| # Copyright 2016 Mirantis, Inc. |
| # |
| # Licensed under the Apache License, Version 2.0 (the "License"); you may |
| # not use this file except in compliance with the License. You may obtain |
| # a copy of the License at |
| # |
| # http://www.apache.org/licenses/LICENSE-2.0 |
| # |
| # Unless required by applicable law or agreed to in writing, software |
| # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT |
| # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the |
| # License for the specific language governing permissions and limitations |
| # under the License. |
| |
| import netaddr |
| import pkg_resources |
| |
| from collections import defaultdict |
| |
| from datetime import datetime |
| from pepper import libpepper |
| from tcp_tests.helpers import utils |
| from tcp_tests import logger |
| from tcp_tests import settings |
| from tcp_tests.managers.execute_commands import ExecuteCommandsMixin |
| |
| LOG = logger.logger |
| |
| |
| class SaltManager(ExecuteCommandsMixin): |
| """docstring for SaltManager""" |
| |
| __config = None |
| __underlay = None |
| _map = { |
| 'enforceState': 'enforce_state', |
| 'enforceStates': 'enforce_states', |
| 'runState': 'run_state', |
| 'runStates': 'run_states', |
| } |
| |
| def __init__(self, config, underlay, host=None, port='6969', |
| username=None, password=None): |
| self.__config = config |
| self.__underlay = underlay |
| self.__port = port |
| self.__host = host |
| self.__api = None |
| self.__user = username or settings.SALT_USER |
| self.__password = password or settings.SALT_PASSWORD |
| self._salt = self |
| |
| super(SaltManager, self).__init__(config=config, underlay=underlay) |
| |
| def install(self, commands): |
| # if self.__config.salt.salt_master_host == '0.0.0.0': |
| # # Temporary workaround. Underlay should be extended with roles |
| # salt_nodes = self.__underlay.node_names() |
| # self.__config.salt.salt_master_host = \ |
| # self.__underlay.host_by_node_name(salt_nodes[0]) |
| |
| self.execute_commands(commands=commands, |
| label="Install and configure salt") |
| self.create_env_salt() |
| self.create_env_jenkins_day01() |
| # self.create_env_jenkins_cicd() |
| # self.create_env_k8s() |
| |
| def change_creds(self, username, password): |
| self.__user = username |
| self.__password = password |
| |
| @property |
| def port(self): |
| return self.__port |
| |
| @property |
| def host(self): |
| if self.__host: |
| return self.__host |
| else: |
| # TODO(ddmitriev): consider to add a check and raise |
| # exception if 'salt_master_host' is not initialized. |
| return self.__config.salt.salt_master_host |
| |
| @property |
| def api(self): |
| def login(): |
| LOG.info("Authentication in Salt API") |
| self.__api.login( |
| username=self.__user, |
| password=self.__password, |
| eauth='pam') |
| return datetime.now() |
| |
| if self.__api: |
| if (datetime.now() - self.__session_start).seconds < 5 * 60: |
| return self.__api |
| else: |
| # FIXXME: Change to debug |
| LOG.info("Session's expired") |
| self.__session_start = login() |
| return self.__api |
| |
| url = "http://{host}:{port}".format( |
| host=self.host, port=self.port) |
| LOG.info("Connecting to Salt API {0}".format(url)) |
| self.__api = libpepper.Pepper(url) |
| self.__session_start = login() |
| return self.__api |
| |
| def local(self, tgt, fun, args=None, kwargs=None, timeout=None): |
| return self.api.local(tgt, fun, args, kwargs, timeout=timeout, |
| expr_form='compound') |
| |
| def local_async(self, tgt, fun, args=None, kwargs=None, timeout=None): |
| return self.api.local_async(tgt, fun, args, kwargs, timeout=timeout) |
| |
| def lookup_result(self, jid): |
| return self.api.lookup_jid(jid) |
| |
| def check_result(self, r): |
| if len(r.get('return', [])) == 0: |
