Commit d41315e9 authored by Łukasz Nowak's avatar Łukasz Nowak

Fix monitor plugin for resilient stack

The original work for [monitor to plugin migration](!614) missed
important parts of resilient stack implementation due to lack of SlapOS
Profile Integration test coverage for those cases.

/reviewed-on !659
parents 81e99deb d42225fb
...@@ -280,3 +280,31 @@ class TestAccessKvmClusterAdditional(MonitorAccessMixin, InstanceTestCase): ...@@ -280,3 +280,31 @@ class TestAccessKvmClusterAdditional(MonitorAccessMixin, InstanceTestCase):
result.status_code result.status_code
) )
self.assertTrue('<title>noVNC</title>' in result.text) self.assertTrue('<title>noVNC</title>' in result.text)
@unittest.skipIf(not sanityCheck(), 'missing kvm_intel module')
class TestInstanceResilient(InstanceTestCase):
__partition_reference__ = 'ir'
instance_max_retry = 20
@classmethod
def getInstanceSoftwareType(cls):
return 'kvm-resilient'
def test(self):
# just check that keys returned on requested partition are for resilient
self.assertSetEqual(
set(self.computer_partition.getConnectionParameterDict().keys()),
set([
'backend-url',
'feed-url-kvm-1-pull',
'feed-url-kvm-1-push',
'ipv6',
'ipv6-network-info',
'monitor-base-url',
'monitor-password',
'monitor-setup-url',
'monitor-user',
'takeover-kvm-1-password',
'takeover-kvm-1-url',
'url']))
...@@ -14,11 +14,11 @@ ...@@ -14,11 +14,11 @@
# not need these here). # not need these here).
[template] [template]
filename = instance.cfg filename = instance.cfg
md5sum = 317c49bf451e80bf0f9d44baa603861e md5sum = 8b78e32b877d591400746ec7fd68ed4c
[template-runner] [template-runner]
filename = instance-runner.cfg filename = instance-runner.cfg
md5sum = bacb2d1a38d3a512025e861debdc75b2 md5sum = 85ea0b78fd18428c242438ebe95f980b
[template-runner-import-script] [template-runner-import-script]
filename = template/runner-import.sh.jinja2 filename = template/runner-import.sh.jinja2
...@@ -26,7 +26,7 @@ md5sum = fc22e2d2f03ce58631f157a5b4943e15 ...@@ -26,7 +26,7 @@ md5sum = fc22e2d2f03ce58631f157a5b4943e15
[instance-runner-import] [instance-runner-import]
filename = instance-runner-import.cfg.in filename = instance-runner-import.cfg.in
md5sum = 1f1c62f2bc09a6ab3a2f96eacdf99492 md5sum = b450c474464a326f3d0b98728460ac97
[instance-runner-export] [instance-runner-export]
filename = instance-runner-export.cfg.in filename = instance-runner-export.cfg.in
...@@ -34,7 +34,7 @@ md5sum = b992bb3391de9d6d422bfa8011d8ffc4 ...@@ -34,7 +34,7 @@ md5sum = b992bb3391de9d6d422bfa8011d8ffc4
[template-resilient] [template-resilient]
filename = instance-resilient.cfg.jinja2 filename = instance-resilient.cfg.jinja2
md5sum = 0f3d75ca834839c5ae04e9c26cca289a md5sum = 2271c829b94542b7b2d9c589376ae538
[template_nginx_conf] [template_nginx_conf]
filename = nginx_conf.in filename = nginx_conf.in
......
...@@ -26,6 +26,9 @@ eggs-directory = {{ eggs_directory }} ...@@ -26,6 +26,9 @@ eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }} develop-eggs-directory = {{ develop_eggs_directory }}
offline = true offline = true
extends =
{{ monitor_template }}
# += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended # += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended
parts += parts +=
publish-early publish-early
......
