Fabric helpers we use at PoV
Project description
Fabric Helpers
This is a collection of helpers we use in Fabric scripts. They’re primarily intended to manage Ubuntu servers (12.04 LTS or 14.04 LTS).
Helpers (aka why would I want this?)
APT packages:
ensure_apt_not_outdated() - runs apt-get update at most once a day
install_packages("vim screen build-essential")
install_missing_packages("vim screen build-essential")
if not package_installed('git'): ...
if not package_available('pov-admin-helpers'): ...
User accounts:
ensure_user("myusername")
SSH:
ensure_known_host("example.com ssh-rsa AAA....")
Locales:
ensure_locales("en", "lt")
Files and directories:
ensure_directory("/srv/data", mode=0o700)
upload_file('crontab', '/etc/cron.d/mycrontab')
generate_file('crontab.in', '/etc/cron.d/mycrontab', context, use_jinja=True)
download_file('/home/user/.ssh/authorized_keys', 'https://example.com/ssh.pubkey')
GIT:
git_clone("git@github.com:ProgrammersOfVilnius/project.git", "/opt/project")
git_update("/opt/project")
PostgreSQL:
ensure_postgresql_user("username")
ensure_postgresql_db("dbname", "owner")
Apache:
ensure_ssl_key(...)
install_apache_website('apache.conf.in', 'example.com', context, use_jinja=True, modules='ssl rewrite proxy_http')`
Postfix:
install_postfix_virtual_table('virtual', '/etc/postfix/virtual.example.com')`
make_postfix_public()
Keeping a changelog in /root/Changelog (requires /usr/sbin/new-changelog-entry from pov-admin-tools)
changelog("# Installing stuff")
changelog_append("# more stuff")
changelog_banner("Installing stuff")
run_and_changelog("apt-get install stuff")
plus many other helpers have changelog and/or changelog_append arguments to invoke these implicitly.
Instance management API
All of my fabfiles can manage several instances of a particular service. Externally this looks like
fab instance1 task1 task2 instance2 task3
which executes Fabric tasks task1 and task2 on instance instance1 and then executes task3 on instance2.
An instance defines various parameters, such as
what server hosts it
where on the filesystem it lives
what Unix user IDs are used
what database is used for this instance
etc.
To facilitate this pov_fabric provides three things:
An Instance class that should be subclassed to provide your own instances
from pov_fabric import Instance as BaseInstance class Instance(BaseInstance): def __init__(self, name, host, home='/opt/sentry', user='sentry', dbname='sentry'): super(Instance, self).Instance.__init__(name, host) self.home = home self.user = user self.dbname = dbname
and since that’s a bit repetitive there’s a helper
from pov_fabric import Instance as BaseInstance Instance = BaseInstance.with_params( home='/opt/sentry', user='sentry', dbname='sentry', )
which is equivalent to the original manual subclassing.
(BTW you can also add parameters with no sensible default this way, e.g. BaseInstance.with_params(user=BaseInstance.REQUIRED).)
An Instance.define() class method that defines new instances and creates tasks for selecting them
Instance.define( name='testing', host='root@vagrantbox', ) Instance.define( name='production', host='server1.pov.lt', ) Instance.define( name='staging', host='server1.pov.lt', home='/opt/sentry-staging', user='sentry-staging', dbname='sentry-staging', )
(BTW you can also define aliases with Instance.define_alias('prod', 'production').)
A get_instance() function that returns the currently selected instance (or aborts with an error if the user didn’t select one)
from pov_fabric import get_instance @task def look_around(): instance = get_instance() with settings(host_string=instance.host): run('hostname')
Previously I used a slightly different command style
fab task1:instance1 task2:instance1 task3:instance2
and this can still be supported if you write your tasks like this
@task
def look_around(instance=None):
instance = get_instance(instance)
with settings(host_string=instance.host):
run('hostname')
Be careful if you mix styles, e.g.
fab instance1 task1 task2:instance2 task3
will run task1 and task3 on instance1 and it will run task2 on instance2.
Usage
Get the latest release from PyPI:
pip install pov-fabric-helpers
and then import the helpers you want in your fabfile.py
from fabric.api import ...
from pov_fabric import ...
Usage as a git submodule
You can add this repository as a git submodule
cd ~/src/project
git submodule add https://github.com/ProgrammersOfVilnius/pov-fabric-helpers
and in your fabfile.py add
sys.path.insert(0, os.path.join(os.path.dirname(__file__), 'pov-fabric-helpers'))
if not os.path.exists(os.path.join(sys.path[0], 'pov_fabric.py')):
sys.exit("Please run 'git submodule update --init'.")
from pov_fabric import ...
Testing Fabfiles with Vagrant
I don’t know about you, but I was never able to write a fabfile.py that worked on the first try. Vagrant was very useful for testing fabfiles without destroying real servers in the process. Here’s how:
Create a Vagrantfile somewhere with
Vagrant.configure("2") do |config| config.vm.box = "ubuntu/precise64" # Ubuntu 12.04 config.vm.provider :virtualbox do |vb| vb.customize ["modifyvm", :id, "--memory", "1024"] end end
Run vagrant up
Run vagrant ssh-config and copy the snippet to your ~/.ssh/config, but change the name to vagrantbox, e.g.
Host vagrantbox HostName 127.0.0.1 User vagrant Port 2222 UserKnownHostsFile /dev/null StrictHostKeyChecking no PasswordAuthentication no IdentityFile ~/.vagrant.d/insecure_private_key IdentitiesOnly yes LogLevel FATAL
Test that ssh vagrantbox works
In your fabfile.py create a testing instance
Instance.define( name='testing', host='vagrant@vagrantbox', ... )
Test with fab testing install etc.
Changelog
0.3 (2016-09-11)
register_host_key() now takes fingerprints so you can specify both MD5 and SHA256 fingerprints.
Use either register_host_key(key, fingerprint=md5_fprint) or register_host_key(key, fingerprints=[md5_fprint, sha256_fprint]).
Low-level helper ssh_key_fingerprint() now takes force_md5 so you can insist on MD5 instead of whatever OpenSSH gives you by default (which is SHA256 for modern OpenSSH).
0.2 (2015-08-06)
New helpers:
git_update(), register_host_key(),
ensure_locales(),
changelog_banner(), run_and_changelog(), has_new_changelog_message(),
install_missing_packages(), package_available(),
upload_file(), generate_file(), ensure_directory(), download_file(),
install_postfix_virtual_table(),
install_apache_website(),
ensure_ssl_key().
New optional arguments for existing helpers:
git_clone() now takes branch and changelog.
ensure_user() now takes shell, home, create_home, and changelog.
install_packages() now takes changelog.
changelog() now takes context.
changelog_append() now takes context and optional.
changelog_banner() now takes context and optional.
Increased safety:
all helpers check their arguments for unsafe shell metacharacters.
changelog() and friends quote the arguments correctly.
Improved instance API:
allow str.format(**instance) (by making Instance a subclass of dict).
allow instance aliases defined via Instance.define_alias(alias, name) static method.
Bugfixes:
ensure_postgresql_db() now works correctly on Ubuntu 14.04.
run_as_root now correctly handles env.host_string with no username part.
New low-level helpers you’re probably not interested in, unless you’re writing your own helpers:
aslist(), assert_shell_safe(),
ssh_key_fingerprint(),
render_jinja2(), render_sinterp(),
parse_git_repo(),
generate_ssl_config(), generate_ssl_key(), generate_ssl_csr(),
get_postfix_setting(), parse_postfix_setting(), add_postfix_virtual_map(), add_postfix_setting(),
run_as_root().
0.1 (2014-11-19)
First public release.
Helpers:
ensure_apt_not_outdated(), package_installed(), install_packages(),
ensure_known_host(), ensure_user(),
git_clone(),
ensure_postgresql_user(), ensure_postgresql_db(),
changelog(), changelog_append().
Instance API:
class Instance, Instance.with_params(), Instance.REQUIRED, Instance.define().
instance._asdict().
get_instance().
Low-level helpers you’re probably not interested in, unless you’re writing your own helpers:
asbool(),
postgresql_user_exists(), postgresql_db_exists().
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for pov_fabric_helpers-0.3-py2-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 9b21ec409f7d718a68d5d75a968ecff981a513e4f9c0b3772a7a8944359af3ca |
|
MD5 | b274375b58b8f187eae9845b8633f6a3 |
|
BLAKE2b-256 | a085671478cf55f81c86ec0eb1c1f969c0b00e2b39e872ddbf2d719696921a77 |