diff --git a/CHANGELOG.md b/CHANGELOG.md index ff344d72..403534fb 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,12 @@ cookbook-rb-manager CHANGELOG =============== +## 2.1.0 + + - David Vanhoucke + - [161b5dd] add library to get virtual ips + - [32fe52b] add keepalived and balanced services + ## 2.0.1 - Miguel Alvarez diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index d078d0a5..2005eaeb 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -125,91 +125,98 @@ default['redborder']['services_group']['postgresql'] = %w(postgresql redborder-postgresql) default['redborder']['services'] = {} -default['redborder']['services']['chef-client'] = true -default['redborder']['services']['chef-server'] = false -default['redborder']['services']['consul'] = false -default['redborder']['services']['consul-client'] = false -default['redborder']['services']['keepalived'] = false -default['redborder']['services']['druid-coordinator'] = false -default['redborder']['services']['druid-realtime'] = false -default['redborder']['services']['druid-historical'] = false -default['redborder']['services']['druid-broker'] = false -default['redborder']['services']['druid-overlord'] = false -default['redborder']['services']['druid-middlemanager'] = false -default['redborder']['services']['kafka'] = false -default['redborder']['services']['zookeeper'] = false -default['redborder']['services']['http2k'] = false -default['redborder']['services']['webui'] = false -default['redborder']['services']['postgresql'] = false -default['redborder']['services']['redborder-postgresql'] = false -default['redborder']['services']['nginx'] = false -default['redborder']['services']['redborder-cep'] = false -default['redborder']['services']['rb-aioutliers'] = false -default['redborder']['services']['rb-logstatter'] = true -default['redborder']['services']['rb-arubacentral'] = false -default['redborder']['services']['memcached'] = true -default['redborder']['services']['rb-monitor'] = false -default['redborder']['services']['secor'] = false -default['redborder']['services']['s3'] = false -default['redborder']['services']['mongodb'] = false -default['redborder']['services']['hadoop-nodemanager'] = false -default['redborder']['services']['hadoop-resourcemanager'] = false -default['redborder']['services']['redborder-monitor'] = true -default['redborder']['services']['redborder-scanner'] = false -default['redborder']['services']['snmp'] = true -default['redborder']['services']['f2k'] = false -default['redborder']['services']['logstash'] = false -default['redborder']['services']['pmacct'] = false -default['redborder']['services']['redborder-dswatcher'] = false -default['redborder']['services']['redborder-events-counter'] = false -default['redborder']['services']['rsyslog'] = true -default['redborder']['services']['redborder-nmsp'] = false -default['redborder']['services']['redborder-ale'] = false -default['redborder']['services']['n2klocd'] = false -default['redborder']['services']['radiusd'] = false -default['redborder']['services']['postfix'] = true - -default['redborder']['systemdservices']['chef-client'] = ['chef-client'] -default['redborder']['systemdservices']['chef-server'] = ['opscode-erchef'] -default['redborder']['systemdservices']['consul'] = ['consul'] -default['redborder']['systemdservices']['consul-client'] = ['consul'] -default['redborder']['systemdservices']['druid-realtime'] = ['druid-realtime'] -default['redborder']['systemdservices']['druid-coordinator'] = ['druid-coordinator'] -default['redborder']['systemdservices']['druid-historical'] = ['druid-historical'] -default['redborder']['systemdservices']['druid-broker'] = ['druid-broker'] -default['redborder']['systemdservices']['kafka'] = ['kafka'] -default['redborder']['systemdservices']['zookeeper'] = ['zookeeper'] -default['redborder']['systemdservices']['webui'] = ['webui'] -default['redborder']['systemdservices']['postgresql'] = ['postgresql'] -default['redborder']['systemdservices']['redborder-postgresql'] = ['redborder-postgresql'] -default['redborder']['systemdservices']['nginx'] = ['nginx'] -default['redborder']['systemdservices']['redborder-cep'] = ['redborder-cep'] -default['redborder']['systemdservices']['rb-aioutliers'] = ['rb-aioutliers'] -default['redborder']['systemdservices']['rb-logstatter'] = ['rb-logstatter'] -default['redborder']['systemdservices']['rb-arubacentral'] = ['rb-arubacentral'] -default['redborder']['systemdservices']['memcached'] = ['memcached'] -default['redborder']['systemdservices']['s3'] = ['minio'] -default['redborder']['systemdservices']['mongodb'] = ['mongod'] -default['redborder']['systemdservices']['redborder-monitor'] = ['redborder-monitor'] -default['redborder']['systemdservices']['redborder-scanner'] = ['redborder-scanner'] -default['redborder']['systemdservices']['snmp'] = ['snmpd'] -default['redborder']['systemdservices']['f2k'] = ['f2k'] -default['redborder']['systemdservices']['logstash'] = ['logstash'] -default['redborder']['systemdservices']['pmacct'] = ['sfacctd'] -default['redborder']['systemdservices']['redborder-dswatcher'] = ['redborder-dswatcher'] +default['redborder']['services']['chef-client'] = true +default['redborder']['services']['chef-server'] = false +default['redborder']['services']['consul'] = false +default['redborder']['services']['consul-client'] = false +default['redborder']['services']['keepalived'] = false +default['redborder']['services']['druid-coordinator'] = false +default['redborder']['services']['druid-realtime'] = false +default['redborder']['services']['druid-historical'] = false +default['redborder']['services']['druid-broker'] = false +default['redborder']['services']['druid-overlord'] = false +default['redborder']['services']['druid-middlemanager'] = false +default['redborder']['services']['kafka'] = false +default['redborder']['services']['zookeeper'] = false +default['redborder']['services']['http2k'] = false +default['redborder']['services']['webui'] = false +default['redborder']['services']['postgresql'] = false +default['redborder']['services']['redborder-postgresql'] = false +default['redborder']['services']['nginx'] = false +default['redborder']['services']['redborder-cep'] = false +default['redborder']['services']['rb-aioutliers'] = false +default['redborder']['services']['rb-logstatter'] = true +default['redborder']['services']['rb-arubacentral'] = false +default['redborder']['services']['memcached'] = true +default['redborder']['services']['rb-monitor'] = false +default['redborder']['services']['secor'] = false +default['redborder']['services']['s3'] = false +default['redborder']['services']['mongodb'] = false +default['redborder']['services']['hadoop-nodemanager'] = false +default['redborder']['services']['hadoop-resourcemanager'] = false +default['redborder']['services']['redborder-monitor'] = true +default['redborder']['services']['redborder-scanner'] = false +default['redborder']['services']['snmp'] = true +default['redborder']['services']['f2k'] = false +default['redborder']['services']['logstash'] = false +default['redborder']['services']['pmacct'] = false +default['redborder']['services']['redborder-dswatcher'] = false +default['redborder']['services']['redborder-events-counter'] = false +default['redborder']['services']['rsyslog'] = true +default['redborder']['services']['redborder-nmsp'] = false +default['redborder']['services']['redborder-ale'] = false +default['redborder']['services']['n2klocd'] = false +default['redborder']['services']['radiusd'] = false +default['redborder']['services']['postfix'] = true +default['redborder']['services']['keepalived'] = false + +default['redborder']['systemdservices']['chef-client'] = ['chef-client'] +default['redborder']['systemdservices']['chef-server'] = ['opscode-erchef'] +default['redborder']['systemdservices']['consul'] = ['consul'] +default['redborder']['systemdservices']['consul-client'] = ['consul'] +default['redborder']['systemdservices']['druid-realtime'] = ['druid-realtime'] +default['redborder']['systemdservices']['druid-coordinator'] = ['druid-coordinator'] +default['redborder']['systemdservices']['druid-historical'] = ['druid-historical'] +default['redborder']['systemdservices']['druid-broker'] = ['druid-broker'] +default['redborder']['systemdservices']['kafka'] = ['kafka'] +default['redborder']['systemdservices']['zookeeper'] = ['zookeeper'] +default['redborder']['systemdservices']['webui'] = ['webui'] +default['redborder']['systemdservices']['postgresql'] = ['postgresql'] +default['redborder']['systemdservices']['redborder-postgresql'] = ['redborder-postgresql'] +default['redborder']['systemdservices']['nginx'] = ['nginx'] +default['redborder']['systemdservices']['redborder-cep'] = ['redborder-cep'] +default['redborder']['systemdservices']['rb-aioutliers'] = ['rb-aioutliers'] +default['redborder']['systemdservices']['rb-logstatter'] = ['rb-logstatter'] +default['redborder']['systemdservices']['rb-arubacentral'] = ['rb-arubacentral'] +default['redborder']['systemdservices']['memcached'] = ['memcached'] +default['redborder']['systemdservices']['s3'] = ['minio'] +default['redborder']['systemdservices']['mongodb'] = ['mongod'] +default['redborder']['systemdservices']['redborder-monitor'] = ['redborder-monitor'] +default['redborder']['systemdservices']['redborder-scanner'] = ['redborder-scanner'] +default['redborder']['systemdservices']['snmp'] = ['snmpd'] +default['redborder']['systemdservices']['f2k'] = ['f2k'] +default['redborder']['systemdservices']['logstash'] = ['logstash'] +default['redborder']['systemdservices']['pmacct'] = ['sfacctd'] +default['redborder']['systemdservices']['redborder-dswatcher'] = ['redborder-dswatcher'] default['redborder']['systemdservices']['redborder-events-counter'] = ['redborder-events-counter'] -default['redborder']['systemdservices']['http2k'] = ['http2k'] -default['redborder']['systemdservices']['rsyslog'] = ['rsyslog'] -default['redborder']['systemdservices']['redborder-nmsp'] = ['redborder-nmsp'] -default['redborder']['systemdservices']['redborder-ale'] = ['redborder-ale'] -default['redborder']['systemdservices']['n2klocd'] = ['n2klocd'] -default['redborder']['systemdservices']['radiusd'] = ['radiusd'] -default['redborder']['systemdservices']['postfix'] = ['postfix'] +default['redborder']['systemdservices']['http2k'] = ['http2k'] +default['redborder']['systemdservices']['rsyslog'] = ['rsyslog'] +default['redborder']['systemdservices']['redborder-nmsp'] = ['redborder-nmsp'] +default['redborder']['systemdservices']['redborder-ale'] = ['redborder-ale'] +default['redborder']['systemdservices']['n2klocd'] = ['n2klocd'] +default['redborder']['systemdservices']['radiusd'] = ['radiusd'] +default['redborder']['systemdservices']['postfix'] = ['postfix'] +default['redborder']['systemdservices']['keepalived'] = ['keepalived'] + +default['redborder']['manager']['balanced'] = [ { port: 443, protocol: 'tcp', name: 'redborder webui', service: 'webui', redirected_service: 'nginx', persistence_timeout: 9600 }, { port: 2055, protocol: 'udp', name: 'netflow,ipfix/sflow daemon', service: 'f2k', redirected_service: 'f2k', persistence_timeout: 30 }, { port: 6343, protocol: 'udp', name: 'sflow daemon', service: 'sfacctd', redirected_service: 'sfacctd', persistence_timeout: 30 }, { port: 9092, protocol: 'tcp', name: 'kafka', service: 'kafka', redirected_service: 'kafka', persistence_timeout: 30 } ] # Tier default['redborder']['druid']['historical']['tier'] = 'default' default['redborder']['druid']['historical']['maxsize'] = -1 +# Virtual Ips +default['redborder']['manager']['virtual_ips'] = { external: [ { service: 'webui', deps: ['nginx'] }, { service: 'f2k' }, { service: 'sfacctd' }, { service: 'kafka' } ] } + # Realtime default['redborder']['druid']['realtime']['partition_num'] = 0 diff --git a/resources/libraries/get_managers_all.rb b/resources/libraries/get_managers_all.rb index ea4e2949..95ab533a 100644 --- a/resources/libraries/get_managers_all.rb +++ b/resources/libraries/get_managers_all.rb @@ -6,22 +6,10 @@ def get_managers_all managers_keys.each do |m_key| m = Chef::Node.load m_key m = node if m.name == node.name - begin - roles = m.roles - rescue NoMethodError - begin - roles = m.run_list - rescue - roles = [] - end + if m.role?('manager') + managers << m end - next unless roles.nil? - - next unless roles.include?('manager') - - managers << m end - managers end end diff --git a/resources/libraries/get_virtual_ip_info.rb b/resources/libraries/get_virtual_ip_info.rb new file mode 100644 index 00000000..4763fdbc --- /dev/null +++ b/resources/libraries/get_virtual_ip_info.rb @@ -0,0 +1,104 @@ +module RbManager + module Helpers + def get_virtual_ip_info(managers) + virtual_ips = {} + ip_regex = /^([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])\.([01]?\d\d?|2[0-4]\d|25[0-5])$/ + has_any_virtual_ip = false + node['redborder']['manager']['virtual_ips'].each do |type, services| + virtual_ips[type.to_s] = {} + services.each do |service| + begin + virtual_dg = data_bag_item('rBglobal', "ipvirtual-#{type}-#{service['service']}") + rescue + virtual_dg = {} + end + hash = {} + hash['ip'] = virtual_dg['ip'] + hash['loadbalance'] = (virtual_dg['loadbalance'].nil? ? true : virtual_dg['loadbalance']) + hash['service'] = service['service'] + hash['enable'] = if virtual_dg['ip'] =~ ip_regex && !hash['ip'].nil? + true + else + false + end + + if hash['enable'] + hash['virtual'] = true + hash['run_anywhere'] = true + has_any_virtual_ip = true if hash['ip'] && manager_services[service['service']] + hash['iface'] = node['redborder']['management_interface'] + if manager_services[service['service']] + all_deps_enabled = true + unless service['deps'].nil? + service['deps'].each do |srv_dep| + all_deps_enabled = false if manager_services[srv_dep].nil? || manager_services[srv_dep] == false + end + end + hash['enable'] = all_deps_enabled + else + hash['enable'] = false + end + else + # The virtual ip is not valid or it has not been specified. We need to set at least one + hash['virtual'] = false + hash['run_anywhere'] = false + nodeservice = nil + managers.each do |m| + hash['iface'] = node['redborder']['management_interface'] + run_anywhere_flag = false + + if m.name == node.name + run_anywhere_flag = manager_services[service['service']] + elsif !m['redborder'].nil? && !m['redborder']['manager'].nil? && !m['redborder']['manager']['services'].nil? && !m['redborder']['manager']['services']['current'].nil? + run_anywhere_flag = m['redborder']['manager']['services']['current'][service['service']] + end + + if run_anywhere_flag && !m['redborder']['manager'][hash['iface']].nil? + nodeservice = m + break + end + end + + if nodeservice.nil? + managers.each do |m| + hash['iface'] = node['redborder']['management_interface'] + run_anywhere_flag = false + run_anywhere_flag = m['redborder']['manager']['services']['overwrite'][service['service']] unless m['redborder']['manager']['services']['overwrite'].nil? + run_anywhere_flag = m['redborder']['manager']['services'][m['redborder']['manager']['mode']][service['service']] if run_anywhere_flag != true && !m['redborder']['manager']['services'][m['redborder']['manager']['mode']].nil? + if run_anywhere_flag && !m['redborder']['manager'][hash['iface']].nil? + nodeservice = m + break + end + end + end + + if !nodeservice.nil? && !nodeservice['redborder']['manager'][hash['iface']].nil? + hash['virtual'] = false + hash['ip'] = nodeservice['redborder']['manager'][hash['iface']]['ip'] + hash['physical_ip'] = hash['ip'] + hash['prefixlen'] = nodeservice['redborder']['manager'][hash['iface']]['prefixlen'] + hash['run_anywhere'] = true + end + end + virtual_ips[type.to_s][service['service']] = hash + end + end + + [virtual_ips, has_any_virtual_ip] + end + + def get_virtual_ips_per_ip_info(virtual_ips) + virtual_ips_per_ip = {} + virtual_ips.each do |_type, data| + data.each.each do |_service, vi| + if vi['ip'] + virtual_ips_per_ip[vi['ip']] = [] if virtual_ips_per_ip[vi['ip']].nil? + virtual_ips_per_ip[vi['ip']] << vi + end + end + end + + virtual_ips_per_ip + end + end +end diff --git a/resources/metadata.rb b/resources/metadata.rb index d872bf9e..29685054 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -3,7 +3,7 @@ maintainer_email 'git@redborder.com' license 'AGPL-3.0' description 'Installs/Configures redborder manager' -version '2.0.1' +version '2.1.0' depends 'rb-common' depends 'chef-server' @@ -42,3 +42,4 @@ depends 'rblogstatter' depends 'rb-arubacentral' depends 'rb-postfix' +depends 'keepalived' diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 149e4ddd..cceeb254 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -6,7 +6,11 @@ # Services configuration # manager services -manager_services = manager_services() +managers = node.run_state['managers'] +manager_services = node.run_state['manager_services'] +node.default['redborder']['manager']['services']['current'] = node.run_state['manager_services'] +virtual_ips = node.run_state['virtual_ips'] +virtual_ips_per_ip = node.run_state['virtual_ips_per_ip'] rb_common_config 'Configure common' do action :configure @@ -47,6 +51,31 @@ end end +begin + vrrp_secrets = data_bag_item('passwords', 'vrrp') +rescue + vrrp_secrets = {} +end + +keepalived_config 'Configure keepalived' do + vrrp_secrets vrrp_secrets + virtual_ips virtual_ips + virtual_ips_per_ip virtual_ips_per_ip + managers managers + balanced_services node['redborder']['manager']['balanced'] + has_any_virtual_ip node.run_state['has_any_virtual_ip'] + manager_services manager_services + ipmgt node['ipaddress'] + iface_management node['redborder']['management_interface'] + ipaddress_sync node['ipaddress_sync'] + managers_per_service node['redborder']['managers_per_services'] + if manager_services['keepalived'] + action :add + else + action :remove + end +end + zookeeper_config 'Configure Zookeeper' do port node['zookeeper']['port'] memory node['redborder']['memory_services']['zookeeper']['memory'] @@ -522,7 +551,11 @@ ipaddress node['ipaddress_sync'] access_key_id s3_secrets['s3_access_key_id'] secret_key_id s3_secrets['s3_secret_key_id'] - action((manager_services['s3'] && (external_services['s3'] == 'onpremise')) ? [:add, :register] : [:remove, :deregister]) + if manager_services['s3'] && (external_services['s3'] == 'onpremise') + action [:add, :register] + else + action [:remove, :deregister] + end end # First configure the cert for the service before configuring nginx @@ -537,7 +570,9 @@ # Configure Nginx s3 onpremise nodes for now.. minio_config 'Configure Nginx S3 (minio)' do s3_hosts node['redborder']['s3']['s3_hosts'] - action((manager_services['s3'] && (external_services['s3'] == 'onpremise')) ? [:add_s3_conf_nginx] : :nothing) + if manager_services['s3'] && (external_services['s3'] == 'onpremise') + action [:add_s3_conf_nginx] + end end begin diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index d3e6c1d7..10eadbcf 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -63,10 +63,14 @@ node.default['redborder']['cdomain'] = cdomain # get managers information(name, ip, services...) -node.default['redborder']['cluster_info'] = get_cluster_info() +node.default['redborder']['cluster_info'] = get_cluster_info + +# manager services +node.run_state['manager_services'] = manager_services() +node.default['redborder']['manager']['services']['current'] = node.run_state['manager_services'] # get managers sorted by service -node.default['redborder']['managers_per_services'] = managers_per_service() +node.default['redborder']['managers_per_services'] = managers_per_service # get elasticache nodes begin @@ -102,9 +106,35 @@ # get namespaces node.run_state['namespaces'] = get_namespaces +node.run_state['managers'] = get_managers_all + +# keepalived +# Update keepalived status +node.run_state['has_balanced_service_enable'] = false +if node.run_state['manager_services']['keepalived'] + node.run_state['has_balanced_service_enable'] = true +else + unless node['redborder']['manager']['balanced'].nil? + node['redborder']['manager']['balanced'].each do |s| + node.run_state['has_balanced_service_enable'] = true if node.run_state['manager_services'][s[:service]] + end + end +end +node.run_state['virtual_ips'], node.run_state['has_any_virtual_ip'] = get_virtual_ip_info(node.run_state['managers']) +node.run_state['virtual_ips_per_ip'] = get_virtual_ips_per_ip_info(node.run_state['virtual_ips']) +if File.exist?'/etc/lock/keepalived' + node.run_state['manager_services']['keepalived'] = false +elsif node['redborder'].nil? || node['redborder']['dmidecode'].nil? || node['redborder']['dmidecode']['manufacturer'].nil? || node['redborder']['dmidecode']['manufacturer'].to_s.downcase == 'xen' + if manager_index > 0 && !cluster_installed + node.run_state['manager_services']['keepalived'] = false + else + node.run_state['manager_services']['keepalived'] = node.run_state['has_any_virtual_ip'] and !File.exist?'/etc/lock/keepalived' + end +else + node.run_state['manager_services']['keepalived'] = node.run_state['has_any_virtual_ip'] and !File.exist?'/etc/lock/keepalived' +end + # get string with all zookeeper hosts and port separated by commas, its needed for multiples services -# zk_port = node['redborder']['zookeeper']['port'] -# zk_hosts = node['redborder']['managers_per_services']['zookeeper'].map {|z| '#{z}.node:#{zk_port}'}.join(',') node.default['redborder']['zookeeper']['zk_hosts'] = "zookeeper.service.#{node['redborder']['cdomain']}:#{node['redborder']['zookeeper']['port']}" # set webui hosts