Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
Analytics
Analytics
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Commits
Issue Boards
Open sidebar
Jean-Paul Smets
slapos
Commits
bc357712
Commit
bc357712
authored
Apr 03, 2015
by
Alain Takoudjou
Browse files
Options
Browse Files
Download
Plain Diff
Merge branch 're6st-master' into master
parents
23d31649
484c0931
Changes
14
Hide whitespace changes
Inline
Side-by-side
Showing
14 changed files
with
1189 additions
and
2 deletions
+1189
-2
component/re6stnet/buildout.cfg
component/re6stnet/buildout.cfg
+3
-2
setup.py
setup.py
+1
-0
slapos/recipe/re6stnet/__init__.py
slapos/recipe/re6stnet/__init__.py
+220
-0
slapos/recipe/re6stnet/re6stnet.py
slapos/recipe/re6stnet/re6stnet.py
+183
-0
slapos/test/recipe/test_re6stnet.py
slapos/test/recipe/test_re6stnet.py
+184
-0
software/re6stnet/apache.conf.in
software/re6stnet/apache.conf.in
+57
-0
software/re6stnet/instance-logrotate-base.cfg.in
software/re6stnet/instance-logrotate-base.cfg.in
+50
-0
software/re6stnet/instance-re6stnet-input-schema.json
software/re6stnet/instance-re6stnet-input-schema.json
+17
-0
software/re6stnet/instance-re6stnet-output-schema.json
software/re6stnet/instance-re6stnet-output-schema.json
+11
-0
software/re6stnet/instance-re6stnet.cfg.in
software/re6stnet/instance-re6stnet.cfg.in
+214
-0
software/re6stnet/instance.cfg.in
software/re6stnet/instance.cfg.in
+50
-0
software/re6stnet/re6st-registry.conf.in
software/re6stnet/re6st-registry.conf.in
+11
-0
software/re6stnet/software.cfg
software/re6stnet/software.cfg
+167
-0
software/re6stnet/software.cfg.json
software/re6stnet/software.cfg.json
+21
-0
No files found.
component/re6stnet/buildout.cfg
View file @
bc357712
...
...
@@ -28,8 +28,9 @@ stop-on-error = true
dir = ${re6stnet-repository:location}
command =
rm -f "${:dir}/re6stconf.py" && ln -s re6st-conf "${:dir}/re6stconf.py"
rm -f "${:dir}/re6stregister.py" && ln -s re6st-conf "${:dir}/re6stregister.py"
rm -f "${:dir}/re6stnet.py" && ln -s re6st-conf "${:dir}/re6stnet.py"
rm -f "${:dir}/re6stregistry.py" && ln -s re6st-registry "${:dir}/re6stregistry.py"
rm -f "${:dir}/re6stnet.py" && ln -s re6stnet "${:dir}/re6stnet.py"
sed -i 's#("git",)#("${git:location}/bin/git",)#' ${:dir}/re6st/version.py
update-command = ${:command}
...
...
setup.py
View file @
bc357712
...
...
@@ -174,6 +174,7 @@ setup(name=name,
'request.serialised = slapos.recipe.request:Serialised'
,
'request.edge = slapos.recipe.request:RequestEdge'
,
'requestoptional = slapos.recipe.request:RequestOptional'
,
're6stnet.registry = slapos.recipe.re6stnet:Recipe'
,
'reverseproxy.nginx = slapos.recipe.reverse_proxy_nginx:Recipe'
,
'seleniumrunner = slapos.recipe.seleniumrunner:Recipe'
,
'sheepdogtestbed = slapos.recipe.sheepdogtestbed:SheepDogTestBed'
,
...
...
slapos/recipe/re6stnet/__init__.py
0 → 100644
View file @
bc357712
##############################################################################
#
# Copyright (c) 2010 Vifib SARL and Contributors. All Rights Reserved.
#
# WARNING: This program as such is intended to be used by professional
# programmers who take the whole responsibility of assessing all potential
# consequences resulting from its eventual inadequacies and bugs
# End users who are looking for a ready-to-use solution with commercial
# guarantees and support are strongly adviced to contract a Free Software
# Service Company
#
# This program is Free Software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 3
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
##############################################################################
import
subprocess
from
slapos.recipe.librecipe
import
GenericBaseRecipe
import
socket
import
struct
import
os
import
string
,
random
import
json
import
traceback
from
slapos
import
slap
class
Recipe
(
GenericBaseRecipe
):
def
__init__
(
self
,
buildout
,
name
,
options
):
"""Default initialisation"""
self
.
slap
=
slap
.
slap
()
# SLAP related information
slap_connection
=
buildout
[
'slap-connection'
]
self
.
computer_id
=
slap_connection
[
'computer-id'
]
self
.
computer_partition_id
=
slap_connection
[
'partition-id'
]
self
.
server_url
=
slap_connection
[
'server-url'
]
self
.
software_release_url
=
slap_connection
[
'software-release-url'
]
self
.
key_file
=
slap_connection
.
get
(
'key-file'
)
self
.
cert_file
=
slap_connection
.
get
(
'cert-file'
)
return
GenericBaseRecipe
.
__init__
(
self
,
buildout
,
name
,
options
)
def
getSerialFromIpv6
(
self
,
ipv6
):
prefix
=
ipv6
.
split
(
'/'
)[
0
].
lower
()
hi
,
lo
=
struct
.
unpack
(
'!QQ'
,
socket
.
inet_pton
(
socket
.
AF_INET6
,
prefix
))
ipv6_int
=
(
hi
<<
64
)
|
lo
serial
=
'0x1%x'
%
ipv6_int
# delete non significant part
for
part
in
prefix
.
split
(
':'
)[::
-
1
]:
if
part
:
for
i
in
[
'0'
]
*
(
4
-
len
(
part
)):
part
=
i
+
part
serial
=
serial
.
split
(
part
)[
0
]
+
part
break
return
serial
def
generateCertificate
(
self
):
key_file
=
self
.
options
[
'key-file'
].
strip
()
cert_file
=
self
.
options
[
'cert-file'
].
strip
()
if
not
os
.
path
.
exists
(
key_file
):
serial
=
self
.
getSerialFromIpv6
(
self
.
options
[
'ipv6-prefix'
].
strip
())
key_command
=
[
self
.
options
[
'openssl-bin'
],
'genrsa'
,
'-out'
,
'%s'
%
key_file
,
self
.
options
[
'key-size'
]]
#'-config', openssl_configuration
cert_command
=
[
self
.
options
[
'openssl-bin'
],
'req'
,
'-nodes'
,
'-new'
,
'-x509'
,
'-batch'
,
'-key'
,
'%s'
%
key_file
,
'-set_serial'
,
'%s'
%
serial
,
'-days'
,
'3650'
,
'-out'
,
'%s'
%
cert_file
]
subprocess
.
check_call
(
key_command
)
subprocess
.
check_call
(
cert_command
)
def
generateSlaveTokenList
(
self
,
slave_instance_list
,
token_file
):
to_remove_dict
=
{}
to_add_dict
=
{}
token_dict
=
self
.
loadJsonFile
(
token_file
)
reference_list
=
[
slave_instance
.
get
(
'slave_reference'
)
for
slave_instance
in
slave_instance_list
]
for
reference
in
reference_list
:
if
not
reference
in
token_dict
:
# we generate new token
number
=
reference
.
split
(
'-'
)[
1
]
new_token
=
number
+
''
.
join
(
random
.
sample
(
string
.
ascii_lowercase
,
15
))
token_dict
[
reference
]
=
new_token
to_add_dict
[
reference
]
=
new_token
for
reference
in
token_dict
.
keys
():
if
not
reference
in
reference_list
:
# This slave instance is destroyed ?
to_remove_dict
[
reference
]
=
token_dict
.
pop
(
reference
)
return
token_dict
,
to_add_dict
,
to_remove_dict
def
loadJsonFile
(
self
,
path
):
if
os
.
path
.
exists
(
path
):
with
open
(
path
,
'r'
)
as
f
:
content
=
f
.
read
()
return
json
.
loads
(
content
)
else
:
return
{}
def
writeFile
(
self
,
path
,
data
):
with
open
(
path
,
'w'
)
as
f
:
f
.
write
(
data
)
return
path
def
readFile
(
self
,
path
):
if
os
.
path
.
exists
(
path
):
with
open
(
path
,
'r'
)
as
f
:
content
=
f
.
read
()
return
content
return
''
def
install
(
self
):
path_list
=
[]
token_save_path
=
os
.
path
.
join
(
self
.
options
[
'conf-dir'
],
'token.json'
)
token_list_path
=
self
.
options
[
'token-dir'
]
self
.
generateCertificate
()
wrapper
=
self
.
createWrapper
(
name
=
self
.
options
[
'wrapper'
],
command
=
self
.
options
[
'command'
],
parameters
=
[
'@%s'
%
self
.
options
[
'config-file'
]])
path_list
.
append
(
wrapper
)
slave_list
=
json
.
loads
(
self
.
options
[
'slave-instance-list'
])
registry_url
=
'http://%s:%s/'
%
(
self
.
options
[
'ipv4'
],
self
.
options
[
'port'
])
token_dict
,
add_token_dict
,
rm_token_dict
=
self
.
generateSlaveTokenList
(
slave_list
,
token_save_path
)
# write request add token
for
reference
in
add_token_dict
:
path
=
os
.
path
.
join
(
token_list_path
,
'%s.add'
%
reference
)
if
not
os
.
path
.
exists
(
path
):
self
.
createFile
(
path
,
add_token_dict
[
reference
])
# write request remove token
for
reference
in
rm_token_dict
:
path
=
os
.
path
.
join
(
token_list_path
,
'%s.remove'
%
reference
)
if
not
os
.
path
.
exists
(
path
):
self
.
createFile
(
path
,
rm_token_dict
[
reference
])
# remove request add file if exists
add_path
=
os
.
path
.
join
(
token_list_path
,
'%s.add'
%
reference
)
if
os
.
path
.
exists
(
add_path
):
os
.
unlink
(
add_path
)
self
.
createFile
(
token_save_path
,
json
.
dumps
(
token_dict
))
service_dict
=
dict
(
token_base_path
=
token_list_path
,
token_json
=
token_save_path
,
db
=
self
.
options
[
'db-path'
],
partition_id
=
self
.
computer_partition_id
,
computer_id
=
self
.
computer_id
,
registry_url
=
registry_url
)
service_dict
[
'server_url'
]
=
self
.
server_url
service_dict
[
'cert_file'
]
=
self
.
cert_file
service_dict
[
'key_file'
]
=
self
.
key_file
request_add
=
self
.
createPythonScript
(
self
.
options
[
'manager-wrapper'
].
strip
(),
'%s.re6stnet.manage'
%
__name__
,
service_dict
)
path_list
.
append
(
request_add
)
request_drop
=
self
.
createPythonScript
(
self
.
options
[
'drop-service-wrapper'
].
strip
(),
'%s.re6stnet.requestRemoveToken'
%
__name__
,
service_dict
)
path_list
.
append
(
request_drop
)
request_check
=
self
.
createPythonScript
(
self
.
options
[
'check-service-wrapper'
].
strip
(),
'%s.re6stnet.checkService'
%
__name__
,
service_dict
)
path_list
.
append
(
request_check
)
# Send connection parameters of slave instances
if
token_dict
:
self
.
slap
.
initializeConnection
(
self
.
server_url
,
self
.
key_file
,
self
.
cert_file
)
computer_partition
=
self
.
slap
.
registerComputerPartition
(
self
.
computer_id
,
self
.
computer_partition_id
)
for
slave_reference
,
token
in
token_dict
.
iteritems
():
try
:
status_file
=
os
.
path
.
join
(
token_list_path
,
'%s.status'
%
slave_reference
)
status
=
self
.
readFile
(
status_file
)
or
'New token requested'
msg
=
status
if
status
==
'TOKEN_ADDED'
:
msg
=
'Token is ready for use'
elif
status
==
'TOKEN_USED'
:
msg
=
'Token not available, it has been used to generate re6stnet certificate.'
computer_partition
.
setConnectionDict
(
{
'token'
:
token
,
'1_info'
:
msg
},
slave_reference
)
except
:
self
.
logger
.
fatal
(
"Error while sending slave %s informations: %s"
,
slave_reference
,
traceback
.
format_exc
())
return
path_list
slapos/recipe/re6stnet/re6stnet.py
0 → 100644
View file @
bc357712
# -*- coding: utf-8 -*-
import
logging
import
json
import
os
import
time
import
sqlite3
import
slapos
from
re6st
import
registry
log
=
logging
.
getLogger
(
'SLAPOS-RE6STNET'
)
logging
.
basicConfig
(
level
=
logging
.
DEBUG
)
def
loadJsonFile
(
path
):
if
os
.
path
.
exists
(
path
):
with
open
(
path
,
'r'
)
as
f
:
content
=
f
.
read
()
return
json
.
loads
(
content
)
else
:
return
{}
def
writeFile
(
path
,
data
):
with
open
(
path
,
'w'
)
as
f
:
f
.
write
(
data
)
def
readFile
(
path
):
if
os
.
path
.
exists
(
path
):
with
open
(
path
,
'r'
)
as
f
:
content
=
f
.
read
()
return
content
return
''
def
getDb
(
db_path
):
db
=
sqlite3
.
connect
(
db_path
,
isolation_level
=
None
,
check_same_thread
=
False
)
db
.
text_factory
=
str
return
db
.
cursor
()
def
bang
(
args
):
computer_guid
=
args
[
'computer_id'
]
partition_id
=
args
[
'partition_id'
]
slap
=
slapos
.
slap
.
slap
()
# Redeploy instance to update published information
slap
.
initializeConnection
(
args
[
'server_url'
],
args
[
'key_file'
],
args
[
'cert_file'
])
partition
=
slap
.
registerComputerPartition
(
computer_guid
=
computer_guid
,
partition_id
=
partition_id
)
partition
.
bang
(
message
=
'Published parameters changed!'
)
log
.
info
(
"Bang with message 'parameters changed'..."
)
def
requestAddToken
(
args
,
can_bang
=
True
):
time
.
sleep
(
3
)
registry_url
=
args
[
'registry_url'
]
base_token_path
=
args
[
'token_base_path'
]
path_list
=
[
x
for
x
in
os
.
listdir
(
base_token_path
)
if
x
.
endswith
(
'.add'
)]
if
not
path_list
:
log
.
info
(
"No new token to add. Exiting..."
)
return
client
=
registry
.
RegistryClient
(
registry_url
)
call_bang
=
False
for
reference_key
in
path_list
:
request_file
=
os
.
path
.
join
(
base_token_path
,
reference_key
)
token
=
readFile
(
request_file
)
if
token
:
reference
=
reference_key
.
split
(
'.'
)[
0
]
email
=
'%s@slapos'
%
reference
.
lower
()
try
:
result
=
client
.
requestAddToken
(
token
,
email
)
except
Exception
,
e
:
log
.
debug
(
'Request add token fail for %s...
\
n
%s'
%
(
request_file
,
str
(
e
)))
continue
if
result
and
result
==
token
:
# update information
log
.
info
(
"New token added for slave instance %s. Updating file status..."
%
reference
)
writeFile
(
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
reference
),
'TOKEN_ADDED'
)
os
.
unlink
(
request_file
)
call_bang
=
True
else
:
log
.
debug
(
'Bad token. Request add token fail for %s...'
%
request_file
)
if
can_bang
and
call_bang
:
bang
(
args
)
def
requestRemoveToken
(
args
):
base_token_path
=
args
[
'token_base_path'
]
path_list
=
[
x
for
x
in
os
.
listdir
(
base_token_path
)
if
x
.
endswith
(
'.remove'
)]
if
not
path_list
:
log
.
info
(
"No token to delete. Exiting..."
)
return
client
=
registry
.
RegistryClient
(
args
[
'registry_url'
])
for
reference_key
in
path_list
:
request_file
=
os
.
path
.
join
(
base_token_path
,
reference_key
)
token
=
readFile
(
request_file
)
if
token
:
reference
=
reference_key
.
split
(
'.'
)[
0
]
try
:
result
=
client
.
requestDeleteToken
(
token
)
except
Exception
,
e
:
log
.
debug
(
'Request delete token fail for %s...
\
n
%s'
%
(
request_file
,
str
(
e
)))
continue
if
result
==
'True'
:
# update information
log
.
info
(
"Token deleted for slave instance %s. Clean up file status..."
%
reference
)
os
.
unlink
(
request_file
)
status_file
=
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
reference
)
if
os
.
path
.
exists
(
status_file
):
os
.
unlink
(
status_file
)
else
:
log
.
debug
(
'Request delete token fail for %s...'
%
request_file
)
else
:
log
.
debug
(
'Bad token. Request add token fail for %s...'
%
request_file
)
def
checkService
(
args
,
can_bang
=
True
):
base_token_path
=
args
[
'token_base_path'
]
token_dict
=
loadJsonFile
(
args
[
'token_json'
])
if
not
token_dict
:
return
db
=
getDb
(
args
[
'db'
])
call_bang
=
False
computer_guid
=
args
[
'computer_id'
]
partition_id
=
args
[
'partition_id'
]
slap
=
slapos
.
slap
.
slap
()
# Check token status
for
slave_reference
,
token
in
token_dict
.
iteritems
():
status_file
=
os
.
path
.
join
(
base_token_path
,
'%s.status'
%
slave_reference
)
if
not
os
.
path
.
exists
(
status_file
):
# This token is not added yet!
continue
msg
=
readFile
(
status_file
)
if
msg
==
'TOKEN_USED'
:
continue
# Check if token is not in the database
status
=
False
try
:
token_found
,
=
db
.
execute
(
"SELECT token FROM token WHERE token = ?"
,
(
token
,)).
next
()
if
token_found
==
token
:
status
=
True
except
StopIteration
:
pass
if
not
status
:
# Token is used to register client
call_bang
=
True
try
:
time
.
sleep
(
1
)
writeFile
(
status_file
,
'TOKEN_USED'
)
log
.
info
(
"Token status of %s updated to 'used'."
%
slave_reference
)
except
IOError
,
e
:
# XXX- this file should always exists
log
.
debug
(
'Error when writing in file %s. Clould not update status of %s...'
%
(
status_file
,
slave_reference
))
if
call_bang
and
can_bang
:
bang
(
args
)
def
manage
(
args
):
# Request Add new tokens
requestAddToken
(
args
)
# Request delete removed token
requestRemoveToken
(
args
)
# check status of all token
checkService
(
args
)
slapos/test/recipe/test_re6stnet.py
0 → 100644
View file @
bc357712
import
os
,
time
import
shutil
import
sys
import
tempfile
import
unittest
from
slapos.slap.slap
import
NotFoundError
from
slapos.recipe
import
re6stnet
class
Re6stnetTest
(
unittest
.
TestCase
):
def
setUp
(
self
):
self
.
ssl_dir
=
tempfile
.
mkdtemp
()
self
.
conf_dir
=
tempfile
.
mkdtemp
()
self
.
base_dir
=
tempfile
.
mkdtemp
()
self
.
token_dir
=
tempfile
.
mkdtemp
()
self
.
dir_list
=
[
self
.
ssl_dir
,
self
.
conf_dir
,
self
.
base_dir
,
self
.
token_dir
]
config_file
=
os
.
path
.
join
(
self
.
base_dir
,
'config'
)
with
open
(
config_file
,
'w'
)
as
f
:
f
.
write
(
'port 9201'
)
self
.
options
=
options
=
{
'openssl-bin'
:
'openssl'
,
'key-file'
:
os
.
path
.
join
(
self
.
ssl_dir
,
'cert.key'
),
'cert-file'
:
os
.
path
.
join
(
self
.
ssl_dir
,
'cert.crt'
),
'key-size'
:
'2048'
,
'conf-dir'
:
self
.
conf_dir
,
'token-dir'
:
self
.
token_dir
,
'wrapper'
:
os
.
path
.
join
(
self
.
base_dir
,
'wrapper'
),
'config-file'
:
config_file
,
'ipv4'
:
'127.0.0.1'
,
'port'
:
'9201'
,
'db-path'
:
'/path/to/db'
,
'command'
:
'/path/to/command'
,
'manager-wrapper'
:
os
.
path
.
join
(
self
.
base_dir
,
'manager_wrapper'
),
'drop-service-wrapper'
:
os
.
path
.
join
(
self
.
base_dir
,
'drop_wrapper'
),
'check-service-wrapper'
:
os
.
path
.
join
(
self
.
base_dir
,
'check_wrapper'
),
'slave-instance-list'
:
'{}'
}
def
tearDown
(
self
):
for
path
in
self
.
dir_list
:
if
os
.
path
.
exists
(
path
):
shutil
.
rmtree
(
path
)
def
new_recipe
(
self
):
buildout
=
{
'buildout'
:
{
'bin-directory'
:
''
,
'find-links'
:
''
,
'allow-hosts'
:
''
,
'develop-eggs-directory'
:
''
,
'eggs-directory'
:
''
,
'python'
:
'testpython'
,
},
'testpython'
:
{
'executable'
:
sys
.
executable
,
},
'slap-connection'
:
{
'computer-id'
:
''
,
'partition-id'
:
''
,
'server-url'
:
''
,
'software-release-url'
:
''
,
}
}
options
=
self
.
options
return
re6stnet
.
Recipe
(
buildout
=
buildout
,
name
=
're6stnet'
,
options
=
options
)
def
test_generateCertificates
(
self
):
self
.
options
[
'ipv6-prefix'
]
=
'2001:db8:24::/48'
self
.
options
[
'key-size'
]
=
'2048'
recipe
=
self
.
new_recipe
()
recipe
.
generateCertificate
()
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'key-file'
]))
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'cert-file'
]))
last_time
=
time
.
ctime
(
os
.
stat
(
self
.
options
[
'key-file'
])[
7
])
recipe
.
generateCertificate
()
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'key-file'
]))
this_time
=
time
.
ctime
(
os
.
stat
(
self
.
options
[
'key-file'
])[
7
])
self
.
assertEqual
(
last_time
,
this_time
)
def
test_generateCertificates_other_ipv6
(
self
):
self
.
options
[
'ipv6-prefix'
]
=
'be28:db8:fe6a:d85:4fe:54a:ae:aea/64'
recipe
=
self
.
new_recipe
()
recipe
.
generateCertificate
()
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'key-file'
]))
self
.
assertTrue
(
os
.
path
.
exists
(
self
.
options
[
'cert-file'
]))
def
test_install
(
self
):
recipe
=
self
.
new_recipe
()
recipe
.
options
.
update
({
'ipv6-prefix'
:
'2001:db8:24::/48'
,
'slave-instance-list'
:
'''[
{"slave_reference":"SOFTINST-58770"},
{"slave_reference":"SOFTINST-58778"}
]
'''
})
try
:
recipe
.
install
()
except
NotFoundError
:
# Recipe will raise not found error when trying to publish slave informations
pass
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
ssl_dir
),
[
'cert.key'
,
'cert.crt'
])
token_file
=
os
.
path
.
join
(
self
.
options
[
'conf-dir'
],
'token.json'
)
self
.
assertTrue
(
os
.
path
.
exists
(
token_file
))
# token file must contain 2 elements
token_content
=
recipe
.
readFile
(
token_file
)
self
.
assertIn
(
'SOFTINST-58770'
,
token_content
)
self
.
assertIn
(
'SOFTINST-58778'
,
token_content
)
token_dict
=
recipe
.
loadJsonFile
(
token_file
)
self
.
assertEqual
(
len
(
token_dict
),
2
)
self
.
assertTrue
(
token_dict
.
has_key
(
'SOFTINST-58770'
))
self
.
assertTrue
(
token_dict
.
has_key
(
'SOFTINST-58778'
))
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
token_dir
),
[
'SOFTINST-58770.add'
,
'SOFTINST-58778.add'
])
first_add
=
recipe
.
readFile
(
os
.
path
.
join
(
self
.
token_dir
,
'SOFTINST-58770.add'
))
self
.
assertEqual
(
token_dict
[
'SOFTINST-58770'
],
first_add
)
second_add
=
recipe
.
readFile
(
os
.
path
.
join
(
self
.
token_dir
,
'SOFTINST-58778.add'
))
self
.
assertEqual
(
token_dict
[
'SOFTINST-58778'
],
second_add
)
# Remove one element
recipe
.
options
.
update
({
"slave-instance-list"
:
"""[{"slave_reference":"SOFTINST-58770"}]"""
})
try
:
recipe
.
install
()
except
NotFoundError
:
# Recipe will raise not found error when trying to publish slave informations
pass
token_dict
=
recipe
.
loadJsonFile
(
token_file
)
self
.
assertEqual
(
len
(
token_dict
),
1
)
self
.
assertEqual
(
token_dict
[
'SOFTINST-58770'
],
first_add
)
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
token_dir
),
[
'SOFTINST-58770.add'
,
'SOFTINST-58778.remove'
])
second_remove
=
recipe
.
readFile
(
os
.
path
.
join
(
self
.
token_dir
,
'SOFTINST-58778.remove'
))
self
.
assertEqual
(
second_add
,
second_remove
)
def
test_install_empty_slave
(
self
):
recipe
=
self
.
new_recipe
()
recipe
.
options
.
update
({
'ipv6-prefix'
:
'2001:db8:24::/48'
})
recipe
.
install
()
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
ssl_dir
),
[
'cert.key'
,
'cert.crt'
])
token_file
=
os
.
path
.
join
(
self
.
options
[
'conf-dir'
],
'token.json'
)
self
.
assertTrue
(
os
.
path
.
exists
(
token_file
))
token_content
=
recipe
.
readFile
(
token_file
)
self
.
assertEqual
(
token_content
,
'{}'
)
self
.
assertItemsEqual
(
os
.
listdir
(
self
.
options
[
'token-dir'
]),
[])
software/re6stnet/apache.conf.in
0 → 100644
View file @
bc357712
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule mime_module modules/mod_mime.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule headers_module modules/mod_headers.so
PidFile "{{ pid_file }}"
ServerAdmin admin@
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
ServerTokens Prod
ServerSignature Off
TraceEnable Off
ErrorLog "{{ error_log }}"
# Default apache log format with request time in microsecond at the end
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %D" combined
CustomLog "{{ access_log }}" combined
{% if uri_scheme == 'https' -%}
# SSL Configuration
SSLCertificateFile {{ certificate }}
SSLCertificateKeyFile {{ key }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLProtocol ALL -SSLv2
{% endif -%}
<Directory />
Options FollowSymLinks
AllowOverride None
Allow from all
</Directory>
Listen {{ ipv6 }}:{{ apache_port }}
<VirtualHost *:{{ apache_port }}>
{% if uri_scheme == 'https' -%}
SSLEngine On
SSLProxyEngine On
{% endif -%}
ProxyPass / {{ uri_scheme }}://{{ re6st_ipv4 }}:{{ re6st_port }}/
</VirtualHost>
\ No newline at end of file
software/re6stnet/instance-logrotate-base.cfg.in
0 → 100644
View file @
bc357712
[buildout]
parts =
cron-entry-logrotate
[cron]
recipe = slapos.cookbook:cron
cron-entries = ${logrotate-directory:cron-entries}
dcrond-binary = {{ dcron_location }}/sbin/crond
crontabs = ${logrotate-directory:crontabs}
cronstamps = ${logrotate-directory:cronstamps}
catcher = ${cron-simplelogger:wrapper}
binary = ${logrotate-directory:services}/crond
[cron-simplelogger]
recipe = slapos.cookbook:simplelogger
wrapper = ${logrotate-directory:bin}/cron_simplelogger
log = ${logrotate-directory:log}/cron.log
[logrotate]
recipe = slapos.cookbook:logrotate
logrotate-entries = ${logrotate-directory:logrotate-entries}
backup = ${logrotate-directory:logrotate-backup}
logrotate-binary = {{ logrotate_location }}/usr/sbin/logrotate
gzip-binary = {{ gzip_location }}/bin/gzip
gunzip-binary = {{ gzip_location }}/bin/gunzip
wrapper = ${logrotate-directory:bin}/logrotate
conf = ${logrotate-directory:etc}/logrotate.conf
state-file = ${logrotate-directory:srv}/logrotate.status
[cron-entry-logrotate]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = logrotate
frequency = 0 0 * * *
command = ${logrotate:wrapper}
[logrotate-directory]
recipe = slapos.cookbook:mkdirectory
cron-entries = ${:etc}/cron.d
cronstamps = ${:etc}/cronstamps
crontabs = ${:etc}/crontabs
logrotate-backup = ${:backup}/logrotate
logrotate-entries = ${:etc}/logrotate.d
bin = ${buildout:directory}/bin
srv = ${buildout:directory}/srv
backup = ${:srv}/backup
etc = ${buildout:directory}/etc
services = ${:etc}/service
log = ${buildout:directory}/var/log
software/re6stnet/instance-re6stnet-input-schema.json
0 → 100644
View file @
bc357712
{
"$schema"
:
"http://json-schema.org/draft-04/schema#"
,
"properties"
:
{
"ipv6-prefix"
:
{
"title"
:
"Ipv6 prefix to use to setup the new re6st network"
,
"description"
:
"Prefix ipv6 used by re6st to setup network. It is something like 2001:db8:42::/48"
,
"type"
:
"string"
},
"key-size"
:
{
"title"
:
"Number of bit to use for certificate generation"
,
"description"
:
"Specify the size of certificate generated by re6st. by default, generate 2048-bit key length"
,
"type"
:
"integer"
,
"minimum"
:
1024
,
"default"
:
2048
}
}
}
\ No newline at end of file
software/re6stnet/instance-re6stnet-output-schema.json
0 → 100644
View file @
bc357712
{
"$schema"
:
"http://json-schema.org/draft-04/schema#"
,
"description"
:
"Values returned by Re6st Master instanciation"
,
"properties"
:
{
"re6stry-url"
:
{
"description"
:
"ipv6 url to access your re6st registry service"
,
"type"
:
"string"
}
},
"type"
:
"object"
}
\ No newline at end of file
software/re6stnet/instance-re6stnet.cfg.in
0 → 100644
View file @
bc357712
{% set python_bin = parameter_dict['python-executable'] -%}
{% set re6st_registry = parameter_dict['re6st-registry'] -%}
{% set publish_dict = {} -%}
{% set part_list = [] -%}
{% set ipv6 = (ipv6_set | list)[0] -%}
{% set ipv4 = (ipv4_set | list)[0] -%}
{% set uri_scheme = slapparameter_dict.get('uri-scheme', 'http') -%}
{% macro section(name) %}{% do part_list.append(name) %}{{ name }}{% endmacro -%}
[directory]
recipe = slapos.cookbook:mkdirectory
bin = ${buildout:directory}/bin
etc = ${buildout:directory}/etc
srv = ${buildout:directory}/srv
var = ${buildout:directory}/var
log = ${:var}/log
services = ${:etc}/service
script = ${:etc}/run
promises = ${:etc}/promise
run = ${:var}/run
ca-dir = ${:etc}/ssl
requests = ${:ca-dir}/requests
private = ${:ca-dir}/private
certs = ${:ca-dir}/certs
newcerts = ${:ca-dir}/newcerts
crl = ${:ca-dir}/crl
re6st = ${:srv}/res6stnet
[re6stnet-dirs]
recipe = slapos.cookbook:mkdirectory
registry = ${directory:re6st}/registry
log = ${directory:log}/re6stnet
conf = ${directory:etc}/re6stnet
ssl = ${:conf}/ssl
token = ${:conf}/token
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = {{ openssl_bin }}/openssl
ca-dir = ${directory:ca-dir}
requests-directory = ${directory:requests}
wrapper = ${directory:services}/certificate_authority
ca-private = ${directory:private}
ca-certs = ${directory:certs}
ca-newcerts = ${directory:newcerts}
ca-crl = ${directory:crl}
[apache-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-apache-conf'] }}
rendered = ${directory:etc}/apache.conf
ipv6 = {{ ipv6 }}
port = 9026
error-log = ${directory:log}/apache-error.log
access-log = ${directory:log}/apache-access.log
pid-file = ${directory:run}/apache.pid
context =
key apache_port :port
key re6st_ipv4 re6st-registry:ipv4
key re6st_port re6st-registry:port
key access_log :access-log
key error_log :error-log
key pid_file :pid-file
raw certificate ${directory:certs}/apache.crt
raw key ${directory:private}/apache.key
raw ipv6 {{ ipv6 }}
raw uri_scheme {{ uri_scheme }}
{% set apache_wrapper = '${directory:services}/httpd' -%}
{% if uri_scheme == 'https' -%}
{% set apache_wrapper = '${directory:bin}/httpd_raw' -%}
{% endif -%}
[apache-httpd]
recipe = slapos.cookbook:wrapper
wrapper-path = {{ apache_wrapper }}
command-line = "{{ parameter_dict['apache-location'] }}/bin/httpd" -f "${apache-conf:rendered}" -DFOREGROUND
{% if uri_scheme == 'https' %}
[{{ section('apache-ca') }}]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = ${apache-httpd:wrapper-path}
wrapper = ${directory:services}/httpd
key-file = ${certificate-authority:ca-private}/apache.key
cert-file = ${certificate-authority:ca-certs}/apache.crt
{% endif %}
[logrotate-apache]
< = logrotate-entry-base
name = apache
log = ${apache-conf:error-log} ${apache-conf:access-log}
post = {{ parameter_dict['bin-directory'] }}/slapos-kill --pidfile ${apache-conf:pid-file} -s USR1
[logrotate-entry-base]
recipe = slapos.cookbook:logrotate.d
logrotate-entries = ${logrotate:logrotate-entries}
backup = ${logrotate:backup}
[re6st-registry-conf-dict]
port = 9201
ipv4 = {{ ipv4 }}
ipv6 = {{ ipv6 }}
db = ${re6stnet-dirs:registry}/registry.db
ca = ${re6stnet-dirs:ssl}/re6stnet.crt
key = ${re6stnet-dirs:ssl}/re6stnet.key
mailhost = 127.0.0.1
prefix-length = 16
anonymous-prefix-length = 32
logfile = ${re6stnet-dirs:log}/registry.log
verbose = 2
[re6st-registry-conf]
recipe = slapos.recipe.template:jinja2
template = {{ parameter_dict['template-re6st-registry-conf'] }}
rendered = ${directory:etc}/re6st-registry.conf
context = section parameter_dict re6st-registry-conf-dict
[re6st-registry]
recipe = slapos.cookbook:re6stnet.registry
port = ${re6st-registry-conf-dict:port}
ipv4 = ${re6st-registry-conf-dict:ipv4}
command = {{ re6st_registry }}
config-file = ${re6st-registry-conf:rendered}
db-path = ${re6st-registry-conf-dict:db}
wrapper = ${directory:services}/re6st-registry
manager-wrapper = ${directory:bin}/re6stManageToken
check-service-wrapper = ${directory:bin}/re6stCheckService
drop-service-wrapper = ${directory:bin}/re6stManageDeleteToken
key-file = ${re6st-registry-conf-dict:key}
cert-file = ${re6st-registry-conf-dict:ca}
openssl-bin = {{ openssl_bin }}/openssl
python-bin = {{ python_bin }}
ipv6-prefix = {{ slapparameter_dict.get('ipv6-prefix', '2001:db8:24::/48') }}
key-size = {{ slapparameter_dict.get('key-size', 2048) }}
conf-dir = ${re6stnet-dirs:conf}
token-dir = ${re6stnet-dirs:token}
slave-instance-list = ${slap-parameter:slave_instance_list}
environment =
PATH={{ openssl_bin }}
[re6stnet-manage]
recipe = slapos.cookbook:wrapper
wrapper-path = ${directory:script}/re6st-token-manager
command-line = "{{ python_bin }}" ${re6st-registry:manager-wrapper}
[cron-entry-re6st-check]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = re6stnet-check-token
frequency = 0 */1 * * *
command = {{ python_bin }} ${re6st-registry:check-service-wrapper}
[cron-entry-re6st-drop]
recipe = slapos.cookbook:cron.d
cron-entries = ${cron:cron-entries}
name = re6stnet-drop-token
frequency = */30 * * * *
command = {{ python_bin }} ${re6st-registry:drop-service-wrapper}
[logrotate-entry-re6stnet]
< = logrotate-entry-base
name = re6stnet
log = ${re6st-registry-conf-dict:logfile}
[re6st-registry-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/re6st-registry
hostname = ${re6st-registry:ipv4}
port = ${re6st-registry:port}
[apache-registry-promise]
recipe = slapos.cookbook:check_port_listening
path = ${directory:promises}/apache-re6st-registry
hostname = ${apache-conf:ipv6}
port = ${apache-conf:port}
{% do publish_dict.__setitem__('re6stry-url', uri_scheme ~ '://[${apache-conf:ipv6}]:${apache-conf:port}') -%}
[publish]
recipe = slapos.cookbook:publish
{% for name, value in publish_dict.items() -%}
{{ name }} = {{ value }}
{% endfor -%}
[buildout]
extends =
{{ logrotate_cfg }}
parts =
certificate-authority
logrotate-apache
logrotate-entry-re6stnet
re6stnet-manage
cron-entry-logrotate
cron-entry-re6st-check
cron-entry-re6st-drop
apache-httpd
publish
re6st-registry-promise
apache-registry-promise
# Complete parts with sections
{{ part_list | join('\n ') }}
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
[slap-parameter]
slave_instance_list = {}
software/re6stnet/instance.cfg.in
0 → 100644
View file @
bc357712
[buildout]
parts = switch-softwaretype
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = ${slap-connection:computer-id}
partition = ${slap-connection:partition-id}
url = ${slap-connection:server-url}
key = ${slap-connection:key-file}
cert = ${slap-connection:cert-file}
[jinja2-template-base]
recipe = slapos.recipe.template:jinja2
rendered = ${buildout:parts-directory}/${:_buildout_section_name_}/${:filename}
extra-context =
context =
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key ipv6_set slap-configuration:ipv6
key ipv4_set slap-configuration:ipv4
key slapparameter_dict slap-configuration:configuration
key computer_id slap-configuration:computer
raw logrotate_cfg {{ template_logrotate_base }}
raw dash_binary {{ dash_location }}/bin/dash
raw openssl_bin {{ openssl_location}}/bin
${:extra-context}
[dynamic-template-re6stnet-parameters]
bin-directory = {{ bin_directory }}
python-executable = {{ python_with_eggs }}
re6st-registry = {{ re6stnet_registry }}
template-apache-conf = {{ template_apache_conf }}
apache-location = {{ apache_location }}
template-re6st-registry-conf = {{ template_re6st_registry_conf }}
[dynamic-template-re6stnet]
< = jinja2-template-base
template = {{ template_re6stnet }}
filename = instance-re6stnet.cfg
extensions = jinja2.ext.do
extra-context =
section parameter_dict dynamic-template-re6stnet-parameters
[switch-softwaretype]
recipe = slapos.cookbook:softwaretype
default = ${dynamic-template-re6stnet:rendered}
registry = ${:default}
software/re6stnet/re6st-registry.conf.in
0 → 100644
View file @
bc357712
port {{ parameter_dict['port'] }}
4 {{ parameter_dict['ipv4'] }}
6 {{ parameter_dict['ipv6'] }}
db {{ parameter_dict['db'] }}
ca {{ parameter_dict['ca'] }}
key {{ parameter_dict['key'] }}
mailhost {{ parameter_dict['mailhost'] }}
prefix-length {{ parameter_dict['prefix-length'] }}
anonymous-prefix-length {{ parameter_dict['anonymous-prefix-length'] }}
logfile {{ parameter_dict['logfile'] }}
verbose {{ parameter_dict['verbose'] }}
\ No newline at end of file
software/re6stnet/software.cfg
0 → 100644
View file @
bc357712
[buildout]
extends =
../../component/re6stnet/buildout.cfg
../../component/dash/buildout.cfg
../../component/git/buildout.cfg
../../component/dcron/buildout.cfg
../../component/gzip/buildout.cfg
../../component/openssl/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/apache/buildout.cfg
../../stack/slapos.cfg
develop =
${:parts-directory}/re6stnet-repository
${:parts-directory}/slapos.cookbook-repository
parts =
slapos-cookbook
eggs
dash
babeld
re6stnet-develop
re6stnet
template
slapos.cookbook-repository
check-recipe
[eggs]
recipe = zc.recipe.egg
eggs =
${lxml-python:egg}
slapos.toolbox
scripts =
slapos-kill
[extra-eggs]
recipe = zc.recipe.egg
interpreter = pythonwitheggs
eggs =
${lxml-python:egg}
${python-cffi:egg}
${python-cryptography:egg}
pyOpenSSL
miniupnpc
re6stnet
[re6stnet-repository]
repository = http://git.erp5.org/repos/re6stnet.git
branch = re6st-slapos
[slapos.cookbook-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.git
branch = re6st-master
git-executable = ${git:location}/bin/git
[download-base]
recipe = slapos.recipe.build:download
url = ${:_profile_base_location_}/${:filename}
mode = 644
[template-jinja2-base]
recipe = slapos.recipe.template:jinja2
template = ${:_profile_base_location_}/${:filename}.in
rendered = ${buildout:directory}/${:filename}
# XXX: extra-context is needed because we cannot append to a key of an extended
# section.
extra-context =
context =
key bin_directory buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
${:extra-context}
[template]
< = template-jinja2-base
filename = template.cfg
template = ${:_profile_base_location_}/instance.cfg.in
md5sum = 0929cf851c4883bcb5c69fc2f918eaeb
extra-context =
key apache_location apache:location
key dash_location dash:location
key logrotate_location logrotate:location
key openssl_location openssl:location
key template_apache_conf template-apache-conf:target
key template_re6stnet template-re6stnet:target
key template_re6st_registry_conf template-re6st-registry-conf:target
key template_logrotate_base template-logrotate-base:rendered
raw python_with_eggs ${buildout:directory}/bin/${extra-eggs:interpreter}
raw re6stnet_registry ${buildout:directory}/bin/re6st-registry
[template-re6stnet]
< = download-base
filename = instance-re6stnet.cfg.in
md5sum = e088fb05ea6e1ceff8a5ac00fd28bd75
[template-logrotate-base]
< = template-jinja2-base
filename = instance-logrotate-base.cfg
md5sum = f28fbd310944f321ccb34b2a34c82005
extra-context =
key dcron_location dcron:location
key gzip_location gzip:location
key logrotate_location logrotate:location
[template-apache-conf]
< = download-base
filename = apache.conf.in
md5sum = c220229ee37866c8cc404d602edd389d
[template-re6st-registry-conf]
< = download-base
filename = re6st-registry.conf.in
md5sum = ae910e8e154be6575bb19f6eae686a87
[check-recipe]
recipe = plone.recipe.command
stop-on-error = true
update-command = ${:command}
command =
grep parts ${buildout:develop-eggs-directory}/re6stnet.egg-link
grep parts ${buildout:develop-eggs-directory}/slapos.cookbook.egg-link
[versions]
apache-libcloud = 0.17.0
ecdsa = 0.13
gitdb = 0.6.4
plone.recipe.command = 1.1
pycrypto = 2.6.1
slapos.recipe.template = 2.6
slapos.toolbox = 0.47.3
smmap = 0.9.0
# Required by:
# slapos.toolbox==0.47.3
GitPython = 0.3.6
# Required by:
# slapos.toolbox==0.47.3
atomize = 0.2.0
# Required by:
# apache-libcloud==0.17.0
backports.ssl-match-hostname = 3.4.0.2
# Required by:
# slapos.toolbox==0.47.3
feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.47.3
lockfile = 0.10.2
# Required by:
# re6stnet===0-413.gbec6b3c.dirty
miniupnpc = 1.9
# Required by:
# slapos.toolbox==0.47.3
paramiko = 1.15.2
# Required by:
# slapos.toolbox==0.47.3
rpdb = 0.1.5
software/re6stnet/software.cfg.json
0 → 100644
View file @
bc357712
{
"name"
:
"RE6STNET"
,
"description"
:
"Master instance of re6st (Resilient, Scalable, IPv6 Network application)"
,
"serialisation"
:
"xml"
,
"software-type"
:
{
"default"
:
{
"title"
:
"Default"
,
"description"
:
"Re6st registry"
,
"request"
:
"instance-re6stnet-input-schema.json"
,
"response"
:
"instance-re6stnet-output-schema.json"
,
"index"
:
0
},
"registry"
:
{
"title"
:
"registry"
,
"description"
:
"Re6st registry"
,
"request"
:
"instance-re6stnet-resilient-input-schema.json"
,
"response"
:
"instance-re6stnet-output-schema.json"
,
"index"
:
1
}
}
}
\ No newline at end of file
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment