github.com/swiftstack/ProxyFS@v0.0.0-20210203235616-4017c267d62f/cookbooks/proxyfs/recipes/default.rb (about) 1 require 'json' 2 3 source_root = node['source_root'] 4 proxyfs_user = node['proxyfs_user'] 5 proxyfs_group = node['proxyfs_group'] 6 is_dev = node['is_dev_environment'] 7 package_spec_path = node['package_spec_path'] 8 9 HOME_DIR = "/home/#{proxyfs_user}" 10 DOT_BASH_PROFILE = "#{HOME_DIR}/.bash_profile" 11 DOT_BASHRC = "#{HOME_DIR}/.bashrc" 12 ROOT_DOT_BASH_PROFILE = "/root/.bash_profile" 13 ROOT_DOT_BASHRC = "/root/.bashrc" 14 ETC_BASHRC = "/etc/bashrc" 15 REPO_CLONE_PARENT_DIR = "#{source_root}/src/github.com/swiftstack" 16 PROXYFS_BIN_DIR = "#{source_root}/bin" 17 PROXYFS_SRC_DIR = "#{REPO_CLONE_PARENT_DIR}/ProxyFS" 18 19 ruby_block "update_profile_and_bashrc" do 20 block do 21 22 unless File.exist?(DOT_BASH_PROFILE) 23 File.open(DOT_BASH_PROFILE, "w") do |fh| 24 # nothing to do here, just making an empty file 25 end 26 end 27 28 file = Chef::Util::FileEdit.new(DOT_BASH_PROFILE) 29 file.insert_line_if_no_match(/\. ~\/.bashrc/, ". ~/.bashrc") 30 file.insert_line_if_no_match(/\. ~\/.profile/, "if [ -f ~/.profile ]; then . ~/.profile; fi") 31 file.write_file 32 33 unless File.exist?(ETC_BASHRC) 34 File.open(ETC_BASHRC, "w") do |fh| 35 # nothing to do here, just creating an empty file 36 end 37 end 38 39 file = Chef::Util::FileEdit.new(ETC_BASHRC) 40 file.insert_line_if_no_match(/ulimit/, "ulimit -c 0") 41 file.write_file 42 43 unless File.exist?(DOT_BASHRC) 44 File.open(DOT_BASHRC, "w") do |fh| 45 # nothing to do here, just creating an empty file 46 end 47 end 48 49 file = Chef::Util::FileEdit.new(DOT_BASHRC) 50 file.insert_line_if_no_match(/export GOPATH/, "export GOPATH=#{source_root}") 51 file.insert_line_if_no_match(%r{usr/local/go/bin}, "export PATH=$GOPATH/bin:$PATH:/usr/local/go/bin") 52 file.insert_line_if_no_match(/cdpfs/, "alias cdpfs='cd $GOPATH/src/github.com/swiftstack/ProxyFS'") 53 file.insert_line_if_no_match(/cdfun/, "alias cdfun='cd /home/swift/code/functional-tests'") 54 file.insert_line_if_no_match(/ls -lha/, "alias la='ls -lha'") 55 file.insert_line_if_no_match(/ls -liha/, "alias li='ls -liha'") 56 file.insert_line_if_no_match(/statmnt/, "alias statmnt='stat /mnt/*'") 57 file.insert_line_if_no_match(/ST_AUTH/, "export ST_AUTH=http://localhost:8080/auth/v1.0") 58 file.insert_line_if_no_match(/ST_USER/, "export ST_USER=test:tester") 59 file.insert_line_if_no_match(/ST_KEY/, "export ST_KEY=testing") 60 file.write_file 61 62 unless File.exist?(ROOT_DOT_BASH_PROFILE) 63 File.open(ROOT_DOT_BASH_PROFILE, "w") do |fh| 64 # nothing to do here, just making an empty file 65 end 66 end 67 68 file = Chef::Util::FileEdit.new(ROOT_DOT_BASH_PROFILE) 69 file.insert_line_if_no_match(/\. ~\/.bashrc/, ". ~/.bashrc") 70 file.insert_line_if_no_match(/\. ~\/.profile/, "if [ -f ~/.profile ]; then . ~/.profile; fi") 71 file.write_file 72 73 unless File.exist?(ROOT_DOT_BASHRC) 74 File.open(ROOT_DOT_BASHRC, "w") do |fh| 75 # nothing to do here, just creating an empty file 76 end 77 end 78 79 file = Chef::Util::FileEdit.new(ROOT_DOT_BASHRC) 80 file.insert_line_if_no_match(/export GOPATH/, "export GOPATH=#{source_root}") 81 file.insert_line_if_no_match(%r{usr/local/go/bin}, "export PATH=$GOPATH/bin:$PATH:/usr/local/go/bin") 82 file.insert_line_if_no_match(/cdpfs/, "alias cdpfs='cd $GOPATH/src/github.com/swiftstack/ProxyFS'") 83 file.insert_line_if_no_match(/cdfun/, "alias cdfun='cd /home/swift/code/functional-tests'") 84 file.insert_line_if_no_match(/ls -lha/, "alias la='ls -lha'") 85 file.insert_line_if_no_match(/ls -liha/, "alias li='ls -liha'") 86 file.insert_line_if_no_match(/statmnt/, "alias statmnt='stat /mnt/*'") 87 file.insert_line_if_no_match(/ST_AUTH/, "export ST_AUTH=http://localhost:8080/auth/v1.0") 88 file.insert_line_if_no_match(/ST_USER/, "export ST_USER=test:tester") 89 file.insert_line_if_no_match(/ST_KEY/, "export ST_KEY=testing") 90 file.write_file 91 92 end 93 end 94 95 cookbook_file "/usr/local/go/src/runtime/runtime-gdb.py" do 96 source "usr/local/go/src/runtime/runtime-gdb.py" 97 end 98 99 if node[:platform_family].include?("rhel") 100 # Centos uses SELinux which causes Samba problems mounting. 101 # Disable SeLinux. 102 ruby_block "update_selinux" do 103 block do 104 sysconfig_selinux = "/etc/sysconfig/selinux" 105 106 # The file will not exist if we are running in a Centos container 107 # on a Ubuntu system. 108 if File.file?(sysconfig_selinux) 109 file = Chef::Util::FileEdit.new(sysconfig_selinux) 110 file.search_file_replace(/^SELINUX=enforcing/, "SELINUX=permissive") 111 file.write_file 112 end 113 end 114 end 115 end 116 117 execute "Install pfs-swift-load-plot requirements" do 118 command "pip install -r #{PROXYFS_SRC_DIR}/pfs-swift-load/requirements.txt" 119 end 120 121 execute "Create ProxyFS/bin dir" do 122 command "mkdir #{PROXYFS_BIN_DIR}" 123 not_if { ::Dir.exists?("#{PROXYFS_BIN_DIR}") } 124 end 125 126 execute "Copy pfs-swift-load-plot at /home/swift/code/ProxyFS/bin/" do 127 command "install -m 0755 #{PROXYFS_SRC_DIR}/pfs-swift-load/pfs-swift-load-plot #{PROXYFS_BIN_DIR}/" 128 end 129 130 # TODO: install aws cli v2 131 execute "Install awscli and awscli-plugin-endpoint" do 132 command "pip install awscli awscli-plugin-endpoint" 133 end 134 135 if is_dev 136 ruby_block "fuse_user_allow_other" do 137 block do 138 file = Chef::Util::FileEdit.new("/etc/fuse.conf") 139 file.search_file_delete_line(/#user_allow_other/) 140 file.insert_line_if_no_match(/^user_allow_other/, "user_allow_other") 141 file.write_file 142 end 143 end 144 145 file "/etc/fuse.conf" do 146 mode '0644' # globally readable 147 end 148 end 149 150 directory '/CommonMountPoint' do 151 # perms/owner don't really matter since it gets mounted over, but 152 # this helps stop a developer from accidentally dumping stuff on the 153 # root filesystem 154 owner 'root' 155 end 156 157 directory '/var/lib/proxyfs' do 158 mode '0755' 159 owner proxyfs_user 160 group proxyfs_group 161 end 162 163 directory '/var/log/proxyfsd' do 164 mode '0755' 165 owner proxyfs_user 166 group proxyfs_group 167 end 168 169 link '/etc/proxyfsd' do 170 to "#{source_root}/src/github.com/swiftstack/ProxyFS/proxyfsd/" 171 link_type :symbolic 172 owner proxyfs_user 173 group proxyfs_group 174 end 175 176 link '/etc/pfsagentd' do 177 to "#{source_root}/src/github.com/swiftstack/ProxyFS/pfsagentd/" 178 link_type :symbolic 179 owner proxyfs_user 180 group proxyfs_group 181 end 182 183 execute "Provision start_and_mount_pfs" do 184 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/start_and_mount_pfs /usr/bin" 185 end 186 187 execute "Provision start_swift_only" do 188 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/start_swift_only /usr/bin" 189 end 190 191 execute "Provision start_proxyfsd_only" do 192 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/start_proxyfsd_only /usr/bin" 193 end 194 195 execute "Provision stop_proxyfsd_only" do 196 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/stop_proxyfsd_only /usr/bin" 197 end 198 199 execute "Provision unmount_and_stop_pfs" do 200 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/unmount_and_stop_pfs /usr/bin" 201 end 202 203 execute "Provision set_up_s3api" do 204 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/set_up_s3api /usr/bin" 205 end 206 207 execute "Provision set_up_swift3" do 208 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/set_up_swift3 /usr/bin" 209 end 210 211 execute "Provision enable_s3" do 212 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/enable_s3 /usr/bin" 213 end 214 215 execute "Provision disable_s3" do 216 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/disable_s3 /usr/bin" 217 end 218 219 execute "Provision detect_s3" do 220 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/cookbooks/proxyfs/files/default/usr/bin/detect_s3 /usr/bin" 221 end 222 223 execute "Provision pfs_stat" do 224 command "install -m 0755 #{source_root}/src/github.com/swiftstack/ProxyFS/bin/pfs_stat /usr/bin" 225 end 226 227 cookbook_file "/usr/lib/systemd/system/proxyfsd.service" do 228 source "usr/lib/systemd/system/proxyfsd.service" 229 # notifies :restart, 'service[proxyfsd]' 230 only_if { ::File.directory?("/usr/lib/systemd/system/") } 231 end 232 233 cookbook_file "/usr/lib/systemd/system/pfsagentd.service" do 234 source "usr/lib/systemd/system/pfsagentd.service" 235 only_if { ::File.directory?("/usr/lib/systemd/system/") } 236 end 237 238 cookbook_file "/etc/init/proxyfsd.conf" do 239 source "etc/init/proxyfsd.upstart" 240 # notifies :restart, 'service[proxyfsd]' 241 only_if { ::File.directory?("/etc/init") } 242 end 243 244 245 # 246 # Dependency lists by OS 247 # 248 if node[:platform_family].include?("rhel") 249 package_spec_file_path = File.read(package_spec_path + '/rhel.json') 250 else # assume debian 251 package_spec_file_path = File.read(package_spec_path + '/debian.json') 252 end 253 254 package_spec = JSON.parse(package_spec_file_path) 255 packages = package_spec['proxyfs_packages'] + package_spec['gdb_packages'] + package_spec['utils_packages'] 256 packages += package_spec['wireshark_packages'] if is_dev 257 packages += package_spec['ssh_packages'] if is_dev 258 259 packages.each do |pkg| 260 if pkg.size >= 2 261 # Specify a version if it's been provided 262 package pkg[0] do 263 action :install 264 version pkg[1] 265 end 266 else 267 # Just install whatever YUM provides otherwise 268 package pkg[0] do 269 action :install 270 end 271 end 272 end 273 274 if is_dev 275 group 'wireshark' do 276 action :create 277 members [proxyfs_user] 278 end 279 280 file '/usr/bin/dumpcap' do 281 group 'wireshark' 282 end 283 284 execute 'setcap' do 285 command "setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap" 286 end 287 end 288 289 # 290 # Create mount point and fstab entry 291 # 292 execute "Create PFSAgent mount point" do 293 command "mkdir /mnt/pfsa_proxyfs_mount" 294 not_if { ::Dir.exists?("/mnt/pfsa_proxyfs_mount") } 295 end 296 297 ruby_block "Create exports entry" do 298 block do 299 unless File.exist?("/etc/exports") 300 File.open("/etc/exports", "w") do |fh| 301 # nothing to do here, just making an empty file 302 end 303 end 304 305 editor = Chef::Util::FileEdit.new("/etc/exports") 306 editor.insert_line_if_no_match("CommonMountPoint", "/CommonMountPoint 127.0.0.1(rw,sync,fsid=1000,no_subtree_check,no_root_squash)") 307 editor.write_file 308 end 309 end 310 311 # 312 # Enable user processes to do FUSE stuff 313 # 314 bash 'Enable UserMode FUSE' do 315 code <<-EOH 316 chmod +x /bin/fusermount 317 echo "user_allow_other" > /etc/fuse.conf 318 EOH 319 end 320 321 # 322 # Build and install proxyfs 323 # 324 325 # TODO: this not_if is incorrect, especially now that the same source tree can 326 # target centos or ubuntu. We should check for the existence of the link 327 # below at the very least. 328 bash 'Build proxyfsd' do 329 # Source profile because we may not have golang in our path yet 330 code <<-EOH 331 . #{DOT_BASH_PROFILE} 332 make clean minimal 333 EOH 334 cwd PROXYFS_SRC_DIR 335 end 336 337 ## TODO: If this link/file does not exist, we should rebuild everything 338 ## TODO: do this as an install instead, for non dev environments? 339 link '/usr/bin/proxyfsd' do 340 to "#{source_root}/bin/proxyfsd" 341 link_type :symbolic 342 owner proxyfs_user 343 group proxyfs_group 344 end 345 346 link '/usr/bin/pfsagentd' do 347 to "#{source_root}/bin/pfsagentd" 348 link_type :symbolic 349 owner proxyfs_user 350 group proxyfs_group 351 end 352 353 link '/usr/bin/pfsagentd-swift-auth-plugin' do 354 to "#{source_root}/bin/pfsagentd-swift-auth-plugin" 355 link_type :symbolic 356 owner proxyfs_user 357 group proxyfs_group 358 end 359 360 cookbook_file "#{HOME_DIR}/.gdbinit" do 361 source "home/unprivileged_user/.gdbinit" 362 owner "#{proxyfs_user}" 363 group "#{proxyfs_group}" 364 end 365 366 template "/root/.gdbinit" do 367 source "root/.gdbinit.erb" 368 owner "root" 369 group "root" 370 variables({ 371 :proxyfs_user => "#{proxyfs_user}" 372 }) 373 end 374 375 bash 'Configure awscli for swift user' do 376 code <<-EOH 377 mkdir ~swift/.aws 378 cat > ~swift/.aws/config << EOF 379 [plugins] 380 endpoint = awscli_plugin_endpoint 381 382 [default] 383 s3 = 384 endpoint_url = http://127.0.0.1:8080 385 multipart_threshold = 64MB 386 multipart_chunksize = 16MB 387 s3api = 388 endpoint_url = http://127.0.0.1:8080 389 multipart_threshold = 64MB 390 multipart_chunksize = 16MB 391 392 [profile nfspfs] 393 s3 = 394 endpoint_url = http://127.0.0.1:8080 395 multipart_threshold = 64MB 396 multipart_chunksize = 16MB 397 s3api = 398 endpoint_url = http://127.0.0.1:8080 399 multipart_threshold = 64MB 400 multipart_chunksize = 16MB 401 402 [profile smbpfs] 403 s3 = 404 endpoint_url = http://127.0.0.1:8080 405 multipart_threshold = 64MB 406 multipart_chunksize = 16MB 407 s3api = 408 endpoint_url = http://127.0.0.1:8080 409 multipart_threshold = 64MB 410 multipart_chunksize = 16MB 411 412 [profile pfsapfs] 413 s3 = 414 endpoint_url = http://127.0.0.1:8080 415 multipart_threshold = 64MB 416 multipart_chunksize = 16MB 417 s3api = 418 endpoint_url = http://127.0.0.1:8080 419 multipart_threshold = 64MB 420 multipart_chunksize = 16MB 421 EOF 422 cat > ~swift/.aws/credentials << EOF 423 [default] 424 aws_access_key_id = test:tester 425 aws_secret_access_key = testing 426 427 [nfspfs] 428 aws_access_key_id = test:tester 429 aws_secret_access_key = testing 430 431 [smbpfs] 432 aws_access_key_id = test:tester 433 aws_secret_access_key = testing 434 435 [pfsapfs] 436 aws_access_key_id = test:tester 437 aws_secret_access_key = testing 438 EOF 439 chown -R swift:swift ~swift/.aws 440 EOH 441 end 442 443 bash 'Configure awscli for root user' do 444 code <<-EOH 445 mkdir ~root/.aws 446 cat > ~root/.aws/config << EOF 447 [plugins] 448 endpoint = awscli_plugin_endpoint 449 450 [default] 451 s3 = 452 endpoint_url = http://127.0.0.1:8080 453 multipart_threshold = 64MB 454 multipart_chunksize = 16MB 455 s3api = 456 endpoint_url = http://127.0.0.1:8080 457 multipart_threshold = 64MB 458 multipart_chunksize = 16MB 459 460 [profile nfspfs] 461 s3 = 462 endpoint_url = http://127.0.0.1:8080 463 multipart_threshold = 64MB 464 multipart_chunksize = 16MB 465 s3api = 466 endpoint_url = http://127.0.0.1:8080 467 multipart_threshold = 64MB 468 multipart_chunksize = 16MB 469 470 [profile smbpfs] 471 s3 = 472 endpoint_url = http://127.0.0.1:8080 473 multipart_threshold = 64MB 474 multipart_chunksize = 16MB 475 s3api = 476 endpoint_url = http://127.0.0.1:8080 477 multipart_threshold = 64MB 478 multipart_chunksize = 16MB 479 480 [profile pfsapfs] 481 s3 = 482 endpoint_url = http://127.0.0.1:8080 483 multipart_threshold = 64MB 484 multipart_chunksize = 16MB 485 s3api = 486 endpoint_url = http://127.0.0.1:8080 487 multipart_threshold = 64MB 488 multipart_chunksize = 16MB 489 EOF 490 cat > ~root/.aws/credentials << EOF 491 [default] 492 aws_access_key_id = test:tester 493 aws_secret_access_key = testing 494 495 [nfspfs] 496 aws_access_key_id = test:tester 497 aws_secret_access_key = testing 498 499 [smbpfs] 500 aws_access_key_id = test:tester 501 aws_secret_access_key = testing 502 503 [pfsapfs] 504 aws_access_key_id = test:tester 505 aws_secret_access_key = testing 506 EOF 507 chown -R root:root ~root/.aws 508 EOH 509 end 510 511 execute 'set up s3api' do 512 command "/usr/bin/set_up_s3api" 513 end 514 515 execute 'set up swift3' do 516 command "/usr/bin/set_up_swift3" 517 end 518 519 execute 'enable s3api' do 520 command "/usr/bin/enable_s3 s3api" 521 end