infrastructure-provisioning/src/general/lib/os/redhat/common_lib.py

#!/usr/bin/python3

# *****************************************************************************
#
# Licensed to the Apache Software Foundation (ASF) under one
# or more contributor license agreements.  See the NOTICE file
# distributed with this work for additional information
# regarding copyright ownership.  The ASF licenses this file
# to you under the Apache License, Version 2.0 (the
# "License"); you may not use this file except in compliance
# with the License.  You may obtain a copy of the License at
# 
#   http://www.apache.org/licenses/LICENSE-2.0
# 
# Unless required by applicable law or agreed to in writing,
# software distributed under the License is distributed on an
# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
# KIND, either express or implied.  See the License for the
# specific language governing permissions and limitations
# under the License.
#
# ******************************************************************************

from fabric import *
from patchwork.files import exists
from patchwork import files
import sys
import os
import subprocess
import datalab.fab

def manage_pkg(command, environment, requisites):
    try:
        allow = False
        counter = 0
        while not allow:
            if counter > 60:
                print("Notebook is broken please recreate it.")
                sys.exit(1)
            else:
                print('Package manager is:')
                if environment == 'remote':
                    if datalab.fab.conn.sudo('pgrep yum -a && echo "busy" || echo "ready"') == 'busy':
                        counter += 1
                        time.sleep(10)
                    else:
                        allow = True
                        datalab.fab.conn.sudo('yum {0} {1}'.format(command, requisites))
                elif environment == 'local':
                    if subprocess.run('sudo pgrep yum -a && echo "busy" || echo "ready"', capture_output=True, shell=True, check=True) == 'busy':
                        counter += 1
                        time.sleep(10)
                    else:
                        allow = True
                        subprocess.run('sudo yum {0} {1}'.format(command, requisites), capture_output=True, shell=True, check=True)
                else:
                    print('Wrong environment')
    except:
        sys.exit(1)

def ensure_pkg(user, requisites='git vim gcc python-devel openssl-devel nmap libffi libffi-devel unzip libxml2-devel'):
    try:
        if not exists(datalab.fab.conn,'/home/{}/.ensure_dir/pkg_upgraded'.format(user)):
            print("Updating repositories and installing requested tools: {}".format(requisites))
            if datalab.fab.conn.sudo("systemctl list-units  --all | grep firewalld | awk '{print $1}'") != '':
                datalab.fab.conn.sudo('systemctl disable firewalld.service')
                datalab.fab.conn.sudo('systemctl stop firewalld.service')
            datalab.fab.conn.sudo('setenforce 0')
            datalab.fab.conn.sudo("sed -i '/^SELINUX=/s/SELINUX=.*/SELINUX=disabled/g' /etc/selinux/config")
            mirror = 'mirror.centos.org'
            datalab.fab.conn.sudo('echo "[Centos-repo]" > /etc/yum.repos.d/centOS-base.repo')
            datalab.fab.conn.sudo('echo "name=Centos 7 Repository" >> /etc/yum.repos.d/centOS-base.repo')
            datalab.fab.conn.sudo('echo "baseurl=http://{}/centos/7/os/x86_64/" >> /etc/yum.repos.d/centOS-base.repo'.format(mirror))
            datalab.fab.conn.sudo('echo "enabled=1" >> /etc/yum.repos.d/centOS-base.repo')
            datalab.fab.conn.sudo('echo "gpgcheck=1" >> /etc/yum.repos.d/centOS-base.repo')
            datalab.fab.conn.sudo('echo "gpgkey=http://{}/centos/7/os/x86_64/RPM-GPG-KEY-CentOS-7" >> /etc/yum.repos.d/centOS-base.repo'.format(mirror))
            datalab.fab.conn.sudo('yum-config-manager --enable rhui-REGION-rhel-server-optional')
            manage_pkg('update-minimal --security -y', 'remote', '')
            manage_pkg('-y install', 'remote', 'wget')
            datalab.fab.conn.sudo('wget --no-check-certificate https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm')
            datalab.fab.conn.sudo('rpm -ivh epel-release-latest-7.noarch.rpm')
            manage_pkg('repolist', 'remote', '')
            manage_pkg('-y install', 'remote', 'python3-pip gcc')
            datalab.fab.conn.sudo('rm -f epel-release-latest-7.noarch.rpm')
            datalab.fab.conn.run('export LC_ALL=C')
            manage_pkg('-y install', 'remote', requisites)
            datalab.fab.conn.sudo('touch /home/{}/.ensure_dir/pkg_upgraded'.format(user))
    except:
        sys.exit(1)


def change_pkg_repos():
    if not exists(datalab.fab.conn,'/tmp/pkg_china_ensured'):
        datalab.fab.conn.put('/root/files/sources.list', '/tmp/sources.list')
        datalab.fab.conn.sudo('mv /tmp/sources.list  /etc/yum.repos.d/CentOS-Base-aliyun.repo')
        datalab.fab.conn.sudo('touch /tmp/pkg_china_ensured')


def find_java_path_remote():
    java_path = datalab.fab.conn.sudo("alternatives --display java | grep 'slave jre: ' | awk '{print $3}'").stdout.replace('\n','')
    return java_path


def find_java_path_local():
    java_path = subprocess.run("alternatives --display java | grep 'slave jre: ' | awk '{print $3}'", capture_output=True, shell=True, check=True).stdout.decode('UTF-8').rstrip("\n\r")
    return java_path


def ensure_ntpd(user, edge_private_ip=''):
    try:
        if not exists(datalab.fab.conn,'/home/{}/.ensure_dir/ntpd_ensured'.format(user)):
            datalab.fab.conn.sudo('systemctl disable chronyd')
            manage_pkg('-y install', 'remote', 'ntp')
            datalab.fab.conn.sudo('echo "tinker panic 0" >> /etc/ntp.conf')
            datalab.fab.conn.sudo('systemctl start ntpd')
            if os.environ['conf_resource'] != 'ssn' and os.environ['conf_resource'] != 'edge':
                datalab.fab.conn.sudo('echo "server {} prefer iburst" >> /etc/ntp.conf'.format(edge_private_ip))
                datalab.fab.conn.sudo('systemctl restart ntpd')
            datalab.fab.conn.sudo('systemctl enable ntpd')
            datalab.fab.conn.sudo('touch /home/{}/.ensure_dir/ntpd_ensured'.format(user))
    except:
        sys.exit(1)


def ensure_java(user):
    try:
        if not exists(datalab.fab.conn,'/home/{}/.ensure_dir/java_ensured'.format(user)):
            manage_pkg('-y install', 'remote', 'java-1.8.0-openjdk-devel')
            datalab.fab.conn.sudo('touch /home/{}/.ensure_dir/java_ensured'.format(user))
    except:
        sys.exit(1)


def ensure_step(user):
    try:
        if not exists(datalab.fab.conn,'/home/{}/.ensure_dir/step_ensured'.format(user)):
            manage_pkg('-y install', 'remote', 'wget')
            datalab.fab.conn.sudo('wget https://github.com/smallstep/cli/releases/download/v0.13.3/step_0.13.3_linux_amd64.tar.gz '
                 '-O /tmp/step_0.13.3_linux_amd64.tar.gz')
            datalab.fab.conn.sudo('tar zxvf /tmp/step_0.13.3_linux_amd64.tar.gz -C /tmp/')
            datalab.fab.conn.sudo('mv /tmp/step_0.13.3/bin/step /usr/bin/')
            datalab.fab.conn.sudo('touch /home/{}/.ensure_dir/step_ensured'.format(user))
    except:
        sys.exit(1)

def install_certbot(os_family):
    try:
        print('Installing Certbot')
        print('Redhat is not supported yet. Skipping....')
    except Exception as err:
        traceback.print_exc()
        print('Failed Certbot install: ' + str(err))
        sys.exit(1)

def run_certbot(domain_name, email=''):
    try:
        print('Running  Certbot')
        print('Redhat is not supported yet. Skipping....')
    except Exception as err:
        traceback.print_exc()
        print('Failed to run Certbot: ' + str(err))
        sys.exit(1)

def configure_nginx_LE(domain_name):
    try:
        print('Redhat is not supported yet. Skipping....')
    except Exception as err:
        traceback.print_exc()
        print('Failed to run Certbot: ' + str(err))
        sys.exit(1)