/** Note that dn is the actual DN used; we don't prefix with o=XXX */
 public static OrganizationLdapEntry build(String o, String cn, LdapDN organizationDN) {
   OrganizationLdapEntry entry =
       OpsContext.get().getInjector().getInstance(OrganizationLdapEntry.class);
   entry.setOrganizationName(o);
   entry.setCn(cn);
   entry.setLdapDN(organizationDN);
   return entry;
 }
  protected void validateOwner(FilesystemInfo fsInfo) {
    if (owner != null) {
      if (!fsInfo.matchesOwner(owner)) {
        OpsContext.get()
            .addWarning(
                this,
                "WrongOwner",
                "Owner was not as expected.  Expected=" + owner + " Actual=" + fsInfo.owner);
      }
    }

    if (group != null) {
      if (!fsInfo.matchesGroup(group)) {
        OpsContext.get()
            .addWarning(
                this,
                "WrongGroup",
                "File group was not as expected.  Expected=" + group + " Actual=" + fsInfo.group);
      }
    }
  }
  @Override
  protected void addChildren() throws OpsException {
    JettyService model = OpsContext.get().getInstance(JettyService.class);

    InstanceBuilder instance =
        InstanceBuilder.build(model.dnsName, DiskImageRecipeBuilder.buildDiskImageRecipe(this));
    instance.minimumMemoryMb = 2048;
    addChild(instance);

    instance.addChild(JettyInstance.build());

    instance.addChild(CollectdCollector.build());
  }
  @Override
  protected byte[] getContentsBytes() throws OpsException {
    InputStream is = getClass().getResourceAsStream("schema.xml");

    Document dom;
    try {
      boolean isNamespaceAware = true;
      dom = XmlHelper.parseXmlDocument(is, isNamespaceAware);
    } catch (ParserConfigurationException e) {
      throw new OpsException("Error parsing XML template", e);
    } catch (SAXException e) {
      throw new OpsException("Error parsing XML template", e);
    } catch (IOException e) {
      throw new OpsException("Error parsing XML template", e);
    }

    SolrTemplateData template = OpsContext.get().getInjector().getInstance(SolrTemplateData.class);

    Element fieldsElement;
    {
      NodeList fieldsList = dom.getElementsByTagName("fields");
      if (fieldsList.getLength() != 1) {
        throw new OpsException("Expected exactly one fields element");
      }

      fieldsElement = (Element) fieldsList.item(0);
    }

    // TODO: Turn off default dynamic fields??
    for (SolrSchemaField field : template.getFields()) {
      boolean isDynamic = field.name.contains("*");

      Element el = dom.createElement(isDynamic ? "dynamicField" : "field");

      el.setAttribute("name", field.name);
      el.setAttribute("type", field.type);
      el.setAttribute("indexed", String.valueOf(field.indexed));
      el.setAttribute("stored", String.valueOf(field.stored));
      el.setAttribute("multiValued", String.valueOf(field.multiValued));

      // Compression removed in 1.4.1
      // if (field.compressThreshold >= 0) {
      // el.setAttribute("compressed", "true");
      // el.setAttribute("compressThreshold", String.valueOf(field.compressThreshold));
      // }

      fieldsElement.appendChild(el);
    }

    return Utf8.getBytes(DomUtils.toXml(dom));
  }
 protected void validateMode(FilesystemInfo fsInfo) {
   if (fileMode != null) {
     if (!fsInfo.matchesMode(fileMode)) {
       OpsContext.get()
           .addWarning(
               this,
               "WrongMode",
               "Mode was not as expected.  Expected="
                   + fileMode
                   + " Actual="
                   + fsInfo.getFileMode()
                   + "("
                   + fsInfo.mode
                   + ")");
     }
   }
 }
  @Override
  protected void addChildren() throws OpsException {
    RedisServer model = OpsContext.get().getInstance(RedisServer.class);

    InstanceBuilder vm;

    {
      vm = InstanceBuilder.build(model.dnsName, this, model.getTags());

      // TODO: Memory _really_ needs to be configurable here!
      vm.publicPorts.add(PORT);

      vm.minimumMemoryMb = 1024;

      vm.hostPolicy.allowRunInContainer = true;
      addChild(vm);
    }

    vm.addChild(PackageDependency.build("redis-server"));

    RedisTemplateModel template = injected(RedisTemplateModel.class);

    vm.addChild(
        TemplatedFile.build(template, new File("/etc/redis/redis.conf")).setFileMode("444"));

    // Collectd not restarting correctly (doesn't appear to be hostname problems??)
    // instance.addChild(CollectdCollector.build());

    {
      PublicEndpoint endpoint = injected(PublicEndpoint.class);
      // endpoint.network = null;
      endpoint.publicPort = PORT;
      endpoint.backendPort = PORT;
      endpoint.dnsName = model.dnsName;

      endpoint.tagItem = model.getKey();
      endpoint.parentItem = model.getKey();

      vm.addChild(endpoint);
    }

    vm.addChild(ManagedService.build("redis-server"));
  }
  @Handler
  public void handler(OpsTarget target) throws OpsException {
    File canaryFile = new File(repoDir, "config");

    if (OpsContext.isConfigure()) {
      if (target.getFilesystemInfoFile(canaryFile) == null) {
        target.executeCommand(Command.build("git --bare init {0}", repoDir));

        File hooks = new File(repoDir, "hooks");
        File postUpdateHook = new File(hooks, "post-update");
        target.mv(new File(hooks, "post-update.sample"), postUpdateHook);
        target.chmod(postUpdateHook, "755");

        target.executeCommand(Command.build("cd {0}; git update-server-info", repoDir));
        target.executeCommand(Command.build("cd {0}; git config http.receivepack true", repoDir));

        target.chown(repoDir, "www-data", "www-data", true, false);
      }
    }
  }
  public void configureRules(OpsTarget target, int port, List<FirewallRecord> desired)
      throws OpsException {
    List<FirewallRecord> actual = getConfiguredRules(target, port);

    if (DUMP_CONFIG || true) {
      log.debug("Actual configuration:");
      for (FirewallRecord rule : actual) {
        log.debug("\t" + rule);
      }
    }

    SetCompareResults<FirewallRecord> setCompareResults = SetUtils.setCompare(desired, actual);
    // LEFT= desired
    // RIGHT= actual

    if (!setCompareResults.leftNotRight.isEmpty() || !setCompareResults.rightNotLeft.isEmpty()) {

      List<FirewallRecord> deferredAdd = Lists.newArrayList();

      for (FirewallRecord add : setCompareResults.leftNotRight) {
        if (OpsContext.isConfigure()) {
          if (!add.isQuick()) {
            // We add these default rules last, so that we can have all our non-default rules in
            // place
            // This is particularly important for block, with IpTables
            log.info("Deferring add of firewall entry: " + add);
            deferredAdd.add(add);
          } else {
            log.info("Adding firewall entry: " + add);
            configureAddRule(target, add);
          }
        } else if (OpsContext.isValidate()) {
          OpsContext.get().addWarning(this, "Firewall rule not found: {1}", add);
        }
      }

      for (FirewallRecord remove : setCompareResults.rightNotLeft) {
        if (OpsContext.isConfigure()) {
          log.info("Removing firewall entry: " + remove);
          configureRemoveRule(target, remove);
        } else if (OpsContext.isValidate()) {
          OpsContext.get().addWarning(this, "Extra firewall rule found: {1}", remove);
        }
      }

      for (FirewallRecord add : deferredAdd) {
        if (OpsContext.isConfigure()) {
          log.info("Adding firewall entry: " + add);
          configureAddRule(target, add);
        }
      }
    }

    // if (isConfigure) {
    // afterChangeConfiguration(desired);
    // }

    List<FirewallRecord> duplicates = findDuplicates(target);

    if (OpsContext.isValidate()) {
      for (FirewallRecord duplicate : duplicates) {
        log.warn("Duplicate rule found: " + duplicate);
      }
    }

    if (OpsContext.isForce()) {
      for (FirewallRecord duplicate : duplicates) {
        configureRemoveRule(target, duplicate);
      }
    }
  }
Exemplo n.º 9
0
 @Override
 public OpsContext get() {
   return OpsContext.get();
 }