instance-kvm.cfg.jinja2 22.3 KB
Newer Older
1 2 3
{% set enable_http = slapparameter_dict.get('enable-http-server', 'False').lower() -%}
{% set use_tap = slapparameter_dict.get('use-tap', 'False').lower() -%}
{% set use_nat = slapparameter_dict.get('use-nat', 'True').lower() -%}
4
{% set wipe_disk = slapparameter_dict.get('wipe-disk-ondestroy', 'False').lower() -%}
5
{% set nat_restrict = slapparameter_dict.get('nat-restrict-mode', 'False').lower() -%}
6
{% set name = slapparameter_dict.get('name', 'localhost') -%}
7
{% set disable_ansible_promise = slapparameter_dict.get('disable-ansible-promise', 'True').lower() -%}
8
{% set enable_device_hotplug = slapparameter_dict.get('enable-device-hotplug', 'false').lower() -%}
9 10
{% set instance_type = slapparameter_dict.get('type', 'standalone') -%}
{% set nat_rule_list = slapparameter_dict.get('nat-rules', '22 80 443') -%}
11
{% set frontend_software_type = 'default' -%}
Alain Takoudjou's avatar
Alain Takoudjou committed
12
{% set extends_list = [] -%}
13
{% set part_list = [] -%}
Alain Takoudjou's avatar
Alain Takoudjou committed
14

15 16 17 18 19 20 21 22
{% set bootstrap_url = '' -%}
{% set bootstrap_url_md5sum = '' -%}
{% if slapparameter_dict.get('bootstrap-script-url', '') -%}
{% set url_info_list = slapparameter_dict['bootstrap-script-url'].split('#') -%}
{% set bootstrap_url = url_info_list[0] -%}
{% set bootstrap_url_md5sum = url_info_list[1] -%}
{% endif -%}

23 24 25 26 27 28 29
{% if instance_type == 'cluster' -%}
{% set nat_rule_list = slapparameter_dict.get('nat-rules', '') %}
{% endif -%}
{% if not nat_rule_list or not nat_rule_list.strip() -%}
{%   set nat_rule_list = '' %}
{% endif -%}

Alain Takoudjou's avatar
Alain Takoudjou committed
30 31
{% do extends_list.append(template_monitor) -%}
{% do extends_list.append(logrotate_cfg) -%}
32

33 34 35 36 37 38 39 40 41 42 43 44
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
var = ${buildout:directory}/var
log = ${:var}/log
scripts = ${:etc}/run
services = ${:etc}/service
promises = ${:etc}/promise
novnc-conf = ${:etc}/novnc
run = ${:var}/run
45
prerm = ${:etc}/prerm
46
ca-dir = ${:srv}/ssl
47
public = ${:srv}/public/
48 49 50 51 52 53 54 55
cron-entries = ${:etc}/cron.d
crontabs = ${:etc}/crontabs
cronstamps = ${:etc}/cronstamps

[create-mac]
recipe = slapos.cookbook:generate.mac
storage-path = ${directory:srv}/mac

56 57 58 59
[create-tap-mac]
recipe = slapos.cookbook:generate.mac
storage-path = ${directory:srv}/tap_mac

60 61 62 63 64
[gen-passwd]
recipe = slapos.cookbook:generate.password
storage-path = ${directory:srv}/passwd
bytes = 8

65
[kvm-controller-parameter-dict]
66
python-path = {{ python_eggs_executable }}
67
vnc-passwd = ${gen-passwd:passwd}
68
socket-path = ${directory:var}/qmp_socket
69
pid-file = ${directory:run}/pid_file
70
kvm-status-path = ${directory:var}/qemu-vm-is-ready
71 72 73 74
cpu-count = ${slap-parameter:cpu-count}
ram-hotplug-slot-size = ${slap-parameter:ram-hotplug-slot-size}
ram-size = ${slap-parameter:ram-size}
enable-device-hotplug = ${slap-parameter:enable-device-hotplug}
75

76 77
[kvm-parameter-dict]
python-path = {{ python_executable }}
78 79 80 81 82
ipv4 = ${slap-network-information:local-ipv4}
ipv6 = ${slap-network-information:global-ipv6}
vnc-ip = ${:ipv4}
vnc-port = 5901

83
default-cdrom-iso = {{ debian_amd64_netinst_location }}
84 85 86 87 88 89 90 91 92
nbd-host = ${slap-parameter:nbd-host}
nbd-port = ${slap-parameter:nbd-port}
nbd2-host = ${slap-parameter:nbd2-host}
nbd2-port = ${slap-parameter:nbd2-port}

tap-interface = ${slap-network-information:network-interface}

disk-size = ${slap-parameter:disk-size}
disk-type = ${slap-parameter:disk-type}
93 94
disk-format = ${slap-parameter:disk-format}
disk-path = ${directory:srv}/virtual.${slap-parameter:disk-format}
95

96
pid-file-path = ${kvm-controller-parameter-dict:pid-file}
97
socket-path = ${kvm-controller-parameter-dict:socket-path}
98

99 100 101 102 103 104 105
enable-device-hotplug = ${kvm-controller-parameter-dict:enable-device-hotplug}
smp-count = ${kvm-controller-parameter-dict:cpu-count}
smp-max-count = ${slap-parameter:cpu-max-count}

ram-size = ${kvm-controller-parameter-dict:ram-size}
ram-max-size = ${slap-parameter:ram-max-size}
init-ram-size = 1024
106
mac-address = ${create-mac:mac-address}
107
tap-mac-address = ${create-tap-mac:mac-address}
108 109

use-tap = ${slap-parameter:use-tap}
110
use-nat = ${slap-parameter:use-nat}
111
nat-rules = {{ nat_rule_list }}
112
nat-restrict= {{ nat_restrict }}
113
enable-vhost = ${slap-parameter:enable-vhost}
114 115 116

virtual-hard-drive-url = ${slap-parameter:virtual-hard-drive-url}
virtual-hard-drive-md5sum = ${slap-parameter:virtual-hard-drive-md5sum}
117
virtual-hard-drive-gzipped = ${slap-parameter:virtual-hard-drive-gzipped}
118
hard-drive-url-check-certificate = ${slap-parameter:hard-drive-url-check-certificate}
119 120 121 122 123

shell-path = {{ dash_executable_location }}
qemu-path =  {{ qemu_executable_location }}
qemu-img-path = {{ qemu_img_executable_location }}

124
etc-directory = ${directory:etc}
125 126 127 128 129 130
disk-storage-list = 
{% for key, path in storage_dict.items() -%}
{{ '  ' ~ key ~ ' ' ~ path }}
{% endfor -%}
external-disk-number = ${slap-parameter:external-disk-number}
external-disk-size = ${slap-parameter:external-disk-size}
131
external-disk-format = ${slap-parameter:external-disk-format}
132

133
{% if enable_http == 'true' or ( use_tap == 'true' and tap_network_dict.has_key('ipv4') ) -%}
134 135 136 137
httpd-port = ${slap-parameter:httpd-port}
{% else -%}
httpd-port = 0
{% endif -%}
138 139 140 141 142 143 144 145 146

# Main instance document server info
{% if slapparameter_dict.get('document-host', '') and slapparameter_dict.get('document-port', '') -%}
cluster-doc-host = ${tunnel-cluster-url:ipv4}
cluster-doc-port = ${tunnel-cluster-url:ipv4-port}
{% else -%}
cluster-doc-host = 
cluster-doc-port = 0
{% endif -%}
147
netcat-binary = {{ netcat_bin }}
148
language = ${slap-parameter:keyboard-layout-language}
149

150 151 152 153 154
name = {{ slapparameter_dict.get('name', 'Single KVM') }}
disk-cache = ${slap-parameter:disk-cache}
disk-aio = ${slap-parameter:disk-aio}
auto-ballooning = ${slap-parameter:auto-ballooning}
machine-options = ${slap-parameter:machine-options}
155
cpu-hotplug-slot-size = ${slap-parameter:cpu-model}
156 157 158

log-file = ${directory:log}/qemu.log

159 160 161 162 163 164 165 166
[kvm-run]
recipe = slapos.recipe.template:jinja2
template = {{ template_kvm_run }}
rendered = ${directory:bin}/kvm_raw
mode = 700
context = 
  section parameter_dict kvm-parameter-dict

167
[kvm-controller]
168 169
recipe = slapos.recipe.template:jinja2
template = {{ template_kvm_controller_run }}
170
rendered = ${directory:bin}/kvm_controller_raw
171 172 173 174 175 176 177 178 179 180 181
mode = 700
context = 
  section parameter_dict kvm-controller-parameter-dict

[tunnel-6to4-base]
recipe = slapos.cookbook:wrapper
ipv4 = ${slap-network-information:local-ipv4}
ipv6 = ${slap-network-information:global-ipv6}
wrapper-path = ${directory:services}/6tunnel-${:ipv6-port}
command-line = {{ sixtunnel_executable_location }} -6 -4 -d -l ${:ipv6} ${:ipv6-port} ${:ipv4} ${:ipv4-port}

182
{% if use_nat == 'true' and nat_rule_list -%}
183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198
{%   for port in nat_rule_list.split(' ') -%}
{%     set external_port = 10000 + port|int() -%}
{%     set section_name = '6tunnel-' ~ external_port -%}
[{{ section_name }}]
<= tunnel-6to4-base
ipv4-port = {{ external_port }}
ipv6-port = {{ external_port }}
{%     do part_list.append(section_name) -%}
{%   endfor -%}
{% endif -%}

[kvm-instance]
recipe = slapos.cookbook:wrapper
socket-path = ${kvm-controller-parameter-dict:socket-path}
wrapper-path = ${directory:services}/kvm
command-line = ${kvm-run:rendered}
199 200 201 202 203 204 205
kvm-controller = ${kvm-controller-wrapper:wrapper-path}


[kvm-controller-wrapper]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:scripts}/kvm_controller
command-line = ${kvm-controller:rendered}
206 207


208 209 210
[kvm-vnc-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/vnc_promise
211 212
hostname = ${kvm-parameter-dict:vnc-ip}
port = ${kvm-parameter-dict:vnc-port}
213 214 215 216 217

[kvm-disk-image-corruption-promise]
# Check that disk image is not corrupted
recipe = collective.recipe.template
input = inline:#!/bin/sh
218 219 220
  # Return code 0 is "OK"
  # Return code 3 is "found leaks, but image is OK"
  # http://git.qemu.org/?p=qemu.git;a=blob;f=qemu-img.c;h=4e9a7f5741c9cb863d978225829e68fefcae3947;hb=HEAD#l702
221
  ${kvm-parameter-dict:qemu-img-path} check -U ${kvm-parameter-dict:disk-path}
222 223 224 225 226 227
  RETURN_CODE=$?
  if [ $RETURN_CODE -eq 0 ] || [ $RETURN_CODE -eq 3 ]; then
    exit 0
  else
    exit 1
  fi
228 229 230
output = ${directory:promises}/kvm-disk-image-corruption
mode = 700

231 232 233 234 235 236 237 238 239 240 241 242 243
{% if wipe_disk == 'true' -%}
{% do part_list.append('wipe-disk-wrapper') -%}
{% set wipe_file_list = '${kvm-parameter-dict:disk-path}' -%}
{% if storage_dict -%}
{% set wipe_file_list = '${kvm-parameter-dict:disk-path}' ~ ' ' ~ '/* '.join(storage_dict.values()) ~ '/*' -%}
{% endif -%}
[wipe-disk-wrapper]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:prerm}/slapos_wipe_qemu_disk
command-line = 
  {{ wipe_disk_wrapper }} -n {{ slapparameter_dict.get('wipe-disk-iterations', 1) }} -suz --check-pid-file ${kvm-parameter-dict:pid-file-path} --file {{ wipe_file_list }}
{% endif -%}

244 245 246 247 248 249 250 251 252
[kvm-started-promise]
recipe = slapos.recipe.template:jinja2
template = {{ qemu_start_promise_tpl }}
rendered = ${directory:promises}/qemu-virtual-machine-is-ready
mode = 700
context = 
  raw dash {{ dash_executable_location }}
  raw qemu_ready_path ${kvm-controller-parameter-dict:kvm-status-path}
  raw qemu_service_log_file ${buildout:directory}/.${slap-connection:partition-id}_kvm.log
253 254 255 256 257 258

[novnc-instance]
recipe = slapos.cookbook:novnc
path = ${ca-novnc:executable}
ip = ${slap-network-information:global-ipv6}
port = 6080
259 260
vnc-ip = ${kvm-parameter-dict:vnc-ip}
vnc-port = ${kvm-parameter-dict:vnc-port}
261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334
novnc-location = {{ novnc_location }}
websockify-path = {{ websockify_executable_location }}
ssl-key-path = ${ca-novnc:key-file}
ssl-cert-path = ${ca-novnc:cert-file}

[websockify-sighandler]
recipe = slapos.cookbook:signalwrapper
wrapper-path = ${directory:services}/websockify
wrapped-path = ${novnc-instance:path}

[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_executable_location }}
ca-dir = ${directory:ca-dir}
requests-directory = ${cadirectory:requests}
wrapper = ${directory:services}/certificate_authority
ca-private = ${cadirectory:private}
ca-certs = ${cadirectory:certs}
ca-newcerts = ${cadirectory:newcerts}
ca-crl = ${cadirectory:crl}

[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = ${directory:ca-dir}/requests/
private = ${directory:ca-dir}/private/
certs = ${directory:ca-dir}/certs/
newcerts = ${directory:ca-dir}/newcerts/
crl = ${directory:ca-dir}/crl/

[ca-novnc]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = ${directory:novnc-conf}/novnc.key
cert-file = ${directory:novnc-conf}/novnc.crt
executable = ${directory:bin}/novnc
wrapper = ${directory:bin}/websockify

[novnc-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/novnc_promise
hostname = ${novnc-instance:ip}
port = ${novnc-instance:port}


#----------------
#--
#-- Deploy cron.

[cron]
recipe = slapos.cookbook:cron
dcrond-binary = {{ dcron_executable_location }}
cron-entries = ${directory:cron-entries}
crontabs = ${directory:crontabs}
cronstamps = ${directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${directory:services}/crond

[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${directory:bin}/cron_simplelogger
log = ${directory:log}/crond.log

#----------------
#--
#-- Deploy frontend.

[request-slave-frontend]
recipe = slapos.cookbook:requestoptional
software-url = ${slap-parameter:frontend-software-url}
server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id}
335
name = ${slap-parameter:frontend-instance-name}
336 337 338 339 340 341 342 343 344 345 346 347 348 349 350
software-type = ${slap-parameter:frontend-software-type}
slave = true
config-host = ${novnc-instance:ip}
config-port = ${novnc-instance:port}
return = url resource port domainname
sla-instance_guid = ${slap-parameter:frontend-instance-guid}

[frontend-promise]
recipe = slapos.cookbook:check_url_available
path = ${directory:promises}/frontend_promise
url = ${publish-connection-information:url}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}


351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367
{% if enable_http == 'true' %}
[httpd]
recipe = slapos.cookbook:simplehttpserver
host = ${slap-network-information:local-ipv4}
port = ${slap-parameter:httpd-port}
base-path = ${directory:public}
wrapper = ${directory:services}/http-server
log-file = ${directory:log}/httpd.log
use-hash-url = false

[httpd-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/httpd
hostname = ${httpd:host}
port = ${httpd:port}
{% endif %}

368 369 370
[monitor-instance-parameter]
monitor-httpd-port = 8026
monitor-title = {{ slapparameter_dict.get('name', 'KVM Standalone') }}
371
cors-domains = {{ slapparameter_dict.get('monitor-cors-domains', 'monitor.app.officejs.com') }}
372
{% if slapparameter_dict.get('monitor-username', '') -%}
373
username = {{ slapparameter_dict['monitor-username'] }}
374 375
{% endif -%}
{% if slapparameter_dict.get('monitor-password', '') -%}
376
password = {{ slapparameter_dict['monitor-password'] }}
Alain Takoudjou's avatar
Alain Takoudjou committed
377
{% endif -%}
378
interface-url = {{ slapparameter_dict.get('monitor-interface-url', 'https://monitor.app.officejs.com') }}
Alain Takoudjou's avatar
Alain Takoudjou committed
379

380
[publish-connection-information]
381
<= monitor-publish
382
recipe = slapos.cookbook:publish
Alain Takoudjou's avatar
Alain Takoudjou committed
383
ipv6 = ${slap-network-information:global-ipv6}
384 385
backend-url = https://[${novnc-instance:ip}]:${novnc-instance:port}/vnc.html?host=[${novnc-instance:ip}]&port=${novnc-instance:port}&encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
url = ${request-slave-frontend:connection-url}/vnc.html?host=${request-slave-frontend:connection-domainname}&port=${request-slave-frontend:connection-port}&encrypt=1&path=${request-slave-frontend:connection-resource}&password=${kvm-controller-parameter-dict:vnc-passwd}
386 387
{% set disk_number = len(storage_dict) -%}
maximum-extra-disk-amount = {{ disk_number }}
388
{% set iface = 'eth0' -%}
389
{% if use_nat == 'true' -%}
390
{%   set iface = 'eth1' -%}
391
{%   if nat_rule_list -%}
392
# Publish NAT port mapping status
393 394
{%     for port in nat_rule_list.split(' ') -%}
{%       set external_port = 10000 + port|int() -%}
395
nat-rule-port-{{port}} = ${slap-network-information:global-ipv6} : ${6tunnel-{{external_port}}:ipv6-port}
396
{%       if slapparameter_dict.get('publish-nat-url', False) -%}
397
nat-rule-url-{{port}} = [${slap-network-information:global-ipv6}]:${6tunnel-{{external_port}}:ipv6-port}
398 399 400
{%       endif -%}
{%     endfor -%}
{%   endif -%}
401
{% endif -%}
402
{% if use_tap == 'true' -%}
403 404
tap-ipv4 = ${slap-network-information:tap-ipv4}
{% endif -%}
405 406

{% set kvm_http = 'http://${slap-network-information:local-ipv4}:' ~ slapparameter_dict.get('httpd-port', 8081) -%}
407
{% if enable_http == 'true' %}
408
{%   if use_nat == 'true' -%}
409 410
{%     set kvm_http = 'http://10.0.2.100' -%}
{%   endif %}
Alain Takoudjou's avatar
Alain Takoudjou committed
411
{%   if slapparameter_dict.get('authorized-key', '') and slapparameter_dict.get('type', '') == 'cluster' -%}
412
7_info = Get the publick key file in your VM with the command: wget {{ kvm_http }}/authorized_keys
413 414 415
{%   endif %}
{% endif %}

416
{% if use_tap == 'true' and tap_network_dict.has_key('ipv4') -%}
417
1_info = Use these configurations below to configure interface {{ iface }} in your VM.
418 419 420 421
2_info = ${network-config:ifconfig}
3_info = ${network-config:route-iface}
4_info = ${network-config:route-network}
5_info = ${network-config:route-default}
422
{% if enable_http == 'true' %}
423 424
6_info = Or run in your VM the command: wget -O- {{ kvm_http }}/netconfig.sh | /bin/sh -
{% endif %}
425 426 427 428 429 430 431

[network-config]
recipe = plone.recipe.command
path = ${directory:public}/netconfig.sh
ifconfig = ifconfig {{ iface }} ${slap-network-information:tap-ipv4} netmask ${slap-network-information:tap-netmask}
route-iface = route add ${slap-network-information:tap-gateway} dev {{ iface }}
route-network = route add -net ${slap-network-information:tap-network} netmask ${slap-network-information:tap-netmask} gw ${slap-network-information:tap-gateway}
432
{%   if iface == 'eth0' -%}
433
route-default = route add default gw ${slap-network-information:tap-gateway}
434 435
{%   elif nat_restrict == 'true' -%}
route-default = route add default gw ${slap-network-information:tap-gateway} dev {{ iface }}
436
{%   elif global_ipv4_prefix -%}
437
route-default = ip route add {{ global_ipv4_prefix }} via ${slap-network-information:tap-gateway} dev {{ iface }} src ${slap-network-information:tap-ipv4}
438 439
{% else -%}
route-default =
440
{%   endif -%}
441 442 443 444 445 446 447
command = 
  echo "#!/bin/sh" > ${:path}
  echo "" >> ${:path}
  echo "${:ifconfig}" >> ${:path}
  echo "${:route-iface}" >> ${:path}
  echo "${:route-network}" >> ${:path}
  echo "${:route-default}" >> ${:path}
448
update-command = ${:command}
449
{% endif -%}
450

451 452 453 454 455 456 457 458 459 460 461 462 463
{% macro writefile(section_name, file_path, content, mode='') -%}
{% set data_list =  content.split('\n') -%}
[{{ section_name }}]
recipe = collective.recipe.template
input = inline:
  {{ data_list | join('\n  ') }}
output = {{ file_path }}
mode = {{ mode }}
{% endmacro -%}

# write vm-data into file public/data
{{ writefile('vm-data-content', '${directory:public}/data', slapparameter_dict.get('data-to-vm', ''), '700') }}

464
{% if slapparameter_dict.get('authorized-key', '') -%}
465
# write public key for vms to public/authorized_keys
466 467
{{   writefile('get-authorized-key', '${directory:public}/authorized_keys', slapparameter_dict.get('authorized-key', ''), '700') }}
{% endif -%}
468

469 470 471 472 473 474
{% if use_tap == 'true' and nat_restrict == 'true' -%}
# Ask to set default to tap interface in the vm
{{ writefile('set-default-interface', '${directory:public}/delDefaultIface', iface, '600') }}
{% do part_list.append('set-default-interface') -%}
{% endif -%}

475 476 477
[publish-host-config]
recipe = plone.recipe.command
name = {{ slapparameter_dict.get('name', 'localhost') }}
478
{% if use_tap == 'true' and tap_network_dict.has_key('ipv4') -%}
479
local-ipv4 = ${slap-network-information:tap-ipv4}
480 481 482
gateway = ${slap-network-information:tap-gateway}
netmask = ${slap-network-information:tap-network}
network = ${slap-network-information:tap-netmask}
483 484
{% else -%}
local-ipv4 = 127.0.0.1
485 486 487
gateway =
netmask =
network =
488 489 490
{% endif -%}
path-host = ${directory:public}/hostname
path-ip = ${directory:public}/ipv4
491 492 493
path-gateway = ${directory:public}/gateway
path-network = ${directory:public}/network
path-netmask = ${directory:public}/netmask
494 495 496
command = 
  rm -f ${:path-host}
  rm -f ${:path-ip}
497 498 499
  rm -f ${:path-gateway}
  rm -f ${:path-network}
  rm -f ${:path-netmask}
500 501
  echo "${:name}" > ${:path-host}
  echo "${:local-ipv4}" > ${:path-ip}
502 503 504
  echo "${:gateway}" > ${:path-gateway}
  echo "${:network}" > ${:path-network}
  echo "${:netmask}" > ${:path-netmask}
505 506
update-command = ${:command}

507 508 509 510 511 512 513 514 515 516 517 518 519 520 521 522 523 524 525 526 527 528
# To access documents of main instance (in case of kvm-cluster) through http
[cluster-url-path]
recipe = slapos.recipe.template:jinja2
template = {{ template_content }}
filename = cluster.hash
rendered = ${directory:public}/${:filename}
hash-url = https://10.0.2.101:443/{{ slapparameter_dict.get('document-path', '') }}
context =
    key content_list :hash-url
    raw sep #

# This 6to4 tunnel help to access document url in ipv4
[tunnel-cluster-url]
recipe = slapos.cookbook:ipv4toipv6
ipv6 = {{ slapparameter_dict.get('document-host', '') }}
ipv4 = ${slap-network-information:local-ipv4}
ipv6-port = {{ slapparameter_dict.get('document-port', '') }}
ipv4-port = 16936
shell-path = {{ dash_executable_location }}
6tunnel-path = {{ sixtunnel_executable_location }}
runner-path = ${directory:services}/6tunnel-cluster

529 530 531 532 533 534 535 536 537 538
[ansible-vm-promise]
recipe = slapos.recipe.template:jinja2
template = {{ ansible_promise_tpl }}
rendered = ${directory:promises}/ansible_{{ name }}
extensions = jinja2.ext.do
context =
  key host slap-network-information:tap-ipv4
  raw logs ${directory:public}/ansible
  raw name {{ name }}

539 540 541 542 543 544 545
[download-bootstrap-script]
recipe = plone.recipe.command
file-location = ${directory:public}/vm-bootstrap
command = {{ python_executable }} {{ file_download_script }} {{ bootstrap_url }} {{ bootstrap_url_md5sum }} ${:file-location}
update-command =
stop-on-error = true

546 547 548 549 550
[logrotate-vm-bootstrap]
< = logrotate-entry-base
name = vm-bootstrap
log = ${directory:public}/ansible/vm-bootstrap.log

551 552 553
[slap-parameter]
# Default values if not specified
frontend-software-type = frontend
554
frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg
555
frontend-instance-guid =
556
frontend-instance-name = VNC Frontend
557 558 559 560 561
nbd-port = 1024
nbd-host =
nbd2-port = 1024
nbd2-host =

562
enable-device-hotplug = False
563
ram-size = 1024
564
ram-max-size = 51200
565
ram-hotplug-slot-size = 512
566 567 568 569
disk-size = 10
disk-type = virtio

cpu-count = 1
570
cpu-max-count = 24
571 572 573 574 575
disk-cache = writeback
disk-aio = native
auto-ballooning = True
machine-options = 
cpu-model = 
576 577

nat-rules = 22 80 443
578
use-nat = True
579
use-tap = False
580
nat-restrict-mode = False
581
enable-vhost = False
582 583 584

virtual-hard-drive-url =
virtual-hard-drive-md5sum =
585
virtual-hard-drive-gzipped = False
586 587
# if virtual-hard-drive-url use https, then specify if https certificate should be checked or not
hard-drive-url-check-certificate = True
588 589 590

external-disk-number = 0
external-disk-size = 20
591
external-disk-format = qcow2
592

593
# Help to get some configuration files into the vm from http
594 595
enable-http-server = False
httpd-port = 8081
596 597
# for auto config, the public key file will be available in the VM via url http://10.0.2.100/authorized_key if use-nat = True
authorized-key = 
598 599 600

# send some content which will be accessible to the vm through static url: http://10.0.2.100/data
data-to-vm =
601

602 603
# Change keyboard layout language (Change to en-us if you face some bad bihaviors)
keyboard-layout-language = fr
604 605 606 607 608 609 610 611

#############################
#
# Instanciate kvm (Buildout Section)
#
#############################

{% if slapparameter_dict.get('document-host', '') %}
612
# Set Additionals parts
613 614 615 616 617 618 619
{%   do part_list.append('cluster-url-path') -%}
{% endif -%}
{% if enable_http == 'true' %}
{%   do part_list.extend(['httpd', 'httpd-promise', 'publish-host-config']) -%}
{% if slapparameter_dict.get('data-to-vm', '') %}
{%   do part_list.append('vm-data-content') -%}
{% endif -%}
620
{% if disable_ansible_promise == 'false' %}
621 622
{%   do part_list.extend(['ansible-vm-promise', 'logrotate-vm-bootstrap']) -%}
{% endif -%}
Alain Takoudjou's avatar
Alain Takoudjou committed
623
{% if slapparameter_dict.get('authorized-key', '') and slapparameter_dict.get('type', '') == 'cluster' %}
624
{%   do part_list.append('get-authorized-key') -%}
625 626 627 628
{% endif -%}
{% if slapparameter_dict.get('bootstrap-script-url', '') -%}
{%   do part_list.append('download-bootstrap-script') -%}
{% endif -%}
629 630 631 632 633 634 635 636 637

{% endif -%}


[buildout]
parts =
  certificate-authority
  publish-connection-information
  kvm-instance
638
  kvm-controller-wrapper
639 640 641 642
  kvm-vnc-promise
  kvm-disk-image-corruption-promise
  websockify-sighandler
  novnc-promise
643
  kvm-started-promise
644
  cron
645
  cron-entry-logrotate
646 647
  frontend-promise
# monitor parts
648
  monitor-base
649 650 651 652 653 654 655 656 657 658
# Complete parts with sections
  {{ part_list | join('\n  ') }}

extends = 
#  Add extends list
 {{ extends_list | join('\n  ') }}
#  {{ template_httpd_cfg }}

eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
659
offline = true