...@@ -112,7 +112,7 @@ context = ...@@ -112,7 +112,7 @@ context =
raw restore_exit_code_file ${:restore-exit-code-file} raw restore_exit_code_file ${:restore-exit-code-file}
raw restore_error_message_file ${:restore-error-message-file} raw restore_error_message_file ${:restore-error-message-file}
[importer-consistency-promise] [importer-consistency-promise-bin]
# Test that the importer script and "after-import" subscripts # Test that the importer script and "after-import" subscripts
# are not older than 2 days (1 day + some slack), and have succeeded # are not older than 2 days (1 day + some slack), and have succeeded
recipe = collective.recipe.template recipe = collective.recipe.template
...@@ -135,10 +135,16 @@ input = inline: #!/bin/sh ...@@ -135,10 +135,16 @@ input = inline: #!/bin/sh
fi fi
fi fi
exit 1; # Something else went wrong exit 1; # Something else went wrong
output = ${directory:promises}/importer-consistency-promise output = ${directory:bin}/importer-consistency-promise
mode = 755 mode = 755
[software-release-deployment-promise] [importer-consistency-promise]
<= monitor-promise-base
module = check_command_execute
name = importer-consistency-promise.py
config-command = ${importer-consistency-promise-bin:output}
[software-release-deployment-bin]
recipe = collective.recipe.template recipe = collective.recipe.template
input = inline: #!/bin/sh input = inline: #!/bin/sh
PROJECT_FILE=$(find "${directory:etc}" -maxdepth 1 -name .project) PROJECT_FILE=$(find "${directory:etc}" -maxdepth 1 -name .project)
...@@ -153,9 +159,15 @@ input = inline: #!/bin/sh ...@@ -153,9 +159,15 @@ input = inline: #!/bin/sh
fi fi
fi fi
exit 1 exit 1
output = ${directory:promises}/software-release-deployment-promise output = ${directory:bin}/software-release-deployment-promise
mode = 755 mode = 755
[software-release-deployment-promise]
<= monitor-promise-base
module = check_command_execute
name = software-release-deployment-promise.py
config-command =${software-release-deployment-bin:output}
[resilient-software-release-information] [resilient-software-release-information]
recipe = slapos.recipe.template recipe = slapos.recipe.template
url = {{ software_release_information_template }} url = {{ software_release_information_template }}
......
...@@ -85,20 +85,18 @@ config-url = {{ slapparameter_dict.get('custom-frontend-backend-url') }} ...@@ -85,20 +85,18 @@ config-url = {{ slapparameter_dict.get('custom-frontend-backend-url') }}
return = site_url domain return = site_url domain
[custom-frontend-promise] [custom-frontend-promise]
recipe = slapos.cookbook:check_url_available <= monitor-promise-base
path = $${directory:promises}/custom_frontend_promise module = check_url_available
url = https://$${request-custom-frontend:connection-domain} name = custom_frontend_promise.py
config-url = https://$${request-custom-frontend:connection-domain}
{% if slapparameter_dict.get('custom-frontend-basic-auth') -%} {% if slapparameter_dict.get('custom-frontend-basic-auth') -%}
check-secure = 1 config-check-secure = 1
{% endif -%} {% endif -%}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
[custom-frontend-url-ready-promise] [custom-frontend-url-ready-promise-bin]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
path = $${directory:promises}/custom_frontend_ready_promise
url = https://$${request-custom-frontend:connection-domain} url = https://$${request-custom-frontend:connection-domain}
rendered = $${directory:promises}/custom_frontend_ready_promise rendered = $${directory:bin}/custom_frontend_ready_promise
template = inline: template = inline:
#!{{ dash_executable_location }} #!{{ dash_executable_location }}
...@@ -110,6 +108,12 @@ template = inline: ...@@ -110,6 +108,12 @@ template = inline:
exit 1 exit 1
fi fi
[custom-frontend-url-ready-promise]
<= monitor-promise-base
module = check_command_execute
name = custom_frontend_ready_promise.py
config-command = $${custom-frontend-url-ready-promise-bin:rendered}
[publish-connection-information] [publish-connection-information]
custom-frontend-url = $${custom-frontend-url-ready-promise:url} custom-frontend-url = $${custom-frontend-url-ready-promise:url}
{% endif %} {% endif %}
...@@ -135,7 +139,6 @@ ssh = $${:etc}/ssh/ ...@@ -135,7 +139,6 @@ ssh = $${:etc}/ssh/
log = $${:var}/log/ log = $${:var}/log/
