toft-puppet 0.0.9

data/lib/toft/command_executor.rb

@@ -0,0 +1,16 @@
+module Toft
+  module CommandExecutor
+    def cmd!(cmd)
+      system "#{sudo}#{cmd}"
+    end
+    
+    def cmd(cmd)
+      `#{sudo}#{cmd}`
+    end 
+    
+    private
+    def sudo
+      ENV["USER"] == "root" ? "" : "sudo "
+    end
+  end
+end

data/lib/toft/file_checker.rb

@@ -0,0 +1,47 @@
+require 'toft/command_executor'
+
+module Toft
+  class FileChecker
+    
+    include Toft::CommandExecutor
+    
+    def initialize(rootfs, path)
+      @rootfs = rootfs
+      @path = path
+    end
+        
+    def exist?
+      test("-e")
+    end
+    
+    def directory?
+      filetype == "directory"
+    end
+    
+    def filetype
+      stat("%F")
+    end
+    
+    def owner
+      stat("%U")
+    end
+
+    def group
+      stat("%G")
+    end
+    
+    def mode
+      stat("%a")
+    end
+    
+    private 
+    def stat(format)
+      cmd("chroot #{@rootfs} stat -c #{format} #{@path}").rstrip      
+    end
+    
+    def test(op)
+      cmd!("chroot #{@rootfs} test #{op} #{@path}")
+      $? == 0 ? true : false
+    end
+  end
+end

data/lib/toft/node.rb

@@ -0,0 +1,243 @@
+require 'observer'
+require 'net/ssh'
+require 'ping'
+require 'toft/file_checker'
+require 'toft/command_executor'
+
+module Toft
+  class Node
+    PRIVATE_KEY = <<-EOF
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEAwoLge1y9wEcy2WC7CDGXuFFDt+9Zvh+QulfDIbZkpYF7YBw6
+O3mYTUpucwnqMhnd9jini8bsQghJF3wwxdWmtmurcHAEhN6ZljXZwUu2rojh+D+4
+PnkOAMPb+w3REmyFYBxfzQ4gBBRXZgKWDTN6Al9hYRFTVSsZJCKJFK+GsWBSc5ie
+l6IuUnfCbTwvORWVV6g7nGQ5x0JTnApG0qNFDprFkBsLbvHlB6A3lBtHQfJ7W/cZ
+QXi3LXawD4bhWAl/CHxZHXGpJM7+tREz2yhOoPcHUwwv0xHqe/wBxmJmq84kZ8Co
+lTi9Y5xNXKDiS6svMDgt3ShpkWcvQ+LE3PhUVQIDAQABAoIBAQCEvfZemeLw9mXw
+TYA2TknhQqw5OYIAKuCFGuGS/ztea6f75iejcQ8MKDCKF4kZGegNYYqN7HpNcgQX
+n+xVBsJYGdCM0hVza8pa5XMu4/HO2KGF3k5pbAmvYfqdMUeuEBtRhOuoL+yPfCZM
++pTWe3vXZKo7KSy6ocftjhgI4uTD5OtUHZe+Q61K8Ng5723kk4KcbZo4LHEvj4C2
+nnplt9uxiS04qTPuJohxiwE1pbSybaH5Kndfvzmh1A1q/HKCZNhQKK/jhgvDBtBu
+hiDfPtKdEeSTbFm11ckJBE1HPdAXoppxwDHQzcq82+vNJdB2P2TsMPklPRb6FuDa
+dCQ0B5IBAoGBAPUlki+Q6yC4snhJ7r0ipIiMimB+Q6UlrE6ayyc3s/akjvTaqs2z
+tcZTPUVVLjs0WIRIYwOWMcNmMZoi2s8nGsDiljmd1+smWHPK8A9X8pSUH6Z5k7sS
+fzno3ytRXohyR2UB6iuUoT3F0VEnaaDjLlNk77DYusAmMsrm8W5PkMHVAoGBAMsf
+aocc8yrwC7Wa0xfeNreK4F3OayqP6xAu0aSXqj1gtJ6HTTgY2g4jqtnV40NVXwHK
+7zA4ie5IfmQ/672Te+9ifeWYNqv8faHDJwZFbZ2LwPW/lm5i4Ezn9KMmpLTz+6yj
+f1bS+Y0NYyxfs1nn7Lx/kvuJVdIV+Ktma+ZHGAiBAoGAHo6NV0KAHHcJP/cvPAIa
+ci7afMagVfCJNs8SrZPC6eZ/L0QmcDeLW+o6Q+8nMRgIRIzlUqghEdMmMalQjuu3
+6P0Vbp8fL996vQw5uh/jS+Pewhh7cqEOnMBLORIOb4GXJp8DemUvaAzFV5FLGFPZ
+DWoSen+5X4QjZqk8xNxEFfUCgYB+xR6xMMo69BH6x6QTc2Zm6s/Y++k6aRPlx7Kj
+rNxc7iwL/Jme9zOwO2Z4CduKvI9NCSB60e6Tvr7TRmmUqaVh4/B7CKKmeDDYcnm6
+mj4tY3mMZoQ2ZJNkrCesY4PMQ7HBL1FcGNQSylYo7Zl79Rl1E5HiVvYu5fOK1aNl
+1t0TAQKBgQCaN91JXWJFXc1rJsDy365SKrX00Nt8rZolFQy2UhhERoCxD0uwbOYm
+sfWYRr79L2BZkyRHmuxCD24SvHibDev+T0Jh6leXjnrwd/dj3P0tH8+ctET5SXsD
+CQWv13UgQjiHgQILXSb7xdzpWK1wpDoqIEWQugRyPQDeZhPWVbB4Lg==
+-----END RSA PRIVATE KEY-----    
+    EOF
+    
+    TIMEOUT_IN_SECONDS = 120
+    TRY_INTERVAL = 0.5
+    
+    include Observable
+    include Toft::CommandExecutor
+
+    def initialize(hostname, options = {})
+      options = {:ip => DYNAMIC_IP, :netmask => "24", :type => "natty"}.merge(options)
+      @hostname = hostname
+      @ip = options[:ip]
+      @netmask = options[:netmask]
+      unless exists?
+        conf_file = generate_lxc_config
+        cmd! "lxc-create -n #{hostname} -f #{conf_file} -t #{options[:type].to_s}" 
+      end
+      @chef_runner = Toft::Chef::ChefRunner.new("#{rootfs}") do |chef_command|
+        run_ssh chef_command
+      end
+
+      @puppet_runner = options[:runner]
+      @puppet_runner ||= Toft::Puppet::PuppetRunner.new("#{rootfs}") do |puppet_command|
+        run_ssh puppet_command
+      end
+    end
+    
+    def hostname
+      return @hostname
+    end
+    
+    def exists?
+      cmd("lxc-ls") =~ /#{@hostname}/
+    end
+
+    def start
+      puts "Starting host node..."
+      cmd "lxc-start -n #{@hostname} -d" # system + sudo lxc-start does not work on centos-6, but back-quote does(no clue on why)
+      cmd! "lxc-wait -n #{@hostname} -s RUNNING"
+      wait_ssh_ready
+    end
+
+    def stop
+      cmd! "lxc-stop -n #{@hostname}"
+      cmd! "lxc-wait -n #{@hostname} -s STOPPED"
+    end
+
+    def destroy
+      stop
+      cmd! "lxc-destroy -n #{@hostname}"
+      changed
+      notify_observers(@hostname)
+    end
+
+    def running?
+      cmd("lxc-info -n #{@hostname}") =~ /RUNNING/
+    end
+    
+    def add_cname(cname)
+      run_ssh "echo -e 'update add #{cname}.#{Toft::DOMAIN} 86400 CNAME #{@hostname}.#{Toft::DOMAIN}\\nsend' | nsupdate"
+    end
+    
+    def remove_cname(cname)
+      run_ssh "echo -e 'update delete #{cname}.#{Toft::DOMAIN}\\nsend' | nsupdate"      
+    end
+
+    def run_ssh(command)
+      raise ArgumentError, "Trying to run empty command on node #{@hostname}", caller if command.blank?
+      stdout = ""
+      stderr = ""
+      Net::SSH.start(fqdn, "root", :key_data => [PRIVATE_KEY], :paranoid => false) do |ssh|
+        ssh.open_channel do |channel|
+          channel.exec(command) do |ch, success|
+            raise RuntimeError, "Could not execute command: [#{command}]", caller unless success
+
+            channel.on_data do |c, data|
+              puts data
+              stdout << data
+              yield data if block_given?
+            end
+            channel.on_extended_data do |c, type, data|
+              puts data
+              stderr << data
+              yield data if block_given?
+            end
+            channel.on_request("exit-status") do |c, data|
+              exit_code = data.read_long
+              raise CommandExecutionError.new "Remote command [#{command}] exited with status #{exit_code}", stdout, stderr unless exit_code.zero?
+            end
+            channel.on_request("exit-signal") do |c, data|
+              raise CommandExecutionError.new "Remote command [#{command}] terminated with signal", stdout, stderr
+            end
+          end
+        end.wait
+      end
+      return CommandResult.new stdout, stderr
+    end
+    
+    def rm(dir)
+      raise ArgumentError, "Illegal dir path: [#{dir}]", caller if dir.blank? || dir[0] != ?/
+      cmd! "rm -rf #{rootfs}#{dir}"
+    end
+
+    def run_chef(run_list, params = {})
+      @chef_runner.run run_list, params
+    end
+
+    def run_puppet(run_list, params = {})
+      @puppet_runner.run run_list, params
+    end
+
+    def file(path)
+      FileChecker.new(rootfs, path)
+    end
+    
+    def ip
+      @ip == Toft::DYNAMIC_IP ? `dig +short #{fqdn}`.strip : @ip
+    end
+
+    private
+    def rootfs
+      "/var/lib/lxc/#{@hostname}/rootfs"
+    end
+    
+    def wait_sshd_running
+      wait_for do
+        netstat = cmd("lxc-netstat --name #{@hostname} -ta")        
+        return if netstat =~ /ssh/
+      end
+    end
+    
+    def wait_remote_host_reachable
+      wait_for do
+        begin
+          return if Ping.pingecho fqdn, 0.1
+        rescue Exception
+          # fix the strange pingcho exception
+        end
+      end
+      raise RuntimeError, "Remote machine not responding." if try >= max_try
+    end
+
+    def wait_for
+      return if !block_given?
+      max_try = TIMEOUT_IN_SECONDS / TRY_INTERVAL
+      try = 0
+      while try < max_try
+        output_progress
+        yield
+        sleep TRY_INTERVAL
+        try += 1        
+      end
+    end
+
+    def output_progress
+      print "."
+      STDOUT.flush
+    end
+
+    def wait_ssh_ready
+      print "Waiting for host ssdh ready"
+      wait_sshd_running
+      print "\nWaiting for host to be reachable"
+      wait_remote_host_reachable
+      puts "\nSSH connection on '#{@hostname}/#{@ip}' is ready."
+    end
+
+    def generate_lxc_config
+      full_ip = @ip == Toft::DYNAMIC_IP ? "#{@ip}" : "#{@ip}/#{@netmask}"
+      conf = <<-EOF
+lxc.network.type = veth
+lxc.network.flags = up
+lxc.network.link = br0
+lxc.network.name = eth0
+lxc.network.ipv4 = #{full_ip}
+      EOF
+      conf_file = "/tmp/#{@hostname}-conf"
+      File.open(conf_file, 'w') do |f|
+        f.write(conf);
+      end
+      return conf_file
+    end
+    
+    def fqdn
+      "#{@hostname}.#{Toft::DOMAIN}"
+    end
+  end
+  
+  class CommandResult
+    attr_reader :stdout, :stderr
+    
+    def initialize(stdout, stderr)
+      @stdout = stdout
+      @stderr = stderr
+    end
+  end
+
+  class CommandExecutionError < RuntimeError
+    attr_reader :message, :stdout, :stderr
+    
+    def initialize(message, stdout, stderr)
+      @message = message
+      @stdout = stdout
+      @stderr = stderr
+    end
+  end
+end

data/lib/toft/node_controller.rb

@@ -0,0 +1,32 @@
+require 'toft/node'
+
+module Toft
+  class NodeController    
+    attr_reader :nodes
+    
+    def initialize
+      @nodes = {}
+    end
+    
+    def create_node(hostname, options)
+      node = Node.new(hostname, options)
+      node.add_observer self
+      @nodes[hostname] = node
+    end
+    
+    def update(hostname)
+      @nodes.delete hostname
+    end
+    
+    def destroy_node(hostname)
+      @nodes[hostname].destroy
+    end
+    
+    @@instance = NodeController.new
+    class << self
+      def instance
+        @@instance
+      end
+    end
+  end
+end

data/lib/toft/puppet/puppet_runner.rb

@@ -0,0 +1,38 @@
+require 'fileutils'
+
+module Toft
+  module Puppet 
+    class PuppetRunner
+      include FileUtils
+      
+      DEST_PUPPET_TMP = "/tmp/toft-puppet-tmp"
+      DEST_CONF_PATH = "/etc/puppet/puppet.conf"
+
+      def initialize(root_dir, &command_runner)
+        @root_dir = root_dir
+        @command_runner = command_runner
+      end
+
+      def run(run_list, params = {})
+        copy_puppet_material
+        copy_conf_file(params[:conf_file]) if params[:conf_file]
+        @command_runner.call "puppet apply #{DEST_PUPPET_TMP}/manifests/#{run_list}"
+      end
+
+      private 
+
+      def copy_conf_file(conf_file)
+        cp "#{@root_dir}#{DEST_PUPPET_TMP}/conf/#{conf_file}", "#{@root_dir}#{DEST_CONF_PATH}"
+      end
+    
+      def copy_puppet_material
+        raise ArgumentError, "Toft.manifest_path can not be empty!" if Toft.manifest_path.blank?
+        rm_rf "#{@root_dir}#{DEST_PUPPET_TMP}"  
+        mkdir_p "#{@root_dir}#{DEST_PUPPET_TMP}"
+
+        cp_r "#{Toft.manifest_path}/.", "#{@root_dir}#{DEST_PUPPET_TMP}"
+      end
+
+    end
+  end
+end

data/lib/toft/version.rb

@@ -0,0 +1,3 @@
+module Toft
+  VERSION = "0.0.9"
+end

data/scripts/bin/centos/lxc-prepare-host

@@ -0,0 +1,172 @@
+#!/bin/bash
+
+username=`id -nu`	
+if [ ! "$username" = "root" ]; then
+	echo "This command has to be run as root!"
+	exit 1
+fi
+
+sudo yum -y install wget
+wget http://dl.dropbox.com/u/43220259/toft-lxc-0.0.6.noarch.rpm
+sudo yum erase -y dhclient
+sudo yum install -y --nogpgcheck toft-lxc-0.0.6.noarch.rpm
+sudo yum install -y bind dhcp dhclient bridge-utils
+
+gateway_ip="192.168.20.1"
+subnet="192.168.20.0"
+netmask="255.255.255.0"
+range="192.168.20.2 192.168.20.254"
+domain=foo
+
+# setup bridge interface
+if [[ ! `ip link ls dev br0` ]]; then
+	brctl addbr br0
+	ifconfig br0 $gateway_ip netmask $netmask up
+	sysctl -w net.ipv4.ip_forward=1
+fi
+
+cat <<EOF > /etc/sysconfig/network-scripts/ifcfg-br0
+DEVICE=br0
+ONBOOT=yes
+BOOTPROTO=static
+DELAY=0
+TYPE=Bridge
+IPADDR=$gateway_ip
+NETMASK=$netmask
+MTU=1500
+IPV6INIT=no
+USERCTL=no
+EOF
+
+sudo sed -i "s/#*[ ^I]*net\.ipv4\.ip_forward[ ^I]*=[ ^I]*[01]/net\.ipv4\.ip_forward = 1/" /etc/sysctl.conf
+
+# reset iptables
+cat <<EOF > /etc/sysconfig/iptables
+*nat
+:PREROUTING ACCEPT [0:0]
+:POSTROUTING ACCEPT [28:2070]
+:OUTPUT ACCEPT [106:10068]
+-A POSTROUTING -o eth0 -j MASQUERADE 
+COMMIT
+EOF
+
+service iptables restart
+
+# mount cgroup
+if [[ ! -d /cgroup ]]; then
+	mkdir -p /cgroup
+fi
+
+if [[ ! `mount | grep cgroup` ]]; then
+	mount none -t cgroup /cgroup
+fi
+
+if [[ ! `grep "/cgroup" /etc/fstab` ]]; then
+	cat <<EOF >> /etc/fstab
+none /cgroup cgroup defaults 0 0
+EOF
+fi
+
+# setup nameserver
+cat <<EOF > /var/named/named.foo
+\$ORIGIN $domain.
+\$TTL 7200	; 2 hours
+@				IN SOA	ns1.$domain. hostmaster.$domain. (
+				3641625943 ; serial
+				36000      ; refresh (10 hours)
+				900        ; retry (15 minutes)
+				36000      ; expire (10 hours)
+				7200       ; minimum (2 hours)
+				)
+			NS	ns1.$domain.
+ns1		A	$gateway_ip
+EOF
+
+## set bind to forward original nameservers
+original_nameservers=`grep nameserver /etc/resolv.conf | cut -d " " -f2 | sed s/$gateway_ip//`
+bind_forward_options=''
+if [[ -n `echo $original_nameservers | tr -d ' \n\t\r'` ]]; then
+	bind_forward_options="forwarders {
+		`echo $original_nameservers | xargs -n 1 | awk '{ print $1";" }'`	
+	};
+	forward first;"
+fi
+
+mv /etc/named.conf /etc/named.conf.old
+cat <<EOF > /etc/named.conf
+options {
+        directory       "/var/named";
+        dump-file       "/var/named/data/cache_dump.db";
+        statistics-file "/var/named/data/named_stats.txt";
+        memstatistics-file "/var/named/data/named_mem_stats.txt";
+		$bind_forward_options
+};
+
+logging {
+        channel default_debug {
+                file "data/named.run";
+                severity dynamic;
+        };
+};
+
+zone "." IN {
+        type hint;
+        file "named.ca";
+};
+
+include "/etc/named.rfc1912.zones";
+
+zone "$domain" in {
+        type master;
+        file "named.foo";
+        allow-update {any;};
+};
+EOF
+
+# disable selinux to make it happy for bind to creating jnl file
+echo 0 >/selinux/enforce
+
+# fix the dir owner to grant bind to generate jnl 
+chown named:named /var/named
+
+service named restart
+
+# add our nameserver into /etc/resolv.conf
+if [[ ! `grep "nameserver $gateway_ip" /etc/resolv.conf` ]]; then
+	cp /etc/resolv.conf /etc/resolv.conf.old
+	cat <<EOF > /etc/resolv.conf
+nameserver $gateway_ip
+`cat /etc/resolv.conf`
+EOF
+fi
+
+# setup dhcp3 server
+cat <<EOF > /etc/dhcp/dhcpd.conf
+ddns-updates on;
+ddns-update-style interim;
+
+ddns-domainname "$domain.";
+option domain-name "$domain.";
+option domain-name-servers $gateway_ip;
+
+option ntp-servers $gateway_ip;
+default-lease-time 600;
+max-lease-time 7200;
+
+authoritative;
+log-facility local7;
+
+zone $domain. {
+   primary localhost;
+}
+
+subnet $subnet netmask $netmask {
+   range $range;
+   option routers $gateway_ip;
+}
+EOF
+service dhcpd restart
+
+sudo yum install -y ruby ruby-devel ruby-docs ruby-ri ruby-irb ruby-rdoc rubygems
+sudo gem install bundler --no-ri --no-rdoc
+sudo bundle install