dev-lxc 2.0.3 → 2.1.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +12 -0
- data/README.md +99 -363
- data/docs/adhoc_clusters.md +22 -0
- data/docs/base_containers.md +44 -0
- data/docs/configuration.md +182 -0
- data/docs/dev-lxc_version_2.md +10 -0
- data/docs/manage_multiple_clusters.md +30 -0
- data/docs/prerequisites.md +75 -0
- data/docs/usage.md +187 -0
- data/lib/dev-lxc/cli.rb +74 -0
- data/lib/dev-lxc/cluster.rb +371 -206
- data/lib/dev-lxc/version.rb +1 -1
- metadata +10 -3
data/lib/dev-lxc/cluster.rb
CHANGED
@@ -8,38 +8,46 @@ module DevLXC
|
|
8
8
|
|
9
9
|
def initialize(cluster_config)
|
10
10
|
FileUtils.mkdir_p('/var/dev-lxc') unless Dir.exist?('/var/dev-lxc')
|
11
|
-
validate_cluster_config(cluster_config)
|
12
11
|
|
13
12
|
@config = Hash.new { |hash, key| hash[key] = {} }
|
14
13
|
@server_configs = Hash.new
|
15
14
|
|
16
|
-
%w(adhoc analytics chef-backend chef-server compliance nodes supermarket).each do |server_type|
|
15
|
+
%w(adhoc analytics automate build-nodes chef-backend chef-server compliance nodes supermarket).each do |server_type|
|
17
16
|
if cluster_config[server_type]
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
|
22
|
-
|
23
|
-
|
24
|
-
|
25
|
-
|
17
|
+
mounts = ["/var/dev-lxc var/dev-lxc"]
|
18
|
+
if cluster_config[server_type]["mounts"]
|
19
|
+
mounts.concat(cluster_config[server_type]["mounts"])
|
20
|
+
elsif cluster_config["mounts"]
|
21
|
+
mounts.concat(cluster_config["mounts"])
|
22
|
+
end
|
23
|
+
ssh_keys = cluster_config[server_type]["ssh-keys"]
|
24
|
+
ssh_keys ||= cluster_config["ssh-keys"]
|
25
|
+
base_container_name = cluster_config[server_type]["base_container"]
|
26
|
+
base_container_name ||= cluster_config["base_container"]
|
27
|
+
|
28
|
+
if cluster_config[server_type]["servers"]
|
29
|
+
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
30
|
+
server_config ||= Hash.new
|
31
|
+
products = server_config['products']
|
32
|
+
products ||= Hash.new
|
33
|
+
mounts = ["/var/dev-lxc var/dev-lxc"] + server_config["mounts"] if server_config["mounts"]
|
34
|
+
ssh_keys = server_config["ssh-keys"] if server_config["ssh-keys"]
|
35
|
+
base_container_name = server_config["base_container"] if server_config["base_container"]
|
36
|
+
@server_configs[server_name] = {
|
37
|
+
server_type: server_type,
|
38
|
+
products: products,
|
39
|
+
ipaddress: server_config['ipaddress'],
|
40
|
+
additional_fqdn: nil,
|
41
|
+
mounts: mounts,
|
42
|
+
ssh_keys: ssh_keys,
|
43
|
+
base_container_name: base_container_name
|
44
|
+
}
|
45
|
+
# gather configuration from only the first "automate", "compliance" or "supermarket" server
|
46
|
+
break if %w(automate compliance supermarket).include?(server_type)
|
47
|
+
end
|
48
|
+
end
|
26
49
|
|
27
50
|
case server_type
|
28
|
-
when "adhoc"
|
29
|
-
if cluster_config[server_type]["servers"]
|
30
|
-
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
31
|
-
products = server_config['products']
|
32
|
-
products ||= Hash.new
|
33
|
-
@server_configs[server_name] = {
|
34
|
-
server_type: server_type,
|
35
|
-
products: products,
|
36
|
-
ipaddress: server_config['ipaddress'],
|
37
|
-
additional_fqdn: nil,
|
38
|
-
mounts: @config[server_type][:mounts],
|
39
|
-
ssh_keys: @config[server_type][:ssh_keys]
|
40
|
-
}
|
41
|
-
end
|
42
|
-
end
|
43
51
|
when "analytics"
|
44
52
|
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
45
53
|
@config[server_type][:topology] ||= 'standalone'
|
@@ -48,10 +56,8 @@ module DevLXC
|
|
48
56
|
|
49
57
|
if cluster_config[server_type]["servers"]
|
50
58
|
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
59
|
+
server_config ||= Hash.new
|
51
60
|
additional_fqdn = nil
|
52
|
-
products = server_config['products']
|
53
|
-
products ||= Hash.new
|
54
|
-
@server_configs[server_name] = server_config
|
55
61
|
case @config[server_type][:topology]
|
56
62
|
when 'standalone'
|
57
63
|
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
@@ -63,18 +69,17 @@ module DevLXC
|
|
63
69
|
@config[server_type][:frontends] << server_name
|
64
70
|
end
|
65
71
|
end
|
66
|
-
@server_configs[server_name]
|
67
|
-
|
68
|
-
|
69
|
-
ipaddress: server_config['ipaddress'],
|
70
|
-
additional_fqdn: additional_fqdn,
|
71
|
-
mounts: @config[server_type][:mounts],
|
72
|
-
ssh_keys: @config[server_type][:ssh_keys]
|
73
|
-
}
|
72
|
+
@server_configs[server_name].merge!({
|
73
|
+
additional_fqdn: additional_fqdn
|
74
|
+
})
|
74
75
|
end
|
75
76
|
end
|
76
77
|
when "chef-backend"
|
77
78
|
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
79
|
+
@config[server_type][:users] = cluster_config[server_type]["users"]
|
80
|
+
@config[server_type][:users] ||= Array.new
|
81
|
+
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
82
|
+
@config[server_type][:orgs] ||= Hash.new
|
78
83
|
@config[server_type][:backends] = Array.new
|
79
84
|
@config[server_type][:frontends] = Array.new
|
80
85
|
|
@@ -85,9 +90,8 @@ module DevLXC
|
|
85
90
|
@config[server_type][:backends] << @config[server_type][:leader_backend]
|
86
91
|
@config[server_type][:frontends] << @config[server_type][:bootstrap_frontend]
|
87
92
|
servers.each do |server_name, server_config|
|
93
|
+
server_config ||= Hash.new
|
88
94
|
additional_fqdn = nil
|
89
|
-
products = server_config['products']
|
90
|
-
products ||= Hash.new
|
91
95
|
case server_config["role"]
|
92
96
|
when "backend"
|
93
97
|
@config[server_type][:backends] << server_name unless server_name == @config[server_type][:leader_backend]
|
@@ -95,30 +99,28 @@ module DevLXC
|
|
95
99
|
additional_fqdn = @config[server_type][:fqdn]
|
96
100
|
@config[server_type][:frontends] << server_name unless server_name == @config[server_type][:bootstrap_frontend]
|
97
101
|
end
|
98
|
-
@server_configs[server_name]
|
99
|
-
server_type: server_type,
|
100
|
-
products: products,
|
101
|
-
ipaddress: server_config['ipaddress'],
|
102
|
+
@server_configs[server_name].merge!({
|
102
103
|
additional_fqdn: additional_fqdn,
|
103
|
-
mounts: @config[server_type][:mounts],
|
104
|
-
ssh_keys: @config[server_type][:ssh_keys],
|
105
104
|
chef_server_type: 'chef-server'
|
106
|
-
}
|
105
|
+
})
|
107
106
|
end
|
108
107
|
end
|
109
108
|
when "chef-server"
|
110
109
|
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
111
110
|
@config[server_type][:topology] ||= 'standalone'
|
112
111
|
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
112
|
+
@config[server_type][:users] = cluster_config[server_type]["users"]
|
113
|
+
@config[server_type][:users] ||= Array.new
|
114
|
+
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
115
|
+
@config[server_type][:orgs] ||= Hash.new
|
113
116
|
@config[server_type][:frontends] = Array.new
|
114
117
|
|
115
118
|
if cluster_config[server_type]["servers"]
|
116
119
|
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
120
|
+
server_config ||= Hash.new
|
117
121
|
additional_fqdn = nil
|
118
|
-
|
119
|
-
|
120
|
-
chef_server_type = 'private-chef' if products.has_key?('private-chef')
|
121
|
-
chef_server_type = 'chef-server' if products.has_key?('chef-server')
|
122
|
+
chef_server_type = 'private-chef' if @server_configs[server_name][:products].has_key?('private-chef')
|
123
|
+
chef_server_type = 'chef-server' if @server_configs[server_name][:products].has_key?('chef-server')
|
122
124
|
case @config[server_type][:topology]
|
123
125
|
when 'standalone'
|
124
126
|
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
@@ -130,75 +132,77 @@ module DevLXC
|
|
130
132
|
@config[server_type][:frontends] << server_name
|
131
133
|
end
|
132
134
|
end
|
133
|
-
@server_configs[server_name]
|
134
|
-
server_type: server_type,
|
135
|
-
products: products,
|
136
|
-
ipaddress: server_config['ipaddress'],
|
135
|
+
@server_configs[server_name].merge!({
|
137
136
|
additional_fqdn: additional_fqdn,
|
138
|
-
mounts: @config[server_type][:mounts],
|
139
|
-
ssh_keys: @config[server_type][:ssh_keys],
|
140
137
|
chef_server_type: chef_server_type
|
141
|
-
}
|
138
|
+
})
|
142
139
|
end
|
143
140
|
end
|
144
|
-
when "
|
141
|
+
when "supermarket"
|
145
142
|
unless cluster_config[server_type]["servers"].first.nil?
|
146
143
|
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
147
144
|
@config[server_type][:fqdn] = server_name
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
}
|
145
|
+
end
|
146
|
+
when "automate"
|
147
|
+
unless cluster_config[server_type]["servers"].first.nil?
|
148
|
+
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
149
|
+
server_config ||= Hash.new
|
150
|
+
@server_configs[server_name].merge!({
|
151
|
+
license_path: server_config['license_path'],
|
152
|
+
chef_org: server_config['chef_org'],
|
153
|
+
enterprise_name: server_config['enterprise_name']
|
154
|
+
})
|
158
155
|
end
|
159
156
|
when "nodes"
|
157
|
+
chef_server_url = cluster_config[server_type]['chef_server_url']
|
158
|
+
validation_client_name = cluster_config[server_type]['validation_client_name']
|
159
|
+
validation_key = cluster_config[server_type]['validation_key']
|
160
160
|
if cluster_config[server_type]["servers"]
|
161
161
|
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
|
171
|
-
chef_server_url: server_config['chef_server_url'],
|
172
|
-
validation_client_name: server_config['validation_client_name'],
|
173
|
-
validation_key: server_config['validation_key']
|
174
|
-
}
|
162
|
+
server_config ||= Hash.new
|
163
|
+
chef_server_url = server_config['chef_server_url'] if server_config['chef_server_url']
|
164
|
+
validation_client_name = server_config['validation_client_name'] if server_config['validation_client_name']
|
165
|
+
validation_key = server_config['validation_key'] if server_config['validation_key']
|
166
|
+
@server_configs[server_name].merge!({
|
167
|
+
chef_server_url: chef_server_url,
|
168
|
+
validation_client_name: validation_client_name,
|
169
|
+
validation_key: validation_key
|
170
|
+
})
|
175
171
|
end
|
176
172
|
end
|
177
173
|
end
|
178
174
|
end
|
179
175
|
end
|
176
|
+
validate_cluster_config
|
180
177
|
end
|
181
178
|
|
182
|
-
def validate_cluster_config
|
183
|
-
hostnames = Array.new
|
184
|
-
mounts = Array.new
|
179
|
+
def validate_cluster_config
|
185
180
|
base_container_names = Array.new
|
181
|
+
mounts = Array.new
|
186
182
|
ssh_keys = Array.new
|
183
|
+
hostnames = Array.new
|
187
184
|
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
185
|
+
@config.map { |server_type, config| hostnames.push(config[:fqdn]) }
|
186
|
+
|
187
|
+
@server_configs.each do |server_name, server_config|
|
188
|
+
base_container_names.push(server_config[:base_container_name]).uniq! if server_config[:base_container_name]
|
189
|
+
mounts.concat(server_config[:mounts]).uniq! if server_config[:mounts]
|
190
|
+
ssh_keys.concat(server_config[:ssh_keys]).uniq! if server_config[:ssh_keys]
|
191
|
+
hostnames.push(server_name)
|
192
|
+
case server_config[:server_type]
|
193
|
+
when "automate"
|
194
|
+
if server_config[:license_path] && !File.exists?(server_config[:license_path])
|
195
|
+
puts "ERROR: Automate license #{server_config[:license_path]} does not exist."
|
196
|
+
exit 1
|
197
|
+
end
|
198
|
+
when "nodes"
|
199
|
+
if server_config[:validation_key] && !File.exists?(server_config[:validation_key])
|
200
|
+
puts "ERROR: Validation key #{server_config[:validation_key]} does not exist."
|
201
|
+
exit 1
|
202
|
+
end
|
200
203
|
end
|
201
204
|
end
|
205
|
+
|
202
206
|
unless base_container_names.empty?
|
203
207
|
base_container_names.each do |base_container_name|
|
204
208
|
unless ::DevLXC::Container.new(base_container_name).defined?
|
@@ -233,6 +237,15 @@ module DevLXC
|
|
233
237
|
end
|
234
238
|
end
|
235
239
|
|
240
|
+
def show_config
|
241
|
+
require 'pp'
|
242
|
+
puts "Cluster config:"
|
243
|
+
pp @config
|
244
|
+
puts
|
245
|
+
puts "Server configs:"
|
246
|
+
pp @server_configs
|
247
|
+
end
|
248
|
+
|
236
249
|
def get_server(server_name)
|
237
250
|
ipaddress = @server_configs[server_name][:ipaddress]
|
238
251
|
additional_fqdn = @server_configs[server_name][:additional_fqdn]
|
@@ -246,7 +259,7 @@ module DevLXC
|
|
246
259
|
|
247
260
|
# the order of this list of server_types matters
|
248
261
|
# it determines the order in which actions are applied to each server_type
|
249
|
-
%w(chef-backend chef-server analytics compliance supermarket nodes adhoc).each do |server_type|
|
262
|
+
%w(chef-backend chef-server analytics compliance supermarket automate build-nodes nodes adhoc).each do |server_type|
|
250
263
|
unless @config[server_type].empty?
|
251
264
|
case server_type
|
252
265
|
when "chef-backend"
|
@@ -264,11 +277,12 @@ module DevLXC
|
|
264
277
|
@config[server_type][:frontends].each do |frontend_name|
|
265
278
|
servers << get_server(frontend_name)
|
266
279
|
end
|
267
|
-
when "adhoc", "compliance", "nodes", "supermarket"
|
268
|
-
server_configs = @server_configs.select { |server_name, server_config| server_config[:server_type] == server_type }
|
269
|
-
server_configs.each_key { |server_name| servers << get_server(server_name) }
|
270
280
|
end
|
271
281
|
end
|
282
|
+
if %w(adhoc automate build-nodes compliance nodes supermarket).include?(server_type)
|
283
|
+
server_configs = @server_configs.select { |server_name, server_config| server_config[:server_type] == server_type }
|
284
|
+
server_configs.each_key { |server_name| servers << get_server(server_name) }
|
285
|
+
end
|
272
286
|
end
|
273
287
|
servers.select { |s| s.name =~ /#{server_name_regex}/ }
|
274
288
|
end
|
@@ -325,7 +339,7 @@ module DevLXC
|
|
325
339
|
end
|
326
340
|
end
|
327
341
|
if @server_configs[server.name][:server_type] == 'nodes'
|
328
|
-
if @server_configs[server.name][:chef_server_url]
|
342
|
+
if @server_configs[server.name][:chef_server_url] && @server_configs[server.name][:validation_client_name] && @server_configs[server.name][:validation_key].nil?
|
329
343
|
if @config['chef-server'][:bootstrap_backend] && !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
330
344
|
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
331
345
|
abort_up = true
|
@@ -335,6 +349,43 @@ module DevLXC
|
|
335
349
|
end
|
336
350
|
end
|
337
351
|
end
|
352
|
+
if @server_configs[server.name][:server_type] == 'automate'
|
353
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
354
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
355
|
+
abort_up = true
|
356
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
357
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
358
|
+
abort_up = true
|
359
|
+
end
|
360
|
+
end
|
361
|
+
if @server_configs[server.name][:server_type] == 'build-nodes'
|
362
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
363
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
364
|
+
abort_up = true
|
365
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.running? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
366
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be running first."
|
367
|
+
abort_up = true
|
368
|
+
end
|
369
|
+
if @config['chef-server'][:topology] == 'tier'
|
370
|
+
if @config[server_type][:frontends].empty?
|
371
|
+
puts "ERROR: '#{server.name}' requires at least one Chef Server frontend to be configured first."
|
372
|
+
abort_up = true
|
373
|
+
elsif (@config['chef-server'][:frontends].select { |s| get_server(s).container.running? }.length + servers.select { |s| @config['chef-server'][:frontends].include?(s.name) }.length) < 1
|
374
|
+
puts "ERROR: '#{server.name}' requires at least one Chef Server frontend to be running first."
|
375
|
+
abort_up = true
|
376
|
+
end
|
377
|
+
end
|
378
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
379
|
+
if automate_server_name
|
380
|
+
if !get_server(automate_server_name).container.running? && servers.select { |s| s.name == automate_server_name }.empty?
|
381
|
+
puts "ERROR: '#{server.name}' requires '#{automate_server_name}' to be running first."
|
382
|
+
abort_up = true
|
383
|
+
end
|
384
|
+
else
|
385
|
+
puts "ERROR: '#{server.name}' requires an Automate Server to be configured first."
|
386
|
+
abort_up = true
|
387
|
+
end
|
388
|
+
end
|
338
389
|
end
|
339
390
|
exit 1 if abort_up
|
340
391
|
prep_product_cache(servers)
|
@@ -386,7 +437,7 @@ module DevLXC
|
|
386
437
|
|
387
438
|
def clone_from_base_container(server)
|
388
439
|
server_type = @server_configs[server.name][:server_type]
|
389
|
-
base_container = DevLXC::Container.new(@
|
440
|
+
base_container = DevLXC::Container.new(@server_configs[server.name][:base_container_name])
|
390
441
|
puts "Cloning base container '#{base_container.name}' into container '#{server.name}'"
|
391
442
|
base_container.clone(server.name, {:flags => LXC::LXC_CLONE_SNAPSHOT})
|
392
443
|
server.container.load_config
|
@@ -399,7 +450,7 @@ module DevLXC
|
|
399
450
|
|
400
451
|
def get_product_url(server, product_name, product_options)
|
401
452
|
server_type = @server_configs[server.name][:server_type]
|
402
|
-
base_container = DevLXC::Container.new(@
|
453
|
+
base_container = DevLXC::Container.new(@server_configs[server.name][:base_container_name])
|
403
454
|
mixlib_install_platform_detection_path = "#{base_container.config_item('lxc.rootfs')}/mixlib-install-platform-detection"
|
404
455
|
IO.write(mixlib_install_platform_detection_path, Mixlib::Install::Generator::Bourne.detect_platform_sh)
|
405
456
|
platform_results = `chroot #{base_container.config_item('lxc.rootfs')} bash mixlib-install-platform-detection`
|
@@ -431,13 +482,13 @@ module DevLXC
|
|
431
482
|
artifact.url
|
432
483
|
end
|
433
484
|
|
434
|
-
def prep_product_cache(servers)
|
485
|
+
def prep_product_cache(servers, force=false)
|
435
486
|
all_required_products = Hash.new
|
436
487
|
servers.each do |server|
|
437
488
|
products = @server_configs[server.name][:products]
|
438
489
|
@server_configs[server.name][:required_products] = Hash.new
|
439
|
-
if !server.snapshot_list.select { |sn| sn[2].start_with?("dev-lxc build: products installed") }.empty?
|
440
|
-
|
490
|
+
if !force && !server.snapshot_list.select { |sn| sn[2].start_with?("dev-lxc build: products installed") }.empty?
|
491
|
+
# Skipping product cache preparation for container because it has a 'products installed' snapshot
|
441
492
|
next
|
442
493
|
end
|
443
494
|
products.each do |product_name, product_options|
|
@@ -480,7 +531,11 @@ module DevLXC
|
|
480
531
|
server.start
|
481
532
|
end
|
482
533
|
@server_configs[server.name][:required_products].each do |product_name, package_source|
|
483
|
-
server.
|
534
|
+
if @server_configs[server.name][:server_type] == "automate" && product_name == "chefdk"
|
535
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/root/build_node_chefdk_package_path", "#{package_source}\n")
|
536
|
+
else
|
537
|
+
server.install_package(package_source)
|
538
|
+
end
|
484
539
|
end
|
485
540
|
server.stop
|
486
541
|
server.snapshot("dev-lxc build: products installed")
|
@@ -493,66 +548,147 @@ module DevLXC
|
|
493
548
|
required_products = @server_configs[server.name][:required_products].keys if @server_configs[server.name][:required_products]
|
494
549
|
required_products ||= Array.new
|
495
550
|
server_type = @server_configs[server.name][:server_type]
|
551
|
+
dot_chef_path = "/root/chef-repo/.chef"
|
496
552
|
case server_type
|
497
553
|
when 'adhoc'
|
498
554
|
# Allow adhoc servers time to generate SSH Server Host Keys
|
499
555
|
sleep 5
|
500
556
|
when 'analytics'
|
501
557
|
configure_analytics(server) if required_products.include?('analytics')
|
558
|
+
when 'build-nodes'
|
559
|
+
configure_build_node(server)
|
502
560
|
when 'chef-backend'
|
503
561
|
configure_chef_backend(server) if required_products.include?('chef-backend')
|
504
562
|
if required_products.include?('chef-server')
|
505
563
|
configure_chef_frontend(server)
|
506
|
-
|
564
|
+
if server.name == @config['chef-backend'][:bootstrap_frontend]
|
565
|
+
create_users_orgs_knife_configs(server, dot_chef_path)
|
566
|
+
end
|
507
567
|
end
|
508
568
|
configure_manage(server) if required_products.include?('manage')
|
509
569
|
when 'chef-server'
|
510
570
|
if required_products.include?('chef-server') || required_products.include?('private-chef')
|
511
571
|
configure_chef_server(server)
|
512
|
-
|
572
|
+
if server.name == @config['chef-server'][:bootstrap_backend]
|
573
|
+
create_users_orgs_knife_configs(server, dot_chef_path)
|
574
|
+
|
575
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
576
|
+
if automate_server_name
|
577
|
+
automate_user = "delivery"
|
578
|
+
automate_chef_org = @server_configs[automate_server_name][:chef_org]
|
579
|
+
create_user(server, automate_user, dot_chef_path)
|
580
|
+
create_org(server, automate_chef_org, dot_chef_path)
|
581
|
+
org_add_user(server, automate_chef_org, automate_user, true, dot_chef_path)
|
582
|
+
end
|
583
|
+
end
|
513
584
|
end
|
514
585
|
configure_reporting(server) if required_products.include?('reporting')
|
515
586
|
configure_push_jobs_server(server) if required_products.include?('push-jobs-server')
|
516
587
|
configure_manage(server) if required_products.include?('manage')
|
517
588
|
when 'compliance'
|
518
589
|
configure_compliance(server) if required_products.include?('compliance')
|
590
|
+
when 'automate'
|
591
|
+
configure_automate(server) if required_products.include?('delivery')
|
519
592
|
when 'nodes'
|
520
|
-
|
593
|
+
# Allow servers time to generate SSH Server Host Keys
|
594
|
+
sleep 5
|
595
|
+
configure_chef_client(server, dot_chef_path) if required_products.include?('chef') || required_products.include?('chefdk')
|
521
596
|
when 'supermarket'
|
522
597
|
configure_supermarket(server) if required_products.include?('supermarket')
|
523
598
|
end
|
524
599
|
end
|
525
600
|
|
526
|
-
def
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
|
531
|
-
|
532
|
-
|
533
|
-
|
534
|
-
|
535
|
-
|
536
|
-
|
537
|
-
|
538
|
-
|
601
|
+
def configure_automate(server)
|
602
|
+
license_path = @server_configs[server.name][:license_path]
|
603
|
+
chef_org = @server_configs[server.name][:chef_org]
|
604
|
+
enterprise_name = @server_configs[server.name][:enterprise_name]
|
605
|
+
chef_server_url = @config['chef-server'][:fqdn]
|
606
|
+
supermarket_fqdn = @config['supermarket'][:fqdn]
|
607
|
+
|
608
|
+
FileUtils.cp(license_path, "#{server.container.config_item('lxc.rootfs')}/root/automate.license")
|
609
|
+
|
610
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
611
|
+
automate_chef_user_key = "#{chef_server.container.config_item('lxc.rootfs')}/root/chef-repo/.chef/delivery.pem"
|
612
|
+
FileUtils.cp(automate_chef_user_key, "#{server.container.config_item('lxc.rootfs')}/root/automate_chef_user_key.pem")
|
613
|
+
|
614
|
+
setup_cmd = "setup"
|
615
|
+
setup_cmd += " --license /root/automate.license"
|
616
|
+
setup_cmd += " --fqdn #{server.name}"
|
617
|
+
setup_cmd += " --key /root/automate_chef_user_key.pem"
|
618
|
+
setup_cmd += " --server-url https://#{chef_server_url}/organizations/#{chef_org}"
|
619
|
+
setup_cmd += " --supermarket-fqdn #{supermarket_fqdn}" if supermarket_fqdn
|
620
|
+
setup_cmd += " --enterprise #{enterprise_name}"
|
621
|
+
setup_cmd += " --no-build-node"
|
622
|
+
setup_cmd += " --configure"
|
623
|
+
run_ctl(server, "delivery", setup_cmd)
|
624
|
+
end
|
625
|
+
|
626
|
+
def print_automate_credentials
|
627
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
628
|
+
if automate_server_name
|
629
|
+
automate_server = get_server(automate_server_name)
|
630
|
+
automate_credentials_files = Dir.glob("#{automate_server.container.config_item('lxc.rootfs')}/etc/delivery/*-credentials")
|
631
|
+
automate_credentials_files.each_with_index do |automate_credentials_file, index|
|
632
|
+
puts IO.read(automate_credentials_file)
|
633
|
+
puts if index + 1 < automate_credentials_files.length
|
634
|
+
end
|
635
|
+
else
|
636
|
+
puts "WARNING: An Automate server is not defined."
|
637
|
+
exit 1
|
539
638
|
end
|
639
|
+
end
|
540
640
|
|
541
|
-
|
641
|
+
def configure_build_node(server)
|
642
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
643
|
+
if automate_server_name
|
644
|
+
automate_server = get_server(automate_server_name)
|
645
|
+
if File.exist?("#{automate_server.container.config_item('lxc.rootfs')}/root/build_node_chefdk_package_path")
|
646
|
+
build_node_chefdk_package_path = IO.read("#{automate_server.container.config_item('lxc.rootfs')}/root/build_node_chefdk_package_path").chomp
|
647
|
+
install_build_node_cmd = "install-build-node"
|
648
|
+
install_build_node_cmd += " --fqdn #{server.name}"
|
649
|
+
install_build_node_cmd += " --username dev-lxc"
|
650
|
+
install_build_node_cmd += " --password dev-lxc"
|
651
|
+
install_build_node_cmd += " --installer #{build_node_chefdk_package_path}"
|
652
|
+
run_ctl(automate_server, "delivery", install_build_node_cmd)
|
653
|
+
end
|
654
|
+
end
|
655
|
+
end
|
656
|
+
|
657
|
+
def configure_chef_client(server, dot_chef_path)
|
658
|
+
puts "Configuring Chef Client in container '#{server.name}'"
|
542
659
|
|
543
660
|
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/chef")
|
544
661
|
|
662
|
+
chef_server_url = @server_configs[server.name][:chef_server_url]
|
663
|
+
validation_client_name = @server_configs[server.name][:validation_client_name]
|
664
|
+
validation_key = @server_configs[server.name][:validation_key]
|
665
|
+
if validation_key.nil?
|
666
|
+
chef_server_name = @config['chef-server'][:bootstrap_backend]
|
667
|
+
chef_server_name ||= @config['chef-backend'][:bootstrap_frontend]
|
668
|
+
if chef_server_name
|
669
|
+
chef_server = get_server(chef_server_name)
|
670
|
+
if chef_server.container.defined?
|
671
|
+
validator_pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}#{dot_chef_path}/*-validator.pem")
|
672
|
+
FileUtils.cp(validator_pem_files, "#{server.container.config_item('lxc.rootfs')}/etc/chef/") unless validator_pem_files.empty?
|
673
|
+
end
|
674
|
+
end
|
675
|
+
end
|
676
|
+
|
545
677
|
client_rb = %Q(chef_server_url '#{chef_server_url}'
|
546
678
|
validation_client_name '#{validation_client_name}'
|
679
|
+
validation_key '/etc/chef/#{validation_client_name}.pem'
|
547
680
|
ssl_verify_mode :verify_none
|
548
681
|
)
|
549
|
-
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/chef/client.rb", client_rb)
|
550
682
|
|
551
|
-
|
552
|
-
|
553
|
-
|
554
|
-
|
683
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
684
|
+
if automate_server_name
|
685
|
+
client_rb += %Q(
|
686
|
+
data_collector.server_url "https://#{automate_server_name}/data-collector/v0/"
|
687
|
+
data_collector.token "93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"
|
688
|
+
)
|
555
689
|
end
|
690
|
+
|
691
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/chef/client.rb", client_rb)
|
556
692
|
end
|
557
693
|
|
558
694
|
def configure_chef_backend(server)
|
@@ -683,23 +819,46 @@ ssl_verify_mode :verify_none
|
|
683
819
|
server.run_command("#{component}-ctl #{subcommand}")
|
684
820
|
end
|
685
821
|
|
686
|
-
def
|
687
|
-
|
688
|
-
|
689
|
-
|
690
|
-
|
691
|
-
|
692
|
-
|
693
|
-
|
694
|
-
|
695
|
-
|
696
|
-
FileUtils.
|
822
|
+
def create_users_orgs_knife_configs(server, dot_chef_path)
|
823
|
+
server_type = @server_configs[server.name][:server_type]
|
824
|
+
# give time for all services to come up completely
|
825
|
+
sleep 10
|
826
|
+
if @server_configs[server.name][:chef_server_type] == 'private-chef'
|
827
|
+
# give more time for all services to come up completely
|
828
|
+
sleep 50
|
829
|
+
server.run_command("/opt/opscode/embedded/bin/gem install knife-opc --no-ri --no-rdoc -v 0.3.1")
|
830
|
+
end
|
831
|
+
chef_server_dot_chef_path = "#{server.container.config_item('lxc.rootfs')}#{dot_chef_path}"
|
832
|
+
FileUtils.mkdir_p(chef_server_dot_chef_path)
|
833
|
+
FileUtils.cp( "#{server.container.config_item('lxc.rootfs')}/etc/opscode/pivotal.pem", chef_server_dot_chef_path )
|
834
|
+
create_pivotal_knife_config('127.0.0.1', chef_server_dot_chef_path)
|
835
|
+
create_knife_config('127.0.0.1', chef_server_dot_chef_path)
|
836
|
+
@config[server_type][:users].each do |username|
|
837
|
+
create_user(server, username, dot_chef_path)
|
838
|
+
end
|
839
|
+
@config[server_type][:orgs].each do |orgname, org_users|
|
840
|
+
create_org(server, orgname, dot_chef_path)
|
841
|
+
if org_users
|
842
|
+
if org_users['admins']
|
843
|
+
org_users['admins'].each do |username|
|
844
|
+
org_add_user(server, orgname, username, true, dot_chef_path)
|
845
|
+
end
|
846
|
+
end
|
847
|
+
if org_users['non-admins']
|
848
|
+
org_users['non-admins'].each do |username|
|
849
|
+
org_add_user(server, orgname, username, false, dot_chef_path)
|
850
|
+
end
|
851
|
+
end
|
852
|
+
end
|
853
|
+
end
|
854
|
+
end
|
697
855
|
|
856
|
+
def create_pivotal_knife_config(fqdn, dot_chef_path)
|
698
857
|
pivotal_rb = %Q(
|
699
858
|
current_dir = File.dirname(__FILE__)
|
700
859
|
|
701
|
-
chef_server_root "
|
702
|
-
chef_server_url "
|
860
|
+
chef_server_root "https://#{fqdn}"
|
861
|
+
chef_server_url "https://#{fqdn}"
|
703
862
|
|
704
863
|
node_name "pivotal"
|
705
864
|
client_key "\#{current_dir}/pivotal.pem"
|
@@ -709,107 +868,106 @@ knife[:chef_repo_path] = Dir.pwd
|
|
709
868
|
|
710
869
|
ssl_verify_mode :verify_none
|
711
870
|
)
|
712
|
-
IO.write("#{
|
871
|
+
IO.write("#{dot_chef_path}/pivotal.rb", pivotal_rb)
|
872
|
+
end
|
713
873
|
|
874
|
+
def create_knife_config(fqdn, dot_chef_path)
|
714
875
|
knife_rb = %Q(
|
715
|
-
|
876
|
+
username = "CHANGEME"
|
877
|
+
orgname = "CHANGEME"
|
716
878
|
|
717
|
-
|
879
|
+
if [username, orgname].include?("CHANGEME")
|
880
|
+
puts "ERROR: Please set 'username' and 'orgname' to proper values in knife.rb"
|
881
|
+
exit!
|
882
|
+
end
|
718
883
|
|
719
|
-
|
720
|
-
client_key "\#{current_dir}/#{admin_username}.pem"
|
721
|
-
)
|
884
|
+
current_dir = File.dirname(__FILE__)
|
722
885
|
|
723
|
-
|
724
|
-
#node_name "#{username}"
|
725
|
-
#client_key "\#{current_dir}/#{username}.pem"
|
726
|
-
) unless username.nil?
|
886
|
+
chef_server_url "https://#{fqdn}/organizations/\#{orgname}"
|
727
887
|
|
728
|
-
|
729
|
-
|
730
|
-
|
888
|
+
node_name username
|
889
|
+
client_key "\#{current_dir}/\#{username}.pem"
|
890
|
+
|
891
|
+
validation_client_name "\#{orgname}-validator"
|
892
|
+
validation_key "\#{current_dir}/\#{orgname}-validator.pem"
|
731
893
|
|
732
894
|
cookbook_path Dir.pwd + "/cookbooks"
|
733
895
|
knife[:chef_repo_path] = Dir.pwd
|
734
896
|
|
735
897
|
ssl_verify_mode :verify_none
|
736
898
|
)
|
737
|
-
IO.write("#{
|
899
|
+
IO.write("#{dot_chef_path}/knife.rb", knife_rb)
|
900
|
+
end
|
738
901
|
|
902
|
+
def create_user(server, username, dot_chef_path)
|
903
|
+
create_user_string = "#{username} #{username} #{username} #{username}@noreply.com #{username} --filename #{dot_chef_path}/#{username}.pem"
|
739
904
|
case @server_configs[server.name][:chef_server_type]
|
740
905
|
when 'private-chef'
|
741
|
-
|
742
|
-
|
743
|
-
server
|
744
|
-
|
745
|
-
|
746
|
-
|
747
|
-
|
748
|
-
|
906
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc user create #{create_user_string} -c #{dot_chef_path}/pivotal.rb")
|
907
|
+
when 'chef-server'
|
908
|
+
run_ctl(server, "chef-server", "user-create #{create_user_string}")
|
909
|
+
end
|
910
|
+
end
|
911
|
+
|
912
|
+
def create_org(server, orgname, dot_chef_path)
|
913
|
+
create_org_string = "#{orgname} #{orgname} --filename #{dot_chef_path}/#{orgname}-validator.pem"
|
914
|
+
case @server_configs[server.name][:chef_server_type]
|
915
|
+
when 'private-chef'
|
916
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc org create #{create_org_string} -c #{dot_chef_path}/pivotal.rb")
|
917
|
+
when 'chef-server'
|
918
|
+
run_ctl(server, "chef-server", "org-create #{create_org_string}")
|
919
|
+
end
|
920
|
+
end
|
921
|
+
|
922
|
+
def org_add_user(server, orgname, username, admin, dot_chef_path)
|
923
|
+
org_add_user_string = "#{orgname} #{username}"
|
924
|
+
org_add_user_string += " --admin" if admin
|
925
|
+
case @server_configs[server.name][:chef_server_type]
|
926
|
+
when 'private-chef'
|
927
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc org user add #{org_add_user_string} -c #{dot_chef_path}/pivotal.rb")
|
749
928
|
when 'chef-server'
|
750
|
-
|
751
|
-
sleep 10
|
752
|
-
run_ctl(server, "chef-server", "org-create demo demo --filename /root/chef-repo/.chef/demo-validator.pem")
|
753
|
-
run_ctl(server, "chef-server", "user-create mary-admin mary admin mary-admin@noreply.com mary-admin --filename /root/chef-repo/.chef/mary-admin.pem")
|
754
|
-
run_ctl(server, "chef-server", "org-user-add demo mary-admin --admin")
|
755
|
-
run_ctl(server, "chef-server", "user-create joe-user joe user joe-user@noreply.com joe-user --filename /root/chef-repo/.chef/joe-user.pem")
|
756
|
-
run_ctl(server, "chef-server", "org-user-add demo joe-user")
|
929
|
+
run_ctl(server, "chef-server", "org-user-add #{org_add_user_string}")
|
757
930
|
end
|
758
931
|
end
|
759
932
|
|
760
933
|
def chef_repo(force=false, pivotal=false)
|
761
|
-
|
762
|
-
|
934
|
+
chef_server_dot_chef_path = "/root/chef-repo/.chef"
|
935
|
+
dot_chef_path = "./chef-repo/.chef"
|
936
|
+
|
937
|
+
if @config['chef-server'][:bootstrap_backend]
|
938
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
939
|
+
chef_server_fqdn = @config['chef-server'][:fqdn]
|
940
|
+
elsif @config['chef-backend'][:bootstrap_frontend]
|
941
|
+
chef_server = get_server(@config['chef-backend'][:bootstrap_frontend])
|
942
|
+
chef_server_fqdn = @config['chef-backend'][:fqdn]
|
943
|
+
else
|
944
|
+
puts "ERROR: A Chef Server is not defined in the cluster's config. Please define it first."
|
763
945
|
exit 1
|
764
946
|
end
|
765
|
-
chef_server
|
766
|
-
if ! chef_server.container.defined?
|
947
|
+
unless chef_server.container.defined?
|
767
948
|
puts "ERROR: The '#{chef_server.name}' Chef Server does not exist."
|
768
949
|
exit 1
|
769
950
|
end
|
770
951
|
|
771
952
|
puts "Creating chef-repo with pem files and knife.rb in the current directory"
|
772
|
-
FileUtils.mkdir_p(
|
953
|
+
FileUtils.mkdir_p(dot_chef_path)
|
773
954
|
|
774
|
-
pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}
|
775
|
-
|
776
|
-
|
777
|
-
else
|
778
|
-
pem_files.delete_if { |pem_file| pem_file.end_with?("/pivotal.pem") } unless pivotal
|
779
|
-
FileUtils.cp( pem_files, "./chef-repo/.chef" )
|
780
|
-
end
|
781
|
-
|
782
|
-
chef_server_root = "https://#{@config['chef-server'][:fqdn]}"
|
783
|
-
chef_server_url = "https://#{@config['chef-server'][:fqdn]}/organizations/demo"
|
784
|
-
validator_name = "demo-validator"
|
955
|
+
pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}#{chef_server_dot_chef_path}/*.pem")
|
956
|
+
pem_files.delete_if { |pem_file| pem_file.end_with?("/pivotal.pem") } unless pivotal
|
957
|
+
FileUtils.cp(pem_files, dot_chef_path) unless pem_files.empty?
|
785
958
|
|
786
959
|
if pivotal
|
787
|
-
if File.exists?("
|
788
|
-
puts "Skipping pivotal.rb because it already exists in
|
960
|
+
if File.exists?("#{dot_chef_path}/pivotal.rb") && ! force
|
961
|
+
puts "Skipping pivotal.rb because it already exists in `#{dot_chef_path}`"
|
789
962
|
else
|
790
|
-
|
791
|
-
if File.exists?(pivotal_rb_path)
|
792
|
-
pivotal_rb = IO.read(pivotal_rb_path)
|
793
|
-
pivotal_rb.sub!(/^chef_server_root .*/, "chef_server_root \"#{chef_server_root}\"")
|
794
|
-
pivotal_rb.sub!(/^chef_server_url .*/, "chef_server_url \"#{chef_server_root}\"")
|
795
|
-
IO.write("./chef-repo/.chef/pivotal.rb", pivotal_rb)
|
796
|
-
else
|
797
|
-
puts "The pivotal.rb file can not be copied because it does not exist in '#{chef_server.name}' Chef Server's `/root/chef-repo/.chef` directory"
|
798
|
-
end
|
963
|
+
create_pivotal_knife_config(chef_server_fqdn, dot_chef_path)
|
799
964
|
end
|
800
965
|
end
|
801
966
|
|
802
967
|
if File.exists?("./chef-repo/.chef/knife.rb") && ! force
|
803
|
-
puts "Skipping knife.rb because it already exists in
|
968
|
+
puts "Skipping knife.rb because it already exists in `#{dot_chef_path}`"
|
804
969
|
else
|
805
|
-
|
806
|
-
if File.exists?(knife_rb_path)
|
807
|
-
knife_rb = IO.read(knife_rb_path)
|
808
|
-
knife_rb.sub!(/^chef_server_url .*/, "chef_server_url \"#{chef_server_url}\"")
|
809
|
-
IO.write("./chef-repo/.chef/knife.rb", knife_rb)
|
810
|
-
else
|
811
|
-
puts "The knife.rb file can not be copied because it does not exist in '#{chef_server.name}' Chef Server's `/root/chef-repo/.chef` directory"
|
812
|
-
end
|
970
|
+
create_knife_config(chef_server_fqdn, dot_chef_path)
|
813
971
|
end
|
814
972
|
end
|
815
973
|
|
@@ -851,6 +1009,13 @@ oc_id['applications'] ||= {}
|
|
851
1009
|
oc_id['applications']['supermarket'] = {
|
852
1010
|
'redirect_uri' => 'https://#{@config['supermarket'][:fqdn]}/auth/chef_oauth2/callback'
|
853
1011
|
}
|
1012
|
+
)
|
1013
|
+
end
|
1014
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
1015
|
+
if automate_server_name
|
1016
|
+
chef_server_config += %Q(
|
1017
|
+
data_collector['root_url'] = "https://#{automate_server_name}/data-collector/v0/"
|
1018
|
+
data_collector['token'] = "93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"
|
854
1019
|
)
|
855
1020
|
end
|
856
1021
|
return chef_server_config
|