Commit 2ef13978 authored by Maiken's avatar Maiken
Browse files

Snapshot including testca call

parent f83f39d7
Pipeline #3232 passed with stage
in 61 minutes and 56 seconds
......@@ -70,7 +70,6 @@ class InstallationWizardControl(ComponentControl):
self.confdict['hostname'] = self.defaults['common']['hostname']
logdir = '/'.join(self.defaults['arex']['logfile'].split('/')[:-1])
print logdir
self.confdict['log_rootdir'] = logdir
self.confdict['controldir'] = self.defaults['arex']['controldir']
self.confdict['sessiondir'] = self.defaults['arex']['sessiondir']
......@@ -95,14 +94,20 @@ class InstallationWizardControl(ComponentControl):
self.confdict['enable_emies'] = False
self.confdict['enable_gridftpd'] = False
self.confdict['queue'] = None
self.confdict['auth_groups'] = []
def print_notice(self,text):
print '='*90
print '='*90
def print_summary(self,prepend_txt='',append_txt=''):
print_order = ['conf_path',
print_order = ['host_cert',
......@@ -128,7 +133,7 @@ class InstallationWizardControl(ComponentControl):
def _true_false(ask, default_val=''):
def true_false(ask, default_val=''):
if default_val:
ask = '\n' + ask + ' (ENTER for default value: ' + default_val + ')'
......@@ -228,29 +233,64 @@ class InstallationWizardControl(ComponentControl):
def get_user_input(self):
use_all_defaults = self.true_false('Use all defaults? [y/n]: ')
#use_all_defaults = self.true_false('Use all defaults? (If yes, you might as well just use the zero-conf shipped with ARC which is placed at /tmp/arc.conf) [y/n]: ')
if not use_all_defaults:
non_default = self.text_answ('Full path to arc.conf',self.confdict['conf_path'])
if non_default:
self.confdict['conf_path'] = non_default
""" Authorization groups """
print('The recommended way of authorizing groups of users is by using authorization groups. \nA group can be identified either by voms, by a userlist produced by the nordugridmap utility or by pointing to a grid-mapfile.')
if(self.true_false('Use voms identification [y/n]')):
vomses = self.text_answ('Enter a comma-separated list of vomses like: atlas * * * *, atlas * lcgadmin *')
vomses = (vomses).split(',')
print 'vomses: ', vomses
for vo in vomses:
vo = vo.strip()
print 'vo: ', vo
txt = 'Which (custom-named) authgroup does the vo: ' + vo + ' belong to'
auth_group = self.text_answ(txt)
except KeyError:
self.confdict[auth_group] = [vo]
except TypeError:
except KeyError:
For a production server a host certificate should actually exist.
However, for quick testing, before a real host certificate is installed, a test host certificate can be generated."""
self.create_host_cert = self.true_false('Do you need to create a test host certificate? [y/n]')
if not self.create_host_cert:
non_default = self.text_answ('Full path to your host certificate',self.confdict['host_cert'])
non_default = self.text_answ('Full path to your existing host certificate',self.confdict['host_cert'])
if non_default:
self.confdict['host_cert'] = non_default
non_default = self.text_answ('Full path to your host key',self.confdict['host_key'])
non_default = self.text_answ('Full path to your existing host key',self.confdict['host_key'])
if non_default:
self.confdict['host_key'] = non_default
non_default = self.text_answ('Path to log dir',self.confdict['log_rootdir'])
if non_default:
self.confdict['log_rootdir'] = non_default
non_default = self.text_answ('Full path to arc.conf',self.confdict['conf_path'])
if non_default:
self.confdict['conf_path'] = non_default
non_default = self.text_answ('Path to sessiondir',self.confdict['sessiondir'])
if non_default:
......@@ -262,8 +302,7 @@ class InstallationWizardControl(ComponentControl):
self.confdict['controldir'] = non_default
lrms_type = self.text_answ('Which lrms %s : ',self.confdict['lrms_type'])
self.confdict['lrms_type'] = self.text_answ('Which lrms : ',self.confdict['lrms_type'])
if 'fork' not in self.confdict['lrms_type']:
non_default = self.text_answ('LRMS bin path',self.confdict['lrms_path'])
......@@ -307,21 +346,19 @@ class InstallationWizardControl(ComponentControl):
print('==> Using port ranges 9000-10000, change in arc.conf if you want other port ranges.\n')
""" How many queues to allow? Multiple? """
self.confdict['queue'] = self.text_answ('What is your default job queue')
""" Print out a summary of values selected by user """
prepend_txt='Your chosen configuration values are:'
prepend_txt='Your chosen configuration values for ' + self.confdict['conf_path'] + ' are:'
#if self.create_host_cert:
# append_txt='\n* A test host certificate will be created and placed in: ' \
# + self.confdict['grid_security_path'] \
# + '\n* Please copy the CA and softlinks to your client machines grid-security folder (ignore if client and server are same machine).'
def create_conf(self,args):
j2_env = Environment(loader=FileSystemLoader('./arc/control/templates'), trim_blocks=True)
template = j2_env.get_template('arc.conf.j2')
......@@ -332,14 +369,14 @@ class InstallationWizardControl(ComponentControl):
with open(conf_path, 'w') as f:
except IOError as e:
if e.errno == errno.EACCES:
logger.debug('***** You do not have permission to write to %s Instead writing it to /tmp/arc.conf - please copy it manually to %s *****', conf_path,conf_path)
print '='*90
print'====>>> IMPORTANT MESSAGE'
print '====>>> You do not have permission to write to ' + conf_path + '. File is temporarily stored in /tmp/arc.conf - please copy file manually to ' + conf_path
print '='*90
print_str = '====>>> IMPORTANT MESSAGE'
print_str += '====>>> You do not have permission to write to ' + conf_path + '. File is temporarily stored in /tmp/arc.conf - please copy file manually to ' + conf_path
with open('/tmp/arc.conf','w') as f:
except Exception as e:
......@@ -384,7 +421,7 @@ class InstallationWizardControl(ComponentControl):
def get_config(args):
def get_config(args=None):
print config
__runconfig = '/tmp/'
......@@ -410,16 +447,17 @@ class InstallationWizardControl(ComponentControl):
def control(self,args):
""" Ask user for custom values for arc.conf """
if args.action == 'dump':
""" save the configuration options in json format, and dump to screen"""
if args.action == 'create_conf' or 'runall':
if args.action == 'create_conf' or args.action == 'runall':
""" Print out some general info """
prepend_txt = 'A minimal configuration setup.\nYou can choose to use the default values requiring root priveleges. Default values are:'
prepend_txt = 'This program requires root priveleges and helps set up a minimal configuration.\nYou can choose to use the default values which are:'
append_txt = '\n\n[NOTE:]: sudo rights is required to check that linux user and group exists or should be created.\n' \
'Will:\n' \
'* Construct an arc.conf placed in default location or location you specify with some minimum required contents.\n' \
......@@ -442,7 +480,7 @@ class InstallationWizardControl(ComponentControl):
""" Create arc.conf """
""" Ensure logdirs exist """
......@@ -451,12 +489,13 @@ class InstallationWizardControl(ComponentControl):
""" Ensure users exist """
""" Information to create host certificate """
if self.create_host_cert:
self.print_notice('====>> To create a test host certificate please run \narcctl test-ca init\nto create a self-signed TestCA, followed by \narcctl test-ca hostcert\nand optionally \narcctl test-ca usercert\n if you need both a test host certificate and test user certificate')
if args.action == 'testhostcert' or args.action == 'runall':
""" Create test-CA and host certificate """
if args.action == 'testhostcert':
self.arcconfig = self.get_config(args)
cactrl = TestCAControl(self.arcconfig)
......@@ -472,6 +511,21 @@ class InstallationWizardControl(ComponentControl):
def register_parser(root_parser):
help_arcconf = 'Your path to the resulting arc.conf file. Defaults to /etc/arc.conf'
help_hostkey = 'Your path to your existing host certificate key. If you have no host certificate, ignore this option.'
help_hostcert = 'Your path to your existing host certificate. If you have no host certificate, ignore this option. '
help_logdir = 'Your base path of all your ARC logfiles.'
help_controldir = 'Your path to ARC controldir'
help_sessiondir = 'Your path to ARC sessiondir'
help_gridsecurity = 'Your path to the grid-security folder'
help_lrmstype = 'Please specify which LRMS you are using.'
help_lrmspath = 'Your path to the lrsm binary.'
help_condor = 'Must be set if condor lrms is chosen'
help_sge = 'Must be set if sge lrms is chosen'
help_boinc = 'Must be set if boinc lrms is chosen'
installwiz_ctl = root_parser.add_parser('install-wiz', help='ARC Installation Wizard control')
installwiz_actions = installwiz_ctl.add_subparsers(title='Installation Wizard Actions', dest='action',
......@@ -479,23 +533,29 @@ class InstallationWizardControl(ComponentControl):
installwiz_conf = installwiz_actions.add_parser('create_conf', help='Generate arc.conf file',formatter_class=argparse.ArgumentDefaultsHelpFormatter)
installwiz_conf.add_argument('--conf_path', help='')
installwiz_conf.add_argument('--host_key', help='')
installwiz_conf.add_argument('--host_cert', help='')
installwiz_conf.add_argument('--log_rootdir', help='')
installwiz_conf.add_argument('--controldir', help='')
installwiz_conf.add_argument('--sessiondir', help='')
installwiz_conf.add_argument('--grid_security_path', help='')
installwiz_conf.add_argument('--conf_path', help=help_arcconf)
installwiz_conf.add_argument('--host_key', help=help_hostkey)
installwiz_conf.add_argument('--host_cert', help=help_hostcert)
installwiz_conf.add_argument('--log_rootdir', help=help_logdir)
installwiz_conf.add_argument('--controldir', help=help_controldir)
installwiz_conf.add_argument('--sessiondir', help=help_sessiondir)
installwiz_conf.add_argument('--grid_security_path', help=help_gridsecurity)
installwiz_conf.add_argument('--lrms_type', choices=lrmses,help='')
installwiz_conf.add_argument('--lrms_path', help='')
installwiz_conf.add_argument('--lrms_condor_config', default='etc/condor/condor_config',help='Must be set if condor lrms is chosen')
installwiz_conf.add_argument('--lrms_sge_root', default='/gridware/sge',help='Must be set if sge lrms is chosen')
installwiz_conf.add_argument('--lrms_boinc_db_host', default='localhost', help='Must be set if boinc lrms is chosen')
installwiz_conf.add_argument('--lrms_boinc_db_port', default='3306', help='Must be set if boinc lrms is chosen')
installwiz_conf.add_argument('--lrms_boin_db_user', help='Must be set if boinc lrms is chosen')
installwiz_conf.add_argument('--lrms_boinc_db_pass',help='Must be set if boinc lrms is chosen')
installwiz_conf.add_argument('--validity', default=90,help='Number of days the certificates will be valid.')
installwiz_conf.add_argument('--digest', default='sha256',help='')
installwiz_conf.add_argument('--force', action='store_true',default=False,help='If the TestCA or host key and/or cert already exists, the generation of the CA and/or host certificate will fail. Select --force if you want to delete the old files and create new ones.')
installwiz_conf.add_argument('--hostname', action='store',help='')
installwiz_conf.add_argument('--lrms_type', choices=lrmses,help=help_lrmstype)
installwiz_conf.add_argument('--lrms_path', help=help_lrmspath)
installwiz_conf.add_argument('--lrms_condor_config', default='etc/condor/condor_config',help=help_condor)
installwiz_conf.add_argument('--lrms_sge_root', default='/gridware/sge',help=help_sge)
installwiz_conf.add_argument('--lrms_boinc_db_host', default='localhost', help=help_boinc)
installwiz_conf.add_argument('--lrms_boinc_db_port', default='3306', help=help_boinc)
installwiz_conf.add_argument('--lrms_boin_db_user', help=help_boinc)
installwiz_conf.add_argument('-u', '--user', help='')
......@@ -521,23 +581,23 @@ class InstallationWizardControl(ComponentControl):
* Create linux users for mapping grid jobs
* Create test CA and host certificate if required
* Run validator and start services''')
installwiz_runall.add_argument('--conf_path', help='')
installwiz_runall.add_argument('--host_key', help='')
installwiz_runall.add_argument('--host_cert', help='')
installwiz_runall.add_argument('--log_rootdir', help='')
installwiz_runall.add_argument('--controldir', help='')
installwiz_runall.add_argument('--sessiondir', help='')
installwiz_runall.add_argument('--grid_security_path', help='')
installwiz_runall.add_argument('--conf_path', help=help_arcconf)
installwiz_runall.add_argument('--host_key', help=help_hostkey)
installwiz_runall.add_argument('--host_cert', help=help_hostcert)
installwiz_runall.add_argument('--log_rootdir', help=help_logdir)
installwiz_runall.add_argument('--controldir', help=help_controldir)
installwiz_runall.add_argument('--sessiondir', help=help_sessiondir)
installwiz_runall.add_argument('--grid_security_path', help=help_gridsecurity)
installwiz_runall.add_argument('--lrms_type', choices=lrmses,help='')
installwiz_runall.add_argument('--lrms_path', help='')
installwiz_runall.add_argument('--lrms_type', choices=lrmses,help=help_lrmstype)
installwiz_runall.add_argument('--lrms_path', help=help_lrmspath)
installwiz_runall.add_argument('--lrms_condor_config', default='etc/condor/condor_config',help='Must be set if condor lrms is chosen')
installwiz_runall.add_argument('--lrms_sge_root', default='/gridware/sge',help='Must be set if sge lrms is chosen')
installwiz_runall.add_argument('--lrms_boinc_db_host', default='localhost', help='Must be set if boinc lrms is chosen')
installwiz_runall.add_argument('--lrms_boinc_db_port', default='3306', help='Must be set if boinc lrms is chosen')
installwiz_runall.add_argument('--lrms_boin_db_user', help='Must be set if boinc lrms is chosen')
installwiz_runall.add_argument('--lrms_boinc_db_pass',help='Must be set if boinc lrms is chosen')
installwiz_runall.add_argument('--lrms_condor_config', default='etc/condor/condor_config',help=help_condor)
installwiz_runall.add_argument('--lrms_sge_root', default='/gridware/sge',help=help_sge)
installwiz_runall.add_argument('--lrms_boinc_db_host', default='localhost', help=help_boinc)
installwiz_runall.add_argument('--lrms_boinc_db_port', default='3306', help=help_boinc)
installwiz_runall.add_argument('--lrms_boin_db_user', help=help_boinc)
installwiz_runall.add_argument('-u', '--user', help='')
......@@ -555,9 +615,6 @@ class InstallationWizardControl(ComponentControl):
help='Use one-line multiport filter instead of per-service entries')
installwiz_ipconfig = installwiz_actions.add_parser('iptables-config',
help='Generate iptables config to allow ARC CE configured services')
installwiz_ipconfig.add_argument('--any-state', default=False,action='store_true',
......@@ -20,6 +20,15 @@ x509_host_key = {{ host_key}}
{% endif %}
{% for group in auth_groups %}
{% for vo in auth_groups[group] %}
{% endfor %}
{% endfor %}
unixmap={{ grid_user }}:{{ grid_group }} all
......@@ -69,17 +78,17 @@ logfile={{ log_rootdir }}/ws-interface.log
{% if enable_gridftpd %}
globus_tcp_port_range={{ globus_tcp_port_range }}
globus_udp_port_range={{ globus_udp_port_range }}
{% if log_rootdir != '/var/log/arc' %}
logfile={{ log_rootdir }}/gridftpd.log
{% endif %}
{% endif %}
......@@ -88,6 +97,6 @@ loglevel=3
[queue:{{ arc_frontend_grid_queue }}]
[queue:{{ queue }}]
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment