sml-rubber 0.9.6 → 0.9.7
Sign up to get free protection for your applications and to get access to all the features.
- data/VERSION +1 -1
- data/generators/vulcanize/templates/base/config/deploy.rb +3 -5
- data/generators/vulcanize/templates/base/config/rubber/rubber.yml +6 -0
- data/generators/vulcanize/templates/mongrel/config/rubber/deploy-mongrel.rb +1 -1
- data/generators/vulcanize/templates/mysql/config/rubber/deploy-mysql.rb +1 -1
- data/generators/vulcanize/templates/mysql_cluster/config/rubber/deploy-mysql_cluster.rb +3 -3
- data/lib/rubber/recipes/rubber/instances.rb +2 -13
- data/lib/rubber/recipes/rubber/security_groups.rb +61 -19
- metadata +2 -2
data/VERSION
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
0.9.
|
|
1
|
+
0.9.7
|
|
@@ -1,10 +1,8 @@
|
|
|
1
1
|
# This is a sample Capistrano config file for rubber
|
|
2
2
|
|
|
3
|
-
set :rails_env, RUBBER_ENV
|
|
4
|
-
|
|
5
3
|
on :load do
|
|
6
4
|
set :application, rubber_cfg.environment.bind().app_name
|
|
7
|
-
set :deploy_to, "/mnt/#{application}-#{
|
|
5
|
+
set :deploy_to, "/mnt/#{application}-#{RUBBER_ENV}"
|
|
8
6
|
end
|
|
9
7
|
|
|
10
8
|
# Use a simple directory tree copy here to make demo easier.
|
|
@@ -30,7 +28,7 @@ set :keep_releases, 3
|
|
|
30
28
|
# (instance*.yml + rubber*.yml) for a deploy. This gives us the
|
|
31
29
|
# convenience of not having to checkin files for staging, as well as
|
|
32
30
|
# the safety of forcing it to be checked in for production.
|
|
33
|
-
set :push_instance_config,
|
|
31
|
+
set :push_instance_config, RUBBER_ENV != 'production'
|
|
34
32
|
|
|
35
33
|
# Allows the tasks defined to fail gracefully if there are no hosts for them.
|
|
36
34
|
# Comment out or use "required_task" for default cap behavior of a hard failure
|
|
@@ -79,6 +77,6 @@ end
|
|
|
79
77
|
# Uncomment this is you want to install gems defined in the rails environment.rb
|
|
80
78
|
# after "deploy:update", "install_rails_gems"
|
|
81
79
|
task :install_rails_gems do
|
|
82
|
-
sudo "sh -c 'cd #{current_path} && rake gems:install'"
|
|
80
|
+
sudo "sh -c 'cd #{current_path} && RAILS_ENV=#{RUBBER_ENV} rake gems:install'"
|
|
83
81
|
end
|
|
84
82
|
|
|
@@ -121,6 +121,12 @@ assigned_security_groups: [default]
