Merge branch 'develop' into dist/risotto/risotto-2.8.0/develop

This commit is contained in:
Emmanuel Garette 2020-09-16 08:16:03 +02:00
commit 4133c90b19
6 changed files with 120 additions and 177 deletions

View File

@ -1,174 +1,120 @@
#!/usr/bin/env bash #!/usr/bin/env bash
set -xe
# Configuration #=======================================================================================================
# -> base (cadoles' servermodel) # Import Cadoles seed
# |-> cluster (servermodel) #=======================================================================================================
# | '-> node1.cadoles.com (server)
# |
# |-> aca (servermodel) + unbound (AS) + openssh (AS)
# | '-> etab1 (servermodel) -------------------,
# | |
# '-> fedora-32 (cadoles' servermodel) |
# '-> unbound (servermodel) + unbound (AS) --|
# '-> unbound_etab1 (servermodel)
# '-> dns.cadoles.com (server)
# Site and zone cucchiaiata-cli v1.setting.source.create --source_name cadoles --source_directory /srv/risotto/seed/cadoles
#=======================================================================================================
# Infrastructure
#=======================================================================================================
# Create a new user and set role 'server_rw' for the server dns.cadoles.com
cucchiaiata-cli v1.user.user.create --user_login gnunux --user_name gnunux --user_surname gnunux
cucchiaiata-cli v1.user.role.create --user_login gnunux --role_name 'server_rw' --role_attribute 'Server.ServerName' --role_attribute_value dns.cadoles.com
# Sites and zone
# + = = = = = = = = = = = = = = = = = = = = = = = + # + = = = = = = = = = = = = = = = = = = = = = = = +
# " SITE cluster " # " SITE site_cluster "
# " "
# " +-------------------+ " # " +-------------------+ "
# " | node1.cadoles.com | "-----------+ # " | node1.cadoles.com | "-----------+
# " | | " | # " +-------------------+ " +~~~~~~~~+
# " +-------------------+ " |
# " " +~~~~~~~~+
# + = = = = = = = = = = = = = = = = = = = = = = = + ! ZONE ! # + = = = = = = = = = = = = = = = = = = = = = = = + ! ZONE !
# ! pedago ! # ! pedago !
# + = = = = = = = = = = = = = = = = = = = = = = = + +~~~~~~~~+ # + = = = = = = = = = = = = = = = = = = = = = = = + +~~~~~~~~+
# " SITE etab1 " | # " SITE etab1 " |
# " +-----------------+ " | # " +-----------------+ "-----------+
# " | dns.cadoles.com | "-----------+ # " | dns.cadoles.com | "
# " | | "
# " +-----------------+ " # " +-----------------+ "
# " "
# + = = = = = = = = = = = = = = = = = = = = = = = + # + = = = = = = = = = = = = = = = = = = = = = = = +
# cucchiaiata-cli v1.infra.site.create --site_name site_cluster
cucchiaiata-cli v1.infra.site.create --site_name etab1
# Zone
cucchiaiata-cli v1.infra.zone.create --zone_name pedago --sites_name etab1 site_cluster --network "192.168.1.0/24" --host_start "192.168.1.10" --host_end "192.168.1.100" --dns 192.168.1.1 --gateway 192.168.1.254
# Servermodels
# -> base-fedora-32 (cadoles' servermodel)
# |-> sm_cluster (servermodel)
# | '-> node1.cadoles.com (server)
# |
# |-> aca (servermodel) + unbound (AS) + openssh (AS)
# | '-> etab1 (servermodel) -----------------,
# | |--> unbound_etab1 (servermodel)
# '-> unbound (servermodel) + unbound (AS) --' '-> dns.cadoles.com (server)
## sm_cluster
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name sm_cluster --applicationservices base-fedora-32
## ACA
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name aca --applicationservices unbound openssh
## etab1
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name etab1 --parents_name aca
## unbound
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound --applicationservices unbound
## unbound_etab1
cucchiaiata-cli v1.setting.servermodel.create --servermodel_name unbound_etab1 --parents_name etab1 unbound
# Servers
cucchiaiata-cli v1.infra.server.create --server_name node1.cadoles.com --servermodel_name sm_cluster --site_name site_cluster --zones_name pedago
cucchiaiata-cli v1.infra.server.create --server_name dns.cadoles.com --servermodel_name unbound_etab1 --site_name etab1 --zones_name pedago
# Create a cluster
cucchiaiata-cli v1.provider.factory.cluster.create --cluster_name cluster.cadoles.com --virtual_ip 192.168.1.1 --zone_name pedago
# Cluster description: # Cluster description:
# +-----------------------------+ # +-----------------------------+
# + cluster.cadoles.com + # + cluster.cadoles.com +
# + +
# + +--------------------+ + # + +--------------------+ +
# + + node1.cadoles.com + + # + + node1.cadoles.com + +
# + + + +
# + + + +
# + +--------------------+ + # + +--------------------+ +
# + +
# +-----------------------------+ # +-----------------------------+
cucchiaiata-cli v1.provider.factory.cluster.join --cluster_name cluster.cadoles.com --node_name node1.cadoles.com
