0.0.0)
+    zap (>= 0.6.0)
+  mu-openvpn (0.1.0)
+    chef-vault (~> 3.1.1)
+    mu-firewall (>= 0.0.0)
+    mu-utility (>= 0.0.0)
+  mu-splunk (1.3.0)
+    chef-vault (>= 1.0.4)
+  mu-tools (1.1.0)
+    chef-vault (~> 3.1.1)
+    chocolatey (>= 0.0.0)
+    database (~> 6.1.1)
+    firewall (>= 0.0.0)
+    java (~> 2.2.0)
+    mu-activedirectory (>= 0.0.0)
+    mu-firewall (>= 0.0.0)
+    mu-nagios (>= 0.0.0)
+    mu-splunk (>= 0.0.0)
+    mu-utility (>= 0.0.0)
+    oracle-instantclient (~> 1.1.0)
+    poise-python (~> 1.7.0)
+    postgresql (~> 7.1.0)
+    selinux (~> 3.0.0)
+    windows (~> 5.1.1)
+    yum-epel (~> 3.2.0)
+  mu-utility (0.6.0)
+    mu-firewall (>= 0.0.0)
+    windows (~> 5.1.1)
+  nginx (10.0.2)
+    ohai (~> 5.2)
+  nrpe (2.0.5)
+    build-essential (>= 0.0.0)
+    yum-epel (>= 0.0.0)
+  nssm (4.0.1)
+    windows (>= 0.0.0)
+  ohai (5.3.0)
+  oracle-instantclient (1.1.0)
+    build-essential (>= 0.0.0)
+    cpan (>= 0.0.0)
+    php (>= 0.0.0)
+  packagecloud (1.0.1)
+  php (7.0.0)
+    yum-epel (>= 0.0.0)
+  php-fpm (0.8.0)
+  poise (2.8.2)
+  poise-archive (1.5.0)
+    poise (~> 2.6)
+  poise-languages (2.1.2)
+    poise (~> 2.5)
+    poise-archive (~> 1.0)
+  poise-python (1.7.0)
+    poise (~> 2.7)
+    poise-languages (~> 2.0)
+  poise-service (1.5.2)
+    poise (~> 2.0)
+  postfix (5.3.1)
+  postgresql (7.1.4)
+  python (1.4.6)
+    build-essential (>= 0.0.0)
+    yum-epel (>= 0.0.0)
+  rubyzip (1.3.1)
+    poise (~> 2.2)
+  runit (5.1.2)
+    packagecloud (>= 0.0.0)
+    yum-epel (>= 0.0.0)
+  s3fs (3.0.1)
+  selinux (3.0.0)
+  seven_zip (3.1.2)
+    windows (>= 0.0.0)
+  ssl_certificate (1.12.0)
+  vault-cluster (2.1.0)
+    consul-cluster (~> 2.0)
+    hashicorp-vault (~> 2.1)
+    ssl_certificate (~> 1.11)
+  windows (5.1.6)
+  yum (5.1.0)
+  yum-epel (3.2.0)
+  zap (1.1.0)

data/README.md

@@ -17,11 +17,6 @@ The mu tooling is currently supported on RHEL or CentOS 6/7.
 ## Installation
 See the [README](../master/install) in the install folder for mu master installation instructions
 
-Alternatively, get started by clicking the Launch Button!!
-
-This does create all the AWS resources in us-east-1 region.
-
-[![Launch Stack](https://s3.amazonaws.com/cloudformation-examples/cloudformation-launch-stack.png)](https://console.aws.amazon.com/cloudformation/home?region=us-east-1#/stacks/new?stackName=CloudamaticInstaller&templateURL=https://s3.amazonaws.com/mu-cfn-installer/cfn_create_mu_master.json)
-
 ## Usage
 See the [Usage](https://github.com/cloudamatic/mu/wiki/Usage) section of our Wiki for an overview of how to use the mu tooling for deployment
+

data/ansible/roles/mu-installer/README.md

@@ -0,0 +1,33 @@
+Role Name
+=========
+
+Runs a basic install of Mu on a compatible host. See also https://github.com/cloudamatic/mu
+
+Requirements
+------------
+
+CentOS 6, CentOS 7, or Amazon Linux 2 host with internet connectivity and no other major services running.
+
+License
+-------
+
+Copyright:: Copyright (c) 2019 eGlobalTech, Inc., all rights reserved
+
+Licensed under the BSD-3 license (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License in the root of the project or at
+
+    http://egt-labs.com/mu/LICENSE.html
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+
+Author Information
+------------------
+
+Current developers: John Stange, Robert Patt-Corner, Ryan Bolyard, Zach Rowe
+
+egt-labs-admins@egt-labs.com