|
|
|
121
121
|
# creation, so its good to have some empty ones predefined.
|
|
122
122
|
auto_security_groups: true
|
|
123
123
|
|
|
124
|
+
# OPTIONAL: Automatically isolate security groups for each appname/environment
|
|
125
|
+
# by mangling their names to be appname_env_groupname
|
|
126
|
+
# This makes it safer to have staging and production coexist on the same EC2
|
|
127
|
+
# account, or even multiple apps
|
|
128
|
+
isolate_security_groups: true
|
|
129
|
+
|
|
124
130
|
# OPTIONAL: Set if you want to use Ruby Enterprise Edition instead of the standard ubuntu one
|
|
125
131
|
use_enterprise_ruby: false
|
|
126
132
|
|
|
@@ -11,7 +11,7 @@ namespace :rubber do
|
|
|
11
11
|
# Setup system to restart mongrel_cluster on reboot
|
|
12
12
|
rubber.sudo_script 'install_app', <<-ENDSCRIPT
|
|
13
13
|
mkdir -p /etc/mongrel_cluster
|
|
14
|
-
rm -f /etc/mongrel_cluster/#{application}-#{
|
|
14
|
+
rm -f /etc/mongrel_cluster/#{application}-#{RUBBER_ENV}.yml && ln -s /mnt/#{application}-#{RUBBER_ENV}/current/config/mongrel_cluster.yml /etc/mongrel_cluster/#{application}-#{RUBBER_ENV}.yml
|
|
15
15
|
find /usr/lib/ruby/gems -path "*/resources/mongrel_cluster" -exec cp {} /etc/init.d/ \\;
|
|
16
16
|
chmod +x /etc/init.d/mongrel_cluster
|
|
17
17
|
update-rc.d -f mongrel_cluster remove
|
|
@@ -131,7 +131,7 @@ namespace :rubber do
|
|
|
131
131
|
deploy.update_code
|
|
132
132
|
|
|
133
133
|
# Gen just the conf for the given mysql role
|
|
134
|
-
rubber.run_config(:RUBBER_ENV =>
|
|
134
|
+
rubber.run_config(:RUBBER_ENV => RUBBER_ENV, :FILE => "role/#{role}|role/db/my.cnf", :deploy_path => release_path)
|
|
135
135
|
end
|
|
136
136
|
|
|
137
137
|
after "rubber:install_packages", "rubber:mysql:custom_install"
|
|
@@ -61,7 +61,7 @@ namespace :rubber do
|
|
|
61
61
|
task task_name, :hosts => ic.full_name do
|
|
62
62
|
exists = capture("if grep -c rubber.*mysql_mgm /etc/mysql/ndb_mgmd.cnf &> /dev/null; then echo exists; fi")
|
|
63
63
|
if exists.strip.size == 0
|
|
64
|
-
rubber.run_config(:RUBBER_ENV =>
|
|
64
|
+
rubber.run_config(:RUBBER_ENV => RUBBER_ENV, :FILE => "role/mysql_mgm", :deploy_path => release_path)
|
|
65
65
|
sudo "/etc/init.d/mysql-ndb-mgm start"
|
|
66
66
|
end
|
|
67
67
|
end
|
|
@@ -73,7 +73,7 @@ namespace :rubber do
|
|
|
73
73
|
task task_name, :hosts => ic.full_name do
|
|
74
74
|
exists = capture("if grep -c rubber.*mysql_data /etc/mysql/my.cnf &> /dev/null; then echo exists; fi")
|
|
75
75
|
if exists.strip.size == 0
|
|
76
|
-
rubber.run_config(:RUBBER_ENV =>
|
|
76
|
+
rubber.run_config(:RUBBER_ENV => RUBBER_ENV, :FILE => "role/mysql_data", :deploy_path => release_path)
|
|
77
77
|
sudo "/etc/init.d/mysql-ndb start-initial"
|
|
78
78
|
end
|
|
79
79
|
end
|
|
@@ -85,7 +85,7 @@ namespace :rubber do
|
|
|
85
85
|
task task_name, :hosts => ic.full_name do
|
|
86
86
|
exists = capture("if grep -c rubber.*mysql_sql /etc/mysql/my.cnf &> /dev/null; then echo exists; fi")
|
|
87
87
|
if exists.strip.size == 0
|
|
88
|
-
rubber.run_config(:RUBBER_ENV =>
|
|
88
|
+
rubber.run_config(:RUBBER_ENV => RUBBER_ENV, :FILE => "role/mysql_sql", :deploy_path => release_path)
|
|
89
89
|
sudo "/etc/init.d/mysql start"
|
|
90
90
|
env = rubber_cfg.environment.bind()
|
|
91
91
|
# For mysql 5.0 cluster, need to create users and database for EVERY sql node
|
|
@@ -112,19 +112,8 @@ namespace :rubber do
|
|
|
112
112
|
env = rubber_cfg.environment.bind(role_names, instance_alias)
|
|
113
113
|
|
|
114
114
|
# We need to use security_groups during create, so create them up front
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
if env.auto_security_groups
|
|
118
|
-
hosts = rubber_cfg.instance.collect{|ic| ic.name } + [instance_alias]
|
|
119
|
-
roles = (rubber_cfg.instance.all_roles + role_names).uniq
|
|
120
|
-
security_groups << instance_alias
|
|
121
|
-
security_groups += role_names
|
|
122
|
-
security_groups.uniq!
|
|
123
|
-
security_group_defns = inject_auto_security_groups(security_group_defns, hosts, roles)
|
|
124
|
-
sync_security_groups(security_group_defns)
|
|
125
|
-
else
|
|
126
|
-
sync_security_groups(security_group_defns)
|
|
127
|
-
end
|
|
115
|
+
setup_security_groups(instance_alias, role_names)
|
|
116
|
+
security_groups = get_assigned_security_groups(instance_alias, role_names)
|
|
128
117
|
|
|
129
118
|
ami = env.cloud_providers[env.cloud_provider].image_id
|
|
130
119
|
ami_type = env.cloud_providers[env.cloud_provider].image_type
|
|
@@ -6,16 +6,7 @@ namespace :rubber do
|
|
|
6
6
|
Likewise, rules within a group will get created, and those not will be removed
|
|
7
7
|
DESC
|
|
8
8
|
required_task :setup_security_groups do
|
|
9
|
-
|
|
10
|
-
security_group_defns = env.security_groups
|
|
11
|
-
if env.auto_security_groups
|
|
12
|
-
hosts = rubber_cfg.instance.collect{|ic| ic.name }
|
|
13
|
-
roles = rubber_cfg.instance.all_roles
|
|
14
|
-
security_group_defns = inject_auto_security_groups(security_group_defns, hosts, roles)
|
|
15
|
-
sync_security_groups(security_group_defns)
|
|
16
|
-
else
|
|
17
|
-
sync_security_groups(security_group_defns)
|
|
18
|
-
end
|
|
9
|
+
setup_security_groups()
|
|
19
10
|
end
|
|
20
11
|
|
|
21
12
|
desc <<-DESC
|
|
@@ -38,6 +29,31 @@ namespace :rubber do
|
|
|
38
29
|
end
|
|
39
30
|
|
|
40
31
|
|
|
32
|
+
def get_assigned_security_groups(host=nil, roles=[])
|
|
33
|
+
env = rubber_cfg.environment.bind(roles, host)
|
|
34
|
+
security_groups = env.assigned_security_groups
|
|
35
|
+
if env.auto_security_groups
|
|
36
|
+
security_groups << host
|
|
37
|
+
security_groups += roles
|
|
38
|
+
end
|
|
39
|
+
security_groups = security_groups.uniq.compact
|
|
40
|
+
security_groups = security_groups.collect {|x| isolate_group_name(x) } if env.isolate_security_groups
|
|
41
|
+
return security_groups
|
|
42
|
+
end
|
|
43
|
+
|
|
44
|
+
def setup_security_groups(host=nil, roles=[])
|
|
45
|
+
env = rubber_cfg.environment.bind(roles, host)
|
|
46
|
+
security_group_defns = env.security_groups
|
|
47
|
+
if env.auto_security_groups
|
|
48
|
+
sghosts = (rubber_cfg.instance.collect{|ic| ic.name } + [host]).uniq.compact
|
|
49
|
+
sgroles = (rubber_cfg.instance.all_roles + roles).uniq.compact
|
|
50
|
+
security_group_defns = inject_auto_security_groups(security_group_defns, sghosts, sgroles)
|
|
51
|
+
sync_security_groups(security_group_defns)
|
|
52
|
+
else
|
|
53
|
+
sync_security_groups(security_group_defns)
|
|
54
|
+
end
|
|
55
|
+
end
|
|
56
|
+
|
|
41
57
|
def inject_auto_security_groups(groups, hosts, roles)
|
|
42
58
|
hosts.each do |name|
|
|
43
59
|
group_name = name
|
|
@@ -50,17 +66,48 @@ namespace :rubber do
|
|
|
50
66
|
return groups
|
|
51
67
|
end
|
|
52
68
|
|
|
69
|
+
def isolate_prefix
|
|
70
|
+
env = rubber_cfg.environment.bind()
|
|
71
|
+
return "#{env.app_name}_#{RUBBER_ENV}_"
|
|
72
|
+
end
|
|