| raise LookupError("Result is empty or absent") |
| |
| result = r['return'][0] |
| if len(result) == 0: |
| raise LookupError("Result is empty or absent") |
| LOG.info("Job has result for %s nodes", result.keys()) |
| fails = defaultdict(list) |
| for h in result: |
| host_result = result[h] |
| LOG.info("On %s executed:", h) |
| if isinstance(host_result, list): |
| fails[h].append(host_result) |
| continue |
| for t in host_result: |
| task = host_result[t] |
| if task['result'] is False: |
| fails[h].append(task) |
| LOG.error("%s - %s", t, task['result']) |
| else: |
| LOG.info("%s - %s", t, task['result']) |
| |
| return fails if fails else None |
| |
| def enforce_state(self, tgt, state, args=None, kwargs=None, timeout=None): |
| r = self.local(tgt=tgt, fun='state.sls', args=state, timeout=timeout) |
| f = self.check_result(r) |
| return r, f |
| |
| def enforce_states(self, tgt, state, args=None, kwargs=None, timeout=None): |
| rets = [] |
| for s in state: |
| r = self.enforce_state(tgt=tgt, state=s, timeout=timeout) |
| rets.append(r) |
| return rets |
| |
| def run_state(self, tgt, state, args=None, kwargs=None, timeout=None): |
| return self.local(tgt=tgt, fun=state, args=args, kwargs=kwargs, |
| timeout=timeout), None |
| |
| def run_states(self, tgt, state, args=None, kwargs=None, timeout=None): |
| rets = [] |
| for s in state: |
| r = self.run_state(tgt=tgt, state=s, args=args, kwargs=kwargs, |
| timeout=timeout) |
| rets.append(r) |
| return rets |
| |
| def get_pillar(self, tgt, pillar): |
| result = self.local(tgt=tgt, fun='pillar.get', args=pillar) |
| return result['return'] |
| |
| def get_single_pillar(self, tgt, pillar): |
| """Get a scalar value from a single node |
| |
| :return: pillar value |
| """ |
| |
| result = self.get_pillar(tgt, pillar) |
| nodes = result[0].keys() |
| |
| if not nodes: |
| raise LookupError("No minions selected " |
| "for the target '{0}'".format(tgt)) |
| if len(nodes) > 1: |
| raise LookupError("Too many minions selected " |
| "for the target '{0}' , expected one: {1}" |
| .format(tgt, nodes)) |
| return result[0][nodes[0]] |
| |
| def get_grains(self, tgt, grains): |
| result = self.local(tgt=tgt, fun='grains.get', args=grains) |
| return result['return'] |
| |
| def get_ssh_data(self): |
| """Generate ssh config for Underlay |
| |
| :param roles: list of strings |
| """ |
| |
| pool_name = self.__config.underlay.net_mgmt |
| pool_net = netaddr.IPNetwork(self.__config.underlay.address_pools[ |
| self.__config.underlay.net_mgmt]) |
| hosts = self.local('*', 'grains.item', ['host', 'ipv4']) |
| |
| if len(hosts.get('return', [])) == 0: |
| raise LookupError("Hosts is empty or absent") |
| hosts = hosts['return'][0] |
| if len(hosts) == 0: |
| raise LookupError("Hosts is empty or absent") |
| |
| def host(minion_id, ip): |
| return { |
| 'roles': ['salt_minion'], |
| 'keys': [ |
| k['private'] for k in self.__config.underlay.ssh_keys |
| ], |
| 'node_name': minion_id, |
| 'minion_id': minion_id, |
| 'host': ip, |
| 'address_pool': pool_name, |
| 'login': settings.SSH_NODE_CREDENTIALS['login'], |
| 'password': settings.SSH_NODE_CREDENTIALS['password'] |
| } |
| |
| try: |
| ret = [ |
| host(k, next(i for i in v['ipv4'] if i in pool_net)) |
| for k, v in hosts.items() |
| if next(i for i in v['ipv4'] if i in pool_net)] |
| LOG.debug("Fetched ssh data from salt grains - {}".format(ret)) |
| return ret |
| except StopIteration: |
| msg = ("Can't match nodes ip address with network cidr\n" |
| "Managment network - {net}\n" |
| "Host with address - {host_list}".format( |
| net=pool_net, |
| host_list={k: v['ipv4'] for k, v in hosts.items()})) |
| raise StopIteration(msg) |
| |
| def update_ssh_data_from_minions(self): |
| """Combine existing underlay.ssh with VCP salt minions""" |
| salt_nodes = self.get_ssh_data() |
| |
