rubber 2.5.4 → 2.5.5
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.travis.yml +2 -0
- data/CHANGELOG +25 -0
- data/lib/rubber/cloud/base.rb +14 -4
- data/lib/rubber/cloud/vagrant.rb +4 -1
- data/lib/rubber/environment.rb +4 -0
- data/lib/rubber/recipes/rubber.rb +20 -4
- data/lib/rubber/recipes/rubber/setup.rb +18 -6
- data/lib/rubber/recipes/rubber/utils.rb +1 -3
- data/lib/rubber/vagrant/provisioner.rb +18 -0
- data/lib/rubber/version.rb +1 -1
- data/rubber.gemspec +1 -1
- data/templates/apache/config/rubber/role/web_tools/tools-apache-vhost.conf +1 -1
- data/templates/apache/config/rubber/role/web_tools/tools-index.html +1 -1
- data/templates/base/config/rubber/rubber-vagrant-env.yml +4 -4
- data/templates/base/config/rubber/rubber.yml +7 -1
- data/templates/postgresql/config/rubber/role/postgresql/pg_hba.conf +5 -2
- data/test/test-rails-template.rb +20 -0
- metadata +9 -3
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ec1e12978f936ceec04c66adb0faaee47bd40b58
|
4
|
+
data.tar.gz: f9d9ad4325c684e4d51c7ac677e96e4613c70107
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e820367d0dce0f9636d08ffd9b2e94bf418cf575bd8b510754924f60b5d7e2a52471118b5e500c1a6ecfa38df9b752e6cfbd1cfd82684929d5c4d92cac8825ce
|
7
|
+
data.tar.gz: 546e2c34cb91151d0012b7c379d8964348960a9403344b7ffa536c0d620ba84bc5c06316299f7f92a46540768bc631c460e1e43f684e1f88c87ff8fe9cfbd29b
|
data/.travis.yml
CHANGED
data/CHANGELOG
CHANGED
@@ -1,3 +1,27 @@
|
|
1
|
+
2.5.5 (10/16/2013)
|
2
|
+
|
3
|
+
New Features:
|
4
|
+
============
|
5
|
+
|
6
|
+
[base, core, postgresql] Added a uniform way of handling private network address blocks <61c5e0c>
|
7
|
+
|
8
|
+
Improvements:
|
9
|
+
============
|
10
|
+
|
11
|
+
[base] Vagrant base config now sets up key file for rubber to SSH into the machine <40c6c3c>
|
12
|
+
[base] Default staging_roles config now reflects the cluster more accurately <255a8e9>
|
13
|
+
[core] Only modify /etc/hosts on rubber:refresh if an IP address has actually changed <fe5e28e>
|
14
|
+
[core] Support iptables rules without port definitions <de744c1>
|
15
|
+
|
16
|
+
Bug Fixes:
|
17
|
+
=========
|
18
|
+
|
19
|
+
[core] Fixed a problem with tasks using the `:only` option being overwritten by rubber internally (#397) <d3ae2fa>
|
20
|
+
[core] Don't install fog 1.16.0 until we're able to sort out API compatiblities with it <346c99b>
|
21
|
+
[core] Presen the $REBOOT value across multiple calls to `maybe_reboot` <f03dc22>
|
22
|
+
[web_tools] Proxied service hostnames should not have underscores since that would be an invalid hostname <055919f>
|
23
|
+
|
24
|
+
|
1
25
|
2.5.4 (09/26/2013)
|
2
26
|
|
3
27
|
Improvements:
|
@@ -17,6 +41,7 @@ Bug Fixes:
|
|
17
41
|
[core] Wait up until 2 minutes for EC2 tag creation <3b6819a>
|
18
42
|
[core] Set AWS region options for S3 <3bd20cd>
|
19
43
|
[passenger_nginx] Removed conflicting passenger_min_instances configuration <cd7b006>
|
44
|
+
[passenger_nginx] Added missing nginx_log_dir config <4684b26>
|
20
45
|
[redis] Fixed redis download link <8a2a47d>
|
21
46
|
|
22
47
|
|
data/lib/rubber/cloud/base.rb
CHANGED
@@ -121,6 +121,12 @@ module Rubber
|
|
121
121
|
iptables -I INPUT -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT -m comment --comment 'Always allow established connections to remain connected.'
|
122
122
|
ENDSCRIPT
|
123
123
|
|
124
|
+
(scoped_env.private_networks || []).each do |network|
|
125
|
+
script << "\niptables -A INPUT -p tcp --dport 1:65535 --source #{network} -j ACCEPT -m comment --comment 'private_network_#{network}'"
|
126
|
+
script << "\niptables -A INPUT -p udp --dport 1:65535 --source #{network} -j ACCEPT -m comment --comment 'private_network_#{network}'"
|
127
|
+
script << "\niptables -A INPUT -p icmp -j ACCEPT -m comment --comment 'private_network_#{network}'"
|
128
|
+
end
|
129
|
+
|
124
130
|
instance = scoped_env.rubber_instances[host]
|
125
131
|
instance.security_groups.each do |group_name|
|
126
132
|
group = groups[group_name]
|
@@ -131,12 +137,16 @@ module Rubber
|
|
131
137
|
to_port = rule.has_key?('to_port') ? rule['to_port'].to_i : nil
|
132
138
|
source_ips = rule['source_ips']
|
133
139
|
|
134
|
-
if protocol &&
|
140
|
+
if protocol && source_ips
|
135
141
|
source_ips.each do |source|
|
136
|
-
if from_port
|
137
|
-
|
142
|
+
if from_port && to_port
|
143
|
+
if from_port != to_port
|
144
|
+
script << "\niptables -A INPUT -p #{protocol} --dport #{from_port}:#{to_port} --source #{source} -j ACCEPT -m comment --comment '#{group_name}'"
|
145
|
+
else
|
146
|
+
script << "\niptables -A INPUT -p #{protocol} --dport #{to_port} --source #{source} -j ACCEPT -m comment --comment '#{group_name}'"
|
147
|
+
end
|
138
148
|
else
|
139
|
-
script << "\niptables -A INPUT -p #{protocol} --
|
149
|
+
script << "\niptables -A INPUT -p #{protocol} --source #{source} -j ACCEPT -m comment --comment '#{group_name}'"
|
140
150
|
end
|
141
151
|
end
|
142
152
|
end
|
data/lib/rubber/cloud/vagrant.rb
CHANGED
@@ -46,7 +46,10 @@ module Rubber
|
|
46
46
|
end
|
47
47
|
|
48
48
|
def destroy_instance(instance_id)
|
49
|
-
|
49
|
+
# If it's being run from vagrant, then 'vagrant destroy' must have been called already, so no need for us to do it.
|
50
|
+
unless ENV.has_key?('RUN_FROM_VAGRANT')
|
51
|
+
system("vagrant destroy #{instance_id} --force")
|
52
|
+
end
|
50
53
|
end
|
51
54
|
|
52
55
|
def stop_instance(instance, force=false)
|
data/lib/rubber/environment.rb
CHANGED
@@ -135,6 +135,10 @@ module Rubber
|
|
135
135
|
def rubber_instances
|
136
136
|
@rubber_instances ||= Rubber::Configuration::rubber_instances
|
137
137
|
end
|
138
|
+
|
139
|
+
def known_roles
|
140
|
+
Rubber::Configuration.get_configuration(Rubber.env).environment.known_roles
|
141
|
+
end
|
138
142
|
|
139
143
|
def [](name)
|
140
144
|
value = super(name)
