dev-lxc 3.2.0 → 3.3.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.gitattributes +1 -0
- data/.gitignore +17 -17
- data/CHANGELOG.md +352 -342
- data/Gemfile +4 -4
- data/LICENSE +201 -201
- data/README.md +235 -233
- data/Rakefile +1 -1
- data/bin/dl +9 -9
- data/dev-lxc.gemspec +26 -26
- data/docs/adhoc_clusters.md +17 -20
- data/docs/base_containers.md +44 -44
- data/docs/byobu_keybindings.md +22 -22
- data/docs/configuration.md +277 -235
- data/docs/dev-lxc_version_2.md +10 -10
- data/docs/manage_multiple_clusters.md +30 -30
- data/docs/mitmproxy.md +7 -7
- data/docs/usage.md +213 -213
- data/example-clusters/README.md +165 -35
- data/example-clusters/automate_dev-lxc.yml +98 -98
- data/example-clusters/chef-backend_dev-lxc.yml +81 -81
- data/example-clusters/conf-files/chef-server/elasticsearch-partial.rb +38 -0
- data/example-clusters/conf-files/chef-server/ldap-partial.rb +10 -0
- data/example-clusters/conf-files/chef-server/postgres-partial.rb +14 -0
- data/example-clusters/external_dev-lxc.yml +60 -0
- data/example-clusters/tier_dev-lxc.yml +88 -88
- data/lib/dev-lxc/cli.rb +542 -537
- data/lib/dev-lxc/cluster.rb +1310 -1215
- data/lib/dev-lxc/container.rb +128 -123
- data/lib/dev-lxc/server.rb +197 -197
- data/lib/dev-lxc/version.rb +3 -3
- data/lib/dev-lxc.rb +118 -118
- metadata +7 -2
data/lib/dev-lxc/cluster.rb
CHANGED
@@ -1,1215 +1,1310 @@
|
|
1
|
-
require "dev-lxc/server"
|
2
|
-
require "mixlib/install"
|
3
|
-
require "open-uri"
|
4
|
-
|
5
|
-
module DevLXC
|
6
|
-
class Cluster
|
7
|
-
attr_reader :config
|
8
|
-
|
9
|
-
def initialize(cluster_config)
|
10
|
-
FileUtils.mkdir_p('/var/dev-lxc') unless Dir.exist?('/var/dev-lxc')
|
11
|
-
|
12
|
-
@config = Hash.new { |hash, key| hash[key] = {} }
|
13
|
-
@server_configs = Hash.new
|
14
|
-
|
15
|
-
%w(adhoc analytics automate build-nodes chef-backend chef-server compliance nodes runners supermarket).each do |server_type|
|
16
|
-
if cluster_config[server_type]
|
17
|
-
if cluster_config[server_type]["servers"]
|
18
|
-
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
19
|
-
server_config ||= Hash.new
|
20
|
-
|
21
|
-
products = server_config['products']
|
22
|
-
products ||= Hash.new
|
23
|
-
|
24
|
-
enable_build_snapshots = cluster_config[server_type]["enable_build_snapshots"]
|
25
|
-
enable_build_snapshots = cluster_config["enable_build_snapshots"] if enable_build_snapshots.nil?
|
26
|
-
enable_build_snapshots = server_config["enable_build_snapshots"] if server_config.key?("enable_build_snapshots")
|
27
|
-
enable_build_snapshots = true if enable_build_snapshots.nil?
|
28
|
-
|
29
|
-
memory_per_server = cluster_config[server_type]["memory_per_server"]
|
30
|
-
memory_per_server ||= cluster_config["memory_per_server"]
|
31
|
-
memory_per_server = server_config["memory_per_server"] if server_config["memory_per_server"]
|
32
|
-
|
33
|
-
mounts = ["/var/dev-lxc var/dev-lxc"]
|
34
|
-
if cluster_config[server_type]["mounts"]
|
35
|
-
mounts.concat(cluster_config[server_type]["mounts"])
|
36
|
-
elsif cluster_config["mounts"]
|
37
|
-
mounts.concat(cluster_config["mounts"])
|
38
|
-
end
|
39
|
-
mounts = ["/var/dev-lxc var/dev-lxc"] + server_config["mounts"] if server_config["mounts"]
|
40
|
-
|
41
|
-
ssh_keys = cluster_config[server_type]["ssh-keys"]
|
42
|
-
ssh_keys ||= cluster_config["ssh-keys"]
|
43
|
-
ssh_keys = server_config["ssh-keys"] if server_config["ssh-keys"]
|
44
|
-
|
45
|
-
base_container_name = cluster_config[server_type]["base_container"]
|
46
|
-
base_container_name ||= cluster_config["base_container"]
|
47
|
-
base_container_name = server_config["base_container"] if server_config["base_container"]
|
48
|
-
|
49
|
-
@server_configs[server_name] = {
|
50
|
-
server_type: server_type,
|
51
|
-
products: products,
|
52
|
-
ipaddress: server_config['ipaddress'],
|
53
|
-
additional_fqdn: nil,
|
54
|
-
enable_build_snapshots: enable_build_snapshots,
|
55
|
-
first_run: false,
|
56
|
-
memory_per_server: memory_per_server,
|
57
|
-
mounts: mounts,
|
58
|
-
ssh_keys: ssh_keys,
|
59
|
-
base_container_name: base_container_name
|
60
|
-
}
|
61
|
-
# gather configuration from only the first "automate", "compliance" or "supermarket" server
|
62
|
-
break if %w(automate compliance supermarket).include?(server_type)
|
63
|
-
end
|
64
|
-
end
|
65
|
-
|
66
|
-
case server_type
|
67
|
-
when "analytics"
|
68
|
-
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
69
|
-
@config[server_type][:topology] ||= 'standalone'
|
70
|
-
@config[server_type][:fqdn] = cluster_config[server_type]["analytics_fqdn"]
|
71
|
-
@config[server_type][:frontends] = Array.new
|
72
|
-
|
73
|
-
if cluster_config[server_type]["servers"]
|
74
|
-
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
75
|
-
server_config ||= Hash.new
|
76
|
-
additional_fqdn = nil
|
77
|
-
case @config[server_type][:topology]
|
78
|
-
when 'standalone'
|
79
|
-
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
80
|
-
@config[server_type][:fqdn] ||= @config[server_type][:bootstrap_backend]
|
81
|
-
when 'tier'
|
82
|
-
@config[server_type][:bootstrap_backend] = server_name if server_config["role"] == "backend" && server_config["bootstrap"] == true
|
83
|
-
if server_config["role"] == "frontend"
|
84
|
-
additional_fqdn = @config[server_type][:fqdn]
|
85
|
-
@config[server_type][:frontends] << server_name
|
86
|
-
end
|
87
|
-
end
|
88
|
-
@server_configs[server_name].merge!({
|
89
|
-
additional_fqdn: additional_fqdn
|
90
|
-
})
|
91
|
-
end
|
92
|
-
end
|
93
|
-
when "chef-backend"
|
94
|
-
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
95
|
-
@config[server_type][:users] = cluster_config[server_type]["users"]
|
96
|
-
@config[server_type][:users] ||= Array.new
|
97
|
-
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
98
|
-
@config[server_type][:orgs] ||= Hash.new
|
99
|
-
@config[server_type][:backends] = Array.new
|
100
|
-
@config[server_type][:frontends] = Array.new
|
101
|
-
|
102
|
-
servers = cluster_config[server_type]["servers"]
|
103
|
-
if servers
|
104
|
-
@config[server_type][:leader_backend] = servers.select { |s,sc| sc['role'] == 'backend' && sc['leader'] == true }.keys.first
|
105
|
-
@config[server_type][:bootstrap_frontend] = servers.select { |s,sc| sc['role'] == 'frontend' && sc['bootstrap'] == true }.keys.first
|
106
|
-
@config[server_type][:backends] << @config[server_type][:leader_backend]
|
107
|
-
@config[server_type][:frontends] << @config[server_type][:bootstrap_frontend]
|
108
|
-
servers.each do |server_name, server_config|
|
109
|
-
server_config ||= Hash.new
|
110
|
-
additional_fqdn = nil
|
111
|
-
case server_config["role"]
|
112
|
-
when "backend"
|
113
|
-
@config[server_type][:backends] << server_name unless server_name == @config[server_type][:leader_backend]
|
114
|
-
when "frontend"
|
115
|
-
additional_fqdn = @config[server_type][:fqdn]
|
116
|
-
@config[server_type][:frontends] << server_name unless server_name == @config[server_type][:bootstrap_frontend]
|
117
|
-
|
118
|
-
|
119
|
-
|
120
|
-
|
121
|
-
|
122
|
-
|
123
|
-
|
124
|
-
|
125
|
-
|
126
|
-
|
127
|
-
|
128
|
-
|
129
|
-
@config[server_type][:
|
130
|
-
@config[server_type][:
|
131
|
-
@config[server_type][:
|
132
|
-
@config[server_type][:
|
133
|
-
|
134
|
-
|
135
|
-
|
136
|
-
|
137
|
-
|
138
|
-
|
139
|
-
|
140
|
-
|
141
|
-
|
142
|
-
|
143
|
-
|
144
|
-
|
145
|
-
|
146
|
-
if server_config["role"]
|
147
|
-
|
148
|
-
|
149
|
-
|
150
|
-
|
151
|
-
|
152
|
-
|
153
|
-
|
154
|
-
|
155
|
-
|
156
|
-
|
157
|
-
|
158
|
-
|
159
|
-
|
160
|
-
|
161
|
-
|
162
|
-
|
163
|
-
|
164
|
-
|
165
|
-
|
166
|
-
|
167
|
-
|
168
|
-
|
169
|
-
|
170
|
-
server_config
|
171
|
-
@server_configs[server_name]
|
172
|
-
|
173
|
-
|
174
|
-
|
175
|
-
|
176
|
-
|
177
|
-
|
178
|
-
|
179
|
-
|
180
|
-
|
181
|
-
|
182
|
-
|
183
|
-
|
184
|
-
|
185
|
-
|
186
|
-
|
187
|
-
|
188
|
-
|
189
|
-
|
190
|
-
|
191
|
-
|
192
|
-
|
193
|
-
|
194
|
-
|
195
|
-
|
196
|
-
|
197
|
-
|
198
|
-
|
199
|
-
|
200
|
-
|
201
|
-
|
202
|
-
|
203
|
-
|
204
|
-
|
205
|
-
|
206
|
-
|
207
|
-
|
208
|
-
|
209
|
-
|
210
|
-
|
211
|
-
|
212
|
-
|
213
|
-
|
214
|
-
|
215
|
-
|
216
|
-
|
217
|
-
|
218
|
-
|
219
|
-
|
220
|
-
|
221
|
-
|
222
|
-
|
223
|
-
|
224
|
-
|
225
|
-
|
226
|
-
|
227
|
-
|
228
|
-
|
229
|
-
|
230
|
-
puts "ERROR:
|
231
|
-
exit 1
|
232
|
-
end
|
233
|
-
|
234
|
-
|
235
|
-
|
236
|
-
|
237
|
-
|
238
|
-
|
239
|
-
|
240
|
-
end
|
241
|
-
|
242
|
-
|
243
|
-
|
244
|
-
|
245
|
-
|
246
|
-
|
247
|
-
|
248
|
-
|
249
|
-
|
250
|
-
|
251
|
-
|
252
|
-
|
253
|
-
|
254
|
-
|
255
|
-
|
256
|
-
|
257
|
-
|
258
|
-
|
259
|
-
|
260
|
-
|
261
|
-
|
262
|
-
|
263
|
-
|
264
|
-
|
265
|
-
|
266
|
-
|
267
|
-
|
268
|
-
|
269
|
-
|
270
|
-
|
271
|
-
|
272
|
-
|
273
|
-
|
274
|
-
|
275
|
-
|
276
|
-
|
277
|
-
|
278
|
-
|
279
|
-
|
280
|
-
|
281
|
-
|
282
|
-
|
283
|
-
|
284
|
-
|
285
|
-
|
286
|
-
|
287
|
-
|
288
|
-
|
289
|
-
|
290
|
-
|
291
|
-
|
292
|
-
|
293
|
-
|
294
|
-
|
295
|
-
|
296
|
-
|
297
|
-
|
298
|
-
|
299
|
-
|
300
|
-
|
301
|
-
|
302
|
-
|
303
|
-
|
304
|
-
|
305
|
-
|
306
|
-
|
307
|
-
|
308
|
-
|
309
|
-
|
310
|
-
|
311
|
-
|
312
|
-
|
313
|
-
|
314
|
-
|
315
|
-
|
316
|
-
|
317
|
-
|
318
|
-
|
319
|
-
|
320
|
-
|
321
|
-
|
322
|
-
|
323
|
-
|
324
|
-
|
325
|
-
|
326
|
-
|
327
|
-
|
328
|
-
|
329
|
-
|
330
|
-
|
331
|
-
|
332
|
-
|
333
|
-
|
334
|
-
|
335
|
-
|
336
|
-
|
337
|
-
|
338
|
-
|
339
|
-
|
340
|
-
|
341
|
-
|
342
|
-
|
343
|
-
|
344
|
-
|
345
|
-
|
346
|
-
|
347
|
-
|
348
|
-
|
349
|
-
|
350
|
-
|
351
|
-
|
352
|
-
|
353
|
-
|
354
|
-
|
355
|
-
|
356
|
-
|
357
|
-
|
358
|
-
|
359
|
-
|
360
|
-
|
361
|
-
|
362
|
-
|
363
|
-
|
364
|
-
|
365
|
-
|
366
|
-
|
367
|
-
|
368
|
-
|
369
|
-
|
370
|
-
|
371
|
-
|
372
|
-
|
373
|
-
|
374
|
-
|
375
|
-
|
376
|
-
|
377
|
-
|
378
|
-
|
379
|
-
|
380
|
-
|
381
|
-
if server.
