Automated configuration of rsyncd

Automated configuration (using custom graph feature) is added.
rsyncd.conf is configurated using Augeas resource in Puppet as
an elegent solution which doesn't interfere with existing
configuration by Fuel bootstrap.

It adds two Rsync section: octane_code, octane_data.

RPM spec is also updated to incorporate octane_tasks Puppet module
into Octane package and set Rsync up.

Untapped controller group is deleted from upgrade-db-orig graph.

Change-Id: Ia8ea7214b0b93f414d1de9b07a48e1602c0d2ae3

deployment/puppet/octane_tasks/graphs/orig/upgrade-db-orig.yaml

@@ -4,13 +4,9 @@
   role: [primary-controller]
   fault_tolerance: 0
 
-- id: controller
-  type: group
-  role: [controller]
-  fault_tolerance: 0
-
 # TASKS
-# TODO: Improve with https://review.openstack.org/#/c/342959/
+# TODO: Don't stop haproxy, but disable only specific backend using Puppet provider
+#       from https://review.openstack.org/#/c/342959/
 - id: stop_haproxy
   type: shell
   version: 2.1.0
@@ -47,5 +43,5 @@
   required_for: []
   parameters:
     src: /var/tmp/dbs.original.sql.gz
-    dst: rsync://{MASTER_IP}:/octane/tmp/
+    dst: rsync://{MASTER_IP}:/octane_data/
     timeout: 180

deployment/puppet/octane_tasks/graphs/seed/upgrade-db-seed.yaml

@@ -17,7 +17,7 @@
   requires: []
   required_for: []
   parameters:
-    src: rsync://{MASTER_IP}:/octane/puppet
+    src: rsync://{MASTER_IP}:/octane_code/puppet
     dst: /etc/fuel/octane/
     timeout: 180
 
@@ -52,7 +52,7 @@
   requires: []
   required_for: []
   parameters:
-    src: rsync://{MASTER_IP}:/octane/tmp/dbs.original.sql.gz
+    src: rsync://{MASTER_IP}:/octane_data/dbs.original.sql.gz
     dst: /var/tmp
     timeout: 180
 

deployment/puppet/octane_tasks/manifests/rsync_octane_section.pp

@@ -0,0 +1,40 @@
+
+# == Class: octane_tasks::rsync_octane_section
+#
+# This class adds two section to rsyncd.conf for Octane:
+#   Code with with ready only access.
+#   Data with read and write access.
+class octane_tasks::rsync_octane_section {
+  augeas { 'rsync_octane_section_code':
+    context => '/files/etc/rsyncd.conf/octane_code',
+    changes => [
+      'set path /var/www/nailgun/octane_code',
+      'set read\ only true',
+      'set uid 0',
+      'set gid 0',
+      'set use\ chroot no',
+    ]
+  }
+
+  augeas { 'rsync_octane_section_data':
+    context => '/files/etc/rsyncd.conf/octane_data',
+    changes => [
+      'set path /var/www/nailgun/octane_data',
+      'set read\ only false',
+      'set use\ chroot no',
+    ]
+  }
+
+  $admin_network = hiera_hash('ADMIN_NETWORK')
+  $admin_ip      = $admin_network['ipaddress']
+
+  augeas { 'xinetd_rsync':
+    context => '/files/etc/xinetd.d/rsync/service',
+    notify  => Service['xinetd'],
+    changes => [
+      "set bind ${admin_ip}",
+    ]
+  }
+
+  service { 'xinetd': }
+}

deployment/puppet/octane_tasks/modular/rsync_octane_section.pp

@@ -0,0 +1,3 @@
+notice('MODULAR: octane_tasks::rsync_octane_section.pp')
+
+include octane_tasks::rsync_octane_section

octane/magic_consts.py

@@ -19,7 +19,8 @@ PATCHES_DIR = os.path.join(CWD, "patches")
 
 FUEL_CACHE = "/tmp"  # TODO: we shouldn't need this
 PUPPET_DIR = "/etc/puppet/modules"
-DEPLOYMENT_GRAPH_DIR = "/var/www/nailgun/octane/puppet/octane_tasks/graphs"
+DEPLOYMENT_GRAPH_DIR = \
+    "/var/www/nailgun/octane_code/puppet/octane_tasks/graphs"
 
 NAILGUN_ARCHIVATOR_PATCHES = (
     PUPPET_DIR,

octane/tests/test_util_deployment.py

@@ -67,10 +67,12 @@ def test_upload_graphs(mocker, orig_id, seed_id):
     mock_upload = mocker.patch("octane.util.deployment.upload_graphs_to_env")
     deployment.upload_graphs(orig_id, seed_id)
     assert mock_upload.call_args_list == [
-        mock.call("/var/www/nailgun/octane/puppet/octane_tasks/graphs/orig",
-                  orig_id),
-        mock.call("/var/www/nailgun/octane/puppet/octane_tasks/graphs/seed",
-                  seed_id),
+        mock.call(
+            "/var/www/nailgun/octane_code/puppet/octane_tasks/graphs/orig",
+            orig_id),
+        mock.call(
+            "/var/www/nailgun/octane_code/puppet/octane_tasks/graphs/seed",
+            seed_id),
     ]
 
 

specs/octane.spec

@@ -26,6 +26,8 @@ Requires:    python-stevedore
 Requires:    python-fuelclient
 Requires:    python-cliff
 Requires:    fuel-nailgun-extension-cluster-upgrade
+Requires:    puppet
+Requires:    rsync
 
 %description
 Project is aimed to provide tools to upgrade the Fuel Admin node and OpenStack
@@ -41,14 +43,19 @@ cd %{_builddir}/%{name}-%{version} && OSLO_PACKAGE_VERSION=%{version} %{__python
 cd %{_builddir}/%{name}-%{version} && %{__python} setup.py install --single-version-externally-managed -O1 --root=$RPM_BUILD_ROOT --record=%{_builddir}/%{name}-%{version}/INSTALLED_FILES
 cp -vr %{_builddir}/%{name}-%{version}/octane/patches ${RPM_BUILD_ROOT}/%{python2_sitelib}/octane/
 
-mkdir -p ${RPM_BUILD_ROOT}/var/www/nailgun/octane
-cp -vr %{_builddir}/%{name}-%{version}/deployment/puppet ${RPM_BUILD_ROOT}/var/www/nailgun/octane/puppet
+install -d ${RPM_BUILD_ROOT}/var/www/nailgun/octane_code
+install -d -m 0750 ${RPM_BUILD_ROOT}/var/www/nailgun/octane_data
+cp -vr %{_builddir}/%{name}-%{version}/deployment/puppet ${RPM_BUILD_ROOT}/var/www/nailgun/octane_code/puppet
 
 %files -f %{_builddir}/%{name}-%{version}/INSTALLED_FILES
 %{python2_sitelib}/octane/patches/*
-/var/www/nailgun/octane/puppet/octane_tasks/*
+/var/www/nailgun/octane_code/puppet/octane_tasks/*
+/var/www/nailgun/octane_data
 %defattr(-,root,root)
 
+%post
+# TODO(pchechetin): When Rsync 3.1.0 is available in the repository, start using `include` directory to configure Rsync.
+puppet apply --modulepath /var/www/nailgun/octane_code/puppet/ /var/www/nailgun/octane_code/puppet/octane_tasks/modular/rsync_octane_section.pp
 
 %clean
 rm -rf $RPM_BUILD_ROOT