diff --git a/.env b/.env index 5d2c0f90..dd3f9f2b 100644 --- a/.env +++ b/.env @@ -12,3 +12,5 @@ OS_PROJECT_NAME=portal-pool-dev OS_USERNAME=portal-user-dev OS_USER_DOMAIN_NAME=Default OS_PROJECT_DOMAIN_ID=default + +GITHUB_PLAYBOOKS_REPO=https://api.github.com/repos/deNBI/resenvs/contents/ \ No newline at end of file diff --git a/.env.in b/.env.in index 773a7698..84fb1e0c 100644 --- a/.env.in +++ b/.env.in @@ -15,3 +15,5 @@ OS_USERNAME= OS_USER_DOMAIN_NAME= OS_PROJECT_DOMAIN_ID= OS_PROJECT_DOMAIN_NAME= + +GITHUB_PLAYBOOKS_REPO=https://api.github.com/repos/deNBI/resenvs/contents/ diff --git a/VirtualMachineService/VirtualMachineHandler.py b/VirtualMachineService/VirtualMachineHandler.py index e1dec7e1..b781f572 100644 --- a/VirtualMachineService/VirtualMachineHandler.py +++ b/VirtualMachineService/VirtualMachineHandler.py @@ -18,12 +18,8 @@ from constants import VERSION from ancon.Playbook import ( Playbook, - THEIA, - GUACAMOLE, ALL_TEMPLATES, - RSTUDIO, JUPYTERNOTEBOOK, - CWLAB, ) except Exception: @@ -40,12 +36,8 @@ from .constants import VERSION from .ancon.Playbook import ( Playbook, - THEIA, - GUACAMOLE, ALL_TEMPLATES, - RSTUDIO, JUPYTERNOTEBOOK, - CWLAB, ) import datetime @@ -67,6 +59,9 @@ from openstack import connection from openstack.exceptions import ConflictException from oslo_utils import encodeutils + +import os +import json from requests.exceptions import Timeout active_playbooks = dict() @@ -84,6 +79,16 @@ ch.setFormatter(formatter) LOG.addHandler(fh) LOG.addHandler(ch) +GITHUB_PLAYBOOKS_REPO = os.environ["GITHUB_PLAYBOOKS_REPO"] +PLAYBOOKS_DIR = "/code/VirtualMachineService/ancon/playbooks/" + +PORT = "port" +SECURITYGROUP_NAME = "securitygroup_name" +SECURITYGROUP_DESCRIPTION = "securitygroup_description" +SECURITYGROUP_SSH = "securitygroup_ssh" +DIRECTION = "direction" +PROTOCOL = "protocol" +TEMPLATE_NAME = "template_name" class VirtualMachineHandler(Iface): @@ -102,6 +107,8 @@ class VirtualMachineHandler(Iface): PLAYBOOK_FAILED = "PLAYBOOK_FAILED" DEFAULT_SECURITY_GROUP = "defaultSimpleVM" DEFAULT_SECURITY_GROUPS = [DEFAULT_SECURITY_GROUP] + ALL_TEMPLATES = ALL_TEMPLATES + loaded_resenv_metadata = {} def keyboard_interrupt_handler_playbooks(self): global active_playbooks @@ -149,6 +156,8 @@ def __init__(self, config): self.pool = redis.ConnectionPool(host="redis", port=6379) self.redis = redis.Redis(connection_pool=self.pool, charset="utf-8") + self.update_playbooks() + self.USERNAME = os.environ["OS_USERNAME"] self.PASSWORD = os.environ["OS_PASSWORD"] self.PROJECT_NAME = os.environ["OS_PROJECT_NAME"] @@ -332,9 +341,9 @@ def get_Images(self): metadata = img["metadata"] description = metadata.get("description") tags = img.get("tags") - LOG.info(set(ALL_TEMPLATES).intersection(tags)) + LOG.info(set(self.ALL_TEMPLATES).intersection(tags)) if len( - set(ALL_TEMPLATES).intersection(tags) + set(self.ALL_TEMPLATES).intersection(tags) ) > 0 and not self.cross_check_forc_image(tags): LOG.info("Resenv check: Skipping {0}.".format(img["name"])) continue @@ -368,9 +377,9 @@ def prepare_image(self, img): metadata = img["metadata"] description = metadata.get("description") tags = img.get("tags") - LOG.info(set(ALL_TEMPLATES).intersection(tags)) + LOG.info(set(self.ALL_TEMPLATES).intersection(tags)) if len( - set(ALL_TEMPLATES).intersection(tags) + set(self.ALL_TEMPLATES).intersection(tags) ) > 0 and not self.cross_check_forc_image(tags): LOG.info("Resenv check: Skipping {0}.".format(img["name"])) return None @@ -944,42 +953,24 @@ def prepare_security_groups_new_server(self, resenv, servername, http, https): ).name ) - if THEIA in resenv: - custom_security_groups.append( - self.create_security_group( - name=servername + "_theiaide", - resenv=resenv, - description="Theiaide", - ssh=False, - ).name - ) - if GUACAMOLE in resenv: - custom_security_groups.append( - self.create_security_group( - name=servername + "_guacamole", - resenv=resenv, - description="Guacamole", - ssh=False, - ).name - ) - if RSTUDIO in resenv: - custom_security_groups.append( - self.create_security_group( - name=servername + "_rstudio", - resenv=resenv, - description="Rstudio", - ssh=False, - ).name - ) - if CWLAB in resenv: - custom_security_groups.append( - self.create_security_group( - name=servername + "_cwlab", - resenv=resenv, - description="CWLab", - ssh=False, - ).name - ) + for research_enviroment in resenv: + if research_enviroment in self.loaded_resenv_metadata: + resenv_metadata = self.loaded_resenv_metadata[research_enviroment] + custom_security_groups.append( + self.create_security_group( + name=servername + resenv_metadata.security_group_name, + resenv=resenv, + description=resenv_metadata.security_group_description, + ssh=resenv_metadata.security_group_ssh, + ).name + ) + elif research_enviroment != "user_key_url": + LOG.error( + "Failure to load metadata of reasearch enviroment: " + + research_enviroment + ) + + # TODO: remove if JUPYTERNOTEBOOK is no longer used, as it appears if JUPYTERNOTEBOOK in resenv: custom_security_groups.append( self.create_security_group( @@ -1231,6 +1222,7 @@ def create_and_deploy_playbook( osi_private_key=key, public_key=public_key, pool=self.pool, + loaded_metadata_keys=list(self.loaded_resenv_metadata.keys()), ) self.redis.hset(openstack_id, "status", self.BUILD_PLAYBOOK) playbook.run_it() @@ -1262,7 +1254,7 @@ def cross_check_forc_image(self, tags): templates = response.json() except Exception as e: LOG.error("Could not get templates from FORC.\n {0}".format(e)) - cross_tags = list(set(ALL_TEMPLATES).intersection(tags)) + cross_tags = list(set(self.ALL_TEMPLATES).intersection(tags)) for template_dict in templates: if ( template_dict["name"] in self.FORC_ALLOWED @@ -1533,11 +1525,41 @@ def get_template_version_for(self, template): def cross_check_templates(self, templates): return_templates = set() + templates_metada = [] for template_dict in templates: if template_dict["name"] in self.FORC_ALLOWED: if template_dict["version"] in self.FORC_ALLOWED[template_dict["name"]]: return_templates.add(template_dict["name"]) - return return_templates + # Todo load Metadata from multiple folders + for file in os.listdir(PLAYBOOKS_DIR): + if "_metadata.yml" in file: + with open(PLAYBOOKS_DIR + file) as template_metadata: + try: + loaded_metadata = yaml.load( + template_metadata, Loader=yaml.FullLoader + ) + template_name = loaded_metadata[TEMPLATE_NAME] + if loaded_metadata["needs_forc_support"]: + if template_name in return_templates: + templates_metada.append(str(loaded_metadata)) + if template_name not in self.ALL_TEMPLATES: + ALL_TEMPLATES.append(template_name) + else: + LOG.info( + "Failed to find supporting FORC file for " + + str(template_name) + ) + else: + templates_metada.append(str(loaded_metadata)) + if template_name not in self.ALL_TEMPLATES: + ALL_TEMPLATES.append(template_name) + + except Exception as e: + LOG.exception( + "Failed to parse Metadata yml: " + file + "\n" + str(e) + ) + LOG.info("Plays DEBUG: Values of metadata: " + str(templates_metada)) + return templates_metada def get_templates(self): get_url = "{0}templates/".format(self.RE_BACKEND_URL) @@ -1555,6 +1577,7 @@ def get_templates(self): except Timeout as e: LOG.info(msg="get_templates timed out. {0}".format(e)) + # Todo test this method def get_allowed_templates(self): get_url = "{0}templates/".format(self.RE_BACKEND_URL) try: @@ -2602,47 +2625,29 @@ def create_security_group( port_range_min=22, security_group_id=new_security_group["id"], ) + for research_enviroment in resenv: + if research_enviroment in self.loaded_resenv_metadata: + LOG.info( + "Add " + + research_enviroment + + " rule to security group {}".format(name) + ) + resenv_metadata = self.loaded_resenv_metadata[research_enviroment] + self.conn.network.create_security_group_rule( + direction=resenv_metadata.direction, + protocol=resenv_metadata.protocol, + port_range_max=resenv_metadata.port, + port_range_min=resenv_metadata.port, + security_group_id=new_security_group["id"], + ) + elif research_enviroment != "user_key_url": + # Todo add mail for this logging as this should not happen + LOG.error( + "Error: Could not find metadata for research enviroment: " + + research_enviroment + ) - if THEIA in resenv: - LOG.info("Add theia rule to security group {}".format(name)) - - self.conn.network.create_security_group_rule( - direction="ingress", - protocol="tcp", - port_range_max=8080, - port_range_min=8080, - security_group_id=new_security_group["id"], - ) - if GUACAMOLE in resenv: - LOG.info("Add guacamole rule to security group {}".format(name)) - - self.conn.network.create_security_group_rule( - direction="ingress", - protocol="tcp", - port_range_max=8080, - port_range_min=8080, - security_group_id=new_security_group["id"], - ) - if RSTUDIO in resenv: - LOG.info("Add rstudio rule to security group {}".format(name)) - - self.conn.network.create_security_group_rule( - direction="ingress", - protocol="tcp", - port_range_max=8787, - port_range_min=8787, - security_group_id=new_security_group["id"], - ) - if CWLAB in resenv: - LOG.info("Add cwlab rule to security group {}".format(name)) - - self.conn.network.create_security_group_rule( - direction="ingress", - protocol="tcp", - port_range_max=80, - port_range_min=80, - security_group_id=new_security_group["id"], - ) + # Todo: remove Jupyter reference, if not needed if JUPYTERNOTEBOOK in resenv: LOG.info("Add jupyternotebook rule to security group {}".format(name)) @@ -2684,3 +2689,83 @@ def get_limits(self): "totalRamUsed": totalRamUsed, "totalInstancesUsed": totalInstancesUsed, } + + def update_playbooks(self): + LOG.info("STARTED update") + r = req.get(GITHUB_PLAYBOOKS_REPO) + contents = json.loads(r.content) + # Todo maybe clone entire direcotry + for f in contents: + if f["name"] != "LICENSE": + LOG.info("started download of" + f["name"]) + download_link = f["download_url"] + file_request = req.get(download_link) + filename = "/code/VirtualMachineService/ancon/playbooks/" + f["name"] + playbook_file = open(filename, "w") + playbook_file.write(file_request.content.decode("utf-8")) + playbook_file.close() + templates_metadata = self.load_resenv_metadata() + for template_metadata in templates_metadata: + try: + metadata = ResenvMetadata( + template_metadata[TEMPLATE_NAME], + template_metadata[PORT], + template_metadata[SECURITYGROUP_NAME], + template_metadata[SECURITYGROUP_DESCRIPTION], + template_metadata[SECURITYGROUP_SSH], + template_metadata[DIRECTION], + template_metadata[PROTOCOL], + ) + if metadata.name not in list(self.loaded_resenv_metadata.keys()): + self.loaded_resenv_metadata[metadata.name] = metadata + else: + if self.loaded_resenv_metadata[metadata.name] != metadata: + self.loaded_resenv_metadata[metadata.name] = metadata + + except Exception as e: + LOG.exception( + "Failed to parse Metadata yml: " + + str(template_metadata) + + "\n" + + str(e) + ) + + def load_resenv_metadata(self): + templates_metada = [] + for file in os.listdir(PLAYBOOKS_DIR): + if "_metadata.yml" in file: + with open(PLAYBOOKS_DIR + file) as template_metadata: + try: + loaded_metadata = yaml.load( + template_metadata, Loader=yaml.FullLoader + ) + template_name = loaded_metadata[TEMPLATE_NAME] + + templates_metada.append(loaded_metadata) + if template_name not in self.ALL_TEMPLATES: + ALL_TEMPLATES.append(template_name) + except Exception as e: + LOG.exception( + "Failed to parse Metadata yml: " + file + "\n" + str(e) + ) + return templates_metada + + +class ResenvMetadata: + def __init__( + self, + name, + port, + security_group_name, + security_group_description, + security_group_ssh, + direction, + protocol, + ): + self.name = name + self.port = port + self.security_group_name = security_group_name + self.security_group_description = security_group_description + self.security_group_ssh = security_group_ssh + self.direction = direction + self.protocol = protocol diff --git a/VirtualMachineService/VirtualMachineService-remote b/VirtualMachineService/VirtualMachineService-remote index 09fd4a96..8a0588f1 100755 --- a/VirtualMachineService/VirtualMachineService-remote +++ b/VirtualMachineService/VirtualMachineService-remote @@ -1,6 +1,6 @@ #!/usr/bin/env python # -# Autogenerated by Thrift Compiler (0.12.0) +# Autogenerated by Thrift Compiler (0.13.0) # # DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING # diff --git a/VirtualMachineService/VirtualMachineService.py b/VirtualMachineService/VirtualMachineService.py index ec4af51e..2e1d0a48 100644 --- a/VirtualMachineService/VirtualMachineService.py +++ b/VirtualMachineService/VirtualMachineService.py @@ -1,5 +1,5 @@ # -# Autogenerated by Thrift Compiler (0.12.0) +# Autogenerated by Thrift Compiler (0.13.0) # # DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING # @@ -3757,9 +3757,15 @@ def __init__(self, handler): self._processMap["resume_server"] = Processor.process_resume_server self._processMap["create_volume"] = Processor.process_create_volume self._processMap["reboot_server"] = Processor.process_reboot_server + self._on_message_begin = None + + def on_message_begin(self, func): + self._on_message_begin = func def process(self, iprot, oprot): (name, type, seqid) = iprot.readMessageBegin() + if self._on_message_begin: + self._on_message_begin(name, type, seqid) if name not in self._processMap: iprot.skip(TType.STRUCT) iprot.readMessageEnd() diff --git a/VirtualMachineService/ancon/Playbook.py b/VirtualMachineService/ancon/Playbook.py index 34f6fdc5..e86012e3 100644 --- a/VirtualMachineService/ancon/Playbook.py +++ b/VirtualMachineService/ancon/Playbook.py @@ -8,15 +8,11 @@ import ruamel.yaml BIOCONDA = "bioconda" -THEIA = "theiaide" -RSTUDIO = "rstudio" -GUACAMOLE = "guacamole" JUPYTERNOTEBOOK = "jupyternotebook" -CWLAB = "cwlab" OPTIONAL = "optional" MOSH = "mosh" -ALL_TEMPLATES = [BIOCONDA, THEIA, RSTUDIO, GUACAMOLE, JUPYTERNOTEBOOK, CWLAB] +ALL_TEMPLATES = [BIOCONDA, JUPYTERNOTEBOOK] LOG = logging.getLogger(__name__) LOG.setLevel(logging.DEBUG) @@ -39,8 +35,16 @@ class Playbook(object): PLAYBOOK_FAILED = "PLAYBOOK_FAILED" def __init__( - self, ip, port, playbooks_information, osi_private_key, public_key, pool + self, + ip, + port, + playbooks_information, + osi_private_key, + public_key, + pool, + loaded_metadata_keys, ): + self.loaded_metadata_keys = loaded_metadata_keys self.redis = redis.Redis(connection_pool=pool) # redis connection self.yaml_exec = ruamel.yaml.YAML() # yaml writer/reader self.vars_files = [] # _vars_file.yml to read @@ -136,35 +140,12 @@ def load_vars(): for p in p_array: p_dict.update({p[0]: {"version": p[1], "build": p[2]}}) data[playbook_name + "_tools"][k] = p_dict - if ( - playbook_name == THEIA - or playbook_name == RSTUDIO - or playbook_name == GUACAMOLE - or playbook_name == CWLAB - ): + if playbook_name in self.loaded_metadata_keys: for k, v in playbook_vars.items(): if k == "template_version": data[playbook_name + "_vars"][k] = v if k == "create_only_backend": data[playbook_name + "_vars"][k] = v - # if playbook_name == RSTUDIO: - # for k, v in playbook_vars.items(): - # if k == "template_version": - # data[playbook_name + "_vars"][k] = v - # if k == "create_only_backend": - # data[playbook_name + "_vars"][k] = v - # if playbook_name == GUACAMOLE: - # for k, v in playbook_vars.items(): - # if k == "template_version": - # data[playbook_name + "_vars"][k] = v - # if k == "create_only_backend": - # data[playbook_name + "_vars"][k] = v - # if playbook_name == CWLAB: - # for k, v in playbook_vars.items(): - # if k == "template_version": - # data[playbook_name + "_vars"][k] = v - # if k == "create_only_backend": - # data[playbook_name + "_vars"][k] = v if playbook_name == OPTIONAL: for k, v in playbook_vars.items(): if k == MOSH: diff --git a/VirtualMachineService/ancon/playbooks/cwlab.yml b/VirtualMachineService/ancon/playbooks/cwlab.yml deleted file mode 100644 index 70516514..00000000 --- a/VirtualMachineService/ancon/playbooks/cwlab.yml +++ /dev/null @@ -1,83 +0,0 @@ -- name: Disable periodic updates - block: - - name: Disable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "0";' - create: yes - - name: Stop apt-daily.* systemd services - service: - name: "{{ item }}" - state: stopped - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer - - -- name: Wait for automatic system updates 1 - shell: while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep 1; done; - -- name: Wait for automatic system updates 2 - shell: while sudo fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do sleep 1; done; - -- name: Update apt cache - apt: - update_cache: true - become: yes - -- name: Install docker.io package - apt: - name: docker.io - become: yes - -- name: Add ubuntu user to docker group - user: - name: ubuntu - groups: docker - append: yes - become: yes - -- name: Install docker python dev package - apt: - name: python3-docker - become: yes - -- name: Launch cwlab container - community.general.docker_container: - name: cwlab - image: compepigen/cwlab:dev - ports: - - "{{ cwlab_vars.exposed_port }}:5000" - volumes: - - "{{ cwlab_vars.data_volume_path }}:/data" - restart_policy: always - user: 1000:1000 - recreate: yes - container_default_behavior: no_defaults - -- name: Enable periodic updates - block: - - name: enable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "1";' - create: yes - - name: Start apt-daily.* systemd services - service: - name: "{{ item }}" - state: started - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer - - - - diff --git a/VirtualMachineService/ancon/playbooks/cwlab_vars_file.yml b/VirtualMachineService/ancon/playbooks/cwlab_vars_file.yml deleted file mode 100644 index 93ad4374..00000000 --- a/VirtualMachineService/ancon/playbooks/cwlab_vars_file.yml +++ /dev/null @@ -1,5 +0,0 @@ -cwlab_vars: - exposed_port: 80 - data_volume_path: /home/ubuntu/cwlab-data/ - template_version: - create_only_backend: diff --git a/VirtualMachineService/ancon/playbooks/guacamole.yml b/VirtualMachineService/ancon/playbooks/guacamole.yml deleted file mode 100644 index db3e2c3c..00000000 --- a/VirtualMachineService/ancon/playbooks/guacamole.yml +++ /dev/null @@ -1,82 +0,0 @@ -- name: Disable periodic updates - block: - - name: Disable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "0";' - create: yes - - name: Stop apt-daily.* systemd services - service: - name: "{{ item }}" - state: stopped - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer - - -- name: Wait for automatic system updates 1 - shell: while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep 1; done; - -- name: Wait for automatic system updates 2 - shell: while sudo fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do sleep 1; done; - -- name: Install guacamole role - include_role: - name: guacamole - when: guacamole_vars.create_only_backend == "false" - -- name: Flush guacamole handlers - meta: flush_handlers - when: guacamole_vars.create_only_backend == "false" - -- name: Setup password for default user - user: - name: "{{ guacamole_vars.DEFAULT_USER }}" - password: "{{ guacamole_vars.DEFAULT_PASSWORD_HASHED }}" - when: guacamole_vars.create_only_backend == "true" - -- name: Restart xrdp - systemd: - name: xrdp - state: restarted - when: guacamole_vars.create_only_backend == "true" - -- name: Restart guacd - systemd: - name: guacd - state: restarted - when: guacamole_vars.create_only_backend == "true" - -- name: Restart Tomcat - systemd: - name: tomcat8 - state: restarted - when: guacamole_vars.create_only_backend == "true" - -- name: Reload systemd - systemd: - daemon_reload: yes - when: guacamole_vars.create_only_backend == "true" - -- name: Enable periodic updates - block: - - name: enable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "1";' - create: yes - - name: Start apt-daily.* systemd services - service: - name: "{{ item }}" - state: started - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer diff --git a/VirtualMachineService/ancon/playbooks/guacamole_vars_file.yml b/VirtualMachineService/ancon/playbooks/guacamole_vars_file.yml deleted file mode 100644 index 296e5f5c..00000000 --- a/VirtualMachineService/ancon/playbooks/guacamole_vars_file.yml +++ /dev/null @@ -1,5 +0,0 @@ -guacamole_vars: - template_version: - create_only_backend: - DEFAULT_USER: ubuntu - DEFAULT_PASSWORD_HASHED: $6$iRrIJogrR0N2ZVdb$oL5XzFqcTC.O3g4DS945a5K7nRvO0LqY.ugyjDINUA347qRYXe1YXag8cRlLf9PVwmNrRYU3LTNGyCIPbFvz4/ diff --git a/VirtualMachineService/ancon/playbooks/rstudio.yml b/VirtualMachineService/ancon/playbooks/rstudio.yml deleted file mode 100644 index 886945b8..00000000 --- a/VirtualMachineService/ancon/playbooks/rstudio.yml +++ /dev/null @@ -1,76 +0,0 @@ -- name: Disable periodic updates - block: - - name: Disable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "0";' - create: yes - - name: Stop apt-daily.* systemd services - service: - name: "{{ item }}" - state: stopped - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer - - -- name: Wait for automatic system updates 1 - shell: while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep 1; done; - when: rstudio_vars.create_only_backend == "false" - -- name: Wait for automatic system updates 2 - shell: while sudo fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do sleep 1; done; - when: rstudio_vars.create_only_backend == "false" - -- name: Setup password for default user - user: - name: "{{ rstudio_vars.DEFAULT_USER }}" - password: "{{ rstudio_vars.DEFAULT_PASSWORD_HASHED }}" - -- name: Install R role - include_role: - name: oefenweb.r - when: rstudio_vars.create_only_backend == "false" - -- name: Install rstudio-server role - include_role: - name: oefenweb.rstudio_server - vars: - rstudio_install: [r-base] - when: rstudio_vars.create_only_backend == "false" - -- name: Copy session file if also installing rstudio - copy: - content: "session-timeout-minutes=180" - dest: "{{ rstudio_vars.RSESSION_FILE_PATH }}" - mode: "0644" - owner: "root" - group: "root" - when: rstudio_vars.create_only_backend == "false" - -- name: Flush rstudio handlers - meta: flush_handlers - when: rstudio_vars.create_only_backend == "false" - -- name: Enable periodic updates - block: - - name: enable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "1";' - create: yes - - name: Start apt-daily.* systemd services - service: - name: "{{ item }}" - state: started - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer diff --git a/VirtualMachineService/ancon/playbooks/rstudio_vars_file.yml b/VirtualMachineService/ancon/playbooks/rstudio_vars_file.yml deleted file mode 100644 index aff9ba8d..00000000 --- a/VirtualMachineService/ancon/playbooks/rstudio_vars_file.yml +++ /dev/null @@ -1,6 +0,0 @@ -rstudio_vars: - template_version: - create_only_backend: - DEFAULT_USER: ubuntu - DEFAULT_PASSWORD_HASHED: $6$rounds=656000$kDXfaoylNAAH4hiN$Se1C7um7OW7ETs.L19uy1xn9SJjtjHylbF.Xv/YhRWilSyzDcX7nSajMth8LgZNiRJmO3.wBxcYeJnsgW4CLL1 - RSESSION_FILE_PATH: /etc/rstudio/rsession.conf diff --git a/VirtualMachineService/ancon/playbooks/theiaide.yml b/VirtualMachineService/ancon/playbooks/theiaide.yml deleted file mode 100644 index 985613b0..00000000 --- a/VirtualMachineService/ancon/playbooks/theiaide.yml +++ /dev/null @@ -1,56 +0,0 @@ -- name: Disable periodic updates - block: - - name: Disable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "0";' - create: yes - - name: Stop apt-daily.* systemd services - service: - name: "{{ item }}" - state: stopped - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer - - -- name: Wait for automatic system updates 1 - shell: while sudo fuser /var/lib/dpkg/lock >/dev/null 2>&1; do sleep 1; done; - when: theiaide_vars.create_only_backend == "false" - -- name: Wait for automatic system updates 2 - shell: while sudo fuser /var/lib/dpkg/lock-frontend >/dev/null 2>&1; do sleep 1; done; - when: theiaide_vars.create_only_backend == "false" - -- name: Install theia_ide role - include_role: - name: jkrue.theia_ide - vars: - theia_ide_bind_address: 0.0.0.0 - theia_ide_bind_port: 8080 - when: theiaide_vars.create_only_backend == "false" - -- name: Enable periodic updates - block: - - name: enable unattended upgrades - lineinfile: - path: /etc/apt/apt.conf.d/10periodic - regexp: "^APT::Periodic::Unattended-Upgrade" - line: 'APT::Periodic::Unattended-Upgrade "1";' - create: yes - - name: Start apt-daily.* systemd services - service: - name: "{{ item }}" - state: started - with_items: - - unattended-upgrades - - apt-daily - - apt-daily.timer - - apt-daily-upgrade - - apt-daily-upgrade.timer - - diff --git a/VirtualMachineService/ancon/playbooks/theiaide_vars_file.yml b/VirtualMachineService/ancon/playbooks/theiaide_vars_file.yml deleted file mode 100644 index e9935c05..00000000 --- a/VirtualMachineService/ancon/playbooks/theiaide_vars_file.yml +++ /dev/null @@ -1,3 +0,0 @@ -theiaide_vars: - template_version: - create_only_backend: diff --git a/VirtualMachineService/constants.py b/VirtualMachineService/constants.py index b182601b..4324a467 100644 --- a/VirtualMachineService/constants.py +++ b/VirtualMachineService/constants.py @@ -1,5 +1,5 @@ # -# Autogenerated by Thrift Compiler (0.12.0) +# Autogenerated by Thrift Compiler (0.13.0) # # DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING # diff --git a/VirtualMachineService/ttypes.py b/VirtualMachineService/ttypes.py index 16057a07..80130652 100644 --- a/VirtualMachineService/ttypes.py +++ b/VirtualMachineService/ttypes.py @@ -1,5 +1,5 @@ # -# Autogenerated by Thrift Compiler (0.12.0) +# Autogenerated by Thrift Compiler (0.13.0) # # DO NOT EDIT UNLESS YOU ARE SURE THAT YOU KNOW WHAT YOU ARE DOING # diff --git a/requirements.txt b/requirements.txt index 7f6bd6d5..3aa42adb 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,9 +5,10 @@ openstacksdk ==0.52.0 deprecated == 1.2.10 Click==7.1.2 flake8==3.8.4 -ansible==2.10.4 +ansible==2.10.5 ruamel.yaml<0.17.0 paramiko==2.7.2 pyvim==3.0.2 redis==3.5.3 requests==2.25.1 +pyyaml==5.3.1 \ No newline at end of file