diff --git a/bin/refresh.sh b/bin/refresh.sh index d9f12814..63889f60 100755 --- a/bin/refresh.sh +++ b/bin/refresh.sh @@ -1,22 +1,22 @@ #!/bin/bash set -e -service mysqld restart -service mysqld status || exit $? +systemctl restart mariadb.service +systemctl status mariadb.service || exit $? /opt/compass/bin/manage_db.py createdb /opt/compass/bin/clean_installers.py --noasync /opt/compass/bin/clean_installation_logs.py rm -rf /var/ansible/run/* -service httpd restart -service httpd status || exit $? -service rsyslog restart -service rsyslog status || exit $? -service redis restart -service redis status || exit $? +systemctl restart httpd.service +systemctl status httpd.service || exit $? +systemctl restart rsyslog.service +systemctl status rsyslog.service || exit $? +systemctl restart redis.service +systemctl status redis.service || exit $? redis-cli flushall -service cobblerd restart -service cobblerd status || exit $? -service compass-celeryd restart -service compass-celeryd status || exit $? -service compass-progress-updated restart -service compass-progress-updated status || exit $? +systemctl restart cobblerd.service +systemctl status cobblerd.service || exit $? +systemctl restart compass-celeryd.service +systemctl status compass-celeryd.service || exit $? +systemctl restart compass-progress-updated.service +systemctl status compass-progress-updated.service || exit $? diff --git a/install/cobbler.sh b/install/cobbler.sh index af4e8834..346321e1 100755 --- a/install/cobbler.sh +++ b/install/cobbler.sh @@ -13,13 +13,14 @@ fi source $DIR/install_func.sh echo "Installing cobbler related packages" -sudo yum -y install cobbler cobbler-web createrepo mkisofs python-cheetah python-simplejson python-urlgrabber PyYAML Django cman debmirror pykickstart reprepro +sudo yum -y install cobbler cobbler-web createrepo mkisofs python-cheetah python-simplejson python-urlgrabber PyYAML Django corosync pykickstart +sudo yum -y upgrade yum-utils if [[ "$?" != "0" ]]; then echo "failed to install cobbler related packages" exit 1 -else +#else # patch cobbler code - find /usr/lib -name manage_bind.py |xargs perl -pi.old -e 's/(\s+)(self\.logger\s+\= logger)/$1$2\n$1if self\.logger is None:\n$1 import clogger\n$1 self\.logger = clogger.Logger\(\)/' +# find /usr/lib -name manage_bind.py |xargs perl -pi.old -e 's/(\s+)(self\.logger\s+\= logger)/$1$2\n$1if self\.logger is None:\n$1 import clogger\n$1 self\.logger = clogger.Logger\(\)/' fi # cobbler snippet uses netaddr to calc subnet and ip addr @@ -29,7 +30,7 @@ if [[ "$?" != "0" ]]; then exit 1 fi -sudo chkconfig cobblerd on +sudo systemctl enable cobblerd.service # create backup dir sudo mkdir -p /root/backup/cobbler @@ -142,16 +143,15 @@ sudo cp -rf $ADAPTERS_HOME/cobbler/conf/cobbler.conf /etc/httpd/conf.d/ chmod 644 /etc/httpd/conf.d/cobbler.conf sudo cp -rn /etc/xinetd.d /root/backup/ -sudo sed -i 's/disable\([ \t]\+\)=\([ \t]\+\)yes/disable\1=\2no/g' /etc/xinetd.d/rsync -sudo sed -i 's/^@dists=/# @dists=/g' /etc/debmirror.conf -sudo sed -i 's/^@arches=/# @arches=/g' /etc/debmirror.conf +sudo cp $COMPASSDIR/misc/rsync /etc/xinetd.d/ +exit 0 +#sudo sed -i 's/^@dists=/# @dists=/g' /etc/debmirror.conf +#sudo sed -i 's/^@arches=/# @arches=/g' /etc/debmirror.conf sudo rm -rf /var/lib/cobbler/config/systems.d/* echo "disable iptables" -sudo service iptables stop -sudo sleep 10 -sudo service iptables status +sudo systemctl stop firewalld if [[ "$?" == "0" ]]; then echo "iptables is running" exit 1 @@ -159,8 +159,8 @@ else echo "iptables is already stopped" fi -echo "disable selinux temporarily" -echo 0 > /selinux/enforce +# echo "disable selinux temporarily" +# echo 0 > /selinux/enforce # make log dir sudo mkdir -p /var/log/cobbler @@ -168,15 +168,9 @@ sudo mkdir -p /var/log/cobbler/tasks sudo mkdir -p /var/log/cobbler/anamon sudo chmod -R 777 /var/log/cobbler -# kill dnsmasq service -if `sudo chkconfig --list dnsmasq`; then - sudo chkconfig dnsmasq off - sudo service dnsmasq stop -fi -sudo killall -9 dnsmasq - -sudo service httpd restart -sudo service cobblerd restart +sudo systemctl restart httpd.service +sudo systemctl restart cobblerd.service +sudo systemctl restart named.service sudo cobbler get-loaders if [[ "$?" != "0" ]]; then @@ -194,12 +188,12 @@ else echo "cobbler synced" fi -sudo service xinetd restart +sudo systemctl restart xinetd.service sudo sleep 10 echo "Checking if httpd is running" -sudo service httpd status +sudo systemctl status httpd.service if [[ "$?" == "0" ]]; then echo "httpd is running." else @@ -208,7 +202,7 @@ else fi echo "Checking if dhcpd is running" -sudo service dhcpd status +sudo systemctl status dhcpd.service if [[ "$?" == "0" ]]; then echo "dhcpd is running." else @@ -217,7 +211,7 @@ else fi echo "Checking if named is running" -sudo service named status +sudo systemctl status named.service if [[ "$?" == "0" ]]; then echo "named is running." else @@ -226,7 +220,7 @@ else fi echo "Checking if xinetd is running" -sudo service xinetd status +sudo systemctl status xinetd.service if [[ "$?" == "0" ]]; then echo "xinetd is running." else @@ -235,7 +229,7 @@ else fi echo "Checking if cobblerd is running" -sudo service cobblerd status +sudo systemctl status cobblerd.service if [[ "$?" == "0" ]]; then echo "cobblerd is running." else @@ -394,7 +388,6 @@ if [[ $SUPPORT_SLES_11SP3 == "y" ]]; then download -u "$SLES_11SP3_PPA_REPO_SOURCE" -u "$SLES_11SP3_PPA_REPO_SOURCE_ASIA" sles_11sp3_ppa_repo.tar.gz unzip /var/lib/cobbler/repo_mirror || exit $? fi -sudo cobbler repo remove --name Ubuntu-14.04-x86_64 sudo cobbler reposync if [[ "$?" != "0" ]]; then echo "cobbler reposync failed" diff --git a/install/compass.sh b/install/compass.sh index ccbb8f88..fa561970 100755 --- a/install/compass.sh +++ b/install/compass.sh @@ -71,6 +71,7 @@ if [ ! -f /usr/lib64/libcrypto.so ]; then sudo cp -rf /usr/lib64/libcrypto.so.6 /usr/lib64/libcrypto.so fi +sudo mkdir -p /opt/compass/db sudo chmod -R 777 /opt/compass/db sudo chmod -R 777 /var/log/compass sudo chmod -R 777 /var/log/chef @@ -99,8 +100,8 @@ domains=$(echo $NAMESERVER_DOMAINS | sed "s/,/','/g") sudo sed -i "s/\$domains/$domains/g" /etc/compass/setting sudo sed -i "s/\$cobbler_ip/$IPADDR/g" /etc/compass/os_installer/cobbler.conf -sudo sed -i "s/\$chef_ip/$IPADDR/g" /etc/compass/package_installer/chef-icehouse.conf -sudo sed -i "s/\$chef_hostname/$HOSTNAME/g" /etc/compass/package_installer/chef-icehouse.conf +#sudo sed -i "s/\$chef_ip/$IPADDR/g" /etc/compass/package_installer/chef-icehouse.conf +#sudo sed -i "s/\$chef_hostname/$HOSTNAME/g" /etc/compass/package_installer/chef-icehouse.conf sudo sed -i "s|\$PythonHome|$VIRTUAL_ENV|g" /opt/compass/bin/switch_virtualenv.py sudo ln -s -f $VIRTUAL_ENV/bin/celery /opt/compass/bin/celery @@ -116,12 +117,12 @@ sudo chown -R redis:root /var/run/redis sudo mkdir -p /var/lib/redis sudo chown -R redis:root /var/lib/redis sudo rm -rf /var/lib/redis/dump.rdb -sudo killall -9 redis-server +sudo systemctl kill redis-server sudo rm -rf /var/run/redis/redis.pid -sudo service redis restart +sudo systemctl restart redis.service sleep 10 echo "Checking if redis is running" -sudo service redis status +sudo systemctl status redis.service if [[ "$?" == "0" ]]; then echo "redis is running" else @@ -130,8 +131,8 @@ else exit 1 fi -sudo chkconfig compass-progress-updated on -sudo chkconfig compass-celeryd on +sudo systemctl enable compass-progress-updated.service +sudo systemctl enable compass-celeryd.service /opt/compass/bin/refresh.sh if [[ "$?" != "0" ]]; then @@ -141,7 +142,7 @@ else echo "compassed service is refreshed" fi -sudo service httpd status +sudo systemctl status httpd.service if [[ "$?" != "0" ]]; then echo "httpd is not started" exit 1 @@ -149,7 +150,7 @@ else echo "httpd has already started" fi -sudo service redis status |grep running +sudo systemctl status redis.service |grep running if [[ "$?" != "0" ]]; then echo "redis is not started" exit 1 @@ -157,13 +158,13 @@ else echo "redis has already started" fi -sudo service mysqld status |grep running +sudo systemctl status mariadb.service |grep running if [[ "$?" != "0" ]]; then echo "mysqld is not started" exit 1 fi -sudo service compass-celeryd status |grep running +sudo systemctl status compass-celeryd.service |grep running if [[ "$?" != "0" ]]; then echo "compass-celeryd is not started" exit 1 @@ -171,7 +172,7 @@ else echo "compass-celeryd has already started" fi -service compass-progress-updated status |grep running +sudo systemctl status compass-progress-updated.service |grep running if [[ "$?" != "0" ]]; then echo "compass-progress-updated is not started" exit 1 @@ -180,8 +181,8 @@ else fi sleep 10 -compass check -if [[ "$?" != "0" ]]; then - echo "compass check failed" - exit 1 -fi +#compass check +#if [[ "$?" != "0" ]]; then +# echo "compass check failed" +# exit 1 +#fi diff --git a/install/compass_web.sh b/install/compass_web.sh index e08e03bd..cf7aacc9 100755 --- a/install/compass_web.sh +++ b/install/compass_web.sh @@ -16,8 +16,11 @@ source $DIR/install_func.sh mkdir -p /var/www/compass_web rm -rf /var/www/compass_web/* -sudo cp -rf $WEB_HOME/public/* /var/www/compass_web/ -sudo cp -rf $WEB_HOME/v2 /var/www/compass_web/ +#sudo cp -rf $WEB_HOME/public/* /var/www/compass_web/ +#sudo cp -rf $WEB_HOME/v2 /var/www/compass_web/ + +sudo mkdir -p /var/www/compass_web/v2.5 +sudo cp -rf $WEB_HOME/v2.5/target/* /var/www/compass_web/v2.5/ if [[ $LOCAL_REPO = "y" ]]; then echo "setting up local repo" @@ -49,11 +52,11 @@ if [[ $LOCAL_REPO = "y" ]]; then fi fi -sudo service httpd restart +sudo systemctl restart httpd.service sleep 10 echo "Checking if httpd is running" -sudo service httpd status +sudo systemctl status httpd.service if [[ "$?" == "0" ]]; then echo "httpd is running" else diff --git a/install/dependency.sh b/install/dependency.sh index 2e11f75f..69fc434b 100755 --- a/install/dependency.sh +++ b/install/dependency.sh @@ -10,7 +10,7 @@ if [ "$tempest" == "true" ]; then exit 1 fi fi -sudo yum install -y rsyslog logrotate ntp iproute openssh-clients python python-devel git wget syslinux amqp mod_wsgi httpd squid dhcp bind rsync yum-utils xinetd tftp-server gcc net-snmp-utils net-snmp net-snmp-python unzip openssl openssl098e ca-certificates mysql mysql-server mysql-devel python-virtualenv python-setuptools python-pip bc libselinux-python +sudo yum install -y rsyslog logrotate ntp iproute openssh-clients python python-devel git wget syslinux amqp rabbitmq-server mod_wsgi httpd squid dhcp bind rsync yum-utils xinetd tftp-server gcc net-snmp-utils net-snmp net-snmp-python unzip openssl openssl098e ca-certificates mariadb mariadb-server mysql-devel python-virtualenv python-setuptools python-pip bc libselinux-python sudo yum --setopt=tsflags=noscripts -y remove redis sudo yum --enablerepo=remi,remi-test install -y redis @@ -30,10 +30,10 @@ if [[ "$?" != "0" ]]; then exit 1 fi -sudo pip install --upgrade setuptools -sudo pip install --upgrade virtualenv sudo easy_install --upgrade pip sudo pip install --upgrade pip +sudo pip install --upgrade setuptools +sudo pip install --upgrade virtualenv if [[ "$?" != "0" ]]; then echo "failed to install easy install" exit 1 @@ -45,18 +45,14 @@ if [[ "$?" != "0" ]]; then exit 1 fi -sudo chkconfig httpd on -sudo chkconfig squid on -sudo chkconfig xinetd on -sudo chkconfig dhcpd on -sudo chkconfig named on -sudo chkconfig sshd on -sudo chkconfig rsyslog on -sudo chkconfig ntpd on -sudo chkconfig redis on -sudo chkconfig mysqld on -sudo chkconfig iptables off -sudo chkconfig ip6tables off -if `sudo chkconfig --list dnsmasq`; then - sudo chkconfig dnsmasq off -fi +sudo systemctl enable httpd.service +sudo systemctl enable squid.service +sudo systemctl enable xinetd.service +sudo systemctl enable dhcpd.service +sudo systemctl enable named.service +sudo systemctl enable sshd.service +sudo systemctl enable rsyslog.service +sudo systemctl enable ntpd.service +sudo systemctl enable redis.service +sudo systemctl enable mariadb.service +sudo systemctl disable firewalld diff --git a/install/install.conf b/install/install.conf index 8a2f37d6..4a1755fa 100755 --- a/install/install.conf +++ b/install/install.conf @@ -9,7 +9,8 @@ export PACKAGE_INSTALLER=${PACKAGE_INSTALLER:-package} # set remi release url # export ATOMIC=${ATOMIC:-http://www6.atomicorp.com/channels/atomic/${IMAGE_TYPE,,}/${IMAGE_VERSION_MAJOR}/${IMAGE_ARCH}/RPMS/atomic-release-1.0-19.${IMAGE_TYPE_OTHER}${IMAGE_VERSION_MAJOR}.art.noarch.rpm} -export REMI=${REMI:-http://rpms.famillecollet.com/enterprise/remi-release-6.rpm} +# export REMI=${REMI:-http://rpms.famillecollet.com/enterprise/remi-release-6.rpm} +export REMI=${REMI:-http://rpms.famillecollet.com/enterprise/remi-release-7.rpm} # service NIC export NIC=${NIC:-} diff --git a/install/install.sh b/install/install.sh index f79fc5d4..3d78d669 100755 --- a/install/install.sh +++ b/install/install.sh @@ -64,12 +64,13 @@ DIR=$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd ) source $DIR/install.conf ### Change selinux security policy -echo 0 > /selinux/enforce - +sudo setenforce 0 +sudo sed -i 's/enforcing/disabled/g' /etc/selinux/config ### Add epel repo sudo rpm -q epel-release if [ "$?" != "0" ]; then - sudo rpm -Uvh http://download.fedoraproject.org/pub/epel/${IMAGE_VERSION_MAJOR}/${IMAGE_ARCH}/epel-release-6-8.noarch.rpm >& /dev/null + #sudo rpm -Uvh http://download.fedoraproject.org/pub/epel/${IMAGE_VERSION_MAJOR}/${IMAGE_ARCH}/epel-release-6-8.noarch.rpm >& /dev/null + sudo rpm -Uvh https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm if [ "$?" != "0" ]; then echo "failed to install epel-release" exit 1 @@ -163,27 +164,29 @@ loadvars() done fi } - +yum -y install net-tools loadvars NIC "eth0" sudo ifconfig $NIC if [ $? -ne 0 ]; then echo "There is no nic '$NIC' yet" exit 1 fi -sudo ifconfig $NIC | grep 'inet addr:' >& /dev/null +# sudo ifconfig $NIC | grep 'inet addr:' >& /dev/null +sudo ifconfig $NIC |grep 'inet '| cut -d ' ' -f10 >& /dev/null if [ $? -ne 0 ]; then echo "There is not any IP address assigned to the NIC '$NIC' yet, please assign an IP address first." exit 1 fi -export ipaddr=$(ifconfig $NIC | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}') +# export ipaddr=$(ifconfig $NIC | grep 'inet addr:' | cut -d: -f2 | awk '{ print $1}') +export ipaddr=$(ifconfig $NIC | grep 'inet ' | cut -d' ' -f10) loadvars IPADDR ${ipaddr} ipcalc $IPADDR -c if [ $? -ne 0 ]; then echo "ip addr $IPADDR format should be x.x.x.x" exit 1 fi -export netmask=$(ifconfig $NIC |grep Mask | cut -f 4 -d ':') +export netmask=$(ifconfig $NIC | grep netmask | cut -d ' ' -f 13) loadvars NETMASK ${netmask} export netaddr=$(ipcalc $IPADDR $NETMASK -n |cut -f 2 -d '=') export netprefix=$(ipcalc $IPADDR $NETMASK -p |cut -f 2 -d '=') diff --git a/install/prepare.sh b/install/prepare.sh index 3d099e2b..90894ec3 100755 --- a/install/prepare.sh +++ b/install/prepare.sh @@ -53,11 +53,11 @@ sudo cp -rn /etc/ntp.conf /root/backup/ sudo rm -f /etc/ntp.conf sudo cp -rf $COMPASSDIR/misc/ntp/ntp.conf /etc/ntp.conf sudo chmod 644 /etc/ntp.conf -sudo service ntpd stop +sudo systemctl stop ntpd.service sudo ntpdate 0.centos.pool.ntp.org -sudo service ntpd start +sudo systemctl start ntpd.service sudo sleep 10 -sudo service ntpd status +sudo systemctl status ntpd.service if [[ "$?" != "0" ]]; then echo "ntp is not started" exit 1 @@ -65,37 +65,37 @@ else echo "ntp conf is updated" fi -# update squid conf -echo "update squid config" -sudo cp -rn /etc/squid/squid.conf /root/backup/ -sudo rm -f /etc/squid/squid.conf -sudo cp $COMPASSDIR/misc/squid/squid.conf /etc/squid/ -export netaddr=$(ipcalc $IPADDR $NETMASK -n |cut -f 2 -d '=') -export netprefix=$(ipcalc $IPADDR $NETMASK -p |cut -f 2 -d '=') -subnet=${netaddr}/${netprefix} -subnet_escaped=$(echo $subnet | sed -e 's/[\/&]/\\&/g') -sudo sed -i "s/acl localnet src \$subnet/acl localnet src $subnet_escaped/g" /etc/squid/squid.conf -sudo chmod 644 /etc/squid/squid.conf -sudo mkdir -p /var/squid/cache -sudo chown -R squid:squid /var/squid -sudo mkdir -p /var/log/squid -sudo chmod -R 777 /var/log/squid -sudo service squid restart -sudo sleep 10 -sudo service squid status -if [[ "$?" != "0" ]]; then - echo "squid is not started" - exit 1 -else - echo "squid conf is updated" -fi +# commenting out squid as we are not using it now +#echo "update squid config" +#sudo cp -rn /etc/squid/squid.conf /root/backup/ +#sudo rm -f /etc/squid/squid.conf +#sudo cp $COMPASSDIR/misc/squid/squid.conf /etc/squid/ +#export netaddr=$(ipcalc $IPADDR $NETMASK -n |cut -f 2 -d '=') +#export netprefix=$(ipcalc $IPADDR $NETMASK -p |cut -f 2 -d '=') +#subnet=${netaddr}/${netprefix} +#subnet_escaped=$(echo $subnet | sed -e 's/[\/&]/\\&/g') +#sudo sed -i "s/acl localnet src \$subnet/acl localnet src $subnet_escaped/g" /etc/squid/squid.conf +#sudo chmod 644 /etc/squid/squid.conf +#sudo mkdir -p /var/squid/cache +#sudo chown -R squid:squid /var/squid +#sudo mkdir -p /var/log/squid +#sudo chmod -R 777 /var/log/squid +#sudo systemctl restart squid.service +#sudo sleep 10 +#sudo ser +#if [[ "$?" != "0" ]]; then +# echo "squid is not started" +# exit 1 +#else +# echo "squid conf is updated" +# fi mkdir -p /var/log/httpd chmod -R 777 /var/log/httpd -sudo service httpd restart +systemctl restart httpd.service sudo sleep 10 -sudo service httpd status +systemctl status httpd.service if [[ "$?" != "0" ]]; then echo "httpd is not started" exit 1 @@ -108,9 +108,9 @@ echo "update mysqld" mkdir -p /var/log/mysql chmod -R 777 /var/log/mysql sleep 10 -sudo service mysqld restart +systemctl restart mariadb.service sudo sleep 10 -sudo service mysqld status +systemctl status mariadb.service if [[ "$?" != "0" ]]; then echo "failed to restart mysqld" exit 1 @@ -144,9 +144,9 @@ if [[ "$?" != "0" ]]; then else echo "mysql database set succeeded" fi -sudo service mysqld restart +sudo systemctl restart mariadb.service sudo sleep 10 -sudo service mysqld status +sudo systemctl status mariadb.service if [[ "$?" != "0" ]]; then echo "mysqld is not started" exit 1 @@ -243,6 +243,7 @@ else deactivate fi + # download cobbler related packages if [[ $SUPPORT_CENTOS_6_5 == "y" ]]; then download -u $CENTOS_6_5_PPA_REPO_SOURCE -u $CENTOS_6_5_PPA_REPO_SOURCE_ASIA || exit $? diff --git a/misc/apache/ods-server.conf b/misc/apache/ods-server.conf index a313dd88..a773777b 100644 --- a/misc/apache/ods-server.conf +++ b/misc/apache/ods-server.conf @@ -8,9 +8,9 @@ WSGIScriptAlias /api /var/www/compass/compass.wsgi WSGISocketPrefix /var/run/wsgi - DocumentRoot /var/www/compass_web/v2 + DocumentRoot /var/www/compass_web/v2.5 - + Options Indexes FollowSymLinks Order allow,deny Allow from all diff --git a/misc/apache/ssl.conf b/misc/apache/ssl.conf index 8de611e2..703f97da 100644 --- a/misc/apache/ssl.conf +++ b/misc/apache/ssl.conf @@ -39,7 +39,6 @@ SSLSessionCacheTimeout 300 # Semaphore: # Configure the path to the mutual exclusion semaphore the # SSL engine uses internally for inter-process synchronization. -SSLMutex default # Pseudo Random Number Generator (PRNG): # Configure one or more sources to seed the PRNG of the diff --git a/misc/rsync b/misc/rsync new file mode 100644 index 00000000..1f8b9b19 --- /dev/null +++ b/misc/rsync @@ -0,0 +1,14 @@ +# default: off +# description: The rsync server is a good addition to an ftp server, as it \ +# allows crc checksumming etc. +service rsync +{ + disable = no + flags = IPv6 + socket_type = stream + wait = no + user = root + server = /usr/bin/rsync + server_args = --daemon + log_on_failure += USERID +}