From 504605086d344694f6778c4af181627d6a9118a0 Mon Sep 17 00:00:00 2001
From: Paul Belanger <pabelanger@redhat.com>
Date: Mon, 7 Mar 2016 13:59:56 -0500
Subject: [PATCH] Initial commit for CentOS AFS mirror

This is the first step to getting an AFS mirror for centos going. We
still need to add RPM validation and enabled automatic vos release.

However, this will atleast enabled us to do the initial import of the
RPMs into AFS which will take a few days to mirror properly.

Change-Id: Ic3b0ca5f5c9321b7e5048f4000ca58266d117083
Signed-off-by: Paul Belanger <pabelanger@redhat.com>
---
 manifests/site.pp                             |  1 +
 .../files/mirror/centos-mirror-update.sh      | 51 +++++++++++++++++++
 modules/openstack_project/manifests/mirror.pp | 11 ++++
 .../manifests/mirror_update.pp                | 30 +++++++++++
 4 files changed, 93 insertions(+)
 create mode 100755 modules/openstack_project/files/mirror/centos-mirror-update.sh

diff --git a/manifests/site.pp b/manifests/site.pp
index 9ca184e18a..28d398cbdf 100644
--- a/manifests/site.pp
+++ b/manifests/site.pp
@@ -544,6 +544,7 @@ node 'mirror-update.openstack.org' {
     admin_keytab        => hiera('afsadmin_keytab'),
     reprepro_keytab     => hiera('reprepro_keytab'),
     npm_keytab          => hiera('npm_keytab'),
+    centos_keytab       => hiera('centos_keytab'),
     sysadmins           => hiera('sysadmins', []),
   }
 }
diff --git a/modules/openstack_project/files/mirror/centos-mirror-update.sh b/modules/openstack_project/files/mirror/centos-mirror-update.sh
new file mode 100755
index 0000000000..77828d3f5f
--- /dev/null
+++ b/modules/openstack_project/files/mirror/centos-mirror-update.sh
@@ -0,0 +1,51 @@
+#!/bin/bash -xe
+# Copyright 2016 Red Hat, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+
+MIRROR_VOLUME=$1
+
+BASE="/afs/.openstack.org/mirror/centos"
+MIRROR="rsync://mirror.sfo12.us.leaseweb.net"
+UNREF_FILE=/var/run/${MIRROR_VOLUME}.unreferenced-files
+K5START="k5start -t -f /etc/centos.keytab service/centos-mirror -- timeout -k 2m 30m"
+
+REPO=7
+if ! [ -f $BASE/$REPO ]; then
+    mkdir -p $BASE/$REPO
+fi
+
+echo "Running rsync..."
+$K5START rsync -avzH \
+    --delete \
+    --delete-excluded \
+    --exclude="atomic" \
+    --exclude="centosplus" \
+    --exclude="cloud" \
+    --exclude="cr" \
+    --exclude="extras" \
+    --exclude="fasttrack" \
+    --exclude="isos" \
+    --exclude="sclo" \
+    --exclude="storage" \
+    --exclude="virt" \
+    $MIRROR/centos/$REPO/ $BASE/$REPO/
+
+# TODO(pabelanger): Validate rsync process
+
+# NOTE(pabelanger): Because of the initial amount of data, we'll manually
+# run vos release the first time.
+#echo "rsyc completed successfully, running vos release."
+#k5start -t -f /etc/afsadmin.keytab service/afsadmin -- vos release -v $MIRROR_VOLUME
+
+echo "Done."
diff --git a/modules/openstack_project/manifests/mirror.pp b/modules/openstack_project/manifests/mirror.pp
index c2b15da6b2..fc68c260ad 100644
--- a/modules/openstack_project/manifests/mirror.pp
+++ b/modules/openstack_project/manifests/mirror.pp
@@ -51,6 +51,17 @@ class openstack_project::mirror (
     ]
   }
 
+  # Create the symlink to centos
+  file { "${www_root}/centos":
+    ensure  => link,
+    target  => "${mirror_root}/centos",
+    owner   => root,
+    group   => root,
+    require => [
+      File["${www_root}"],
+    ]
+  }
+
   # Create the symlink to apt.
   file { "${www_root}/ubuntu":
     ensure  => link,
diff --git a/modules/openstack_project/manifests/mirror_update.pp b/modules/openstack_project/manifests/mirror_update.pp
index b5e3b48eb2..58382692ee 100644
--- a/modules/openstack_project/manifests/mirror_update.pp
+++ b/modules/openstack_project/manifests/mirror_update.pp
@@ -6,6 +6,7 @@ class openstack_project::mirror_update (
   $reprepro_keytab = '',
   $admin_keytab = '',
   $npm_keytab = '',
+  $centos_keytab = '',
 ) {
 
   class { 'openstack_project::server':
@@ -193,4 +194,33 @@ class openstack_project::mirror_update (
     key_type   => 'public',
     key_source => 'puppet:///modules/openstack_project/reprepro/ceph-mirror-gpg-key.asc',
   }
+
+  ### CentOS mirror ###
+  file { '/etc/centos.keytab':
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0400',
+    content => $centos_keytab,
+  }
+
+  file { '/usr/local/bin/centos-mirror-update':
+    ensure  => present,
+    owner   => 'root',
+    group   => 'root',
+    mode    => '0755',
+    source  => 'puppet:///modules/openstack_project/mirror/centos-mirror-update.sh',
+  }
+
+  cron { 'centos mirror':
+    user        => $user,
+    minute      => '0',
+    hour        => '*/2',
+    command     => 'flock -n /var/run/centos-mirror.lock centos-mirror-update >>/var/log/centos-mirror.log 2>&1',
+    environment => 'PATH=/usr/local/bin:/usr/bin:/bin:/usr/sbin:/sbin',
+    require     => [
+       File['/usr/local/bin/centos-mirror-update'],
+       File['/etc/afsadmin.keytab'],
+       File['/etc/centos.keytab'],
+    ]
+  }
 }