Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
slapos
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Léo-Paul Géneau
slapos
Commits
45ad4867
Commit
45ad4867
authored
Oct 29, 2013
by
Kazuhiko Shiozaki
Browse files
Options
Browse Files
Download
Plain Diff
Merge remote-tracking branch 'origin/master' into erp5-component
parents
2a009e47
fe3d9c6b
Changes
16
Hide whitespace changes
Inline
Side-by-side
Showing
16 changed files
with
201 additions
and
46 deletions
+201
-46
component/qemu-kvm/buildout.cfg
component/qemu-kvm/buildout.cfg
+4
-4
software/kvm/common.cfg
software/kvm/common.cfg
+6
-6
software/kvm/instance-kvm-export.cfg.in
software/kvm/instance-kvm-export.cfg.in
+2
-1
software/kvm/instance-kvm-resilient-input-schema.json
software/kvm/instance-kvm-resilient-input-schema.json
+2
-2
software/kvm/instance-kvm-resilient-test.cfg.jinja2
software/kvm/instance-kvm-resilient-test.cfg.jinja2
+1
-1
software/kvm/instance-kvm-resilient.cfg.jinja2
software/kvm/instance-kvm-resilient.cfg.jinja2
+6
-1
software/kvm/instance-kvm.cfg.in
software/kvm/instance-kvm.cfg.in
+11
-2
software/kvm/instance.cfg.in
software/kvm/instance.cfg.in
+1
-1
software/kvm/software.cfg
software/kvm/software.cfg
+8
-8
software/kvm/template/kvm-export.sh.in
software/kvm/template/kvm-export.sh.in
+1
-11
stack/resilient/buildout.cfg
stack/resilient/buildout.cfg
+12
-4
stack/resilient/parameter-schema.json
stack/resilient/parameter-schema.json
+35
-0
stack/resilient/pbsready-import.cfg.in
stack/resilient/pbsready-import.cfg.in
+70
-0
stack/resilient/pbsready.cfg.in
stack/resilient/pbsready.cfg.in
+3
-2
stack/resilient/resilient-web-takeover-cgi-script.py.in
stack/resilient/resilient-web-takeover-cgi-script.py.in
+36
-0
stack/resilient/template-replicated.cfg.in
stack/resilient/template-replicated.cfg.in
+3
-3
No files found.
component/qemu-kvm/buildout.cfg
View file @
45ad4867
...
@@ -15,8 +15,8 @@ extends =
...
@@ -15,8 +15,8 @@ extends =
[kvm]
[kvm]
recipe = slapos.recipe.cmmi
recipe = slapos.recipe.cmmi
# qemu-kvm and qemu are now the same since 1.3.
# qemu-kvm and qemu are now the same since 1.3.
url = http://wiki.qemu-project.org/download/qemu-1.
5
.1.tar.bz2
url = http://wiki.qemu-project.org/download/qemu-1.
6
.1.tar.bz2
md5sum =
b56e73bdcfdb214d5c68e13111aca96f
md5sum =
3a897d722457c5a895cd6ac79a28fda0
depends =
depends =
${libpng:so_version}
${libpng:so_version}
configure-options =
configure-options =
...
@@ -57,9 +57,9 @@ configure-options =
...
@@ -57,9 +57,9 @@ configure-options =
[debian-amd64-netinst.iso]
[debian-amd64-netinst.iso]
# Download the installer of Debian 7 (Wheezy)
# Download the installer of Debian 7 (Wheezy)
recipe = hexagonit.recipe.download
recipe = hexagonit.recipe.download
url = http://cdimage.debian.org/debian-cd/7.
1.0/amd64/iso-cd/debian-7.1.0-amd64-netinst.iso
url = http://cdimage.debian.org/debian-cd/7.
2.0/amd64/iso-cd/debian-7.2.0-amd64-netinst.iso
filename = ${:_buildout_section_name_}
filename = ${:_buildout_section_name_}
md5sum =
80f498a1f9daa76bc911ae13692e4495
md5sum =
b86774fe4de88be6378ba3d71b8029bd
download-only = true
download-only = true
mode = 0644
mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
location = ${buildout:parts-directory}/${:_buildout_section_name_}
...
...
software/kvm/common.cfg
View file @
45ad4867
...
@@ -80,14 +80,14 @@ command =
...
@@ -80,14 +80,14 @@ command =
[template]
[template]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg.in
url = ${:_profile_base_location_}/instance.cfg.in
md5sum =
8617a8cc345a55688c5449528daef4d1
md5sum =
24090ade9336a12a8fd30c5225a16267
output = ${buildout:directory}/template.cfg
output = ${buildout:directory}/template.cfg
mode = 0644
mode = 0644
[template-kvm]
[template-kvm]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvm.cfg.in
url = ${:_profile_base_location_}/instance-kvm.cfg.in
#md5sum = c3c888c78bbff334135be9e8ad5885a9
md5sum = c06bb498593aabc9c76eb7dc892da15a
output = ${buildout:directory}/template-kvm.cfg
output = ${buildout:directory}/template-kvm.cfg
mode = 0644
mode = 0644
...
@@ -95,14 +95,14 @@ mode = 0644
...
@@ -95,14 +95,14 @@ mode = 0644
recipe = hexagonit.recipe.download
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-kvm-resilient.cfg.jinja2
url = ${:_profile_base_location_}/instance-kvm-resilient.cfg.jinja2
mode = 644
mode = 644
md5sum =
45a846378215eded6c001d0dd729a1ec
md5sum =
038c338e3ce545a73393ceee38a9ac7d
download-only = true
download-only = true
on-update = true
on-update = true
[template-kvm-resilient-test]
[template-kvm-resilient-test]
recipe = hexagonit.recipe.download
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-kvm-resilient-test.cfg.jinja2
url = ${:_profile_base_location_}/instance-kvm-resilient-test.cfg.jinja2
md5sum =
b58427f93d5fcca94bdc90661fe6080b
md5sum =
4057e7662ac36a4f591c17fc48e1603e
mode = 0644
mode = 0644
download-only = true
download-only = true
on-update = true
on-update = true
...
@@ -125,7 +125,7 @@ mode = 0755
...
@@ -125,7 +125,7 @@ mode = 0755
[template-kvm-export]
[template-kvm-export]
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-kvm-export.cfg.in
url = ${:_profile_base_location_}/instance-kvm-export.cfg.in
md5sum =
64a1a505aff9fde52afac46240811047
md5sum =
2f5fdf1e88e6e3454f877b80074bed05
output = ${buildout:directory}/template-kvm-export.cfg
output = ${buildout:directory}/template-kvm-export.cfg
mode = 0644
mode = 0644
...
@@ -133,7 +133,7 @@ mode = 0644
...
@@ -133,7 +133,7 @@ mode = 0644
recipe = hexagonit.recipe.download
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/kvm-export.sh.in
url = ${:_profile_base_location_}/template/kvm-export.sh.in
filename = kvm-export.sh.in
filename = kvm-export.sh.in
md5sum =
bf03a90f6960b37cba812ee936a13342
md5sum =
95fde96f35cbf90d677c44d18b60fafb
download-only = true
download-only = true
mode = 0755
mode = 0755
...
...
software/kvm/instance-kvm-export.cfg.in
View file @
45ad4867
...
@@ -7,7 +7,8 @@ parts +=
...
@@ -7,7 +7,8 @@ parts +=
certificate-authority
certificate-authority
publish-connection-information
publish-connection-information
kvm-promise
kvm-vnc-promise
kvm-disk-image-corruption-promise
websockify-sighandler
websockify-sighandler
novnc-promise
novnc-promise
cron
cron
...
...
software/kvm/instance-kvm-resilient-input-schema.json
View file @
45ad4867
...
@@ -28,10 +28,10 @@
...
@@ -28,10 +28,10 @@
"title"
:
"Periodicity of backup"
,
"title"
:
"Periodicity of backup"
,
"description"
:
"Periodicity of backup, in cron format."
,
"description"
:
"Periodicity of backup, in cron format."
,
"type"
:
"string"
"type"
:
"string"
}
}
,
"remove-backup-older-than"
:
{
"remove-backup-older-than"
:
{
"title"
:
"Remove backups older than..."
,
"title"
:
"Remove backups older than..."
,
"description"
:
"Remove all the backups in PBS that are older than specified value. It should be rdiff-backup-compatible."
"description"
:
"Remove all the backups in PBS that are older than specified value. It should be rdiff-backup-compatible."
,
"type"
:
"string"
,
"type"
:
"string"
,
"default"
:
"3B"
"default"
:
"3B"
}
}
...
...
software/kvm/instance-kvm-resilient-test.cfg.jinja2
View file @
45ad4867
...
@@ -55,5 +55,5 @@ sla = computer_guid
...
@@ -55,5 +55,5 @@ sla = computer_guid
sla-computer_guid = ${slap-connection:computer-id}
sla-computer_guid = ${slap-connection:computer-id}
[slap-parameter]
[slap-parameter]
virtual-hard-drive-url = https://softinst43236.host.vifib.net/data/public/
8e2138
.php?dl=true
virtual-hard-drive-url = https://softinst43236.host.vifib.net/data/public/
fbd4ad
.php?dl=true
virtual-hard-drive-md5sum = 465e1024447997e7b86ee2e5151e031b
virtual-hard-drive-md5sum = 465e1024447997e7b86ee2e5151e031b
software/kvm/instance-kvm-resilient.cfg.jinja2
View file @
45ad4867
...
@@ -17,6 +17,11 @@ parts +=
...
@@ -17,6 +17,11 @@ parts +=
{{ replicated.replicate("kvm", "3", "kvm-export", "kvm-import", slapparameter_dict=slapparameter_dict) }}
{{ replicated.replicate("kvm", "3", "kvm-export", "kvm-import", slapparameter_dict=slapparameter_dict) }}
[directory]
recipe = slapos.cookbook:mkdirectory
etc = ${buildout:directory}/etc
promises = ${:etc}/promise
# Bubble down the parameters of the requested instance to the user
# Bubble down the parameters of the requested instance to the user
[request-kvm]
[request-kvm]
# Note: += doesn't work.
# Note: += doesn't work.
...
@@ -47,6 +52,6 @@ mode = 700
...
@@ -47,6 +52,6 @@ mode = 700
# Check that backend url is reachable
# Check that backend url is reachable
recipe = slapos.cookbook:check_url_available
recipe = slapos.cookbook:check_url_available
path = ${directory:promises}/frontend_promise
path = ${directory:promises}/frontend_promise
url = ${publish-connection-information:url}
url = ${publish-connection-information
s
:url}
dash_path = /bin/sh
dash_path = /bin/sh
curl_path = {{ curl_executable_location }}
curl_path = {{ curl_executable_location }}
software/kvm/instance-kvm.cfg.in
View file @
45ad4867
...
@@ -7,7 +7,8 @@
...
@@ -7,7 +7,8 @@
parts =
parts =
certificate-authority
certificate-authority
publish-connection-information
publish-connection-information
kvm-promise
kvm-vnc-promise
kvm-disk-image-corruption-promise
websockify-sighandler
websockify-sighandler
novnc-promise
novnc-promise
# kvm-monitor
# kvm-monitor
...
@@ -96,12 +97,20 @@ qemu-img-path = ${kvm:location}/bin/qemu-img
...
@@ -96,12 +97,20 @@ qemu-img-path = ${kvm:location}/bin/qemu-img
6tunnel-path = ${6tunnel:location}/bin/6tunnel
6tunnel-path = ${6tunnel:location}/bin/6tunnel
[kvm-promise]
[kvm-
vnc-
promise]
recipe = slapos.cookbook:check_port_listening
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/vnc_promise
path = $${directory:promises}/vnc_promise
hostname = $${kvm-instance:vnc-ip}
hostname = $${kvm-instance:vnc-ip}
port = $${kvm-instance:vnc-port}
port = $${kvm-instance:vnc-port}
[kvm-disk-image-corruption-promise]
# Check that disk image is not corrupted
recipe = collective.recipe.template
input = inline:#!/bin/sh
$${kvm-instance:qemu-img-path} check $${kvm-instance:disk-path}
output = $${directory:promises}/kvm-disk-image-corruption
mode = 700
[novnc-instance]
[novnc-instance]
recipe = slapos.cookbook:novnc
recipe = slapos.cookbook:novnc
...
...
software/kvm/instance.cfg.in
View file @
45ad4867
...
@@ -39,6 +39,7 @@ context =
...
@@ -39,6 +39,7 @@ context =
key develop_eggs_directory buildout:develop-eggs-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
key slapparameter_dict slap-configuration:configuration
raw curl_executable_location ${curl:location}/bin/curl
template-parts-destination = ${template-parts:destination}
template-parts-destination = ${template-parts:destination}
template-replicated-destination = ${template-replicated:destination}
template-replicated-destination = ${template-replicated:destination}
import-list = file parts :template-parts-destination
import-list = file parts :template-parts-destination
...
@@ -54,5 +55,4 @@ context =
...
@@ -54,5 +55,4 @@ context =
key eggs_directory buildout:eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
key slapparameter_dict slap-configuration:configuration
raw bin_directory ${buildout:bin-directory}
raw bin_directory ${buildout:bin-directory}
raw curl-executable-location ${curl:location}/bin/curl
mode = 0644
mode = 0644
software/kvm/software.cfg
View file @
45ad4867
...
@@ -135,22 +135,22 @@ rdiff-backup = 1.0.5
...
@@ -135,22 +135,22 @@ rdiff-backup = 1.0.5
slapos.cookbook = 0.84.2
slapos.cookbook = 0.84.2
slapos.recipe.cmmi = 0.2
slapos.recipe.cmmi = 0.2
slapos.recipe.download = 1.0.dev-r4053
slapos.recipe.download = 1.0.dev-r4053
slapos.toolbox = 0.37.
2
slapos.toolbox = 0.37.
3
smmap = 0.8.2
smmap = 0.8.2
websockify = 0.5.1
websockify = 0.5.1
z3c.recipe.scripts = 1.0.1
z3c.recipe.scripts = 1.0.1
# Required by:
# Required by:
# slapos.core==0.35.1
# slapos.core==0.35.1
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
Flask = 0.10.1
Flask = 0.10.1
# Required by:
# Required by:
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
GitPython = 0.3.2.RC1
GitPython = 0.3.2.RC1
# Required by:
# Required by:
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
atomize = 0.1.1
atomize = 0.1.1
# Required by:
# Required by:
...
@@ -158,7 +158,7 @@ atomize = 0.1.1
...
@@ -158,7 +158,7 @@ atomize = 0.1.1
ecdsa = 0.9
ecdsa = 0.9
# Required by:
# Required by:
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
feedparser = 5.1.3
feedparser = 5.1.3
# Required by:
# Required by:
...
@@ -182,7 +182,7 @@ netifaces = 0.8-1
...
@@ -182,7 +182,7 @@ netifaces = 0.8-1
numpy = 1.7.1
numpy = 1.7.1
# Required by:
# Required by:
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
paramiko = 1.12.0
paramiko = 1.12.0
# Required by:
# Required by:
...
@@ -195,7 +195,7 @@ pytz = 2013.7
...
@@ -195,7 +195,7 @@ pytz = 2013.7
# Required by:
# Required by:
# slapos.cookbook==0.84.2
# slapos.cookbook==0.84.2
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
slapos.core = 0.35.1
slapos.core = 0.35.1
# Required by:
# Required by:
...
@@ -208,7 +208,7 @@ unittest2 = 0.5.1
...
@@ -208,7 +208,7 @@ unittest2 = 0.5.1
# Required by:
# Required by:
# slapos.cookbook==0.84.2
# slapos.cookbook==0.84.2
# slapos.toolbox==0.37.
2
# slapos.toolbox==0.37.
3
xml-marshaller = 0.9.7
xml-marshaller = 0.9.7
# Required by:
# Required by:
...
...
software/kvm/template/kvm-export.sh.in
View file @
45ad4867
#!/bin/bash
#!/bin/bash
# Create a backup of the disk image of the virtual machine
# Create a backup of the disk image of the virtual machine
QEMU_IMG
=
${
kvm
-instance
:qemu-img-path
}
SNAPSHOT_NAME
=
$(
date
+%s
)
DISK_PATH
=
${
kvm
-instance
:disk-path
}
BACKUP_PATH
=
${
:backup-disk-path
}
BACKUP_PATH
=
${
:backup-disk-path
}
QMP_CLIENT
=
${
buildout
:directory
}
/software_release/bin/qemu-qmp-client
QMP_CLIENT
=
${
buildout
:directory
}
/software_release/bin/qemu-qmp-client
...
@@ -11,12 +8,5 @@ if [ ! -f $DISK_PATH ]; then
...
@@ -11,12 +8,5 @@ if [ ! -f $DISK_PATH ]; then
exit
0
;
exit
0
;
fi
fi
$QMP_CLIENT
${
kvm
-instance
:socket-path
}
suspend
&&
\
$QMP_CLIENT
--socket
${
kvm
-instance
:socket-path
}
--drive-backup
$BACKUP_PATH
$QEMU_IMG
snapshot
-c
$SNAPSHOT_NAME
$DISK_PATH
$QMP_CLIENT
${
kvm
-instance
:socket-path
}
resume
if
[
-f
$BACKUP_PATH
]
;
then
rm
$BACKUP_PATH
fi
$QEMU_IMG
convert
-f
qcow2
-O
qcow2
-s
$SNAPSHOT_NAME
$DISK_PATH
$BACKUP_PATH
&&
\
$QEMU_IMG
snapshot
-d
$SNAPSHOT_NAME
$DISK_PATH
stack/resilient/buildout.cfg
View file @
45ad4867
[buildout]
[buildout]
extends =
extends =
../../component/dash/buildout.cfg
../../component/apache/buildout.cfg
../../component/bash/buildout.cfg
../../component/dropbear/buildout.cfg
../../component/dropbear/buildout.cfg
../../component/gzip/buildout.cfg
../../component/gzip/buildout.cfg
../../component/rdiff-backup/buildout.cfg
../../component/rdiff-backup/buildout.cfg
...
@@ -36,7 +37,7 @@ eggs = collective.recipe.template
...
@@ -36,7 +37,7 @@ eggs = collective.recipe.template
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/pbsready.cfg.in
url = ${:_profile_base_location_}/pbsready.cfg.in
output = ${buildout:directory}/pbsready.cfg
output = ${buildout:directory}/pbsready.cfg
#md5sum =
46f9d33e642467a72c599c8dc767e6c3
#md5sum =
fcb6d12fc34e7b34bb97786ef4f85f01
mode = 0644
mode = 0644
[pbsready-import]
[pbsready-import]
...
@@ -45,7 +46,7 @@ mode = 0644
...
@@ -45,7 +46,7 @@ mode = 0644
recipe = slapos.recipe.template
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/pbsready-import.cfg.in
url = ${:_profile_base_location_}/pbsready-import.cfg.in
output = ${buildout:directory}/pbsready-import.cfg
output = ${buildout:directory}/pbsready-import.cfg
md5sum = cb562bd954b9e809c8748d0f96de4116
#
md5sum = cb562bd954b9e809c8748d0f96de4116
mode = 0644
mode = 0644
[pbsready-export]
[pbsready-export]
...
@@ -67,7 +68,7 @@ mode = 0644
...
@@ -67,7 +68,7 @@ mode = 0644
[template-replicated]
[template-replicated]
recipe = slapos.recipe.download
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/template-replicated.cfg.in
url = ${:_profile_base_location_}/template-replicated.cfg.in
md5sum =
9e236726678d89a5359e1571a91e59e8
md5sum =
b70902e9f247ab710a26cedb2eae7559
mode = 0644
mode = 0644
destination = ${buildout:directory}/template-replicated.cfg.in
destination = ${buildout:directory}/template-replicated.cfg.in
...
@@ -87,6 +88,13 @@ url = ${:_profile_base_location_}/instance-frozen.cfg.in
...
@@ -87,6 +88,13 @@ url = ${:_profile_base_location_}/instance-frozen.cfg.in
md5sum = d21472f0e58f928fb827f2cbf22c4d4a
md5sum = d21472f0e58f928fb827f2cbf22c4d4a
output = ${buildout:directory}/instance-frozen.cfg
output = ${buildout:directory}/instance-frozen.cfg
[resilient-web-takeover-cgi-script-download]
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/resilient-web-takeover-cgi-script.py.in
#md5sum =
mode = 0644
destination = ${buildout:directory}/resilient-web-takeover-cgi-script.py.in
[versions]
[versions]
# Pin Jinja2 to 2.6, as 2.7 breaks current code
# Pin Jinja2 to 2.6, as 2.7 breaks current code
Jinja2 = 2.6
Jinja2 = 2.6
...
...
stack/resilient/parameter-schema.json
0 → 100644
View file @
45ad4867
{
"$schema"
:
"http://json-schema.org/draft-04/schema"
,
"title"
:
"Resiliency Parameters"
,
"description"
:
"List of possible parameters used in the resilient stack"
,
"type"
:
"object"
,
"properties"
:
{
"-sla-0-computer_guid"
:
{
"title"
:
"Target computer for main instance"
,
"description"
:
"Target computer GUID for main instance."
,
"type"
:
"string"
},
"-sla-1-computer_guid"
:
{
"title"
:
"Target computer for first clone"
,
"description"
:
"Target computer for first clone and PBS."
,
"type"
:
"string"
},
"-sla-2-computer_guid"
:
{
"title"
:
"Target computer for second clone"
,
"description"
:
"Target computer for second clone and PBS."
,
"type"
:
"string"
},
"resiliency-backup-periodicity"
:
{
"title"
:
"Periodicity of backup"
,
"description"
:
"Periodicity of backup, in cron format. Default is every hour."
,
"type"
:
"string"
},
"remove-backup-older-than"
:
{
"title"
:
"Remove backups older than..."
,
"description"
:
"Remove all the backups in PBS that are older than specified value. It should be rdiff-backup-compatible."
,
"type"
:
"string"
,
"default"
:
"3B"
}
}
}
\ No newline at end of file
stack/resilient/pbsready-import.cfg.in
View file @
45ad4867
...
@@ -18,11 +18,17 @@ parts =
...
@@ -18,11 +18,17 @@ parts =
dropbear-server-pbs-authorized-key
dropbear-server-pbs-authorized-key
notifier
notifier
resilient-web-takeover-cgi-script
resilient-web-takeover-httpd-wrapper
resilient-web-takeover-httpd-promise
import-on-notification
import-on-notification
resilient-publish-connection-parameter
resilient-publish-connection-parameter
[resilient-publish-connection-parameter]
[resilient-publish-connection-parameter]
notification-url = http://[$${notifier:host}]:$${notifier:port}/notify
notification-url = http://[$${notifier:host}]:$${notifier:port}/notify
takeover-url = http://[$${resilient-web-takeover-httpd-configuration-file:listening-ip}]:$${resilient-web-takeover-httpd-configuration-file:listening-port}/
takeover-password = $${resilient-web-takeover-password:passwd}
# Define port of ssh server. It has to be different from import so that it
# Define port of ssh server. It has to be different from import so that it
# supports export/import using same IP (slaprunner, slapos-in-partition,
# supports export/import using same IP (slaprunner, slapos-in-partition,
...
@@ -37,3 +43,67 @@ port = 22220
...
@@ -37,3 +43,67 @@ port = 22220
recipe = slapos.cookbook:notifier.callback
recipe = slapos.cookbook:notifier.callback
on-notification-id = $${slap-parameter:on-notification}
on-notification-id = $${slap-parameter:on-notification}
callback = $${importer:wrapper}
callback = $${importer:wrapper}
###########
# Deploy a webserver allowing to do takeover from a web browser.
###########
[resilient-web-takeover-password]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:srv}/passwd
bytes = 8
[resilient-web-takeover-cgi-script]
recipe = collective.recipe.template
input = ${resilient-web-takeover-cgi-script-download:destination}
output = $${directory:cgi-bin}/web-takeover.cgi
password = $${resilient-web-takeover-password:passwd}
mode = 700
# XXX could it be something lighter?
# XXX Add SSL
[resilient-web-takeover-httpd-configuration-file]
recipe = collective.recipe.template
input = inline:
PidFile "$${:pid-file}"
Listen [$${:listening-ip}]:$${:listening-port}
ServerAdmin someone@email
DocumentRoot "$${:document-root}"
ErrorLog "$${:error-log}"
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dir_module modules/mod_dir.so
ScriptSock $${:cgid-pid-file}
<Directory $${:document-root}>
# XXX: security????
Options +ExecCGI
AddHandler cgi-script .cgi
DirectoryIndex web-takeover.cgi
</Directory>
output = $${directory:etc}/resilient-web-takeover-httpd.conf
# md5sum =
listening-ip = $${slap-network-information:global-ipv6}
# XXX: randomize-me
listening-port = 9263
htdocs = $${directory:cgi-bin}
pid-file = $${directory:run}/resilient-web-takeover-httpd.pid
cgid-pid-file = $${directory:run}/resilient-web-takeover-httpd-cgid.pid
document-root = $${directory:cgi-bin}
error-log = $${directory:log}/resilient-web-takeover-httpd-error-log
[resilient-web-takeover-httpd-wrapper]
recipe = slapos.cookbook:wrapper
apache-executable = ${apache:location}/bin/httpd
command-line = $${:apache-executable} -f $${resilient-web-takeover-httpd-configuration-file:output} -DFOREGROUND
wrapper-path = $${basedirectory:services}/resilient-web-takeover-httpd
[resilient-web-takeover-httpd-promise]
recipe = slapos.cookbook:check_url_available
path = $${basedirectory:promises}/resilient-web-takeover-httpd
url = http://[$${resilient-web-takeover-httpd-configuration-file:listening-ip}]:$${resilient-web-takeover-httpd-configuration-file:listening-port}/
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl
stack/resilient/pbsready.cfg.in
View file @
45ad4867
...
@@ -50,6 +50,7 @@ crontabs = $${rootdirectory:etc}/crontabs
...
@@ -50,6 +50,7 @@ crontabs = $${rootdirectory:etc}/crontabs
cronstamps = $${rootdirectory:etc}/cronstamps
cronstamps = $${rootdirectory:etc}/cronstamps
logrotate-entries = $${rootdirectory:etc}/logrotate.d
logrotate-entries = $${rootdirectory:etc}/logrotate.d
logrotate-backup = $${basedirectory:backup}/logrotate
logrotate-backup = $${basedirectory:backup}/logrotate
cgi-bin = $${rootdirectory:srv}/cgi-bin
#----------------
#----------------
#--
#--
...
@@ -230,9 +231,9 @@ wrapper = $${basedirectory:services}/sshd
...
@@ -230,9 +231,9 @@ wrapper = $${basedirectory:services}/sshd
[resilient-sshkeys-dropbear-promise]
[resilient-sshkeys-dropbear-promise]
# Check that public key file exists and is not empty
# Check that public key file exists and is not empty
recipe = collective.recipe.template
recipe = collective.recipe.template
input = inline:#!${
dash:location}/bin/d
ash
input = inline:#!${
bash:location}/bin/b
ash
PUBLIC_KEY_CONTENT="$${sshkeys-dropbear:public-key-value}"
PUBLIC_KEY_CONTENT="$${sshkeys-dropbear:public-key-value}"
if [
! -n "$PUBLIC_KEY_CONTENT"
]; then
if [
[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]
]; then
exit 1
exit 1
fi
fi
output = $${basedirectory:promises}/public-key-existence
output = $${basedirectory:promises}/public-key-existence
...
...
stack/resilient/resilient-web-takeover-cgi-script.py.in
0 → 100644
View file @
45ad4867
#!${buildout:executable}
import cgi
import cgitb
import os
import subprocess
import sys
cgitb.enable()
print "Content-Type: text/html"
print
form = cgi.FieldStorage()
if "password" not in form:
print """
<html>
<body>
<h1>
This is takeover web interface.
</h1>
<p>
Calling takeover will stop and freeze the current main instance, and make this clone instance the new main instance, replacing the old one.
</p>
<p><b>
Warning: submit the form only if you understand what you are doing.
</b></p>
<p>
Note: the password asked here can be found within the parameters of your SlapOS instance page.
</p>
<form
action=
"/"
>
Password:
<input
type=
"text"
name=
"password"
>
<input
type=
"submit"
value=
"Take over"
style=
"background: red;"
>
</form>
</body>
</html>
"""
sys.exit(0)
if form['password'].value != '${:password}':
print "
<H1>
Error
</H1>
"
print "Password is invalid."
sys.exit(1)
# XXX hardcoded location
result = subprocess.check_output([os.path.expanduser("~/bin/takeover")], stderr=subprocess.STDOUT)
print 'Success.'
print '
<pre>
%s
</pre>
' % result
stack/resilient/template-replicated.cfg.in
View file @
45ad4867
...
@@ -131,7 +131,7 @@ recipe = collective.recipe.template
...
@@ -131,7 +131,7 @@ recipe = collective.recipe.template
# XXX: don't use system executable
# XXX: don't use system executable
input = inline:#!/bin/sh
input = inline:#!/bin/sh
PUBLIC_KEY_CONTENT="${request-{{namebase}}-2:connection-ssh-public-key})"
PUBLIC_KEY_CONTENT="${request-{{namebase}}-2:connection-ssh-public-key})"
if [[ ! -n "$PUBLIC_KEY_CONTENT"
-o "$PUBLIC_KEY_CONTENT" == None
]]; then
if [[ ! -n "$PUBLIC_KEY_CONTENT"
|| "$PUBLIC_KEY_CONTENT" == *None*
]]; then
exit 1
exit 1
fi
fi
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-public-key
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-public-key
...
@@ -149,7 +149,7 @@ recipe = collective.recipe.template
...
@@ -149,7 +149,7 @@ recipe = collective.recipe.template
# XXX: don't use system executable
# XXX: don't use system executable
input = inline:#!/bin/sh
input = inline:#!/bin/sh
PUBLIC_KEY_CONTENT="${request-{{namebase}}-pseudo-replicating-{{id}}-2:connection-ssh-public-key})"
PUBLIC_KEY_CONTENT="${request-{{namebase}}-pseudo-replicating-{{id}}-2:connection-ssh-public-key})"
if [
! -n "$PUBLIC_KEY_CONTENT" -a "$PUBLIC_KEY_CONTENT" == None
]; then
if [
[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]
]; then
exit 1
exit 1
fi
fi
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
...
@@ -207,7 +207,7 @@ recipe = collective.recipe.template
...
@@ -207,7 +207,7 @@ recipe = collective.recipe.template
# XXX: don't use system executable
# XXX: don't use system executable
input = inline:#!/bin/sh
input = inline:#!/bin/sh
PUBLIC_KEY_CONTENT="${request-pbs-{{namebase}}-{{id}}:connection-ssh-key}:connection-ssh-key})"
PUBLIC_KEY_CONTENT="${request-pbs-{{namebase}}-{{id}}:connection-ssh-key}:connection-ssh-key})"
if [
! -n "$PUBLIC_KEY_CONTENT" -a "$PUBLIC_KEY_CONTENT" == None
]; then
if [
[ ! -n "$PUBLIC_KEY_CONTENT" || "$PUBLIC_KEY_CONTENT" == *None* ]
]; then
exit 1
exit 1
fi
fi
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
output = ${resilient-directory:promise}/resilient-request-{{namebase}}-pseudo-replicating-{{id}}-public-key
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment