Commit b0f1e06e authored by Nicolas Wavrant's avatar Nicolas Wavrant

Merge branch 'slaprunner-paas-test'

parents fcf5ea96 79a9b17e
No related merge requests found
......@@ -19,7 +19,7 @@ recipe = slapos.recipe.build:npm
packages = sm@0.2.11
node = nodejs
environment =
PATH=${nodejs:location}/bin:%(PATH)s
PATH=${nodejs-0.6:location}/bin:%(PATH)s
[cloud9-stable]
# Online IDE written in javascript/node.js
......@@ -49,7 +49,34 @@ recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
filename = cloud9-socket.patch
download-only = true
#md5sum = 5dc8cc28447ed3747b8a53c768d872aa
md5sum = c581456cb3a76841898f79f9600e3a1e
[cloud9-file-already-exist.patch]
# This patch prevents the error "File already exists"
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
filename = cloud9-file_already_exist.patch
download-only = true
md5sum = 0bc104af8176388d60cbf884b72c8318
[cloud9-remove-all-listeners.patch]
# This patch prevents cloud9 to die every
# time a tab is closed
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
filename = cloud9-removeAllListeners.patch
download-only = true
md5sum = 357915330d677f4917140e02a55646b7
[cloud9-git-download]
recipe = slapos.recipe.build:gitclone
repository = https://github.com/ajaxorg/cloud9.git
revision = f7d102bc225c922f116d2cea52a746d64343ea59
location = ${buildout:parts-directory}/cloud9
git-executable = ${git:location}/bin/git
develop = true
use-cache = true
ignore-ssl-certificate = true
[cloud9-git]
# Online IDE written in javascript/node.js
......@@ -58,13 +85,10 @@ download-only = true
# NODE_PATH=${:destination}/node_modules ${nodejs:node_location} ${:cloud9_js_location}
recipe = plone.recipe.command
stop-on-error = true
commit = f7d102bc225c922f116d2cea52a746d64343ea59
repository = https://github.com/ajaxorg/cloud9.git
location = ${buildout:parts-directory}/${:_buildout_section_name_}
environment = export GIT_SSL_NO_VERIFY=true; export PATH=${git:location}/bin:${nodejs:location}/bin:${node-sm:location}/node_modules/sm/bin:$PATH; export CPPFLAGS="-I${libxml2:location}/include -I${nodejs:location}/include"; export LDFLAGS="-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib"; export HOME=${:location};
command = ${:environment} (git clone --quiet ${:repository} ${:location} && cd ${:location} && git reset --hard ${:commit} && ${node-sm:location}/node_modules/.bin/sm install && patch -p1 < ${cloud9-session-directory.patch:location}/${cloud9-session-directory.patch:filename} && ${node-sm:location}/node_modules/.bin/sm install && patch -p1 < ${cloud9-socket.patch:location}/${cloud9-socket.patch:filename}) || (rm -fr ${:location}; exit 1)
update-command =
executable = ${:location}/server.js
environment = export GIT_SSL_NO_VERIFY=true; export PATH=${git:location}/bin:${nodejs-0.6:location}/bin:${node-sm:location}/node_modules/.bin/:$PATH; export CPPFLAGS="-I${libxml2:location}/include -I${nodejs-0.6:location}/include"; export LDFLAGS="-L${libxml2:location}/lib -Wl,-rpath=${libxml2:location}/lib"; export HOME=${cloud9-git-download:location};
command = ${:environment} (cd ${cloud9-git-download:location} && ${node-sm:location}/node_modules/.bin/sm install && patch -p1 < ${cloud9-session-directory.patch:location}/${cloud9-session-directory.patch:filename} && patch -p1 < ${cloud9-socket.patch:location}/${cloud9-socket.patch:filename} && patch -p1 < ${cloud9-file-already-exist.patch:location}/${cloud9-file-already-exist.patch:filename} && patch -p1 < ${cloud9-remove-all-listeners.patch:location}/${cloud9-remove-all-listeners.patch:filename}) || (rm -fr ${cloud9-git-download:location}; exit 1)
update-command = true
executable = ${cloud9-git-download:location}/server.js
[cloud9-npm]
# Online IDE written in javascript/node.js
......
diff --git a/node_modules/vfs-local/localfs.js b/node_modules/vfs-local/localfs.js
index 7ce9981..1dd07b7 100644
--- a/node_modules/vfs-local/localfs.js
+++ b/node_modules/vfs-local/localfs.js
@@ -677,7 +677,7 @@ module.exports = function setup(fsOptions) {
else {
var err = new Error("File already exists.");
err.code = "EEXIST";
- callback(err);
+ //callback(err);
}
});
});
diff --git a/plugins-server/cloud9.ide.watcher/file_watcher.js b/plugins-server/cloud9.ide.watcher/file_watcher.
index b7ed7da..36dcd05 100644
--- a/plugins-server/cloud9.ide.watcher/file_watcher.js
+++ b/plugins-server/cloud9.ide.watcher/file_watcher.js
@@ -69,11 +69,11 @@ util.inherits(FileWatcher, EventEmitter);
this.close = function() {
if (this.watcher) {
- this.watcher.removeAllListeners();
+ //this.watcher.removeAllListeners();
this.watcher.close();
this.emit("close");
}
this.watcher = null;
};
-}).call(FileWatcher.prototype);
\ No newline at end of file
+}).call(FileWatcher.prototype);
......@@ -184,7 +184,6 @@ setup(name=name,
'slapmonitor = slapos.recipe.slapmonitor:MonitorRecipe',
'slapmonitor-xml = slapos.recipe.slapmonitor:MonitorXMLRecipe',
'slapreport = slapos.recipe.slapreport:Recipe',
'slaprunner = slapos.recipe.slaprunner:Recipe',
'slaprunner.test = slapos.recipe.slaprunner:Test',
'slaprunner.export = slapos.recipe.slaprunner.backup:ExportRecipe',
'slaprunner.import = slapos.recipe.slaprunner.backup:ImportRecipe',
......
......@@ -155,7 +155,7 @@ class GenericBaseRecipe(object):
pidfile=%s
if [ -e $pidfile ]; then
pid=$(cat $pidfile)
if [[ ! -z $(ps -p "$pid" | grep $(basename %s)) ]]; then
if [ ! -z $(ps -p "$pid" | grep $(basename %s)) ]; then
echo "Already running with pid $pid."
exit 1
else
......
......@@ -34,7 +34,11 @@ from slapos.recipe.librecipe import GenericBaseRecipe
def login_shell(args):
password = args['password']
entered_password = getpass()
if (password != ''):
entered_password = getpass()
else:
entered_password = ''
if entered_password != password:
return 1
......@@ -54,11 +58,11 @@ def shellinabox(args):
with open(args['ssl_certificate']) as public_key_file:
print >> certificate_file, public_key_file.read()
user = pwd.getpwuid(os.getuid()).pw_name
group = grp.getgrgid(os.getgid()).gr_name
user = pwd.getpwuid(os.getuid()).pw_uid
group = grp.getgrgid(os.getgid()).gr_gid
service = '/:%(user)s:%(group)s:%(directory)s:%(command)s' % {
'user': group,
'group': user,
'user': user,
'group': group,
'directory': args['directory'],
'command': args['login_shell'],
}
......
......@@ -27,78 +27,8 @@
from slapos.recipe.librecipe import GenericBaseRecipe
import os
class Recipe(GenericBaseRecipe):
def _options(self, options):
self.ipv4 = options['ipv4'].strip()
self.ipv6 = options['ipv6'].strip()
self.proxy_port = options['proxy_port'].strip()
self.runner_port = options['runner_port'].strip()
self.workdir = options['working-directory'].strip()
self.software_directory = options['software-directory'].strip()
self.instance_directory = options['instance-directory'].strip()
self.partition_amount = options['partition-amount'].strip()
self.cloud9_url = options.get('cloud9-url', '').strip()
self.log_file = os.path.join(options['log_dir'].strip(), 'slaprunner.log')
# Set slaprunner access URL, CLN Beware ipv6 access is made throught nginx
options['access-url'] = 'https://[%s]:%s' % (self.ipv6, self.runner_port)
def install(self):
path_list = []
configuration = dict(
software_root=self.software_directory,
instance_root=self.instance_directory,
master_url='http://%s:%s' % (self.ipv4, self.proxy_port),
computer_id='slaprunner',
partition_amount=self.partition_amount,
slapgrid_sr=self.options['slapgrid_sr'],
slapgrid_cp=self.options['slapgrid_cp'],
slapproxy=self.options['slapproxy'],
supervisor=self.options['supervisor'],
supervisord_config=os.path.join(self.instance_directory, 'etc',
'supervisord.conf'),
runner_workdir=self.workdir,
etc_dir=self.options['etc_dir'],
run_dir=self.options['run_dir'],
log_dir=self.options['log_dir'],
runner_host=self.ipv4,
runner_port=self.runner_port,
ipv4_address=self.ipv4,
ipv6_address=self.ipv6,
proxy_host=self.ipv4,
proxy_port=self.proxy_port,
proxy_database=os.path.join(self.workdir, 'proxy.db'),
git=self.options['git-binary'],
ssh_client=self.options['ssh_client'],
public_key=self.options['public_key'],
private_key=self.options['private_key'],
cloud9_url=self.cloud9_url
)
config_file = self.createFile(self.options['slapos.cfg'],
self.substituteTemplate(self.getTemplateFilename('slapos.cfg.in'),
configuration))
path_list.append(config_file)
environment = dict(
PATH=os.path.dirname(
self.options['git-binary']) + ':' + os.environ['PATH'],
GIT_SSH=self.options['ssh_client']
)
launch_args = [self.options['slaprunner'].strip(), config_file,
'--log_file', self.log_file]
if self.optionIsTrue('debug', default=False):
launch_args.append('--debug')
wrapper = self.createPythonScript(self.options['wrapper'],
'slapos.recipe.librecipe.execute.executee',
(launch_args, environment)
)
path_list.append(wrapper)
return path_list
#XXX-Nicolas This recipe has to be deleted as soon as possible
#No changes allowed, except full-replacement using buildout
class Test(GenericBaseRecipe):
def _options(self, options):
self.ipv4 = options['ipv4'].strip()
......
......@@ -70,7 +70,7 @@ class ExportRecipe(GenericBaseRecipe):
fi
done
}
sync_element %(srv-directory)s/runner %(backup-directory)s/runner/ instance project proxy.db softwareLink
sync_element %(srv-directory)s/runner %(backup-directory)s/runner/ instance project proxy.db
sync_element %(etc-directory)s %(backup-directory)s/etc/ .rcode .project .users .htpasswd ssh
if [ -d %(backup-directory)s/runner/software ]; then
rm %(backup-directory)s/runner/software/*
......@@ -119,13 +119,14 @@ class ImportRecipe(GenericBaseRecipe):
fi
done
}
restore_element %(backup-directory)s/runner/ %(srv-directory)s/runner instance project proxy.db softwareLink
restore_element %(backup-directory)s/runner/ %(srv-directory)s/runner instance project proxy.db
restore_element %(backup-directory)s/etc/ %(etc-directory)s .rcode .project .users .htpasswd ssh
ifs=$IFS IFS=';'
read user pass remaining < %(etc-directory)s/.users
IFS=$ifs
%(curl-binary)s --insecure -vg6L -F clogin="$user" -F cpwd="$pass" --dump-header login_cookie %(backend-url)s/doLogin;
%(curl-binary)s --insecure -vg6LX POST --cookie login_cookie --max-time 5 %(backend-url)s/runSoftwareProfile;
%(curl-binary)s --insecure -vg6L --cookie login_cookie --max-time 5 %(backend-url)s/isSRReady;
%(curl-binary)s --insecure -vg6LX POST --cookie login_cookie --max-time 5 %(backend-url)s/runSoftwareProfile --user "$user":"$pass";
rm -f login_cookie
""" % self.options)
self.createExecutable(wrapper, content=content)
......
......@@ -28,3 +28,74 @@ instance-amount
Optional parameter.
Default: 10
AUTO-DEPLOYMENT
---------------
You can automatically deploy a software release while deploying the webrunner itself, using the paramater XML.
To do this, you only need to pass as a parameter named "slapos-software" : "AAA/BBB", where AAA is the folder of slapos.git where is located your BBB software.
For example, to deploy the hello-world software, you need to pass : software/helloworld
This is possible because the slapos.git is automatically downloaded when the webrunner is deployed.
It is also possible to download you own git repository, by providing the url in the "slapos-repository" parameter.
Last but not least, it is also possible to switch the branch with the parameter "slapos-reference" (by default pointing on master)
Resilience :
------------
To order a resilient runner, you have to request a runner with the option: "--type resilient"
You can then decide on which node you want to deploy each instance, with the parameters.xml :
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="-sla-runner2-computer_guid">COMP-XXXX</parameter>
<parameter id="-sla-pbs2-computer_guid">COMP-XXXX</parameter>
<parameter id="-sla-pbs1-computer_guid">COMP-XXXX</parameter>
<parameter id="-sla-runner1-computer_guid">COMP-XXXX</parameter>
<parameter id="-sla-runner0-computer_guid">COMP-XXXX</parameter>
</instance>
If you want to check by yourself that the pull-backup instances do their job, you can change directory to the slappart of runner0, and run ./bin/exporter (after creating your account, using the given backend_url or url): it would fill ./srv/backup/runner with data. If you then go to an import instance (runner1 or runner2) on the port 50005, you should be able to sign in the runner.
Tips :
~~~~~
To find in which partition the instance has been deployed, you can open the page of this specific instance, and look for "slappartXX" on the page.
Tests :
-------
To test the runner, start by ordering a runner with default type. Then READ the important note below :
/!\ IMPORTANT NOTE ON THE TESTS /!\ : in order to make them work, you have to comment the last line of the file __init__.py in the runner module (which is just : "run()"). Indeed, this line is used to load the config, when importing this module throught Gunicorn (the wsgi server). But the test suite loads itself the configuration, in fonction of the tested scenarios, etc... (You can find the module in the SR folder directory, under ./eggs/slapos.toolbox, or under parts/slapos.toolbox if you have a development version)
Then, su in the concerned slapuserX and run "./bin/runTestSuite".
For the tests on the resiliency of the webrunner, please refer to the README in slapos.toolbox.git/slapos/resiliencytest
Request custom frontend :
-------------------------
While deploying a server in your instance, you may need to ask for a custom ipv4 frontend.
The way to do that is to send a new parameter to your runner instance, using the parameters XML. The name of it is "custom-frontend-backend-url".
To create the frontend, you now have to wait the slaprunner to be processed.
If you deploy a server, which uses basic auth, you also have to declare the parameter "custom-frontend-basic-auth" as true, or your slaprunner instance won't show as correctly instanciated.
Example :
<?xml version='1.0' encoding='utf-8'?>
<instance>
<parameter id="custom-frontend-backend-url">http(s)://[THE_IPV6_ADDRESS]:PORT</parameter>
<parameter id="custom-frontend-basic-auth">true</parameter>
</instance>
Things to notice for the nex developer :
----------------------------------------
As you can see in instance-runner-*.cfg, the buildout section extends a hard-coded template file. If one day you need to modify the filename, do not forget to modify it in instance.cfg, but also in these files ! (the problem is that the content of instance.cfg is not known by buildout while the deployment of the software release)
- Use https to connect to the runner. !!! Critical
- resilient sr: Cloned instances should not launch slapgrid-sr if it was not launched on export instance
- shellinabox password should be the same in all the resilient instances
......@@ -9,6 +9,9 @@ extends =
../../component/lxml-python/buildout.cfg
../../component/nginx/buildout.cfg
../../component/rsync/buildout.cfg
../../component/python-2.7/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/busybox/buildout.cfg
../../stack/flask.cfg
../../stack/shacache-client.cfg
../../stack/resilient/buildout.cfg
......@@ -25,7 +28,7 @@ parts =
instance-runner-import
instance-runner-export
slapos-cookbook
slapos-cfg-template
# XXX: we have to manually add this for resilience
rdiff-backup
collective.recipe.template-egg
......@@ -76,48 +79,50 @@ command =
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg
md5sum = 92a2f3bcd5ff79e3b61ca4a8bacb73ec
md5sum = 8a47421ac6158b4ee476acab212c67d9
mode = 0644
[template-runner]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner.cfg
output = ${buildout:directory}/template-runner.cfg
md5sum = bcd1ee4dd126d2c6e9461f7753fc83b7
output = ${buildout:directory}/template-runner.cfg.in
md5sum = e1f7b39241c1c211410ad5ef75845c68
mode = 0644
[instance-runner-import]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-import.cfg.in
output = ${buildout:directory}/instance-runner-import.cfg
md5sum = f16cb60bb16632e652bea69cd5cdd9b7
md5sum = 93e3c496c0955a0f7e09570bbe44e3ea
mode = 0644
[instance-runner-export]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-export.cfg.in
output = ${buildout:directory}/instance-runner-export.cfg
md5sum = 9ce3482e64a0c957f7a5f25ad0dc03ae
md5sum = 3a69ef9a2743dbb4ab0708a7675d100c
mode = 0644
[template-resilient]
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
md5sum = 2562a6ac6893cc71a7328d7064aff599
md5sum = c23e8eb84b4e8375543e104e0993a019
filename = instance-resilient.cfg.jinja2
mode = 0644
[template-resilient-test]
recipe = slapos.recipe.download
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-resilient-test.cfg.jinja2
md5sum = ac772d3a1cce4072acfabd563df449bb
download-only = true
md5sum = 18269f9c88f9c3bb1c2b535e44f64f56
filename = instance-resilient-test.cfg.jinja2
mode = 0644
[template_nginx_conf]
recipe = slapos.recipe.download
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/nginx_conf.in
md5sum = 09b7677dfc6b23c1f58e67fd06a7625e
download-only = true
md5sum = e169a8f217fab490ffb435d4b2d07ef3
filename = nginx_conf.in
mode = 0644
......@@ -129,6 +134,15 @@ filename = launcher.in
mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[slapos-cfg-template]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/${:filename}
md5sum = 6e90b4d037ba549640345827370f8dc3
location = ${buildout:parts-directory}/${:_buildout_section_name_}
filename = slapos.cfg.in
download-only = true
mode = 0644
[eggs]
recipe = z3c.recipe.scripts
eggs =
......@@ -145,6 +159,8 @@ eggs =
slapos.core
xml_marshaller
pytz
collective.recipe.environment
Gunicorn
# Add slapos.libnetworkcache to path of slapos.core so that slaprunner can build SRs using cache
[slapos-cookbook]
......@@ -162,4 +178,3 @@ eggs =
xml_marshaller
pytz
slapos.libnetworkcache
......@@ -26,20 +26,21 @@ develop =
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
branch = kvmresiliency
branch = slaprunner-paas
git-executable = ${git:location}/bin/git
[slapos.cookbook-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.git
branch = slaprunner
branch = slaprunner-paas-test
git-executable = ${git:location}/bin/git
# Used for resiliency tests only
[erp5.util-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/erp5.git
branch = scalability-master2
#branch = scalability-master2
revision = f9a812f4e97ffeed359bc5611366a5c8675ec749
git-executable = ${git:location}/bin/git
#[slapos.core-repository]
......
......@@ -46,10 +46,13 @@ config = resiliency-backup-periodicity frontend-domain cloud9-frontend-domain {{
{% for key, value in cluster_parameter_dict.items() -%}
config-{{ key }} = {{ dumps(value) }}
{% endfor -%}
config-resiliency-backup-periodicity = *
config-resiliency-backup-periodicity = * * * * *
# XXX hardcoded
config-frontend-domain = google.com
config-cloud9-frontend-domain = google.com
# XXX Hack to deploy Root Instance on the same computer as the type-test Instance
sla = computer_guid
sla-computer_guid = ${slap-connection:computer-id}
return = backend_url
[slap-parameter]
......@@ -17,17 +17,19 @@ parts +=
# Bubble up the parameters
[request-runner]
return = url ssh-public-key ssh-url notification-id ip backend_url url cloud9_url ssh_command password_recovery_code cloud9_backend_url
return = url ssh-public-key ssh-url notification-id ip backend_url url cloud9_url ssh_command password_recovery_code cloud9_backend_url shell_password access_url
[publish-connection-informations]
recipe = slapos.cookbook:publish
1_info = Set your passord in slaprunner in order to access cloud9
backend_url = ${request-runner:connection-backend_url}
access_url = ${request-runner:connection-access_url}
url = ${request-runner:connection-url}
cloud9_url = ${request-runner:connection-cloud9_url}
cloud9_backend_url = ${request-runner:connection-cloud9_backend_url}
ssh_command = ${request-runner:connection-ssh_command}
password_recovery_code = ${request-runner:connection-password_recovery_code}
shell_password = ${request-runner:connection-shell_password}
[slap-parameter]
# Default parameters for distributed deployment
......
[buildout]
extends = ${template-runner:output}
extends = template-runner.cfg
${pbsready-export:output}
parts +=
......@@ -9,20 +9,28 @@ parts +=
certificate-authority
ca-nginx
ca-node-frontend
slaprunner
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
test-runner
sshkeys-dropbear-runner
dropbear-server-add-authorized-key
sshkeys-authority
publish-connection-informations
slaprunner-promise
slaprunner-frontend-promise
cloud9-promise
cloud9-frontend-promise
dropbear-promise
shellinabox-promise
symlinks
request-cloud9-frontend
node-frontend-promise
nginx-promise
publish-connection-informations
shellinabox
slapos-cfg
slapos-repo-config
prepare-software
cron-entry-backup
[exporter]
......
[buildout]
extends = ${template-runner:output}
extends = template-runner.cfg
${pbsready-import:output}
parts +=
......@@ -9,7 +9,9 @@ parts +=
certificate-authority
ca-nginx
ca-node-frontend
slaprunner
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
test-runner
sshkeys-dropbear-runner
dropbear-server-add-authorized-key
......@@ -17,8 +19,14 @@ parts +=
slaprunner-promise
cloud9-promise
dropbear-promise
shellinabox-promise
nginx-promise
shellinabox
symlinks
nginx-promise
slapos-cfg
slapos-repo-config
prepare-software
# have to repeat the next one, as it's not inherited from pbsready-import
import-on-notification
......
This diff is collapsed.
......@@ -7,16 +7,30 @@ develop-eggs-directory = ${buildout:develop-eggs-directory}
[switch_softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${template-runner:output}
default = $${instance-base-runner:rendered}
resilient = $${instance-resilient:rendered}
test = $${instance-resilient-test:rendered}
runner = ${template-runner:output}
runner = $${instance-base-runner:rendered}
runner-import = ${instance-runner-import:output}
runner-export = ${instance-runner-export:output}
frozen = ${instance-frozen:output}
pull-backup = ${template-pull-backup:output}
[instance-base-runner]
recipe = slapos.recipe.template:jinja2
template = ${template-runner:output}
rendered = $${buildout:directory}/template-runner.cfg
extensions = jinja2.ext.do
context = key buildout buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
raw curl_executable_location ${curl:location}/bin/curl
raw dash_executable_location ${dash:location}/bin/dash
raw dcron_executable_location ${dcron:location}/sbin/crond
mode = 0644
[instance-resilient]
recipe = slapos.recipe.template:jinja2
template = ${template-resilient:target}
......@@ -50,4 +64,4 @@ computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
\ No newline at end of file
cert = $${slap-connection:cert-file}
......@@ -55,16 +55,39 @@ http {
fastcgi_temp_path {{ param_tempdir['fastcgi_temp_path'] }};
uwsgi_temp_path {{ param_tempdir['uwsgi_temp_path'] }};
scgi_temp_path {{ param_tempdir['scgi_temp_path'] }};
error_page 401 /login;
location / {
proxy_pass http://{{ param_nginx_frontend['runner-ip'] }}:{{ param_nginx_frontend['runner-port'] }};
auth_basic "Restricted";
auth_basic_user_file {{ param_nginx_frontend['etc_dir'] }}/.htpasswd;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Accel-Mapping /private/;
proxy_pass http://unix:{{ socket }};
}
location ~ ^(/login|/doLogin|/static|/setAccount|/configAccount|/slapgridResult|/isSRReady) {
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Accel-Mapping /private/;
proxy_pass http://unix:{{ socket }};
}
location /shellinabox {
proxy_pass http://[{{ param_nginx_frontend['global-ip'] }}]:{{ shellinabox_port }}/;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
auth_basic "Restricted";
auth_basic_user_file {{ param_nginx_frontend['etc_dir'] }}/.htpasswd;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
}
proxy_set_header X-Forwarded-Host $http_host;
}
}
}
......@@ -5,12 +5,22 @@
# 2/ Define list of trusted certificates for the cache.
[buildout]
extends = common.cfg
extends = development.cfg
[networkcache]
# signature certificates of the following uploaders.
# Cedric de Saint Martin
# Test Agent
# Romain Courteaud
# Sebastien Robin
# Kazuhiko Shiozaki
# Cedric de Saint Martin
# Yingjie Xu
# Gabriel Monnerat
# Łukasz Nowak
# Test Agent (Automatic update from tests)
# Aurélien Calonne
# Nicolas Wavrant
signature-certificate-list =
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
......@@ -38,6 +48,136 @@ signature-certificate-list =
5pW18Ry5Ie7iFK4cQMerZwWPxBodEbAteYlRsI6kePV7Gf735Y1RpuN8qZ2sYL6e
x2IMeSwJ82BpdEI5niXxB+iT0HxhmR+XaMI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB4DCCAUkCADANBgkqhkiG9w0BAQsFADA5MQswCQYDVQQGEwJGUjEZMBcGA1UE
CBMQRGVmYXVsdCBQcm92aW5jZTEPMA0GA1UEChMGTmV4ZWRpMB4XDTExMDkxNTA5
MDAwMloXDTEyMDkxNTA5MDAwMlowOTELMAkGA1UEBhMCRlIxGTAXBgNVBAgTEERl
ZmF1bHQgUHJvdmluY2UxDzANBgNVBAoTBk5leGVkaTCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEApYZv6OstoqNzxG1KI6iE5U4Ts2Xx9lgLeUGAMyfJLyMmRLhw
boKOyJ9Xke4dncoBAyNPokUR6iWOcnPHtMvNOsBFZ2f7VA28em3+E1JRYdeNUEtX
Z0s3HjcouaNAnPfjFTXHYj4um1wOw2cURSPuU5dpzKBbV+/QCb5DLheynisCAwEA
ATANBgkqhkiG9w0BAQsFAAOBgQBCZLbTVdrw3RZlVVMFezSHrhBYKAukTwZrNmJX
mHqi2tN8tNo6FX+wmxUUAf3e8R2Ymbdbn2bfbPpcKQ2fG7PuKGvhwMG3BlF9paEC
q7jdfWO18Zp/BG7tagz0jmmC4y/8akzHsVlruo2+2du2freE8dK746uoMlXlP93g
QUUGLQ==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB8jCCAVugAwIBAgIJAPu2zchZ2BxoMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
BAMMB3RzeGRldjMwHhcNMTExMDE0MTIxNjIzWhcNMTIxMDEzMTIxNjIzWjASMRAw
DgYDVQQDDAd0c3hkZXYzMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrPbh+
YGmo6mWmhVb1vTqX0BbeU0jCTB8TK3i6ep3tzSw2rkUGSx3niXn9LNTFNcIn3MZN
XHqbb4AS2Zxyk/2tr3939qqOrS4YRCtXBwTCuFY6r+a7pZsjiTNddPsEhuj4lEnR
L8Ax5mmzoi9nE+hiPSwqjRwWRU1+182rzXmN4QIDAQABo1AwTjAdBgNVHQ4EFgQU
/4XXREzqBbBNJvX5gU8tLWxZaeQwHwYDVR0jBBgwFoAU/4XXREzqBbBNJvX5gU8t
LWxZaeQwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQA07q/rKoE7fAda
FED57/SR00OvY9wLlFEF2QJ5OLu+O33YUXDDbGpfUSF9R8l0g9dix1JbWK9nQ6Yd
R/KCo6D0sw0ZgeQv1aUXbl/xJ9k4jlTxmWbPeiiPZEqU1W9wN5lkGuLxV4CEGTKU
hJA/yXa1wbwIPGvX3tVKdOEWPRXZLg==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB7jCCAVegAwIBAgIJAJWA0jQ4o9DGMA0GCSqGSIb3DQEBBQUAMA8xDTALBgNV
BAMMBHg2MXMwIBcNMTExMTI0MTAyNDQzWhgPMjExMTEwMzExMDI0NDNaMA8xDTAL
BgNVBAMMBHg2MXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANdJNiFsRlkH
vq2kHP2zdxEyzPAWZH3CQ3Myb3F8hERXTIFSUqntPXDKXDb7Y/laqjMXdj+vptKk
3Q36J+8VnJbSwjGwmEG6tym9qMSGIPPNw1JXY1R29eF3o4aj21o7DHAkhuNc5Tso
67fUSKgvyVnyH4G6ShQUAtghPaAwS0KvAgMBAAGjUDBOMB0GA1UdDgQWBBSjxFUE
RfnTvABRLAa34Ytkhz5vPzAfBgNVHSMEGDAWgBSjxFUERfnTvABRLAa34Ytkhz5v
PzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4GBAFLDS7zNhlrQYSQO5KIj
z2RJe3fj4rLPklo3TmP5KLvendG+LErE2cbKPqnhQ2oVoj6u9tWVwo/g03PMrrnL
KrDm39slYD/1KoE5kB4l/p6KVOdeJ4I6xcgu9rnkqqHzDwI4v7e8/D3WZbpiFUsY
vaZhjNYKWQf79l6zXfOvphzJ
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAO4V/jiMoICoMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMjMyMCAXDTEyMDIxNjExMTAyM1oYDzIxMTIwMTIzMTExMDIzWjAT
MREwDwYDVQQDDAhDT01QLTIzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
wi/3Z8W9pUiegUXIk/AiFDQ0UJ4JFAwjqr+HSRUirlUsHHT+8DzH/hfcTDX1I5BB
D1ADk+ydXjMm3OZrQcXjn29OUfM5C+g+oqeMnYQImN0DDQIOcUyr7AJc4xhvuXQ1
P2pJ5NOd3tbd0kexETa1LVhR6EgBC25LyRBRae76qosCAwEAAaNQME4wHQYDVR0O
BBYEFMDmW9aFy1sKTfCpcRkYnP6zUd1cMB8GA1UdIwQYMBaAFMDmW9aFy1sKTfCp
cRkYnP6zUd1cMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAskbFizHr
b6d3iIyN+wffxz/V9epbKIZVEGJd/6LrTdLiUfJPec7FaxVCWNyKBlCpINBM7cEV
Gn9t8mdVQflNqOlAMkOlUv1ZugCt9rXYQOV7rrEYJBWirn43BOMn9Flp2nibblby
If1a2ZoqHRxoNo2yTmm7TSYRORWVS+vvfjY=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAIlBksrZVkK8MA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMzU3MCAXDTEyMDEyNjEwNTUyOFoYDzIxMTIwMTAyMTA1NTI4WjAT
MREwDwYDVQQDDAhDT01QLTM1NzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ts+iGUwi44vtIfwXR8DCnLtHV4ydl0YTK2joJflj0/Ws7mz5BYkxIU4fea/6+VF3
i11nwBgYgxQyjNztgc9u9O71k1W5tU95yO7U7bFdYd5uxYA9/22fjObaTQoC4Nc9
mTu6r/VHyJ1yRsunBZXvnk/XaKp7gGE9vNEyJvPn2bkCAwEAAaNQME4wHQYDVR0O
BBYEFKuGIYu8+6aEkTVg62BRYaD11PILMB8GA1UdIwQYMBaAFKuGIYu8+6aEkTVg
62BRYaD11PILMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAMoTRpBxK
YLEZJbofF7gSrRIcrlUJYXfTfw1QUBOKkGFFDsiJpEg4y5pUk1s5Jq9K3SDzNq/W
it1oYjOhuGg3al8OOeKFrU6nvNTF1BAvJCl0tr3POai5yXyN5jlK/zPfypmQYxE+
TaqQSGBJPVXYt6lrq/PRD9ciZgKLOwEqK8w=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAPHoWu90gbsgMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCXZpZmlibm9kZTAeFw0xMjAzMTkyMzIwNTVaFw0xMzAzMTkyMzIwNTVaMBQx
EjAQBgNVBAMMCXZpZmlibm9kZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
ozBijpO8PS5RTeKTzA90vi9ezvv4vVjNaguqT4UwP9+O1+i6yq1Y2W5zZxw/Klbn
oudyNzie3/wqs9VfPmcyU9ajFzBv/Tobm3obmOqBN0GSYs5fyGw+O9G3//6ZEhf0
NinwdKmrRX+d0P5bHewadZWIvlmOupcnVJmkks852BECAwEAAaNQME4wHQYDVR0O
BBYEFF9EtgfZZs8L2ZxBJxSiY6eTsTEwMB8GA1UdIwQYMBaAFF9EtgfZZs8L2ZxB
JxSiY6eTsTEwMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAc43YTfc6
baSemaMAc/jz8LNLhRE5dLfLOcRSoHda8y0lOrfe4lHT6yP5l8uyWAzLW+g6s3DA
Yme/bhX0g51BmI6gjKJo5DoPtiXk/Y9lxwD3p7PWi+RhN+AZQ5rpo8UfwnnN059n
yDuimQfvJjBFMVrdn9iP6SfMjxKaGk6gVmI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAMNZBmoIOXPBMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtMTMyMCAXDTEyMDUwMjEyMDQyNloYDzIxMTIwNDA4MTIwNDI2WjAT
MREwDwYDVQQDDAhDT01QLTEzMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
6peZQt1sAmMAmSG9BVxxcXm8x15kE9iAplmANYNQ7z2YO57c10jDtlYlwVfi/rct
xNUOKQtc8UQtV/fJWP0QT0GITdRz5X/TkWiojiFgkopza9/b1hXs5rltYByUGLhg
7JZ9dZGBihzPfn6U8ESAKiJzQP8Hyz/o81FPfuHCftsCAwEAAaNQME4wHQYDVR0O
BBYEFNuxsc77Z6/JSKPoyloHNm9zF9yqMB8GA1UdIwQYMBaAFNuxsc77Z6/JSKPo
yloHNm9zF9yqMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAl4hBaJy1
cgiNV2+Z5oNTrHgmzWvSY4duECOTBxeuIOnhql3vLlaQmo0p8Z4c13kTZq2s3nhd
Loe5mIHsjRVKvzB6SvIaFUYq/EzmHnqNdpIGkT/Mj7r/iUs61btTcGUCLsUiUeci
Vd0Ozh79JSRpkrdI8R/NRQ2XPHAo+29TT70=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB9jCCAV+gAwIBAgIJAKRvzcy7OH0UMA0GCSqGSIb3DQEBBQUAMBMxETAPBgNV
BAMMCENPTVAtNzcyMCAXDTEyMDgxMDE1NDI1MVoYDzIxMTIwNzE3MTU0MjUxWjAT
MREwDwYDVQQDDAhDT01QLTc3MjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA
o7aipd6MbnuGDeR1UJUjuMLQUariAyQ2l2ZDS6TfOwjHiPw/mhzkielgk73kqN7A
sUREx41eTcYCXzTq3WP3xCLE4LxLg1eIhd4nwNHj8H18xR9aP0AGjo4UFl5BOMa1
mwoyBt3VtfGtUmb8whpeJgHhqrPPxLoON+i6fIbXDaUCAwEAAaNQME4wHQYDVR0O
BBYEFEfjy3OopT2lOksKmKBNHTJE2hFlMB8GA1UdIwQYMBaAFEfjy3OopT2lOksK
mKBNHTJE2hFlMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAaNRx6YN2
M/p3R8/xS6zvH1EqJ3FFD7XeAQ52WuQnKSREzuw0dsw12ClxjcHiQEFioyTiTtjs
5pW18Ry5Ie7iFK4cQMerZwWPxBodEbAteYlRsI6kePV7Gf735Y1RpuN8qZ2sYL6e
x2IMeSwJ82BpdEI5niXxB+iT0HxhmR+XaMI=
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+DCCAWGgAwIBAgIJAKGd0vpks6T/MA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCUNPTVAtMTU4NDAgFw0xMzA2MjAxMjE5MjBaGA8yMTEzMDUyNzEyMTkyMFow
FDESMBAGA1UEAwwJQ09NUC0xNTg0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDZTH9etPUC+wMZQ3UIiOwyyCfHsJ+7duCFYjuo1uZrhtDt/fp8qb8qK9ob+df3
EEYgA0IgI2j/9jNUEnKbc5+OrfKznzXjrlrH7zU8lKBVNCLzQuqBKRNajZ+UvO8R
nlqK2jZCXP/p3HXDYUTEwIR5W3tVCEn/Vda4upTLcPVE5wIDAQABo1AwTjAdBgNV
HQ4EFgQU7KXaNDheQWoy5uOU01tn1M5vNkEwHwYDVR0jBBgwFoAU7KXaNDheQWoy
5uOU01tn1M5vNkEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQASmqCU
Znbvu6izdicvjuE3aKnBa7G++Fdp2bdne5VCwVbVLYCQWatB+n4crKqGdnVply/u
+uZ16u1DbO9rYoKgWqjLk1GfiLw5v86pd5+wZd5I9QJ0/Sbz2vZk5S4ciMIGwArc
m711+GzlW5xe6GyH9SZaGOPAdUbI6JTDwLzEgA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIB+DCCAWGgAwIBAgIJAJAOvB8P2YYMMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
BAMMCUNPTVAtMTg1MjAgFw0xMzEyMDMxMjU5NDJaGA8yMTEzMTEwOTEyNTk0Mlow
FDESMBAGA1UEAwwJQ09NUC0xODUyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
gQDgR2qKVURmOUmzc7KVL2Gk2VezWlHlJy3V3k1WVYahhFsSjf3O4VyTtroHbIGu
YMJaHLSvGvvvkVJIz/DKqOvl1/6435t+coYECimvzqzTBDWFlEKJbEixz/3nPnXe
CFqVzuCQ7e3nRIrIGLml6jZnXwPlzx8ANn1LO8pwKHj+xwIDAQABo1AwTjAdBgNV
HQ4EFgQUvo7qkSq82Ax5/vnxHoJOhySQSGowHwYDVR0jBBgwFoAUvo7qkSq82Ax5
/vnxHoJOhySQSGowDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOBgQCbNxtq
BckDSWb92gy/p+JbkMXLjRSSWgeKafvWQXMXpPHW847CPzUDB7zT0rT8a8SRjVuL
Vt/oo2VlJ9xbKEz/qppX8w1TwEZhEJk6h8ky51s2EyyITUy8LHESJes9l46DRbr8
Rm6WS5sk5oiCd146YkWhfZuOsQHXSG/+WC/GPQ==
-----END CERTIFICATE-----
[versions]
Flask-Auth = 0.85
......@@ -46,35 +186,36 @@ Werkzeug = 0.8.3
apache-libcloud = 0.11.4
async = 0.6.1
buildout-versions = 1.7
cliff = 1.4
cmd2 = 0.6.6
cns.recipe.symlink = 0.2.3
collective.recipe.environment = 0.2.0
collective.recipe.template = 1.10
erp5.util = 0.4.36
gitdb = 0.5.4
hexagonit.recipe.cmmi = 1.6
inotifyx = 0.2.0
inotifyx = 0.2.0-1
lock-file = 2.0
lxml = 3.0.1
meld3 = 0.6.10
netaddr = 0.7.10
plone.recipe.command = 1.1
prettytable = 0.7.2
pycrypto = 2.6
pytz = 2013b
#slapos.cookbook = 0.71.1
pytz = 2013.7
rdiff-backup = 1.0.5
requests = 1.2.3
slapos.cookbook = 0.84.2
slapos.core = 0.35.1
slapos.libnetworkcache = 0.13.4
slapos.recipe.build = 0.11.5
slapos.recipe.cmmi = 0.2
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.template = 2.4.2
#slapos.toolbox = 0.34.0
#slapos.toolbox = 0.35.1
smmap = 0.8.2
xml-marshaller = 0.9.7
z3c.recipe.scripts = 1.0.1
lock-file = 2.0
rdiff-backup = 1.0.5
slapos.recipe.cmmi = 0.2
slapos.recipe.download = 1.0.dev-r4053
slapos.toolbox = 0.35.1
slapos.cookbook = 0.78.5
cliff = 1.4
cmd2 = 0.6.6
prettytable = 0.7.2
requests = 1.2.3
# Required by:
# slapos.core==0.34
# slapos.toolbox==0.34.0
......@@ -94,7 +235,7 @@ feedparser = 5.1.3
# Required by:
# hexagonit.recipe.cmmi==1.6
hexagonit.recipe.download = 1.6nxd002
hexagonit.recipe.download = 1.7nxd002
# Required by:
# slapos.core==0.34
......@@ -134,3 +275,6 @@ unittest2 = 0.5.1
# Required by:
# slapos.core==0.34
zope.interface = 4.0.3
# WSGI server
gunicorn = 18.0
[slapos]
software_root = {{ software_root }}
instance_root = {{instance_root }}
master_url = http://{{ ipv4 }}:{{ proxy_port }}
computer_id = slaprunner
maximal_delay = 0
[slapformat]
partition_amount = {{ partition_amount }}
[slaprunner]
slapgrid_sr = {{ slapgrid_sr }}
slapgrid_cp = {{ slapgrid_cp }}
slapproxy = {{ slapproxy }}
supervisor = {{ supervisor }}
supervisord_config = {{ supervisord_config }}
runner_workdir = {{ runner_workdir }}
runner_host = {{ ipv4 }}
runner_port = {{ runner_port }}
ipv4_address = {{ ipv4 }}
ipv6_address = {{ ipv6 }}
etc_dir = {{ etc_dir }}
run_dir = {{ run_dir }}
log_dir = {{ log_dir }}
console = {{ console }}
verbose = {{ verbose }}
debug = {{ debug }}
auto_deploy = {{ auto_deploy }}
[slapproxy]
host = {{ proxy_host }}
port = {{ proxy_port }}
database_uri = {{ proxy_database }}
[sshkeys_authority]
ssh_client = {{ ssh_client }}
public_key = {{ public_key }}
private_key = {{ private_key }}
[gitclient]
git = {{ git }}
[cloud9_IDE]
cloud9 = {{ cloud9_url }}
......@@ -141,7 +141,7 @@ parts =
[slapos.cookbook-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.git
branch = erp5
branch = master
git-executable = ${git:location}/bin/git
[check-recipe]
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment