goatos-base 0.0.1

data/cookbooks/goatos/files/default/test.rb

@@ -0,0 +1,6 @@
+
+package 'git'
+package 'apache2'
+service 'apache2' do
+  action :start
+end

data/cookbooks/goatos/libraries/lwrp.rb

@@ -0,0 +1,105 @@
+require 'chef/resource/lwrp_base'
+require 'chef/provider/lwrp_base'
+require 'chef/mixin/shell_out'
+require 'json'
+
+module GoatOS
+  module RecipeHelper
+    include Chef::Mixin::ShellOut
+
+    def subuid_info
+      ::File.read('/etc/subuid').scan(/goatos:(\d+):(\d+)/).flatten
+    end
+
+    def subgid_info
+      ::File.read('/etc/subgid').scan(/goatos:(\d+):(\d+)/).flatten
+    end
+
+    def move_pids
+      uid, _ = subuid_info
+      gid, _ = subgid_info
+      shell_out!('cgm create all goatos')
+      shell_out!("cgm chown all goatos #{uid} #{gid}")
+    end
+  end
+
+  module ProviderHelper
+    Listener = Struct.new(:name, :listen, :port, :mode, :ip)
+    def state_file
+      '/opt/goatos/goats.json'
+    end
+
+    def compute_listeners
+      return [] unless File.exists?(state_file)
+      listeners = []
+      metadata = JSON.parse(File.read(state_file))
+      metadata['containers'].each do |n, meta|
+        ct = LXC::Container.new(n, '/opt/goatos/.local/share/lxc')
+        if ct.running?
+          port, mode, listen = meta['expose'].split(':')
+          config = Listener.new(n, listen, port, mode, ct.ip_addresses.first)
+          listeners << config
+        else
+          Chef::Log.warn("LXC #{n} is absent, but its metadata is present")
+        end
+      end
+      listeners
+    end
+  end
+end
+
+class Chef::Resource::HaproxyConfig < Chef::Resource::LWRPBase
+  self.resource_name = :haproxy_config
+  default_action :create
+  actions :create, :delete
+  attribute :path, kind_of: String, name_attribute: true, required: true
+  attribute :disable_on_empty, kind_of: [TrueClass, FalseClass], default: true
+  attribute :environment_file, kind_of: String, default: '/etc/default/haproxy'
+end
+
+class Chef::Provider::HaproxyConfig < Chef::Provider::LWRPBase
+
+  use_inline_resources
+
+  def whyrun_supported?
+    true
+  end
+
+  action :create do
+    require 'lxc'
+    extend GoatOS::ProviderHelper
+
+    listeners =  compute_listeners
+    enabled = '1'
+
+    if listeners.empty? and new_resource.disable_on_empty
+      enabled = '0'
+    end
+
+    file new_resource.environment_file do
+      content "ENABLED=#{enabled}\n"
+      mode 0644
+      owner 'root'
+      group 'root'
+    end
+
+    template new_resource.path do
+      action :create
+      mode 0644
+      owner 'root'
+      group 'root'
+      source 'haproxy.cfg.erb'
+      variables(listeners: listeners)
+    end
+  end
+
+  action :delete do
+    file new_resource.path do
+      action :delete
+    end
+
+    file new_resource.environment_file do
+      action :delete
+    end
+  end
+end

data/cookbooks/goatos/metadata.rb

@@ -0,0 +1,3 @@
+name 'goatos'
+description 'Installs LXC'
+version '0.0.1'

data/cookbooks/goatos/recipes/haproxy.rb

@@ -0,0 +1,16 @@
+package 'haproxy'
+
+haproxy_config '/etc/haproxy/haproxy.cfg' do
+  environment_file '/etc/default/haproxy'
+  action :create
+  notifies :reload, 'service[haproxy]'
+end
+
+service 'haproxy' do
+  action [ :start, :enable]
+  supports(
+    restart: false,
+    reload: false,
+    status: false
+  )
+end

data/cookbooks/goatos/recipes/lxc_configure.rb

@@ -0,0 +1,23 @@
+extend GoatOS::RecipeHelper
+u_start, u_range = subuid_info
+g_start, g_range = subgid_info
+
+template '/opt/goatos/.config/lxc/default.conf' do
+  owner node['goatos']['user']
+  group node['goatos']['group']
+  mode 0644
+  source 'lxc.conf.erb'
+  variables(
+    u_start: u_start,
+    u_range: u_range,
+    g_start: g_start,
+    g_range: g_range
+  )
+end
+
+file '/opt/goatos/.ssh/authorized_keys' do
+  owner node['goatos']['user']
+  group node['goatos']['group']
+  mode 0400
+  content search(:node, 'roles:master').first['goatos']['sshkey']
+end

data/cookbooks/goatos/recipes/lxc_install.rb

@@ -0,0 +1,61 @@
+
+%w{ liblxc1 lxc lxc-dev lxc-templates python3-lxc cgmanager-utils build-essential}.each do |pkg|
+  package pkg do
+    action :install
+  end
+
+end
+
+%w{ruby-lxc serfx sshkey thor chef-lxc}.each do |gem_name|
+  gem_package gem_name do
+    gem_binary '/opt/chef/embedded/bin/gem'
+  end
+end
+
+user 'goatos' do
+  home '/opt/goatos'
+  shell '/bin/bash'
+  supports(manage_home: true)
+end
+
+%w{
+  /opt/goatos/bin
+  /opt/goatos/.config
+  /opt/goatos/.local
+  /opt/goatos/.local/share
+  /opt/goatos/.cache
+  /opt/goatos/.ssh
+  /opt/goatos/lxc.conf.d
+  /opt/goatos/recipes
+  /opt/goatos/.config/lxc
+  /opt/goatos/.local/share/lxc
+  /opt/goatos/.local/share/lxcsnaps
+  /opt/goatos/.cache/lxc
+  }.each do |dir|
+  directory dir do
+    user node['goatos']['user']
+    group node['goatos']['group']
+    mode 0775
+  end
+end
+
+file '/etc/lxc/lxc-usernet' do
+  owner 'root'
+  group 'root'
+  mode 0644
+  content "#{node['goatos']['user']} veth lxcbr0 100\n"
+end
+
+cookbook_file '/opt/goatos/bin/goatos-meta' do
+  source 'goatos-meta.rb'
+  mode 0700
+  user node['goatos']['user']
+  group node['goatos']['group']
+end
+
+cookbook_file '/opt/goatos/recipes/test.rb' do
+  source 'test.rb'
+  mode 0644
+  user node['goatos']['user']
+  group node['goatos']['group']
+end

data/cookbooks/goatos/recipes/slave.rb

@@ -0,0 +1 @@
+include_recipe 'goatos::haproxy'

data/cookbooks/goatos/templates/default/haproxy.cfg.erb

@@ -0,0 +1,20 @@
+global
+  log /dev/log  local0
+  log /dev/log  local1 notice
+  chroot /var/lib/haproxy
+  user haproxy
+  group haproxy
+  daemon
+
+defaults
+  log global
+  option  dontlognull
+  contimeout 5000
+  clitimeout 50000
+  srvtimeout 50000
+
+<% @listeners.each do |listener| %>
+listen <%= listener.name.upcase %> :<%= listener.listen %>
+  mode <%= listener.mode %>
+  server <%= listener.name %> <%= listener.ip %>:<%= listener.port%>
+<% end %>

data/cookbooks/goatos/templates/default/lxc.conf.erb

@@ -0,0 +1,6 @@
+lxc.network.type = veth
+lxc.network.link = lxcbr0
+lxc.network.flags = up
+lxc.network.hwaddr = 00:16:3e:xx:xx:xx
+lxc.id_map = u 0 <%= @u_start %> <%= @u_range %>
+lxc.id_map = g 0 <%= @g_start %> <%= @g_range %>

data/goatos-base.gemspec

@@ -0,0 +1,33 @@
+# coding: utf-8
+lib = File.expand_path('../lib', __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require 'goatos/version'
+
+Gem::Specification.new do |spec|
+  spec.name          = 'goatos-base'
+  spec.version       = GoatOS::VERSION.dup
+  spec.authors       = ['Ranjib Dey']
+  spec.email         = ['dey.ranjib@gmail.com']
+  spec.summary       = %q{Distributed LXC automation suite using Chef and Blender}
+  spec.description   = %q{Deploy and manage multi node LXC installation using Chef and Blender}
+  spec.homepage      = 'https://github.com/goatos/base'
+  spec.license       = 'Apache'
+
+  spec.files         = `git ls-files`.split($/)
+  spec.executables   = spec.files.grep(%r{^bin/}) { |f| File.basename(f) }
+  spec.test_files    = spec.files.grep(%r{^(test|spec|features)/})
+  spec.require_paths = ['lib']
+
+  spec.add_dependency 'thor'
+  spec.add_dependency 'chef'
+  spec.add_dependency 'pd-blender'
+  spec.add_dependency 'blender-chef'
+  spec.add_dependency 'sshkey'
+
+
+  spec.add_development_dependency 'bundler'
+  spec.add_development_dependency 'rake'
+  spec.add_development_dependency 'rspec'
+  spec.add_development_dependency 'rubocop'
+  spec.add_development_dependency 'yard'
+end

data/lib/goatos/blends/bootstrap.rb

@@ -0,0 +1,64 @@
+require 'goatos/blends/helper'
+require 'sshkey'
+
+module GoatOS
+  module Blends
+    module Bootstrapper
+
+      def add_bootstrap_tasks(sched, node_name, options)
+        sched.ruby_task "bootstrap #{node_name}" do
+          execute do |h|
+            extend Helper
+            puts 'Yolo'
+            knife Chef::Knife::Bootstrap, h do |config|
+              config[:ssh_user] = options[:user]
+              if options[:password]
+                config[:ssh_password] = options[:password]
+                config[:use_sudo_password] = true
+              elsif options[:key]
+                config[:identity_file] = options[:key]
+              end
+              config[:ssh_port] = options[:ssh_port].to_i
+              config[:chef_node_name] = node_name
+              config[:distro] = 'chef-full'
+              config[:use_sudo] = true
+            end
+          end
+        end
+      end
+
+      def add_sshkey_task(sched, node_name)
+        sched.ruby_task 'assign ssh key' do
+          execute do  |h|
+            extend Helper
+            key = SSHKey.generate
+            File.open('keys/goatos.rsa', 'w') do |f|
+              f.write(key.private_key)
+              f.chmod(0600)
+            end
+            chef_node(node_name) do |node|
+              node.set['goatos']['sshkey'] = key.ssh_public_key
+              node.save
+            end
+          end
+        end
+      end
+
+      def add_chef_run_task(sched, node_name, run_list)
+        sched.ruby_task 'run chef' do
+          execute do |h|
+            extend Helper
+            chef_node(node_name) do |node|
+              node.run_list.reset!
+              node.run_list << run_list
+              node.save
+            end
+          end
+        end
+        sched.ssh_task 'run chef' do
+          execute 'sudo chef-client --no-fork'
+        end
+      end
+    end
+  end
+end

data/lib/goatos/blends/helper.rb

@@ -0,0 +1,60 @@
+require 'chef/knife/bootstrap'
+require 'chef/knife/cookbook_upload'
+require 'chef/knife/role_from_file'
+require 'goatos/log'
+
+module GoatOS
+  module Blends
+    module Helper
+      extend self
+      def configure
+        if File.exist?('etc/knife.rb')
+          Log.info('Configuring using knife config')
+          Chef::Config.from_file 'etc/knife.rb'
+        else
+          Log.info('Configuring using raw values')
+          Chef::Config[:client_key] = 'keys/admin.pem'
+          Chef::Config[:node_name] = 'admin'
+          Chef::Config[:chef_server_url] = "https://#{Blender::Configuration[:goatos]['target']}"
+          Chef::Config[:validation_key] = 'keys/chef-validator.pem'
+        end
+      end
+
+      def knife(klass, *args)
+        configure
+        klass.load_deps
+        plugin = klass.new
+        plugin.name_args = args
+        yield plugin.config if block_given?
+        plugin.run
+      end
+
+      def chef_node(name)
+        configure
+        node = load_node(name)
+        yield node if block_given?
+      end
+
+      def set_chef_node_run_list(name, run_list)
+        chef_node(name) do |node|
+          node.run_list.reset!
+          node.run_list << run_list
+          node.save
+        end
+      end
+
+      def load_node(name)
+        configure
+        Chef::Node.load(name)
+      end
+
+      def fetch_node(name, opts = {})
+        configure
+        node = load_node(name)
+        if opts[:attrs]
+          node[opts[:attrs]]
+        end
+      end
+    end
+  end
+end

data/lib/goatos/blends/master.rb

@@ -0,0 +1,73 @@
+require 'goatos/blends/helper'
+
+module GoatOS
+  module Blends
+    module Master
+      def add_master_tasks( sched, node_name, options )
+        sched.ssh_task 'sudo apt-get update -y'
+
+        sched.ssh_task 'download chef server' do
+          execute 'wget -c https://opscode-omnibus-packages.s3.amazonaws.com/ubuntu/12.04/x86_64/chef-server_11.1.4-1_amd64.deb'
+        end
+
+        sched.ssh_task 'install chef server' do
+          execute 'sudo dpkg -i chef-server_11.1.4-1_amd64.deb'
+        end
+
+        sched.ssh_task 'reconfigure chef server' do
+          execute 'sudo chef-server-ctl reconfigure'
+        end
+
+        %w(admin.pem chef-validator.pem).each do |key|
+          printer = StringIO.new
+          sched.ssh_task "retrieve  file '#{key}'" do
+            execute "sudo cat /etc/chef-server/#{key}"
+            driver_options(stdout: printer )
+          end
+
+          sched.ruby_task "store file '#{key}'" do
+            execute do |h|
+              File.open(File.join('keys', key), File::CREAT|File::RDWR|File::EXCL) do |f|
+                f.write(printer.string.gsub(/^blender sudo password:\s*$/,'').strip)
+              end
+              printer.rewind
+            end
+          end
+        end
+
+        sched.ruby_task 'wait 10s' do
+          execute do
+            sleep 10
+          end
+        end
+
+        sched.ruby_task 'save knife config' do
+          execute do |h|
+            File.open('etc/knife.rb', File::CREAT|File::RDWR|File::EXCL) do |f|
+              f.puts <<-EOF
+                cwd = File.expand_path('../../', __FILE__)
+                chef_server_url 'https://#{h}'
+                node_name 'admin'
+                client_key File.join(cwd, 'keys/admin.pem')
+                validation_key File.join(cwd, 'keys/chef-validator.pem')
+              EOF
+            end
+            sleep 10
+          end
+        end
+
+        sched.ruby_task 'upload cookbooks' do
+          execute do |h|
+            extend Helper
+            knife Chef::Knife::RoleFromFile, 'roles/slave.rb', 'roles/master.rb', 'roles/standalone.rb'
+            knife Chef::Knife::CookbookUpload do |config|
+              config[:cookbook_path] = 'cookbooks'
+              config[:all] = true
+            end
+          end
+          driver_options(stdout: $stdout)
+        end
+      end
+    end
+  end
+end