|
382
|
-
|
383
|
-
|
384
|
-
|
385
|
-
|
386
|
-
|
387
|
-
|
388
|
-
|
389
|
-
|
390
|
-
|
391
|
-
|
392
|
-
|
393
|
-
|
394
|
-
|
395
|
-
|
396
|
-
|
397
|
-
|
398
|
-
|
399
|
-
|
400
|
-
|
401
|
-
|
402
|
-
|
403
|
-
|
404
|
-
|
405
|
-
|
406
|
-
|
407
|
-
|
408
|
-
|
409
|
-
|
410
|
-
|
411
|
-
|
412
|
-
|
413
|
-
|
414
|
-
|
415
|
-
|
416
|
-
|
417
|
-
|
418
|
-
|
419
|
-
|
420
|
-
|
421
|
-
|
422
|
-
|
423
|
-
|
424
|
-
|
425
|
-
|
426
|
-
|
427
|
-
|
428
|
-
|
429
|
-
|
430
|
-
|
431
|
-
|
432
|
-
|
433
|
-
|
434
|
-
|
435
|
-
|
436
|
-
|
437
|
-
|
438
|
-
|
439
|
-
if
|
440
|
-
|
441
|
-
|
442
|
-
|
443
|
-
|
444
|
-
|
445
|
-
|
446
|
-
|
447
|
-
|
448
|
-
|
449
|
-
|
450
|
-
|
451
|
-
|
452
|
-
|
453
|
-
|
454
|
-
|
455
|
-
|
456
|
-
|
457
|
-
|
458
|
-
|
459
|
-
|
460
|
-
|
461
|
-
|
462
|
-
|
463
|
-
|
464
|
-
|
465
|
-
|
466
|
-
|
467
|
-
|
468
|
-
|
469
|
-
|
470
|
-
|
471
|
-
|
472
|
-
|
473
|
-
|
474
|
-
|
475
|
-
|
476
|
-
puts "ERROR: '#{server.name}' requires
|
477
|
-
abort_up = true
|
478
|
-
|
479
|
-
|
480
|
-
|
481
|
-
|
482
|
-
|
483
|
-
|
484
|
-
|
485
|
-
puts "ERROR: '#{server.name}' requires
|
486
|
-
abort_up = true
|
487
|
-
end
|
488
|
-
|
489
|
-
|
490
|
-
|
491
|
-
|
492
|
-
|
493
|
-
|
494
|
-
|
495
|
-
|
496
|
-
|
497
|
-
|
498
|
-
|
499
|
-
|
500
|
-
|
501
|
-
|
502
|
-
|
503
|
-
|
504
|
-
|
505
|
-
|
506
|
-
|
507
|
-
|
508
|
-
|
509
|
-
|
510
|
-
|
511
|
-
|
512
|
-
|
513
|
-
|
514
|
-
|
515
|
-
|
516
|
-
|
517
|
-
|
518
|
-
|
519
|
-
|
520
|
-
|
521
|
-
|
522
|
-
|
523
|
-
|
524
|
-
|
525
|
-
|
526
|
-
|
527
|
-
|
528
|
-
|
529
|
-
|
530
|
-
|
531
|
-
|
532
|
-
|
533
|
-
|
534
|
-
|
535
|
-
|
536
|
-
|
537
|
-
|
538
|
-
|
539
|
-
|
540
|
-
|
541
|
-
|
542
|
-
|
543
|
-
|
544
|
-
|
545
|
-
|
546
|
-
|
547
|
-
|
548
|
-
|
549
|
-
|
550
|
-
|
551
|
-
|
552
|
-
|
553
|
-
|
554
|
-
|
555
|
-
|
556
|
-
|
557
|
-
|
558
|
-
|
559
|
-
|
560
|
-
|
561
|
-
|
562
|
-
|
563
|
-
|
564
|
-
|
565
|
-
|
566
|
-
|
567
|
-
|
568
|
-
|
569
|
-
|
570
|
-
|
571
|
-
|
572
|
-
|
573
|
-
|
574
|
-
|
575
|
-
|
576
|
-
|
577
|
-
|
578
|
-
|
579
|
-
|
580
|
-
|
581
|
-
|
582
|
-
|
583
|
-
|
584
|
-
|
585
|
-
|
586
|
-
|
587
|
-
|
588
|
-
|
589
|
-
|
590
|
-
|
591
|
-
|
592
|
-
|
593
|
-
|
594
|
-
|
595
|
-
|
596
|
-
|
597
|
-
|
598
|
-
|
599
|
-
|
600
|
-
|
601
|
-
|
602
|
-
|
603
|
-
|
604
|
-
|
605
|
-
|
606
|
-
|
607
|
-
|
608
|
-
|
609
|
-
|
610
|
-
|
611
|
-
|
612
|
-
|
613
|
-
|
614
|
-
|
615
|
-
|
616
|
-
elsif !
|
617
|
-
|
618
|
-
|
619
|
-
end
|
620
|
-
|
621
|
-
|
622
|
-
|
623
|
-
|
624
|
-
|
625
|
-
|
626
|
-
|
627
|
-
|
628
|
-
|
629
|
-
|
630
|
-
|
631
|
-
|
632
|
-
|
633
|
-
|
634
|
-
|
635
|
-
|
636
|
-
|
637
|
-
|
638
|
-
|
639
|
-
|
640
|
-
|
641
|
-
|
642
|
-
|
643
|
-
|
644
|
-
|
645
|
-
|
646
|
-
|
647
|
-
|
648
|
-
|
649
|
-
|
650
|
-
|
651
|
-
|
652
|
-
|
653
|
-
|
654
|
-
|
655
|
-
|
656
|
-
|
657
|
-
|
658
|
-
|
659
|
-
|
660
|
-
|
661
|
-
|
662
|
-
|
663
|
-
|
664
|
-
|
665
|
-
|
666
|
-
|
667
|
-
|
668
|
-
|
669
|
-
|
670
|
-
|
671
|
-
|
672
|
-
|
673
|
-
|
674
|
-
|
675
|
-
|
676
|
-
|
677
|
-
|
678
|
-
|
679
|
-
|
680
|
-
|
681
|
-
|
682
|
-
|
683
|
-
|
684
|
-
|
685
|
-
|
686
|
-
|
687
|
-
|
688
|
-
|
689
|
-
|
690
|
-
|
691
|
-
|
692
|
-
|
693
|
-
|
694
|
-
|
695
|
-
|
696
|
-
|
697
|
-
|
698
|
-
|
699
|
-
when '
|
700
|
-
#
|
701
|
-
|
702
|
-
|
703
|
-
|
704
|
-
|
705
|
-
|
706
|
-
|
707
|
-
|
708
|
-
|
709
|
-
|
710
|
-
|
711
|
-
|
712
|
-
|
713
|
-
|
714
|
-
|
715
|
-
|
716
|
-
|
717
|
-
|
718
|
-
|
719
|
-
|
720
|
-
|
721
|
-
|
722
|
-
|
723
|
-
|
724
|
-
|
725
|
-
|
726
|
-
|
727
|
-
|
728
|
-
|
729
|
-
|
730
|
-
|
731
|
-
|
732
|
-
|
733
|
-
|
734
|
-
|
735
|
-
|
736
|
-
|
737
|
-
|
738
|
-
|
739
|
-
|
740
|
-
|
741
|
-
end
|
742
|
-
|
743
|
-
def
|
744
|
-
|
745
|
-
|
746
|
-
|
747
|
-
|
748
|
-
|
749
|
-
|
750
|
-
|
751
|
-
|
752
|
-
|
753
|
-
|
754
|
-
|
755
|
-
|
756
|
-
|
757
|
-
|
758
|
-
|
759
|
-
|
760
|
-
|
761
|
-
|
762
|
-
|
763
|
-
|
764
|
-
|
765
|
-
|
766
|
-
|
767
|
-
|
768
|
-
|
769
|
-
|
770
|
-
|
771
|
-
|
772
|
-
|
773
|
-
|
774
|
-
if
|
775
|
-
|
776
|
-
|
777
|
-
|
778
|
-
|
779
|
-
|
780
|
-
|
781
|
-
|
782
|
-
|
783
|
-
|
784
|
-
|
785
|
-
|
786
|
-
|
787
|
-
|
788
|
-
|
789
|
-
|
790
|
-
|
791
|
-
|
792
|
-
if
|
793
|
-
|
794
|
-
|
795
|
-
|
796
|
-
|
797
|
-
if
|
798
|
-
|
799
|
-
|
800
|
-
|
801
|
-
|
802
|
-
|
803
|
-
|
804
|
-
|
805
|
-
|
806
|
-
|
807
|
-
|
808
|
-
|
809
|
-
|
810
|
-
|
811
|
-
|
812
|
-
|
813
|
-
|
814
|
-
|
815
|
-
|
816
|
-
|
817
|
-
|
818
|
-
|
819
|
-
|
820
|
-
|
821
|
-
|
822
|
-
|
823
|
-
|
824
|
-
|
825
|
-
|
826
|
-
|
827
|
-
|
828
|
-
|
829
|
-
|
830
|
-
|
831
|
-
|
832
|
-
|
833
|
-
|
834
|
-
|
835
|
-
|
836
|
-
|
837
|
-
|
838
|
-
|
839
|
-
|
840
|
-
|
841
|
-
|
842
|
-
|
843
|
-
|
844
|
-
|
845
|
-
|
846
|
-
|
847
|
-
|
848
|
-
|
849
|
-
|
850
|
-
|
851
|
-
|
852
|
-
|
853
|
-
|
854
|
-
|
855
|
-
|
856
|
-
|
857
|
-
|
858
|
-
|
859
|
-
|
860
|
-
|
861
|
-
|
862
|
-
|
863
|
-
|
864
|
-
|
865
|
-
|
866
|
-
|
867
|
-
|
868
|
-
|
869
|
-
|
870
|
-
|
871
|
-
|
872
|
-
|
873
|
-
|
874
|
-
|
875
|
-
|
876
|
-
|
877
|
-
|
878
|
-
|
879
|
-
|
880
|
-
|
881
|
-
|
882
|
-
|
883
|
-
|
884
|
-
|
885
|
-
|
886
|
-
|
887
|
-
|
888
|
-
|
889
|
-
|
890
|
-
|
891
|
-
|
892
|
-
|
893
|
-
|
894
|
-
|
895
|
-
|
896
|
-
|
897
|
-
|
898
|
-
|
899
|
-
|
900
|
-
|
901
|
-
|
902
|
-
|
903
|
-
|
904
|
-
|
905
|
-
|
906
|
-
|
907
|
-
|
908
|
-
|
909
|
-
|
910
|
-
|
911
|
-
|
912
|
-
|
913
|
-
|
914
|
-
|
915
|
-
|
916
|
-
|
917
|
-
|
918
|
-
|
919
|
-
|
920
|
-
|
921
|
-
|
922
|
-
|
923
|
-
|
924
|
-
|
925
|
-
|
926
|
-
|
927
|
-
|
928
|
-
|
929
|
-
|
930
|
-
|
931
|
-
|
932
|
-
|
933
|
-
|
934
|
-
|
935
|
-
|
936
|
-
|
937
|
-
|
938
|
-
|
939
|
-
|
940
|
-
|
941
|
-
|
942
|
-
|
943
|
-
|
944
|
-
|
945
|
-
|
946
|
-
|
947
|
-
|
948
|
-
|
949
|
-
|
950
|
-
|
951
|
-
|
952
|
-
|
953
|
-
|
954
|
-
|
955
|
-
|
956
|
-
|
957
|
-
|
958
|
-
|
959
|
-
|
960
|
-
|
961
|
-
|
962
|
-
|
963
|
-
|
964
|
-
|
965
|
-
|
966
|
-
|
967
|
-
|
968
|
-
|
969
|
-
|
970
|
-
|
971
|
-
|
972
|
-
|
973
|
-
|
974
|
-
|
975
|
-
|
976
|
-
|
977
|
-
|
978
|
-
|
979
|
-
|
980
|
-
|
981
|
-
|
982
|
-
|
983
|
-
|
984
|
-
|
985
|
-
|
986
|
-
|
987
|
-
|
988
|
-
|
989
|
-
|
990
|
-
|
991
|
-
|
992
|
-
|
993
|
-
|
994
|
-
|
995
|
-
|
996
|
-
|
997
|
-
|
998
|
-
|
999
|
-
|
1000
|
-
|
1001
|
-
|
1002
|
-
|
1003
|
-
|
1004
|
-
|
1005
|
-
|
1006
|
-
|
1007
|
-
|
1008
|
-
|
1009
|
-
|
1010
|
-
|
1011
|
-
|
1012
|
-
|
1013
|
-
|
1014
|
-
|
1015
|
-
|
1016
|
-
|
1017
|
-
|
1018
|
-
|
1019
|
-
|
1020
|
-
|
1021
|
-
|
1022
|
-
|
1023
|
-
|
1024
|
-
|
1025
|
-
|
1026
|
-
|
1027
|
-
|
1028
|
-
|
1029
|
-
|
1030
|
-
|
1031
|
-
|
1032
|
-
|
1033
|
-
|
1034
|
-
|
1035
|
-
|
1036
|
-
|
1037
|
-
#
|
1038
|
-
#
|
1039
|
-
|
1040
|
-
|
1041
|
-
|
1042
|
-
|
1043
|
-
|
1044
|
-
|
1045
|
-
|
1046
|
-
|
1047
|
-
|
1048
|
-
|
1049
|
-
|
1050
|
-
|
1051
|
-
|
1052
|
-
|
1053
|
-
|
1054
|
-
|
1055
|
-
|
1056
|
-
|
1057
|
-
|
1058
|
-
|
1059
|
-
|
1060
|
-
|
1061
|
-
|
1062
|
-
)
|
1063
|
-
|
1064
|
-
|
1065
|
-
|
1066
|
-
|
1067
|
-
|
1068
|
-
|
1069
|
-
|
1070
|
-
|
1071
|
-
|
1072
|
-
|
1073
|
-
|
1074
|
-
end
|
1075
|
-
|
1076
|
-
def
|
1077
|
-
|
1078
|
-
|
1079
|
-
|
1080
|
-
|
1081
|
-
|
1082
|
-
|
1083
|
-
|
1084
|
-
|
1085
|
-
|
1086
|
-
|
1087
|
-
|
1088
|
-
|
1089
|
-
|
1090
|
-
|
1091
|
-
server
|
1092
|
-
|
1093
|
-
|
1094
|
-
|
1095
|
-
|
1096
|
-
|
1097
|
-
|
1098
|
-
|
1099
|
-
|
1100
|
-
|
1101
|
-
|
1102
|
-
|
1103
|
-
|
1104
|
-
|
1105
|
-
|
1106
|
-
|
1107
|
-
|
1108
|
-
|
1109
|
-
|
1110
|
-
|
1111
|
-
|
1112
|
-
|
1113
|
-
|
1114
|
-
|
1115
|
-
|
1116
|
-
|
1117
|
-
|
1118
|
-
|
1119
|
-
|
1120
|
-
|
1121
|
-
|
1122
|
-
|
1123
|
-
|
1124
|
-
|
1125
|
-
|
1126
|
-
|
1127
|
-
|
1128
|
-
|
1129
|
-
|
1130
|
-
|
1131
|
-
|
1132
|
-
|
1133
|
-
|
1134
|
-
|
1135
|
-
|
1136
|
-
|
1137
|
-
|
1138
|
-
|
1139
|
-
|
1140
|
-
|
1141
|
-
|
1142
|
-
|
1143
|
-
|
1144
|
-
|
1145
|
-
|
1146
|
-
|
1147
|
-
|
1148
|
-
|
1149
|
-
|
1150
|
-
|
1151
|
-
|
1152
|
-
|
1153
|
-
|
1154
|
-
|
1155
|
-
|
1156
|
-
|
1157
|
-
)
|
1158
|
-
|
1159
|
-
|
1160
|
-
|
1161
|
-
|
1162
|
-
|
1163
|
-
|
1164
|
-
|
1165
|
-
}
|
1166
|
-
|
1167
|
-
|
1168
|
-
|
1169
|
-
|
1170
|
-
|
1171
|
-
|
1172
|
-
|
1173
|
-
|
1174
|
-
|
1175
|
-
}
|
1176
|
-
|
1177
|
-
|
1178
|
-
|
1179
|
-
|
1180
|
-
|
1181
|
-
|
1182
|
-
|
1183
|
-
|
1184
|
-
|
1185
|
-
|
1186
|
-
|
1187
|
-
|
1188
|
-
|
1189
|
-
|
1190
|
-
|
1191
|
-
|
1192
|
-
)
|
1193
|
-
|
1194
|
-
|
1195
|
-
|
1196
|
-
|
1197
|
-
|
1198
|
-
|
1199
|
-
|
1200
|
-
|
1201
|
-
|
1202
|
-
|
1203
|
-
|
1204
|
-
|
1205
|
-
|
1206
|
-
|
1207
|
-
|
1208
|
-
|
1209
|
-
|
1210
|
-
|
1211
|
-
|
1212
|
-
|
1213
|
-
|
1214
|
-
|
1215
|
-
|
1
|
+
require "dev-lxc/server"
|
2
|
+
require "mixlib/install"
|
3
|
+
require "open-uri"
|
4
|
+
|
5
|
+
module DevLXC
|
6
|
+
class Cluster
|
7
|
+
attr_reader :config
|
8
|
+
|
9
|
+
def initialize(cluster_config)
|
10
|
+
FileUtils.mkdir_p('/var/dev-lxc') unless Dir.exist?('/var/dev-lxc')
|
11
|
+
|
12
|
+
@config = Hash.new { |hash, key| hash[key] = {} }
|
13
|
+
@server_configs = Hash.new
|
14
|
+
|
15
|
+
%w(adhoc analytics automate build-nodes chef-backend chef-server compliance nodes runners supermarket).each do |server_type|
|
16
|
+
if cluster_config[server_type]
|
17
|
+
if cluster_config[server_type]["servers"]
|
18
|
+
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
19
|
+
server_config ||= Hash.new
|
20
|
+
|
21
|
+
products = server_config['products']
|
22
|
+
products ||= Hash.new
|
23
|
+
|
24
|
+
enable_build_snapshots = cluster_config[server_type]["enable_build_snapshots"]
|
25
|
+
enable_build_snapshots = cluster_config["enable_build_snapshots"] if enable_build_snapshots.nil?
|
26
|
+
enable_build_snapshots = server_config["enable_build_snapshots"] if server_config.key?("enable_build_snapshots")
|
27
|
+
enable_build_snapshots = true if enable_build_snapshots.nil?
|
28
|
+
|
29
|
+
memory_per_server = cluster_config[server_type]["memory_per_server"]
|
30
|
+
memory_per_server ||= cluster_config["memory_per_server"]
|
31
|
+
memory_per_server = server_config["memory_per_server"] if server_config["memory_per_server"]
|
32
|
+
|
33
|
+
mounts = ["/var/dev-lxc var/dev-lxc"]
|
34
|
+
if cluster_config[server_type]["mounts"]
|
35
|
+
mounts.concat(cluster_config[server_type]["mounts"])
|
36
|
+
elsif cluster_config["mounts"]
|
37
|
+
mounts.concat(cluster_config["mounts"])
|
38
|
+
end
|
39
|
+
mounts = ["/var/dev-lxc var/dev-lxc"] + server_config["mounts"] if server_config["mounts"]
|
40
|
+
|
41
|
+
ssh_keys = cluster_config[server_type]["ssh-keys"]
|
42
|
+
ssh_keys ||= cluster_config["ssh-keys"]
|
43
|
+
ssh_keys = server_config["ssh-keys"] if server_config["ssh-keys"]
|
44
|
+
|
45
|
+
base_container_name = cluster_config[server_type]["base_container"]
|
46
|
+
base_container_name ||= cluster_config["base_container"]
|
47
|
+
base_container_name = server_config["base_container"] if server_config["base_container"]
|
48
|
+
|
49
|
+
@server_configs[server_name] = {
|
50
|
+
server_type: server_type,
|
51
|
+
products: products,
|
52
|
+
ipaddress: server_config['ipaddress'],
|
53
|
+
additional_fqdn: nil,
|
54
|
+
enable_build_snapshots: enable_build_snapshots,
|
55
|
+
first_run: false,
|
56
|
+
memory_per_server: memory_per_server,
|
57
|
+
mounts: mounts,
|
58
|
+
ssh_keys: ssh_keys,
|
59
|
+
base_container_name: base_container_name
|
60
|
+
}
|
61
|
+
# gather configuration from only the first "automate", "compliance" or "supermarket" server
|
62
|
+
break if %w(automate compliance supermarket).include?(server_type)
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
66
|
+
case server_type
|
67
|
+
when "analytics"
|
68
|
+
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
69
|
+
@config[server_type][:topology] ||= 'standalone'
|
70
|
+
@config[server_type][:fqdn] = cluster_config[server_type]["analytics_fqdn"]
|
71
|
+
@config[server_type][:frontends] = Array.new
|
72
|
+
|
73
|
+
if cluster_config[server_type]["servers"]
|
74
|
+
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
75
|
+
server_config ||= Hash.new
|
76
|
+
additional_fqdn = nil
|
77
|
+
case @config[server_type][:topology]
|
78
|
+
when 'standalone'
|
79
|
+
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
80
|
+
@config[server_type][:fqdn] ||= @config[server_type][:bootstrap_backend]
|
81
|
+
when 'tier'
|
82
|
+
@config[server_type][:bootstrap_backend] = server_name if server_config["role"] == "backend" && server_config["bootstrap"] == true
|
83
|
+
if server_config["role"] == "frontend"
|
84
|
+
additional_fqdn = @config[server_type][:fqdn]
|
85
|
+
@config[server_type][:frontends] << server_name
|
86
|
+
end
|
87
|
+
end
|
88
|
+
@server_configs[server_name].merge!({
|
89
|
+
additional_fqdn: additional_fqdn
|
90
|
+
})
|
91
|
+
end
|
92
|
+
end
|
93
|
+
when "chef-backend"
|
94
|
+
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
95
|
+
@config[server_type][:users] = cluster_config[server_type]["users"]
|
96
|
+
@config[server_type][:users] ||= Array.new
|
97
|
+
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
98
|
+
@config[server_type][:orgs] ||= Hash.new
|
99
|
+
@config[server_type][:backends] = Array.new
|
100
|
+
@config[server_type][:frontends] = Array.new
|
101
|
+
|
102
|
+
servers = cluster_config[server_type]["servers"]
|
103
|
+
if servers
|
104
|
+
@config[server_type][:leader_backend] = servers.select { |s,sc| sc['role'] == 'backend' && sc['leader'] == true }.keys.first
|
105
|
+
@config[server_type][:bootstrap_frontend] = servers.select { |s,sc| sc['role'] == 'frontend' && sc['bootstrap'] == true }.keys.first
|
106
|
+
@config[server_type][:backends] << @config[server_type][:leader_backend]
|
107
|
+
@config[server_type][:frontends] << @config[server_type][:bootstrap_frontend]
|
108
|
+
servers.each do |server_name, server_config|
|
109
|
+
server_config ||= Hash.new
|
110
|
+
additional_fqdn = nil
|
111
|
+
case server_config["role"]
|
112
|
+
when "backend"
|
113
|
+
@config[server_type][:backends] << server_name unless server_name == @config[server_type][:leader_backend]
|
114
|
+
when "frontend"
|
115
|
+
additional_fqdn = @config[server_type][:fqdn]
|
116
|
+
@config[server_type][:frontends] << server_name unless server_name == @config[server_type][:bootstrap_frontend]
|
117
|
+
@server_configs[server_name].merge!({
|
118
|
+
chef_server_rb: server_config['chef-server.rb'],
|
119
|
+
chef_server_rb_partials: server_config['chef-server.rb_partials']
|
120
|
+
})
|
121
|
+
end
|
122
|
+
@server_configs[server_name].merge!({
|
123
|
+
additional_fqdn: additional_fqdn,
|
124
|
+
chef_server_type: 'chef-server'
|
125
|
+
})
|
126
|
+
end
|
127
|
+
end
|
128
|
+
when "chef-server"
|
129
|
+
@config[server_type][:topology] = cluster_config[server_type]["topology"]
|
130
|
+
@config[server_type][:topology] ||= 'standalone'
|
131
|
+
@config[server_type][:fqdn] = cluster_config[server_type]["api_fqdn"]
|
132
|
+
@config[server_type][:users] = cluster_config[server_type]["users"]
|
133
|
+
@config[server_type][:users] ||= Array.new
|
134
|
+
@config[server_type][:orgs] = cluster_config[server_type]["orgs"]
|
135
|
+
@config[server_type][:orgs] ||= Hash.new
|
136
|
+
@config[server_type][:frontends] = Array.new
|
137
|
+
|
138
|
+
if cluster_config[server_type]["servers"]
|
139
|
+
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
140
|
+
server_config ||= Hash.new
|
141
|
+
additional_fqdn = nil
|
142
|
+
chef_server_type = 'private-chef' if @server_configs[server_name][:products].has_key?('private-chef')
|
143
|
+
chef_server_type = 'chef-server' if @server_configs[server_name][:products].has_key?('chef-server')
|
144
|
+
case @config[server_type][:topology]
|
145
|
+
when 'standalone'
|
146
|
+
@config[server_type][:bootstrap_backend] = server_name if server_config["role"].nil?
|
147
|
+
@config[server_type][:fqdn] ||= @config[server_type][:bootstrap_backend]
|
148
|
+
when 'tier'
|
149
|
+
@config[server_type][:bootstrap_backend] = server_name if server_config["role"] == "backend" && server_config["bootstrap"] == true
|
150
|
+
if server_config["role"] == "frontend"
|
151
|
+
additional_fqdn = @config[server_type][:fqdn]
|
152
|
+
@config[server_type][:frontends] << server_name
|
153
|
+
end
|
154
|
+
end
|
155
|
+
@server_configs[server_name].merge!({
|
156
|
+
additional_fqdn: additional_fqdn,
|
157
|
+
chef_server_type: chef_server_type,
|
158
|
+
chef_server_rb: server_config['chef-server.rb'],
|
159
|
+
chef_server_rb_partials: server_config['chef-server.rb_partials']
|
160
|
+
})
|
161
|
+
end
|
162
|
+
end
|
163
|
+
when "supermarket"
|
164
|
+
unless cluster_config[server_type]["servers"].first.nil?
|
165
|
+
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
166
|
+
@config[server_type][:fqdn] = server_name
|
167
|
+
end
|
168
|
+
when "compliance"
|
169
|
+
unless cluster_config[server_type]["servers"].first.nil?
|
170
|
+
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
171
|
+
@server_configs[server_name][:admin_user] = cluster_config[server_type]["admin_user"]
|
172
|
+
end
|
173
|
+
when "automate"
|
174
|
+
unless cluster_config[server_type]["servers"].first.nil?