73
|
+
|
|
74
|
+
def isolate_group_name(group_name)
|
|
75
|
+
new_name = "#{isolate_prefix}#{group_name}"
|
|
76
|
+
return new_name
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
def isolate_groups(groups)
|
|
80
|
+
renamed = {}
|
|
81
|
+
groups.each do |name, group|
|
|
82
|
+
new_name = name =~ /^#{isolate_prefix}/ ? name : isolate_group_name(name)
|
|
83
|
+
new_group = Marshal.load(Marshal.dump(group))
|
|
84
|
+
new_group['rules'].each do |rule|
|
|
85
|
+
old_ref_name = rule['source_group_name']
|
|
86
|
+
if old_ref_name && old_ref_name !~ /^#{isolate_prefix}/
|
|
87
|
+
rule['source_group_name'] = isolate_group_name(old_ref_name)
|
|
88
|
+
end
|
|
89
|
+
end
|
|
90
|
+
renamed[new_name] = new_group
|
|
91
|
+
end
|
|
92
|
+
return renamed
|
|
93
|
+
end
|
|
94
|
+
|
|
53
95
|
def sync_security_groups(groups)
|
|
54
96
|
env = rubber_cfg.environment.bind()
|
|
55
97
|
return unless groups
|
|
56
98
|
|
|
57
99
|
groups = Rubber::Util::stringify(groups)
|
|
100
|
+
groups = isolate_groups(groups) if env.isolate_security_groups
|
|
58
101
|
group_keys = groups.keys.clone()
|
|
59
|
-
|
|
102
|
+
|
|
60
103
|
# For each group that does already exist in ec2
|
|
61
104
|
cloud_groups = cloud.describe_security_groups()
|
|
62
105
|
cloud_groups.each do |cloud_group|
|
|
63
106
|
group_name = cloud_group[:name]
|
|
107
|
+
|
|
108
|
+
# skip those groups that don't belong to this project/env
|
|
109
|
+
next if env.isolate_security_groups && group_name !~ /^#{isolate_prefix}/
|
|
110
|
+
|
|
64
111
|
if group_keys.delete(group_name)
|
|
65
112
|
# sync rules
|
|
66
113
|
logger.debug "Security Group already in ec2, syncing rules: #{group_name}"
|
|
@@ -114,14 +161,9 @@ namespace :rubber do
|
|
|
114
161
|
end
|
|
115
162
|
end
|
|
116
163
|
else
|
|
117
|
-
#
|
|
118
|
-
#
|
|
119
|
-
|
|
120
|
-
if env.force_security_group_cleanup || ! env.auto_security_groups
|
|
121
|
-
# delete group
|
|
122
|
-
answer = Capistrano::CLI.ui.ask("Security group '#{group_name}' exists in ec2 but not locally, remove from ec2? [y/N]: ")
|
|
123
|
-
cloud.destroy_security_group(group_name) if answer =~ /^y/
|
|
124
|
-
end
|
|
164
|
+
# delete group
|
|
165
|
+
answer = Capistrano::CLI.ui.ask("Security group '#{group_name}' exists in ec2 but not locally, remove from ec2? [y/N]: ")
|
|
166
|
+
cloud.destroy_security_group(group_name) if answer =~ /^y/
|
|
125
167
|
end
|
|
126
168
|
end
|
|
127
169
|
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sml-rubber
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.9.
|
|
4
|
+
version: 0.9.7
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Matt Conway
|
|
@@ -9,7 +9,7 @@ autorequire:
|
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
11
|
|
|
12
|
-
date: 2009-08-
|
|
12
|
+
date: 2009-08-21 00:00:00 -07:00
|
|
13
13
|
default_executable: vulcanize
|
|
14
14
|
dependencies:
|
|
15
15
|
- !ruby/object:Gem::Dependency
|