# Cluster execution: # Cluster execution:
# +-----------------------------+ # +-----------------------------+
# + cluster.cadoles.com + # + cluster.cadoles.com +
# + +
# + +--------------------+ + # + +--------------------+ +
# + + dns.cadoles.com + + # + + dns.cadoles.com + +
# + + + +
# + + + +
# + +--------------------+ + # + +--------------------+ +
# + +
# +-----------------------------+ # +-----------------------------+
cucchiaiata-cli v1.provider.factory.server.add --server dns.cadoles.com --cluster_name cluster.cadoles.com --cpu 0.2 --vcpu 2 --memory 2
set -xe #=======================================================================================================
# Configuration
#=======================================================================================================
verif() { # Servermodel ACA
i=0 S=$(cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name aca| jq -r .session_id)
argv=("$@") cucchiaiata-cli v1.setting.session.servermodel.configure --session_id "$S" --configuration.reseau.unbound_route_address 192.168.1.2 \
for V in configuration.reseau.unbound_route_address configuration.reseau.unbound_domain_name configuration.serveur_dns.unbound_local_zones configuration.reseau.unbound_ip_address_cidr; do --configuration.serveur_dns.unbound_allowed_client_cidr 192.168.1.0/24 \
i=$((i+1)) --configuration.serveur_ssh.ssh_allow_networks admin.cadoles.com
R=$(cucchiaiata-cli "setting.session.$1.get" -s "$S" -n "$V" | jq -Mcr .content[]) cucchiaiata-cli v1.setting.session.servermodel.stop --session_id "$S" --save
[ "$R" = "${argv[i]}" ]
done
}
# Import Cadoles seed # Servermodel etab1
cucchiaiata-cli setting.source.create -o cadoles -d /srv/risotto/seed/cadoles S=$(cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name etab1 | jq -r .session_id)
cucchiaiata-cli v1.setting.session.servermodel.configure --session_id "$S" --configuration.reseau.unbound_domain_name dns.cadoles.com
cucchiaiata-cli v1.setting.session.servermodel.stop --session_id "$S" --save
# Create a new user and set role 'server_rw' for the server dns.cadoles.com # Servermodel unbound
cucchiaiata-cli user.user.create -u gnunux -n gnunux -s gnunux S=$(cucchiaiata-cli v1.setting.session.servermodel.start --servermodel_name unbound| jq -r .session_id)
cucchiaiata-cli user.role.create -u gnunux -o 'server_rw' -a 'Server.ServerName' -v dns.cadoles.com cucchiaiata-cli v1.setting.session.servermodel.configure --session_id "$S" --configuration.serveur_dns.unbound_local_zones cadoles.com
cucchiaiata-cli v1.setting.session.servermodel.filter --session_id "$S" --namespace unbound
cucchiaiata-cli v1.setting.session.servermodel.configure --session_id "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi \
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.1.25 \
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME \
--unbound.unbound_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
cucchiaiata-cli v1.setting.session.servermodel.stop --session_id "$S" --save
# Heritage # Server dns.cadoles.com
## ACA S=$(cucchiaiata-cli v1.setting.session.server.start --server dns.cadoles.com | jq -r .session_id)
cucchiaiata-cli setting.servermodel.create -m aca -d Aca -p base -o cadoles -e last cucchiaiata-cli v1.setting.session.server.configure --session_id "$S" --configuration.reseau.unbound_ip_address_cidr 192.168.1.1/24
cucchiaiata-cli setting.servermodel.dependency.add -m aca -a unbound -o cadoles -e last cucchiaiata-cli v1.setting.session.server.validate --session_id $S
cucchiaiata-cli v1.setting.session.server.stop --session_id "$S" --save
S=$(cucchiaiata-cli setting.session.servermodel.start -m aca -e last| jq -r .session_id)
verif servermodel null null [] null
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.reseau.unbound_route_address 192.168.1.2
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.serveur_dns.unbound_allowed_client_cidr 192.168.1.0/24
verif servermodel 192.168.1.2 null [] null
cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a
## etab1
cucchiaiata-cli setting.servermodel.create -m etab1 -d "Etab 1" -p aca -o internal -e last
S=$(cucchiaiata-cli setting.session.servermodel.start -m etab1 -e last| jq -r .session_id)
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.reseau.unbound_domain_name dns.cadoles.com
verif servermodel 192.168.1.2 dns.cadoles.com [] null
cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a
