dev-lxc 2.0.3 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/README.md +99 -363
- data/docs/adhoc_clusters.md +22 -0
- data/docs/base_containers.md +44 -0
- data/docs/configuration.md +182 -0
- data/docs/dev-lxc_version_2.md +10 -0
- data/docs/manage_multiple_clusters.md +30 -0
- data/docs/prerequisites.md +75 -0
- data/docs/usage.md +187 -0
- data/lib/dev-lxc/cli.rb +74 -0
- data/lib/dev-lxc/cluster.rb +371 -206
- data/lib/dev-lxc/version.rb +1 -1
- metadata +10 -3
data/lib/dev-lxc/cluster.rb
CHANGED
@@ -8,38 +8,46 @@ module DevLXC
|
|
8
8
|
|
9
9
|
def initialize(cluster_config)
|
10
10
|
FileUtils.mkdir_p('/var/dev-lxc') unless Dir.exist?('/var/dev-lxc')
|
11
|
-
validate_cluster_config(cluster_config)
|
12
11
|
|
13
12
|
@config = Hash.new { |hash, key| hash[key] = {} }
|
14
13
|
@server_configs = Hash.new
|
15
14
|
|
16
|
-
%w(adhoc analytics chef-backend chef-server compliance nodes supermarket).each do |server_type|
|
15
|
+
%w(adhoc analytics automate build-nodes chef-backend chef-server compliance nodes supermarket).each do |server_type|
|
17
16
|
if cluster_config[server_type]
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
17
|
+
mounts = ["/var/dev-lxc var/dev-lxc"]
|
18
|
+
if cluster_config[server_type]["mounts"]
|
19
|
+
mounts.concat(cluster_config[server_type]["mounts"])
|
20
|
+
elsif cluster_config["mounts"]
|
21
|
+
mounts.concat(cluster_config["mounts"])
|
22
|
+
end
|
23
|
+
ssh_keys = cluster_config[server_type]["ssh-keys"]
|
24
|
+
ssh_keys ||= cluster_config["ssh-keys"]
|
25
|
+
base_container_name = cluster_config[server_type]["base_container"]
|
26
|
+
base_container_name ||= cluster_config["base_container"]
|
27
|
+
|
28
|
+
if cluster_config[server_type]["servers"]
|
29
|
+
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
30
|
+
server_config ||= Hash.new
|
31
|
+
products = server_config['products']
|
32
|
+
products ||= Hash.new
|
33
|
+
mounts = ["/var/dev-lxc var/dev-lxc"] + server_config["mounts"] if server_config["mounts"]
|
34
|
+
ssh_keys = server_config["ssh-keys"] if server_config["ssh-keys"]
|
35
|
+
base_container_name = server_config["base_container"] if server_config["base_container"]
|
36
|
+
@server_configs[server_name] = {
|
37
|
+
server_type: server_type,
|
38
|
+
products: products,
|
39
|
+
ipaddress: server_config['ipaddress'],
|
40
|
+
additional_fqdn: nil,
|
41
|
+
mounts: mounts,
|
42
|
+
ssh_keys: ssh_keys,
|
43
|
+
base_container_name: base_container_name
|
44
|
+
}
|
45
|
+
# gather configuration from only the first "automate", "compliance" or "supermarket" server
|
46
|
+
break if %w(automate compliance supermarket).include?(server_type)
|
47
|
+
end
|
48
|
+
end
|
26
49
|
|
27
50
|
case server_type
|
28
|
-
when "adhoc"
|
29
|
-
if cluster_config[server_type]["servers"]
|
30
|
-
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
31
|
-
products = server_config['products']
|
32
|
-
products ||= Hash.new
|
33
|
-
@server_configs[server_name] = {
|
34
|
-
server_type: server_type,
|
35
|
-
products: products,
|
36
|
-
ipaddress: server_config['ipaddress'],
|
37
|
-
additional_fqdn: nil,
|
38
|
-
mounts: @config[server_type][:mounts],
|
39
|
-
ssh_keys: @config[server_type][:ssh_keys]
|
40
|
-
}
|
41
|
-
end
|
42
|
-
end
|
43
51
|
when "analytics"
|
44
52
|
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
45
53
|
@config[server_type][:topology] ||= 'standalone'
|
@@ -48,10 +56,8 @@ module DevLXC
|
|
48
56
|
|
49
57
|
if cluster_config[server_type]["servers"]
|
50
58
|
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
59
|
+
server_config ||= Hash.new
|
51
60
|
additional_fqdn = nil
|
52
|
-
products = server_config['products']
|
53
|
-
products ||= Hash.new
|
54
|
-
@server_configs[server_name] = server_config
|
55
61
|
case @config[server_type][:topology]
|
56
62
|
when 'standalone'
|
57
63
|
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
@@ -63,18 +69,17 @@ module DevLXC
|
|
63
69
|
@config[server_type][:frontends] << server_name
|
64
70
|
end
|
65
71
|
end
|
66
|
-
@server_configs[server_name]
|
67
|
-
|
68
|
-
|
69
|
-
ipaddress: server_config['ipaddress'],
|
70
|
-
additional_fqdn: additional_fqdn,
|
71
|
-
