From f08e447f7e2dd7b406a7afd48c3765d3a303c104 Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Mon, 3 Jun 2024 16:53:15 +0100 Subject: [PATCH 01/17] Configure minio nodes and load balancer --- resources/attributes/default.rb | 1 + resources/recipes/configure.rb | 72 +++++++++++++++------------ resources/recipes/prepare_system.rb | 14 ++++-- resources/templates/default/minio.erb | 4 ++ 4 files changed, 54 insertions(+), 37 deletions(-) create mode 100644 resources/templates/default/minio.erb diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 2a54bfaf..db1ef8fc 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -13,6 +13,7 @@ #s3 default["redborder"]["uploaded_s3"] = false +default["redborder"]["s3"]["s3_hosts"] = [] #chef-client default["chef-client"]["interval"] = 300 diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 8de0dc24..289ae9c6 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -200,8 +200,8 @@ rbmonitor_config "Configure redborder-monitor" do name node["hostname"] - device_nodes node.run_state["sensors_info_all"]["device-sensor"] - flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] + device_nodes node["redborder"]["sensors_info_all"]["device-sensor"] + flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] managers node["redborder"]["managers_list"] cluster node["redborder"]["cluster_info"] hostip node["redborder"]["cluster_info"][name]["ip"] @@ -209,7 +209,7 @@ end rbscanner_config "Configure redborder-scanner" do - scanner_nodes node.run_state["sensors_info_all"]["scanner-sensor"] + scanner_nodes node["redborder"]["sensors_info_all"]["scanner-sensor"] action (manager_services["redborder-scanner"] ? [:add, :register] : [:remove, :deregister]) end @@ -253,10 +253,10 @@ kafka_hosts node["redborder"]["managers_per_services"]["kafka"] memory node["redborder"]["memory_services"]["http2k"]["memory"] port node["redborder"]["http2k"]["port"] - proxy_nodes node.run_state["sensors_info"]["proxy-sensor"] - ips_nodes node.run_state["sensors_info"]["ips-sensor"] - ipsg_nodes node.run_state["sensors_info"]["ipsg-sensor"] - ipscp_nodes node.run_state["sensors_info"]["ipscp-sensor"] + proxy_nodes node["redborder"]["sensors_info"]["proxy-sensor"] + ips_nodes node["redborder"]["sensors_info"]["ips-sensor"] + ipsg_nodes node["redborder"]["sensors_info"]["ipsg-sensor"] + ipscp_nodes node["redborder"]["sensors_info"]["ipscp-sensor"] organizations node["redborder"]["organizations"] locations_list node["redborder"]["locations"] action (manager_services["http2k"] ? [:add, :register] : [:remove, :deregister]) @@ -269,29 +269,29 @@ end f2k_config "Configure f2k" do - sensors node.run_state["sensors_info"]["flow-sensor"] + sensors node["redborder"]["sensors_info"]["flow-sensor"] action (manager_services["f2k"] ? [:add, :register] : [:remove, :deregister]) end pmacct_config "Configure pmacct" do - sensors node.run_state["sensors_info"]["flow-sensor"] + sensors node["redborder"]["sensors_info"]["flow-sensor"] kafka_hosts node["redborder"]["managers_per_services"]["kafka"] action (manager_services["pmacct"] ? [:add, :register] : [:remove, :deregister]) end -if node.run_state["pipelines"].nil? || node.run_state["pipelines"].empty? +if node["redborder"]["logstash"]["pipelines"].nil? || node["redborder"]["logstash"]["pipelines"].empty? service 'logstash' do action [:disable, :stop] end else logstash_config "Configure logstash" do cdomain node["redborder"]["cdomain"] - flow_nodes node.run_state["all_flow_sensors_info"]["flow-sensor"] - namespaces node.run_state["namespaces"] - vault_nodes node.run_state["sensors_info_all"]["vault-sensor"] - scanner_nodes node.run_state["sensors_info_all"]["scanner-sensor"] - device_nodes node.run_state["sensors_info_all"]["device-sensor"] - logstash_pipelines node.run_state["pipelines"] + flow_nodes node["redborder"]["all_flow_sensors_info"]["flow-sensor"] + namespaces node["redborder"]["namespaces"] + vault_nodes node["redborder"]["sensors_info_all"]["vault-sensor"] + scanner_nodes node["redborder"]["sensors_info_all"]["scanner-sensor"] + device_nodes node["redborder"]["sensors_info_all"]["device-sensor"] + logstash_pipelines node["redborder"]["logstash"]["pipelines"] action (manager_services["logstash"] ? [:add, :register] : [:remove, :deregister]) end end @@ -307,29 +307,29 @@ end rsyslog_config "Configure rsyslog" do - vault_nodes node.run_state["sensors_info_all"]["vault-sensor"] + node.run_state["sensors_info_all"]["cep-sensor"] - ips_nodes node.run_state["sensors_info_all"]["ips-sensor"] + node.run_state["sensors_info_all"]["ipsv2-sensor"] + node.run_state["sensors_info_all"]["ipscp-sensor"] + vault_nodes node["redborder"]["sensors_info_all"]["vault-sensor"] + node["redborder"]["sensors_info_all"]["cep-sensor"] + ips_nodes node["redborder"]["sensors_info_all"]["ips-sensor"] + node["redborder"]["sensors_info_all"]["ipsv2-sensor"] + node["redborder"]["sensors_info_all"]["ipscp-sensor"] action (manager_services["rsyslog"] ? [:add, :register] : [:remove, :deregister]) end rbnmsp_config "Configure redborder-nmsp" do memory node["redborder"]["memory_services"]["redborder-nmsp"]["memory"] - proxy_nodes node.run_state["sensors_info_all"]["proxy-sensor"] - flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] + proxy_nodes node["redborder"]["sensors_info_all"]["proxy-sensor"] + flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] hosts node["redborder"]["zookeeper"]["zk_hosts"] action (manager_services["redborder-nmsp"] ? [:add, :configure_keys, :register] : [:remove, :deregister]) end n2klocd_config "Configure n2klocd" do - mse_nodes node.run_state["sensors_info_all"]["mse-sensor"] - meraki_nodes node.run_state["sensors_info_all"]["meraki-sensor"] + mse_nodes node["redborder"]["sensors_info_all"]["mse-sensor"] + meraki_nodes node["redborder"]["sensors_info_all"]["meraki-sensor"] n2klocd_managers node["redborder"]["managers_per_services"]["n2klocd"] memory node["redborder"]["memory_services"]["n2klocd"]["memory"] action (manager_services["n2klocd"] ? [:add, :register] : [:remove, :deregister]) end rbale_config "Configure redborder-ale" do - ale_nodes node.run_state["sensors_info_all"]["ale-sensor"] + ale_nodes node["redborder"]["sensors_info_all"]["ale-sensor"] action (node["redborder"]["services"]["redborder-ale"] ? [:add, :register] : [:remove, :deregister]) end @@ -338,13 +338,13 @@ end rb_arubacentral_config "Configure rb-arubacentral" do - arubacentral_nodes node.run_state["sensors_info_all"]["arubacentral-sensor"] - flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] + arubacentral_nodes node["redborder"]["sensors_info_all"]["arubacentral-sensor"] + flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] action (node["redborder"]["services"]["rb-arubacentral"] ? :add : :remove) end #freeradius_config "Configure radiusd" do -# flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] +# flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] # action (node["redborder"]["services"]["radiusd"] ? [:config_common, :config_manager, :register] : [:remove, :deregister]) #end @@ -353,9 +353,9 @@ end rbcep_config "Configure redborder-cep" do - flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] - vault_nodes node.run_state["sensors_info_all"]["vault-sensor"] - ips_nodes node.run_state["sensors_info_all"]["ips-sensor"] + node.run_state["sensors_info_all"]["ipsv2-sensor"] + node.run_state["sensors_info_all"]["ipscp-sensor"] + flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] + vault_nodes node["redborder"]["sensors_info_all"]["vault-sensor"] + ips_nodes node["redborder"]["sensors_info_all"]["ips-sensor"] + node["redborder"]["sensors_info_all"]["ipsv2-sensor"] + node["redborder"]["sensors_info_all"]["ipscp-sensor"] action (node["redborder"]["services"]["redborder-cep"] ? [:add, :register] : [:remove, :deregister]) end @@ -376,12 +376,20 @@ action (manager_services["postgresql"] and external_services["postgresql"] == "onpremise" ? [:add, :register] : [:remove, :deregister]) end -s3_leader = `serf members | grep s3=ready | awk '{print $1'} | head -n 1`.strip +s3_secrets = Chef::DataBagItem.load('passwords','s3') -# Allow only one s3 onpremise node for now.. TODO: Distributed MinIO +# Allow only s3 onpremise nodes for now.. minio_config "Configure S3 (minio)" do ipaddress node["ipaddress_sync"] - action ((manager_services["s3"] and external_services["s3"] == "onpremise" and s3_leader == node.name ) ? [:add, :register] : [:remove, :deregister]) + access_key_id s3_secrets["s3_access_key_id"] + secret_key_id s3_secrets["s3_secret_key_id"] + action ((manager_services["s3"] and external_services["s3"] == "onpremise") ? [:add, :register] : [:remove, :deregister]) +end + +# Configure Nginx s3 onpremise nodes for now.. +minio_config "Configure Nginx S3 (minio)" do + s3_hosts node["redborder"]["s3_hosts"] + action ((manager_services["s3"] and external_services["s3"] == "onpremise") ? [:add_s3_conf_nginx] : :nothing) end if manager_services["s3"] diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 7551a7d6..0f32bf8d 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -87,25 +87,29 @@ node.default["redborder"]["organizations"] = get_orgs() if node["redborder"]["services"]["http2k"] #get sensors info -node.run_state["sensors_info"] = get_sensors_info() +node.default["redborder"]["sensors_info"] = get_sensors_info() #get sensors info full info -node.run_state["sensors_info_all"] = get_sensors_all_info() +node.default["redborder"]["sensors_info_all"] = get_sensors_all_info() #get sensors info of all flow sensors -node.run_state["all_flow_sensors_info"] = get_all_flow_sensors_info() +node.default["redborder"]["all_flow_sensors_info"] = get_all_flow_sensors_info() #get logstash pipelines -node.run_state["pipelines"] = get_pipelines() +node.default["redborder"]["logstash"]["pipelines"] = get_pipelines() #get namespaces -node.run_state["namespaces"] = get_namespaces +node.default["redborder"]["namespaces"] = get_namespaces #get string with all zookeeper hosts and port separated by commas, its needed for multiples services zk_port = node["redborder"]["zookeeper"]["port"] #zk_hosts = node["redborder"]["managers_per_services"]["zookeeper"].map {|z| "#{z}.node:#{zk_port}"}.join(',') node.default["redborder"]["zookeeper"]["zk_hosts"] = "zookeeper.service.#{node["redborder"]["cdomain"]}:#{node["redborder"]["zookeeper"]["port"]}" +# Set all nodes with s3 configured (nginx load balancer) +s3_hosts = node["redborder"]["managers_per_services"]["s3"].map {|z| "#{z}.node:9000"} +node.default["redborder"]["s3"]["s3_hosts"] = s3_hosts + #set kafka host index if kafka is enabled in this host if node["redborder"]["managers_per_services"]["kafka"].include?(node.name) node.default["redborder"]["kafka"]["host_index"] = node["redborder"]["managers_per_services"]["kafka"].index(node.name) diff --git a/resources/templates/default/minio.erb b/resources/templates/default/minio.erb new file mode 100644 index 00000000..4973ec55 --- /dev/null +++ b/resources/templates/default/minio.erb @@ -0,0 +1,4 @@ +MINIO_OPTS="--address :9000 --console-address :9001 --config-dir /etc/minio" +MINIO_VOLUMES=/var/minio/data +MINIO_ROOT_USER=<%= @s3_user %> +MINIO_ROOT_PASSWORD=<%= @s3_password %> \ No newline at end of file From ac54c02592ce9000af4b61c3bba3e713dbc81cbc Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Mon, 3 Jun 2024 16:54:51 +0100 Subject: [PATCH 02/17] Proper use of s3 hosts --- resources/recipes/configure.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 289ae9c6..5b6e7785 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -388,7 +388,7 @@ # Configure Nginx s3 onpremise nodes for now.. minio_config "Configure Nginx S3 (minio)" do - s3_hosts node["redborder"]["s3_hosts"] + s3_hosts node["redborder"]["s3"]["s3_hosts"] action ((manager_services["s3"] and external_services["s3"] == "onpremise") ? [:add_s3_conf_nginx] : :nothing) end From fd63ad2e46a01574eb1ea2bd1a5929f46a8ffcf7 Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Mon, 3 Jun 2024 16:57:24 +0100 Subject: [PATCH 03/17] Fix prepare and configure --- resources/recipes/configure.rb | 58 ++++++++++++++--------------- resources/recipes/prepare_system.rb | 10 ++--- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 5b6e7785..924a0f3f 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -200,8 +200,8 @@ rbmonitor_config "Configure redborder-monitor" do name node["hostname"] - device_nodes node["redborder"]["sensors_info_all"]["device-sensor"] - flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] + device_nodes node.run_state["sensors_info_all"]["device-sensor"] + flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] managers node["redborder"]["managers_list"] cluster node["redborder"]["cluster_info"] hostip node["redborder"]["cluster_info"][name]["ip"] @@ -209,7 +209,7 @@ end rbscanner_config "Configure redborder-scanner" do - scanner_nodes node["redborder"]["sensors_info_all"]["scanner-sensor"] + scanner_nodes node.run_state["sensors_info_all"]["scanner-sensor"] action (manager_services["redborder-scanner"] ? [:add, :register] : [:remove, :deregister]) end @@ -253,10 +253,10 @@ kafka_hosts node["redborder"]["managers_per_services"]["kafka"] memory node["redborder"]["memory_services"]["http2k"]["memory"] port node["redborder"]["http2k"]["port"] - proxy_nodes node["redborder"]["sensors_info"]["proxy-sensor"] - ips_nodes node["redborder"]["sensors_info"]["ips-sensor"] - ipsg_nodes node["redborder"]["sensors_info"]["ipsg-sensor"] - ipscp_nodes node["redborder"]["sensors_info"]["ipscp-sensor"] + proxy_nodes node.run_state["sensors_info"]["proxy-sensor"] + ips_nodes node.run_state["sensors_info"]["ips-sensor"] + ipsg_nodes node.run_state["sensors_info"]["ipsg-sensor"] + ipscp_nodes node.run_state["sensors_info"]["ipscp-sensor"] organizations node["redborder"]["organizations"] locations_list node["redborder"]["locations"] action (manager_services["http2k"] ? [:add, :register] : [:remove, :deregister]) @@ -269,29 +269,29 @@ end f2k_config "Configure f2k" do - sensors node["redborder"]["sensors_info"]["flow-sensor"] + sensors node.run_state["sensors_info"]["flow-sensor"] action (manager_services["f2k"] ? [:add, :register] : [:remove, :deregister]) end pmacct_config "Configure pmacct" do - sensors node["redborder"]["sensors_info"]["flow-sensor"] + sensors node.run_state["sensors_info"]["flow-sensor"] kafka_hosts node["redborder"]["managers_per_services"]["kafka"] action (manager_services["pmacct"] ? [:add, :register] : [:remove, :deregister]) end -if node["redborder"]["logstash"]["pipelines"].nil? || node["redborder"]["logstash"]["pipelines"].empty? +if node.run_state["pipelines"].nil? || node.run_state["pipelines"].empty? service 'logstash' do action [:disable, :stop] end else logstash_config "Configure logstash" do cdomain node["redborder"]["cdomain"] - flow_nodes node["redborder"]["all_flow_sensors_info"]["flow-sensor"] - namespaces node["redborder"]["namespaces"] - vault_nodes node["redborder"]["sensors_info_all"]["vault-sensor"] - scanner_nodes node["redborder"]["sensors_info_all"]["scanner-sensor"] - device_nodes node["redborder"]["sensors_info_all"]["device-sensor"] - logstash_pipelines node["redborder"]["logstash"]["pipelines"] + flow_nodes node.run_state["all_flow_sensors_info"]["flow-sensor"] + namespaces node.run_state["namespaces"] + vault_nodes node.run_state["sensors_info_all"]["vault-sensor"] + scanner_nodes node.run_state["sensors_info_all"]["scanner-sensor"] + device_nodes node.run_state["sensors_info_all"]["device-sensor"] + logstash_pipelines node.run_state["pipelines"] action (manager_services["logstash"] ? [:add, :register] : [:remove, :deregister]) end end @@ -307,29 +307,29 @@ end rsyslog_config "Configure rsyslog" do - vault_nodes node["redborder"]["sensors_info_all"]["vault-sensor"] + node["redborder"]["sensors_info_all"]["cep-sensor"] - ips_nodes node["redborder"]["sensors_info_all"]["ips-sensor"] + node["redborder"]["sensors_info_all"]["ipsv2-sensor"] + node["redborder"]["sensors_info_all"]["ipscp-sensor"] + vault_nodes node.run_state["sensors_info_all"]["vault-sensor"] + node.run_state["sensors_info_all"]["cep-sensor"] + ips_nodes node.run_state["sensors_info_all"]["ips-sensor"] + node.run_state["sensors_info_all"]["ipsv2-sensor"] + node.run_state["sensors_info_all"]["ipscp-sensor"] action (manager_services["rsyslog"] ? [:add, :register] : [:remove, :deregister]) end rbnmsp_config "Configure redborder-nmsp" do memory node["redborder"]["memory_services"]["redborder-nmsp"]["memory"] - proxy_nodes node["redborder"]["sensors_info_all"]["proxy-sensor"] - flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] + proxy_nodes node.run_state["sensors_info_all"]["proxy-sensor"] + flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] hosts node["redborder"]["zookeeper"]["zk_hosts"] action (manager_services["redborder-nmsp"] ? [:add, :configure_keys, :register] : [:remove, :deregister]) end n2klocd_config "Configure n2klocd" do - mse_nodes node["redborder"]["sensors_info_all"]["mse-sensor"] - meraki_nodes node["redborder"]["sensors_info_all"]["meraki-sensor"] + mse_nodes node.run_state["sensors_info_all"]["mse-sensor"] + meraki_nodes node.run_state["sensors_info_all"]["meraki-sensor"] n2klocd_managers node["redborder"]["managers_per_services"]["n2klocd"] memory node["redborder"]["memory_services"]["n2klocd"]["memory"] action (manager_services["n2klocd"] ? [:add, :register] : [:remove, :deregister]) end rbale_config "Configure redborder-ale" do - ale_nodes node["redborder"]["sensors_info_all"]["ale-sensor"] + ale_nodes node.run_state["sensors_info_all"]["ale-sensor"] action (node["redborder"]["services"]["redborder-ale"] ? [:add, :register] : [:remove, :deregister]) end @@ -338,13 +338,13 @@ end rb_arubacentral_config "Configure rb-arubacentral" do - arubacentral_nodes node["redborder"]["sensors_info_all"]["arubacentral-sensor"] - flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] + arubacentral_nodes node.run_state["sensors_info_all"]["arubacentral-sensor"] + flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] action (node["redborder"]["services"]["rb-arubacentral"] ? :add : :remove) end #freeradius_config "Configure radiusd" do -# flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] +# flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] # action (node["redborder"]["services"]["radiusd"] ? [:config_common, :config_manager, :register] : [:remove, :deregister]) #end @@ -353,9 +353,9 @@ end rbcep_config "Configure redborder-cep" do - flow_nodes node["redborder"]["sensors_info_all"]["flow-sensor"] - vault_nodes node["redborder"]["sensors_info_all"]["vault-sensor"] - ips_nodes node["redborder"]["sensors_info_all"]["ips-sensor"] + node["redborder"]["sensors_info_all"]["ipsv2-sensor"] + node["redborder"]["sensors_info_all"]["ipscp-sensor"] + flow_nodes node.run_state["sensors_info_all"]["flow-sensor"] + vault_nodes node.run_state["sensors_info_all"]["vault-sensor"] + ips_nodes node.run_state["sensors_info_all"]["ips-sensor"] + node.run_state["sensors_info_all"]["ipsv2-sensor"] + node.run_state["sensors_info_all"]["ipscp-sensor"] action (node["redborder"]["services"]["redborder-cep"] ? [:add, :register] : [:remove, :deregister]) end diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 0f32bf8d..0b403d12 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -87,19 +87,19 @@ node.default["redborder"]["organizations"] = get_orgs() if node["redborder"]["services"]["http2k"] #get sensors info -node.default["redborder"]["sensors_info"] = get_sensors_info() +node.run_state["sensors_info"] = get_sensors_info() #get sensors info full info -node.default["redborder"]["sensors_info_all"] = get_sensors_all_info() +node.run_state["sensors_info_all"] = get_sensors_all_info() #get sensors info of all flow sensors -node.default["redborder"]["all_flow_sensors_info"] = get_all_flow_sensors_info() +node.run_state["all_flow_sensors_info"] = get_all_flow_sensors_info() #get logstash pipelines -node.default["redborder"]["logstash"]["pipelines"] = get_pipelines() +node.run_state["pipelines"] = get_pipelines() #get namespaces -node.default["redborder"]["namespaces"] = get_namespaces +node.run_state["namespaces"] = get_namespaces #get string with all zookeeper hosts and port separated by commas, its needed for multiples services zk_port = node["redborder"]["zookeeper"]["port"] From 292288d42c7d56bfc1459832d89cda7f44524859 Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Mon, 10 Jun 2024 13:53:14 +0100 Subject: [PATCH 04/17] Add hosts in node data --- resources/attributes/default.rb | 1 + resources/recipes/configure.rb | 1 + resources/recipes/prepare_system.rb | 5 +++++ 3 files changed, 7 insertions(+) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index db1ef8fc..708321ac 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -34,6 +34,7 @@ #webui default["redborder"]["webui"]["port"] = 8001 +default["redborder"]["webui"]["hosts"] = [] #memcached default["redborder"]["memcached"]["elasticache"] = false diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 924a0f3f..c11965b9 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -243,6 +243,7 @@ end webui_config "Configure Nginx WebUI" do + hosts node["redborder"]["webui"]["webui_hosts"] cdomain node["redborder"]["cdomain"] port node["redborder"]["webui"]["port"] action ((manager_services["webui"] and manager_services["nginx"]) ? [:configure_certs, :add_webui_conf_nginx] : :nothing) diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 0b403d12..6a414bd2 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -110,6 +110,11 @@ s3_hosts = node["redborder"]["managers_per_services"]["s3"].map {|z| "#{z}.node:9000"} node.default["redborder"]["s3"]["s3_hosts"] = s3_hosts +# set webui hosts +webui_hosts = node["redborder"]["managers_per_services"]["webui"].map {|z| "#{z}.node"} +node.default["redborder"]["webui"]["webui_hosts"] = webui_hosts + + #set kafka host index if kafka is enabled in this host if node["redborder"]["managers_per_services"]["kafka"].include?(node.name) node.default["redborder"]["kafka"]["host_index"] = node["redborder"]["managers_per_services"]["kafka"].index(node.name) From 6e7680a3eaaa6850334bcd3c13298f43dd0fb924 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 13:58:26 +0100 Subject: [PATCH 05/17] Delete resources/templates/default/minio.erb --- resources/templates/default/minio.erb | 4 ---- 1 file changed, 4 deletions(-) delete mode 100644 resources/templates/default/minio.erb diff --git a/resources/templates/default/minio.erb b/resources/templates/default/minio.erb deleted file mode 100644 index 4973ec55..00000000 --- a/resources/templates/default/minio.erb +++ /dev/null @@ -1,4 +0,0 @@ -MINIO_OPTS="--address :9000 --console-address :9001 --config-dir /etc/minio" -MINIO_VOLUMES=/var/minio/data -MINIO_ROOT_USER=<%= @s3_user %> -MINIO_ROOT_PASSWORD=<%= @s3_password %> \ No newline at end of file From 3bc8e8f7d3700c7ab607612a13fcdcbd2ad2e4e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 13:58:45 +0100 Subject: [PATCH 06/17] Update prepare_system.rb --- resources/recipes/prepare_system.rb | 4 ---- 1 file changed, 4 deletions(-) diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 6a414bd2..ac6ab0c1 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -106,10 +106,6 @@ #zk_hosts = node["redborder"]["managers_per_services"]["zookeeper"].map {|z| "#{z}.node:#{zk_port}"}.join(',') node.default["redborder"]["zookeeper"]["zk_hosts"] = "zookeeper.service.#{node["redborder"]["cdomain"]}:#{node["redborder"]["zookeeper"]["port"]}" -# Set all nodes with s3 configured (nginx load balancer) -s3_hosts = node["redborder"]["managers_per_services"]["s3"].map {|z| "#{z}.node:9000"} -node.default["redborder"]["s3"]["s3_hosts"] = s3_hosts - # set webui hosts webui_hosts = node["redborder"]["managers_per_services"]["webui"].map {|z| "#{z}.node"} node.default["redborder"]["webui"]["webui_hosts"] = webui_hosts From ed91ff3faadc1333a3872af33bdb1ab70cd0b178 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 13:59:03 +0100 Subject: [PATCH 07/17] Update default.rb --- resources/attributes/default.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 708321ac..8d5faeb5 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -13,7 +13,6 @@ #s3 default["redborder"]["uploaded_s3"] = false -default["redborder"]["s3"]["s3_hosts"] = [] #chef-client default["chef-client"]["interval"] = 300 From d89bd26f0eff98a2f623c7572141731d733566b6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:00:07 +0100 Subject: [PATCH 08/17] Update configure.rb --- resources/recipes/configure.rb | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index c11965b9..1e7a5250 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -382,15 +382,7 @@ # Allow only s3 onpremise nodes for now.. minio_config "Configure S3 (minio)" do ipaddress node["ipaddress_sync"] - access_key_id s3_secrets["s3_access_key_id"] - secret_key_id s3_secrets["s3_secret_key_id"] - action ((manager_services["s3"] and external_services["s3"] == "onpremise") ? [:add, :register] : [:remove, :deregister]) -end - -# Configure Nginx s3 onpremise nodes for now.. -minio_config "Configure Nginx S3 (minio)" do - s3_hosts node["redborder"]["s3"]["s3_hosts"] - action ((manager_services["s3"] and external_services["s3"] == "onpremise") ? [:add_s3_conf_nginx] : :nothing) + action ((manager_services["s3"] and external_services["s3"] == "onpremise" and s3_leader == node.name ) ? [:add, :register] : [:remove, :deregister]) end if manager_services["s3"] From 4ec77f8f74a508c56577912aa75d1f414222974c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:00:35 +0100 Subject: [PATCH 09/17] Update configure.rb --- resources/recipes/configure.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 1e7a5250..07e14e73 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -377,7 +377,7 @@ action (manager_services["postgresql"] and external_services["postgresql"] == "onpremise" ? [:add, :register] : [:remove, :deregister]) end -s3_secrets = Chef::DataBagItem.load('passwords','s3') +s3_leader = `serf members | grep s3=ready | awk '{print $1'} | head -n 1`.strip # Allow only s3 onpremise nodes for now.. minio_config "Configure S3 (minio)" do From 3220e71722ca01f16b9c672c861354a44d5b9f5c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:01:02 +0100 Subject: [PATCH 10/17] Update configure.rb --- resources/recipes/configure.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 07e14e73..bbed9d6b 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -379,7 +379,7 @@ s3_leader = `serf members | grep s3=ready | awk '{print $1'} | head -n 1`.strip -# Allow only s3 onpremise nodes for now.. +# Allow only one s3 onpremise node for now.. TODO: Distributed MinIO minio_config "Configure S3 (minio)" do ipaddress node["ipaddress_sync"] action ((manager_services["s3"] and external_services["s3"] == "onpremise" and s3_leader == node.name ) ? [:add, :register] : [:remove, :deregister]) From e101c2daf7d11e59febf41daf856098f166bc085 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:01:33 +0100 Subject: [PATCH 11/17] Update prepare_system.rb --- resources/recipes/prepare_system.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index ac6ab0c1..8e80f2a9 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -110,7 +110,6 @@ webui_hosts = node["redborder"]["managers_per_services"]["webui"].map {|z| "#{z}.node"} node.default["redborder"]["webui"]["webui_hosts"] = webui_hosts - #set kafka host index if kafka is enabled in this host if node["redborder"]["managers_per_services"]["kafka"].include?(node.name) node.default["redborder"]["kafka"]["host_index"] = node["redborder"]["managers_per_services"]["kafka"].index(node.name) From 4db8fa127f35ff35df6b25dfcb309c1f26c8aab5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:12:41 +0100 Subject: [PATCH 12/17] Update configure.rb --- resources/recipes/configure.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index bbed9d6b..95db2925 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -243,7 +243,7 @@ end webui_config "Configure Nginx WebUI" do - hosts node["redborder"]["webui"]["webui_hosts"] + hosts node["redborder"]["webui"]["hosts"] cdomain node["redborder"]["cdomain"] port node["redborder"]["webui"]["port"] action ((manager_services["webui"] and manager_services["nginx"]) ? [:configure_certs, :add_webui_conf_nginx] : :nothing) From 78f1562db7a62fa9cc39a774f6bfe3dbf439a024 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20=C3=81lvarez?= <128592227+malvads@users.noreply.github.com> Date: Mon, 10 Jun 2024 14:13:02 +0100 Subject: [PATCH 13/17] Update prepare_system.rb --- resources/recipes/prepare_system.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index 8e80f2a9..2da1dfe4 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -108,7 +108,7 @@ # set webui hosts webui_hosts = node["redborder"]["managers_per_services"]["webui"].map {|z| "#{z}.node"} -node.default["redborder"]["webui"]["webui_hosts"] = webui_hosts +node.default["redborder"]["webui"]["hosts"] = webui_hosts #set kafka host index if kafka is enabled in this host if node["redborder"]["managers_per_services"]["kafka"].include?(node.name) From e748afeddc41ac7a367b133ed0912ff9e96915ee Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Thu, 13 Jun 2024 14:26:54 +0100 Subject: [PATCH 14/17] Fix lint issues --- resources/recipes/prepare_system.rb | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/resources/recipes/prepare_system.rb b/resources/recipes/prepare_system.rb index d307168c..d3e6c1d7 100644 --- a/resources/recipes/prepare_system.rb +++ b/resources/recipes/prepare_system.rb @@ -108,12 +108,12 @@ node.default['redborder']['zookeeper']['zk_hosts'] = "zookeeper.service.#{node['redborder']['cdomain']}:#{node['redborder']['zookeeper']['port']}" # set webui hosts -webui_hosts = node["redborder"]["managers_per_services"]["webui"].map {|z| "#{z}.node"} -node.default["redborder"]["webui"]["hosts"] = webui_hosts +webui_hosts = node['redborder']['managers_per_services']['webui'].map { |z| "#{z}.node" } +node.default['redborder']['webui']['hosts'] = webui_hosts -#set kafka host index if kafka is enabled in this host -if node["redborder"]["managers_per_services"]["kafka"].include?(node.name) - node.default["redborder"]["kafka"]["host_index"] = node["redborder"]["managers_per_services"]["kafka"].index(node.name) +# set kafka host index if kafka is enabled in this host +if node['redborder']['managers_per_services']['kafka'].include?(node.name) + node.default['redborder']['kafka']['host_index'] = node['redborder']['managers_per_services']['kafka'].index(node.name) end # Set all nodes with s3 configured (nginx load balancer) From 240599304b6e39285df19b8ad3421f60c8b2f3cb Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Thu, 13 Jun 2024 14:28:38 +0100 Subject: [PATCH 15/17] Fix lint issues in configure --- resources/recipes/configure.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/resources/recipes/configure.rb b/resources/recipes/configure.rb index 2de221b4..149e4ddd 100644 --- a/resources/recipes/configure.rb +++ b/resources/recipes/configure.rb @@ -307,7 +307,7 @@ end webui_config 'Configure Nginx WebUI' do - hosts node["redborder"]["webui"]["hosts"] + hosts node['redborder']['webui']['hosts'] cdomain node['redborder']['cdomain'] port node['redborder']['webui']['port'] if manager_services['webui'] && manager_services['nginx'] From d6ecac24673a7a7ff4407efdf14447bca583b7a1 Mon Sep 17 00:00:00 2001 From: Miguel Alvarez Date: Thu, 13 Jun 2024 14:30:48 +0100 Subject: [PATCH 16/17] Fix lint issues in attributes --- resources/attributes/default.rb | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/resources/attributes/default.rb b/resources/attributes/default.rb index 0fcc7d6f..d078d0a5 100644 --- a/resources/attributes/default.rb +++ b/resources/attributes/default.rb @@ -25,9 +25,9 @@ # http2k default['redborder']['http2k']['port'] = 7980 -#webui -default["redborder"]["webui"]["port"] = 8001 -default["redborder"]["webui"]["hosts"] = [] +# webui +default['redborder']['webui']['port'] = 8001 +default['redborder']['webui']['hosts'] = [] # memcached default['redborder']['memcached']['elasticache'] = false From 5283cdaae6e4717d386ff0b953f0108ebbd68a4b Mon Sep 17 00:00:00 2001 From: JuanSheba Date: Thu, 13 Jun 2024 14:48:06 +0100 Subject: [PATCH 17/17] Release 2.0.1 --- CHANGELOG.md | 11 +++++++++++ resources/metadata.rb | 2 +- 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3108fac4..ff344d72 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,17 @@ cookbook-rb-manager CHANGELOG =============== +## 2.0.1 + + - Miguel Alvarez + - [d6ecac2][e748afe][2405993] Fix lint issues + - [292288d] Add hosts in node data + - [fd63ad2] Fix prepare and configure + - [ac54c02] Proper use of s3 hosts + - [f08e447] Configure minio nodes and load balancer + - [78f1562][4db8fa1][e101c2d][3220e71][4ec77f8][d89bd26][ed91ff3] Updates + - [6e7680a] Delete resources/templates/default/minio.erb + ## 2.0.0 - Miguel Álvarez diff --git a/resources/metadata.rb b/resources/metadata.rb index ac1f7370..d872bf9e 100644 --- a/resources/metadata.rb +++ b/resources/metadata.rb @@ -3,7 +3,7 @@ maintainer_email 'git@redborder.com' license 'AGPL-3.0' description 'Installs/Configures redborder manager' -version '2.0.0' +version '2.0.1' depends 'rb-common' depends 'chef-server'