|
175
|
+
(server_name, server_config) = cluster_config[server_type]["servers"].first
|
176
|
+
server_config ||= Hash.new
|
177
|
+
@server_configs[server_name].merge!({
|
178
|
+
license_path: server_config['license_path'],
|
179
|
+
chef_org: server_config['chef_org'],
|
180
|
+
enterprise_name: server_config['enterprise_name'],
|
181
|
+
delivery_rb: server_config['delivery.rb'],
|
182
|
+
delivery_rb_partials: server_config['delivery.rb_partials']
|
183
|
+
})
|
184
|
+
end
|
185
|
+
when "nodes"
|
186
|
+
chef_server_url = cluster_config[server_type]['chef_server_url']
|
187
|
+
validation_client_name = cluster_config[server_type]['validation_client_name']
|
188
|
+
validation_key = cluster_config[server_type]['validation_key']
|
189
|
+
if cluster_config[server_type]["servers"]
|
190
|
+
cluster_config[server_type]["servers"].each do |server_name, server_config|
|
191
|
+
server_config ||= Hash.new
|
192
|
+
chef_server_url = server_config['chef_server_url'] if server_config['chef_server_url']
|
193
|
+
validation_client_name = server_config['validation_client_name'] if server_config['validation_client_name']
|
194
|
+
validation_key = server_config['validation_key'] if server_config['validation_key']
|
195
|
+
@server_configs[server_name].merge!({
|
196
|
+
chef_server_url: chef_server_url,
|
197
|
+
validation_client_name: validation_client_name,
|
198
|
+
validation_key: validation_key
|
199
|
+
})
|
200
|
+
end
|
201
|
+
end
|
202
|
+
end
|
203
|
+
end
|
204
|
+
end
|
205
|
+
validate_cluster_config
|
206
|
+
end
|
207
|
+
|
208
|
+
def validate_cluster_config
|
209
|
+
base_container_names = Array.new
|
210
|
+
mounts = Array.new
|
211
|
+
ssh_keys = Array.new
|
212
|
+
hostnames = Array.new
|
213
|
+
|
214
|
+
@config.map { |server_type, config| hostnames.push(config[:fqdn]) }
|
215
|
+
|
216
|
+
puts "WARNING: No servers are configured in dev-lxc.yml." if @server_configs.empty?
|
217
|
+
|
218
|
+
@server_configs.each do |server_name, server_config|
|
219
|
+
base_container_names.push(server_config[:base_container_name]).uniq! if server_config[:base_container_name]
|
220
|
+
mounts.concat(server_config[:mounts]).uniq! if server_config[:mounts]
|
221
|
+
ssh_keys.concat(server_config[:ssh_keys]).uniq! if server_config[:ssh_keys]
|
222
|
+
hostnames.push(server_name)
|
223
|
+
case server_config[:server_type]
|
224
|
+
when "automate"
|
225
|
+
if server_config[:license_path] && !File.file?(server_config[:license_path])
|
226
|
+
puts "ERROR: Automate license #{server_config[:license_path]} does not exist or is not a file."
|
227
|
+
exit 1
|
228
|
+
end
|
229
|
+
if server_config[:delivery_rb] && !File.file?(server_config[:delivery_rb])
|
230
|
+
puts "ERROR: Automate config #{server_config[:delivery_rb]} does not exist or is not a file."
|
231
|
+
exit 1
|
232
|
+
end
|
233
|
+
if server_config[:delivery_rb_partials]
|
234
|
+
server_config[:delivery_rb_partials].each do |partial|
|
235
|
+
unless File.file?(partial)
|
236
|
+
puts "ERROR: Automate config partial #{partial} does not exist or is not a file."
|
237
|
+
exit 1
|
238
|
+
end
|
239
|
+
end
|
240
|
+
end
|
241
|
+
when "chef-server", "chef-backend"
|
242
|
+
if server_config[:chef_server_rb] && !File.file?(server_config[:chef_server_rb])
|
243
|
+
puts "ERROR: Chef Server config #{server_config[:chef_server_rb]} does not exist or is not a file."
|
244
|
+
exit 1
|
245
|
+
end
|
246
|
+
if server_config[:chef_server_rb_partials]
|
247
|
+
server_config[:chef_server_rb_partials].each do |partial|
|
248
|
+
unless File.file?(partial)
|
249
|
+
puts "ERROR: Chef Server config partial #{partial} does not exist or is not a file."
|
250
|
+
exit 1
|
251
|
+
end
|
252
|
+
end
|
253
|
+
end
|
254
|
+
when "nodes"
|
255
|
+
if server_config[:validation_key] && !File.file?(server_config[:validation_key])
|
256
|
+
puts "ERROR: Validation key #{server_config[:validation_key]} does not exist or is not a file."
|
257
|
+
exit 1
|
258
|
+
end
|
259
|
+
end
|
260
|
+
end
|
261
|
+
|
262
|
+
unless base_container_names.empty?
|
263
|
+
base_container_names.each do |base_container_name|
|
264
|
+
unless ::DevLXC::Container.new(base_container_name).defined?
|
265
|
+
puts "ERROR: Base container #{base_container_name} does not exist."
|
266
|
+
exit 1
|
267
|
+
end
|
268
|
+
end
|
269
|
+
end
|
270
|
+
unless hostnames.empty?
|
271
|
+
hostnames.each do |hostname|
|
272
|
+
unless hostname.end_with?(".lxc")
|
273
|
+
puts "ERROR: Hostname #{hostname} does not end with '.lxc'."
|
274
|
+
exit 1
|
275
|
+
end
|
276
|
+
end
|
277
|
+
end
|
278
|
+
unless mounts.empty?
|
279
|
+
mounts.each do |mount|
|
280
|
+
unless File.exists?(mount.split.first)
|
281
|
+
puts "ERROR: Mount source #{mount.split.first} does not exist."
|
282
|
+
exit 1
|
283
|
+
end
|
284
|
+
end
|
285
|
+
end
|
286
|
+
unless ssh_keys.empty?
|
287
|
+
ssh_keys.each do |ssh_key|
|
288
|
+
unless File.exists?(ssh_key)
|
289
|
+
puts "ERROR: SSH key #{ssh_key} does not exist."
|
290
|
+
exit 1
|
291
|
+
end
|
292
|
+
end
|
293
|
+
end
|
294
|
+
end
|
295
|
+
|
296
|
+
def show_config(include_products=false)
|
297
|
+
require 'pp'
|
298
|
+
calculate_required_products(get_sorted_servers, true) if include_products
|
299
|
+
puts "Cluster config:"
|
300
|
+
pp @config
|
301
|
+
puts
|
302
|
+
puts "Server configs:"
|
303
|
+
pp @server_configs
|
304
|
+
end
|
305
|
+
|
306
|
+
def get_server(server_name)
|
307
|
+
ipaddress = @server_configs[server_name][:ipaddress]
|
308
|
+
additional_fqdn = @server_configs[server_name][:additional_fqdn]
|
309
|
+
memory_per_server = @server_configs[server_name][:memory_per_server]
|
310
|
+
mounts = @server_configs[server_name][:mounts]
|
311
|
+
ssh_keys = @server_configs[server_name][:ssh_keys]
|
312
|
+
Server.new(server_name, ipaddress, additional_fqdn, memory_per_server, mounts, ssh_keys)
|
313
|
+
end
|
314
|
+
|
315
|
+
def get_sorted_servers(server_name_regex=nil)
|
316
|
+
servers = Array.new
|
317
|
+
|
318
|
+
# the order of this list of server_types matters
|
319
|
+
# it determines the order in which actions are applied to each server_type
|
320
|
+
%w(chef-backend chef-server analytics compliance supermarket automate build-nodes runners nodes adhoc).each do |server_type|
|
321
|
+
unless @config[server_type].empty?
|
322
|
+
case server_type
|
323
|
+
when "chef-backend"
|
324
|
+
@config[server_type][:backends].each do |backend_name|
|
325
|
+
servers << get_server(backend_name)
|
326
|
+
end
|
327
|
+
@config[server_type][:frontends].each do |frontend_name|
|
328
|
+
servers << get_server(frontend_name)
|
329
|
+
end
|
330
|
+
when "analytics", "chef-server"
|
331
|
+
if @config[server_type][:bootstrap_backend]
|
332
|
+
server_name = @config[server_type][:bootstrap_backend]
|
333
|
+
servers << get_server(server_name)
|
334
|
+
end
|
335
|
+
@config[server_type][:frontends].each do |frontend_name|
|
336
|
+
servers << get_server(frontend_name)
|
337
|
+
end
|
338
|
+
end
|
339
|
+
end
|
340
|
+
if %w(adhoc automate build-nodes compliance nodes runners supermarket).include?(server_type)
|
341
|
+
server_configs = @server_configs.select { |server_name, server_config| server_config[:server_type] == server_type }
|
342
|
+
server_configs.each_key { |server_name| servers << get_server(server_name) }
|
343
|
+
end
|
344
|
+
end
|
345
|
+
servers.select { |s| s.name =~ /#{server_name_regex}/ }
|
346
|
+
end
|
347
|
+
|
348
|
+
def destroy(server_name_regex=nil)
|
349
|
+
servers = get_sorted_servers(server_name_regex)
|
350
|
+
servers.reverse_each { |s| s.destroy; puts }
|
351
|
+
delete_dns_records unless get_sorted_servers.any? { |s| s.container.state != :stopped }
|
352
|
+
end
|
353
|
+
|
354
|
+
def halt(server_name_regex=nil)
|
355
|
+
servers = get_sorted_servers(server_name_regex)
|
356
|
+
servers.reverse_each { |s| s.shutdown; puts }
|
357
|
+
delete_dns_records unless get_sorted_servers.any? { |s| s.container.state != :stopped }
|
358
|
+
end
|
359
|
+
|
360
|
+
def delete_dns_records
|
361
|
+
@server_configs.keys.each { |server_name| DevLXC::search_file_delete_line("/etc/lxc/addn-hosts.conf", /\s#{server_name}/) }
|
362
|
+
DevLXC::reload_dnsmasq
|
363
|
+
end
|
364
|
+
|
365
|
+
def up(server_name_regex=nil)
|
366
|
+
configured_servers = Array.new
|
367
|
+
servers = get_sorted_servers(server_name_regex)
|
368
|
+
exit 1 if abort_up(servers)
|
369
|
+
servers.each do |server|
|
370
|
+
unless server.container.defined?
|
371
|
+
clone_from_base_container(server)
|
372
|
+
@server_configs[server.name][:first_run] = true
|
373
|
+
end
|
374
|
+
end
|
375
|
+
prep_product_cache(servers)
|
376
|
+
# get_sorted_servers is called again in order to ensure the container objects are initialized properly in case they were just cloned from the base container
|
377
|
+
servers = get_sorted_servers(server_name_regex)
|
378
|
+
create_dns_records unless servers.empty?
|
379
|
+
servers.each do |server|
|
380
|
+
next if ! @server_configs[server.name][:enable_build_snapshots] && ! @server_configs[server.name][:first_run]
|
381
|
+
if %w(build-nodes runners).include?(@server_configs[server.name][:server_type])
|
382
|
+
next if @server_configs[server.name][:required_products]["chefdk"] && @server_configs[server.name][:required_products].length == 1
|
383
|
+
end
|
384
|
+
install_products(server) unless @server_configs[server.name][:required_products].empty?
|
385
|
+
end
|
386
|
+
servers.each do |server|
|
387
|
+
if server.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: completed") }.empty?
|
388
|
+
if server.name == @config["chef-backend"][:bootstrap_frontend]
|
389
|
+
running_backends = Array.new
|
390
|
+
@config["chef-backend"][:backends].reverse_each do |server_name|
|
391
|
+
next unless @server_configs[server_name][:enable_build_snapshots]
|
392
|
+
backend = get_server(server_name)
|
393
|
+
if backend.container.defined? && backend.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: backend cluster configured but frontend not bootstrapped") }.empty?
|
394
|
+
if backend.container.running?
|
395
|
+
running_backends << backend.name
|
396
|
+
backend.shutdown
|
397
|
+
end
|
398
|
+
backend.snapshot("dev-lxc build: backend cluster configured but frontend not bootstrapped")
|
399
|
+
snapshot = backend.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: completed") }.first
|
400
|
+
backend.snapshot_destroy(snapshot.first) if snapshot
|
401
|
+
end
|
402
|
+
end
|
403
|
+
@config["chef-backend"][:backends].each do |server_name|
|
404
|
+
next unless @server_configs[server_name][:enable_build_snapshots]
|
405
|
+
if running_backends.include?(server_name)
|
406
|
+
get_server(server_name).start
|
407
|
+
configured_servers << server_name unless configured_servers.include?(server_name)
|
408
|
+
end
|
409
|
+
end
|
410
|
+
end
|
411
|
+
if @server_configs[server.name][:enable_build_snapshots] || @server_configs[server.name][:first_run]
|
412
|
+
configure_products(server)
|
413
|
+
configured_servers << server.name
|
414
|
+
end
|
415
|
+
end
|
416
|
+
if server.container.running?
|
417
|
+
puts "Container '#{server.name}' is already running"
|
418
|
+
puts
|
419
|
+
else
|
420
|
+
server.start
|
421
|
+
end
|
422
|
+
end
|
423
|
+
configured_servers.reverse_each do |server_name|
|
424
|
+
next unless @server_configs[server_name][:enable_build_snapshots]
|
425
|
+
server = get_server(server_name)
|
426
|
+
server.shutdown if server.container.running?
|
427
|
+
server.snapshot("dev-lxc build: completed")
|
428
|
+
end
|
429
|
+
configured_servers.each do |server_name|
|
430
|
+
next unless @server_configs[server_name][:enable_build_snapshots]
|
431
|
+
server = get_server(server_name)
|
432
|
+
server.start if server.container.defined?
|
433
|
+
end
|
434
|
+
end
|
435
|
+
|
436
|
+
def abort_up(servers)
|
437
|
+
abort_up = false
|
438
|
+
servers.each do |server|
|
439
|
+
next if server.container.defined? && !server.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: completed") }.empty?
|
440
|
+
next if ! @server_configs[server.name][:enable_build_snapshots] && ! @server_configs[server.name][:first_run]
|
441
|
+
if @server_configs[server.name][:server_type] == 'compliance' && @config["chef-server"][:topology] == "standalone"
|
442
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
443
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
444
|
+
abort_up = true
|
445
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.running? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
446
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be running first."