data/ansible/roles/mu-installer/defaults/main.yml

@@ -0,0 +1,2 @@
+---
+# defaults file for mu-installer

data/ansible/roles/mu-installer/handlers/main.yml

@@ -0,0 +1,2 @@
+---
+# handlers file for mu-installer

data/ansible/roles/mu-installer/meta/main.yml

@@ -0,0 +1,60 @@
+galaxy_info:
+  author: your name
+  description: your description
+  company: your company (optional)
+
+  # If the issue tracker for your role is not on github, uncomment the
+  # next line and provide a value
+  # issue_tracker_url: http://example.com/issue/tracker
+
+  # Some suggested licenses:
+  # - BSD (default)
+  # - MIT
+  # - GPLv2
+  # - GPLv3
+  # - Apache
+  # - CC-BY
+  license: license (GPLv2, CC-BY, etc)
+
+  min_ansible_version: 2.4
+
+  # If this a Container Enabled role, provide the minimum Ansible Container version.
+  # min_ansible_container_version:
+
+  # Optionally specify the branch Galaxy will use when accessing the GitHub
+  # repo for this role. During role install, if no tags are available,
+  # Galaxy will use this branch. During import Galaxy will access files on
+  # this branch. If Travis integration is configured, only notifications for this
+  # branch will be accepted. Otherwise, in all cases, the repo's default branch
+  # (usually master) will be used.
+  #github_branch:
+
+  #
+  # Provide a list of supported platforms, and for each platform a list of versions.
+  # If you don't wish to enumerate all versions for a particular platform, use 'all'.
+  # To view available platforms and versions (or releases), visit:
+  # https://galaxy.ansible.com/api/v1/platforms/
+  #
+  # platforms:
+  # - name: Fedora
+  #   versions:
+  #   - all
+  #   - 25
+  # - name: SomePlatform
+  #   versions:
+  #   - all
+  #   - 1.0
+  #   - 7
+  #   - 99.99
+
+  galaxy_tags: []
+    # List tags for your role here, one per line. A tag is a keyword that describes
+    # and categorizes the role. Users find roles by searching for tags. Be sure to
+    # remove the '[]' above, if you add tags to this list.
+    #
+    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
+    #       Maximum 20 tags per role.
+
+dependencies: []
+  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
+  # if you add dependencies to this list.

data/ansible/roles/mu-installer/tasks/main.yml

@@ -0,0 +1,13 @@
+---
+- name: Copy installer script
+  copy:
+    dest: /root/mu_install.sh
+    src: ../../../../install/installer
+    mode: 0700
+  become: yes
+
+- name: Run Mu Installer
+  command: /root/mu_install.sh -n --mu-admin-email {{ mu_admin_email }} --mu-admin-name {{ mu_service_name }} --hostname {{ mu_service_name }} --public-address {{ mu_canonical_ip }}
+  environment:
+    MU_BRANCH: development
+  become: yes

data/ansible/roles/mu-installer/tests/inventory

@@ -0,0 +1,2 @@
+localhost
+

data/ansible/roles/mu-installer/tests/test.yml

@@ -0,0 +1,5 @@
+---
+- hosts: localhost
+  remote_user: root
+  roles:
+    - mu-installer

data/ansible/roles/mu-installer/vars/main.yml

@@ -0,0 +1,2 @@
+---
+# vars file for mu-installer

data/bin/mu-adopt

@@ -0,0 +1,125 @@
+#!/usr/local/ruby-current/bin/ruby
+#
+# Copyright:: Copyright (c) 2019 eGlobalTech, Inc., all rights reserved
+#
+# Licensed under the BSD-3 license (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License in the root of the project or at
+#
+#     http://egt-labs.com/mu/LICENSE.html
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require File.expand_path(File.dirname(__FILE__))+"/mu-load-config.rb"
+
+require 'rubygems'
+require 'bundler/setup'
+require 'optimist'
+require 'mu'
+
+available_clouds = MU::Cloud.supportedClouds
+available_clouds.reject! { |cloud|
+  cloudclass = Object.const_get("MU").const_get("Cloud").const_get(cloud)
+  cloudclass.listCredentials.nil? or cloudclass.listCredentials.size == 0
+}
+
+available_types = MU::Cloud.resource_types.keys.map { |t| t.to_s }
+grouping_options = {
+  "logical" => "Group resources in logical layers (folders and habitats together, users/roles/groups together, network resources together, etc)",
+  "omnibus" => "Jam everything into one monolothic configuration"
+}
+
+$opt = Optimist::options do
+  banner <<-EOS
+#{$0}
+  EOS
+  opt :appname, "The overarching name of the application stack we will generate", :required => false, :default => "mu", :type => :string
+  opt :types, "The resource types to scan and import. Valid types: #{available_types.join(", ")}", :required => false, :type => :strings, :default => available_types
+  opt :clouds, "The cloud providers to scan and import.", :required => false, :type => :strings, :default => available_clouds
+  opt :parent, "Where applicable, resources which reside in the root folder or organization are configured with the specified parent in our target BoK", :required => false, :type => :string
+  opt :billing, "Force-set this billing entity on created resources, instead of copying from the live resources", :required => false, :type => :string
+  opt :sources, "One or more sets of credentials to use when importing resources. By default we will search and import from all sets of available credentials for each cloud provider specified with --clouds", :required => false, :type => :strings
+  opt :credentials, "Override the 'credentials' value in our generated Baskets of Kittens to target a single, specific account. Our default behavior is to set each resource to deploy into the account from which it was sourced.", :required => false, :type => :string
+  opt :savedeploys, "Generate actual deployment metadata in #{MU.dataDir}/deployments, as though the resources we found were created with mu-deploy. If we are generating more than one configuration, and a resource needs to reference another resource (e.g. to declare a VPC in which to reside), this will allow us to reference them as virtual resource, rather than by raw cloud identifier.", :required => false, :type => :boolean
+  opt :diff, "List the differences between what we find and an existing, saved deploy from a previous run, if one exists.", :required => false, :type => :boolean
+  opt :grouping, "Methods for grouping found resources into separate Baskets.\n\n"+MU::Adoption::GROUPMODES.keys.map { |g| "* "+g.to_s+": "+MU::Adoption::GROUPMODES[g] }.join("\n")+"\n\n", :required => false, :type => :string, :default => "logical"
+  opt :habitats, "Limit scope of research searching to the named accounts/projects/subscriptions, instead of search all habitats visible to our credentials.", :required => false, :type => :strings
+end
+
+ok = true
+
+app_pattern = Regexp.new('^[a-z][0-9a-z\-_]{0,10}[a-z0-9]$', true)
+
+if !$opt[:appname] or !app_pattern.match($opt[:appname])
+  MU.log "--appname must match pattern #{app_pattern.to_s}", MU::ERR
+  exit 1
+end
+
+if !$opt[:savedeploys_given]
+  $opt[:savedeploys] = !$opt[:diff]
+end
+
+types = []
+$opt[:types].each { |t|
+  t_name = t.gsub(/-/, "_")
+  t_name.gsub!(/^[^a-z0-9]|[^a-z0-9]$/i, "")
+  shortclass, name, plural, classname = MU::Cloud.getResourceNames(t_name)
+  if !classname
+    MU.log "'#{t}' does not map to a valid Mu resource type", MU::ERR
+    ok = false
+  else
+    types << shortclass
+  end
+}
+
+clouds = []
+if !$opt[:clouds] or $opt[:clouds].empty?
+  MU.log "At least one cloud must be specified", MU::ERR
+  ok = false
+end
+$opt[:clouds].each { |cloud|
+  found_match = false
+  MU::Cloud.supportedClouds.each { |known_cloud|
+    if cloud.match(/^[^a-z0-9]*?#{Regexp.quote(known_cloud)}[^a-z0-9]*?$/i)
+      clouds << known_cloud
+      found_match = true
+      break
+    end
+  }
+  if !found_match
+    MU.log "'#{cloud}' does not map to a valid Mu cloud layer", MU::ERR
+    ok = false
+  end
+}
+
+if !ok
+  puts "Invoke with --help for more information."
+  exit 1
+end
+
+
+adoption = MU::Adoption.new(clouds: clouds, types: types, parent: $opt[:parent], billing: $opt[:billing], sources: $opt[:sources], credentials: $opt[:credentials], group_by: $opt[:grouping].to_sym, savedeploys: $opt[:savedeploys], diff: $opt[:diff], habitats: $opt[:habitats])
+adoption.scrapeClouds
+MU.log "Generating baskets", MU::DEBUG
+boks = adoption.generateBaskets(prefix: $opt[:appname])
+
+boks.each_pair { |appname, bok|
+  MU.log "Writing to #{appname}.yaml"
+  File.open("#{appname}.yaml", "w") { |f|
+    f.write JSON.parse(JSON.generate(bok)).to_yaml
+  }
+  conf_engine = MU::Config.new("#{appname}.yaml")
+  stack_conf = conf_engine.config
+#  puts stack_conf.to_yaml
+  MU.log "#{appname}.yaml validated successfully", MU::NOTICE
+  MU::Cloud.resource_types.each_pair { |type, cfg|
+    if bok[cfg[:cfg_plural]]
+      MU.log "#{bok[cfg[:cfg_plural]].size.to_s} #{cfg[:cfg_plural]}", MU::NOTICE
+    end
+  }
+}
+