pax_global_header 0000666 0000000 0000000 00000000064 12375063332 0014516 g ustar 00root root 0000000 0000000 52 comment=77db41ff11f884f0c8bb6d046b150771bb583869
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/ 0000775 0000000 0000000 00000000000 12375063332 0023713 5 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/ 0000775 0000000 0000000 00000000000 12375063332 0025545 5 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/ 0000775 0000000 0000000 00000000000 12375063332 0027736 5 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/README.txt 0000664 0000000 0000000 00000016762 12375063332 0031450 0 ustar 00root root 0000000 0000000 slaprunner
==========
Introduction
------------
This software release is used to deploy Slaprunner instances.
Slaprunner is an all-in-one IDE used to develop and test profiles and recipes for SlapOS.
Parameters
----------
user-authorized-key
~~~~~~~~~~~~~~
You need to specify your SSH public key in order to connect to the SSH server of this instance.
Example of parameter XML::
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCdNp7qZMVAzNc07opHshiIFDmJpYXQpetfcSgUj39a409d42PpsJElp7WsAE/x0nN6gUIoWIl7UiAlMzf6bKEJGJVSOZEPTmiJVlgK1Gp+kE0x9yNcncYg7p38Jny0daVA/NkkpAFyRsAm5kLGzyLtaCcktSvy0cJuy7WSSHU05pd1f8Y8thofE9g5t+/JA2VZvipxPkRfkFAG3aOAGLULlTImTSDFSDFGSDFG5F6mMnl7yvY2d6vEHVBu+K+aKmAwZVfCUwtSpa/tq3i2Lppjrw3UfrxbQSFHZCkzefr+u+l4YYe+tJrX7rYJYXD7LIfZfdSeFTlHFaN/yI1 user@host.local
instance-amount
~~~~~~~~~~~~~~~
Optional parameter.
Default: 10
Public-directory
----------------
You can serve static files with the webrunner. For that, just put your data in "srv/runner/public". All these files will be served throught the url of the webrunner + "/public/". Useful for developping your own static website.
AUTO-DEPLOYMENT
---------------
for software
~~~~~~~~~~~~
You can automatically deploy a software release while deploying the webrunner itself, using the paramater XML.
To do this, you only need to pass as a parameter named "slapos-software" : "AAA/BBB", where AAA is the folder of slapos.git where is located your BBB software.
For example, to deploy the hello-world software, you need to pass : software/helloworld
This is possible because the slapos.git is automatically downloaded when the webrunner is deployed.
It is also possible to download you own git repository, by providing the url in the "slapos-repository" parameter.
Last but not least, it is also possible to switch the branch with the parameter "slapos-reference" (by default pointing on master)
for instance
~~~~~~~~~~~~
The parameter "auto-deploy-instance" can be explicitly set to allow or prevent the runner to deploy the instance at START TIME (if you manually restart the runner, or if the server reboots). Values : "true" or "false". Default value is "true", except for the instances of import (while type is resilient or test) which is "false"
There also exists the parameter "autorun", which will build&run your software if set to true. For this, you need "auto_deploy" to true, and set the parameter "slapos-software" to the software you want to deploy. Do not hesitate to clone a different repo than "slapos", or to change the tag/branch to use your custom Software Release. (see "slapos-repository" and "slapos-reference" in previous section).
To deploy the instance with some parameters, just give to the runner parameters starting with "parameter-", they will be correctly forwarded to the instance, which will use them for its configuration. For example, if you want to send to the sofware helloworld the parameter "name" with the value "nicolas", here is how to configure the parameter.xml of the webrunner for auto-depolyment :
software/helloworld
true
true
nicolas
Resilience :
------------
To order a resilient runner, you have to request a runner with the option: "--type resilient"
You can then decide on which node you want to deploy each instance, with the parameters.xml :
COMP-XXXX
COMP-XXXX
COMP-XXXX
COMP-XXXX
COMP-XXXX
If you want to check by yourself that the pull-backup instances do their job, you can change directory to the slappart of runner0, and run ./bin/exporter (after creating your account, using the given backend_url or url): it would fill ./srv/backup/runner with data. If you then go to an import instance (runner1 or runner2) on the port 50005, you should be able to sign in the runner.
Tips :
~~~~~
To find in which partition the instance has been deployed, you can open the page of this specific instance, and look for "slappartXX" on the page.
Tests :
-------
To test the runner, start by ordering a runner with default type. Then READ the important note below :
/!\ IMPORTANT NOTE ON THE TESTS /!\ : in order to make them work, you have to comment the last line of the file __init__.py in the runner module (which is just : "run()"). Indeed, this line is used to load the config, when importing this module throught Gunicorn (the wsgi server). But the test suite loads itself the configuration, in fonction of the tested scenarios, etc... (You can find the module in the SR folder directory, under ./eggs/slapos.toolbox, or under parts/slapos.toolbox if you have a development version)
Then, su in the concerned slapuserX and run "./bin/runTestSuite".
For the tests on the resiliency of the webrunner, please refer to the README in slapos.toolbox.git/slapos/resiliencytest
Request custom frontend :
-------------------------
While deploying a server in your instance, you may need to ask for a custom ipv4 frontend.
The way to do that is to send a new parameter to your runner instance, using the parameters XML. The name of it is "custom-frontend-backend-url".
To create the frontend, you now have to wait the slaprunner to be processed.
You can define the type of your backend using "custom-frontend-backend-type". eg: zope
If you deploy a server, which uses basic auth, you also have to declare the parameter "custom-frontend-basic-auth" as true, or your slaprunner instance won't show as correctly instanciated.
Example :
http(s)://[THE_IPV6_ADDRESS]:PORT
zope
true
Git repositories :
------------------
It is easy to give access to your git repository/ies to everyone, or to clone it on your own computer. For this, there are 2 urls to remember:
- For read only, you can clone : https://[IPV6]:PORT/git-public/YourRepo.git/
- For read and write access, using your runner account : https://[IPV6]:PORT/git/YourRepo.git/
To create the repo, go in the folder srv/runner/project and initiate a new git repo (git init/clone --bare XXX).
For the moment, the PORT is the port of monitoring, which is 9685.
Things to notice for the nex developer :
----------------------------------------
As you can see in instance-runner-*.cfg, the buildout section extends a hard-coded template file. If one day you need to modify the filename, do not forget to modify it in instance.cfg, but also in these files ! (the problem is that the content of instance.cfg is not known by buildout while the deployment of the software release)
List of ports used by the webrunner:
------------------------------------
8602 : slapproxy, while running tests
8949 : shellinabox
9684 : apache (monitoring of slaprunner, git access)
22222 : dropbear
50000 : slapproxy
50005 : webrunner (flask app), webdav access
Tips:
-----
You can use shellinabox in fullscreen, by accessing : https://[IPV6]:8949
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/TODO.txt 0000664 0000000 0000000 00000000340 12375063332 0031241 0 ustar 00root root 0000000 0000000 - resilient sr: Cloned instances should not launch slapgrid-sr if it was not launched on export instance
- shellinabox password should be the same in all the resilient instances
- add test for parameter auto-deploy-instance
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/common.cfg 0000664 0000000 0000000 00000011161 12375063332 0031707 0 ustar 00root root 0000000 0000000 [buildout]
extends =
../../component/bash/buildout.cfg
../../component/busybox/buildout.cfg
../../component/curl/buildout.cfg
../../component/dash/buildout.cfg
../../component/dcron/buildout.cfg
../../component/dropbear/buildout.cfg
../../component/git/buildout.cfg
../../component/logrotate/buildout.cfg
../../component/lxml-python/buildout.cfg
../../component/nano/buildout.cfg
../../component/nginx/buildout.cfg
../../component/rsync/buildout.cfg
../../component/python-2.7/buildout.cfg
../../component/screen/buildout.cfg
../../component/shellinabox/buildout.cfg
../../component/vim/buildout.cfg
../../stack/flask.cfg
../../stack/shacache-client.cfg
../../stack/resilient/buildout.cfg
../../stack/monitor/buildout.cfg
../../stack/slapos.cfg
parts =
template
eggs
instance-runner-import
instance-runner-export
slapos-cookbook
template-slapos-cfg
# XXX: we have to manually add this for resilience
rdiff-backup
collective.recipe.template-egg
[template]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance.cfg
output = ${buildout:directory}/template.cfg
md5sum = 8a47421ac6158b4ee476acab212c67d9
mode = 0644
[template-runner]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner.cfg
output = ${buildout:directory}/template-runner.cfg.in
md5sum = 9878115a2969489b57e8563ef3d4d6d3
mode = 0644
[template-runner-import-script]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/runner-import.sh.jinja2
download-only = true
md5sum = b003f6a6963f7787948be85c3d479ccd
filename = runner-import.sh.jinja2
mode = 0644
[instance-runner-import]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-import.cfg.in
output = ${buildout:directory}/instance-runner-import.cfg
md5sum = 354ff83819e8379f5e4a2e2985e34e9e
mode = 0644
[template-runner-export-script]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/runner-export.sh.jinja2
download-only = true
md5sum = 246167ed081027618ef127a6fffd13ed
filename = runner-export.sh.jinja2
mode = 0644
[instance-runner-export]
recipe = slapos.recipe.template
url = ${:_profile_base_location_}/instance-runner-export.cfg.in
output = ${buildout:directory}/instance-runner-export.cfg
md5sum = 6930a0d6c88896c43a8e60509ba6bd1c
mode = 0644
[template-resilient]
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/instance-resilient.cfg.jinja2
md5sum = 1f7332d0b0671929a2de87ef9ce998c8
filename = instance-resilient.cfg.jinja2
mode = 0644
[template-resilient-test]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/instance-resilient-test.cfg.jinja2
download-only = true
md5sum = abba49f5f397bfe6f6ea5e5dd185b1e9
filename = instance-resilient-test.cfg.jinja2
mode = 0644
[template_nginx_conf]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/nginx_conf.in
download-only = true
md5sum = 7c0608eafb5c6998846851744a70b3de
filename = nginx_conf.in
mode = 0644
[template_httpd_conf]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/httpd_conf.in
download-only = true
md5sum = 63782f8eaa94af729ec6bba80e062d8f
filename = httpd_conf.in
mode = 0644
[template_launcher]
recipe = slapos.recipe.download
url = ${:_profile_base_location_}/launcher.in
md5sum = c7f8b6e9ae84aa94686a9cbaaa3dd693
filename = launcher.in
mode = 0644
location = ${buildout:parts-directory}/${:_buildout_section_name_}
[template-slapos-cfg]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/template/${:filename}
md5sum = 847df63cf5a226ed338d7ca34b0220b5
location = ${buildout:parts-directory}/${:_buildout_section_name_}
filename = slapos.cfg.in
download-only = true
mode = 0644
[parameters-template]
recipe = hexagonit.recipe.download
url = ${:_profile_base_location_}/${:filename}
md5sum = f8446fcf254b4929eb828a9a1d7e5f62
location = ${buildout:parts-directory}/${:_buildout_section_name_}
filename = parameters.xml.in
download-only = true
mode = 0644
[eggs]
recipe = z3c.recipe.scripts
eggs =
${lxml-python:egg}
collective.recipe.environment
cns.recipe.symlink
erp5.util
hexagonit.recipe.download
inotifyx
lock-file
lxml
netaddr
plone.recipe.command
pytz
slapos.cookbook
slapos.libnetworkcache
slapos.recipe.build
slapos.toolbox[flask_auth]
slapos.core
xml_marshaller
Gunicorn
# Add slapos.libnetworkcache to path of slapos.core so that slaprunner can build SRs using cache
[slapos-cookbook]
eggs =
${lxml-python:egg}
slapos.cookbook
cliff
hexagonit.recipe.download
inotifyx
netaddr
netifaces
requests
slapos.core
supervisor
xml_marshaller
pytz
slapos.libnetworkcache
development.cfg 0000664 0000000 0000000 00000004162 12375063332 0032665 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner # Development profile of slaprunner.
# Exactly the same as software.cfg, but fetch the slapos.cookbook and
# slapos.toolbox from git repository instead of fetching stable version,
# allowing to play with bleeding edge environment.
# You'll need to run buildout twice for this profile.
[buildout]
extends = common.cfg
parts =
# Development eggs
slapos.toolbox-repository
# slapos.cookbook-repository
# slapos.core-repository
check-recipe
# erp5.util-repository
# Good elements
template
eggs
instance-runner-import
instance-runner-export
slapos-cookbook
template-slapos-cfg
# XXX: we have to manually add this for resilience
rdiff-backup
collective.recipe.template-egg
develop =
${:parts-directory}/slapos.toolbox-repository
# ${:parts-directory}/slapos.cookbook-repository
# ${:parts-directory}/slapos.core-repository
# ${:parts-directory}/erp5.util-repository
[slapos.toolbox-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.toolbox.git
branch = slaprunner-paas
#revision = 2de7ba00a75e73cae2d6b71f7266f6261416b057
git-executable = ${git:location}/bin/git
[slapos.cookbook-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.git
branch = slaprunner-paas
git-executable = ${git:location}/bin/git
# Used for resiliency tests only
[erp5.util-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/erp5.git
#branch = scalability-master2
revision = f9a812f4e97ffeed359bc5611366a5c8675ec749
git-executable = ${git:location}/bin/git
[slapos.core-repository]
recipe = slapos.recipe.build:gitclone
repository = http://git.erp5.org/repos/slapos.core.git
branch = master
git-executable = ${git:location}/bin/git
[check-recipe]
recipe = plone.recipe.command
stop-on-error = true
update-command = ${:command}
command =
grep parts ${buildout:develop-eggs-directory}/slapos.toolbox.egg-link
# grep parts ${buildout:develop-eggs-directory}/slapos.cookbook.egg-link &&
# grep parts ${buildout:develop-eggs-directory}/slapos.core.egg-link &&
# grep parts ${buildout:develop-eggs-directory}/erp5.util.egg-link
httpd_conf.in 0000664 0000000 0000000 00000006216 12375063332 0032344 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner PidFile "{{ parameters.path_pid }}"
ServerName example.com
ServerAdmin someone@email
Listen [{{ parameters.global_ip }}]:{{ parameters.monitor_port }}
Define MonitorPort
LoadModule unixd_module modules/mod_unixd.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule mime_module modules/mod_mime.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule alias_module modules/mod_alias.so
LoadModule env_module modules/mod_env.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule dav_module modules/mod_dav.so
LoadModule dav_fs_module modules/mod_dav_fs.so
ErrorLog "{{ parameters.path_error_log }}"
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "{{ parameters.path_access_log }}" common
# SSL Configuration
Define SSLConfigured
SSLCertificateFile {{ parameters.cert_file }}
SSLCertificateKeyFile {{ parameters.key_file }}
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup /dev/urandom 256
SSLRandomSeed connect builtin
SSLProtocol -ALL +SSLv3 +TLSv1
SSLHonorCipherOrder On
SSLCipherSuite RC4-SHA:HIGH:!ADH
SSLEngine On
Alias /public {{ parameters.runner_home }}/public
Order Allow,Deny
Allow from all
AllowOverride All
Satisfy Any
Options Indexes FollowSymLinks
DirectoryIndex index.html
order allow,deny
deny from all
DavLockDB {{ parameters.var_dir }}/DavLock
Alias /share {{ parameters.runner_home }}
DirectoryIndex disabled
DAV On
Options Indexes FollowSymLinks
AuthType Basic
AuthName "webdav"
AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
Require valid-user
ScriptSock {{ parameters.path_pid }}
SetEnv GIT_PROJECT_ROOT {{ parameters.project_folder }}
SetEnv GIT_HTTP_EXPORT_ALL
ScriptAlias /git/ {{ parameters.git_http_backend }}/
ScriptAlias /git-public/ {{ parameters.git_http_backend }}/
RewriteCond %{QUERY_STRING} service=git-receive-pack [OR]
RewriteCond %{REQUEST_URI} /git-receive-pack$
RewriteRule ^/git/ - [E=AUTHREQUIRED:yes]
RewriteRule ^/git-public/ - [E=AUTHREQUIRED:yes]
Order Deny,Allow
Deny from env=AUTHREQUIRED
AuthType Basic
AuthName "Git Access"
AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
Require valid-user
Satisfy any
Order Deny,Allow
Deny from env=AUTHREQUIRED
AuthType Basic
AuthName "Git Access"
AuthUserFile "{{ parameters.etc_dir }}/.htpasswd"
Require valid-user
include {{ parameters.cgi_httpd_conf }}
instance-resilient-test.cfg.jinja2 0000664 0000000 0000000 00000005070 12375063332 0036273 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner [buildout]
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
parts =
deploy-resiliency-test
request-resilient-instance
deploy-standalone-resiliency-test
[directory]
recipe = slapos.cookbook:mkdirectory
home = ${buildout:directory}
etc = ${:home}/etc/
var = ${:home}/var/
srv = ${:home}/srv/
bin = ${:home}/bin/
tmp = ${:home}/tmp/
log = ${:var}/log/
services = ${:etc}/service/
scripts = ${:etc}/run/
[deploy-resiliency-test]
recipe = slapos.cookbook:wrapper
testnode-parameters = --test-result-path={{ slapparameter_dict.get('test-result-path') }} --revision={{ slapparameter_dict.get('test-suite-revision') }} --node-title={{ slapparameter_dict.get('scalability-launcher-title') }} --test-suite={{ slapparameter_dict.get('test-suite') }} --test-suite-master-url={{ slapparameter_dict.get('test-suite-master-url') }} --log-path=${directory:log}
test-parameters = server_url=${slap-connection:server-url} key_file=${slap-connection:key-file} cert_file=${slap-connection:cert-file} computer_id=${slap-connection:computer-id} partition_id=${slap-connection:partition-id} software=${slap-connection:software-release-url} namebase=runner slaprunner_rootinstance_name='${request-resilient-instance:name}'
command-line = {{ bin_directory }}/runResiliencyTest ${:testnode-parameters} ${:test-parameters}
wrapper-path = ${directory:scripts}/runResiliencyTestSuite
[deploy-standalone-resiliency-test]
# Used to manually run the resilient test if we don't have a running testnode.
recipe = slapos.cookbook:wrapper
test-suite-title = slaprunner
command-line = {{ bin_directory }}/runStandaloneResiliencyTest --test-suite-title=${:test-suite-title} ${deploy-resiliency-test:test-parameters}
wrapper-path = ${directory:bin}/runStandaloneResiliencyTestSuite
[request-resilient-instance]
<= slap-connection
recipe = slapos.cookbook:request
software-url = ${slap-connection:software-release-url}
software-type = resilient
name = Resilient Instance (Root Instance)
{% set cluster_parameter_dict = slapparameter_dict.get('cluster', {}) -%}
config = resiliency-backup-periodicity {{ cluster_parameter_dict.keys() | join(' ') }}
{% for key, value in cluster_parameter_dict.items() -%}
config-{{ key }} = {{ dumps(value) }}
{% endfor -%}
config-resiliency-backup-periodicity = */6 * * * *
config-resilient-clone-number = 2
# XXX hardcoded
#config-frontend-domain = google.com
# XXX Hack to deploy Root Instance on the same computer as the type-test Instance
sla = computer_guid
sla-computer_guid = ${slap-connection:computer-id}
return = backend_url
[slap-parameter]
instance-resilient.cfg.jinja2 0000664 0000000 0000000 00000004432 12375063332 0035317 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner # vim: set ft=cfg:
# Default parameters
# NOTE: in case of resilient instance, auto-deploy-instance
# set to false (else it could be dangerous)
{% do slapparameter_dict.__setitem__('auto-deploy', slapparameter_dict.get('auto-deploy', 'true')) %}
{% do slapparameter_dict.__setitem__('auto-deploy-instance', slapparameter_dict.get('auto-deploy-instance', 'false')) %}
# let decide the number of clones we want. We can't have more than 2 clones
{% set number_of_instances = slapparameter_dict.get('resilient-clone-number', 1)|int %}
{% if number_of_instances > 2 %}
{% set number_of_instances = 2 %}
{% endif %}
{% import 'parts' as parts %}
{% import 'replicated' as replicated %}
[buildout]
eggs-directory = {{ eggs_directory }}
develop-eggs-directory = {{ develop_eggs_directory }}
offline = true
# += because we need to take up parts (like instance-custom, slapmonitor etc) from the profile we extended
parts +=
{{ parts.replicate("runner", number_of_instances + 1) }}
publish-connection-informations
{{ replicated.replicate("runner", number_of_instances + 1, "runner-export", "runner-import", slapparameter_dict=slapparameter_dict) }}
# Bubble up the parameters
[request-runner]
return = url ssh-public-key ssh-url notification-id ip backend_url url ssh_command access_url 1_info 2_info monitor_url webdav_url public_url
[publish-connection-informations]
recipe = slapos.cookbook:publish
1_info = ${request-runner:connection-1_info}
2_info = ${request-runner:connection-2_info}
backend_url = ${request-runner:connection-backend_url}
access_url = ${request-runner:connection-access_url}
url = ${request-runner:connection-url}
ssh_command = ${request-runner:connection-ssh_command}
monitor_url = ${request-runner:connection-monitor_url}
webdav_url = ${request-runner:connection-webdav_url}
public_url = ${request-runner:connection-public_url}
[slap-parameter]
# Default parameters for distributed deployment
# I.e state "backup1 of maria should go there, ..."
# XXX-Cedric: Hardcoded number of backups. Should be dynamically generated.
{% for nb in range(1,number_of_instances+1) %}
runner{{nb}}-computer-guid =
pbs-runner{{nb}}-computer-guid =
{% endfor %}
# XXX-Cedric: Hardcoded parameters. Should be dynamically generated.
domain =
authorized-key =
instance-amount = 10
debug = false
resilient-clone-number = 1
instance-runner-export.cfg.in 0000664 0000000 0000000 00000004262 12375063332 0035403 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner [buildout]
extends = template-runner.cfg
${pbsready-export:output}
parts +=
nginx_conf
nginx-launcher
certificate-authority
ca-nginx
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
sshkeys-dropbear-runner
dropbear-server-add-authorized-key
sshkeys-authority
publish-connection-informations
slaprunner-promise
slaprunner-frontend-promise
dropbear-promise
runtestsuite
shellinabox-promise
symlinks
shellinabox
slapos-cfg
slapos-repo-config
cron-entry-backup
cron-entry-prepare-software
deploy-instance-parameters
minishell-cwd
## Monitoring part
###Parts to add for monitoring
cron
certificate-authority
cron-entry-monitor
cron-entry-rss
deploy-index
deploy-settings-cgi
deploy-status-cgi
deploy-status-history-cgi
setup-static-files
certificate-authority
zero-parameters
public-symlink
cgi-httpd-wrapper
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
## Monitor for runner
monitor-current-log-access
monitor-check-resilient-feed-file
[exporter]
recipe = slapos.recipe.template:jinja2
template = ${template-runner-export-script:location}/${template-runner-export-script:filename}
rendered = $${directory:bin}/$${slap-parameter:namebase}-exporter
# backward compatibility for resilient stack
wrapper = $${:rendered}
mode = 700
context =
section directory directory
raw shell_binary ${dash:location}/bin/dash
raw rsync_binary ${rsync:location}/bin/rsync
[monitor-promise]
url = $${monitor-frontend:config-url}/$${deploy-index-template:filename}
# Extends publish section with resilient parameters
[publish-connection-informations]
<= resilient-publish-connection-parameter
[monitor-check-resilient-feed-file]
recipe = slapos.recipe.template:jinja2
template = ${template-monitor-check-resilient-feed:location}/${template-monitor-check-resilient-feed:filename}
rendered = $${monitor-directory:monitor-custom-scripts}/check-create-resilient-feed-files.py
mode = 700
context =
key input_feed_directory directory:notifier-feeds
key monitor_feed_directory monitor-directory:public-cgi
raw base_url http://[$${notifier:host}]:$${notifier:port}/get/
raw python_executable ${buildout:executable}
instance-runner-import.cfg.in 0000664 0000000 0000000 00000004365 12375063332 0035400 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner [buildout]
extends = template-runner.cfg
${pbsready-import:output}
parts +=
nginx_conf
nginx-launcher
certificate-authority
ca-nginx
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
sshkeys-dropbear-runner
dropbear-server-add-authorized-key
sshkeys-authority
slaprunner-promise
dropbear-promise
runtestsuite
shellinabox-promise
shellinabox
symlinks
slapos-cfg
slapos-repo-config
cron-entry-prepare-software
deploy-instance-parameters
instance-software-type
# have to repeat the next one, as it's not inherited from pbsready-import
import-on-notification
## Monitoring part
###Parts to add for monitoring
cron
certificate-authority
cron-entry-monitor
cron-entry-rss
deploy-index
deploy-settings-cgi
deploy-status-cgi
deploy-status-history-cgi
setup-static-files
certificate-authority
zero-parameters
public-symlink
cgi-httpd-wrapper
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
## Monitor for runner
monitor-current-log-access
monitor-backup-log-access
## Monitor for import runner
monitor-latest-restored-backup
[importer]
recipe = slapos.recipe.template:jinja2
template = ${template-runner-import-script:location}/${template-runner-import-script:filename}
rendered = $${directory:bin}/$${slap-parameter:namebase}-importer
# backward compatibility for resilient stack
wrapper = $${:rendered}
mode = 700
context =
key backend_url slaprunner:access-url
section directory directory
raw shell_binary ${dash:location}/bin/dash
raw rsync_binary ${rsync:location}/bin/rsync
raw curl_binary ${curl:location}/bin/curl
[slap-parameter]
auto-deploy-instance = false
auto-deploy = true
[resilient-publish-connection-parameter]
monitor-url = $${monitor-parameters:url}
[monitor-backup-log-access]
< = monitor-directory-access
source = $${directory:logrotate-backup}
[monitor-latest-restored-backup]
recipe = slapos.recipe.template:jinja2
command = if [ -f $${directory:etc}/.resilient-timestamp ]; then echo "$(date -d @$(cat $${directory:etc}/.resilient-timestamp) +%c)"; else echo "No backup timestamp found"; fi
rendered = $${monitor-directory:monitoring-cgi}/latest-restored-backup
template = ${template-wrapper:output}
mode = 744
context =
key content :command instance-runner.cfg 0000664 0000000 0000000 00000047743 12375063332 0033472 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner [buildout]
parts =
nginx_conf
nginx-launcher
certificate-authority
ca-nginx
ca-shellinabox
gunicorn-launcher
gunicorn-graceful
sshkeys-dropbear-runner
dropbear-server-add-authorized-key
sshkeys-authority
publish-connection-informations
slaprunner-promise
slaprunner-frontend-promise
dropbear-promise
runtestsuite
shellinabox-promise
symlinks
shellinabox
slapos-cfg
slapos-repo-config
cron-entry-prepare-software
deploy-instance-parameters
instance-software-type
minishell-cwd
{% if slapparameter_dict.get('custom-frontend-backend-url') %}
custom-frontend-promise
{% endif %}
## Monitoring part
###Parts to add for monitoring
cron
certificate-authority
cron-entry-monitor
cron-entry-rss
deploy-index
deploy-settings-cgi
deploy-status-cgi
deploy-status-history-cgi
setup-static-files
certificate-authority
zero-parameters
public-symlink
cgi-httpd-wrapper
cgi-httpd-graceful-wrapper
monitor-promise
monitor-instance-log-access
## Monitor for runner
monitor-current-log-access
extends = ${monitor-template:output}
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
offline = true
{% if slapparameter_dict.get('custom-frontend-backend-url') -%}
# Requests, if defined, a frontend to allow access to a server
# located inside of the virtual machine listening to port X
# to LAN IPv4.
# Internaly, the frontend will be asked to listen on the IPv6
# with port X + 10000, to match NAT rules of Qemu.
[request-custom-frontend]
recipe = slapos.cookbook:requestoptional
software-url = {{ slapparameter_dict.get('custom-frontend-software-url', 'http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg') }}
software-type = {{ slapparameter_dict.get('custom-frontend-software-type', 'RootSoftwareInstance') }}
slave = true
name = Custom Web Frontend
server-url = $${slap-connection:server-url}
key-file = $${slap-connection:key-file}
cert-file = $${slap-connection:cert-file}
computer-id = $${slap-connection:computer-id}
partition-id = $${slap-connection:partition-id}
{%- if slapparameter_dict.get('custom-frontend-instance-guid') -%}
sla = instance_guid
sla-instance_guid = $${slap-parameter:frontend-instance-guid}
{% endif -%}
{% set custom_frontend_backend_type = slapparameter_dict.get('custom-frontend-backend-type')%}
{% if custom_frontend_backend_type %}
config = url type
config-type = {{ custom_frontend_backend_type }}
{% else %}
config = url
{% endif -%}
config-url = {{ slapparameter_dict.get('custom-frontend-backend-url') }}
return = site_url domain
[custom-frontend-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/custom_frontend_promise
url = https://$${request-custom-frontend:connection-domain}
{% if slapparameter_dict.get('custom-frontend-basic-auth') -%}
check-secure = 1
{% endif -%}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
[publish-connection-informations]
custom-frontend-url = https://$${request-custom-frontend:connection-domain}
{% endif %}
# Create all needed directories
[directory]
recipe = slapos.cookbook:mkdirectory
etc = $${buildout:directory}/etc/
var = $${buildout:directory}/var/
srv = $${buildout:directory}/srv/
bin = $${buildout:directory}/bin/
tmp = $${buildout:directory}/tmp/
sshkeys = $${:srv}/sshkeys
services = $${:etc}/service/
scripts = $${:etc}/run/
ssh = $${:etc}/ssh/
log = $${:var}/log/
run = $${:var}/run/
backup = $${:srv}/backup/
promises = $${:etc}/promise/
test = $${:etc}/test/
nginx-data = $${directory:srv}/nginx
ca-dir = $${:srv}/ssl
project = $${:srv}/runner/project
[runnerdirectory]
recipe = slapos.cookbook:mkdirectory
home = $${directory:srv}/runner/
test = $${directory:srv}/test/
project = $${:home}/project
public = $${:home}/public
software-root = $${:home}/software
instance-root = $${:home}/instance
project-test = $${:test}/project
software-test = $${:test}/software
instance-test = $${:test}/instance
sessions = $${buildout:directory}/.sessions
#Create password recovery code for slaprunner
[recovery-code]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.rcode
bytes = 8
[slaprunner]
slaprunner = ${buildout:directory}/bin/slaprunner
slapos = ${buildout:directory}/bin/slapos
slapproxy = ${buildout:directory}/bin/slapproxy
supervisor = ${buildout:directory}/bin/slapgrid-supervisorctl
git-binary = ${git:location}/bin/git
root_check = false
slapos.cfg = $${directory:etc}/slapos.cfg
working-directory = $${runnerdirectory:home}
project-directory = $${runnerdirectory:project}
instance_root = $${runnerdirectory:instance-root}
software_root = $${runnerdirectory:software-root}
#XXX-Nico hardcoded default port because overridden by this buildout config
instance-monitor-url = https://[$${:ipv6}]:9685
etc_dir = $${directory:etc}
log_dir = $${directory:log}
run_dir = $${directory:run}
ssh_client = $${sshkeys-dropbear-runner:wrapper}
public_key = $${sshkeys-dropbear-runner:public-key}
private_key = $${sshkeys-dropbear-runner:private-key}
ipv4 = $${slap-network-information:local-ipv4}
ipv6 = $${slap-network-information:global-ipv6}
instance_root = $${runnerdirectory:instance-root}
proxy_port = 50000
runner_port = 50005
partition-amount = $${slap-parameter:instance-amount}
wrapper = $${directory:services}/slaprunner
debug = $${slap-parameter:debug}
access-url = https://[$${:ipv6}]:$${:runner_port}
supervisord_config = $${directory:etc}/supervisord.conf
proxy_database = $${slaprunner:working-directory}/proxy.db
console = False
verbose = False
debug = False
auto_deploy = $${slap-parameter:auto-deploy}
auto_deploy_instance = $${slap-parameter:auto-deploy-instance}
autorun = $${slap-parameter:autorun}
knowledge0_file = $${buildout:directory}/$${public:filename}
minishell_cwd_file = $${directory:etc}/.minishell-cwd
minishell_history_file = $${directory:etc}/.minishell_history
[test-runner]
<= slaprunner
slapos.cfg = $${directory:etc}/slapos-test.cfg
working-directory = $${runnerdirectory:test}
project-directory = $${runnerdirectory:project-test}
software_root = $${runnerdirectory:software-test}
instance_root = $${runnerdirectory:instance-test}
proxy_port = 8602
etc_dir = $${directory:test}
autorun = False
auto_deploy = True
[runtestsuite]
recipe = slapos.cookbook:wrapper
command-line = ${buildout:directory}/bin/slaprunnertest
wrapper-path = $${directory:bin}/runTestSuite
environment = RUNNER_CONFIG=$${slapos-test-cfg:rendered}
# Deploy dropbear (minimalist SSH server)
[sshkeys-directory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:sshkeys}/requests/
keys = $${directory:sshkeys}/keys/
[sshkeys-authority]
recipe = slapos.cookbook:sshkeys_authority
request-directory = $${sshkeys-directory:requests}
keys-directory = $${sshkeys-directory:keys}
wrapper = $${directory:services}/sshkeys_authority
keygen-binary = ${dropbear:location}/bin/dropbearkey
[dropbear-runner-server]
recipe = slapos.cookbook:dropbear
host = $${slap-network-information:global-ipv6}
port = 22222
home = $${directory:ssh}
wrapper = $${directory:bin}/runner_sshd
shell = ${bash:location}/bin/bash
rsa-keyfile = $${directory:ssh}/server_key.rsa
dropbear-binary = ${dropbear:location}/sbin/dropbear
[sshkeys-dropbear-runner]
<= sshkeys-authority
recipe = slapos.cookbook:sshkeys_authority.request
name = dropbear
type = rsa
executable = $${dropbear-runner-server:wrapper}
public-key = $${dropbear-runner-server:rsa-keyfile}.pub
private-key = $${dropbear-runner-server:rsa-keyfile}
wrapper = $${directory:services}/runner_sshd
[dropbear-server-add-authorized-key]
<= dropbear-runner-server
recipe = slapos.cookbook:dropbear.add_authorized_key
key = $${slap-parameter:user-authorized-key}
#---------------------------
#--
#-- Set nginx frontend
[tempdirectory]
recipe = slapos.cookbook:mkdirectory
client_body_temp_path = $${directory:tmp}/client_body_temp_path
proxy_temp_path = $${directory:tmp}/proxy_temp_path
fastcgi_temp_path = $${directory:tmp}/fastcgi_temp_path
uwsgi_temp_path = $${directory:tmp}/uwsgi_temp_path
scgi_temp_path = $${directory:tmp}/scgi_temp_path
[nginx-frontend]
# Options
nb_workers = 2
# Network
local-ip = $${slap-network-information:local-ipv4}
port = 30001
global-ip = $${slap-network-information:global-ipv6}
global-port = $${slaprunner:runner_port}
# Backend
runner-ip = $${slaprunner:ipv4}
runner-port = $${slaprunner:runner_port}
# SSL
ssl-certificate = $${ca-nginx:cert-file}
ssl-key = $${ca-nginx:key-file}
# Log
path_pid = $${directory:run}/nginx.pid
path_log = $${directory:log}/nginx.log
path_access_log = $${directory:log}/nginx.access.log
path_error_log = $${directory:log}/nginx.error.log
path_tmp = $${directory:tmp}/
# Config files
path_nginx_conf = $${directory:etc}/nginx.conf
# Executables
bin_nginx = ${nginx-webdav:location}/sbin/nginx
bin_launcher = $${directory:bin}/launcher
# Utils
path_shell = ${dash:location}/bin/dash
# Misc.
etc_dir = $${directory:etc}
work_dir = $${slaprunner:working-directory}
[nginx_conf]
recipe = slapos.recipe.template:jinja2
template = ${template_nginx_conf:location}/${template_nginx_conf:filename}
rendered = $${nginx-frontend:path_nginx_conf}
context =
key shellinabox_port shellinabox:port
key socket gunicorn:socket
section param_nginx_frontend nginx-frontend
section param_tempdir tempdirectory
[nginx-launcher]
recipe = slapos.recipe.template:jinja2
template = ${template_launcher:location}/${template_launcher:filename}
rendered = $${nginx-frontend:bin_launcher}
mode = 700
context =
section param_nginx_frontend nginx-frontend
[httpd-parameters]
path_pid = $${directory:run}/httpd.pid
path_error_log = $${directory:log}/httpd-error.log
path_access_log = $${directory:log}/httpd-access.log
key_file = $${ca-httpd:key-file}
cert_file = $${ca-httpd:cert-file}
global_ip = $${slap-network-information:global-ipv6}
global_port = $${slaprunner:runner_port}
monitor_port = $${monitor-parameters:port}
monitor_index = $${deploy-index:rendered}
working_directory = $${slaprunner:working-directory}
dav_lock = $${directory:var}/DavLock
etc_dir = $${directory:etc}
var_dir = $${directory:var}
project_folder = $${directory:project}
runner_home = $${runnerdirectory:home}
git_http_backend = ${git:location}/libexec/git-core/git-http-backend
cgi_httpd_conf = $${monitor-httpd-configuration-file:rendered}
[httpd-conf]
recipe = slapos.recipe.template:jinja2
template = ${template_httpd_conf:location}/${template_httpd_conf:filename}
rendered = $${directory:etc}/httpd.conf
context =
section parameters httpd-parameters
[cgi-httpd-wrapper]
recipe = slapos.cookbook:wrapper
apache-executable = ${apache:location}/bin/httpd
wrapper-path = $${ca-httpd:executable}
command-line = $${:apache-executable} -f $${httpd-conf:rendered} -DFOREGROUND
#--------------------
#--
#-- WSGI
[gunicorn]
bin_gunicorn = $${directory:bin}/gunicorn
bin_launcher = $${directory:services}/gunicorn
path_shell = ${dash:location}/bin/dash
socket = $${directory:tmp}/flaskserver.sock
path_pid = $${directory:run}/gunicorn.pid
[gunicorn-launcher]
recipe = slapos.cookbook:wrapper
command-line = $${gunicorn:bin_gunicorn} slapos.runner:app -p $${gunicorn:path_pid} -b unix:$${gunicorn:socket} -e RUNNER_CONFIG=$${slaprunner:slapos.cfg} --error-logfile $${directory:log}/$${:error-log-file} --log-level error --preload
error-log-file = gunicorn-error.log
wrapper-path = $${gunicorn:bin_launcher}
environment = PATH=$${environ:PATH}:${git:location}/bin/
RUNNER_CONFIG=$${slaprunner:slapos.cfg}
[gunicorn-graceful]
recipe = slapos.cookbook:wrapper
command-line = $${directory:bin}/killpidfromfile $${gunicorn:path_pid} SIGHUP
wrapper-path = $${directory:scripts}/gunicorn-graceful
#--------------------
#--
#-- ssl certificates
[certificate-authority]
recipe = slapos.cookbook:certificate_authority
openssl-binary = ${openssl:location}/bin/openssl
ca-dir = $${directory:ca-dir}
requests-directory = $${cadirectory:requests}
wrapper = $${directory:services}/certificate_authority
ca-private = $${cadirectory:private}
ca-certs = $${cadirectory:certs}
ca-newcerts = $${cadirectory:newcerts}
ca-crl = $${cadirectory:crl}
[cadirectory]
recipe = slapos.cookbook:mkdirectory
requests = $${directory:ca-dir}/requests/
private = $${directory:ca-dir}/private/
certs = $${directory:ca-dir}/certs/
newcerts = $${directory:ca-dir}/newcerts/
crl = $${directory:ca-dir}/crl/
[ca-nginx]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
key-file = $${cadirectory:certs}/nginx_frontend.key
cert-file = $${cadirectory:certs}/nginx_frontend.crt
executable = $${nginx-launcher:rendered}
wrapper = $${directory:services}/nginx-frontend
# Put domain name
name = example.com
[ca-shellinabox]
<= certificate-authority
recipe = slapos.cookbook:certificate_authority.request
executable = $${shellinabox:wrapper}
wrapper = $${directory:services}/shellinaboxd
key-file = $${cadirectory:certs}/shellinabox.key
cert-file = $${cadirectory:certs}/shellinabox.crt
#--------------------
#--
#-- Request frontend
[request-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = SlapRunner Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config = url domain
config-url = $${slaprunner:access-url}
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
[monitor-frontend]
<= slap-connection
recipe = slapos.cookbook:requestoptional
name = Monitor Frontend
# XXX We have hardcoded SR URL here.
software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
slave = true
config = url domain
config-url = https://[$${monitor-httpd-configuration:listening-ip}]:$${monitor-parameters:port}
config-domain = $${slap-parameter:frontend-domain}
return = site_url domain
#--------------------------------------
#--
#-- Send informations to SlapOS Master
[publish-connection-informations]
recipe = slapos.cookbook:publish
1_info = On your first run, Use "access_url" to setup you account. Then you can use both "url" or "access_url". Or "backend_url" if you want to use ipv6. Set up your account in the webrunner in order to use webdav, and being able to clone your git repositories from the runner.
2_info = In order to set up your account, get the recovery-code from the monitoring interface. Before read the notification on monitor_info.
backend_url = $${slaprunner:access-url}
access_url = $${:url}/login
url = https://$${request-frontend:connection-domain}
ssh_command = ssh $${dropbear-runner-server:host} -p $${dropbear-runner-server:port}
monitor_url = https://$${monitor-frontend:connection-domain}
webdav_url = $${:monitor_url}/share/
public_url = $${:monitor_url}/public/
git_public_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:monitor_port}/git-public/
git_private_url = https://[$${httpd-parameters:global_ip}]:$${httpd-parameters:monitor_port}/git/
#---------------------------
#--
#-- Deploy promises scripts
[slaprunner-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/slaprunner
hostname = $${slaprunner:ipv6}
port = $${slaprunner:runner_port}
[slaprunner-frontend-promise]
recipe = slapos.cookbook:check_url_available
path = $${directory:promises}/slaprunner_frontend
url = https://$${request-frontend:connection-domain}/login
dash_path = ${dash:location}/bin/dash
curl_path = ${curl:location}/bin/curl
[dropbear-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/dropbear
hostname = $${dropbear-runner-server:host}
port = $${dropbear-runner-server:port}
[shellinabox-promise]
recipe = slapos.cookbook:check_port_listening
path = $${directory:promises}/shellinabox
hostname = $${shellinabox:ipv6}
port = $${shellinabox:port}
[symlinks]
recipe = cns.recipe.symlink
symlink_target = $${directory:bin}
symlink_base = ${buildout:directory}/bin
[slap-parameter]
# Default value if no ssh key is specified
user-authorized-key =
# Default value of instances number in slaprunner
instance-amount = 10
debug = false
frontend-domain =
slapos-repository = http://git.erp5.org/repos/slapos.git
slapos-software =
slapos-software-type =
slapos-reference = master
auto-deploy = false
auto-deploy-instance = true
autorun = false
monitor-port = 9684
[monitor-parameters]
port = $${slap-parameter:monitor-port}
[slapos-cfg]
recipe = slapos.recipe.template:jinja2
template = ${template-slapos-cfg:location}/${template-slapos-cfg:filename}
rendered = $${slaprunner:slapos.cfg}
mode = 700
context =
section slaprunner slaprunner
[slapos-test-cfg]
recipe = slapos.recipe.template:jinja2
template = ${template-slapos-cfg:location}/${template-slapos-cfg:filename}
rendered = $${test-runner:slapos.cfg}
mode = 700
context =
section slaprunner test-runner
[shellinabox]
recipe = slapos.cookbook:shellinabox
ipv6 = $${slap-network-information:global-ipv6}
port = 8949
shell = $${shell:wrapper}
wrapper = $${directory:bin}/shellinaboxd
shellinabox-binary = ${shellinabox:location}/bin/shellinaboxd
password = $${zero-parameters:shell-password}
directory = $${runnerdirectory:home}
login-shell = $${directory:bin}/login
certificate-directory = $${cadirectory:certs}
cert-file = $${ca-shellinabox:cert-file}
key-file = $${ca-shellinabox:key-file}
[shellinabox-code]
recipe = slapos.cookbook:generate.password
storage-path = $${directory:etc}/.scode
bytes = 8
[shell]
recipe = slapos.cookbook:shell
wrapper = $${directory:bin}/sh
shell = ${bash:location}/bin/bash
home = $${runnerdirectory:home}
path = $${environ:PATH}:${nano:location}/bin:${vim:location}/bin:${screen:location}/bin:${git:location}/bin
ps1 = "\\w> "
[environ]
recipe = collective.recipe.environment
[slapos-repo]
recipe = slapos.recipe.build:gitclone
repository = $${slap-parameter:slapos-repository}
git-executable = ${git:location}/bin/git
develop = true
location = $${directory:project}/slapos
[slapos-repo-config]
recipe = plone.recipe.command
stop-on-error = true
command = cd $${slapos-repo:location} && ${git:location}/bin/git checkout $${slap-parameter:slapos-reference} && SR=$${slap-parameter:slapos-software} && if [ -n "$SR" ] && [ ! -f "$${directory:etc}/.project" ]; then echo workspace/slapos/$${slap-parameter:slapos-software}/ > $${directory:etc}/.project; fi
update-command = true
[prepare-software]
recipe = slapos.cookbook:wrapper
command-line = ${curl:location}/bin/curl -g https://[$${slaprunner:ipv6}]:$${slaprunner:runner_port}/isSRReady --max-time 1 --insecure
wrapper-path = $${directory:scripts}/prepareSoftware
[cron-entry-prepare-software]
<= cron
recipe = slapos.cookbook:cron.d
name = prepare-software
frequency = */2 * * * *
command = $${prepare-software:wrapper-path}
[instance-parameters]
recipe = slapos.recipe.template:jinja2
extensions = jinja2.ext.do
template = ${parameters-template:location}/${parameters-template:filename}
rendered = $${directory:etc}/.parameter.xml.default
mode = 0644
context =
key slapparameter_dict slap-configuration:configuration
[deploy-instance-parameters]
recipe = plone.recipe.command
stop-on-error = true
parameter-xml = $${directory:etc}/.parameter.xml
command = if [ ! -f $${:parameter-xml} ]; then cp $${instance-parameters:rendered} $${:parameter-xml}; fi
[instance-software-type]
recipe = plone.recipe.command
stop-on-error = true
# XXX It should not be named with .xml as it is not xml
software-type-path = $${directory:etc}/.software_type.xml
command = if [ ! -f $${:software-type-path} -a "$${slap-parameter:slapos-software-type}" != "" ]; then echo "$${slap-parameter:slapos-software-type}" > $${:software-type-path}; fi
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
[public]
shell-password = $${shellinabox-code:passwd}
recovery-code = $${recovery-code:passwd}
[zero-parameters]
[minishell-cwd]
recipe = plone.recipe.command
command = if [ ! -f $${slaprunner:minishell_cwd_file} ]; then echo $${runnerdirectory:home} > $${slaprunner:minishell_cwd_file}; fi
location = $${slaprunner:minishell_cwd_file}
stop-on-error = true
[monitor-current-log-access]
< = monitor-directory-access
source = $${directory:log}
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/instance.cfg0000664 0000000 0000000 00000005117 12375063332 0032227 0 ustar 00root root 0000000 0000000 [buildout]
parts =
switch_softwaretype
eggs-directory = ${buildout:eggs-directory}
develop-eggs-directory = ${buildout:develop-eggs-directory}
[switch_softwaretype]
recipe = slapos.cookbook:softwaretype
default = $${instance-base-runner:rendered}
resilient = $${instance-resilient:rendered}
test = $${instance-resilient-test:rendered}
runner = $${instance-base-runner:rendered}
runner-import = ${instance-runner-import:output}
runner-export = ${instance-runner-export:output}
frozen = ${instance-frozen:output}
pull-backup = ${template-pull-backup:output}
[instance-base-runner]
recipe = slapos.recipe.template:jinja2
template = ${template-runner:output}
rendered = $${buildout:directory}/template-runner.cfg
extensions = jinja2.ext.do
context = key buildout buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
raw curl_executable_location ${curl:location}/bin/curl
raw dash_executable_location ${dash:location}/bin/dash
raw dcron_executable_location ${dcron:location}/sbin/crond
mode = 0644
[instance-resilient]
recipe = slapos.recipe.template:jinja2
template = ${template-resilient:target}
rendered = $${buildout:directory}/instance-resilient.cfg
extensions = jinja2.ext.do
context = key buildout buildout:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
template-parts-destination = ${template-parts:destination}
template-replicated-destination = ${template-replicated:destination}
import-list = file parts :template-parts-destination
file replicated :template-replicated-destination
mode = 0644
[instance-resilient-test]
recipe = slapos.recipe.template:jinja2
template = ${template-resilient-test:location}/instance-resilient-test.cfg.jinja2
rendered = $${buildout:directory}/template-resilient-test.cfg
bin-directory = ${buildout:bin-directory}
context =
key bin_directory instance-resilient-test:bin-directory
key develop_eggs_directory buildout:develop-eggs-directory
key eggs_directory buildout:eggs-directory
key slapparameter_dict slap-configuration:configuration
mode = 0644
[slap-configuration]
recipe = slapos.cookbook:slapconfiguration.serialised
computer = $${slap-connection:computer-id}
partition = $${slap-connection:partition-id}
url = $${slap-connection:server-url}
key = $${slap-connection:key-file}
cert = $${slap-connection:cert-file}
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/launcher.in 0000664 0000000 0000000 00000000362 12375063332 0032070 0 ustar 00root root 0000000 0000000 #! {{ param_nginx_frontend['path_shell'] }}
# BEWARE: This file is operated by slapgrid
# BEWARE: It will be overwritten automatically
# Run nginx
exec {{ param_nginx_frontend['bin_nginx'] }} -c {{ param_nginx_frontend['path_nginx_conf'] }}
nginx_conf.in 0000664 0000000 0000000 00000005574 12375063332 0032352 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner worker_processes {{ param_nginx_frontend['nb_workers'] }};
pid {{ param_nginx_frontend['path_pid'] }};
error_log {{ param_nginx_frontend['path_error_log'] }};
daemon off;
events {
worker_connections 1024;
accept_mutex off;
}
http {
default_type application/octet-stream;
access_log {{ param_nginx_frontend['path_access_log'] }} combined;
client_max_body_size 10M;
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
listen [{{ param_nginx_frontend['global-ip'] }}]:{{ param_nginx_frontend['global-port'] }} ssl;
server_name _;
ssl_certificate {{ param_nginx_frontend['ssl-certificate'] }};
ssl_certificate_key {{ param_nginx_frontend['ssl-key'] }};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 90s;
client_body_temp_path {{ param_tempdir['client_body_temp_path'] }};
proxy_temp_path {{ param_tempdir['proxy_temp_path'] }};
fastcgi_temp_path {{ param_tempdir['fastcgi_temp_path'] }};
uwsgi_temp_path {{ param_tempdir['uwsgi_temp_path'] }};
scgi_temp_path {{ param_tempdir['scgi_temp_path'] }};
error_page 401 /login;
location / {
auth_basic "Restricted";
auth_basic_user_file {{ param_nginx_frontend['etc_dir'] }}/.htpasswd;
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Accel-Mapping /private/;
proxy_pass http://unix:{{ socket }};
}
location ~ ^(/login|/doLogin|/static|/setAccount|/configAccount|/slapgridResult|/isSRReady) {
proxy_redirect off;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Accel-Mapping /private/;
proxy_pass http://unix:{{ socket }};
}
location /shellinabox {
proxy_pass http://[{{ param_nginx_frontend['global-ip'] }}]:{{ shellinabox_port }}/;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
auth_basic "Restricted";
auth_basic_user_file {{ param_nginx_frontend['etc_dir'] }}/.htpasswd;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $http_host;
}
}
}
parameters.xml.in 0000664 0000000 0000000 00000001102 12375063332 0033143 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner {% set inst_parameter_dict = {} -%}
{% if slapparameter_dict is defined -%}
{% for key in slapparameter_dict.keys() -%}
{% if key.startswith('parameter-') -%}
{% do inst_parameter_dict.__setitem__(key[10:], slapparameter_dict.pop(key)) -%}
{% endif -%}
{% endfor -%}
{% endif -%}
{% if slapparameter_dict is defined %}
{% for parameter_name in inst_parameter_dict.keys() %}
{{ inst_parameter_dict[parameter_name] }}
{% endfor %}
{% endif %}
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/schema.json 0000664 0000000 0000000 00000013312 12375063332 0032071 0 ustar 00root root 0000000 0000000 {
"$schema": "http://json-schema.org/draft-04/schema#",
"properties": {
"user-authorized-key": {
"description" : "SSH public key in order to connect to the SSH server of this runner instance",
"type": "string"
},
"instance-amount": {
"description": "number of slappart to deploy inside the runner. Needs instance to be restarted.",
"type": "integer",
"default": 10
},
"slapos-software": {
"description": "a relative path from the slapos git repo to a folder containing a software release, which will be automaticaly deployed while the runner instanciation, and only if the parameter auto-deploy is set to 'true'. For example: 'software/helloworld",
"type": "string"
},
"auto-deploy": { "description": "authorizes the software declared with 'slapos-software' to be automatically deployed, or not. Needs instance to be restarted.",
"type": "boolean",
"default": "false"
},
"slapos-repository": {
"description": "url of the default git repository that will be download by the runner while its instanciation. Will be cloned in a directory named 'slapos'",
"type": "string",
"default": "http://git.erp5.org/repos/slapos.git"
},
"slapos-reference": {
"description": "commit reference on which the default repository will checkout",
"type": "string",
"default": "master"
},
"auto-deploy-instance": {
"description": "prevent the runner from deploying and starting instances. Needs instance to be restarted.",
"type": "boolean",
"default": "true, but is set to false for instances of type 'import' in resiliency"
},
"autorun": {
"description": "let automaticaly build and run a declared software with 'slapos-software'. Only works if 'slapos-software' is set, and 'auto-deploy' is true. Needs instance to be restarted.",
"type": "boolean",
"default": "false"
},
"slapos-software-type": {
"description": "Software type of your instance inside the runner",
"type": "string"
},
"parameter-*": {
"description": "'*' is a parameter which will be used to configure the instance inside the runner.",
"type": "string"
},
"custom-frontend-backend-url": {
"description": "return an ipv4 frontend of the given ipv6(+optional port)",
"type": "string"
},
"custom-frontend-backend-type": {
"description": "The type of the frontend slave instance to ask",
"type": "string"
},
"custom-frontend-basic-auth": {
"description": "if the ip given with 'custom-frontend-backend-url' is secure, set it to true for the promise do not fail",
"type": "boolean",
"default": "false"
},
"custom-frontend-instance-guid": {
"description": "Instance guid of the frontend you whish to use",
"type": "string",
"default": "none"
},
"custom-frontend-software-type": {
"description": "SoftwareType of the frontend you request",
"default": "RootSoftwareInstance",
"type": "string"
},
"custom-frontend-software-url": {
"description": "Software Url of the frontend you request",
"default": "http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg"
"type": "string"
},
"monitor-port": {
"description": "allow to manually change the port on wich the apache server running monitoring interface is listening. The default value for the webrunner is different from the default value of the standalone stack-monitor server",
"type": "integer",
"default": 9684
}
"resilient-clone-number": {
"description": "is the number of clones to be deployed when a resilient runner is ordered. Its value can be 1 or 2",
"type": "integer",
"default" : 1
}
}
}
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/software.cfg0000664 0000000 0000000 00000001750 12375063332 0032254 0 ustar 00root root 0000000 0000000 # Production profile of slaprunner.
# Exactly the same as common.cfg, but:
# 1/ Use a defined set of Python eggs instead of using the latest available
# ones from Pypi, to ensure stability;
# 2/ Define list of trusted certificates for the cache.
[buildout]
extends = common.cfg
[versions]
Flask-Auth = 0.85
PyRSS2Gen = 1.1
apache-libcloud = 0.15.1
async = 0.6.1
cns.recipe.symlink = 0.2.3
collective.recipe.environment = 0.2.0
collective.recipe.template = 1.11
erp5.util = 0.4.41
gitdb = 0.5.4
gunicorn = 19.1.0
plone.recipe.command = 1.1
pycrypto = 2.6.1
rdiff-backup = 1.0.5
slapos.recipe.build = 0.12
slapos.recipe.download = 1.0.dev-r4053
slapos.toolbox = 0.39.3
smmap = 0.8.2
z3c.recipe.scripts = 1.0.1
# Required by:
# slapos.toolbox==0.39.3
GitPython = 0.3.2.RC1
# Required by:
# slapos.toolbox==0.39.3
atomize = 0.2.0
# Required by:
# paramiko==1.14.0
ecdsa = 0.11
# Required by:
# slapos.toolbox==0.39.3
feedparser = 5.1.3
# Required by:
# slapos.toolbox==0.39.3
paramiko = 1.14.0
slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/template/ 0000775 0000000 0000000 00000000000 12375063332 0031551 5 ustar 00root root 0000000 0000000 runner-export.sh.jinja2 0000664 0000000 0000000 00000001371 12375063332 0036034 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/template #!{{ shell_binary }}
LANG=en_US
export $LANG
umask 077
sync_element () {
path=$1
backup_path=$2
shift 2
element_list=$*
for element in $element_list
do
cd $path;
if [ -f $element ] || [ -d $element ]; then
{{ rsync_binary }} -avz --safe-links --delete $element $backup_path;
fi
done
}
sync_element {{ directory['srv'] }}/runner {{ directory['backup'] }}/runner/ instance project proxy.db
# We sync .* appart
date +%s -u > {{ directory['etc'] }}/.resilient-timestamp
cp -r {{ directory['etc'] }}/.??* {{ directory['backup'] }}/etc/
sync_element {{ directory['etc'] }} {{ directory['backup'] }}/etc/ config.json ssh
if [ -d {{ directory['backup'] }}/runner/software ]; then
rm {{ directory['backup'] }}/runner/software/*
fi
runner-import.sh.jinja2 0000664 0000000 0000000 00000001213 12375063332 0036020 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/template #!{{ shell_binary }}
umask 077
restore_element () {
backup_path=$1
restore_path=$2
shift 2
element_list=$*
for element in $element_list
do
cd $backup_path;
if [ -f $element ] || [ -d $element ]; then
{{ rsync_binary }} -avz --delete $backup_path/$element $restore_path;
fi
done
}
restore_element {{ directory['backup'] }}/runner/ {{ directory['srv'] }}/runner instance project proxy.db
restore_element {{ directory['backup'] }}/etc/ {{ directory['etc'] }} config.json ssh
cp -r {{ directory['backup'] }}/etc/.??* {{ directory['etc'] }};
{{ curl_binary }} --insecure -vg6L --max-time 5 {{ backend_url }}/isSRReady;
slapos.cfg.in 0000664 0000000 0000000 00000003340 12375063332 0034061 0 ustar 00root root 0000000 0000000 slapos-77db41ff11f884f0c8bb6d046b150771bb583869-software-slaprunner/software/slaprunner/template [slapos]
software_root = {{ slaprunner['software_root'] }}
instance_root = {{ slaprunner['instance_root'] }}
master_url = http://{{ slaprunner['ipv4'] }}:{{ slaprunner['proxy_port'] }}
computer_id = slaprunner
maximal_delay = 0
root_check = {{ slaprunner['root_check'] }}
[slapformat]
partition_amount = {{ slaprunner['partition-amount'] }}
[slaprunner]
slapos = {{ slaprunner['slapos'] }}
slapos_cfg = {{ slaprunner['slapos.cfg'] }}
slapproxy = {{ slaprunner['slapproxy'] }}
supervisor = {{ slaprunner['supervisor'] }}
supervisord_config = {{ slaprunner['supervisord_config'] }}
runner_workdir = {{ slaprunner['working-directory'] }}
runner_host = {{ slaprunner['ipv4'] }}
runner_port = {{ slaprunner['runner_port'] }}
instance_monitoring_url = {{ slaprunner['instance-monitor-url'] }}
ipv4_address = {{ slaprunner['ipv4'] }}
ipv6_address = {{ slaprunner['ipv6'] }}
etc_dir = {{ slaprunner['etc_dir'] }}
run_dir = {{ slaprunner['run_dir'] }}
log_dir = {{ slaprunner['log_dir'] }}
console = {{ slaprunner['console'] }}
verbose = {{ slaprunner['verbose'] }}
debug = {{ slaprunner['debug'] }}
auto_deploy = {{ slaprunner['auto_deploy'] }}
auto_deploy_instance = {{ slaprunner['auto_deploy_instance'] }}
autorun = {{ slaprunner['autorun'] }}
knowledge0_cfg = {{ slaprunner['knowledge0_file'] }}
minishell_cwd_file = {{ slaprunner['minishell_cwd_file'] }}
minishell_history_file = {{ slaprunner['minishell_history_file'] }}
[slapproxy]
host = {{ slaprunner['ipv4'] }}
port = {{ slaprunner['proxy_port'] }}
database_uri = {{ slaprunner['proxy_database'] }}
[sshkeys_authority]
ssh_client = {{ slaprunner['ssh_client'] }}
public_key = {{ slaprunner['public_key'] }}
private_key = {{ slaprunner['private_key'] }}
[gitclient]
git = {{ slaprunner['git-binary'] }}