## unbound
cucchiaiata-cli setting.servermodel.create -m unbound -d "generic unbound configuration" -p fedora-32 -o cadoles -e last
cucchiaiata-cli setting.servermodel.dependency.add -m unbound -a unbound -o cadoles -e last
S=$(cucchiaiata-cli setting.session.servermodel.start -m unbound -e last| jq -r .session_id)
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.serveur_dns.unbound_local_zones cadoles.com
cucchiaiata-cli setting.session.servermodel.filter -s "$S" -n unbound
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.hostname_cadoles_com toto titi
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.ip_cadoles_com 0 192.168.1.25
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.type_cadoles_com 1 CNAME
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --unbound.unbound_zone_cadoles_com.hostname_cadoles_com.cname_cadoles_com 1 toto.cadoles.com
cucchiaiata-cli setting.session.servermodel.filter -s "$S" -n configuration
verif servermodel null null '["cadoles.com"]' null
cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a
## unbound_etab1
cucchiaiata-cli setting.servermodel.create -m unbound_etab1 -d "unbound configuration for etab1" -p etab1 unbound -o internal -e last
S=$(cucchiaiata-cli setting.session.servermodel.start -m unbound_etab1 -e last | jq -r .session_id)
verif servermodel 192.168.1.2 dns.cadoles.com '["cadoles.com"]' null
cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a
# Create sites and zone
cucchiaiata-cli infra.site.create -i cluster -d "Cluster"
cucchiaiata-cli infra.site.create -i etab1 -d "Etab 1"
cucchiaiata-cli infra.zone.create -z pedago -d "Pedago" -s etab1 cluster -n "192.168.1.0/24" -t "192.168.1.10" -e "192.168.1.100" -q 192.168.1.1 -g 192.168.1.254
# Create a servermodel for node in cluster and a server "node1"
cucchiaiata-cli setting.servermodel.create -m cluster -d "Node in the cluster" -p base -o cadoles -e last
cucchiaiata-cli infra.server.create -s node1.cadoles.com -d node1 -m cluster -e last -i cluster -z pedago
# Create a new server "dns"
cucchiaiata-cli infra.server.create -s dns.cadoles.com -d description -m unbound_etab1 -e last -i etab1 -z pedago
# Create a cluster with one node and one VM
cucchiaiata-cli provider.factory.cluster.create -c cluster.cadoles.com -d toto -v 192.168.1.1 -z pedago
cucchiaiata-cli provider.factory.cluster.join -c cluster.cadoles.com -n node1.cadoles.com
cucchiaiata-cli provider.factory.server.add -s dns.cadoles.com -c cluster.cadoles.com -p 0.2 -v 2 -m 2
# Configure server
S=$(cucchiaiata-cli setting.session.server.start -s dns.cadoles.com | jq -r .session_id)
cucchiaiata-cli setting.session.server.configure -s "$S" --configuration.reseau.unbound_ip_address_cidr 192.168.1.1/24
cucchiaiata-cli setting.session.server.validate -s $S
verif server 192.168.1.2 dns.cadoles.com '["cadoles.com"]' 192.168.1.1/24
cucchiaiata-cli setting.session.server.stop -s "$S" -a
# Generate configuration # Generate configuration
cucchiaiata-cli setting.config.configuration.server.deploy -s dns.cadoles.com cucchiaiata-cli v1.setting.config.configuration.server.deploy --server dns.cadoles.com
cucchiaiata-cli setting.template.generate -s dns.cadoles.com cucchiaiata-cli v1.setting.template.generate --server dns.cadoles.com
# Add OpenSSH dependency
cucchiaiata-cli setting.servermodel.dependency.add -m aca -a openssh -o cadoles -e last
S=$(cucchiaiata-cli setting.session.server.start -s dns.cadoles.com | jq -r .session_id)
R=$(cucchiaiata-cli setting.session.server.get -s "$S" -n configuration.serveur_ssh.ssh_allow_networks | jq -Mcr .content[])
[ "$R" = "[]" ]
cucchiaiata-cli setting.session.server.stop -s "$S"
S=$(cucchiaiata-cli setting.session.servermodel.start -m aca -e last| jq -r .session_id)
cucchiaiata-cli setting.session.servermodel.configure -s "$S" --configuration.serveur_ssh.ssh_allow_networks admin.cadoles.com
cucchiaiata-cli setting.session.servermodel.stop -s "$S" -a
S=$(cucchiaiata-cli setting.session.server.start -s dns.cadoles.com | jq -r .session_id)
R=$(cucchiaiata-cli setting.session.server.get -s "$S" -n configuration.serveur_ssh.ssh_allow_networks | jq -Mcr .content[])
[ "$R" = '["admin.cadoles.com"]' ]
cucchiaiata-cli setting.session.server.stop -s "$S"
# Regenerate configuration
cucchiaiata-cli setting.config.configuration.server.deploy -s dns.cadoles.com
cucchiaiata-cli setting.template.generate -s dns.cadoles.com
# Generate cluster's configurtion # Generate cluster's configurtion
cucchiaiata-cli provider.factory.configure -c cluster.cadoles.com #cucchiaiata-cli v1.provider.factory.configure -c cluster.cadoles.com
#cucchiaiata-cli v1.provider.factory.deploy --server dns.cadoles.com
echo "fin" echo "fin"

View File

@ -10,13 +10,15 @@ from cucchiaiata.i18n import _
def main(): def main():
try: try:
if len(argv) > 2 and argv[1] in ['setting.session.server.configure', if len(argv) > 2 and argv[1] in ['v1.setting.session.server.configure',
'setting.session.servermodel.configure']: 'v1.setting.session.servermodel.configure']:
Configuration().get() Configuration().get()
else: else:
parser = Parser() parser = Parser()
print(dumps(parser.get(), print(dumps(parser.get(),
indent=config.indent)) indent=config.indent))
except KeyboardInterrupt:
pass
except Exception as err: except Exception as err:
if config.debug: if config.debug:
print_exc() print_exc()
@ -25,7 +27,4 @@ def main():
if __name__ == "__main__": if __name__ == "__main__":
try: main()
main()
except KeyboardInterrupt:
pass

View File

@ -32,16 +32,16 @@ class Common:
return err return err
def remote_json_to_config(self, def remote_json_to_config(self,
url=None, url,
config_type=Config): config_type=Config,
):
"retrieves the remote config from the distant api description" "retrieves the remote config from the distant api description"
if url is None:
url = self.cucchiaiata_config.remote_url
token = self.get_token() token = self.get_token()
headers = {'Authorization':'Bearer {}'.format(token)} headers = {'Authorization':'Bearer {}'.format(token)}
req = get(url, req = get(url,
headers=headers, headers=headers,
verify=config.allow_insecure_https) verify=config.allow_insecure_https,
)
code = req.status_code code = req.status_code
if code != 200: if code != 200:
raise Exception(self.get_error_from_http(req)) raise Exception(self.get_error_from_http(req))
@ -49,9 +49,14 @@ class Common:
return config_type(json) return config_type(json)
def send_data(message: str, def send_data(uri: str,
payload: Dict): payload: Dict,
final_url = '{}/{}'.format(config.remote_url, message) ):
version, message = uri.split('.', 1)
final_url = '{}/{}/{}'.format(config.remote_url,
version,
message,
)
ret = post(final_url, ret = post(final_url,
data=dumps(payload), data=dumps(payload),
verify=config.allow_insecure_https) verify=config.allow_insecure_https)

View File

@ -11,11 +11,7 @@ class Config:
if not isfile(config_file): if not isfile(config_file):
print(_('Attention, there is no configuration file')) print(_('Attention, there is no configuration file'))
url = input(_('Address to Risotto server: ')) url = input(_('Address to Risotto server: '))
version = input(_('Risotto API\'s version (default: "v1"): ')) yaml_template = f'url: {url}'
if not version:
version = "v1"
yaml_template = f"""url: {url}
version: {version}"""
with open(config_file, 'w') as fh: with open(config_file, 'w') as fh:
fh.write(yaml_template) fh.write(yaml_template)
@ -28,9 +24,8 @@ version: {version}"""
raise Exception(_('Error when creating the config file {}').format(err)) raise Exception(_('Error when creating the config file {}').format(err))
self.url = config['url'] self.url = config['url']
self.version = config['version']
self.debug = config.get('debug', False) self.debug = config.get('debug', False)
self.remote_url = 'http://{}/api/{}'.format(self.url, self.version) self.remote_url = f'http://{self.url}/api'
self.token_file = join(expanduser("~"), '.zephir-client.jwt.token') self.token_file = join(expanduser("~"), '.zephir-client.jwt.token')
self.indent = config.get('indent', 2) self.indent = config.get('indent', 2)
self.allow_insecure_https = config.get('allow_insecure_https', False) self.allow_insecure_https = config.get('allow_insecure_https', False)

View File

@ -3,9 +3,9 @@ from sys import argv, exit
from tiramisu_cmdline_parser import TiramisuCmdlineParser from tiramisu_cmdline_parser import TiramisuCmdlineParser
from tiramisu_api import Config from tiramisu_api import Config
from cucchiaiata.i18n import _
from .i18n import _
from .parser import Parser
from .common import send_data, Common from .common import send_data, Common
@ -25,15 +25,16 @@ class ConfigAPI(Config):
class Configuration(Common): class Configuration(Common):
def configure_server(self): def configure_server(self):
if self.message == 'setting.session.server.configure': smessage = self.message.split('.')
type = 'server' version = smessage[0]
else: type = smessage[-2]
type = 'servermodel' url = '{}/{}/setting/{}/{}'.format(self.cucchiaiata_config.remote_url,
url = '{}/setting/{}/{}'.format(self.cucchiaiata_config.remote_url, version,
type, type,
self.session_id) self.session_id)
tconfig = self.remote_json_to_config(url, tconfig = self.remote_json_to_config(url,
ConfigAPI) ConfigAPI,
)
tconfig.message = self.message tconfig.message = self.message
tconfig.session_id = self.session_id tconfig.session_id = self.session_id
return tconfig return tconfig
@ -52,14 +53,9 @@ class Configuration(Common):
index = parameters.index('-s') index = parameters.index('-s')
except ValueError: except ValueError:
try: try:
index = parameters.index('--sessionid') index = parameters.index('--session_id')
except ValueError: except ValueError:
# FIXME not working ... parser = Parser()
tiramisu_config = self.remote_json_to_config(ConfigAPI)
parser = TiramisuCmdlineParser(tiramisu_config,
self.prog,
unrestraint=True,
fullpath=True)
parser.print_help() parser.print_help()
exit(1) exit(1)
parameters.pop(index) parameters.pop(index)

View File

@ -19,12 +19,14 @@ class Parser(Common):
def __init__(self): def __init__(self):
super().__init__() super().__init__()
# build a tiramisu parser and parse argument # build a tiramisu parser and parse argument
self.remote_config = self.remote_json_to_config() url = self.cucchiaiata_config.remote_url
self.remote_config = self.remote_json_to_config(url)
parser = CucchiaiataParser(self.remote_config, parser = CucchiaiataParser(self.remote_config,
fullpath=False, fullpath=False,
remove_empty_od=True, remove_empty_od=True,
display_modified_value=False, display_modified_value=False,
formatter_class=RawDescriptionHelpFormatter) formatter_class=RawDescriptionHelpFormatter,
)
parser.parse_args() parser.parse_args()
def get(self): def get(self):