܍~c @UdZddlZddlZddlmZddlmZddlmZddl m Zddl m Z m Z ddl mZdd lmZdd lmZmZdd lmZd Zd ZdZejeZdZdgZdddeeedgedgdZeed<eeZeeefdZ de!dededede"ddf dZ#dS) z6 Mcollective: Install, configure and start mcollectiveN)Logger)dedent) ConfigObj)log)subputil)Cloud)Config) MetaSchema get_meta_doc) PER_INSTANCEz&/etc/mcollective/ssl/server-public.pemz'/etc/mcollective/ssl/server-private.pemz/etc/mcollective/server.cfgaThis module installs, configures and starts mcollective. If the ``mcollective`` key is present in config, then mcollective will be installed and started. Configuration for ``mcollective`` can be specified in the ``conf`` key under ``mcollective``. Each config value consists of a key value pair and will be written to ``/etc/mcollective/server.cfg``. The ``public-cert`` and ``private-cert`` keys, if present in conf may be used to specify the public and private certificates for mcollective. Their values will be written to ``/etc/mcollective/ssl/server-public.pem`` and ``/etc/mcollective/ssl/server-private.pem``. .. note:: The ec2 metadata service is readable by non-root users. If security is a concern, use include-once and ssl urls. allcc_mcollective Mcollectivez(Install, configure and start mcollectivea # Provide server private and public key and provide the following # config settings in /etc/mcollective/server.cfg: # loglevel: debug # plugin.stomp.host: dbhost # WARNING WARNING WARNING # The ec2 metadata service is a network service, and thus is # readable by non-root users on the system # (ie: 'ec2metadata --user-data') # If you want security for this, please use include-once + SSL urls mcollective: conf: loglevel: debug plugin.stomp.host: dbhost public-cert: | -------BEGIN CERTIFICATE-------- -------END CERTIFICATE-------- private-cert: | -------BEGIN CERTIFICATE-------- -------END CERTIFICATE-------- mcollective)idnametitle descriptiondistrosexamples frequencyactivate_by_schema_keysmetac tj|dd}ttj|}nV#t $rI}|jt jkrt d|t}Yd}~nd}~wwxYw| D]\}}|dkr"tj ||d||d<d|d <-|d kr"tj ||d ||d <d|d <Ut|tr|||<pt|tr4||jvri||<| D]\} } | ||| <t|||< tj|d |zn.#t $r!}|jt jkrnYd}~nd}~wwxYwtj} || tj || ddS)NF)quietdecodez4Did not find file %s (starting with an empty config)z public-certi)modezplugin.ssl_server_publicsslsecurityproviderz private-certizplugin.ssl_server_privatez%s.old)r load_filerioBytesIOIOErrorerrnoENOENTLOGdebugitems write_file isinstancestrdictsectionscopywritegetvalue) config server_cfg pubcert_file pricert_file old_contentsmcollective_configecfg_namecfgovcontentss A/usr/lib/python3/dist-packages/cloudinit/config/cc_mcollective.py configurer?^sz -~jeLLL &rz,'?'?@@ --- 7el " "  IIF   "+      -"<<>>883 } $ $ OL#E : : : :=I 9 :5: 1 2 2  ' ' OL#E : : : :>J : ;5: 1 2 2#s## 8/2"8,,C$(( 8#5#>>>35&x0!iikk88FQ67&x0338033xx"8,,  *h*56666  7el " "   DDDDz||HX&&&OJ 1 1 3 3%@@@@@@s-8; B?B  B2F F6F11F6rr:cloudrargsreturncd|vr|d|dS|d}|jdd|vrt|dt jgdddS) Nrz?Skipping module named %s, no 'mcollective' key in configuration)rconf)r2)servicerrestartF)capture)r(distroinstall_packagesr?r)rr:r@rrAmcollective_cfgs r>handlerKs C M     -(O L!!"2333  01111 I333UCCCCCC)$__doc__r%r"loggingrtextwrapr configobjr cloudinitrrrcloudinit.cloudr cloudinit.configr cloudinit.config.schemar r cloudinit.settingsr PUBCERT_FILE PRICERT_FILE SERVER_CFG getLogger__name__r'MODULE_DESCRIPTIONrr__annotations__r?r,listrKrLr>r_s=<<  $$$$$$ !!!!!!######<<<<<<<<++++++7 8 * g!!" '   7%   8 -G$$j$$$L ,t    :A:A:A:AzD DD#(D/5D=AD DDDDDDrL