/** Note that dn is the actual DN used; we don't prefix with o=XXX */
public static OrganizationLdapEntry build(String o, String cn, LdapDN organizationDN) {
OrganizationLdapEntry entry =
OpsContext.get().getInjector().getInstance(OrganizationLdapEntry.class);
entry.setOrganizationName(o);
entry.setCn(cn);
entry.setLdapDN(organizationDN);
return entry;
}
protected void validateOwner(FilesystemInfo fsInfo) {
if (owner != null) {
if (!fsInfo.matchesOwner(owner)) {
OpsContext.get()
.addWarning(
this,
"WrongOwner",
"Owner was not as expected. Expected=" + owner + " Actual=" + fsInfo.owner);
}
}
if (group != null) {
if (!fsInfo.matchesGroup(group)) {
OpsContext.get()
.addWarning(
this,
"WrongGroup",
"File group was not as expected. Expected=" + group + " Actual=" + fsInfo.group);
}
}
}
@Override
protected void addChildren() throws OpsException {
JettyService model = OpsContext.get().getInstance(JettyService.class);
InstanceBuilder instance =
InstanceBuilder.build(model.dnsName, DiskImageRecipeBuilder.buildDiskImageRecipe(this));
instance.minimumMemoryMb = 2048;
addChild(instance);
instance.addChild(JettyInstance.build());
instance.addChild(CollectdCollector.build());
}
@Override
protected byte[] getContentsBytes() throws OpsException {
InputStream is = getClass().getResourceAsStream("schema.xml");
Document dom;
try {
boolean isNamespaceAware = true;
dom = XmlHelper.parseXmlDocument(is, isNamespaceAware);
} catch (ParserConfigurationException e) {
throw new OpsException("Error parsing XML template", e);
} catch (SAXException e) {
throw new OpsException("Error parsing XML template", e);
} catch (IOException e) {
throw new OpsException("Error parsing XML template", e);
}
SolrTemplateData template = OpsContext.get().getInjector().getInstance(SolrTemplateData.class);
Element fieldsElement;
{
NodeList fieldsList = dom.getElementsByTagName("fields");
if (fieldsList.getLength() != 1) {
throw new OpsException("Expected exactly one fields element");
}
fieldsElement = (Element) fieldsList.item(0);
}
// TODO: Turn off default dynamic fields??
for (SolrSchemaField field : template.getFields()) {
boolean isDynamic = field.name.contains("*");
Element el = dom.createElement(isDynamic ? "dynamicField" : "field");
el.setAttribute("name", field.name);
el.setAttribute("type", field.type);
el.setAttribute("indexed", String.valueOf(field.indexed));
el.setAttribute("stored", String.valueOf(field.stored));
el.setAttribute("multiValued", String.valueOf(field.multiValued));
// Compression removed in 1.4.1
// if (field.compressThreshold >= 0) {
// el.setAttribute("compressed", "true");
// el.setAttribute("compressThreshold", String.valueOf(field.compressThreshold));
// }
fieldsElement.appendChild(el);
}
return Utf8.getBytes(DomUtils.toXml(dom));
}
protected void validateMode(FilesystemInfo fsInfo) {
if (fileMode != null) {
if (!fsInfo.matchesMode(fileMode)) {
OpsContext.get()
.addWarning(
this,
"WrongMode",
"Mode was not as expected. Expected="
+ fileMode
+ " Actual="
+ fsInfo.getFileMode()
+ "("
+ fsInfo.mode
+ ")");
}
}
}
@Override
protected void addChildren() throws OpsException {
RedisServer model = OpsContext.get().getInstance(RedisServer.class);
InstanceBuilder vm;
{
vm = InstanceBuilder.build(model.dnsName, this, model.getTags());
// TODO: Memory _really_ needs to be configurable here!
vm.publicPorts.add(PORT);
vm.minimumMemoryMb = 1024;
vm.hostPolicy.allowRunInContainer = true;
addChild(vm);
}
vm.addChild(PackageDependency.build("redis-server"));
RedisTemplateModel template = injected(RedisTemplateModel.class);
vm.addChild(
TemplatedFile.build(template, new File("/etc/redis/redis.conf")).setFileMode("444"));
// Collectd not restarting correctly (doesn't appear to be hostname problems??)
// instance.addChild(CollectdCollector.build());
{
PublicEndpoint endpoint = injected(PublicEndpoint.class);
// endpoint.network = null;
endpoint.publicPort = PORT;
endpoint.backendPort = PORT;
endpoint.dnsName = model.dnsName;
endpoint.tagItem = model.getKey();
endpoint.parentItem = model.getKey();
vm.addChild(endpoint);
}
vm.addChild(ManagedService.build("redis-server"));
}
@Handler
public void handler(OpsTarget target) throws OpsException {
File canaryFile = new File(repoDir, "config");
if (OpsContext.isConfigure()) {
if (target.getFilesystemInfoFile(canaryFile) == null) {
target.executeCommand(Command.build("git --bare init {0}", repoDir));
File hooks = new File(repoDir, "hooks");
File postUpdateHook = new File(hooks, "post-update");
target.mv(new File(hooks, "post-update.sample"), postUpdateHook);
target.chmod(postUpdateHook, "755");
target.executeCommand(Command.build("cd {0}; git update-server-info", repoDir));
target.executeCommand(Command.build("cd {0}; git config http.receivepack true", repoDir));
target.chown(repoDir, "www-data", "www-data", true, false);
}
}
}
public void configureRules(OpsTarget target, int port, List<FirewallRecord> desired)
throws OpsException {
List<FirewallRecord> actual = getConfiguredRules(target, port);
if (DUMP_CONFIG || true) {
log.debug("Actual configuration:");
for (FirewallRecord rule : actual) {
log.debug("\t" + rule);
}
}
SetCompareResults<FirewallRecord> setCompareResults = SetUtils.setCompare(desired, actual);
// LEFT= desired
// RIGHT= actual
if (!setCompareResults.leftNotRight.isEmpty() || !setCompareResults.rightNotLeft.isEmpty()) {
List<FirewallRecord> deferredAdd = Lists.newArrayList();
for (FirewallRecord add : setCompareResults.leftNotRight) {
if (OpsContext.isConfigure()) {
if (!add.isQuick()) {
// We add these default rules last, so that we can have all our non-default rules in
// place
// This is particularly important for block, with IpTables
log.info("Deferring add of firewall entry: " + add);
deferredAdd.add(add);
} else {
log.info("Adding firewall entry: " + add);
configureAddRule(target, add);
}
} else if (OpsContext.isValidate()) {
OpsContext.get().addWarning(this, "Firewall rule not found: {1}", add);
}
}
for (FirewallRecord remove : setCompareResults.rightNotLeft) {
if (OpsContext.isConfigure()) {
log.info("Removing firewall entry: " + remove);
configureRemoveRule(target, remove);
} else if (OpsContext.isValidate()) {
OpsContext.get().addWarning(this, "Extra firewall rule found: {1}", remove);
}
}
for (FirewallRecord add : deferredAdd) {
if (OpsContext.isConfigure()) {
log.info("Adding firewall entry: " + add);
configureAddRule(target, add);
}
}
}
// if (isConfigure) {
// afterChangeConfiguration(desired);
// }
List<FirewallRecord> duplicates = findDuplicates(target);
if (OpsContext.isValidate()) {
for (FirewallRecord duplicate : duplicates) {
log.warn("Duplicate rule found: " + duplicate);
}
}
if (OpsContext.isForce()) {
for (FirewallRecord duplicate : duplicates) {
configureRemoveRule(target, duplicate);
}
}
}
@Override
public OpsContext get() {
return OpsContext.get();
}