| for salt_node in salt_nodes: |
| nodes = [n for n in self.__config.underlay.ssh |
| if salt_node['host'] == n['host'] |
| and salt_node['address_pool'] == n['address_pool']] |
| if nodes: |
| # Assume that there can be only one node with such IP address |
| # Just update minion_id for this node |
| nodes[0]['minion_id'] = salt_node['minion_id'] |
| else: |
| # New node, add to config.underlay.ssh |
| self.__config.underlay.ssh.append(salt_node) |
| |
| self.__underlay.config_ssh = [] |
| self.__underlay.add_config_ssh(self.__config.underlay.ssh) |
| |
| def service_status(self, tgt, service): |
| result = self.local(tgt=tgt, fun='service.status', args=service) |
| return result['return'] |
| |
| def service_restart(self, tgt, service): |
| result = self.local(tgt=tgt, fun='service.restart', args=service) |
| return result['return'] |
| |
| def service_stop(self, tgt, service): |
| result = self.local(tgt=tgt, fun='service.stop', args=service) |
| return result['return'] |
| |
| def cmd_run(self, tgt, cmd): |
| result = self.local(tgt=tgt, fun='cmd.run', args=cmd) |
| return result['return'] |
| |
| @utils.retry(10, exception=libpepper.PepperException) |
| def sync_time(self, tgt='*'): |
| LOG.info("NTP time sync on the salt minions '{0}'".format(tgt)) |
| # Force authentication update on the next API access |
| # because previous authentication most probably is not valid |
| # before or after time sync. |
| self.__api = None |
| if not settings.SKIP_SYNC_TIME: |
| cmd = ('chmod -x /usr/sbin/ntpd' |
| 'service ntp stop;' |
| # note: maas-rackd will return 'pool' after start |
| 'sed -i \'s/^pool ntp.ubuntu.com/server ntp.cesnet.cz/g\' ' |
| '/etc/ntp/maas.conf;' |
| 'sed -i \'s/^pool ntp.ubuntu.com/server ntp.cesnet.cz/g\' ' |
| '/etc/ntp.conf;' |
| 'if [ -x /usr/sbin/ntpdate ]; then' |
| ' ntpdate -s ntp.cesnet.cz;' |
| 'else' |
| ' ntpd -gq;' |
| 'fi;' |
| 'chmod +x /usr/sbin/ntpd' |
| 'service ntp start;' |
| 'sleep 3; ntpq -pn;') |
| self.run_state( |
| tgt, |
| 'cmd.run', cmd, timeout=360) # noqa |
| new_time_res = self.run_state(tgt, 'cmd.run', 'date') |
| for node_name, time in sorted(new_time_res[0]['return'][0].items()): |
| LOG.info("{0}: {1}".format(node_name, time)) |
| self.__api = None |
| |
| def create_env_salt(self): |
| """Creates static utils/env_salt file""" |
| |
| env_salt_filename = pkg_resources.resource_filename( |
| settings.__name__, 'utils/env_salt') |
| with open(env_salt_filename, 'w') as f: |
| f.write( |
| 'export SALT_MASTER_IP={host}\n' |
| 'export SALTAPI_URL=http://{host}:{port}/\n' |
| 'export SALTAPI_USER="{user}"\n' |
| 'export SALTAPI_PASS="{password}"\n' |
| 'export SALTAPI_EAUTH="pam"\n' |
| 'echo "export SALT_MASTER_IP=${{SALT_MASTER_IP}}"\n' |
| 'echo "export SALTAPI_URL=${{SALTAPI_URL}}"\n' |
| 'echo "export SALTAPI_USER=${{SALTAPI_USER}}"\n' |
| 'echo "export SALTAPI_PASS=${{SALTAPI_PASS}}"\n' |
| 'echo "export SALTAPI_EAUTH=${{SALTAPI_EAUTH}}"\n' |
| .format(host=self.host, port=self.port, |
| user=self.__user, password=self.__password) |
| ) |
| |
| def create_env_jenkins_day01(self): |
| """Creates static utils/env_jenkins_day01 file""" |
| |
| env_jenkins_day01_filename = pkg_resources.resource_filename( |
| settings.__name__, 'utils/env_jenkins_day01') |
| |
| tgt = 'I@docker:client:stack:jenkins and cfg01*' |
| jenkins_params = self.get_single_pillar( |
| tgt=tgt, pillar="jenkins:client:master") |
| jenkins_port = jenkins_params['port'] |
| jenkins_user = jenkins_params['username'] |
| jenkins_pass = jenkins_params['password'] |
| |
| with open(env_jenkins_day01_filename, 'w') as f: |
| f.write( |
| 'export JENKINS_URL=http://{host}:{port}\n' |
| 'export JENKINS_USER={user}\n' |
| 'export JENKINS_PASS={password}\n' |
| 'export JENKINS_START_TIMEOUT=60\n' |
| 'export JENKINS_BUILD_TIMEOUT=1800\n' |
| 'echo "export JENKINS_URL=${{JENKINS_URL}}' |
| ' # Jenkins API URL"\n' |
| 'echo "export JENKINS_USER=${{JENKINS_USER}}' |
| ' # Jenkins API username"\n' |
| 'echo "export JENKINS_PASS=${{JENKINS_PASS}}' |
| ' # Jenkins API password or token"n\n' |
| 'echo "export JENKINS_START_TIMEOUT=${{JENKINS_START_TIMEOUT}}' |
| ' # Timeout waiting for job in queue to start building"\n' |
| 'echo "export JENKINS_BUILD_TIMEOUT=${{JENKINS_BUILD_TIMEOUT}}' |
| ' # Timeout waiting for building job to complete"\n' |
| .format(host=self.host, port=jenkins_port, |
| user=jenkins_user, password=jenkins_pass) |
| ) |
| |
| def create_env_jenkins_cicd(self): |
| """Creates static utils/env_jenkins_cicd file""" |
| |
| env_jenkins_cicd_filename = pkg_resources.resource_filename( |
| settings.__name__, 'utils/env_jenkins_cicd') |
| |
| tgt = 'I@docker:client:stack:jenkins and cid01*' |
| try: |
| jenkins_params = self.get_single_pillar( |
| tgt=tgt, pillar="jenkins:client:master") |
| except LookupError as e: |
| LOG.error("Skipping creation {0} because cannot get Jenkins CICD " |
| "parameters from '{1}': {2}" |
| .format(env_jenkins_cicd_filename, tgt, e.message)) |
| return |
| |
| jenkins_host = jenkins_params['host'] |
| jenkins_port = jenkins_params['port'] |
| jenkins_user = jenkins_params['username'] |
| jenkins_pass = jenkins_params['password'] |
| |
| with open(env_jenkins_cicd_filename, 'w') as f: |
| f.write( |
| 'export JENKINS_URL=http://{host}:{port}\n' |
| 'export JENKINS_USER={user}\n' |
| 'export JENKINS_PASS={password}\n' |
| 'export JENKINS_START_TIMEOUT=60\n' |
| 'export JENKINS_BUILD_TIMEOUT=1800\n' |
| 'echo "export JENKINS_URL=${{JENKINS_URL}}' |
| ' # Jenkins API URL"\n' |
| 'echo "export JENKINS_USER=${{JENKINS_USER}}' |
| ' # Jenkins API username"\n' |
| 'echo "export JENKINS_PASS=${{JENKINS_PASS}}' |
| ' # Jenkins API password or token"n\n' |
| 'echo "export JENKINS_START_TIMEOUT=${{JENKINS_START_TIMEOUT}}' |
| ' # Timeout waiting for job in queue to start building"\n' |
| 'echo "export JENKINS_BUILD_TIMEOUT=${{JENKINS_BUILD_TIMEOUT}}' |
| ' # Timeout waiting for building job to complete"\n' |
| .format(host=jenkins_host, port=jenkins_port, |
| user=jenkins_user, password=jenkins_pass) |
| ) |
| |
| def create_env_k8s(self): |
| """Creates static utils/env_k8s file""" |
| |
| env_k8s_filename = pkg_resources.resource_filename( |
| settings.__name__, 'utils/env_k8s') |
| |
| tgt = 'I@haproxy:proxy:enabled:true and I@kubernetes:master and *01*' |
| try: |
| haproxy_params = self.get_single_pillar( |
| tgt=tgt, pillar="haproxy:proxy:listen:k8s_secure:binds")[0] |
| k8s_params = self.get_single_pillar( |
| tgt=tgt, pillar="kubernetes:master:admin") |
| except LookupError as e: |
| LOG.error("Skipping creation {0} because cannot get Kubernetes " |
| "parameters from '{1}': {2}" |
| .format(env_k8s_filename, tgt, e.message)) |
| return |
| |
| kube_host = haproxy_params['address'] |
| kube_apiserver_port = haproxy_params['port'] |
| kubernetes_admin_user = k8s_params['username'] |
| kubernetes_admin_password = k8s_params['password'] |
| |
| with open(env_k8s_filename, 'w') as f: |
| f.write( |
| 'export kube_host={host}\n' |
| 'export kube_apiserver_port={port}\n' |
| 'export kubernetes_admin_user={user}\n' |
| 'export kubernetes_admin_password={password}\n' |
| 'echo "export kube_host=${{kube_host}}' |
| ' # Kube API host"\n' |
| 'echo "export kube_apiserver_port=${{kube_apiserver_port}}' |
| ' # Kube API port"\n' |
| 'echo "export kubernetes_admin_user=${{kubernetes_admin_user}}' |
| ' # Kube API username"\n' |
| 'echo "export kubernetes_admin_password=' |
| '${{kubernetes_admin_password}} # Kube API password"n\n' |
| .format(host=kube_host, port=kube_apiserver_port, |
| user=kubernetes_admin_user, |
| password=kubernetes_admin_password) |
| ) |