run = $${:var}/run/ run = $${:var}/run/
backup = $${:srv}/backup/ backup = $${:srv}/backup/
promises = $${:etc}/promise/
test = $${:etc}/test/ test = $${:etc}/test/
nginx-data = $${:srv}/nginx nginx-data = $${:srv}/nginx
ca-dir = $${:srv}/ssl ca-dir = $${:srv}/ssl
...@@ -476,13 +479,12 @@ output = $${directory:scripts}/slaprunner-httpd-graceful ...@@ -476,13 +479,12 @@ output = $${directory:scripts}/slaprunner-httpd-graceful
mode = 700 mode = 700
[apache-httpd-promise] [apache-httpd-promise]
recipe = slapos.cookbook:check_url_available <= monitor-promise-base
path = $${directory:promises}/$${:filename} module = check_url_available
name = $${:filename}.py
filename = apache-httpd-listening-on-tcp filename = apache-httpd-listening-on-tcp
url = $${apache-httpd:access-url} config-url = $${apache-httpd:access-url}
check-secure = 1 config-check-secure = 1
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
[slaprunner-httpd-cors] [slaprunner-httpd-cors]
recipe = plone.recipe.command recipe = plone.recipe.command
...@@ -579,12 +581,11 @@ config-domain = $${slap-parameter:frontend-domain} ...@@ -579,12 +581,11 @@ config-domain = $${slap-parameter:frontend-domain}
return = site_url domain return = site_url domain
[slaprunner-frontend-promise] [slaprunner-frontend-promise]
recipe = slapos.cookbook:check_url_available <= monitor-promise-base
path = $${directory:promises}/slaprunner_frontend module = check_url_available
url = https://$${request-frontend:connection-domain}/login name = slaprunner_frontend.py
dash_path = ${dash:location}/bin/dash config-url = https://$${request-frontend:connection-domain}/login
curl_path = ${curl:location}/bin/curl config-check-secure = 1
check-secure = 1
[request-httpd-frontend] [request-httpd-frontend]
<= slap-connection <= slap-connection
...@@ -600,12 +601,11 @@ config-domain = ...@@ -600,12 +601,11 @@ config-domain =
return = secure_access domain return = secure_access domain
[httpd-frontend-promise] [httpd-frontend-promise]
recipe = slapos.cookbook:check_url_available <= monitor-promise-base
path = $${directory:promises}/slaprunner-apache-http-frontend module = check_url_available
url = $${request-httpd-frontend:connection-secure_access} name = slaprunner-apache-http-frontend.py
dash_path = {{ dash_executable_location }} config-url = $${request-httpd-frontend:connection-secure_access}
curl_path = {{ curl_executable_location }} config-check-secure = 1
check-secure = 1
{% endif %} {% endif %}
...@@ -667,16 +667,18 @@ monitor-password = $${monitor-publish-parameters:monitor-password} ...@@ -667,16 +667,18 @@ monitor-password = $${monitor-publish-parameters:monitor-password}
#-- Deploy promises scripts #-- Deploy promises scripts
[slaprunner-promise] [slaprunner-promise]
recipe = slapos.cookbook:check_port_listening <= monitor-promise-base
path = $${directory:promises}/slaprunner module = check_port_listening
hostname = $${slaprunner:ipv6} name = slaprunner.py
port = $${slaprunner:runner_port} config-hostname = $${slaprunner:ipv6}
config-port = $${slaprunner:runner_port}
[runner-sshd-promise] [runner-sshd-promise]
recipe = slapos.cookbook:check_port_listening <= monitor-promise-base
path = $${directory:promises}/runner-sshd module = check_port_listening
hostname = $${slap-network-information:global-ipv6} name = runner-sshd.py
port = $${runner-sshd-port:port} config-hostname = $${slap-network-information:global-ipv6}
config-port = $${runner-sshd-port:port}
[symlinks] [symlinks]
recipe = cns.recipe.symlink recipe = cns.recipe.symlink
...@@ -891,10 +893,11 @@ name = slapgrid ...@@ -891,10 +893,11 @@ name = slapgrid
log = $${runnerdirectory:home}/instance/*/.slapgrid/log/instance.log $${runnerdirectory:home}/instance/*/.slapgrid/promise/log/*.log log = $${runnerdirectory:home}/instance/*/.slapgrid/log/instance.log $${runnerdirectory:home}/instance/*/.slapgrid/promise/log/*.log
[supervisord-promise] [supervisord-promise]
recipe = slapos.cookbook:check_port_listening <= monitor-promise-base
path = $${directory:promises}/supervisord module = check_port_listening
hostname = $${slaprunner:ipv4} name = supervisord.py
port = $${supervisord:port} config-hostname = $${slaprunner:ipv4}
config-port = $${supervisord:port}
# XXX Monitor # XXX Monitor
[monitor-instance-parameter] [monitor-instance-parameter]
......
...@@ -42,6 +42,7 @@ context = key buildout buildout:bin-directory ...@@ -42,6 +42,7 @@ context = key buildout buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration key slapparameter_dict slap-configuration:configuration
raw monitor_template ${monitor-template:rendered}
template-parts-destination = ${template-parts:target} template-parts-destination = ${template-parts:target}
template-replicated-destination = ${template-replicated:target} template-replicated-destination = ${template-replicated:target}
import-list = file parts :template-parts-destination import-list = file parts :template-parts-destination
......
...@@ -269,3 +269,31 @@ class ServicesTestCase(SlaprunnerTestCase): ...@@ -269,3 +269,31 @@ class ServicesTestCase(SlaprunnerTestCase):
expected_process_name = name.format(hash=h) expected_process_name = name.format(hash=h)
self.assertIn(expected_process_name, process_names) self.assertIn(expected_process_name, process_names)
class TestInstanceResilient(SlaprunnerTestCase):
instance_max_retry = 20
@classmethod
def getInstanceSoftwareType(cls):
return 'resilient'
def test(self):
# just check that keys returned on requested partition are for resilient
self.assertSetEqual(
set(self.computer_partition.getConnectionParameterDict().keys()),
set([
'backend-url',
'feed-url-runner-1-pull',
'feed-url-runner-1-push',
'git-private-url',
'git-public-url',
'init-password',
'init-user',
'monitor-base-url',
'monitor-setup-url',
'public-url',
'ssh-command',
'takeover-runner-1-password',
'takeover-runner-1-url',
'url',
'webdav-url']))
...@@ -14,23 +14,23 @@ ...@@ -14,23 +14,23 @@
# not need these here). # not need these here).
[pbsready] [pbsready]
filename = pbsready.cfg.in filename = pbsready.cfg.in
md5sum = f3bf5e1d8bbfbb428c5bbe3a57d8cbe5 md5sum = 5e0dcd4c290f0b46cb2d316dc1c9c011
[pbsready-import] [pbsready-import]
filename = pbsready-import.cfg.in filename = pbsready-import.cfg.in
md5sum = 9d36d08ac6ae351b598a67db41657cc6 md5sum = d813c43ed00eff868fb13bc75b045336
[pbsready-export] [pbsready-export]
filename = pbsready-export.cfg.in filename = pbsready-export.cfg.in
md5sum = c6c11db5372150019debb1ce519b907d md5sum = 2e804e06b5203c3f127c31a1704c48bd
[template-pull-backup] [template-pull-backup]
filename = instance-pull-backup.cfg.in filename = instance-pull-backup.cfg.in
md5sum = 57b9b421d233402e6d5177c69cf9567e md5sum = 0bbe16f3d805afd880a251a4f40ecaf1
[template-replicated] [template-replicated]
filename = template-replicated.cfg.in filename = template-replicated.cfg.in
md5sum = 7392935be29d89f8224bccac78e3ecd0 md5sum = 290b380fe3da8736642bc10a8b1163d1
[template-parts] [template-parts]
filename = template-parts.cfg.in filename = template-parts.cfg.in
......
...@@ -222,22 +222,34 @@ wrapper-path = $${directory:bin}/resilient-genstatrss.py ...@@ -222,22 +222,34 @@ wrapper-path = $${directory:bin}/resilient-genstatrss.py
recipe = cns.recipe.symlink recipe = cns.recipe.symlink
symlink = $${pbs:rdiff-backup-data-folder}/restore.log = $${basedirectory:log}/pbs-push-history-log symlink = $${pbs:rdiff-backup-data-folder}/restore.log = $${basedirectory:log}/pbs-push-history-log
[pull-push-stalled-promise] [pull-push-stalled-promise-bin]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
# # time-buffer is 24h (+1h of latitude) # # time-buffer is 24h (+1h of latitude)
command-line = ${buildout:bin-directory}/check-feed-as-promise --feed-path $${pbs-resilient-status-feed:feed-path} --title --ok-pattern 'OK' --time-buffer 90000 command-line = ${buildout:bin-directory}/check-feed-as-promise --feed-path $${pbs-resilient-status-feed:feed-path} --title --ok-pattern 'OK' --time-buffer 90000
wrapper-path = $${basedirectory:promises}/stalled-pull-push wrapper-path = $${rootdirectory:bin}/stalled-pull-push
[notifier-feed-status-promise] [pull-push-stalled-promise]
<= monitor-promise-base
module = check_command_execute
name = stalled-pull-push.py
config-command = $${pull-push-stalled-promise-bin:wrapper-path}
[notifier-feed-status-promise-bin]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
template = ${notifier-feed-promise-template:target} template = ${notifier-feed-promise-template:target}
rendered = $${basedirectory:promises}/notifier-feed-check-malformed-or-failure.py rendered = $${rootdirectory:bin}/notifier-feed-check-malformed-or-failure.py
mode = 700 mode = 700
context = context =
key notifier_feed_directory directory:notifier-feeds key notifier_feed_directory directory:notifier-feeds
raw base_url http://[$${notifier:host}]:$${notifier:port}/get/ raw base_url http://[$${notifier:host}]:$${notifier:port}/get/
raw python_executable ${buildout:executable} raw python_executable ${buildout:executable}
[notifier-feed-status-promise]
<= monitor-promise-base
module = check_command_execute
name = notifier-feed-check-malformed-or-failure.py
config-command = $${notifier-feed-status-promise-bin:rendered}
#---------------- #----------------
#-- #--
#-- Publish instance parameters. #-- Publish instance parameters.
......
...@@ -46,7 +46,7 @@ max-run = 3 ...@@ -46,7 +46,7 @@ max-run = 3
[logrotate-entry-notifier] [logrotate-entry-notifier]
rendered = ${rootdirectory:etc}/logrotate_notifier.conf rendered = ${rootdirectory:etc}/logrotate_notifier.conf
[notifier-exporter-promise] [notifier-exporter-promise-bin]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
mode = 700 mode = 700
template = inline: template = inline:
...@@ -56,7 +56,13 @@ template = inline: ...@@ -56,7 +56,13 @@ template = inline:
if [ -s "$EXPORTER_FEED" ]; then if [ -s "$EXPORTER_FEED" ]; then
tail -n 1 $EXPORTER_FEED | grep -vq FAILURE_PATTERN tail -n 1 $EXPORTER_FEED | grep -vq FAILURE_PATTERN
fi fi
rendered = ${basedirectory:promises}/exporter-status rendered = ${rootdirectory:bin}/exporter-status
[notifier-exporter-promise]
<= monitor-promise-base
module = check_command_execute
name = exporter-status.py
config-command = ${notifier-exporter-promise-bin:rendered}
[cron-entry-backup] [cron-entry-backup]
# Schedule the periodic database dump. # Schedule the periodic database dump.
......
...@@ -65,7 +65,7 @@ recipe = slapos.cookbook:notifier.callback ...@@ -65,7 +65,7 @@ recipe = slapos.cookbook:notifier.callback
on-notification-id = $${slap-parameter:on-notification} on-notification-id = $${slap-parameter:on-notification}
callback = $${post-notification-run:output} callback = $${post-notification-run:output}
[backup-checksum-integrity-promise] [backup-checksum-integrity-promise-bin]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
template = inline: template = inline:
#!/${bash:location}/bin/bash #!/${bash:location}/bin/bash
...@@ -80,9 +80,16 @@ template = inline: ...@@ -80,9 +80,16 @@ template = inline:
# If file doesn't exist, promise shouldnt raise false positive # If file doesn't exist, promise shouldnt raise false positive
exit 0; exit 0;
fi fi
rendered = $${basedirectory:promises}/backup-checksum-integrity rendered = $${rootdirectory:bin}/backup-checksum-integrity
mode = 700 mode = 700
[backup-checksum-integrity-promise]
<= monitor-promise-base
module = check_command_execute
name = backup-checksum-integrity.py
config-command = $${backup-checksum-integrity-promise-bin:rendered}
########### ###########
# Generate the takeover script # Generate the takeover script
########### ###########
...@@ -155,11 +162,10 @@ command-line = $${:apache-executable} -f $${resilient-web-takeover-httpd-configu ...@@ -155,11 +162,10 @@ command-line = $${:apache-executable} -f $${resilient-web-takeover-httpd-configu
wrapper-path = $${basedirectory:services}/resilient-web-takeover-httpd wrapper-path = $${basedirectory:services}/resilient-web-takeover-httpd
[resilient-web-takeover-httpd-promise] [resilient-web-takeover-httpd-promise]
recipe = slapos.cookbook:check_url_available <= monitor-promise-base
path = $${basedirectory:promises}/resilient-web-takeover-httpd module = check_url_available
url = http://[$${resilient-web-takeover-httpd-configuration-file:listening-ip}]:$${resilient-web-takeover-httpd-configuration-file:listening-port}/ name = resilient-web-takeover-httpd.py
dash_path = ${dash:location}/bin/dash config-url = http://[$${resilient-web-takeover-httpd-configuration-file:listening-ip}]:$${resilient-web-takeover-httpd-configuration-file:listening-port}/
curl_path = ${curl:location}/bin/curl
########### ###########
# Symlinks # Symlinks
......
...@@ -40,7 +40,6 @@ services = $${rootdirectory:etc}/service ...@@ -40,7 +40,6 @@ services = $${rootdirectory:etc}/service
run = $${rootdirectory:var}/run run = $${rootdirectory:var}/run
scripts = $${rootdirectory:etc}/run scripts = $${rootdirectory:etc}/run
backup = $${rootdirectory:srv}/backup backup = $${rootdirectory:srv}/backup
promises = $${rootdirectory:etc}/promise
services = $${rootdirectory:etc}/service services = $${rootdirectory:etc}/service
cache = $${rootdirectory:var}/cache cache = $${rootdirectory:var}/cache
notifier = $${rootdirectory:etc}/notifier notifier = $${rootdirectory:etc}/notifier
...@@ -152,11 +151,17 @@ name = resilient-notifier-status-feed ...@@ -152,11 +151,17 @@ name = resilient-notifier-status-feed
frequency = */5 * * * * frequency = */5 * * * *
command = $${notifier-resilient-status-feed:wrapper-path} command = $${notifier-resilient-status-feed:wrapper-path}
[notifier-stalled-promise] [notifier-stalled-promise-bin]
recipe = slapos.cookbook:wrapper recipe = slapos.cookbook:wrapper
# time-buffer is 24h (+1h of latitude) # time-buffer is 24h (+1h of latitude)
command-line = ${buildout:bin-directory}/check-feed-as-promise --feed-path $${notifier-resilient-status-feed:feed-path} --title --ok-pattern 'OK' --time-buffer 90000 command-line = ${buildout:bin-directory}/check-feed-as-promise --feed-path $${notifier-resilient-status-feed:feed-path} --title --ok-pattern 'OK' --time-buffer 90000
wrapper-path = $${basedirectory:promises}/stalled-notifier-callbacks wrapper-path = $${rootdirectory:bin}/stalled-notifier-callbacks
[notifier-stalled-promise]
<= monitor-promise-base
module = check_command_execute
name = stalled-notifier-callbacks.py
config-command = $${notifier-stalled-promise-bin:wrapper-path}
#---------------- #----------------
#-- #--
...@@ -206,10 +211,11 @@ command-line = $${directory:bin}/killpidfromfile $${resilient-sshd-config:path_p ...@@ -206,10 +211,11 @@ command-line = $${directory:bin}/killpidfromfile $${resilient-sshd-config:path_p
wrapper-path = $${basedirectory:scripts}/sshd-graceful wrapper-path = $${basedirectory:scripts}/sshd-graceful
[sshd-promise] [sshd-promise]
recipe = slapos.cookbook:check_port_listening <= monitor-promise-base
path = $${basedirectory:promises}/sshd module = check_port_listening
hostname = $${slap-network-information:global-ipv6} name = sshd.py
port = $${sshd-port:port} config-hostname = $${slap-network-information:global-ipv6}
config-port = $${sshd-port:port}
#---------------- #----------------
#-- #--
...@@ -237,7 +243,7 @@ public-key = $${sshd-raw-server:rsa-keyfile}.pub ...@@ -237,7 +243,7 @@ public-key = $${sshd-raw-server:rsa-keyfile}.pub
private-key = $${sshd-raw-server:rsa-keyfile} private-key = $${sshd-raw-server:rsa-keyfile}
wrapper = $${basedirectory:services}/sshd wrapper = $${basedirectory:services}/sshd
[resilient-sshkeys-sshd-promise] [resilient-sshkeys-sshd-promise-bin]
# Check that public key file exists and is not empty # Check that public key file exists and is not empty
recipe = collective.recipe.template recipe = collective.recipe.template
input = inline:#!${bash:location}/bin/bash input = inline:#!${bash:location}/bin/bash
...@@ -245,23 +251,34 @@ input = inline:#!${bash:location}/bin/bash ...@@ -245,23 +251,34 @@ input = inline:#!${bash:location}/bin/bash
if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then
exit 1 exit 1
fi fi
output = $${basedirectory:promises}/public-key-existence output = $${rootdirectory:bin}/public-key-existence
mode = 700 mode = 700
[resilient-sshkeys-sshd-promise]
<= monitor-promise-base
module = check_command_execute
name = public-key-existence.py
config-command = $${resilient-sshkeys-sshd-promise-bin:output}
#---------------- #----------------
#-- #--
#-- Promises #-- Promises
[notifier-feed-status-promise] [notifier-feed-status-promise-bin]
recipe = slapos.recipe.template:jinja2 recipe = slapos.recipe.template:jinja2
template = ${notifier-feed-promise-template:target} template = ${notifier-feed-promise-template:target}
rendered = $${basedirectory:promises}/notifier-feed-check-malformed-or-failure.py rendered = $${rootdirectory:bin}/notifier-feed-check-malformed-or-failure.py
mode = 700 mode = 700
context = context =
key notifier_feed_directory directory:notifier-feeds key notifier_feed_directory directory:notifier-feeds
raw base_url http://[$${notifier:host}]:$${notifier:port}/get/ raw base_url http://[$${notifier:host}]:$${notifier:port}/get/
raw python_executable ${buildout:executable} raw python_executable ${buildout:executable}
[notifier-feed-status-promise]
<= monitor-promise-base
module = check_command_execute
name = notifier-feed-check-malformed-or-failure.py
config-command = $${notifier-feed-status-promise-bin:rendered}
#---------------- #----------------
#-- #--
#-- Connection informations to re-use. #-- Connection informations to re-use.
......
...@@ -18,7 +18,7 @@ ...@@ -18,7 +18,7 @@
recipe = slapos.cookbook:mkdirectory recipe = slapos.cookbook:mkdirectory
home = ${buildout:directory} home = ${buildout:directory}
etc = ${:home}/etc etc = ${:home}/etc
promise = ${:etc}/promise bin = ${:home}/bin
## Tells the Backupable recipe that we want a backup ## Tells the Backupable recipe that we want a backup
...@@ -137,7 +137,7 @@ takeover-{{namebase}}-{{id}}-password = ${request-{{namebase}}-pseudo-replicatin ...@@ -137,7 +137,7 @@ takeover-{{namebase}}-{{id}}-password = ${request-{{namebase}}-pseudo-replicatin
[resilient-request-{{namebase}}-public-key-promise] [resilient-request-{{namebase}}-public-key-promise-bin]
# Check that public-key-value parameter exists and is not empty # Check that public-key-value parameter exists and is not empty
# XXX: maybe we should consider empty values to be non-nexistent. # XXX: maybe we should consider empty values to be non-nexistent.
recipe = collective.recipe.template recipe = collective.recipe.template
...@@ -147,12 +147,19 @@ input = inline:#!/bin/bash ...@@ -147,12 +147,19 @@ input = inline:#!/bin/bash
if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then
exit 1 exit 1
fi fi
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-public-key output = ${resilient-directory:bin}/resilient-request-{{namebase}}-public-key
mode = 700 mode = 700
[resilient-request-{{namebase}}-public-key-promise]
<= monitor-promise-base
module = check_command_execute
name = resilient-request-{{namebase}}-public-key.py
config-command = ${resilient-request-{{namebase}}-public-key-promise-bin:output}
{% for id in range(1,nbbackup|int) %} {% for id in range(1,nbbackup|int) %}
[resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key-promise] [resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key-promise-bin]
# Check that public-key-value parameter exists and is not empty # Check that public-key-value parameter exists and is not empty
# XXX: maybe we should consider empty values to be non-nexistent. # XXX: maybe we should consider empty values to be non-nexistent.
recipe = collective.recipe.template recipe = collective.recipe.template
...@@ -162,9 +169,15 @@ input = inline:#!/bin/bash ...@@ -162,9 +169,15 @@ input = inline:#!/bin/bash
if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then
exit 1 exit 1
fi fi
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key output = ${resilient-directory:bin}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
mode = 700 mode = 700
[resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key-promise]
<= monitor-promise-base
module = check_command_execute
name = resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key.py
config-command = ${resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key-promise-bin:output}
{% endfor %} {% endfor %}
...@@ -214,7 +227,7 @@ sla-{{ key }} = {{ value }} ...@@ -214,7 +227,7 @@ sla-{{ key }} = {{ value }}
{% endfor %} {% endfor %}
{% endif %} {% endif %}
[resilient-request-pbs-{{namebase}}-{{id}}-public-key-promise] [resilient-request-pbs-{{namebase}}-{{id}}-public-key-promise-bin]
# Check that public-key-value parameter exists and is not empty # Check that public-key-value parameter exists and is not empty
# XXX: maybe we should consider empty values to be non-nexistent. # XXX: maybe we should consider empty values to be non-nexistent.
recipe = collective.recipe.template recipe = collective.recipe.template
...@@ -224,9 +237,14 @@ input = inline:#!/bin/bash ...@@ -224,9 +237,14 @@ input = inline:#!/bin/bash
if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then if [[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]]; then
exit 1 exit 1
fi fi
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key output = ${resilient-directory:bin}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
mode = 700 mode = 700
[resilient-request-pbs-{{namebase}}-{{id}}-public-key-promise]
<= monitor-promise-base
module = check_command_execute
name = resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
config-command = ${resilient-request-pbs-{{namebase}}-{{id}}-public-key-promise-bin:output}
[request-pull-backup-server-{{namebase}}-{{id}}] [request-pull-backup-server-{{namebase}}-{{id}}]
<= request-pbs-common <= request-pbs-common
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment