nfs-ganesha · grajoria · Dec 5, 2017 · Dec 18, 2017 · May 15, 2018 · nixpanic
diff --git a/export-parameters/client.sh b/export-parameters/client.sh
@@ -0,0 +1,207 @@
+#!/bin/sh
+#
+# Environment variables used:
+#  - SERVER: hostname or IP-address of the NFS-server
+#  - EXPORT: NFS-export to test (should start with "/")
+
+# if any command fails, the script should exit
+set -e
+
+# enable some more output
+set -x
+
+[ -n "${SERVER}" ]
+[ -n "${EXPORT}" ]
+
+if [ "$1" = "client_initialization" ]
+then
+	# install build and runtime dependencies
+	yum -y install nfs-utils time
+	mkdir -p /mnt/ganesha
+
+	echo "------------------------------------------------------------------------"
+	echo "Client Initial Stage --- With All Rights To All Clients ( RO & RW ) "
+	echo "------------------------------------------------------------------------"
+
+	#mount
+	mount -t nfs -o vers=3 ${SERVER}:${EXPORT} /mnt/ganesha
+	cd /mnt/ganesha
+	echo "Trying To Write A File"
+	echo "Hello World" > testFile.txt
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Write permissions denied"
+		exit $ret
+	fi
+
+	echo "Trying To Read A File"
+	cat testFile.txt
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Read permissions denied"
+		exit $ret
+	fi
+
+	echo "Trying To Change File Ownership For Checking ROOT Rights"
+	sudo chown root testFile.txt
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Failed on Root Rights"
+		exit $ret
+	fi
+	echo "SUCCESS: With all rights to all Clients ( RO & RW )"
+	#unmount
+	cd / && umount -l /mnt/ganesha
+fi
+
+
+if [ "$1" = "client_stage1" ]
+then
+	echo "------------------------------------------------------------------------"
+	echo "Client Stage 1 --- With Only RO Rights To Clients "
+	echo "------------------------------------------------------------------------"
+
+	#mount
+	mount -t nfs ${SERVER}:${EXPORT} /mnt/ganesha
+	cd /mnt/ganesha
+	echo "Trying To Write A File"
+	sed -i '1s/$/ From RedHat/' testFile.txt
+	ret=$?
+	if [ $ret -eq 0 ]
+	then
+		echo "FAILURE: Write permissions were not blocked to the Client"
+		exit 1
+	fi
+
+	echo "Trying To Read A File"
+	cat testFile.txt
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Read permissions denied"
+		exit $ret
+	fi
+	echo "SUCCESS: With Only RO Rights To This Client"
+	# unmount
+	cd / && umount -l /mnt/ganesha
+fi
+
+
+if [ "$1" = "client_stage2" ]
+then
+	echo "------------------------------------------------------------------------"
+	echo "Client Stage 2 --- With Only Rights For v3 Mount To Clients "
+	echo "------------------------------------------------------------------------"
+
+	echo "Trying To Mount By vers=3"
+	#mount version 3 
+	mount -t nfs -o vers=3 ${SERVER}:${EXPORT} /mnt/ganesha
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Mount v3 failed"
+		exit $ret
+	else
+		#unmount version 3 
+		cd / && umount -l /mnt/ganesha
+	fi
+
+	echo "Trying To Mount By vers=4.0"
+	#mount version 4.0
+	mount -t nfs -o vers=4.0 ${SERVER}:${EXPORT} /mnt/ganesha
+	ret=$?
+	if [ $ret -eq 0 ]
+	then
+		echo "FAILURE: Mount v4.0 Permissions were not blocked to the Client"
+		exit 1
+	fi
+
+	echo "Trying To Mount By vers=4.1"
+	mount version 4.1
+	mount -t nfs -o vers=4.1 ${SERVER}:${EXPORT} /mnt/ganesha
+	ret=$?
+	if [ $ret -eq 0 ]
+	then
+		echo "FAILURE: Mount v4.1 permissions were not blocked to the Client"
+		exit 1
+	fi
+fi
+
+
+if [ "$1" = "client_stage3" ]
+then
+	echo "----------------------------------------------------------------------------"
+	echo "Client Stage 3 --- With Only Rights For v4.0 & v4.1 Mount To This Client "
+	echo "----------------------------------------------------------------------------"
+
+	echo "Trying To Mount By vers=3"
+	#mount version 3
+	mount -t nfs -o vers=3 ${SERVER}:${EXPORT} /mnt/ganesha
+	ret=$?
+	if [ $ret -eq 0 ]
+	then
+		echo "FAILURE: Mount v3 permissions were not blocked to the Client"
+		exit 1
+	fi
+
+	echo "Trying To Mount By vers=4.0 using normal path and not the pseudo path"
+	#mount version 4.0 using normal path
+	mount -t nfs -o vers=4.0 ${SERVER}:${EXPORT} /mnt/ganesha
+	ret=$?
+	if [ $ret -eq 0 ]
+	then
+		echo "FAILURE: v4 Mount not using Pseudo Path"
+		exit 1
+	fi
+
+	echo "Trying To Mount By vers=4.0"
+	#mount version 4.0 using pseudo path
+	mount -t nfs -o vers=4.0 ${SERVER}:/ppath /mnt/ganesha
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Mount v4.0 failed"
+		exit $ret
+	else
+		#unmount version 4.0
+		cd / && umount -l /mnt/ganesha
+	fi
+
+	echo "Trying To Mount By vers=4.1"
+	#mount version 4.1 using pseudo path
+	mount -t nfs -o vers=4.1 ${SERVER}:/ppath /mnt/ganesha
+	ret=$?
+	if [ $ret -ne 0 ]
+	then
+		echo "FAILURE: Mount v4.1 failed"
+		exit $ret
+	else
+		#unmount version 4.1
+		cd / && umount -l /mnt/ganesha
+	fi
+fi
+
+
+if [ "$1" = "client_stage4" ]
+then
+	echo "------------------------------------------------------------------------"
+	echo "Client Stage 4 --- With Squashed Root Mount To Clients "
+	echo "------------------------------------------------------------------------"
+
+	#mount
+	mount -t nfs ${SERVER}:${EXPORT} /mnt/ganesha
+
+	echo "Trying To Change Ownership Of The File testFile.txt in the mount"
+	sudo chown root /mnt/ganesha/testFile.txt
+	ret=$?
+	if [ $ret -eq 0 ]
+	then
+		echo "FAILURE: Root Permissions Were Not Given To The Client"
+		exit 1
+	else
+		cd / && umount -l /mnt/ganesha
+	fi
+fi
diff --git a/export-parameters/duffy.py b/export-parameters/duffy.py
@@ -0,0 +1,154 @@
+#
+# from: https://raw.githubusercontent.com/kbsingh/centos-ci-scripts/master/build_python_script.py
+#
+# This script uses the Duffy node management api to get fresh machines to run
+# your CI tests on. Once allocated you will be able to ssh into that machine
+# as the root user and setup the environ
+#
+# XXX: You need to add your own api key below, and also set the right cmd= line 
+#      needed to run the tests
+#
+# Please note, this is a basic script, there is no error handling and there are
+# no real tests for any exceptions. Patches welcome!
+
+import json, urllib, subprocess, sys, os, time
+
+url_base="http://admin.ci.centos.org:8080"
+ver=os.getenv("CENTOS_VERSION")
+arch=os.getenv("CENTOS_ARCH")
+count=2
+server_script=os.getenv("SERVER_TEST_SCRIPT")
+client_script=os.getenv("CLIENT_TEST_SCRIPT")
+
+# delay for 5 minutes (duffy timeout for rate limiting)
+retry_delay=300
+# retry maximum 3 hours, that is 3 x 60 x 60 seconds 
+max_retries=((3 * 60 * 60) / retry_delay)
+
+# read the API key for Duffy from the ~/duffy.key file
+fo=open("/home/nfs-ganesha/duffy.key")
+api=fo.read().strip()
+fo.close()
+
+# build the URL to request the system(s)
+get_nodes_url="%s/Node/get?key=%s&ver=%s&arch=%s&count=%s" % (url_base,api,ver,arch,count)
+
+# request the system(s)
+retries=0
+while retries < max_retries:
+    try:
+        dat=urllib.urlopen(get_nodes_url).read()
+        b=json.loads(dat)
+        # all is fine, break out of the loop
+        break
+    except ValueError, ve:
+        print("Failed to parse Duffy response: %s" % (dat))
+    except Error, e:
+        print("An unexpected error occured: %s" % (e))
+
+    retries+=1
+    print("Waiting %d seconds before retrying #%d..." % (retry_delay, retries))
+    time.sleep(retry_delay)
+
+
+# NFS-Ganesha Server (parameters need double escape, passed on ssh commandline)
+server_env="export GERRIT_HOST='%s'" % os.getenv("GERRIT_HOST")
+server_env+=" GERRIT_PROJECT='%s'" % os.getenv("GERRIT_PROJECT")
+server_env+=" GERRIT_REFSPEC='%s'" % os.getenv("GERRIT_REFSPEC")
+server_env+=" YUM_REPO='%s'" % os.getenv("YUM_REPO", "")
+server_env+=" GLUSTER_VOLUME='%s'" % os.getenv("EXPORT")
+server_env+=" ENABLE_ACL='%s'" % os.getenv("ENABLE_ACL", "")
+server_env+=" CLIENT='%s'" % b['hosts'][1]
+
+# add the export with environment to ~/.bashrc
+cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+tee -a ~/.bashrc' <<< "%s"
+""" % (b['hosts'][0], server_env)
+subprocess.call(cmd, shell=True)
+
+cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+	yum -y install curl &&
+	curl -o server_script.sh %s &&
+        bash server_script.sh server_initialization
+'""" % (b['hosts'][0], server_script)
+rtn_code=subprocess.call(cmd, shell=True)
+
+# check rtn_code and skip client part after failure
+if rtn_code == 0:
+    # NFS-Client (parameters need double escape, passed on ssh commandline)
+    client_env="export SERVER='%s'" % b['hosts'][0]
+    client_env+=" EXPORT='/%s'" % os.getenv("EXPORT")
+    client_env+=" TEST_PARAMETERS='%s'" % os.getenv("TEST_PARAMETERS", "")
+
+    # add the export with environment to ~/.bashrc
+    cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+        tee -a ~/.bashrc' <<< "%s"
+        """ % (b['hosts'][1], client_env)
+    subprocess.call(cmd, shell=True)
+
+    client_script = client_script.strip(" ")
+    if client_script.endswith(".py"):
+        interpreter_to_run = "python"
+    elif client_script.endswith(".sh"):
+        interpreter_to_run = "bash"
+
+    cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+	      curl -o client_script %s &&
+              %s client_script client_initialization
+        '""" % (b['hosts'][1], client_script, interpreter_to_run)
+    rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+	      bash server_script.sh server_stage1
+	'""" % (b['hosts'][0])
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+              %s client_script client_stage1
+        '""" % (b['hosts'][1], interpreter_to_run)
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+	      bash server_script.sh server_stage2
+	'""" % (b['hosts'][0])
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+              %s client_script client_stage2
+        '""" % (b['hosts'][1], interpreter_to_run)
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+	      bash server_script.sh server_stage3
+	'""" % (b['hosts'][0])
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+              %s client_script client_stage3
+        '""" % (b['hosts'][1], interpreter_to_run)
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+	      bash server_script.sh server_stage4
+	'""" % (b['hosts'][0])
+        rtn_code=subprocess.call(cmd, shell=True)
+
+    if rtn_code == 0:
+        cmd="""ssh -t -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no root@%s '
+              %s client_script client_stage4
+        '""" % (b['hosts'][1], interpreter_to_run)
+        rtn_code=subprocess.call(cmd, shell=True)
+
+
+# return the system(s) to duffy
+done_nodes_url="%s/Node/done?key=%s&ssid=%s" % (url_base, api, b['ssid'])
+das=urllib.urlopen(done_nodes_url).read()
+
+sys.exit(rtn_code)