|
@@ -13,7 +13,13 @@ namespace :rubber do
|
|
13
13
|
# Disable connecting to any Windows instance.
|
14
14
|
alias :original_task :task
|
15
15
|
def task(name, options={}, &block)
|
16
|
-
|
16
|
+
if options.has_key?(:only)
|
17
|
+
options[:only][:platform] = 'linux'
|
18
|
+
else
|
19
|
+
options[:only] = { :platform => 'linux' }
|
20
|
+
end
|
21
|
+
|
22
|
+
original_task(name, options, &block)
|
17
23
|
end
|
18
24
|
|
19
25
|
# advise capistrano's task method so that tasks for non-existent roles don't
|
@@ -25,8 +31,13 @@ namespace :rubber do
|
|
25
31
|
class << ns
|
26
32
|
alias :required_task :task
|
27
33
|
def task(name, options={}, &block)
|
28
|
-
|
29
|
-
|
34
|
+
if options.has_key?(:only)
|
35
|
+
options[:only][:platform] = 'linux'
|
36
|
+
else
|
37
|
+
options[:only] = { :platform => 'linux' }
|
38
|
+
end
|
39
|
+
|
40
|
+
required_task(name, options) do
|
30
41
|
# define empty roles for the case when a task has a role that we don't define anywhere
|
31
42
|
unless options[:roles].respond_to?(:call)
|
32
43
|
[*options[:roles]].each do |r|
|
@@ -57,7 +68,12 @@ namespace :rubber do
|
|
57
68
|
# use a pty so we don't get "stdin: is not a tty" error output
|
58
69
|
default_run_options[:pty] = true if default_run_options[:pty].nil?
|
59
70
|
default_run_options[:shell] = "/bin/bash -l" if default_run_options[:shell].nil?
|
60
|
-
|
71
|
+
|
72
|
+
if default_run_options.has_key?(:only)
|
73
|
+
default_run_options[:only][:platform] = 'linux'
|
74
|
+
else
|
75
|
+
default_run_options[:only] = { :platform => 'linux' }
|
76
|
+
end
|
61
77
|
|
62
78
|
set :cloud, Rubber.cloud(self)
|
63
79
|
|
@@ -124,11 +124,16 @@ namespace :rubber do
|
|
124
124
|
local_hosts << delim << "\n"
|
125
125
|
|
126
126
|
# Write out the hosts file for this machine, use sudo
|
127
|
-
|
128
|
-
|
129
|
-
|
130
|
-
|
131
|
-
|
127
|
+
existing = File.read(hosts_file)
|
128
|
+
filtered = existing.gsub(/^#{delim}.*^#{delim}\n?/m, '')
|
129
|
+
|
130
|
+
# only write out if it has changed
|
131
|
+
if existing != (filtered + local_hosts)
|
132
|
+
logger.info "Writing out aliases into local machines #{hosts_file}, sudo access needed"
|
133
|
+
Rubber::Util::sudo_open(hosts_file, 'w') do |f|
|
134
|
+
f.write(filtered)
|
135
|
+
f.write(local_hosts)
|
136
|
+
end
|
132
137
|
end
|
133
138
|
end
|
134
139
|
|
@@ -474,6 +479,7 @@ namespace :rubber do
|
|
474
479
|
# graphite web app)
|
475
480
|
if instance_item.role_names.include?('web_tools')
|
476
481
|
Array(rubber_env.web_tools_proxies).each do |name, settings|
|
482
|
+
name = name.gsub('_', '-')
|
477
483
|
provider.update("#{name}-#{instance_item.name}", instance_item.external_ip)
|
478
484
|
end
|
479
485
|
end
|
@@ -514,7 +520,11 @@ namespace :rubber do
|
|
514
520
|
|
515
521
|
rsudo "apt-get -q update"
|
516
522
|
if upgrade
|
517
|
-
|
523
|
+
if ENV['NO_DIST_UPGRADE']
|
524
|
+
rsudo "export DEBIAN_FRONTEND=noninteractive; apt-get -q -o Dpkg::Options::=--force-confold -y --force-yes upgrade"
|
525
|
+
else
|
526
|
+
rsudo "export DEBIAN_FRONTEND=noninteractive; apt-get -q -o Dpkg::Options::=--force-confold -y --force-yes dist-upgrade"
|
527
|
+
end
|
518
528
|
else
|
519
529
|
rsudo "export DEBIAN_FRONTEND=noninteractive; apt-get -q -o Dpkg::Options::=--force-confold -y --force-yes install $CAPISTRANO:VAR$", opts
|
520
530
|
end
|
@@ -556,6 +566,8 @@ namespace :rubber do
|
|
556
566
|
end
|
557
567
|
|
558
568
|
reboot = get_env('REBOOT', "Updates require a reboot on hosts #{reboot_hosts.inspect}, reboot [y/N]?", false)
|
569
|
+
ENV['REBOOT'] = reboot # `get_env` chomps the REBOOT value of the env, so reset it here so the value is retained across multiple calls.
|
570
|
+
|
559
571
|
reboot = (reboot =~ /^y/)
|
560
572
|
|
561
573
|
if reboot
|
@@ -20,8 +20,6 @@ namespace :rubber do
|
|
20
20
|
logger.info "Instance already exists, skipping to bootstrap"
|
21
21
|
else
|
22
22
|
default_roles = rubber_env.staging_roles
|
23
|
-
# default staging roles to all roles minus slaves (db without primary=true is a slave)
|
24
|
-
default_roles ||= rubber_cfg.environment.known_roles.reject {|r| r =~ /slave/ || r =~ /^db$/ }.join(",")
|
25
23
|
roles = ENV['ROLES'] = rubber.get_env("ROLES", "Roles to use for staging instance", true, default_roles)
|
26
24
|
|
27
25
|
rubber.create
|
@@ -108,7 +106,7 @@ namespace :rubber do
|
|
108
106
|
next if servers[rolename].nil?
|
109
107
|
|
110
108
|
servers[rolename] -= added_servers
|
111
|
-
added_servers
|
109
|
+
added_servers.concat(servers[rolename])
|
112
110
|
servers[rolename] = servers[rolename].uniq.sort
|
113
111
|
end
|
114
112
|
end
|
@@ -23,6 +23,10 @@ module VagrantPlugins
|
|
23
23
|
bootstrap && deploy_migrations
|
24
24
|
end
|
25
25
|
|
26
|
+
def cleanup
|
27
|
+
destroy
|
28
|
+
end
|
29
|
+
|
26
30
|
private
|
27
31
|
|
28
32
|
def create
|
@@ -39,6 +43,20 @@ module VagrantPlugins
|
|
39
43
|
system(script)
|
40
44
|
end
|
41
45
|
|
46
|
+
def destroy
|
47
|
+
if config.use_vagrant_ruby
|
48
|
+
script = "RUN_FROM_VAGRANT=true FORCE=true RUBBER_ENV=#{config.rubber_env} ALIAS=#{machine.name} #{internal_cap_command} rubber:destroy"
|
49
|
+
else
|
50
|
+
script = <<-ENDSCRIPT
|
51
|
+
unset GEM_HOME;
|
52
|
+
unset GEM_PATH;
|
53
|
+
PATH=#{ENV['PATH'].split(':')[1..-1].join(':')} RUN_FROM_VAGRANT=true FORCE=true RUBBER_ENV=#{config.rubber_env} ALIAS=#{machine.name} bash -c '#{rvm_prefix} bundle exec cap rubber:destroy'
|
54
|
+
ENDSCRIPT
|
55
|
+
end
|
56
|
+
|
57
|
+
system(script)
|
58
|
+
end
|
59
|
+
|
42
60
|
def refresh
|
43
61
|
if config.use_vagrant_ruby
|
44
62
|
script = "RUN_FROM_VAGRANT=true RUBBER_ENV=#{config.rubber_env} RUBBER_SSH_KEY=#{ssh_info[:private_key_path]} ALIAS=#{machine.name} EXTERNAL_IP=#{private_ip} INTERNAL_IP=#{private_ip} #{internal_cap_command} rubber:refresh -S initial_ssh_user=#{ssh_info[:username]}"
|
data/lib/rubber/version.rb
CHANGED
data/rubber.gemspec
CHANGED
@@ -33,7 +33,7 @@ Gem::Specification.new do |s|
|
|
33
33
|
s.add_dependency 'thor'
|
34
34
|
s.add_dependency 'clamp'
|
35
35
|
s.add_dependency 'open4'
|
36
|
-
s.add_dependency 'fog', '~> 1.6'
|
36
|
+
s.add_dependency 'fog', '~> 1.6', '< 1.16.0'
|
37
37
|
s.add_dependency 'json'
|
38
38
|
|
39
39
|
s.add_development_dependency('rake')
|
@@ -74,7 +74,7 @@ NameVirtualHost *:<%= rubber_env.web_tools_ssl_port %>
|
|
74
74
|
proxy_host = rubber_instances.for_role(settings.role).first.full_name rescue nil
|
75
75
|
next unless proxy_host
|
76
76
|
|
77
|
-
host = "#{name}-#{rubber_env.full_host}"
|
77
|
+
host = "#{name.gsub('_', '-')}-#{rubber_env.full_host}"
|
78
78
|
host_and_port = "#{host}:#{rubber_env.web_tools_ssl_port}"
|
79
79
|
|
80
80
|
# don't use settings.path here - mapping the host/port is sufficient,
|
@@ -30,7 +30,7 @@
|
|
30
30
|
# graphite web app)
|
31
31
|
Array(rubber_env.web_tools_proxies).each do |name, settings|
|
32
32
|
%>
|
33
|
-
<li><a href="https://<%= name %>-<%= tools_host.full_name %>:<%= rubber_env.web_tools_ssl_port %><%= settings.path || '/' %>"><%= name.capitalize %></a></li>
|
33
|
+
<li><a href="https://<%= name.gsub('_', '-') %>-<%= tools_host.full_name %>:<%= rubber_env.web_tools_ssl_port %><%= settings.path || '/' %>"><%= name.capitalize %></a></li>
|
34
34
|
<% end %>
|
35
35
|
|
36
36
|
</ul>
|
@@ -1,7 +1,7 @@
|
|
1
1
|
cloud_provider: vagrant
|
2
|
-
|
2
|
+
|
3
3
|
cloud_providers:
|
4
4
|
vagrant:
|
5
|
-
#
|
6
|
-
|
7
|
-
|
5
|
+
# Allow rubber to connect directly to instance in addition to use through vagrant commands.
|
6
|
+
key_name: insecure_private_key
|
7
|
+
key_file: "#{File.expand_path('~/.vagrant.d/insecure_private_key')}"
|
@@ -235,6 +235,11 @@ isolate_security_groups: true
|
|
235
235
|
# differ from those in rubber
|
236
236
|
prompt_for_security_group_sync: true
|
237
237
|
|
238
|
+
# OPTIONAL: A list of CIDR address blocks that represent private networks for your cluster.
|
239
|
+
# Set this to open up wide access to hosts in your network. Consequently, setting the CIDR block
|
240
|
+
# to anything other than a private, unroutable block would be a massive security hole.
|
241
|
+
private_networks: [10.0.0.0/8]
|
242
|
+
|
238
243
|
# OPTIONAL: The packages to install on all instances
|
239
244
|
# You can install a specific version of a package by using a sub-array of pkg, version
|
240
245
|
# For example, packages: [[rake, 0.7.1], irb]
|
@@ -260,7 +265,8 @@ stop_on_error_cmd: "function error_exit { exit 99; }; trap error_exit ERR"
|
|
260
265
|
# specify a different set here
|
261
266
|
#
|
262
267
|
# staging_roles: "web,app,db:primary=true"
|
263
|
-
|
268
|
+
# Auto detect staging roles
|
269
|
+
staging_roles: "#{rubber_env.known_roles.reject {|r| r =~ /slave/ || r =~ /^db$/ }.join(',')}"
|
264
270
|
|
265
271
|
# OPTIONAL: Lets one assign amazon elastic IPs (static IPs) to your instances
|
266
272
|
# You should typically set this on the role/host level rather than
|
@@ -95,6 +95,9 @@ local all <%= rubber_env.db_user %> <%= scheme %>
|
|
95
95
|
host all all 127.0.0.1/32 <%= scheme %>
|
96
96
|
host all all ::1/128 <%= scheme %>
|
97
97
|
|
98
|
-
|
99
|
-
host
|
98
|
+
<% (rubber_env.private_networks || []).each do |network| %>
|
99
|
+
host replication <%= rubber_env.db_replication_user %> <%= network %> <%= scheme %>
|
100
|
+
host all <%= rubber_env.db_user %> <%= network %> <%= scheme %>
|
101
|
+
<% end %>
|
102
|
+
|
100
103
|
host all <%= rubber_env.db_user %> <%= rubber_instances[rubber_env.host].internal_ip %>/32 <%= scheme %>
|
data/test/test-rails-template.rb
CHANGED
@@ -53,3 +53,23 @@ run "cp -f #{secret} config/rubber/rubber-secret.yml"
|
|
53
53
|
chmod 'config/rubber/rubber-secret.yml', 0644
|
54
54
|
gsub_file 'config/rubber/rubber-secret.yml', /dns_provider: .*/, ''
|
55
55
|
|
56
|
+
run "vagrant init precise32 http://files.vagrantup.com/precise32.box"
|
57
|
+
vagrantfile = <<-EOS
|
58
|
+
config.vm.define :vagrant do |vagrant|
|
59
|
+
vagrant.vm.network :private_network, ip: "192.168.70.10"
|
60
|
+
|
61
|
+
vagrant.vm.provider :virtualbox do |vb|
|
62
|
+
vb.customize ["modifyvm", :id, "--memory", "2048"]
|
63
|
+
end
|
64
|
+
|
65
|
+
vagrant.vm.provision :rubber do |rubber|
|
66
|
+
rubber.rubber_env = 'vagrant'
|
67
|
+
|
68
|
+
# Only necessary if you use RVM locally.
|
69
|
+
rubber.rvm_ruby_version = 'default'
|
70
|
+
end
|
71
|
+
end
|
72
|
+
end
|
73
|
+
EOS
|
74
|
+
|
75
|
+
gsub_file 'Vagrantfile', /^end/, vagrantfile
|
metadata
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: rubber
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.5.
|
4
|
+
version: 2.5.5
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Matt Conway
|
@@ -9,7 +9,7 @@ authors:
|
|
9
9
|
autorequire:
|
10
10
|
bindir: bin
|
11
11
|
cert_chain: []
|
12
|
-
date: 2013-
|
12
|
+
date: 2013-10-16 00:00:00.000000000 Z
|
13
13
|
dependencies:
|
14
14
|
- !ruby/object:Gem::Dependency
|
15
15
|
name: capistrano
|
@@ -88,6 +88,9 @@ dependencies:
|
|
88
88
|
- - ~>
|
89
89
|
- !ruby/object:Gem::Version
|
90
90
|
version: '1.6'
|
91
|
+
- - <
|
92
|
+
- !ruby/object:Gem::Version
|
93
|
+
version: 1.16.0
|
91
94
|
type: :runtime
|
92
95
|
prerelease: false
|
93
96
|
version_requirements: !ruby/object:Gem::Requirement
|
@@ -95,6 +98,9 @@ dependencies:
|
|
95
98
|
- - ~>
|
96
99
|
- !ruby/object:Gem::Version
|
97
100
|
version: '1.6'
|
101
|
+
- - <
|
102
|
+
- !ruby/object:Gem::Version
|
103
|
+
version: 1.16.0
|
98
104
|
- !ruby/object:Gem::Dependency
|
99
105
|
name: json
|
100
106
|
requirement: !ruby/object:Gem::Requirement
|
@@ -687,7 +693,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
687
693
|
version: '0'
|
688
694
|
requirements: []
|
689
695
|
rubyforge_project: rubber
|
690
|
-
rubygems_version: 2.
|
696
|
+
rubygems_version: 2.1.7
|
691
697
|
signing_key:
|
692
698
|
specification_version: 4
|
693
699
|
summary: A capistrano plugin for managing multi-instance deployments to the cloud
|