mounts: @config[server_type][:mounts],
|
72
|
-
ssh_keys: @config[server_type][:ssh_keys]
|
73
|
-
}
|
72
|
+
@server_configs[server_name].merge!({
|
73
|
+
additional_fqdn: additional_fqdn
|
74
|
+
})
|
74
75
|
end
|
75
76
|
end
|
76
77
|
when "chef-backend"
|
77
78
|
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
79
|
+
@config[server_type][:users] = cluster_config[server_type]["users"]
|
80
|
+
@config[server_type][:users] ||= Array.new
|
81
|
+
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
82
|
+
@config[server_type][:orgs] ||= Hash.new
|
78
83
|
@config[server_type][:backends] = Array.new
|
79
84
|
@config[server_type][:frontends] = Array.new
|
80
85
|
|
@@ -85,9 +90,8 @@ module DevLXC
|
|
85
90
|
@config[server_type][:backends] << @config[server_type][:leader_backend]
|
86
91
|
@config[server_type][:frontends] << @config[server_type][:bootstrap_frontend]
|
87
92
|
servers.each do |server_name, server_config|
|
93
|
+
server_config ||= Hash.new
|
88
94
|
additional_fqdn = nil
|
89
|
-
products = server_config['products']
|
90
|
-
products ||= Hash.new
|
91
95
|
case server_config["role"]
|
92
96
|
when "backend"
|
93
97
|
@config[server_type][:backends] << server_name unless server_name == @config[server_type][:leader_backend]
|
@@ -95,30 +99,28 @@ module DevLXC
|
|
95
99
|
additional_fqdn = @config[server_type][:fqdn]
|
96
100
|
@config[server_type][:frontends] << server_name unless server_name == @config[server_type][:bootstrap_frontend]
|
97
101
|
end
|
98
|
-
@server_configs[server_name]
|
99
|
-
server_type: server_type,
|
100
|
-
products: products,
|
101
|
-
ipaddress: server_config['ipaddress'],
|
102
|
+
@server_configs[server_name].merge!({
|
102
103
|
additional_fqdn: additional_fqdn,
|
103
|
-
mounts: @config[server_type][:mounts],
|
104
|
-
ssh_keys: @config[server_type][:ssh_keys],
|
105
104
|
chef_server_type: 'chef-server'
|
106
|
-
}
|
105
|
+
})
|
107
106
|
end
|
108
107
|
end
|
109
108
|
when "chef-server"
|
110
109
|
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
111
110
|
@config[server_type][:topology] ||= 'standalone'
|
112
111
|
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
112
|
+
@config[server_type][:users] = cluster_config[server_type]["users"]
|
113
|
+
@config[server_type][:users] ||= Array.new
|
114
|
+
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
115
|
+
@config[server_type][:orgs] ||= Hash.new
|
113
116
|
@config[server_type][:frontends] = Array.new
|
114
117
|
|
115
118
|
if cluster_config[server_type]["servers"]
|
116
119
|
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
120
|
+
server_config ||= Hash.new
|
117
121
|
additional_fqdn = nil
|
118
|
-
|
119
|
-
|
120
|
-
chef_server_type = 'private-chef' if products.has_key?('private-chef')
|
121
|
-
chef_server_type = 'chef-server' if products.has_key?('chef-server')
|
122
|
+
chef_server_type = 'private-chef' if @server_configs[server_name][:products].has_key?('private-chef')
|
123
|
+
chef_server_type = 'chef-server' if @server_configs[server_name][:products].has_key?('chef-server')
|
122
124
|
case @config[server_type][:topology]
|
123
125
|
when 'standalone'
|
124
126
|
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
@@ -130,75 +132,77 @@ module DevLXC
|
|
130
132
|
@config[server_type][:frontends] << server_name
|
131
133
|
end
|
132
134
|
end
|
133
|
-
@server_configs[server_name]
|
134
|
-
server_type: server_type,
|
135
|
-
products: products,
|
136
|
-
ipaddress: server_config['ipaddress'],
|
135
|
+
@server_configs[server_name].merge!({
|
137
136
|
additional_fqdn: additional_fqdn,
|
138
|
-
mounts: @config[server_type][:mounts],
|
139
|
-
ssh_keys: @config[server_type][:ssh_keys],
|
140
137
|
chef_server_type: chef_server_type
|
141
|
-
}
|
138
|
+
})
|
142
139
|
end
|
143
140
|
end
|
144
|
-
when "
|
141
|
+
when "supermarket"
|
145
142
|
unless cluster_config[server_type]["servers"].first.nil?
|
146
143
|
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
147
144
|
@config[server_type][:fqdn] = server_name
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
}
|
145
|
+
end
|
146
|
+
when "automate"
|
147
|
+
unless cluster_config[server_type]["servers"].first.nil?
|
148
|
+
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
149
|
+
server_config ||= Hash.new
|
150
|
+
@server_configs[server_name].merge!({
|
151
|
+
license_path: server_config['license_path'],
|
152
|
+
chef_org: server_config['chef_org'],
|
153
|
+
enterprise_name: server_config['enterprise_name']
|
154
|
+
})
|
158
155
|
end
|
159
156
|
when "nodes"
|
157
|
+
chef_server_url = cluster_config[server_type]['chef_server_url']
|
158
|
+
validation_client_name = cluster_config[server_type]['validation_client_name']
|
159
|
+
validation_key = cluster_config[server_type]['validation_key']
|
160
160
|
if cluster_config[server_type]["servers"]
|
161
161
|
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
chef_server_url: server_config['chef_server_url'],
|
172
|
-
validation_client_name: server_config['validation_client_name'],
|
173
|
-
validation_key: server_config['validation_key']
|
174
|
-
}
|
162
|
+
server_config ||= Hash.new
|
163
|
+
chef_server_url = server_config['chef_server_url'] if server_config['chef_server_url']
|
164
|
+
validation_client_name = server_config['validation_client_name'] if server_config['validation_client_name']
|
165
|
+
validation_key = server_config['validation_key'] if server_config['validation_key']
|
166
|
+
@server_configs[server_name].merge!({
|
167
|
+
chef_server_url: chef_server_url,
|
168
|
+
validation_client_name: validation_client_name,
|
169
|
+
validation_key: validation_key
|
170
|
+
})
|
175
171
|
end
|
176
172
|
end
|
177
173
|
end
|
178
174
|
end
|
179
175
|
end
|
176
|
+
validate_cluster_config
|
180
177
|
end
|
181
178
|
|
182
|
-
def validate_cluster_config
|
183
|
-
hostnames = Array.new
|
184
|
-
mounts = Array.new
|
179
|
+
def validate_cluster_config
|
185
180
|
base_container_names = Array.new
|
181
|
+
mounts = Array.new
|
186
182
|
ssh_keys = Array.new
|
183
|
+
hostnames = Array.new
|
187
184
|
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
185
|
+
@config.map { |server_type, config| hostnames.push(config[:fqdn]) }
|
186
|
+
|
187
|
+
@server_configs.each do |server_name, server_config|
|
188
|
+
base_container_names.push(server_config[:base_container_name]).uniq! if server_config[:base_container_name]
|
189
|
+
mounts.concat(server_config[:mounts]).uniq! if server_config[:mounts]
|
190
|
+
ssh_keys.concat(server_config[:ssh_keys]).uniq! if server_config[:ssh_keys]
|
191
|
+
hostnames.push(server_name)
|
192
|
+
case server_config[:server_type]
|
193
|
+
when "automate"
|
194
|
+
if server_config[:license_path] && !File.exists?(server_config[:license_path])
|
195
|
+
puts "ERROR: Automate license #{server_config[:license_path]} does not exist."
|
196
|
+
exit 1
|
197
|
+
end
|
198
|
+
when "nodes"
|
199
|
+
if server_config[:validation_key] && !File.exists?(server_config[:validation_key])
|
200
|
+
puts "ERROR: Validation key #{server_config[:validation_key]} does not exist."
|
201
|
+
exit 1
|
202
|
+
end
|
200
203
|
end
|
201
204
|
end
|
205
|
+
|
202
206
|
unless base_container_names.empty?
|
203
207
|
base_container_names.each do |base_container_name|
|
204
208
|
unless ::DevLXC::Container.new(base_container_name).defined?
|
@@ -233,6 +237,15 @@ module DevLXC
|
|
233
237
|
end
|
234
238
|
end
|
235
239
|
|
240
|
+
def show_config
|
241
|
+
require 'pp'
|
242
|
+
puts "Cluster config:"
|
243
|
+
pp @config
|
244
|
+
puts
|
245
|
+
puts "Server configs:"
|
246
|
+
pp @server_configs
|
247
|
+
end
|
248
|
+
|
236
249
|
def get_server(server_name)
|
237
250
|
ipaddress = @server_configs[server_name][:ipaddress]
|
238
251
|
additional_fqdn = @server_configs[server_name][:additional_fqdn]
|
@@ -246,7 +259,7 @@ module DevLXC
|
|
246
259
|
|
247
260
|
# the order of this list of server_types matters
|
248
261
|
# it determines the order in which actions are applied to each server_type
|
249
|
-
%w(chef-backend chef-server analytics compliance supermarket nodes adhoc).each do |server_type|
|
262
|
+
%w(chef-backend chef-server analytics compliance supermarket automate build-nodes nodes adhoc).each do |server_type|
|
250
263
|
unless @config[server_type].empty?
|
251
264
|
case server_type
|
252
265
|
when "chef-backend"
|
@@ -264,11 +277,12 @@ module DevLXC
|
|
264
277
|
@config[server_type][:frontends].each do |frontend_name|
|
265
278
|
servers << get_server(frontend_name)
|
266
279
|
end
|
267
|
-
when "adhoc", "compliance", "nodes", "supermarket"
|
268
|
-
server_configs = @server_configs.select { |server_name, server_config| server_config[:server_type] == server_type }
|
269
|
-
server_configs.each_key { |server_name| servers << get_server(server_name) }
|
270
280
|
end
|
271
281
|
end
|
282
|
+
if %w(adhoc automate build-nodes compliance nodes supermarket).include?(server_type)
|
283
|
+
server_configs = @server_configs.select { |server_name, server_config| server_config[:server_type] == server_type }
|
284
|
+
server_configs.each_key { |server_name| servers << get_server(server_name) }
|
285
|
+
end
|
272
286
|
end
|
273
287
|
servers.select { |s| s.name =~ /#{server_name_regex}/ }
|
274
288
|
end
|
@@ -325,7 +339,7 @@ module DevLXC
|
|
325
339
|
end
|
326
340
|
end
|
327
341
|
if @server_configs[server.name][:server_type] == 'nodes'
|
328
|
-
if @server_configs[server.name][:chef_server_url]
|
342
|
+
if @server_configs[server.name][:chef_server_url] && @server_configs[server.name][:validation_client_name] && @server_configs[server.name][:validation_key].nil?
|
329
343
|
if @config['chef-server'][:bootstrap_backend] && !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
330
344
|
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
331
345
|
abort_up = true
|
@@ -335,6 +349,43 @@ module DevLXC
|
|
335
349
|
end
|
336
350
|
end
|
337
351
|
end
|
352
|
+
if @server_configs[server.name][:server_type] == 'automate'
|
353
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
354
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
355
|
+
abort_up = true
|
356
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
357
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
358
|
+
abort_up = true
|
359
|
+
end
|
360
|
+
end
|
361
|
+
if @server_configs[server.name][:server_type] == 'build-nodes'
|
362
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
363
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
364
|
+
abort_up = true
|
365
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.running? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
366
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be running first."
|
367
|
+
abort_up = true
|
368
|
+
end
|
369
|
+
if @config['chef-server'][:topology] == 'tier'
|
370
|
+
if @config[server_type][:frontends].empty?
|
371
|
+
puts "ERROR: '#{server.name}' requires at least one Chef Server frontend to be configured first."
|
372
|
+
abort_up = true
|
373
|
+
elsif (@config['chef-server'][:frontends].select { |s| get_server(s).container.running? }.length + servers.select { |s| @config['chef-server'][:frontends].include?(s.name) }.length) < 1
|
374
|
+
puts "ERROR: '#{server.name}' requires at least one Chef Server frontend to be running first."
|
375
|
+
abort_up = true
|
376
|
+
end
|
377
|
+
end
|
378
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
379
|
+
if automate_server_name
|
380
|
+
if !get_server(automate_server_name).container.running? && servers.select { |s| s.name == automate_server_name }.empty?
|
381
|
+
puts "ERROR: '#{server.name}' requires '#{automate_server_name}' to be running first."
|
382
|
+
abort_up = true
|
383
|
+
end
|
384
|
+
else
|
385
|
+
puts "ERROR: '#{server.name}' requires an Automate Server to be configured first."
|
386
|
+
abort_up = true
|
387
|
+
end
|
388
|
+
end
|
338
389
|
end
|
339
390
|
exit 1 if abort_up
|
340
391
|
prep_product_cache(servers)
|
@@ -386,7 +437,7 @@ module DevLXC
|
|
386
437
|
|
387
438
|
def clone_from_base_container(server)
|
388
439
|
server_type = @server_configs[server.name][:server_type]
|
389
|
-
base_container = DevLXC::Container.new(@
|
440
|
+
base_container = DevLXC::Container.new(@server_configs[server.name][:base_container_name])
|
390
441
|
puts "Cloning base container '#{base_container.name}' into container '#{server.name}'"
|
391
442
|
base_container.clone(server.name, {:flags => LXC::LXC_CLONE_SNAPSHOT})
|
392
443
|
server.container.load_config
|
@@ -399,7 +450,7 @@ module DevLXC
|
|
399
450
|
|
400
451
|
def get_product_url(server, product_name, product_options)
|
401
452
|
server_type = @server_configs[server.name][:server_type]
|
402
|
-
base_container = DevLXC::Container.new(@
|
453
|
+
base_container = DevLXC::Container.new(@server_configs[server.name][:base_container_name])
|
403
454
|
mixlib_install_platform_detection_path = "#{base_container.config_item('lxc.rootfs')}/mixlib-install-platform-detection"
|
404
455
|
IO.write(mixlib_install_platform_detection_path, Mixlib::Install::Generator::Bourne.detect_platform_sh)
|
405
456
|
platform_results = `chroot #{base_container.config_item('lxc.rootfs')} bash mixlib-install-platform-detection`
|
@@ -431,13 +482,13 @@ module DevLXC
|
|
431
482
|
artifact.url
|
432
483
|
end
|
433
484
|
|
434
|
-
def prep_product_cache(servers)
|
485
|
+
def prep_product_cache(servers, force=false)
|
435
486
|
all_required_products = Hash.new
|
436
487
|
servers.each do |server|
|
437
488
|
products = @server_configs[server.name][:products]
|
438
489
|
@server_configs[server.name][:required_products] = Hash.new
|
439
|
-
if !server.snapshot_list.select { |sn| sn[2].start_with?("dev-lxc build: products installed") }.empty?
|
440
|
-
|
490
|
+
if !force && !server.snapshot_list.select { |sn| sn[2].start_with?("dev-lxc build: products installed") }.empty?
|
491
|
+
# Skipping product cache preparation for container because it has a 'products installed' snapshot
|
441
492
|
next
|
442
493
|
end
|
443
494
|
products.each do |product_name, product_options|
|
@@ -480,7 +531,11 @@ module DevLXC
|
|
480
531
|
server.start
|
481
532
|
end
|
482
533
|
@server_configs[server.name][:required_products].each do |product_name, package_source|
|
483
|
-
server.
|
534
|
+
if @server_configs[server.name][:server_type] == "automate" && product_name == "chefdk"
|
535
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/root/build_node_chefdk_package_path", "#{package_source}\n")
|
536
|
+
else
|
537
|
+
server.install_package(package_source)
|
538
|
+
end
|
484
539
|
end
|
485
540
|
server.stop
|
486
541
|
server.snapshot("dev-lxc build: products installed")
|
@@ -493,66 +548,147 @@ module DevLXC
|
|
493
548
|
required_products = @server_configs[server.name][:required_products].keys if @server_configs[server.name][:required_products]
|
494
549
|
required_products ||= Array.new
|
495
550
|
server_type = @server_configs[server.name][:server_type]
|
551
|
+
dot_chef_path = "/root/chef-repo/.chef"
|
496
552
|
case server_type
|
497
553
|
when 'adhoc'
|
498
554
|
# Allow adhoc servers time to generate SSH Server Host Keys
|
499
555
|
sleep 5
|
500
556
|
when 'analytics'
|
501
557
|
configure_analytics(server) if required_products.include?('analytics')
|
558
|
+
when 'build-nodes'
|
559
|
+
configure_build_node(server)
|
502
560
|
when 'chef-backend'
|
503
561
|
configure_chef_backend(server) if required_products.include?('chef-backend')
|
504
562
|
if required_products.include?('chef-server')
|
505
563
|
configure_chef_frontend(server)
|
506
|
-
|
564
|
+
if server.name == @config['chef-backend'][:bootstrap_frontend]
|
565
|
+
create_users_orgs_knife_configs(server, dot_chef_path)
|
566
|
+
end
|
507
567
|
end
|
508
568
|
configure_manage(server) if required_products.include?('manage')
|
509
569
|
when 'chef-server'
|
510
570
|
if required_products.include?('chef-server') || required_products.include?('private-chef')
|
511
571
|
configure_chef_server(server)
|
512
|
-
|
572
|
+
if server.name == @config['chef-server'][:bootstrap_backend]
|
573
|
+
create_users_orgs_knife_configs(server, dot_chef_path)
|
574
|
+
|
575
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
576
|
+
if automate_server_name
|
577
|
+
automate_user = "delivery"
|
578
|
+
automate_chef_org = @server_configs[automate_server_name][:chef_org]
|
579
|
+
create_user(server, automate_user, dot_chef_path)
|
580
|
+
create_org(server, automate_chef_org, dot_chef_path)
|
581
|
+
org_add_user(server, automate_chef_org, automate_user, true, dot_chef_path)
|
582
|
+
end
|
583
|
+
end
|
513
584
|
end
|
514
585
|
configure_reporting(server) if required_products.include?('reporting')
|
515
586
|
configure_push_jobs_server(server) if required_products.include?('push-jobs-server')
|
516
587
|
configure_manage(server) if required_products.include?('manage')
|
517
588
|
when 'compliance'
|
518
589
|
configure_compliance(server) if required_products.include?('compliance')
|
590
|
+
when 'automate'
|
591
|
+
configure_automate(server) if required_products.include?('delivery')
|
519
592
|
when 'nodes'
|
520
|
-
|
593
|
+
# Allow servers time to generate SSH Server Host Keys
|
594
|
+
sleep 5
|
595
|
+
configure_chef_client(server, dot_chef_path) if required_products.include?('chef') || required_products.include?('chefdk')
|
521
596
|
when 'supermarket'
|
522
597
|
configure_supermarket(server) if required_products.include?('supermarket')
|
523
598
|
end
|
524
599
|
end
|
525
600
|
|
526
|
-
def
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
|
531
|
-
|
532
|
-
|
533
|
-
|
534
|
-
|
535
|
-
|
536
|
-
|
537
|
-
|
538
|
-
|
601
|
+
def configure_automate(server)
|
602
|
+
license_path = @server_configs[server.name][:license_path]
|
603
|
+
chef_org = @server_configs[server.name][:chef_org]
|
604
|
+
enterprise_name = @server_configs[server.name][:enterprise_name]
|
605
|
+
chef_server_url = @config['chef-server'][:fqdn]
|
606
|
+
supermarket_fqdn = @config['supermarket'][:fqdn]
|
607
|
+
|
608
|
+
FileUtils.cp(license_path, "#{server.container.config_item('lxc.rootfs')}/root/automate.license")
|
609
|
+
|
610
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
611
|
+
automate_chef_user_key = "#{chef_server.container.config_item('lxc.rootfs')}/root/chef-repo/.chef/delivery.pem"
|
612
|
+
FileUtils.cp(automate_chef_user_key, "#{server.container.config_item('lxc.rootfs')}/root/automate_chef_user_key.pem")
|
613
|
+
|
614
|
+
setup_cmd = "setup"
|
615
|
+
setup_cmd += " --license /root/automate.license"
|
616
|
+
setup_cmd += " --fqdn #{server.name}"
|
617
|
+
setup_cmd += " --key /root/automate_chef_user_key.pem"
|
618
|
+
setup_cmd += " --server-url https://#{chef_server_url}/organizations/#{chef_org}"
|
619
|
+
setup_cmd += " --supermarket-fqdn #{supermarket_fqdn}" if supermarket_fqdn
|
620
|
+
setup_cmd += " --enterprise #{enterprise_name}"
|
621
|
+
setup_cmd += " --no-build-node"
|
622
|
+
setup_cmd += " --configure"
|
623
|
+
run_ctl(server, "delivery", setup_cmd)
|
624
|
+
end
|
625
|
+
|
626
|
+
def print_automate_credentials
|
627
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
628
|
+
if automate_server_name
|
629
|
+
automate_server = get_server(automate_server_name)
|
630
|
+
automate_credentials_files = Dir.glob("#{automate_server.container.config_item('lxc.rootfs')}/etc/delivery/*-credentials")
|
631
|
+
automate_credentials_files.each_with_index do |automate_credentials_file, index|
|
632
|
+
puts IO.read(automate_credentials_file)
|
633
|
+
puts if index + 1 < automate_credentials_files.length
|
634
|
+
end
|
635
|
+
else
|
636
|
+
puts "WARNING: An Automate server is not defined."
|
637
|
+
exit 1
|
539
638
|
end
|
639
|
+
end
|
540
640
|
|
541
|
-
|
641
|
+
def configure_build_node(server)
|
642
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
643
|
+
if automate_server_name
|
644
|
+
automate_server = get_server(automate_server_name)
|
645
|
+
if File.exist?("#{automate_server.container.config_item('lxc.rootfs')}/root/build_node_chefdk_package_path")
|
646
|
+
build_node_chefdk_package_path = IO.read("#{automate_server.container.config_item('lxc.rootfs')}/root/build_node_chefdk_package_path").chomp
|
647
|
+
install_build_node_cmd = "install-build-node"
|
648
|
+
install_build_node_cmd += " --fqdn #{server.name}"
|
649
|
+
install_build_node_cmd += " --username dev-lxc"
|
650
|
+
install_build_node_cmd += " --password dev-lxc"
|
651
|
+
install_build_node_cmd += " --installer #{build_node_chefdk_package_path}"
|
652
|
+
run_ctl(automate_server, "delivery", install_build_node_cmd)
|
653
|
+
end
|
654
|
+
end
|
655
|
+
end
|
656
|
+
|
657
|
+
def configure_chef_client(server, dot_chef_path)
|
658
|
+
puts "Configuring Chef Client in container '#{server.name}'"
|
542
659
|
|
543
660
|
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/chef")
|
544
661
|
|
662
|
+
chef_server_url = @server_configs[server.name][:chef_server_url]
|
663
|
+
validation_client_name = @server_configs[server.name][:validation_client_name]
|
664
|
+
validation_key = @server_configs[server.name][:validation_key]
|
665
|
+
if validation_key.nil?
|
666
|
+
chef_server_name = @config['chef-server'][:bootstrap_backend]
|
667
|
+
chef_server_name ||= @config['chef-backend'][:bootstrap_frontend]
|
668
|
+
if chef_server_name
|
669
|
+
chef_server = get_server(chef_server_name)
|
670
|
+
if chef_server.container.defined?
|
671
|
+
validator_pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}#{dot_chef_path}/*-validator.pem")
|
672
|
+
FileUtils.cp(validator_pem_files, "#{server.container.config_item('lxc.rootfs')}/etc/chef/") unless validator_pem_files.empty?
|
673
|
+
end
|
674
|
+
end
|
675
|
+
end
|
676
|
+
|
545
677
|
client_rb = %Q(chef_server_url '#{chef_server_url}'
|
546
678
|
validation_client_name '#{validation_client_name}'
|
679
|
+
validation_key '/etc/chef/#{validation_client_name}.pem'
|
547
680
|
ssl_verify_mode :verify_none
|
548
681
|
)
|
549
|
-
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/chef/client.rb", client_rb)
|
550
682
|
|
551
|
-
|
552
|
-
|
553
|
-
|
554
|
-
|
683
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
684
|
+
if automate_server_name
|
685
|
+
client_rb += %Q(
|
686
|
+
data_collector.server_url "https://#{automate_server_name}/data-collector/v0/"
|
687
|
+
data_collector.token "93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"
|
688
|
+
)
|
555
689
|
end
|
690
|
+
|
691
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/chef/client.rb", client_rb)
|
556
692
|
end
|
557
693
|
|
558
694
|
def configure_chef_backend(server)
|
@@ -683,23 +819,46 @@ ssl_verify_mode :verify_none
|
|
683
819
|
server.run_command("#{component}-ctl #{subcommand}")
|
684
820
|
end
|
685
821
|
|
686
|
-
def
|
687
|
-
|
688
|
-
|
689
|
-
|
690
|
-
|
691
|
-
|
692
|
-
|
693
|
-
|
694
|
-
|
695
|
-
|
696
|
-
FileUtils.
|
822
|
+
def create_users_orgs_knife_configs(server, dot_chef_path)
|
823
|
+
server_type = @server_configs[server.name][:server_type]
|
824
|
+
# give time for all services to come up completely
|
825
|
+
sleep 10
|
826
|
+
if @server_configs[server.name][:chef_server_type] == 'private-chef'
|
827
|
+
# give more time for all services to come up completely
|
828
|
+
sleep 50
|
829
|
+
server.run_command("/opt/opscode/embedded/bin/gem install knife-opc --no-ri --no-rdoc -v 0.3.1")
|
830
|
+
end
|
831
|
+
chef_server_dot_chef_path = "#{server.container.config_item('lxc.rootfs')}#{dot_chef_path}"
|
832
|
+
FileUtils.mkdir_p(chef_server_dot_chef_path)
|
833
|
+
FileUtils.cp( "#{server.container.config_item('lxc.rootfs')}/etc/opscode/pivotal.pem", chef_server_dot_chef_path )
|
834
|
+
create_pivotal_knife_config('127.0.0.1', chef_server_dot_chef_path)
|
835
|
+
create_knife_config('127.0.0.1', chef_server_dot_chef_path)
|
836
|
+
@config[server_type][:users].each do |username|
|
837
|
+
create_user(server, username, dot_chef_path)
|
838
|
+
end
|
839
|
+
@config[server_type][:orgs].each do |orgname, org_users|
|
840
|
+
create_org(server, orgname, dot_chef_path)
|
841
|
+
if org_users
|
842
|
+
if org_users['admins']
|
843
|
+
org_users['admins'].each do |username|
|
844
|
+
org_add_user(server, orgname, username, true, dot_chef_path)
|
845
|
+
end
|
846
|
+
end
|
847
|
+
if org_users['non-admins']
|
848
|
+
org_users['non-admins'].each do |username|
|
849
|
+
org_add_user(server, orgname, username, false, dot_chef_path)
|
850
|
+
end
|
851
|
+
end
|
852
|
+
end
|
853
|
+
end
|
854
|
+
end
|
697
855
|
|
856
|
+
def create_pivotal_knife_config(fqdn, dot_chef_path)
|
698
857
|
pivotal_rb = %Q(
|
699
858
|
current_dir = File.dirname(__FILE__)
|
700
859
|
|
701
|
-
chef_server_root "
|
702
|
-
chef_server_url "
|
860
|
+
chef_server_root "https://#{fqdn}"
|
861
|
+
chef_server_url "https://#{fqdn}"
|
703
862
|
|
704
863
|
node_name "pivotal"
|
705
864
|
client_key "\#{current_dir}/pivotal.pem"
|
@@ -709,107 +868,106 @@ knife[:chef_repo_path] = Dir.pwd
|
|
709
868
|
|
710
869
|
ssl_verify_mode :verify_none
|
711
870
|
)
|
712
|
-
IO.write("#{
|
871
|
+
IO.write("#{dot_chef_path}/pivotal.rb", pivotal_rb)
|
872
|
+
end
|
713
873
|
|
874
|
+
def create_knife_config(fqdn, dot_chef_path)
|
714
875
|
knife_rb = %Q(
|
715
|
-
|
876
|
+
username = "CHANGEME"
|
877
|
+
orgname = "CHANGEME"
|
716
878
|
|
717
|
-
|
879
|
+
if [username, orgname].include?("CHANGEME")
|
880
|
+
puts "ERROR: Please set 'username' and 'orgname' to proper values in knife.rb"
|
881
|
+
exit!
|
882
|
+
end
|
718
883
|
|
719
|
-
|
720
|
-
client_key "\#{current_dir}/#{admin_username}.pem"
|
721
|
-
)
|
884
|
+
current_dir = File.dirname(__FILE__)
|
722
885
|
|
723
|
-
|
724
|
-
#node_name "#{username}"
|
725
|
-
#client_key "\#{current_dir}/#{username}.pem"
|
726
|
-
) unless username.nil?
|
886
|
+
chef_server_url "https://#{fqdn}/organizations/\#{orgname}"
|
727
887
|
|
728
|
-
|
729
|
-
|
730
|
-
|
888
|
+
node_name username
|
889
|
+
client_key "\#{current_dir}/\#{username}.pem"
|
890
|
+
|
891
|
+
validation_client_name "\#{orgname}-validator"
|
892
|
+
validation_key "\#{current_dir}/\#{orgname}-validator.pem"
|
731
893
|
|
732
894
|
cookbook_path Dir.pwd + "/cookbooks"
|
733
895
|
knife[:chef_repo_path] = Dir.pwd
|
734
896
|
|
735
897
|
ssl_verify_mode :verify_none
|
736
898
|
)
|
737
|
-
IO.write("#{
|
899
|
+
IO.write("#{dot_chef_path}/knife.rb", knife_rb)
|
900
|
+
end
|
738
901
|
|
902
|
+
def create_user(server, username, dot_chef_path)
|
903
|
+
create_user_string = "#{username} #{username} #{username} #{username}@noreply.com #{username} --filename #{dot_chef_path}/#{username}.pem"
|
739
904
|
case @server_configs[server.name][:chef_server_type]
|
740
905
|
when 'private-chef'
|
741
|
-
|
742
|
-
|
743
|
-
server
|
744
|
-
|
745
|
-
|
746
|
-
|
747
|
-
|
748
|
-
|
906
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc user create #{create_user_string} -c #{dot_chef_path}/pivotal.rb")
|
907
|
+
when 'chef-server'
|
908
|
+
run_ctl(server, "chef-server", "user-create #{create_user_string}")
|
909
|
+
end
|
910
|
+
end
|
911
|
+
|
912
|
+
def create_org(server, orgname, dot_chef_path)
|
913
|
+
create_org_string = "#{orgname} #{orgname} --filename #{dot_chef_path}/#{orgname}-validator.pem"
|
914
|
+
case @server_configs[server.name][:chef_server_type]
|
915
|
+
when 'private-chef'
|
916
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc org create #{create_org_string} -c #{dot_chef_path}/pivotal.rb")
|
917
|
+
when 'chef-server'
|
918
|
+
run_ctl(server, "chef-server", "org-create #{create_org_string}")
|
919
|
+
end
|
920
|
+
end
|
921
|
+
|
922
|
+
def org_add_user(server, orgname, username, admin, dot_chef_path)
|
923
|
+
org_add_user_string = "#{orgname} #{username}"
|
924
|
+
org_add_user_string += " --admin" if admin
|
925
|
+
case @server_configs[server.name][:chef_server_type]
|
926
|
+
when 'private-chef'
|
927
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc org user add #{org_add_user_string} -c #{dot_chef_path}/pivotal.rb")
|
749
928
|
when 'chef-server'
|
750
|
-
|
751
|
-
sleep 10
|
752
|
-
run_ctl(server, "chef-server", "org-create demo demo --filename /root/chef-repo/.chef/demo-validator.pem")
|
753
|
-
run_ctl(server, "chef-server", "user-create mary-admin mary admin mary-admin@noreply.com mary-admin --filename /root/chef-repo/.chef/mary-admin.pem")
|
754
|
-
run_ctl(server, "chef-server", "org-user-add demo mary-admin --admin")
|
755
|
-
run_ctl(server, "chef-server", "user-create joe-user joe user joe-user@noreply.com joe-user --filename /root/chef-repo/.chef/joe-user.pem")
|
756
|
-
run_ctl(server, "chef-server", "org-user-add demo joe-user")
|
929
|
+
run_ctl(server, "chef-server", "org-user-add #{org_add_user_string}")
|
757
930
|
end
|
758
931
|
end
|
759
932
|
|
760
933
|
def chef_repo(force=false, pivotal=false)
|
761
|
-
|
762
|
-
|
934
|
+
chef_server_dot_chef_path = "/root/chef-repo/.chef"
|
935
|
+
dot_chef_path = "./chef-repo/.chef"
|
936
|
+
|
937
|
+
if @config['chef-server'][:bootstrap_backend]
|
938
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
939
|
+
chef_server_fqdn = @config['chef-server'][:fqdn]
|
940
|
+
elsif @config['chef-backend'][:bootstrap_frontend]
|
941
|
+
chef_server = get_server(@config['chef-backend'][:bootstrap_frontend])
|
942
|
+
chef_server_fqdn = @config['chef-backend'][:fqdn]
|
943
|
+
else
|
944
|
+
puts "ERROR: A Chef Server is not defined in the cluster's config. Please define it first."
|
763
945
|
exit 1
|
764
946
|
end
|
765
|
-
chef_server
|
766
|
-
if ! chef_server.container.defined?
|
947
|
+
unless chef_server.container.defined?
|
767
948
|
puts "ERROR: The '#{chef_server.name}' Chef Server does not exist."
|
768
949
|
exit 1
|
769
950
|
end
|
770
951
|
|
771
952
|
puts "Creating chef-repo with pem files and knife.rb in the current directory"
|
772
|
-
FileUtils.mkdir_p(
|
953
|
+
FileUtils.mkdir_p(dot_chef_path)
|
773
954
|
|
774
|
-
pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}
|
775
|
-
|
776
|
-
|
777
|
-
else
|
778
|
-
pem_files.delete_if { |pem_file| pem_file.end_with?("/pivotal.pem") } unless pivotal
|
779
|
-
FileUtils.cp( pem_files, "./chef-repo/.chef" )
|
780
|
-
end
|
781
|
-
|
782
|
-
chef_server_root = "https://#{@config['chef-server'][:fqdn]}"
|
783
|
-
chef_server_url = "https://#{@config['chef-server'][:fqdn]}/organizations/demo"
|
784
|
-
validator_name = "demo-validator"
|
955
|
+
pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}#{chef_server_dot_chef_path}/*.pem")
|
956
|
+
pem_files.delete_if { |pem_file| pem_file.end_with?("/pivotal.pem") } unless pivotal
|
957
|
+
FileUtils.cp(pem_files, dot_chef_path) unless pem_files.empty?
|
785
958
|
|
786
959
|
if pivotal
|
787
|
-
if File.exists?("
|
788
|
-
puts "Skipping pivotal.rb because it already exists in
|
960
|
+
if File.exists?("#{dot_chef_path}/pivotal.rb") && ! force
|
961
|
+
puts "Skipping pivotal.rb because it already exists in `#{dot_chef_path}`"
|
789
962
|
else
|
790
|
-
|
791
|
-
if File.exists?(pivotal_rb_path)
|
792
|
-
pivotal_rb = IO.read(pivotal_rb_path)
|
793
|
-
pivotal_rb.sub!(/^chef_server_root .*/, "chef_server_root \"#{chef_server_root}\"")
|
794
|
-
pivotal_rb.sub!(/^chef_server_url .*/, "chef_server_url \"#{chef_server_root}\"")
|
795
|
-
IO.write("./chef-repo/.chef/pivotal.rb", pivotal_rb)
|
796
|
-
else
|
797
|
-
puts "The pivotal.rb file can not be copied because it does not exist in '#{chef_server.name}' Chef Server's `/root/chef-repo/.chef` directory"
|
798
|
-
end
|
963
|
+
create_pivotal_knife_config(chef_server_fqdn, dot_chef_path)
|
799
964
|
end
|
800
965
|
end
|
801
966
|
|
802
967
|
if File.exists?("./chef-repo/.chef/knife.rb") && ! force
|
803
|
-
puts "Skipping knife.rb because it already exists in
|
968
|
+
puts "Skipping knife.rb because it already exists in `#{dot_chef_path}`"
|
804
969
|
else
|
805
|
-
|
806
|
-
if File.exists?(knife_rb_path)
|
807
|
-
knife_rb = IO.read(knife_rb_path)
|
808
|
-
knife_rb.sub!(/^chef_server_url .*/, "chef_server_url \"#{chef_server_url}\"")
|
809
|
-
IO.write("./chef-repo/.chef/knife.rb", knife_rb)
|
810
|
-
else
|
811
|
-
puts "The knife.rb file can not be copied because it does not exist in '#{chef_server.name}' Chef Server's `/root/chef-repo/.chef` directory"
|
812
|
-
end
|
970
|
+
create_knife_config(chef_server_fqdn, dot_chef_path)
|
813
971
|
end
|
814
972
|
end
|
815
973
|
|
@@ -851,6 +1009,13 @@ oc_id['applications'] ||= {}
|
|
851
1009
|
oc_id['applications']['supermarket'] = {
|
852
1010
|
'redirect_uri' => 'https://#{@config['supermarket'][:fqdn]}/auth/chef_oauth2/callback'
|
853
1011
|
}
|
1012
|
+
)
|
1013
|
+
end
|
1014
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
1015
|
+
if automate_server_name
|
1016
|
+
chef_server_config += %Q(
|
1017
|
+
data_collector['root_url'] = "https://#{automate_server_name}/data-collector/v0/"
|
1018
|
+
data_collector['token'] = "93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"
|
854
1019
|
)
|
855
1020
|
end
|
856
1021
|
return chef_server_config
|