|
447
|
+
abort_up = true
|
448
|
+
end
|
449
|
+
end
|
450
|
+
if (@config['chef-server'][:frontends] && @config['chef-server'][:frontends].include?(server.name)) || server.name == @config['analytics'][:bootstrap_backend]
|
451
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
452
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
453
|
+
abort_up = true
|
454
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
455
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
456
|
+
abort_up = true
|
457
|
+
end
|
458
|
+
end
|
459
|
+
if @config['chef-server'][:bootstrap_backend] && @server_configs[server.name][:server_type] == 'supermarket'
|
460
|
+
if !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
461
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
462
|
+
abort_up = true
|
463
|
+
end
|
464
|
+
end
|
465
|
+
if @config['analytics'][:frontends] && @config['analytics'][:frontends].include?(server.name)
|
466
|
+
if @config['analytics'][:bootstrap_backend].nil?
|
467
|
+
puts "ERROR: '#{server.name}' requires an Analytics Server bootstrap backend to be configured first."
|
468
|
+
abort_up = true
|
469
|
+
elsif !get_server(@config['analytics'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['analytics'][:bootstrap_backend] }.empty?
|
470
|
+
puts "ERROR: '#{server.name}' requires '#{@config['analytics'][:bootstrap_backend]}' to be configured first."
|
471
|
+
abort_up = true
|
472
|
+
end
|
473
|
+
end
|
474
|
+
if @config['chef-backend'][:frontends] && @config['chef-backend'][:frontends].include?(server.name) && server.name != @config['chef-backend'][:bootstrap_frontend]
|
475
|
+
if @config['chef-backend'][:bootstrap_frontend].nil?
|
476
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap frontend to be configured first."
|
477
|
+
abort_up = true
|
478
|
+
elsif !get_server(@config['chef-backend'][:bootstrap_frontend]).container.defined? && servers.select { |s| s.name == @config['chef-backend'][:bootstrap_frontend] }.empty?
|
479
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-backend'][:bootstrap_frontend]}' to be configured first."
|
480
|
+
abort_up = true
|
481
|
+
end
|
482
|
+
end
|
483
|
+
if server.name == @config['chef-backend'][:bootstrap_frontend]
|
484
|
+
if (@config['chef-backend'][:backends].select { |s| get_server(s).container.running? }.length + servers.select { |s| @config['chef-backend'][:backends].include?(s.name) }.length) < 2
|
485
|
+
puts "ERROR: '#{server.name}' requires at least two nodes in the backend cluster to be running first."
|
486
|
+
abort_up = true
|
487
|
+
end
|
488
|
+
end
|
489
|
+
if @config['chef-backend'][:backends] && @config['chef-backend'][:backends].include?(server.name) && server.name != @config['chef-backend'][:leader_backend]
|
490
|
+
if !get_server(@config['chef-backend'][:leader_backend]).container.running? && servers.select { |s| s.name == @config['chef-backend'][:leader_backend] }.empty?
|
491
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-backend'][:leader_backend]}' to be running first."
|
492
|
+
abort_up = true
|
493
|
+
end
|
494
|
+
end
|
495
|
+
if @server_configs[server.name][:server_type] == 'nodes'
|
496
|
+
if @server_configs[server.name][:chef_server_url] && @server_configs[server.name][:validation_client_name] && @server_configs[server.name][:validation_key].nil?
|
497
|
+
if @config['chef-server'][:bootstrap_backend] && !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
498
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
499
|
+
abort_up = true
|
500
|
+
elsif @config['chef-backend'][:bootstrap_frontend] && !get_server(@config['chef-backend'][:bootstrap_frontend]).container.defined? && servers.select { |s| s.name == @config['chef-backend'][:bootstrap_frontend] }.empty?
|
501
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-backend'][:bootstrap_frontend]}' to be configured first."
|
502
|
+
abort_up = true
|
503
|
+
end
|
504
|
+
end
|
505
|
+
end
|
506
|
+
if @server_configs[server.name][:server_type] == 'automate'
|
507
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
508
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
509
|
+
abort_up = true
|
510
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.defined? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
511
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be configured first."
|
512
|
+
abort_up = true
|
513
|
+
end
|
514
|
+
end
|
515
|
+
if %w(build-nodes runners).include?(@server_configs[server.name][:server_type])
|
516
|
+
if @config['chef-server'][:bootstrap_backend].nil?
|
517
|
+
puts "ERROR: '#{server.name}' requires a Chef Server bootstrap backend to be configured first."
|
518
|
+
abort_up = true
|
519
|
+
elsif !get_server(@config['chef-server'][:bootstrap_backend]).container.running? && servers.select { |s| s.name == @config['chef-server'][:bootstrap_backend] }.empty?
|
520
|
+
puts "ERROR: '#{server.name}' requires '#{@config['chef-server'][:bootstrap_backend]}' to be running first."
|
521
|
+
abort_up = true
|
522
|
+
end
|
523
|
+
if @config['chef-server'][:topology] == 'tier'
|
524
|
+
if @config[server_type][:frontends].empty?
|
525
|
+
puts "ERROR: '#{server.name}' requires at least one Chef Server frontend to be configured first."
|
526
|
+
abort_up = true
|
527
|
+
elsif (@config['chef-server'][:frontends].select { |s| get_server(s).container.running? }.length + servers.select { |s| @config['chef-server'][:frontends].include?(s.name) }.length) < 1
|
528
|
+
puts "ERROR: '#{server.name}' requires at least one Chef Server frontend to be running first."
|
529
|
+
abort_up = true
|
530
|
+
end
|
531
|
+
end
|
532
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
533
|
+
if automate_server_name
|
534
|
+
if !get_server(automate_server_name).container.running? && servers.select { |s| s.name == automate_server_name }.empty?
|
535
|
+
puts "ERROR: '#{server.name}' requires '#{automate_server_name}' to be running first."
|
536
|
+
abort_up = true
|
537
|
+
end
|
538
|
+
else
|
539
|
+
puts "ERROR: '#{server.name}' requires an Automate Server to be configured first."
|
540
|
+
abort_up = true
|
541
|
+
end
|
542
|
+
end
|
543
|
+
end
|
544
|
+
return abort_up
|
545
|
+
end
|
546
|
+
|
547
|
+
def create_dns_records
|
548
|
+
get_sorted_servers.each do |server|
|
549
|
+
ipaddress = server.container.ip_addresses.first
|
550
|
+
ipaddress ||= @server_configs[server.name][:ipaddress]
|
551
|
+
next unless ipaddress
|
552
|
+
additional_fqdn = @server_configs[server.name][:additional_fqdn]
|
553
|
+
dns_record = "#{ipaddress} #{server.name}"
|
554
|
+
dns_record += " #{additional_fqdn}\n" if additional_fqdn
|
555
|
+
DevLXC::search_file_delete_line("/etc/lxc/addn-hosts.conf", /\s#{server.name}/)
|
556
|
+
DevLXC::append_line_to_file("/etc/lxc/addn-hosts.conf", dns_record)
|
557
|
+
end
|
558
|
+
DevLXC::reload_dnsmasq
|
559
|
+
end
|
560
|
+
|
561
|
+
def clone_from_base_container(server)
|
562
|
+
server_type = @server_configs[server.name][:server_type]
|
563
|
+
base_container = DevLXC::Container.new(@server_configs[server.name][:base_container_name])
|
564
|
+
puts "Cloning base container '#{base_container.name}' into container '#{server.name}'"
|
565
|
+
base_container.clone(server.name, {:flags => LXC::LXC_CLONE_SNAPSHOT})
|
566
|
+
server.container.load_config
|
567
|
+
puts "Deleting SSH Server Host Keys"
|
568
|
+
FileUtils.rm_f(Dir.glob("#{server.container.config_item('lxc.rootfs')}/etc/ssh/ssh_host*_key*"))
|
569
|
+
end
|
570
|
+
|
571
|
+
def get_product_download_info(server, product_name, product_options)
|
572
|
+
server_type = @server_configs[server.name][:server_type]
|
573
|
+
base_container = DevLXC::Container.new(@server_configs[server.name][:base_container_name])
|
574
|
+
mixlib_install_platform_detection_path = "#{base_container.config_item('lxc.rootfs')}/mixlib-install-platform-detection"
|
575
|
+
IO.write(mixlib_install_platform_detection_path, Mixlib::Install::Generator::Bourne.detect_platform_sh)
|
576
|
+
platform_results = `chroot #{base_container.config_item('lxc.rootfs')} bash mixlib-install-platform-detection`
|
577
|
+
File.unlink(mixlib_install_platform_detection_path)
|
578
|
+
if platform_results.empty?
|
579
|
+
puts "ERROR: Unable to detect the platform of container '#{base_container.name}'"
|
580
|
+
exit 1
|
581
|
+
end
|
582
|
+
(platform, platform_version, architecture) = platform_results.split
|
583
|
+
product_version = product_options['version'] if product_options
|
584
|
+
product_version ||= 'latest'
|
585
|
+
channel = product_options['channel'] if product_options
|
586
|
+
channel ||= 'stable'
|
587
|
+
channel = channel.to_sym
|
588
|
+
options = {
|
589
|
+
product_name: product_name,
|
590
|
+
product_version: product_version,
|
591
|
+
channel: channel,
|
592
|
+
platform: platform,
|
593
|
+
platform_version: platform_version,
|
594
|
+
architecture: architecture
|
595
|
+
}
|
596
|
+
artifact = Mixlib::Install.new(options).artifact_info
|
597
|
+
if artifact.class != Mixlib::Install::ArtifactInfo
|
598
|
+
puts "ERROR: Unable to find download URL for the following product"
|
599
|
+
puts JSON.pretty_generate(options)
|
600
|
+
exit 1
|
601
|
+
end
|
602
|
+
[artifact.url, artifact.sha256]
|
603
|
+
end
|
604
|
+
|
605
|
+
def calculate_required_products(servers, force=false)
|
606
|
+
all_required_products = Hash.new
|
607
|
+
servers.each do |server|
|
608
|
+
products = @server_configs[server.name][:products]
|
609
|
+
@server_configs[server.name][:required_products] = Hash.new
|
610
|
+
if !force && !server.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: products installed") }.empty?
|
611
|
+
# Skipping product cache preparation for container because it has a 'products installed' snapshot
|
612
|
+
next
|
613
|
+
elsif !force && !server.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: completed") }.empty?
|
614
|
+
# Skipping product cache preparation for container because it has a 'build: completed' snapshot
|
615
|
+
next
|
616
|
+
elsif ! @server_configs[server.name][:enable_build_snapshots] && ! @server_configs[server.name][:first_run]
|
617
|
+
# Skipping product cache preparation for container because it build snapshots are disabled and this is not the container's first run
|
618
|
+
next
|
619
|
+
end
|
620
|
+
products.each do |product_name, product_options|
|
621
|
+
if product_options && product_options['package_source']
|
622
|
+
package_source = product_options['package_source']
|
623
|
+
all_required_products[package_source] = [product_name, nil]
|
624
|
+
@server_configs[server.name][:required_products][product_name] = package_source
|
625
|
+
else
|
626
|
+
package_source, package_sha256 = get_product_download_info(server, product_name, product_options)
|
627
|
+
all_required_products[package_source] = [product_name, package_sha256]
|
628
|
+
product_cache_path = "/var/dev-lxc/cache/chef-products/#{product_name}/#{File.basename(package_source)}"
|
629
|
+
@server_configs[server.name][:required_products][product_name] = product_cache_path
|
630
|
+
end
|
631
|
+
end
|
632
|
+
end
|
633
|
+
all_required_products
|
634
|
+
end
|
635
|
+
|
636
|
+
def prep_product_cache(servers, force=false)
|
637
|
+
all_required_products = calculate_required_products(servers, force)
|
638
|
+
all_required_products.each do |package_source, v|
|
639
|
+
product_name, package_sha256 = v
|
640
|
+
if package_source.start_with?('http')
|
641
|
+
product_cache_path = "/var/dev-lxc/cache/chef-products/#{product_name}/#{File.basename(package_source)}"
|
642
|
+
if !File.exist?(product_cache_path)
|
643
|
+
FileUtils.mkdir_p(File.dirname(product_cache_path)) unless Dir.exist?(File.dirname(product_cache_path))
|
644
|
+
puts "Downloading #{package_source} to #{product_cache_path}"
|
645
|
+
open(package_source) { |url| File.open(product_cache_path, 'wb') { |f| f.write(url.read) } }
|
646
|
+
end
|
647
|
+
if package_sha256 != Digest::SHA256.file(product_cache_path).hexdigest
|
648
|
+
puts "ERROR: Incorrect SHA256 for #{product_cache_path}"
|
649
|
+
exit 1
|
650
|
+
end
|
651
|
+
elsif !File.exist?(package_source)
|
652
|
+
puts "ERROR: Package source #{package_source} does not exist."
|
653
|
+
exit 1
|
654
|
+
end
|
655
|
+
end
|
656
|
+
end
|
657
|
+
|
658
|
+
def install_products(server)
|
659
|
+
if !server.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: products installed") }.empty?
|
660
|
+
puts "Skipping product installation for container '#{server.name}' because it already has a 'products installed' snapshot"
|
661
|
+
return
|
662
|
+
elsif !server.snapshot_list.select { |sn| sn[2].to_s.start_with?("dev-lxc build: completed") }.empty?
|
663
|
+
puts "Skipping product installation for container '#{server.name}' because it already has a 'build: completed' snapshot"
|
664
|
+
return
|
665
|
+
end
|
666
|
+
if server.container.running?
|
667
|
+
server_was_running = true
|
668
|
+
else
|
669
|
+
server_was_running = false
|
670
|
+
server.start
|
671
|
+
end
|
672
|
+
@server_configs[server.name][:required_products].each do |product_name, package_source|
|
673
|
+
next if %w(build-nodes runners).include?(@server_configs[server.name][:server_type]) && product_name == "chefdk"
|
674
|
+
server.install_package(package_source)
|
675
|
+
end
|
676
|
+
if @server_configs[server.name][:enable_build_snapshots]
|
677
|
+
server.shutdown
|
678
|
+
server.snapshot("dev-lxc build: products installed")
|
679
|
+
server.start if server_was_running
|
680
|
+
end
|
681
|
+
end
|
682
|
+
|
683
|
+
def configure_products(server)
|
684
|
+
puts "Configuring container '#{server.name}'"
|
685
|
+
server.start
|
686
|
+
installed_products = @server_configs[server.name][:products].keys if @server_configs[server.name][:products]
|
687
|
+
installed_products ||= Array.new
|
688
|
+
server_type = @server_configs[server.name][:server_type]
|
689
|
+
dot_chef_path = "/root/chef-repo/.chef"
|
690
|
+
case server_type
|
691
|
+
when 'adhoc'
|
692
|
+
# Allow adhoc servers time to generate SSH Server Host Keys
|
693
|
+
sleep 5
|
694
|
+
when 'analytics'
|
695
|
+
configure_analytics(server) if installed_products.include?('analytics')
|
696
|
+
when 'build-nodes'
|
697
|
+
sleep 5 # give time for DNS resolution to be available
|
698
|
+
configure_build_node(server)
|
699
|
+
when 'runners'
|
700
|
+
sleep 5 # give time for DNS resolution to be available
|
701
|
+
configure_runner(server)
|
702
|
+
when 'chef-backend'
|
703
|
+
configure_chef_backend(server) if installed_products.include?('chef-backend')
|
704
|
+
if installed_products.include?('chef-server')
|
705
|
+
configure_chef_frontend(server)
|
706
|
+
if server.name == @config['chef-backend'][:bootstrap_frontend]
|
707
|
+
create_users_orgs_knife_configs(server, dot_chef_path)
|
708
|
+
end
|
709
|
+
end
|
710
|
+
configure_manage(server) if installed_products.include?('manage')
|
711
|
+
when 'chef-server'
|
712
|
+
if installed_products.include?('chef-server') || installed_products.include?('private-chef')
|
713
|
+
configure_chef_server(server)
|
714
|
+
if server.name == @config['chef-server'][:bootstrap_backend]
|
715
|
+
create_users_orgs_knife_configs(server, dot_chef_path)
|
716
|
+
|
717
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
718
|
+
if automate_server_name
|
719
|
+
automate_user = "delivery"
|
720
|
+
automate_chef_org = @server_configs[automate_server_name][:chef_org]
|
721
|
+
create_user(server, automate_user, dot_chef_path)
|
722
|
+
create_org(server, automate_chef_org, dot_chef_path)
|
723
|
+
org_add_user(server, automate_chef_org, automate_user, true, dot_chef_path)
|
724
|
+
end
|
725
|
+
end
|
726
|
+
end
|
727
|
+
configure_reporting(server) if installed_products.include?('reporting')
|
728
|
+
configure_push_jobs_server(server) if installed_products.include?('push-jobs-server')
|
729
|
+
configure_manage(server) if installed_products.include?('manage')
|
730
|
+
when 'compliance'
|
731
|
+
configure_compliance(server) if installed_products.include?('compliance')
|
732
|
+
when 'automate'
|
733
|
+
configure_automate(server) if installed_products.include?('automate') || installed_products.include?('delivery')
|
734
|
+
when 'nodes'
|
735
|
+
# Allow servers time to generate SSH Server Host Keys
|
736
|
+
sleep 5
|
737
|
+
configure_chef_client(server, dot_chef_path) if installed_products.include?('chef') || installed_products.include?('chefdk')
|
738
|
+
when 'supermarket'
|
739
|
+
configure_supermarket(server) if installed_products.include?('supermarket')
|
740
|
+
end
|
741
|
+
end
|
742
|
+
|
743
|
+
def configure_automate(server)
|
744
|
+
license_path = @server_configs[server.name][:license_path]
|
745
|
+
chef_org = @server_configs[server.name][:chef_org]
|
746
|
+
enterprise_name = @server_configs[server.name][:enterprise_name]
|
747
|
+
chef_server_url = @config['chef-server'][:fqdn]
|
748
|
+
supermarket_fqdn = @config['supermarket'][:fqdn]
|
749
|
+
|
750
|
+
FileUtils.cp(license_path, "#{server.container.config_item('lxc.rootfs')}/root/automate.license")
|
751
|
+
|
752
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
753
|
+
automate_chef_user_key = "#{chef_server.container.config_item('lxc.rootfs')}/root/chef-repo/.chef/delivery.pem"
|
754
|
+
FileUtils.cp(automate_chef_user_key, "#{server.container.config_item('lxc.rootfs')}/root/automate_chef_user_key.pem")
|
755
|
+
|
756
|
+
setup_cmd = "setup"
|
757
|
+
setup_cmd += " --license /root/automate.license"
|
758
|
+
setup_cmd += " --fqdn #{server.name}"
|
759
|
+
setup_cmd += " --key /root/automate_chef_user_key.pem"
|
760
|
+
setup_cmd += " --server-url https://#{chef_server_url}/organizations/#{chef_org}"
|
761
|
+
setup_cmd += " --supermarket-fqdn #{supermarket_fqdn}" if supermarket_fqdn
|
762
|
+
setup_cmd += " --enterprise #{enterprise_name}"
|
763
|
+
setup_cmd += " --no-build-node"
|
764
|
+
setup_cmd += " --no-configure"
|
765
|
+
server.run_command("delivery-ctl #{setup_cmd}")
|
766
|
+
|
767
|
+
if @server_configs[server.name][:delivery_rb]
|
768
|
+
puts "Copying #{@server_configs[server.name][:delivery_rb]} to /etc/delivery/delivery.rb"
|
769
|
+
FileUtils.cp(@server_configs[server.name][:delivery_rb], "#{server.container.config_item('lxc.rootfs')}/etc/delivery/delivery.rb")
|
770
|
+
else
|
771
|
+
# enable Compliance profiles asset store
|
772
|
+
DevLXC::append_line_to_file("#{server.container.config_item('lxc.rootfs')}/etc/delivery/delivery.rb", "compliance_profiles['enable'] = true\n")
|
773
|
+
end
|
774
|
+
if @server_configs[server.name][:delivery_rb_partials]
|
775
|
+
@server_configs[server.name][:delivery_rb_partials].each do |partial|
|
776
|
+
puts "Appending #{partial} to /etc/delivery/delivery.rb"
|
777
|
+
partial_content = IO.read(partial)
|
778
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/delivery/delivery.rb", partial_content, mode: 'a')
|
779
|
+
end
|
780
|
+
end
|
781
|
+
|
782
|
+
server.run_command("delivery-ctl reconfigure")
|
783
|
+
|
784
|
+
# give time for all services to come up completely
|
785
|
+
sleep 10
|
786
|
+
|
787
|
+
server.run_command("delivery-ctl create-enterprise #{enterprise_name} --ssh-pub-key-file /etc/delivery/builder_key.pub", "#{server.container.config_item('lxc.rootfs')}/etc/delivery/#{enterprise_name}-admin-credentials")
|
788
|
+
end
|
789
|
+
|
790
|
+
def print_automate_credentials
|
791
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
792
|
+
if automate_server_name
|
793
|
+
automate_server = get_server(automate_server_name)
|
794
|
+
automate_credentials_files = Dir.glob("#{automate_server.container.config_item('lxc.rootfs')}/etc/delivery/*-credentials")
|
795
|
+
automate_credentials_files.each_with_index do |automate_credentials_file, index|
|
796
|
+
puts IO.read(automate_credentials_file)
|
797
|
+
puts if index + 1 < automate_credentials_files.length
|
798
|
+
end
|
799
|
+
else
|
800
|
+
puts "WARNING: An Automate server is not defined."
|
801
|
+
exit 1
|
802
|
+
end
|
803
|
+
end
|
804
|
+
|
805
|
+
def configure_build_node(server)
|
806
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
807
|
+
if automate_server_name
|
808
|
+
automate_server = get_server(automate_server_name)
|
809
|
+
install_build_node_cmd = "install-build-node"
|
810
|
+
install_build_node_cmd += " --fqdn #{server.name}"
|
811
|
+
install_build_node_cmd += " --username dev-lxc"
|
812
|
+
install_build_node_cmd += " --password dev-lxc"
|
813
|
+
install_build_node_cmd += " --installer #{@server_configs[server.name][:required_products]["chefdk"]}"
|
814
|
+
install_build_node_cmd += " --overwrite-registration"
|
815
|
+
automate_server.run_command("delivery-ctl #{install_build_node_cmd}")
|
816
|
+
end
|
817
|
+
end
|
818
|
+
|
819
|
+
def configure_runner(server)
|
820
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
821
|
+
if automate_server_name
|
822
|
+
automate_server = get_server(automate_server_name)
|
823
|
+
install_runner_cmd = "install-runner #{server.name} dev-lxc"
|
824
|
+
install_runner_cmd += " --password dev-lxc"
|
825
|
+
install_runner_cmd += " --installer #{@server_configs[server.name][:required_products]["chefdk"]}"
|
826
|
+
install_runner_cmd += " --yes"
|
827
|
+
automate_server.run_command("delivery-ctl #{install_runner_cmd}")
|
828
|
+
end
|
829
|
+
end
|
830
|
+
|
831
|
+
def configure_chef_client(server, dot_chef_path)
|
832
|
+
puts "Configuring Chef Client in container '#{server.name}'"
|
833
|
+
|
834
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/chef")
|
835
|
+
|
836
|
+
chef_server_url = @server_configs[server.name][:chef_server_url]
|
837
|
+
validation_client_name = @server_configs[server.name][:validation_client_name]
|
838
|
+
validation_key = @server_configs[server.name][:validation_key]
|
839
|
+
if validation_key.nil?
|
840
|
+
chef_server_name = @config['chef-server'][:bootstrap_backend]
|
841
|
+
chef_server_name ||= @config['chef-backend'][:bootstrap_frontend]
|
842
|
+
if chef_server_name
|
843
|
+
chef_server = get_server(chef_server_name)
|
844
|
+
if chef_server.container.defined?
|
845
|
+
validator_pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}#{dot_chef_path}/*-validator.pem")
|
846
|
+
FileUtils.cp(validator_pem_files, "#{server.container.config_item('lxc.rootfs')}/etc/chef/") unless validator_pem_files.empty?
|
847
|
+
end
|
848
|
+
end
|
849
|
+
else
|
850
|
+
FileUtils.cp(validation_key, "#{server.container.config_item('lxc.rootfs')}/etc/chef/") if File.exists?(validation_key)
|
851
|
+
end
|
852
|
+
|
853
|
+
client_rb = %Q(# uncomment the following proxy lines to send traffic through mitmproxy
|
854
|
+
#http_proxy 'http://10.0.3.1:8080'
|
855
|
+
#https_proxy 'http://10.0.3.1:8080'
|
856
|
+
|
857
|
+
chef_server_url '#{chef_server_url}'
|
858
|
+
validation_client_name '#{validation_client_name}'
|
859
|
+
validation_key '/etc/chef/#{validation_client_name}.pem'
|
860
|
+
ssl_verify_mode :verify_none
|
861
|
+
)
|
862
|
+
|
863
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
864
|
+
if automate_server_name
|
865
|
+
client_rb += %Q(
|
866
|
+
# data_collector.server_url "https://#{automate_server_name}/data-collector/v0/"
|
867
|
+
# data_collector.token "93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"
|
868
|
+
)
|
869
|
+
end
|
870
|
+
|
871
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/chef/client.rb", client_rb)
|
872
|
+
end
|
873
|
+
|
874
|
+
def configure_chef_backend(server)
|
875
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/var/opt/chef-backend")
|
876
|
+
FileUtils.touch("#{server.container.config_item('lxc.rootfs')}/var/opt/chef-backend/.license.accepted")
|
877
|
+
if server.name == @config['chef-backend'][:leader_backend]
|
878
|
+
puts "Creating /etc/chef-backend/chef-backend.rb"
|
879
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/chef-backend")
|
880
|
+
chef_backend_config = "publish_address '#{@server_configs[server.name][:ipaddress]}'\n"
|
881
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/chef-backend/chef-backend.rb", chef_backend_config)
|
882
|
+
server.run_command("chef-backend-ctl bootstrap --yes")
|
883
|
+
else
|
884
|
+
puts "Joining #{server.name} to the chef-backend cluster"
|
885
|
+
leader_backend = get_server(@config['chef-backend'][:leader_backend])
|
886
|
+
FileUtils.cp("#{leader_backend.container.config_item('lxc.rootfs')}/etc/chef-backend/chef-backend-secrets.json",
|
887
|
+
"#{server.container.config_item('lxc.rootfs')}/root/")
|
888
|
+
server.run_command("chef-backend-ctl join-cluster #{@server_configs[leader_backend.name][:ipaddress]} -p #{@server_configs[server.name][:ipaddress]} -s /root/chef-backend-secrets.json --yes")
|
889
|
+
end
|
890
|
+
end
|
891
|
+
|
892
|
+
def configure_chef_frontend(server)
|
893
|
+
puts "Creating /etc/opscode/chef-server.rb"
|
894
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/opscode")
|
895
|
+
leader_backend = get_server(@config['chef-backend'][:leader_backend])
|
896
|
+
if @server_configs[server.name][:chef_server_rb]
|
897
|
+
puts "Copying #{@server_configs[server.name][:chef_server_rb]} to /etc/opscode/chef-server.rb"
|
898
|
+
FileUtils.cp(@server_configs[server.name][:chef_server_rb], "#{server.container.config_item('lxc.rootfs')}/etc/opscode/chef-server.rb")
|
899
|
+
else
|
900
|
+
leader_backend.run_command("chef-backend-ctl gen-server-config #{server.name}", "#{server.container.config_item('lxc.rootfs')}/etc/opscode/chef-server.rb")
|
901
|
+
end
|
902
|
+
if @server_configs[server.name][:chef_server_rb_partials]
|
903
|
+
@server_configs[server.name][:chef_server_rb_partials].each do |partial|
|
904
|
+
puts "Appending #{partial} to /etc/opscode/chef-server.rb"
|
905
|
+
partial_content = IO.read(partial)
|
906
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode/chef-server.rb", partial_content, mode: 'a')
|
907
|
+
end
|
908
|
+
end
|
909
|
+
unless server.name == @config['chef-backend'][:bootstrap_frontend]
|
910
|
+
bootstrap_frontend = get_server(@config['chef-backend'][:bootstrap_frontend])
|
911
|
+
%w(pivotal.pem private-chef-secrets.json webui_priv.pem webui_pub.pem).each do |file|
|
912
|
+
puts "Copying /etc/opscode/#{file} from bootstrap frontend '#{bootstrap_frontend.name}'"
|
913
|
+
FileUtils.cp("#{bootstrap_frontend.container.config_item('lxc.rootfs')}/etc/opscode/#{file}", "#{server.container.config_item('lxc.rootfs')}/etc/opscode/")
|
914
|
+
end
|
915
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/var/opt/opscode/upgrades/")
|
916
|
+
puts "Copying /var/opt/opscode/upgrades/migration-level from bootstrap frontend '#{bootstrap_frontend.name}'"
|
917
|
+
FileUtils.cp("#{bootstrap_frontend.container.config_item('lxc.rootfs')}/var/opt/opscode/upgrades/migration-level", "#{server.container.config_item('lxc.rootfs')}/var/opt/opscode/upgrades/")
|
918
|
+
puts "Touching /var/opt/opscode/bootstrapped"
|
919
|
+
FileUtils.touch("#{server.container.config_item('lxc.rootfs')}/var/opt/opscode/bootstrapped")
|
920
|
+
end
|
921
|
+
server.run_command("chef-server-ctl reconfigure")
|
922
|
+
end
|
923
|
+
|
924
|
+
def configure_chef_server(server)
|
925
|
+
if @config['chef-server'][:topology] == "standalone" || @config['chef-server'][:bootstrap_backend] == server.name
|
926
|
+
case @server_configs[server.name][:chef_server_type]
|
927
|
+
when 'private-chef'
|
928
|
+
puts "Creating /etc/opscode/private-chef.rb"
|
929
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/opscode")
|
930
|
+
if @server_configs[server.name][:chef_server_rb]
|
931
|
+
puts "Copying #{@server_configs[server.name][:chef_server_rb]} to /etc/opscode/private-chef.rb"
|
932
|
+
FileUtils.cp(@server_configs[server.name][:chef_server_rb], "#{server.container.config_item('lxc.rootfs')}/etc/opscode/private-chef.rb")
|
933
|
+
else
|
934
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode/private-chef.rb", chef_server_config)
|
935
|
+
end
|
936
|
+
if @server_configs[server.name][:chef_server_rb_partials]
|
937
|
+
@server_configs[server.name][:chef_server_rb_partials].each do |partial|
|
938
|
+
puts "Appending #{partial} to /etc/opscode/private-chef.rb"
|
939
|
+
partial_content = IO.read(partial)
|
940
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode/private-chef.rb", partial_content, mode: 'a')
|
941
|
+
end
|
942
|
+
end
|
943
|
+
when 'chef-server'
|
944
|
+
puts "Creating /etc/opscode/chef-server.rb"
|
945
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/opscode")
|
946
|
+
if @server_configs[server.name][:chef_server_rb]
|
947
|
+
puts "Copying #{@server_configs[server.name][:chef_server_rb]} to /etc/opscode/chef-server.rb"
|
948
|
+
FileUtils.cp(@server_configs[server.name][:chef_server_rb], "#{server.container.config_item('lxc.rootfs')}/etc/opscode/chef-server.rb")
|
949
|
+
else
|
950
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode/chef-server.rb", chef_server_config)
|
951
|
+
end
|
952
|
+
if @server_configs[server.name][:chef_server_rb_partials]
|
953
|
+
@server_configs[server.name][:chef_server_rb_partials].each do |partial|
|
954
|
+
puts "Appending #{partial} to /etc/opscode/chef-server.rb"
|
955
|
+
partial_content = IO.read(partial)
|
956
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode/chef-server.rb", partial_content, mode: 'a')
|
957
|
+
end
|
958
|
+
end
|
959
|
+
end
|
960
|
+
elsif @config['chef-server'][:frontends].include?(server.name)
|
961
|
+
puts "Copying /etc/opscode from bootstrap backend '#{@config['chef-server'][:bootstrap_backend]}'"
|
962
|
+
FileUtils.cp_r("#{get_server(@config['chef-server'][:bootstrap_backend]).container.config_item('lxc.rootfs')}/etc/opscode",
|
963
|
+
"#{server.container.config_item('lxc.rootfs')}/etc", preserve: true)
|
964
|
+
if @server_configs[server.name][:chef_server_rb]
|
965
|
+
puts "Copying #{@server_configs[server.name][:chef_server_rb]} to /etc/opscode/#{@server_configs[server.name][:chef_server_type]}.rb"
|
966
|
+
FileUtils.cp(@server_configs[server.name][:chef_server_rb], "#{server.container.config_item('lxc.rootfs')}/etc/opscode/#{@server_configs[server.name][:chef_server_type]}.rb")
|
967
|
+
end
|
968
|
+
if @server_configs[server.name][:chef_server_rb_partials]
|
969
|
+
@server_configs[server.name][:chef_server_rb_partials].each do |partial|
|
970
|
+
puts "Appending #{partial} to /etc/opscode/#{@server_configs[server.name][:chef_server_type]}.rb"
|
971
|
+
partial_content = IO.read(partial)
|
972
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode/#{@server_configs[server.name][:chef_server_type]}.rb", partial_content, mode: 'a')
|
973
|
+
end
|
974
|
+
end
|
975
|
+
end
|
976
|
+
server.run_command("#{@server_configs[server.name][:chef_server_type]}-ctl reconfigure")
|
977
|
+
end
|
978
|
+
|
979
|
+
def configure_reporting(server)
|
980
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/var/opt/opscode-reporting")
|
981
|
+
FileUtils.touch("#{server.container.config_item('lxc.rootfs')}/var/opt/opscode-reporting/.license.accepted")
|
982
|
+
if @config['chef-server'][:frontends].include?(server.name)
|
983
|
+
puts "Copying /etc/opscode-reporting from bootstrap backend '#{@config['chef-server'][:bootstrap_backend]}'"
|
984
|
+
FileUtils.cp_r("#{get_server(@config['chef-server'][:bootstrap_backend]).container.config_item('lxc.rootfs')}/etc/opscode-reporting",
|
985
|
+
"#{server.container.config_item('lxc.rootfs')}/etc", preserve: true)
|
986
|
+
end
|
987
|
+
server.run_command("#{@server_configs[server.name][:chef_server_type]}-ctl reconfigure")
|
988
|
+
server.run_command("opscode-reporting-ctl reconfigure")
|
989
|
+
end
|
990
|
+
|
991
|
+
def configure_push_jobs_server(server)
|
992
|
+
server.run_command("opscode-push-jobs-server-ctl reconfigure")
|
993
|
+
server.run_command("#{@server_configs[server.name][:chef_server_type]}-ctl reconfigure")
|
994
|
+
end
|
995
|
+
|
996
|
+
def configure_manage(server)
|
997
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/var/opt/chef-manage")
|
998
|
+
FileUtils.touch("#{server.container.config_item('lxc.rootfs')}/var/opt/chef-manage/.license.accepted")
|
999
|
+
if @server_configs[server.name][:chef_server_type] == 'private-chef'
|
1000
|
+
puts "Disabling old opscode-webui in /etc/opscode/private-chef.rb"
|
1001
|
+
DevLXC.search_file_delete_line("#{server.container.config_item('lxc.rootfs')}/etc/opscode/private-chef.rb", /opscode_webui[.enable.]/)
|
1002
|
+
DevLXC.append_line_to_file("#{server.container.config_item('lxc.rootfs')}/etc/opscode/private-chef.rb", "\nopscode_webui['enable'] = false\n")
|
1003
|
+
server.run_command("#{@server_configs[server.name][:chef_server_type]}-ctl reconfigure")
|
1004
|
+
end
|
1005
|
+
server.run_command("opscode-manage-ctl reconfigure")
|
1006
|
+
end
|
1007
|
+
|
1008
|
+
def configure_analytics(server)
|
1009
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/var/opt/opscode-analytics")
|
1010
|
+
FileUtils.touch("#{server.container.config_item('lxc.rootfs')}/var/opt/opscode-analytics/.license.accepted")
|
1011
|
+
if @config['analytics'][:topology] == "standalone" || @config['analytics'][:bootstrap_backend] == server.name
|
1012
|
+
puts "Copying /etc/opscode-analytics from Chef Server bootstrap backend '#{@config['chef-server'][:bootstrap_backend]}'"
|
1013
|
+
FileUtils.cp_r("#{get_server(@config['chef-server'][:bootstrap_backend]).container.config_item('lxc.rootfs')}/etc/opscode-analytics",
|
1014
|
+
"#{server.container.config_item('lxc.rootfs')}/etc", preserve: true)
|
1015
|
+
|
1016
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/opscode-analytics/opscode-analytics.rb", analytics_config)
|
1017
|
+
elsif @config['analytics'][:frontends].include?(server.name)
|
1018
|
+
puts "Copying /etc/opscode-analytics from Analytics bootstrap backend '#{@config['analytics'][:bootstrap_backend]}'"
|
1019
|
+
FileUtils.cp_r("#{get_server(@config['analytics'][:bootstrap_backend]).container.config_item('lxc.rootfs')}/etc/opscode-analytics",
|
1020
|
+
"#{server.container.config_item('lxc.rootfs')}/etc", preserve: true)
|
1021
|
+
end
|
1022
|
+
server.run_command("opscode-analytics-ctl reconfigure")
|
1023
|
+
end
|
1024
|
+
|
1025
|
+
def configure_compliance(server)
|
1026
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/var/opt/chef-compliance")
|
1027
|
+
FileUtils.touch("#{server.container.config_item('lxc.rootfs')}/var/opt/chef-compliance/.license.accepted")
|
1028
|
+
server.run_command("chef-compliance-ctl reconfigure")
|
1029
|
+
admin_user = @server_configs[server.name][:admin_user]
|
1030
|
+
if admin_user
|
1031
|
+
server.run_command("chef-compliance-ctl user-create #{admin_user} #{admin_user}")
|
1032
|
+
server.run_command("chef-compliance-ctl restart core")
|
1033
|
+
end
|
1034
|
+
|
1035
|
+
if @config["chef-server"][:topology] == "standalone"
|
1036
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
1037
|
+
FileUtils.mkdir_p("#{chef_server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server")
|
1038
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server")
|
1039
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/prepare-chef-compliance",
|
1040
|
+
"chef-compliance-ctl connect chef-server --non-interactive true --chef-app-id 'compliance_server' --auth-id 'Chef Server' --insecure true --compliance-url 'https://#{server.name}'"
|
1041
|
+
)
|
1042
|
+
server.run_command("bash /root/integrate-compliance-with-chef-server/prepare-chef-compliance", "#{server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/prepare-chef-compliance-output")
|
1043
|
+
server.run_command("chef-compliance-ctl reconfigure")
|
1044
|
+
server.run_command("chef-compliance-ctl restart core")
|
1045
|
+
prepare_chef_compliance_output = IO.read("#{server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/prepare-chef-compliance-output")
|
1046
|
+
delimited_chef_server_command = prepare_chef_compliance_output.match(/\n---\n(.+)\n---/m)
|
1047
|
+
if delimited_chef_server_command
|
1048
|
+
IO.write("#{chef_server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/configure-chef-server", delimited_chef_server_command[1])
|
1049
|
+
chef_server.run_command("bash /root/integrate-compliance-with-chef-server/configure-chef-server", "#{chef_server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/configure-chef-server-output")
|
1050
|
+
end
|
1051
|
+
configure_chef_server_output = IO.read("#{chef_server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/configure-chef-server-output")
|
1052
|
+
compliance_command = configure_chef_server_output.match(/^chef-compliance-ctl .+$/)
|
1053
|
+
if compliance_command
|
1054
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/root/integrate-compliance-with-chef-server/configure-chef-compliance", compliance_command)
|
1055
|
+
server.run_command("bash /root/integrate-compliance-with-chef-server/configure-chef-compliance")
|
1056
|
+
server.run_command("chef-compliance-ctl reconfigure")
|
1057
|
+
end
|
1058
|
+
end
|
1059
|
+
end
|
1060
|
+
|
1061
|
+
def configure_supermarket(server)
|
1062
|
+
if @config['chef-server'][:bootstrap_backend] && get_server(@config['chef-server'][:bootstrap_backend]).container.defined?
|
1063
|
+
chef_server_supermarket_config = JSON.parse(IO.read("#{get_server(@config['chef-server'][:bootstrap_backend]).container.config_item('lxc.rootfs')}/etc/opscode/oc-id-applications/supermarket.json"))
|
1064
|
+
supermarket_config = {
|
1065
|
+
'chef_server_url' => "https://#{@config['chef-server'][:fqdn]}/",
|
1066
|
+
'chef_oauth2_app_id' => chef_server_supermarket_config['uid'],
|
1067
|
+
'chef_oauth2_secret' => chef_server_supermarket_config['secret'],
|
1068
|
+
'chef_oauth2_verify_ssl' => false
|
1069
|
+
}
|
1070
|
+
FileUtils.mkdir_p("#{server.container.config_item('lxc.rootfs')}/etc/supermarket")
|
1071
|
+
IO.write("#{server.container.config_item('lxc.rootfs')}/etc/supermarket/supermarket.json", JSON.pretty_generate(supermarket_config))
|
1072
|
+
end
|
1073
|
+
server.run_command("supermarket-ctl reconfigure")
|
1074
|
+
end
|
1075
|
+
|
1076
|
+
def create_users_orgs_knife_configs(server, dot_chef_path)
|
1077
|
+
server_type = @server_configs[server.name][:server_type]
|
1078
|
+
# give time for all services to come up completely
|
1079
|
+
sleep 10
|
1080
|
+
if @server_configs[server.name][:chef_server_type] == 'private-chef'
|
1081
|
+
# give more time for all services to come up completely
|
1082
|
+
sleep 50
|
1083
|
+
server.run_command("/opt/opscode/embedded/bin/gem install knife-opc --no-ri --no-rdoc -v 0.3.1")
|
1084
|
+
end
|
1085
|
+
chef_server_dot_chef_path = "#{server.container.config_item('lxc.rootfs')}#{dot_chef_path}"
|
1086
|
+
FileUtils.mkdir_p(chef_server_dot_chef_path)
|
1087
|
+
FileUtils.cp( "#{server.container.config_item('lxc.rootfs')}/etc/opscode/pivotal.pem", chef_server_dot_chef_path )
|
1088
|
+
create_pivotal_knife_config('127.0.0.1', chef_server_dot_chef_path)
|
1089
|
+
create_knife_config('127.0.0.1', chef_server_dot_chef_path)
|
1090
|
+
@config[server_type][:users].each do |username|
|
1091
|
+
create_user(server, username, dot_chef_path)
|
1092
|
+
end
|
1093
|
+
@config[server_type][:orgs].each do |orgname, org_users|
|
1094
|
+
create_org(server, orgname, dot_chef_path)
|
1095
|
+
if org_users
|
1096
|
+
if org_users['admins']
|
1097
|
+
org_users['admins'].each do |username|
|
1098
|
+
org_add_user(server, orgname, username, true, dot_chef_path)
|
1099
|
+
end
|
1100
|
+
end
|
1101
|
+
if org_users['non-admins']
|
1102
|
+
org_users['non-admins'].each do |username|
|
1103
|
+
org_add_user(server, orgname, username, false, dot_chef_path)
|
1104
|
+
end
|
1105
|
+
end
|
1106
|
+
end
|
1107
|
+
end
|
1108
|
+
end
|
1109
|
+
|
1110
|
+
def create_pivotal_knife_config(fqdn, dot_chef_path)
|
1111
|
+
pivotal_rb = %Q(
|
1112
|
+
current_dir = File.dirname(__FILE__)
|
1113
|
+
|
1114
|
+
chef_server_root "https://#{fqdn}"
|
1115
|
+
chef_server_url "https://#{fqdn}"
|
1116
|
+
|
1117
|
+
node_name "pivotal"
|
1118
|
+
client_key "\#{current_dir}/pivotal.pem"
|
1119
|
+
|
1120
|
+
cookbook_path Dir.pwd + "/cookbooks"
|
1121
|
+
knife[:chef_repo_path] = Dir.pwd
|
1122
|
+
|
1123
|
+
ssl_verify_mode :verify_none
|
1124
|
+
)
|
1125
|
+
IO.write("#{dot_chef_path}/pivotal.rb", pivotal_rb)
|
1126
|
+
end
|
1127
|
+
|
1128
|
+
def create_knife_config(fqdn, dot_chef_path)
|
1129
|
+
knife_rb = %Q(# uncomment the following proxy lines to send traffic through a proxy
|
1130
|
+
# mitmproxy uses port 8080
|
1131
|
+
# tinyproxy uses port 8888
|
1132
|
+
#http_proxy 'http://127.0.0.1:8080'
|
1133
|
+
#https_proxy 'http://127.0.0.1:8080'
|
1134
|
+
|
1135
|
+
username = "CHANGEME"
|
1136
|
+
orgname = "CHANGEME"
|
1137
|
+
|
1138
|
+
if [username, orgname].include?("CHANGEME")
|
1139
|
+
puts "ERROR: Please set 'username' and 'orgname' to proper values in knife.rb"
|
1140
|
+
exit!
|
1141
|
+
end
|
1142
|
+
|
1143
|
+
current_dir = File.dirname(__FILE__)
|
1144
|
+
|
1145
|
+
chef_server_url "https://#{fqdn}/organizations/\#{orgname}"
|
1146
|
+
|
1147
|
+
node_name username
|
1148
|
+
client_key "\#{current_dir}/\#{username}.pem"
|
1149
|
+
|
1150
|
+
validation_client_name "\#{orgname}-validator"
|
1151
|
+
validation_key "\#{current_dir}/\#{orgname}-validator.pem"
|
1152
|
+
|
1153
|
+
cookbook_path Dir.pwd + "/cookbooks"
|
1154
|
+
knife[:chef_repo_path] = Dir.pwd
|
1155
|
+
|
1156
|
+
ssl_verify_mode :verify_none
|
1157
|
+
)
|
1158
|
+
IO.write("#{dot_chef_path}/knife.rb", knife_rb)
|
1159
|
+
end
|
1160
|
+
|
1161
|
+
def create_user(server, username, dot_chef_path)
|
1162
|
+
create_user_string = "#{username} #{username} #{username} #{username}@noreply.com #{username} --filename #{dot_chef_path}/#{username}.pem"
|
1163
|
+
case @server_configs[server.name][:chef_server_type]
|
1164
|
+
when 'private-chef'
|
1165
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc user create #{create_user_string} -c #{dot_chef_path}/pivotal.rb")
|
1166
|
+
when 'chef-server'
|
1167
|
+
server.run_command("chef-server-ctl user-create #{create_user_string}")
|
1168
|
+
end
|
1169
|
+
end
|
1170
|
+
|
1171
|
+
def create_org(server, orgname, dot_chef_path)
|
1172
|
+
create_org_string = "#{orgname} #{orgname} --filename #{dot_chef_path}/#{orgname}-validator.pem"
|
1173
|
+
case @server_configs[server.name][:chef_server_type]
|
1174
|
+
when 'private-chef'
|
1175
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc org create #{create_org_string} -c #{dot_chef_path}/pivotal.rb")
|
1176
|
+
when 'chef-server'
|
1177
|
+
server.run_command("chef-server-ctl org-create #{create_org_string}")
|
1178
|
+
end
|
1179
|
+
end
|
1180
|
+
|
1181
|
+
def org_add_user(server, orgname, username, admin, dot_chef_path)
|
1182
|
+
org_add_user_string = "#{orgname} #{username}"
|
1183
|
+
org_add_user_string += " --admin" if admin
|
1184
|
+
case @server_configs[server.name][:chef_server_type]
|
1185
|
+
when 'private-chef'
|
1186
|
+
server.run_command("/opt/opscode/embedded/bin/knife opc org user add #{org_add_user_string} -c #{dot_chef_path}/pivotal.rb")
|
1187
|
+
when 'chef-server'
|
1188
|
+
server.run_command("chef-server-ctl org-user-add #{org_add_user_string}")
|
1189
|
+
end
|
1190
|
+
end
|
1191
|
+
|
1192
|
+
def chef_repo(force=false, pivotal=false)
|
1193
|
+
chef_server_dot_chef_path = "/root/chef-repo/.chef"
|
1194
|
+
dot_chef_path = ".chef"
|
1195
|
+
|
1196
|
+
if @config['chef-server'][:bootstrap_backend]
|
1197
|
+
chef_server = get_server(@config['chef-server'][:bootstrap_backend])
|
1198
|
+
chef_server_fqdn = @config['chef-server'][:fqdn]
|
1199
|
+
elsif @config['chef-backend'][:bootstrap_frontend]
|
1200
|
+
chef_server = get_server(@config['chef-backend'][:bootstrap_frontend])
|
1201
|
+
chef_server_fqdn = @config['chef-backend'][:fqdn]
|
1202
|
+
else
|
1203
|
+
puts "ERROR: A Chef Server is not defined in the cluster's config. Please define it first."
|
1204
|
+
exit 1
|
1205
|
+
end
|
1206
|
+
unless chef_server.container.defined?
|
1207
|
+
puts "ERROR: The '#{chef_server.name}' Chef Server does not exist."
|
1208
|
+
exit 1
|
1209
|
+
end
|
1210
|
+
|
1211
|
+
puts "Creating chef-repo with pem files and knife.rb in the current directory"
|
1212
|
+
FileUtils.mkdir_p(dot_chef_path)
|
1213
|
+
|
1214
|
+
pem_files = Dir.glob("#{chef_server.container.config_item('lxc.rootfs')}#{chef_server_dot_chef_path}/*.pem")
|
1215
|
+
pem_files.delete_if { |pem_file| pem_file.end_with?("/pivotal.pem") } unless pivotal
|
1216
|
+
FileUtils.cp(pem_files, dot_chef_path) unless pem_files.empty?
|
1217
|
+
|
1218
|
+
if pivotal
|
1219
|
+
if File.exists?("#{dot_chef_path}/pivotal.rb") && ! force
|
1220
|
+
puts "Skipping pivotal.rb because it already exists in `#{dot_chef_path}`"
|
1221
|
+
else
|
1222
|
+
create_pivotal_knife_config(chef_server_fqdn, dot_chef_path)
|
1223
|
+
end
|
1224
|
+
end
|
1225
|
+
|
1226
|
+
if File.exists?("#{dot_chef_path}/knife.rb") && ! force
|
1227
|
+
puts "Skipping knife.rb because it already exists in `#{dot_chef_path}`"
|
1228
|
+
else
|
1229
|
+
create_knife_config(chef_server_fqdn, dot_chef_path)
|
1230
|
+
end
|
1231
|
+
end
|
1232
|
+
|
1233
|
+
def chef_server_config
|
1234
|
+
chef_server_config = %Q(api_fqdn "#{@config['chef-server'][:fqdn]}"\n)
|
1235
|
+
if @config['chef-server'][:topology] == 'tier'
|
1236
|
+
chef_server_config += %Q(
|
1237
|
+
topology "#{@config['chef-server'][:topology]}"
|
1238
|
+
|
1239
|
+
server "#{@config['chef-server'][:bootstrap_backend]}",
|
1240
|
+
:ipaddress => "#{@server_configs[@config['chef-server'][:bootstrap_backend]][:ipaddress]}",
|
1241
|
+
:role => "backend",
|
1242
|
+
:bootstrap => true
|
1243
|
+
|
1244
|
+
backend_vip "#{@config['chef-server'][:bootstrap_backend]}",
|
1245
|
+
:ipaddress => "#{@server_configs[@config['chef-server'][:bootstrap_backend]][:ipaddress]}"
|
1246
|
+
)
|
1247
|
+
@config['chef-server'][:frontends].each do |frontend_name|
|
1248
|
+
chef_server_config += %Q(
|
1249
|
+
server "#{frontend_name}",
|
1250
|
+
:ipaddress => "#{@server_configs[frontend_name][:ipaddress]}",
|
1251
|
+
:role => "frontend"
|
1252
|
+
)
|
1253
|
+
end
|
1254
|
+
end
|
1255
|
+
if @config['analytics'][:fqdn]
|
1256
|
+
chef_server_config += %Q(
|
1257
|
+
oc_id['applications'] ||= {}
|
1258
|
+
oc_id['applications']['analytics'] = {
|
1259
|
+
'redirect_uri' => 'https://#{@config['analytics'][:fqdn]}/'
|
1260
|
+
}
|
1261
|
+
rabbitmq['vip'] = '#{@config['chef-server'][:bootstrap_backend]}'
|
1262
|
+
rabbitmq['node_ip_address'] = '0.0.0.0'
|
1263
|
+
)
|
1264
|
+
end
|
1265
|
+
if @config['supermarket'][:fqdn]
|
1266
|
+
chef_server_config += %Q(
|
1267
|
+
oc_id['applications'] ||= {}
|
1268
|
+
oc_id['applications']['supermarket'] = {
|
1269
|
+
'redirect_uri' => 'https://#{@config['supermarket'][:fqdn]}/auth/chef_oauth2/callback'
|
1270
|
+
}
|
1271
|
+
)
|
1272
|
+
end
|
1273
|
+
automate_server_name = @server_configs.select {|name, config| config[:server_type] == 'automate'}.keys.first
|
1274
|
+
if automate_server_name
|
1275
|
+
chef_server_config += %Q(
|
1276
|
+
data_collector['root_url'] = "https://#{automate_server_name}/data-collector/v0/"
|
1277
|
+
data_collector['token'] = "93a49a4f2482c64126f7b6015e6b0f30284287ee4054ff8807fb63d9cbd1c506"
|
1278
|
+
profiles['root_url'] = "https://#{automate_server_name}"
|
1279
|
+
)
|
1280
|
+
end
|
1281
|
+
return chef_server_config
|
1282
|
+
end
|
1283
|
+
|
1284
|
+
def analytics_config
|
1285
|
+
analytics_config = %Q(analytics_fqdn "#{@config['analytics'][:fqdn]}"
|
1286
|
+
topology "#{@config['analytics'][:topology]}"
|
1287
|
+
)
|
1288
|
+
if @config['analytics'][:topology] == 'tier'
|
1289
|
+
analytics_config += %Q(
|
1290
|
+
server "#{@config['analytics'][:bootstrap_backend]}",
|
1291
|
+
:ipaddress => "#{@server_configs[@config['analytics'][:bootstrap_backend]][:ipaddress]}",
|
1292
|
+
:role => "backend",
|
1293
|
+
:bootstrap => true
|
1294
|
+
|
1295
|
+
backend_vip "#{@config['analytics'][:bootstrap_backend]}",
|
1296
|
+
:ipaddress => "#{@server_configs[@config['analytics'][:bootstrap_backend]][:ipaddress]}"
|
1297
|
+
)
|
1298
|
+
@config['analytics'][:frontends].each do |frontend_name|
|
1299
|
+
analytics_config += %Q(
|
1300
|
+
server "#{frontend_name}",
|
1301
|
+
:ipaddress => "#{@server_configs[frontend_name][:ipaddress]}",
|
1302
|
+
:role => "frontend"
|
1303
|
+
)
|
1304
|
+
end
|
1305
|
+
end
|
1306
|
+
return analytics_config
|
1307
|
+
end
|
1308
|
+
|
1309
|
+
end
|
1310
|
+
end
|